From ee56997e85a68575bc7bb8a8ee6945d77cf5fe02 Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Thu, 25 Jan 2024 18:20:53 +0000 Subject: glusterfs: update to 11.1 Updating to 11.1, which requires the following changes: - patch context refreshes - SSL certification patch to configure.ac - drop obselete packageconfigs - package new outputs of the build - drop backported patches Signed-off-by: Bruce Ashfield --- ...te-defns-of-cli_default_conn_timeout-and-.patch | 28 ++------ ...nfigure-pass-SSL_CERTS.-Don-t-discover-it.patch | 30 +++++++++ .../glusterfs/files/CVE-2023-26253.patch | 76 ---------------------- ...glusterfs-disable-default-startup-scripts.patch | 17 ++--- ...python-work-around-host-and-target-python.patch | 37 +++++------ recipes-extended/glusterfs/glusterfs.inc | 31 +++++---- recipes-extended/glusterfs/glusterfs_11.1.bb | 6 ++ recipes-extended/glusterfs/glusterfs_6.1.bb | 6 -- 8 files changed, 85 insertions(+), 146 deletions(-) create mode 100644 recipes-extended/glusterfs/files/0001-configure-pass-SSL_CERTS.-Don-t-discover-it.patch delete mode 100644 recipes-extended/glusterfs/files/CVE-2023-26253.patch create mode 100644 recipes-extended/glusterfs/glusterfs_11.1.bb delete mode 100644 recipes-extended/glusterfs/glusterfs_6.1.bb diff --git a/recipes-extended/glusterfs/files/0001-cli-duplicate-defns-of-cli_default_conn_timeout-and-.patch b/recipes-extended/glusterfs/files/0001-cli-duplicate-defns-of-cli_default_conn_timeout-and-.patch index 79a55b3..1cdccf9 100644 --- a/recipes-extended/glusterfs/files/0001-cli-duplicate-defns-of-cli_default_conn_timeout-and-.patch +++ b/recipes-extended/glusterfs/files/0001-cli-duplicate-defns-of-cli_default_conn_timeout-and-.patch @@ -72,11 +72,11 @@ Signed-off-by: Chen Qi cli/src/cli.h | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) -diff --git a/cli/src/cli.c b/cli/src/cli.c -index cb425c84b..2c96b7ae6 100644 ---- a/cli/src/cli.c -+++ b/cli/src/cli.c -@@ -84,6 +84,9 @@ rpc_clnt_prog_t *cli_rpc_prog; +Index: glusterfs-11.1/cli/src/cli.c +=================================================================== +--- glusterfs-11.1.orig/cli/src/cli.c ++++ glusterfs-11.1/cli/src/cli.c +@@ -65,6 +65,9 @@ extern struct rpc_clnt_program cli_prog; @@ -86,21 +86,3 @@ index cb425c84b..2c96b7ae6 100644 static int glusterfs_ctx_defaults_init(glusterfs_ctx_t *ctx) { -diff --git a/cli/src/cli.h b/cli/src/cli.h -index 81f75a0b4..cd4db3dac 100644 ---- a/cli/src/cli.h -+++ b/cli/src/cli.h -@@ -40,8 +40,8 @@ enum argp_option_keys { - ARGP_PORT_KEY = 'p', - }; - --int cli_default_conn_timeout; --int cli_ten_minutes_timeout; -+extern int cli_default_conn_timeout; -+extern int cli_ten_minutes_timeout; - - typedef enum { - COLD_BRICK_COUNT, --- -2.21.0 - diff --git a/recipes-extended/glusterfs/files/0001-configure-pass-SSL_CERTS.-Don-t-discover-it.patch b/recipes-extended/glusterfs/files/0001-configure-pass-SSL_CERTS.-Don-t-discover-it.patch new file mode 100644 index 0000000..d139ea2 --- /dev/null +++ b/recipes-extended/glusterfs/files/0001-configure-pass-SSL_CERTS.-Don-t-discover-it.patch @@ -0,0 +1,30 @@ +From 526b64958b8aabcbad48ffb61f6855b374a68da6 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield +Date: Thu, 25 Jan 2024 18:08:01 +0000 +Subject: [PATCH] configure: pass SSL_CERTS. Don't discover it + +Executing the ssl binary to locate the certificates doesn't work +in our environment. Pass it to the build instead. + +Upstream-Status: Inappropriate [embedded specific] + +Signed-off-by: Bruce Ashfield +--- + configure.ac | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/configure.ac b/configure.ac +index 1cda220..fe14134 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -814,6 +814,7 @@ AS_IF([test "x$enable_fuse_notifications" != "xno"], [ + dnl Find out OpenSSL trusted certificates path + AC_MSG_CHECKING([for OpenSSL trusted certificates path]) + SSL_CERT_PATH=$(openssl version -d | sed -e 's|OPENSSLDIR: "\(.*\)".*|\1|') ++SSL_CERT_PATH="${SSL_CERTS_DIR}" + if test -d "${SSL_CERT_PATH}" 1>/dev/null 2>&1; then + AC_MSG_RESULT([$SSL_CERT_PATH]) + AC_DEFINE_UNQUOTED(SSL_CERT_PATH, ["$SSL_CERT_PATH"], [Path to OpenSSL trusted certificates.]) +-- +2.39.2 + diff --git a/recipes-extended/glusterfs/files/CVE-2023-26253.patch b/recipes-extended/glusterfs/files/CVE-2023-26253.patch deleted file mode 100644 index 828c162..0000000 --- a/recipes-extended/glusterfs/files/CVE-2023-26253.patch +++ /dev/null @@ -1,76 +0,0 @@ -commit 0cbf51a9827af0e3a35f5cfa823bfa39740bbc58 -Author: mohit84 -Date: Thu Mar 30 13:02:19 2023 +0530 -Subject: [PATCH] fuse: Resolve asan bug in during receive event notification - (#4024) - - The fuse xlator notify function tries to assign data object to graph - object without checking an event. In case of upcall event data object - represents upcall object so during access of graph object the process - crashed for asan build. - - Solution: Access the graph->id only while an event is associated - specifically to fuse xlator - - > Fixes: #3954 - > Change-Id: I6b2869256b26d22163879737dcf163510d1cd8bf - > Signed-off-by: Mohit Agrawal moagrawa@redhat.com - > (Reviewed on upstream link #4019) - - Fixes: #3954 - Change-Id: I6b2869256b26d22163879737dcf163510d1cd8bf - -CVE: CVE-2023-26253 - -Upstream-Status: Backport [https://github.com/gluster/glusterfs/commit/0cbf51a9827af0e3a35f5cfa823bfa39740bbc58] - -Signed-off-by: Soumya ---- - xlators/mount/fuse/src/fuse-bridge.c | 14 +++++++++++--- - 1 file changed, 11 insertions(+), 3 deletions(-) - -diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c -index c3945d7..0c01a43 100644 ---- a/xlators/mount/fuse/src/fuse-bridge.c -+++ b/xlators/mount/fuse/src/fuse-bridge.c -@@ -6198,6 +6198,7 @@ notify(xlator_t *this, int32_t event, void *data, ...) - int32_t ret = 0; - fuse_private_t *private = NULL; - gf_boolean_t start_thread = _gf_false; -+ gf_boolean_t event_graph = _gf_true; - glusterfs_graph_t *graph = NULL; - - private -@@ -6205,9 +6206,6 @@ notify(xlator_t *this, int32_t event, void *data, ...) - - graph = data; - -- gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event, -- ((graph) ? graph->id : 0)); -- - switch (event) { - case GF_EVENT_GRAPH_NEW: - break; -@@ -6271,9 +6269,19 @@ notify(xlator_t *this, int32_t event, void *data, ...) - } - - default: -+ /* Set the event_graph to false so that event -+ debug msg would not try to access invalid graph->id -+ while data object is not matched to graph object -+ for ex in case of upcall event data object represents -+ gf_upcall object -+ */ -+ event_graph = _gf_false; - break; - } - -+ gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event, -+ ((graph && event_graph) ? graph->id : -1)); -+ - return ret; - } - --- -2.35.5 - diff --git a/recipes-extended/glusterfs/files/glusterfs-disable-default-startup-scripts.patch b/recipes-extended/glusterfs/files/glusterfs-disable-default-startup-scripts.patch index c8e0e7d..7a72e9c 100644 --- a/recipes-extended/glusterfs/files/glusterfs-disable-default-startup-scripts.patch +++ b/recipes-extended/glusterfs/files/glusterfs-disable-default-startup-scripts.patch @@ -24,19 +24,16 @@ Signed-off-by: Hongzhi.Song extras/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/extras/Makefile.am b/extras/Makefile.am -index ff5ca9b..1f59746 100644 ---- a/extras/Makefile.am -+++ b/extras/Makefile.am -@@ -10,7 +10,7 @@ endif +Index: glusterfs-11.1/extras/Makefile.am +=================================================================== +--- glusterfs-11.1.orig/extras/Makefile.am ++++ glusterfs-11.1/extras/Makefile.am +@@ -10,7 +10,7 @@ EditorModedir = $(docdir) EditorMode_DATA = glusterfs-mode.el glusterfs.vim -SUBDIRS = init.d systemd benchmarking hook-scripts $(OCF_SUBDIR) LinuxRPM \ +SUBDIRS = benchmarking hook-scripts $(OCF_SUBDIR) LinuxRPM \ - $(GEOREP_EXTRAS_SUBDIR) snap_scheduler firewalld cliutils python + $(GEOREP_EXTRAS_SUBDIR) snap_scheduler firewalld cliutils python \ + ganesha command-completion - confdir = $(sysconfdir)/glusterfs --- -2.8.1 - diff --git a/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch b/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch index e8f99ac..9b807fe 100644 --- a/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch +++ b/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch @@ -26,24 +26,24 @@ Signed-off-by: Hongzhi.Song geo-replication/src/gsyncd.c | 6 +++--- 3 files changed, 7 insertions(+), 4 deletions(-) -diff --git a/configure.ac b/configure.ac -index bc4cf93..d55a7b2 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -279,6 +279,8 @@ AC_CANONICAL_HOST +Index: glusterfs-11.1/configure.ac +=================================================================== +--- glusterfs-11.1.orig/configure.ac ++++ glusterfs-11.1/configure.ac +@@ -261,6 +261,8 @@ AC_PROG_CC AC_DISABLE_STATIC - AC_PROG_LIBTOOL + LT_INIT +AC_SUBST(TARGET_PYTHON) + AC_SUBST([shrext_cmds]) AC_CHECK_PROG([RPCGEN], [rpcgen], [yes], [no]) -diff --git a/geo-replication/src/Makefile.am b/geo-replication/src/Makefile.am -index 9937a0b..07456fb 100644 ---- a/geo-replication/src/Makefile.am -+++ b/geo-replication/src/Makefile.am -@@ -22,7 +22,8 @@ noinst_HEADERS = procdiggy.h +Index: glusterfs-11.1/geo-replication/src/Makefile.am +=================================================================== +--- glusterfs-11.1.orig/geo-replication/src/Makefile.am ++++ glusterfs-11.1/geo-replication/src/Makefile.am +@@ -22,7 +22,8 @@ AM_CPPFLAGS = $(GF_CPPFLAGS) -I$(top_srcdir)/libglusterfs/src \ -I$(top_srcdir)/rpc/xdr/src -I$(top_builddir)/rpc/xdr/src \ -DGSYNCD_PREFIX=\"$(GLUSTERFS_LIBEXECDIR)\" -DUSE_LIBGLUSTERFS \ @@ -53,11 +53,11 @@ index 9937a0b..07456fb 100644 AM_CFLAGS = -Wall $(GF_CFLAGS) -diff --git a/geo-replication/src/gsyncd.c b/geo-replication/src/gsyncd.c -index 77af662..8cd0551 100644 ---- a/geo-replication/src/gsyncd.c -+++ b/geo-replication/src/gsyncd.c -@@ -118,9 +118,9 @@ invoke_gsyncd(int argc, char **argv) +Index: glusterfs-11.1/geo-replication/src/gsyncd.c +=================================================================== +--- glusterfs-11.1.orig/geo-replication/src/gsyncd.c ++++ glusterfs-11.1/geo-replication/src/gsyncd.c +@@ -115,9 +115,9 @@ goto error; j = 0; @@ -69,7 +69,7 @@ index 77af662..8cd0551 100644 nargv[j++] = python; nargv[j++] = GSYNCD_PREFIX "/python/syncdaemon/" GSYNCD_PY; for (i = 1; i < argc; i++) -@@ -170,7 +170,7 @@ find_gsyncd(pid_t pid, pid_t ppid, char *name, void *data) +@@ -167,7 +167,7 @@ ret = 0; switch (zeros) { case 2: @@ -78,6 +78,3 @@ index 77af662..8cd0551 100644 strcmp(basename(buf + strlen(buf) + 1), GSYNCD_PY)) == 0) { ret = 1; break; --- -2.17.1 - diff --git a/recipes-extended/glusterfs/glusterfs.inc b/recipes-extended/glusterfs/glusterfs.inc index e5bedca..c5f21c7 100644 --- a/recipes-extended/glusterfs/glusterfs.inc +++ b/recipes-extended/glusterfs/glusterfs.inc @@ -20,7 +20,7 @@ SRC_URI += "file://glusterd.init \ file://glusterd-change-port-range.patch \ file://configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch \ file://0001-cli-duplicate-defns-of-cli_default_conn_timeout-and-.patch \ - file://CVE-2023-26253.patch \ + file://0001-configure-pass-SSL_CERTS.-Don-t-discover-it.patch \ " LICENSE = "(LGPL-3.0-or-later | GPL-2.0-only) & GPL-3.0-or-later & LGPL-3.0-or-later & GPL-2.0-or-later & LGPL-2.0-or-later & LGPL-2.1-or-later & Apache-2.0" @@ -30,9 +30,10 @@ LIC_FILES_CHKSUM = "file://COPYING-GPLV2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ inherit autotools pkgconfig setuptools3-base update-rc.d systemd inherit python3-dir +inherit bash-completion -DEPENDS += "bison-native flex-native python3-native fuse libaio libtirpc libxml2 ncurses \ - openssl python3 readline zlib liburcu util-linux glib-2.0 acl" +DEPENDS += "openssl-native bison-native flex-native python3-native fuse libaio libtirpc libxml2 ncurses \ + openssl python3 readline zlib liburcu util-linux glib-2.0 acl ca-certificates ca-certificates-native liburing" # rpc now comes from libtirpc instead of glibc # @@ -42,25 +43,29 @@ LDFLAGS += " -ltirpc" EXTRA_OECONF = "ac_cv_file__etc_debian_version=no \ ac_cv_file__etc_SuSE_release=no \ ac_cv_file__etc_redhat_release=no \ - ac_cv_file__etc_centos_release=no \ + ac_cv_file__etc_centos_release=no \ + ac_cv_file__etc_os_release=no \ --with-mountutildir=${sbindir} \ --disable-fusermount \ TARGET_PYTHON=${bindir}/python3 \ PYTHON=${PYTHON} \ + SSL_CERTS_DIR="${sysconfdir_native}/ssl/certs" \ BUILD_PYTHON_INC=${STAGING_INCDIR}/python${PYTHON_BASEVERSION} \ BUILD_PYTHON_LIB=python${PYTHON_BASEVERSION} \ BUILD_PYTHON_SITE_PACKAGES=${PYTHON_SITEPACKAGES_DIR} \ " -PACKAGECONFIG ??= "georeplication libibverbs" -PACKAGECONFIG:remove:mipsarch = "libibverbs" -PACKAGECONFIG:remove:arm = "libibverbs" +PACKAGECONFIG ??= "georeplication" PACKAGECONFIG[debug] = "--enable-debug,--disable-debug,," PACKAGECONFIG[georeplication] = "--enable-georeplication,--disable-georeplication,,rsync" -PACKAGECONFIG[libibverbs] = "--enable-ibverbs,--disable-ibverbs,virtual/libibverbs librdmacm," +# PACKAGECONFIG[libibverbs] = "--enable-ibverbs,--disable-ibverbs,virtual/libibverbs librdmacm," PACKAGECONFIG[ocf] = "--with-ocf,--without-ocf,," PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind,valgrind," +PACKAGECONFIG[tcmalloc] = ",--without-tcmalloc,," + +# TODO: packageconfig for: +# --disable-linux-io_uring do_install:append() { install -d ${D}${sysconfdir}/init.d @@ -141,7 +146,7 @@ FILES:${PN} = "${libdir}/glusterfs/${PV}/auth \ ${libdir}/glusterfs/${PV}/xlator/protocol/client* \ ${libdir}/glusterfs/${PV}/xlator/system \ ${libdir}/glusterfs/${PV}/xlator/testing \ - ${libdir}/glusterfs/${PV}/xlator/playground \ + ${libdir}/glusterfs/${PV}/xlator/playground \ ${libdir}/glusterfs/${PV}/xlator/meta.so \ ${libdir}/glusterfs/ganesha \ ${libdir}/glusterfs/glusterfs/glusterfind \ @@ -154,7 +159,7 @@ FILES:${PN} = "${libdir}/glusterfs/${PV}/auth \ ${libdir}/libgfdb.so.* \ ${libdir}/libgfxdr.so.* \ ${libdir}/python*/site-packages \ - ${libexecdir}/glusterfs/gfevents \ + ${libexecdir}/glusterfs/gfevents \ ${libexecdir}/glusterfs/events \ ${libexecdir}/glusterfs/glusterfind \ ${libexecdir}/glusterfs/gfind_missing_files \ @@ -164,7 +169,10 @@ FILES:${PN} = "${libdir}/glusterfs/${PV}/auth \ ${libexecdir}/glusterfs/peer_mountbroker \ ${libexecdir}/glusterfs/peer_gsec_create \ ${libexecdir}/glusterfs/gverify.sh \ + ${libexecdir}/glusterfs/glfsheal \ + ${libexecdir}/glusterfs/scripts/ \ ${libexecdir}/glusterfs/peer_add_secret_pub \ + ${libexecdir}/ganesha/ \ ${localstatedir} \ ${sysconfdir}/default/volatiles \ ${sbindir}/glusterfs \ @@ -176,7 +184,7 @@ FILES:${PN} = "${libdir}/glusterfs/${PV}/auth \ ${sbindir}/glustereventsd \ ${sbindir}/gf_attach \ ${sbindir}/*.py \ - ${sbindir}/gluster-setgfid2path \ + ${sbindir}/gluster-setgfid2path \ ${bindir}/ \ ${sysconfdir}/glusterfs \ ${sysconfdir}/ganesha \ @@ -200,6 +208,7 @@ FILES:${PN}-server = "${libdir}/glusterfs/${PV}/xlator/mgmt \ ${libdir}/glusterfs/${PV}/xlator/nfs \ ${libdir}/glusterfs/${PV}/xlator/protocol/server* \ ${libdir}/glusterfs/${PV}/xlator/storage \ + ${libdir}/glusterfs/${PV}/cloudsync-plugins/ \ ${sbindir}/gluster \ ${sbindir}/glusterd \ ${sysconfdir}/glusterfs/glusterd.vol \ diff --git a/recipes-extended/glusterfs/glusterfs_11.1.bb b/recipes-extended/glusterfs/glusterfs_11.1.bb new file mode 100644 index 0000000..224fe18 --- /dev/null +++ b/recipes-extended/glusterfs/glusterfs_11.1.bb @@ -0,0 +1,6 @@ +SRC_URI = "https://bits.gluster.org/pub/gluster/glusterfs/src/${BPN}-${PV}.tar.gz" + +SRC_URI[md5sum] = "7e290a50026752f435f694651687e0f2" +SRC_URI[sha256sum] = "6a31b8450d02cd12f47f4571c031e9d6b8705279a0e8970ae9a05e1c87dffb76" + +require glusterfs.inc diff --git a/recipes-extended/glusterfs/glusterfs_6.1.bb b/recipes-extended/glusterfs/glusterfs_6.1.bb deleted file mode 100644 index e109c08..0000000 --- a/recipes-extended/glusterfs/glusterfs_6.1.bb +++ /dev/null @@ -1,6 +0,0 @@ -SRC_URI = "https://bits.gluster.org/pub/gluster/glusterfs/src/${BPN}-${PV}.tar.gz" - -SRC_URI[md5sum] = "18967c357204d4cbdd9c1731508862c6" -SRC_URI[sha256sum] = "32ac75c883cdf18e081893ce5210b2331f1ee9ba25e3f3f56136d9878b194dc7" - -require glusterfs.inc -- cgit v1.2.3-54-g00ecf