From 97c46fbcb2b7dbe1f10b5092afc082f36ae0e6d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Thu, 26 Oct 2017 13:52:03 +0200 Subject: [PATCH] Backport some patches --- ...cket-add-a-simple-test-for-our-alloc.patch | 3 -- ...lved-simplify-alloc-size-calculation.patch | 3 -- ...t-allocate-packets-with-minimum-size.patch | 3 -- ...ine-various-packet-sizes-as-unsigned.patch | 3 -- ...le-detecting-QEMU-TCG-via-CPUID-6399.patch | 33 +++++++++++++ ...eous-behavior-when-polling-the-udev-.patch | 47 +++++++++++++++++++ ...oop-on-packets-with-pseudo-dns-types.patch | 40 ++++++++++++++++ systemd.spec | 10 +++- 8 files changed, 129 insertions(+), 13 deletions(-) create mode 100644 0046-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch create mode 100644 0047-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch create mode 100644 0048-resolved-fix-loop-on-packets-with-pseudo-dns-types.patch diff --git a/0042-test-resolved-packet-add-a-simple-test-for-our-alloc.patch b/0042-test-resolved-packet-add-a-simple-test-for-our-alloc.patch index 89053c1..417b120 100644 --- a/0042-test-resolved-packet-add-a-simple-test-for-our-alloc.patch +++ b/0042-test-resolved-packet-add-a-simple-test-for-our-alloc.patch @@ -106,6 +106,3 @@ index 0000000000..8b7da1408d + + return 0; +} --- -2.13.0 - diff --git a/0043-resolved-simplify-alloc-size-calculation.patch b/0043-resolved-simplify-alloc-size-calculation.patch index 0d4bdda..86d3e61 100644 --- a/0043-resolved-simplify-alloc-size-calculation.patch +++ b/0043-resolved-simplify-alloc-size-calculation.patch @@ -46,6 +46,3 @@ index 7b7d4e14c9..05a7a844e4 100644 struct DnsPacket { int n_ref; DnsProtocol protocol; --- -2.13.0 - diff --git a/0044-resolved-do-not-allocate-packets-with-minimum-size.patch b/0044-resolved-do-not-allocate-packets-with-minimum-size.patch index f6424a8..38d2d2b 100644 --- a/0044-resolved-do-not-allocate-packets-with-minimum-size.patch +++ b/0044-resolved-do-not-allocate-packets-with-minimum-size.patch @@ -43,6 +43,3 @@ index 7262a50eee..c1ee755d9f 100644 /* round up to next page size */ a = PAGE_ALIGN(ALIGN(sizeof(DnsPacket)) + a) - ALIGN(sizeof(DnsPacket)); --- -2.13.0 - diff --git a/0045-resolved-define-various-packet-sizes-as-unsigned.patch b/0045-resolved-define-various-packet-sizes-as-unsigned.patch index 2856753..0031676 100644 --- a/0045-resolved-define-various-packet-sizes-as-unsigned.patch +++ b/0045-resolved-define-various-packet-sizes-as-unsigned.patch @@ -44,6 +44,3 @@ index 05a7a844e4..1020db0221 100644 struct DnsPacket { int n_ref; --- -2.13.0 - diff --git a/0046-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch b/0046-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch new file mode 100644 index 0000000..7d907e6 --- /dev/null +++ b/0046-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch @@ -0,0 +1,33 @@ +From 7cf20aa8c7f9dd5d7e907b0f96b14f4c09bc8c6d Mon Sep 17 00:00:00 2001 +From: Daniel Berrange +Date: Wed, 19 Jul 2017 10:06:07 +0100 +Subject: [PATCH] virt: enable detecting QEMU (TCG) via CPUID (#6399) + +QEMU >= 2.10 will include a CPUID leaf with value "TCGTCGTCGTCG" +on x86 when running with the TCG CPU emulator: + + https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05231.html + +Existing methods of detecting QEMU are left unchanged for sake of +backcompatibility. + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit 5588612e9e8828691f13141e3fcebe08a59201fe) +(cherry picked from commit ce0609bc26d33e47b23fbbe1aa7465283a10fb10) +(cherry picked from commit c21be74a657c56bfc4091428b54189682c354640) +--- + src/basic/virt.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/basic/virt.c b/src/basic/virt.c +index dace1f4328..f1c49105ee 100644 +--- a/src/basic/virt.c ++++ b/src/basic/virt.c +@@ -45,6 +45,7 @@ static int detect_vm_cpuid(void) { + } cpuid_vendor_table[] = { + { "XenVMMXenVMM", VIRTUALIZATION_XEN }, + { "KVMKVMKVM", VIRTUALIZATION_KVM }, ++ { "TCGTCGTCGTCG", VIRTUALIZATION_QEMU }, + /* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */ + { "VMwareVMware", VIRTUALIZATION_VMWARE }, + /* http://msdn.microsoft.com/en-us/library/ff542428.aspx */ diff --git a/0047-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch b/0047-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch new file mode 100644 index 0000000..6a7154d --- /dev/null +++ b/0047-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch @@ -0,0 +1,47 @@ +From 9b7e22950873b1637b286bb540d9884ce1bec19f Mon Sep 17 00:00:00 2001 +From: "S. Fan" +Date: Mon, 31 Jul 2017 05:10:10 -0500 +Subject: [PATCH] rfkill: fix erroneous behavior when polling the udev monitor + (#6489) + +Comparing udev_device_get_sysname(device) and sysname will always return +true. We need to check the device received from udev monitor instead. + +Also, fd_wait_for_event() sometimes never exits. Better set a timeout +here. + +(cherry picked from commit 8ec1a07998758f6a85f3ea5bf2ed14d87609398f) +(cherry picked from commit cd8a9ccb7c06394a64bfe0cd2a88fad7be8e3f9f) +(cherry picked from commit 638c0dbabd348a664c85cbaf0ab10f317468b576) +--- + src/rfkill/rfkill.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/rfkill/rfkill.c b/src/rfkill/rfkill.c +index 0acdf229ed..3c2460b5af 100644 +--- a/src/rfkill/rfkill.c ++++ b/src/rfkill/rfkill.c +@@ -138,17 +138,21 @@ static int wait_for_initialized( + for (;;) { + _cleanup_udev_device_unref_ struct udev_device *t = NULL; + +- r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY); ++ r = fd_wait_for_event(watch_fd, POLLIN, EXIT_USEC); + if (r == -EINTR) + continue; + if (r < 0) + return log_error_errno(r, "Failed to watch udev monitor: %m"); ++ if (r == 0) { ++ log_error("Timed out wating for udev monitor."); ++ return -ETIMEDOUT; ++ } + + t = udev_monitor_receive_device(monitor); + if (!t) + continue; + +- if (streq_ptr(udev_device_get_sysname(device), sysname)) { ++ if (streq_ptr(udev_device_get_sysname(t), sysname)) { + *ret = udev_device_ref(t); + return 0; + } diff --git a/0048-resolved-fix-loop-on-packets-with-pseudo-dns-types.patch b/0048-resolved-fix-loop-on-packets-with-pseudo-dns-types.patch new file mode 100644 index 0000000..7f21b20 --- /dev/null +++ b/0048-resolved-fix-loop-on-packets-with-pseudo-dns-types.patch @@ -0,0 +1,40 @@ +From 7e85bcd660d4124c4115b493f80624430216249d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 25 Oct 2017 11:19:19 +0200 +Subject: [PATCH] resolved: fix loop on packets with pseudo dns types + +Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D. + +https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351 +(cherry picked from commit 9f939335a07085aa9a9663efd1dca06ef6405d62) +(cherry picked from commit 743b771c559c6101544f7358a42c8c519fe4b0db) +(cherry picked from commit 1e20ca63e06337b95f4b0deedc062511d2ff31cc) +(cherry picked from commit 655ae23e5b73816fb7ebdc5dc61271cf8ffa0007) +--- + src/resolve/resolved-dns-packet.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c +index fd37363ece..8260e45769 100644 +--- a/src/resolve/resolved-dns-packet.c ++++ b/src/resolve/resolved-dns-packet.c +@@ -1490,7 +1490,7 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta + + found = true; + +- while (bitmask) { ++ for (; bitmask; bit++, bitmask >>= 1) + if (bitmap[i] & bitmask) { + uint16_t n; + +@@ -1504,10 +1504,6 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta + if (r < 0) + return r; + } +- +- bit++; +- bitmask >>= 1; +- } + } + + if (!found) diff --git a/systemd.spec b/systemd.spec index 7be4542..577e226 100644 --- a/systemd.spec +++ b/systemd.spec @@ -12,7 +12,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 231 -Release: 18%{?gitcommit:.git%{gitcommitshort}}%{?dist} +Release: 19%{?gitcommit:.git%{gitcommitshort}}%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: A System and Service Manager @@ -82,6 +82,9 @@ Patch0042: 0042-test-resolved-packet-add-a-simple-test-for-our-alloc.patch Patch0043: 0043-resolved-simplify-alloc-size-calculation.patch Patch0044: 0044-resolved-do-not-allocate-packets-with-minimum-size.patch Patch0045: 0045-resolved-define-various-packet-sizes-as-unsigned.patch +Patch0046: 0046-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch +Patch0047: 0047-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch +Patch0048: 0048-resolved-fix-loop-on-packets-with-pseudo-dns-types.patch Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch @@ -981,6 +984,11 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd %{_mandir}/man[1578]/systemd-nspawn.* %changelog +* Thu Oct 26 2017 Zbigniew Jędrzejewski-Szmek - 231-19 +- systemd-detect-virt QEMU CPUID logic update +- Fix rfkill on some thinkpads +- Fix systemd-resolved DOS with crafted NSEC packets (LP#1725351) + * Tue Jul 25 2017 Zbigniew Jędrzejewski-Szmek - 231-18 - Add Requires: grep for libs subpackage (#1474529)