diff options
| author | Chen Qi <Qi.Chen@windriver.com> | 2019-02-26 09:20:16 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-03-03 15:38:13 +0000 |
| commit | 4eb2b3f1503a41474d0c40ada296a9800840267c (patch) | |
| tree | a8115d141b07b7d064f434dbaa237676abb517b1 /meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch | |
| parent | f1c766fc4e51ada80c022a63176aafd9b40ef07c (diff) | |
| download | poky-4eb2b3f1503a41474d0c40ada296a9800840267c.tar.gz | |
systemd: upgrade to 241
PATCH REBASED:
==============
0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch
0004-rules-whitelist-hd-devices.patch
0007-rules-watch-metadata-changes-in-ide-devices.patch
0001-Use-getenv-when-secure-versions-are-not-available.patch
0002-don-t-use-glibc-specific-qsort_r.patch
0004-add-fallback-parse_printf_format-implementation.patch
0006-src-basic-missing.h-check-for-missing-strndupa.patch
0007-Include-netinet-if_ether.h.patch
0008-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
0009-add-missing-FTW_-macros-for-musl.patch
0012-fix-missing-of-__register_atfork-for-non-glibc-build.patch
0013-Use-uintmax_t-for-handling-rlim_t.patch
0014-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch
0021-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
PATCH DROPPED:
==============
0005-Make-root-s-home-directory-configurable.patch
systemd has its hardcoded assumption about /home and /, and it also respects
$HOME environment var, so this patch is somehow useless. This patch was originally
added but in fact had no real runtime effect except messing up some hardcoded assumptions,
and it was accidently manipulated during systemd upgrade. We have in fact not
used the orignal patch for more than two releases and things were working out
well.
0006-remove-nobody-user-group-checking.patch
The issue has been fixed upstream by the following commit.
"check nobody user/group validity only when not cross compiling"
0008-Do-not-enable-nss-tests-if-nss-systemd-is-not-enable.patch
0009-nss-mymachines-Build-conditionally-when-ENABLE_MYHOS.patch
The issue has been fixed upstream by the following commit.
"meson: allow building resolved and machined without nss modules"
0001-login-use-parse_uid-when-unmounting-user-runtime-dir.patch
0001-sd-bus-make-BUS_DEFAULT_TIMEOUT-configurable.patch
Backport
0022-build-sys-Detect-whether-struct-statx-is-defined-in-.patch
Merged
0023-resolvconf-fixes-for-the-compatibility-interface.patch
0001-core-when-deserializing-state-always-use-read_line-L.patch
0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch
0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch
0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch
0001-timesync-changes-type-of-drift_freq-to-int64_t.patch
Backport
0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch
0002-core-Fix-use-after-free-case-in-load_from_path.patch
Merged
0001-meson-rename-Ddebug-to-Ddebug-extra.patch
0024-journald-do-not-store-the-iovec-entry-for-process-co.patch
0025-journald-set-a-limit-on-the-number-of-fields.patch
0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch
CVE-2019-6454.patch
sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch
0005-basic-user-util-properly-protect-use-of-gshadow.patch
0022-Use-if-instead-of-ifdef-for-ENABLE_GSHADOW.patch
Backport
0001-Remove-fstack-protector-flags-to-workaround-musl-bui.patch
No build failure for qemux86/qemuppc + musl
PATCH ADDED:
============
0020-missing_type.h-add-__compar_d_fn_t-definition.patch
0021-avoid-redefinition-of-prctl_mm_map-structure.patch
0022-include-sys-wait.h-to-avoid-compile-failure.patch
0023-socket-util.h-include-string.h.patch
0024-test-json.c-define-M_PIl.patch
0001-do-not-disable-buffer-in-writing-files.patch
PATCH OTHERS:
=============
0003-comparison_fn_t-is-glibc-specific-use-raw-signature-.patch
0011-src-basic-missing.h-check-for-missing-__compar_fn_t-.patch
are combined into one patch:
0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch
Add two more PACKAGECONFIG, nss-mymachines and nss-resolve which are introduced
by the following commit.
meson: allow building resolved and machined without nss modules
(From OE-Core rev: 816e08c18dbcf6e84dedc7a4bd96ddfbf2f86ebc)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch')
| -rw-r--r-- | meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch | 61 |
1 files changed, 0 insertions, 61 deletions
diff --git a/meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch b/meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch deleted file mode 100644 index 57311faa60..0000000000 --- a/meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch +++ /dev/null | |||
| @@ -1,61 +0,0 @@ | |||
| 1 | Description: sd-bus: if we receive an invalid dbus message, ignore and | ||
| 2 | proceeed | ||
| 3 | . | ||
| 4 | dbus-daemon might have a slightly different idea of what a valid msg is | ||
| 5 | than us (for example regarding valid msg and field sizes). Let's hence | ||
| 6 | try to proceed if we can and thus drop messages rather than fail the | ||
| 7 | connection if we fail to validate a message. | ||
| 8 | . | ||
| 9 | Hopefully the differences in what is considered valid are not visible | ||
| 10 | for real-life usecases, but are specific to exploit attempts only. | ||
| 11 | Author: Lennart Poettering <lennart@poettering.net> | ||
| 12 | Forwarded: other,https://github.com/systemd/systemd/pull/11708/ | ||
| 13 | |||
| 14 | Patch from: systemd_239-7ubuntu10.8 | ||
| 15 | |||
| 16 | For information see: | ||
| 17 | https://usn.ubuntu.com/3891-1/ | ||
| 18 | https://git.launchpad.net/ubuntu/+source/systemd/commit/?id=f8e75d5634904c8e672658856508c3a02f349adb | ||
| 19 | |||
| 20 | CVE: CVE-2019-6454 | ||
| 21 | Upstream-Status: Backport | ||
| 22 | |||
| 23 | Signed-off-by: George McCollister <george.mccollister@gmail.com> | ||
| 24 | |||
| 25 | diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c | ||
| 26 | index 30d6455b6f..441b4a816f 100644 | ||
| 27 | --- a/src/libsystemd/sd-bus/bus-socket.c | ||
| 28 | +++ b/src/libsystemd/sd-bus/bus-socket.c | ||
| 29 | @@ -1072,7 +1072,7 @@ static int bus_socket_read_message_need(sd_bus *bus, size_t *need) { | ||
| 30 | } | ||
| 31 | |||
| 32 | static int bus_socket_make_message(sd_bus *bus, size_t size) { | ||
| 33 | - sd_bus_message *t; | ||
| 34 | + sd_bus_message *t = NULL; | ||
| 35 | void *b; | ||
| 36 | int r; | ||
| 37 | |||
| 38 | @@ -1097,7 +1097,9 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) { | ||
| 39 | bus->fds, bus->n_fds, | ||
| 40 | NULL, | ||
| 41 | &t); | ||
| 42 | - if (r < 0) { | ||
| 43 | + if (r == -EBADMSG) | ||
| 44 | + log_debug_errno(r, "Received invalid message from connection %s, dropping.", strna(bus->description)); | ||
| 45 | + else if (r < 0) { | ||
| 46 | free(b); | ||
| 47 | return r; | ||
| 48 | } | ||
| 49 | @@ -1108,7 +1110,8 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) { | ||
| 50 | bus->fds = NULL; | ||
| 51 | bus->n_fds = 0; | ||
| 52 | |||
| 53 | - bus->rqueue[bus->rqueue_size++] = t; | ||
| 54 | + if (t) | ||
| 55 | + bus->rqueue[bus->rqueue_size++] = t; | ||
| 56 | |||
| 57 | return 1; | ||
| 58 | } | ||
| 59 | -- | ||
| 60 | 2.17.1 | ||
| 61 | |||