nfs-utils: fix CVE-2019-3689

Fix CVE-2019-3689 (From OE-Core rev: 15186556c7e6ccdb3a308c90563f61b0bbd57407) Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: wenlin.kang@windriver.com <wenlin.kang@windriver.com> 2020-06-28 03:14:06 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-07-08 10:47:50 +0100
commit: 9771da0a54949c383a893beb14354fa0b255682a (patch)
tree: 294cd5d028055940005e6e4aa3a9d9df95d57246 /meta/recipes-connectivity
parent: d6c3a4db81576aec3a7ceab17969faff97e94aa0 (diff)
download: poky-9771da0a54949c383a893beb14354fa0b255682a.tar.gz
2 files changed, 103 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-take-user-id-from-var-lib-nfs-sm.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-take-user-id-from-var-lib-nfs-sm.patch
new file mode 100644
index 0000000000..87f4f098e0
--- /dev/null
+++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-take-user-id-from-var-lib-nfs-sm.patch
@@ -0,0 +1,102 @@
+From 12ee0ff1120a6e42b67cc90ad7d5006555e866c3 Mon Sep 17 00:00:00 2001
+From: NeilBrown <neilb@suse.de>
+Date: Tue, 23 Jun 2020 09:22:22 +0000
+Subject: [PATCH] statd: take user-id from /var/lib/nfs/sm
+Having /var/lib/nfs writeable by statd is not ideal
+as there are files in there that statd doesn't need
+to access.
+After dropping privs, statd and sm-notify only need to
+access files in the directories sm and sm.bak.
+So take the uid for these deamons from 'sm'.
+Upstream-Status: Backport [https://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=fee2cc29e888f2ced6a76990923aef19d326dc0e]
+CVE: CVE-2019-3689
+Signed-off-by: NeilBrown <neilb@suse.de>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
+---
+ support/nsm/file.c        | 16 +++++-----------
+ utils/statd/sm-notify.man | 10 +++++++++-
+ utils/statd/statd.man     | 10 +++++++++-
+ 3 files changed, 23 insertions(+), 13 deletions(-)
+diff --git a/support/nsm/file.c b/support/nsm/file.c
+index 0b66f12..f5b4480 100644
+--- a/support/nsm/file.c
+++ b/support/nsm/file.c
+@@ -388,23 +388,17 @@ nsm_drop_privileges(const int pidfd)
+ 
+        (void)umask(S_IRWXO);
+ 
+-       /*
+-        * XXX: If we can't stat dirname, or if dirname is owned by
+-        *      root, we should use "statduser" instead, which is set up
+-        *      by configure.ac.  Nothing in nfs-utils seems to use
+-        *      "statduser," though.
+-        */
+-       if (lstat(nsm_base_dirname, &st) == -1) {
+-               xlog(L_ERROR, "Failed to stat %s: %m", nsm_base_dirname);
+-               return false;
+-       }
+-
+        if (chdir(nsm_base_dirname) == -1) {
+                xlog(L_ERROR, "Failed to change working directory to %s: %m",
+                                nsm_base_dirname);
+                return false;
+        }
+ 
+       if (lstat(NSM_MONITOR_DIR, &st) == -1) {
+               xlog(L_ERROR, "Failed to stat %s/%s: %m", nsm_base_dirname, NSM_MONITOR_DIR);
+               return false;
+       }
+
+        if (!prune_bounding_set())
+                return false;
+ 
+diff --git a/utils/statd/sm-notify.man b/utils/statd/sm-notify.man
+index cfe1e4b..addf5d3 100644
+--- a/utils/statd/sm-notify.man
+++ b/utils/statd/sm-notify.man
+@@ -190,7 +190,15 @@ by default.
+ After starting,
+ .B sm-notify
+ attempts to set its effective UID and GID to the owner
+-and group of this directory.
+and group of the subdirectory
+.B sm
+of this directory.  After changing the effective ids,
+.B sm-notify
+only needs to access files in
+.B sm
+and
+.B sm.bak
+within the state-directory-path.
+ .TP
+ .BI -v " ipaddr " | " hostname
+ Specifies the network address from which to send reboot notifications,
+diff --git a/utils/statd/statd.man b/utils/statd/statd.man
+index 71d5846..6222701 100644
+--- a/utils/statd/statd.man
+++ b/utils/statd/statd.man
+@@ -259,7 +259,15 @@ by default.
+ After starting,
+ .B rpc.statd
+ attempts to set its effective UID and GID to the owner
+-and group of this directory.
+and group of the subdirectory
+.B sm
+of this directory.  After changing the effective ids,
+.B rpc.statd
+only needs to access files in
+.B sm
+and
+.B sm.bak
+within the state-directory-path.
+ .TP
+ .BR -v ", " -V ", " --version
+ Causes
+-- 
+2.23.0
diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb
index 3ae8f965c8..458e534864 100644
--- a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb
+++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb
@@ -34,6 +34,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x
           file://0001-Don-t-build-tools-with-CC_FOR_BUILD.patch \
           file://0001-Fix-include-order-between-config.h-and-stat.h.patch \
           file://0001-Disable-statx-if-using-glibc-emulation.patch \
+           file://0001-statd-take-user-id-from-var-lib-nfs-sm.patch \
 "
 SRC_URI_append_libc-glibc = " file://0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch"
 SRC_URI_append_libc-musl = " file://nfs-utils-musl-res_querydomain.patch"
author	wenlin.kang@windriver.com <wenlin.kang@windriver.com>	2020-06-28 03:14:06 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-07-08 10:47:50 +0100
commit	9771da0a54949c383a893beb14354fa0b255682a (patch)
tree	294cd5d028055940005e6e4aa3a9d9df95d57246 /meta/recipes-connectivity
parent	d6c3a4db81576aec3a7ceab17969faff97e94aa0 (diff)
download	poky-9771da0a54949c383a893beb14354fa0b255682a.tar.gz

diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-take-user-id-from-var-lib-nfs-sm.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-take-user-id-from-var-lib-nfs-sm.patch new file mode 100644 index 0000000000..87f4f098e0 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-take-user-id-from-var-lib-nfs-sm.patch
@@ -0,0 +1,102 @@
		1	From 12ee0ff1120a6e42b67cc90ad7d5006555e866c3 Mon Sep 17 00:00:00 2001
		2	From: NeilBrown <neilb@suse.de>
		3	Date: Tue, 23 Jun 2020 09:22:22 +0000
		4	Subject: [PATCH] statd: take user-id from /var/lib/nfs/sm
		5
		6	Having /var/lib/nfs writeable by statd is not ideal
		7	as there are files in there that statd doesn't need
		8	to access.
		9	After dropping privs, statd and sm-notify only need to
		10	access files in the directories sm and sm.bak.
		11	So take the uid for these deamons from 'sm'.
		12
		13	Upstream-Status: Backport [https://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=fee2cc29e888f2ced6a76990923aef19d326dc0e]
		14	CVE: CVE-2019-3689
		15
		16	Signed-off-by: NeilBrown <neilb@suse.de>
		17	Signed-off-by: Steve Dickson <steved@redhat.com>
		18	Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
		19	---
		20	support/nsm/file.c \| 16 +++++-----------
		21	utils/statd/sm-notify.man \| 10 +++++++++-
		22	utils/statd/statd.man \| 10 +++++++++-
		23	3 files changed, 23 insertions(+), 13 deletions(-)
		24
		25	diff --git a/support/nsm/file.c b/support/nsm/file.c
		26	index 0b66f12..f5b4480 100644
		27	--- a/support/nsm/file.c
		28	+++ b/support/nsm/file.c
		29	@@ -388,23 +388,17 @@ nsm_drop_privileges(const int pidfd)
		30
		31	(void)umask(S_IRWXO);
		32
		33	- /*
		34	- * XXX: If we can't stat dirname, or if dirname is owned by
		35	- * root, we should use "statduser" instead, which is set up
		36	- * by configure.ac. Nothing in nfs-utils seems to use
		37	- * "statduser," though.
		38	- */
		39	- if (lstat(nsm_base_dirname, &st) == -1) {
		40	- xlog(L_ERROR, "Failed to stat %s: %m", nsm_base_dirname);
		41	- return false;
		42	- }
		43	-
		44	if (chdir(nsm_base_dirname) == -1) {
		45	xlog(L_ERROR, "Failed to change working directory to %s: %m",
		46	nsm_base_dirname);
		47	return false;
		48	}
		49
		50	+ if (lstat(NSM_MONITOR_DIR, &st) == -1) {
		51	+ xlog(L_ERROR, "Failed to stat %s/%s: %m", nsm_base_dirname, NSM_MONITOR_DIR);
		52	+ return false;
		53	+ }
		54	+
		55	if (!prune_bounding_set())
		56	return false;
		57
		58	diff --git a/utils/statd/sm-notify.man b/utils/statd/sm-notify.man
		59	index cfe1e4b..addf5d3 100644
		60	--- a/utils/statd/sm-notify.man
		61	+++ b/utils/statd/sm-notify.man
		62	@@ -190,7 +190,15 @@ by default.
		63	After starting,
		64	.B sm-notify
		65	attempts to set its effective UID and GID to the owner
		66	-and group of this directory.
		67	+and group of the subdirectory
		68	+.B sm
		69	+of this directory. After changing the effective ids,
		70	+.B sm-notify
		71	+only needs to access files in
		72	+.B sm
		73	+and
		74	+.B sm.bak
		75	+within the state-directory-path.
		76	.TP
		77	.BI -v " ipaddr " \| " hostname
		78	Specifies the network address from which to send reboot notifications,
		79	diff --git a/utils/statd/statd.man b/utils/statd/statd.man
		80	index 71d5846..6222701 100644
		81	--- a/utils/statd/statd.man
		82	+++ b/utils/statd/statd.man
		83	@@ -259,7 +259,15 @@ by default.
		84	After starting,
		85	.B rpc.statd
		86	attempts to set its effective UID and GID to the owner
		87	-and group of this directory.
		88	+and group of the subdirectory
		89	+.B sm
		90	+of this directory. After changing the effective ids,
		91	+.B rpc.statd
		92	+only needs to access files in
		93	+.B sm
		94	+and
		95	+.B sm.bak
		96	+within the state-directory-path.
		97	.TP
		98	.BR -v ", " -V ", " --version
		99	Causes
		100	--
		101	2.23.0
		102


diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb index 3ae8f965c8..458e534864 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb
@@ -34,6 +34,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x
34	file://0001-Don-t-build-tools-with-CC_FOR_BUILD.patch \	34	file://0001-Don-t-build-tools-with-CC_FOR_BUILD.patch \
35	file://0001-Fix-include-order-between-config.h-and-stat.h.patch \	35	file://0001-Fix-include-order-between-config.h-and-stat.h.patch \
36	file://0001-Disable-statx-if-using-glibc-emulation.patch \	36	file://0001-Disable-statx-if-using-glibc-emulation.patch \
		37	file://0001-statd-take-user-id-from-var-lib-nfs-sm.patch \
37	"	38	"
38	SRC_URI_append_libc-glibc = " file://0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch"	39	SRC_URI_append_libc-glibc = " file://0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch"
39	SRC_URI_append_libc-musl = " file://nfs-utils-musl-res_querydomain.patch"	40	SRC_URI_append_libc-musl = " file://nfs-utils-musl-res_querydomain.patch"