summaryrefslogtreecommitdiffstats
path: root/meta-networking
diff options
context:
space:
mode:
authorKhem Raj <raj.khem@gmail.com>2018-02-05 23:46:17 -0800
committerArmin Kuster <akuster808@gmail.com>2018-03-12 10:02:03 -0700
commit7063991123e7b77ba76ed03b5f13102e94286112 (patch)
tree35ba183c3ff1c5358ab83b7f6b4bcff2f345c8e8 /meta-networking
parentda1ec818c14a8986db35f0163a09415567f74cae (diff)
downloadmeta-openembedded-7063991123e7b77ba76ed03b5f13102e94286112.tar.gz
iscsi-initiator-utils: Upgrade to 2.0.876
Fix build with musl along the way Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-networking')
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-Check-for-root-peer-user-for-iscsiuio-IPC.patch135
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-libopeniscsiusr-Include-limit.h-for-PATH_MAX.patch25
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-qedi.c-Removed-unused-linux-ethtool.h.patch25
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-idbm.c-Include-fcnl.h-for-O_RDWR-and-O_CREAT-definit.patch25
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-iscsiuio-should-ignore-bogus-iscsid-broadcast-packet.patch39
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-libopeniscsiusr-Add-CFLAGS-to-linker-cmdline.patch29
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-Ensure-all-fields-in-iscsiuio-IPC-response-are-set.patch34
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-bnx2x.c-Reorder-the-includes-to-avoid-duplicate-defi.patch49
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch62
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-fwparam_ppc.c-Do-not-use-__compar_fn_t.patch28
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0005-Ensure-strings-from-peer-are-copied-correctly.patch78
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0006-Skip-useless-strcopy-and-validate-CIDR-length.patch44
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/0007-Check-iscsiuio-ping-data-length-for-validity.patch64
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-Do-not-clean-kernel-source.patch44
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-fw_context-add-include-for-NI_MAXHOST-definiton.patch35
-rw-r--r--meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.0.876.bb (renamed from meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.0.874.bb)32
16 files changed, 191 insertions, 557 deletions
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-Check-for-root-peer-user-for-iscsiuio-IPC.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-Check-for-root-peer-user-for-iscsiuio-IPC.patch
deleted file mode 100644
index 2fd5c08a1..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-Check-for-root-peer-user-for-iscsiuio-IPC.patch
+++ /dev/null
@@ -1,135 +0,0 @@
1From eb516ac5f9dddc80564f6becee08a0011e7aa58b Mon Sep 17 00:00:00 2001
2From: Lee Duncan <lduncan@suse.com>
3Date: Fri, 15 Dec 2017 10:36:11 -0800
4Subject: [PATCH 1/7] Check for root peer user for iscsiuio IPC
5
6This fixes a possible vulnerability where a non-root
7process could connect with iscsiuio. Fouund by Qualsys.
8
9CVE: CVE-2017-17840
10
11Upstream-Status: Backport
12
13Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
14---
15 iscsiuio/src/unix/Makefile.am | 3 ++-
16 iscsiuio/src/unix/iscsid_ipc.c | 47 ++++++++++++++++++++++++++++++++++++++++++
17 2 files changed, 49 insertions(+), 1 deletion(-)
18
19diff --git a/iscsiuio/src/unix/Makefile.am b/iscsiuio/src/unix/Makefile.am
20index 71d5463..a989ef0 100644
21--- a/iscsiuio/src/unix/Makefile.am
22+++ b/iscsiuio/src/unix/Makefile.am
23@@ -20,7 +20,8 @@ iscsiuio_SOURCES = build_date.c \
24 nic_utils.c \
25 packet.c \
26 iscsid_ipc.c \
27- ping.c
28+ ping.c \
29+ ${top_srcdir}/../utils/sysdeps/sysdeps.c
30
31 iscsiuio_CFLAGS = $(AM_CFLAGS) \
32 $(LIBNL_CFLAGS) \
33diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
34index a2a59a8..08e49e5 100644
35--- a/iscsiuio/src/unix/iscsid_ipc.c
36+++ b/iscsiuio/src/unix/iscsid_ipc.c
37@@ -37,6 +37,8 @@
38 *
39 */
40
41+#define _GNU_SOURCE
42+
43 #include <errno.h>
44 #include <pthread.h>
45 #include <signal.h>
46@@ -47,6 +49,8 @@
47 #include <sys/socket.h>
48 #include <sys/time.h>
49 #include <sys/un.h>
50+#include <sys/types.h>
51+#include <pwd.h>
52
53 #define PFX "iscsi_ipc "
54
55@@ -61,6 +65,7 @@
56 #include "iscsid_ipc.h"
57 #include "uip.h"
58 #include "uip_mgmt_ipc.h"
59+#include "sysdeps.h"
60
61 #include "logger.h"
62 #include "uip.h"
63@@ -102,6 +107,7 @@ struct iface_rec_decode {
64 uint16_t mtu;
65 };
66
67+#define PEERUSER_MAX 64
68
69 /******************************************************************************
70 * iscsid_ipc Constants
71@@ -1029,6 +1035,40 @@ static void iscsid_loop_close(void *arg)
72 LOG_INFO(PFX "iSCSI daemon socket closed");
73 }
74
75+/*
76+ * check that the peer user is privilidged
77+ *
78+ * return 1 if peer is ok else 0
79+ *
80+ * XXX: this function is copied from iscsid_ipc.c and should be
81+ * moved into a common library
82+ */
83+static int
84+mgmt_peeruser(int sock, char *user)
85+{
86+ struct ucred peercred;
87+ socklen_t so_len = sizeof(peercred);
88+ struct passwd *pass;
89+
90+ errno = 0;
91+ if (getsockopt(sock, SOL_SOCKET, SO_PEERCRED, &peercred,
92+ &so_len) != 0 || so_len != sizeof(peercred)) {
93+ /* We didn't get a valid credentials struct. */
94+ LOG_ERR(PFX "peeruser_unux: error receiving credentials: %m");
95+ return 0;
96+ }
97+
98+ pass = getpwuid(peercred.uid);
99+ if (pass == NULL) {
100+ LOG_ERR(PFX "peeruser_unix: unknown local user with uid %d",
101+ (int) peercred.uid);
102+ return 0;
103+ }
104+
105+ strlcpy(user, pass->pw_name, PEERUSER_MAX);
106+ return 1;
107+}
108+
109 /**
110 * iscsid_loop() - This is the function which will process the broadcast
111 * messages from iscsid
112@@ -1038,6 +1078,7 @@ static void *iscsid_loop(void *arg)
113 {
114 int rc;
115 sigset_t set;
116+ char user[PEERUSER_MAX];
117
118 pthread_cleanup_push(iscsid_loop_close, arg);
119
120@@ -1077,6 +1118,12 @@ static void *iscsid_loop(void *arg)
121 continue;
122 }
123
124+ if (!mgmt_peeruser(iscsid_opts.fd, user) || strncmp(user, "root", PEERUSER_MAX)) {
125+ close(s2);
126+ LOG_ERR(PFX "Access error: non-administrative connection rejected");
127+ break;
128+ }
129+
130 process_iscsid_broadcast(s2);
131 close(s2);
132 }
133--
1341.9.1
135
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-libopeniscsiusr-Include-limit.h-for-PATH_MAX.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-libopeniscsiusr-Include-limit.h-for-PATH_MAX.patch
new file mode 100644
index 000000000..f5e1bec8a
--- /dev/null
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-libopeniscsiusr-Include-limit.h-for-PATH_MAX.patch
@@ -0,0 +1,25 @@
1From cfee58d5863a535b61aa54690ae205b876f57944 Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Fri, 2 Feb 2018 22:53:29 -0800
4Subject: [PATCH 1/2] libopeniscsiusr: Include limit.h for PATH_MAX
5
6Signed-off-by: Khem Raj <raj.khem@gmail.com>
7---
8 libopeniscsiusr/iface.c | 1 +
9 1 file changed, 1 insertion(+)
10
11diff --git a/libopeniscsiusr/iface.c b/libopeniscsiusr/iface.c
12index 79898df..a48ef36 100644
13--- a/libopeniscsiusr/iface.c
14+++ b/libopeniscsiusr/iface.c
15@@ -30,6 +30,7 @@
16 #include <netdb.h>
17 #include <assert.h>
18 #include <inttypes.h>
19+#include <limits.h>
20
21 #include "libopeniscsiusr/libopeniscsiusr.h"
22 #include "misc.h"
23--
242.16.1
25
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-qedi.c-Removed-unused-linux-ethtool.h.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-qedi.c-Removed-unused-linux-ethtool.h.patch
new file mode 100644
index 000000000..174aa50d2
--- /dev/null
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0001-qedi.c-Removed-unused-linux-ethtool.h.patch
@@ -0,0 +1,25 @@
1From 197713ad7e3e944102bbd792e1ab9ec4a67100c0 Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Fri, 2 Feb 2018 23:25:21 -0800
4Subject: [PATCH 1/4] qedi.c: Removed unused linux/ethtool.h
5
6Signed-off-by: Khem Raj <raj.khem@gmail.com>
7---
8 iscsiuio/src/unix/libs/qedi.c | 1 -
9 1 file changed, 1 deletion(-)
10
11diff --git a/iscsiuio/src/unix/libs/qedi.c b/iscsiuio/src/unix/libs/qedi.c
12index b81fecd..24cb89a 100644
13--- a/iscsiuio/src/unix/libs/qedi.c
14+++ b/iscsiuio/src/unix/libs/qedi.c
15@@ -49,7 +49,6 @@
16 #include <arpa/inet.h>
17 #include <linux/types.h>
18 #include <linux/sockios.h>
19-#include <linux/ethtool.h>
20 #include <linux/netlink.h>
21 #include <sys/mman.h>
22 #include <sys/ioctl.h>
23--
242.16.1
25
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-idbm.c-Include-fcnl.h-for-O_RDWR-and-O_CREAT-definit.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-idbm.c-Include-fcnl.h-for-O_RDWR-and-O_CREAT-definit.patch
new file mode 100644
index 000000000..aecede6ee
--- /dev/null
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-idbm.c-Include-fcnl.h-for-O_RDWR-and-O_CREAT-definit.patch
@@ -0,0 +1,25 @@
1From 2b39f85dcf020647544002cb0b0e734748391dfb Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Fri, 2 Feb 2018 23:27:25 -0800
4Subject: [PATCH 2/4] idbm.c: Include fcnl.h for O_RDWR and O_CREAT definitions
5
6Signed-off-by: Khem Raj <raj.khem@gmail.com>
7---
8 usr/idbm.c | 1 +
9 1 file changed, 1 insertion(+)
10
11diff --git a/usr/idbm.c b/usr/idbm.c
12index 5532202..0a51b85 100644
13--- a/usr/idbm.c
14+++ b/usr/idbm.c
15@@ -27,6 +27,7 @@
16 #include <errno.h>
17 #include <dirent.h>
18 #include <limits.h>
19+#include <fcntl.h>
20 #include <sys/stat.h>
21 #include <sys/file.h>
22
23--
242.16.1
25
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-iscsiuio-should-ignore-bogus-iscsid-broadcast-packet.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-iscsiuio-should-ignore-bogus-iscsid-broadcast-packet.patch
deleted file mode 100644
index 1f5202ec0..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-iscsiuio-should-ignore-bogus-iscsid-broadcast-packet.patch
+++ /dev/null
@@ -1,39 +0,0 @@
1From 035bb16845537351e1bccb16d38981754fd53129 Mon Sep 17 00:00:00 2001
2From: Lee Duncan <lduncan@suse.com>
3Date: Fri, 15 Dec 2017 10:37:56 -0800
4Subject: [PATCH 2/7] iscsiuio should ignore bogus iscsid broadcast packets
5
6When iscsiuio is receiving broadcast packets from iscsid,
7if the 'payload_len', carried in the packet, is too
8large then ignore the packet and print a message.
9Found by Qualsys.
10
11CVE: CVE-2017-17840
12
13Upstream-Status: Backport
14
15Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
16---
17 iscsiuio/src/unix/iscsid_ipc.c | 6 ++++++
18 1 file changed, 6 insertions(+)
19
20diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
21index 08e49e5..dfdae63 100644
22--- a/iscsiuio/src/unix/iscsid_ipc.c
23+++ b/iscsiuio/src/unix/iscsid_ipc.c
24@@ -950,6 +950,12 @@ int process_iscsid_broadcast(int s2)
25
26 cmd = data->header.command;
27 payload_len = data->header.payload_len;
28+ if (payload_len > sizeof(data->u)) {
29+ LOG_ERR(PFX "Data payload length too large (%d). Corrupt payload?",
30+ payload_len);
31+ rc = -EINVAL;
32+ goto error;
33+ }
34
35 LOG_DEBUG(PFX "recv iscsid request: cmd: %d, payload_len: %d",
36 cmd, payload_len);
37--
381.9.1
39
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-libopeniscsiusr-Add-CFLAGS-to-linker-cmdline.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-libopeniscsiusr-Add-CFLAGS-to-linker-cmdline.patch
new file mode 100644
index 000000000..836ed6048
--- /dev/null
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0002-libopeniscsiusr-Add-CFLAGS-to-linker-cmdline.patch
@@ -0,0 +1,29 @@
1From 29571f71692e28ce9a17d1450097a98492f3b465 Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Fri, 2 Feb 2018 22:54:04 -0800
4Subject: [PATCH 2/2] libopeniscsiusr: Add CFLAGS to linker cmdline
5
6This will ensure that -fPIC is passed to linker as
7well
8
9Signed-off-by: Khem Raj <raj.khem@gmail.com>
10---
11 libopeniscsiusr/Makefile | 2 +-
12 1 file changed, 1 insertion(+), 1 deletion(-)
13
14diff --git a/libopeniscsiusr/Makefile b/libopeniscsiusr/Makefile
15index 8b9b523..4f1d0d6 100644
16--- a/libopeniscsiusr/Makefile
17+++ b/libopeniscsiusr/Makefile
18@@ -49,7 +49,7 @@ LIBADD =
19 all: $(LIBS) $(LIBS_MAJOR) $(TESTS) doc
20
21 $(LIBS): $(OBJS)
22- $(CC) $(LDFLAGS) -shared -Wl,-soname=$@ -o $@ $(OBJS) $(LIBADD)
23+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -Wl,-soname=$@ -o $@ $(OBJS) $(LIBADD)
24 ln -sf $@ $(DEVLIB)
25
26 $(LIBS_MAJOR): $(LIBS)
27--
282.16.1
29
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-Ensure-all-fields-in-iscsiuio-IPC-response-are-set.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-Ensure-all-fields-in-iscsiuio-IPC-response-are-set.patch
deleted file mode 100644
index 825083b74..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-Ensure-all-fields-in-iscsiuio-IPC-response-are-set.patch
+++ /dev/null
@@ -1,34 +0,0 @@
1From 81d3106cf8f09c79fe20ad7d234d7e1dda27bddb Mon Sep 17 00:00:00 2001
2From: Lee Duncan <lduncan@suse.com>
3Date: Fri, 15 Dec 2017 11:11:17 -0800
4Subject: [PATCH 3/7] Ensure all fields in iscsiuio IPC response are set
5
6Make sure all fields in the response strcuture are set,
7or info from the stack can be leaked to our caller.
8Found by Qualsys.
9
10CVE: CVE-2017-17840
11
12Upstream-Status: Backport
13
14Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
15---
16 iscsiuio/src/unix/iscsid_ipc.c | 2 ++
17 1 file changed, 2 insertions(+)
18
19diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
20index dfdae63..61e96cc 100644
21--- a/iscsiuio/src/unix/iscsid_ipc.c
22+++ b/iscsiuio/src/unix/iscsid_ipc.c
23@@ -960,6 +960,8 @@ int process_iscsid_broadcast(int s2)
24 LOG_DEBUG(PFX "recv iscsid request: cmd: %d, payload_len: %d",
25 cmd, payload_len);
26
27+ memset(&rsp, 0, sizeof(rsp));
28+
29 switch (cmd) {
30 case ISCSID_UIP_IPC_GET_IFACE:
31 size = fread(&data->u.iface_rec, payload_len, 1, fd);
32--
331.9.1
34
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-bnx2x.c-Reorder-the-includes-to-avoid-duplicate-defi.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-bnx2x.c-Reorder-the-includes-to-avoid-duplicate-defi.patch
new file mode 100644
index 000000000..0ce155f7a
--- /dev/null
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0003-bnx2x.c-Reorder-the-includes-to-avoid-duplicate-defi.patch
@@ -0,0 +1,49 @@
1From 9b7a32903b56ce4d41f264a345ca59a0b00d53b3 Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Fri, 2 Feb 2018 23:28:33 -0800
4Subject: [PATCH 3/4] bnx2x.c: Reorder the includes to avoid duplicate defines
5 with musl
6
7including nic.h before linux/ethtool.h avoids redefinitions of
8eth structs
9
10/mnt/a/oe/build/tmp/work/cortexa7t2hf-neon-vfpv4-bec-linux-musleabi/iscsi-initiator-utils/2.0.876-r0/recipe-sysroot/
11usr/include/netinet/if_ether.h:104:8: error: redefinition of 'struct ethhdr'
12 struct ethhdr {
13 ^~~~~~
14In file included from /mnt/a/oe/build/tmp/work/cortexa7t2hf-neon-vfpv4-bec-linux-musleabi/iscsi-initiator-utils/2.0.
15876-r0/recipe-sysroot/usr/include/linux/ethtool.h:19:0,
16 from qedi.c:52:
17/mnt/a/oe/build/tmp/work/cortexa7t2hf-neon-vfpv4-bec-linux-musleabi/iscsi-initiator-utils/2.0.876-r0/recipe-sysroot/
18usr/include/linux/if_ether.h:154:8: note: originally defined here
19 struct ethhdr {
20 ^~~~~~
21
22Signed-off-by: Khem Raj <raj.khem@gmail.com>
23---
24 iscsiuio/src/unix/libs/bnx2x.c | 2 +-
25 1 file changed, 1 insertion(+), 1 deletion(-)
26
27diff --git a/iscsiuio/src/unix/libs/bnx2x.c b/iscsiuio/src/unix/libs/bnx2x.c
28index 3df6d5f..62530d1 100644
29--- a/iscsiuio/src/unix/libs/bnx2x.c
30+++ b/iscsiuio/src/unix/libs/bnx2x.c
31@@ -36,6 +36,7 @@
32 * bnx2x.c - bnx2x user space driver
33 *
34 */
35+#include "nic.h"
36 #include <errno.h>
37 #include <stdio.h>
38 #include <string.h>
39@@ -58,7 +59,6 @@
40 #include "bnx2x.h"
41 #include "cnic.h"
42 #include "logger.h"
43-#include "nic.h"
44 #include "nic_id.h"
45 #include "nic_utils.h"
46 #include "options.h"
47--
482.16.1
49
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch
deleted file mode 100644
index 274722c23..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch
+++ /dev/null
@@ -1,62 +0,0 @@
1From 8167e5ce99682f64918a20966ce393cd33ac67ef Mon Sep 17 00:00:00 2001
2From: Lee Duncan <lduncan@suse.com>
3Date: Fri, 15 Dec 2017 11:13:29 -0800
4Subject: [PATCH 4/7] Do not double-close IPC file stream to iscsid
5
6A double-close of a file descriptor and its associated FILE stream
7can be an issue in multi-threaded cases. Found by Qualsys.
8
9CVE: CVE-2017-17840
10
11Upstream-Status: Backport
12
13Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
14---
15 iscsiuio/src/unix/iscsid_ipc.c | 9 +++++++--
16 1 file changed, 7 insertions(+), 2 deletions(-)
17
18diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
19index 61e96cc..bde8d66 100644
20--- a/iscsiuio/src/unix/iscsid_ipc.c
21+++ b/iscsiuio/src/unix/iscsid_ipc.c
22@@ -913,6 +913,9 @@ early_exit:
23 /**
24 * process_iscsid_broadcast() - This function is used to process the
25 * broadcast messages from iscsid
26+ *
27+ * s2 is an open file descriptor, which
28+ * must not be left open upon return
29 */
30 int process_iscsid_broadcast(int s2)
31 {
32@@ -928,6 +931,7 @@ int process_iscsid_broadcast(int s2)
33 if (fd == NULL) {
34 LOG_ERR(PFX "Couldn't open file descriptor: %d(%s)",
35 errno, strerror(errno));
36+ close(s2);
37 return -EIO;
38 }
39
40@@ -1030,7 +1034,8 @@ int process_iscsid_broadcast(int s2)
41 }
42
43 error:
44- free(data);
45+ if (data)
46+ free(data);
47 fclose(fd);
48
49 return rc;
50@@ -1132,8 +1137,8 @@ static void *iscsid_loop(void *arg)
51 break;
52 }
53
54+ /* this closes the file descriptor s2 */
55 process_iscsid_broadcast(s2);
56- close(s2);
57 }
58
59 pthread_cleanup_pop(0);
60--
611.9.1
62
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-fwparam_ppc.c-Do-not-use-__compar_fn_t.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-fwparam_ppc.c-Do-not-use-__compar_fn_t.patch
new file mode 100644
index 000000000..57bdc8cb6
--- /dev/null
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-fwparam_ppc.c-Do-not-use-__compar_fn_t.patch
@@ -0,0 +1,28 @@
1From 6f9c1a04d250388d1574cfaf20a1ff66a64beb48 Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Fri, 2 Feb 2018 23:42:12 -0800
4Subject: [PATCH 4/4] fwparam_ppc.c: Do not use __compar_fn_t
5
6__compar_fn_t is not defined in musl
7
8Signed-off-by: Khem Raj <raj.khem@gmail.com>
9---
10 utils/fwparam_ibft/fwparam_ppc.c | 2 +-
11 1 file changed, 1 insertion(+), 1 deletion(-)
12
13diff --git a/utils/fwparam_ibft/fwparam_ppc.c b/utils/fwparam_ibft/fwparam_ppc.c
14index c298b8c..391faa2 100644
15--- a/utils/fwparam_ibft/fwparam_ppc.c
16+++ b/utils/fwparam_ibft/fwparam_ppc.c
17@@ -356,7 +356,7 @@ static int loop_devs(const char *devtree)
18 * Sort the nics into "natural" order. The proc fs
19 * device-tree has them in somewhat random, or reversed order.
20 */
21- qsort(niclist, nic_count, sizeof(char *), (__compar_fn_t)nic_cmp);
22+ qsort(niclist, nic_count, sizeof(char *), nic_cmp);
23
24 snprintf(prefix, sizeof(prefix), "%s/%s", devtree, "aliases");
25 dev_count = 0;
26--
272.16.1
28
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0005-Ensure-strings-from-peer-are-copied-correctly.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0005-Ensure-strings-from-peer-are-copied-correctly.patch
deleted file mode 100644
index b73b01120..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0005-Ensure-strings-from-peer-are-copied-correctly.patch
+++ /dev/null
@@ -1,78 +0,0 @@
1From c9fc86a50459776d9a7abb609f6503c57d69e034 Mon Sep 17 00:00:00 2001
2From: Lee Duncan <lduncan@suse.com>
3Date: Fri, 15 Dec 2017 11:15:26 -0800
4Subject: [PATCH 5/7] Ensure strings from peer are copied correctly.
5
6The method of using strlen() and strcpy()/strncpy() has
7a couple of holes. Do not try to measure the length of
8strings supplied from peer, and ensure copied strings are
9NULL-terminated. Use the new strlcpy() instead.
10Found by Qualsys.
11
12CVE: CVE-2017-17840
13
14Upstream-Status: Backport
15
16Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
17---
18 iscsiuio/src/unix/iscsid_ipc.c | 24 ++++++------------------
19 1 file changed, 6 insertions(+), 18 deletions(-)
20
21diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
22index bde8d66..52ae8c6 100644
23--- a/iscsiuio/src/unix/iscsid_ipc.c
24+++ b/iscsiuio/src/unix/iscsid_ipc.c
25@@ -152,10 +152,7 @@ static int decode_cidr(char *in_ipaddr_str, struct iface_rec_decode *ird)
26 struct in_addr ia;
27 struct in6_addr ia6;
28
29- if (strlen(in_ipaddr_str) > NI_MAXHOST)
30- strncpy(ipaddr_str, in_ipaddr_str, NI_MAXHOST);
31- else
32- strcpy(ipaddr_str, in_ipaddr_str);
33+ strlcpy(ipaddr_str, in_ipaddr_str, NI_MAXHOST);
34
35 /* Find the CIDR if any */
36 tmp = strchr(ipaddr_str, '/');
37@@ -287,22 +284,16 @@ static int decode_iface(struct iface_rec_decode *ird, struct iface_rec *rec)
38
39 /* For LL on, ignore the IPv6 addr in the iface */
40 if (ird->linklocal_autocfg == IPV6_LL_AUTOCFG_OFF) {
41- if (strlen(rec->ipv6_linklocal) > NI_MAXHOST)
42- strncpy(ipaddr_str, rec->ipv6_linklocal,
43- NI_MAXHOST);
44- else
45- strcpy(ipaddr_str, rec->ipv6_linklocal);
46+ strlcpy(ipaddr_str, rec->ipv6_linklocal,
47+ NI_MAXHOST);
48 inet_pton(AF_INET6, ipaddr_str,
49 &ird->ipv6_linklocal);
50 }
51
52 /* For RTR on, ignore the IPv6 addr in the iface */
53 if (ird->router_autocfg == IPV6_RTR_AUTOCFG_OFF) {
54- if (strlen(rec->ipv6_router) > NI_MAXHOST)
55- strncpy(ipaddr_str, rec->ipv6_router,
56- NI_MAXHOST);
57- else
58- strcpy(ipaddr_str, rec->ipv6_router);
59+ strlcpy(ipaddr_str, rec->ipv6_router,
60+ NI_MAXHOST);
61 inet_pton(AF_INET6, ipaddr_str,
62 &ird->ipv6_router);
63 }
64@@ -316,10 +307,7 @@ static int decode_iface(struct iface_rec_decode *ird, struct iface_rec *rec)
65 calculate_default_netmask(
66 ird->ipv4_addr.s_addr);
67
68- if (strlen(rec->gateway) > NI_MAXHOST)
69- strncpy(ipaddr_str, rec->gateway, NI_MAXHOST);
70- else
71- strcpy(ipaddr_str, rec->gateway);
72+ strlcpy(ipaddr_str, rec->gateway, NI_MAXHOST);
73 inet_pton(AF_INET, ipaddr_str, &ird->ipv4_gateway);
74 }
75 } else {
76--
771.9.1
78
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0006-Skip-useless-strcopy-and-validate-CIDR-length.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0006-Skip-useless-strcopy-and-validate-CIDR-length.patch
deleted file mode 100644
index 0fa24cd10..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0006-Skip-useless-strcopy-and-validate-CIDR-length.patch
+++ /dev/null
@@ -1,44 +0,0 @@
1From a6efed7601c890ac051ad1425582ec67dbd3f5ff Mon Sep 17 00:00:00 2001
2From: Lee Duncan <lduncan@suse.com>
3Date: Fri, 15 Dec 2017 11:18:35 -0800
4Subject: [PATCH 6/7] Skip useless strcopy, and validate CIDR length
5
6Remove a useless strcpy() that copies a string onto itself,
7and ensure the CIDR length "keepbits" is not negative.
8Found by Qualsys.
9
10CVE: CVE-2017-17840
11
12Upstream-Status: Backport
13
14Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
15---
16 iscsiuio/src/unix/iscsid_ipc.c | 5 ++---
17 1 file changed, 2 insertions(+), 3 deletions(-)
18
19diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
20index 52ae8c6..85742da 100644
21--- a/iscsiuio/src/unix/iscsid_ipc.c
22+++ b/iscsiuio/src/unix/iscsid_ipc.c
23@@ -148,7 +148,7 @@ static int decode_cidr(char *in_ipaddr_str, struct iface_rec_decode *ird)
24 char *tmp, *tok;
25 char ipaddr_str[NI_MAXHOST];
26 char str[INET6_ADDRSTRLEN];
27- int keepbits = 0;
28+ unsigned long keepbits = 0;
29 struct in_addr ia;
30 struct in6_addr ia6;
31
32@@ -161,8 +161,7 @@ static int decode_cidr(char *in_ipaddr_str, struct iface_rec_decode *ird)
33 tmp = ipaddr_str;
34 tok = strsep(&tmp, "/");
35 LOG_INFO(PFX "in cidr: bitmask '%s' ip '%s'", tmp, tok);
36- keepbits = atoi(tmp);
37- strcpy(ipaddr_str, tok);
38+ keepbits = strtoull(tmp, NULL, 10);
39 }
40
41 /* Determine if the IP address passed from the iface file is
42--
431.9.1
44
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0007-Check-iscsiuio-ping-data-length-for-validity.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0007-Check-iscsiuio-ping-data-length-for-validity.patch
deleted file mode 100644
index c63c0a8d5..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0007-Check-iscsiuio-ping-data-length-for-validity.patch
+++ /dev/null
@@ -1,64 +0,0 @@
1From 5df60ad8b22194391af34c1a7e54776b0372ffed Mon Sep 17 00:00:00 2001
2From: Lee Duncan <lduncan@suse.com>
3Date: Fri, 15 Dec 2017 11:21:15 -0800
4Subject: [PATCH 7/7] Check iscsiuio ping data length for validity
5
6We do not trust that the received ping packet data length
7is correct, so sanity check it. Found by Qualsys.
8
9CVE: CVE-2017-17840
10
11Upstream-Status: Backport
12
13Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
14---
15 iscsiuio/src/unix/iscsid_ipc.c | 5 +++++
16 iscsiuio/src/unix/packet.c | 2 +-
17 iscsiuio/src/unix/packet.h | 2 ++
18 3 files changed, 8 insertions(+), 1 deletion(-)
19
20diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
21index 85742da..a2caacc 100644
22--- a/iscsiuio/src/unix/iscsid_ipc.c
23+++ b/iscsiuio/src/unix/iscsid_ipc.c
24@@ -333,6 +333,11 @@ static void *perform_ping(void *arg)
25
26 data = (iscsid_uip_broadcast_t *)png_c->data;
27 datalen = data->u.ping_rec.datalen;
28+ if ((datalen > STD_MTU_SIZE) || (datalen < 0)) {
29+ LOG_ERR(PFX "Ping datalen invalid: %d", datalen);
30+ rc = -EINVAL;
31+ goto ping_done;
32+ }
33
34 memset(dst_addr, 0, sizeof(uip_ip6addr_t));
35 if (nic_iface->protocol == AF_INET) {
36diff --git a/iscsiuio/src/unix/packet.c b/iscsiuio/src/unix/packet.c
37index ecea09b..3ce2c6b 100644
38--- a/iscsiuio/src/unix/packet.c
39+++ b/iscsiuio/src/unix/packet.c
40@@ -112,7 +112,7 @@ int alloc_free_queue(nic_t *nic, size_t num_of_packets)
41 for (i = 0; i < num_of_packets; i++) {
42 packet_t *pkt;
43
44- pkt = alloc_packet(1500, 1500);
45+ pkt = alloc_packet(STD_MTU_SIZE, STD_MTU_SIZE);
46 if (pkt == NULL) {
47 goto done;
48 }
49diff --git a/iscsiuio/src/unix/packet.h b/iscsiuio/src/unix/packet.h
50index b63d688..19d1db9 100644
51--- a/iscsiuio/src/unix/packet.h
52+++ b/iscsiuio/src/unix/packet.h
53@@ -43,6 +43,8 @@
54
55 #include "nic.h"
56
57+#define STD_MTU_SIZE 1500
58+
59 struct nic;
60 struct nic_interface;
61
62--
631.9.1
64
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-Do-not-clean-kernel-source.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-Do-not-clean-kernel-source.patch
deleted file mode 100644
index 2c466119c..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-Do-not-clean-kernel-source.patch
+++ /dev/null
@@ -1,44 +0,0 @@
1From 4ebab8add4a549c16ab8b124137546c0a7b46a9b Mon Sep 17 00:00:00 2001
2From: Joe MacDonald <joe_macdonald@mentor.com>
3Date: Tue, 15 Nov 2016 11:11:30 -0500
4Subject: [PATCH] Do not clean kernel source
5
6The default behaviour should not be to attempt to clean the kernel source
7tree when building userspace. When not cross-compiling, however, this action is
8harmless, but when attempting to build within the sysroot and since this package
9is purely userspace, the clean step will fail.
10
11Removing the clean step eliminates an unnecessary dependency on the kernel build
12infrastructure.
13
14Upstream-status: Inappropriate (embedded specific)
15
16Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
17---
18 Makefile | 3 +--
19 1 file changed, 1 insertion(+), 2 deletions(-)
20
21diff --git a/Makefile b/Makefile
22index c8cd00e..9576bba 100644
23--- a/Makefile
24+++ b/Makefile
25@@ -37,7 +37,7 @@ endif
26
27 all: user
28
29-user: iscsiuio/Makefile
30+user:
31 $(MAKE) -C utils/sysdeps
32 $(MAKE) -C utils/fwparam_ibft
33 $(MAKE) -C usr
34@@ -75,7 +75,6 @@ clean:
35 $(MAKE) -C utils/fwparam_ibft clean
36 $(MAKE) -C utils clean
37 $(MAKE) -C usr clean
38- $(MAKE) -C kernel clean
39 [ ! -f iscsiuio/Makefile ] || $(MAKE) -C iscsiuio clean
40 [ ! -f iscsiuio/Makefile ] || $(MAKE) -C iscsiuio distclean
41
42--
431.9.1
44
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-fw_context-add-include-for-NI_MAXHOST-definiton.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-fw_context-add-include-for-NI_MAXHOST-definiton.patch
deleted file mode 100644
index 37d695f49..000000000
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/iscsi-initiator-utils-fw_context-add-include-for-NI_MAXHOST-definiton.patch
+++ /dev/null
@@ -1,35 +0,0 @@
1From 79bea58a554205dd185509fbc4e76b5fc40f9038 Mon Sep 17 00:00:00 2001
2From: Joe MacDonald <joe_macdonald@mentor.com>
3Date: Tue, 15 Nov 2016 12:36:45 -0500
4Subject: [PATCH] fw_context: add include for NI_MAXHOST definiton
5
6This appears to build successfully with gcc 4.x but fails on gcc 5+, though it's
7not immediately clear why NI_MAXHOST isn't being defined from the include
8chain. Currently engaging with the upstream devs to determine the best course
9of action, but this is an adequate workaround.
10
11Upstream-status: Pending
12
13Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
14---
15 include/fw_context.h | 4 +
16 1 file changed, 1 insertion(+)
17
18diff --git a/include/fw_context.h b/include/fw_context.h
19index 44053d8..0b05cea 100644
20--- a/include/fw_context.h
21+++ b/include/fw_context.h
22@@ -21,6 +21,10 @@
23 #ifndef FWPARAM_CONTEXT_H_
24 #define FWPARAM_CONTEXT_H_
25
26+#include <sys/socket.h>
27+#ifndef NI_MAXHOST
28+#define NI_MAXHOST 1025
29+#endif
30 #include <netdb.h>
31 #include <net/if.h>
32
33--
342.1.4
35
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.0.874.bb b/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.0.876.bb
index 6c4a867b5..823227c46 100644
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.0.874.bb
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.0.876.bb
@@ -11,26 +11,22 @@ DEPENDS = "openssl flex-native bison-native open-isns util-linux"
11 11
12LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833" 12LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
13 13
14SRCREV ?= "8db9717e73d32d2c5131da4f9ad86dfd9065f74b" 14SRCREV ?= "24580adc4c174bbc5dde3ae7594a46d57635e906"
15 15
16SRC_URI = "git://github.com/open-iscsi/open-iscsi \ 16SRC_URI = "git://github.com/open-iscsi/open-iscsi \
17 file://iscsi-initiator-utils-Do-not-clean-kernel-source.patch \
18 file://iscsi-initiator-utils-fw_context-add-include-for-NI_MAXHOST-definiton.patch \
19 file://initd.debian \ 17 file://initd.debian \
20 file://99_iscsi-initiator-utils \ 18 file://99_iscsi-initiator-utils \
21 file://iscsi-initiator \ 19 file://iscsi-initiator \
22 file://iscsi-initiator.service \ 20 file://iscsi-initiator.service \
23 file://iscsi-initiator-targets.service \ 21 file://iscsi-initiator-targets.service \
24 file://set_initiatorname \ 22 file://set_initiatorname \
25 file://0001-Check-for-root-peer-user-for-iscsiuio-IPC.patch \ 23 file://0001-libopeniscsiusr-Include-limit.h-for-PATH_MAX.patch \
26 file://0002-iscsiuio-should-ignore-bogus-iscsid-broadcast-packet.patch \ 24 file://0002-libopeniscsiusr-Add-CFLAGS-to-linker-cmdline.patch \
27 file://0003-Ensure-all-fields-in-iscsiuio-IPC-response-are-set.patch \ 25 file://0001-qedi.c-Removed-unused-linux-ethtool.h.patch \
28 file://0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch \ 26 file://0002-idbm.c-Include-fcnl.h-for-O_RDWR-and-O_CREAT-definit.patch \
29 file://0005-Ensure-strings-from-peer-are-copied-correctly.patch \ 27 file://0003-bnx2x.c-Reorder-the-includes-to-avoid-duplicate-defi.patch \
30 file://0006-Skip-useless-strcopy-and-validate-CIDR-length.patch \ 28 file://0004-fwparam_ppc.c-Do-not-use-__compar_fn_t.patch \
31 file://0007-Check-iscsiuio-ping-data-length-for-validity.patch \
32" 29"
33
34S = "${WORKDIR}/git" 30S = "${WORKDIR}/git"
35B = "${WORKDIR}/build" 31B = "${WORKDIR}/build"
36 32
@@ -39,25 +35,15 @@ inherit update-rc.d systemd autotools
39EXTRA_OECONF = " \ 35EXTRA_OECONF = " \
40 --target=${TARGET_SYS} \ 36 --target=${TARGET_SYS} \
41 --host=${BUILD_SYS} \ 37 --host=${BUILD_SYS} \
42 --prefix=${prefix} \
43 --libdir=${libdir} \
44" 38"
45 39
46EXTRA_OEMAKE = ' \ 40EXTRA_OEMAKE = ' \
47 CC="${CC}" \
48 AR="${AR}" \
49 RANLIB="${RANLIB}" \
50 CFLAGS="${CFLAGS} ${CPPFLAGS} -D_GNU_SOURCE -I. -I../include -I../../include -I../usr -I../../usr" \
51 LDFLAGS="${LDFLAGS}" \
52 LD="${LD}" \
53 OS="${TARGET_SYS}" \ 41 OS="${TARGET_SYS}" \
54 TARGET="${TARGET_OS}" \ 42 TARGET="${TARGET_OS}" \
55 BASE="${prefix}" \ 43 BASE="${prefix}" \
56 MANDIR="${mandir}" \ 44 MANDIR="${mandir}" \
57' 45'
58 46
59TARGET_CC_ARCH += "${LDFLAGS}"
60
61do_configure () { 47do_configure () {
62 cd ${S}/iscsiuio ; autoreconf --install; ./configure ${EXTRA_OECONF} 48 cd ${S}/iscsiuio ; autoreconf --install; ./configure ${EXTRA_OECONF}
63} 49}
@@ -81,12 +67,14 @@ do_install () {
81 ${D}${localstatedir}/lib/iscsi/isns \ 67 ${D}${localstatedir}/lib/iscsi/isns \
82 ${D}${localstatedir}/lib/iscsi/slp \ 68 ${D}${localstatedir}/lib/iscsi/slp \
83 ${D}${localstatedir}/lib/iscsi/ifaces \ 69 ${D}${localstatedir}/lib/iscsi/ifaces \
84 ${D}/${mandir}/man8 70 ${D}${libdir} \
71 ${D}${mandir}/man8
85 72
86 install -p -m 755 ${S}/usr/iscsid ${S}/usr/iscsiadm \ 73 install -p -m 755 ${S}/usr/iscsid ${S}/usr/iscsiadm \
87 ${S}/utils/iscsi-iname \ 74 ${S}/utils/iscsi-iname \
88 ${S}/usr/iscsistart ${D}/${sbindir} 75 ${S}/usr/iscsistart ${D}/${sbindir}
89 76
77 cp -dR ${S}/libopeniscsiusr/libopeniscsiusr.so* ${D}${libdir}
90 install -p -m 644 ${S}/doc/iscsiadm.8 ${S}/doc/iscsid.8 ${D}/${mandir}/man8 78 install -p -m 644 ${S}/doc/iscsiadm.8 ${S}/doc/iscsid.8 ${D}/${mandir}/man8
91 install -p -m 644 ${S}/etc/iscsid.conf ${D}${sysconfdir}/iscsi 79 install -p -m 644 ${S}/etc/iscsid.conf ${D}${sysconfdir}/iscsi
92 install -p -m 755 ${WORKDIR}/initd.debian ${D}${sysconfdir}/init.d/iscsid 80 install -p -m 755 ${WORKDIR}/initd.debian ${D}${sysconfdir}/init.d/iscsid
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-23 10:11:43 +0000