rpi/domo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Bump buildroot to 2019.02

Browse Source
This commit is contained in:
NADAL Jean-Baptiste
2019-03-28 22:49:48 +01:00
parent 5598b1b762
commit 920d307141
5121 changed files with 78550 additions and 46132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
bsp/buildroot/package/systemd/0001-fix-getty-unit.patch
View File

@@ -1,7 +1,10 @@
From 7deb6387aeb07fa4300fa3cf9d6c039dabd120d7 Mon Sep 17 00:00:00 2001
From 69e440f9b7a0e9a43ef582d4bb521722b448a7c2 Mon Sep 17 00:00:00 2001
From: Maxime Ripard <maxime.ripard@free-electrons.com>
Date: Mon, 31 Jul 2017 10:08:46 -0400
Subject: [PATCH] fix-getty-unit
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Prefer getty to agetty in console setup systemd units
@@ -9,13 +12,43 @@ Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
[aduskett@gmail.com: Update for systemd v237]
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Jérémy: replace additional usage of agetty by getty.]
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
---
units/getty@.service.m4 | 5 +----
units/serial-getty@.service.m4 | 2 +-
2 files changed, 2 insertions(+), 5 deletions(-)
units/console-getty.service.m4 | 2 +-
units/container-getty@.service.m4 | 2 +-
units/getty@.service.m4 | 5 +----
units/serial-getty@.service.m4 | 2 +-
4 files changed, 4 insertions(+), 7 deletions(-)
diff --git a/units/console-getty.service.m4 b/units/console-getty.service.m4
index 3c553240a..fd5ad9456 100644
--- a/units/console-getty.service.m4
+++ b/units/console-getty.service.m4
@@ -23,7 +23,7 @@ ConditionPathExists=/dev/console
# The '-o' option value tells agetty to replace 'login' arguments with an
# option to preserve environment (-p), followed by '--' for safety, and then
# the entered username.
-ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear --keep-baud console 115200,38400,9600 $TERM
+ExecStart=-/sbin/getty -L console 115200 vt100
Type=idle
Restart=always
UtmpIdentifier=cons
diff --git a/units/container-getty@.service.m4 b/units/container-getty@.service.m4
index 087ab7f9b..30f7b66fe 100644
--- a/units/container-getty@.service.m4
+++ b/units/container-getty@.service.m4
@@ -28,7 +28,7 @@ Before=rescue.service
# The '-o' option value tells agetty to replace 'login' arguments with an
# option to preserve environment (-p), followed by '--' for safety, and then
# the entered username.
-ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear --keep-baud pts/%I 115200,38400,9600 $TERM
+ExecStart=-/sbin/getty -L %I 115200 vt100
Type=idle
Restart=always
RestartSec=0
diff --git a/units/getty@.service.m4 b/units/getty@.service.m4
index 2a84061..7ad588f 100644
index 80e793bb7..385758c61 100644
--- a/units/getty@.service.m4
+++ b/units/getty@.service.m4
@@ -35,10 +35,7 @@ ConditionPathExists=/dev/tty0
@@ -31,7 +64,7 @@ index 2a84061..7ad588f 100644
Restart=always
RestartSec=0
diff --git a/units/serial-getty@.service.m4 b/units/serial-getty@.service.m4
index b7caeaf..c663612 100644
index 757b86ab2..3d60efdb6 100644
--- a/units/serial-getty@.service.m4
+++ b/units/serial-getty@.service.m4
@@ -33,7 +33,7 @@ Before=rescue.service
@@ -44,5 +77,5 @@ index b7caeaf..c663612 100644
Restart=always
UtmpIdentifier=%I
--
2.13.3
2.14.4

12
bsp/buildroot/package/systemd/0002-install-don-t-use-ln-relative.patch
View File

@@ -1,4 +1,4 @@
From 17560d52e9ec0afebbfe31e694870c6433b36f60 Mon Sep 17 00:00:00 2001
From 7f4a12d25bbb5859d266f32f7a3d794bb62c354e Mon Sep 17 00:00:00 2001
From: Adam Duskett <Adamduskett@outlook.com>
Date: Sun, 31 Dec 2017 12:46:04 -0500
Subject: [PATCH] install: don't use ln --relative
@@ -30,15 +30,15 @@ Signed-off-by: Trent Piepho <tpiepho@impinj.com>
3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/meson.build b/meson.build
index d4af95a44..d75f2b34c 100644
index 04331dd41..359042c04 100644
--- a/meson.build
+++ b/meson.build
@@ -586,7 +586,7 @@ endforeach
@@ -628,7 +628,7 @@ endforeach
conf.set_quoted('TELINIT', get_option('telinit-path'))
if run_command('ln', '--relative', '--help').returncode() != 0
- error('ln does not support --relative')
+ message('ln does not support --relative')
- error('ln does not support --relative (added in coreutils 8.16)')
+ message('ln does not support --relative (added in coreutils 8.16)')
endif
############################################################
@@ -76,5 +76,5 @@ index 70f7172ae..bb8155075 100755
+dds="$(printf "%s" "${linkdir#${DESTDIR:-}}" |sed -r -e 's:/+[^/]+:../:g; s:/$::')"
+ln -vfs "$dds$unitpath" "$dir"
--
2.14.3
2.14.4

159
bsp/buildroot/package/systemd/0003-fix-am-path-libgcrypt-no-found.patch
View File

@@ -1,159 +0,0 @@
From cb47c1da9c4a8f69662f9c17497aeeb8a922d41a Mon Sep 17 00:00:00 2001
From: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Date: Fri, 28 Jul 2017 07:13:51 -0400
Subject: [PATCH] Fix AM_PATH_LIBGCRYPT not found
This patch installs a copy of libgcrypt.m4 from the libgcrypt source tarball
to systemd m4 directory.
Libgcrypt uses a custom m4 macro and not pkg-config to check if the
development files are available. Though libgcrypt support is optional in
systemd, this macro should be available whenever autoreconf is used, otherwise
the re-configuration will fail with:
configure.ac:616: warning: macro 'AM_PATH_LIBGCRYPT' not found in library
As asking the user to install the development package of libgcrypt on the host
machine or adding libgcrypt as a build dependency to systemd is not
acceptable, the required file is added to the m4 directory.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
[Adam: Refresh for 234]
Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
m4/libgcrypt.m4 | 123 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 123 insertions(+)
create mode 100644 m4/libgcrypt.m4
diff --git a/m4/libgcrypt.m4 b/m4/libgcrypt.m4
new file mode 100644
index 0000000..831dc0c
--- /dev/null
+++ b/m4/libgcrypt.m4
@@ -0,0 +1,123 @@
+dnl Autoconf macros for libgcrypt
+dnl Copyright (C) 2002, 2004 Free Software Foundation, Inc.
+dnl
+dnl This file is free software; as a special exception the author gives
+dnl unlimited permission to copy and/or distribute it, with or without
+dnl modifications, as long as this notice is preserved.
+dnl
+dnl This file is distributed in the hope that it will be useful, but
+dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
+dnl AM_PATH_LIBGCRYPT([MINIMUM-VERSION,
+dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libgcrypt and define LIBGCRYPT_CFLAGS and LIBGCRYPT_LIBS.
+dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed
+dnl with the API version to also check the API compatibility. Example:
+dnl a MINIMUN-VERSION of 1:1.2.5 won't pass the test unless the installed
+dnl version of libgcrypt is at least 1.2.5 *and* the API number is 1. Using
+dnl this features allows to prevent build against newer versions of libgcrypt
+dnl with a changed API.
+dnl
+AC_DEFUN([AM_PATH_LIBGCRYPT],
+[ AC_ARG_WITH(libgcrypt-prefix,
+ AC_HELP_STRING([--with-libgcrypt-prefix=PFX],
+ [prefix where LIBGCRYPT is installed (optional)]),
+ libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="")
+ if test x$libgcrypt_config_prefix != x ; then
+ if test x${LIBGCRYPT_CONFIG+set} != xset ; then
+ LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config
+ fi
+ fi
+
+ AC_PATH_TOOL(LIBGCRYPT_CONFIG, libgcrypt-config, no)
+ tmp=ifelse([$1], ,1:1.2.0,$1)
+ if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
+ req_libgcrypt_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'`
+ min_libgcrypt_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
+ else
+ req_libgcrypt_api=0
+ min_libgcrypt_version="$tmp"
+ fi
+
+ AC_MSG_CHECKING(for LIBGCRYPT - version >= $min_libgcrypt_version)
+ ok=no
+ if test "$LIBGCRYPT_CONFIG" != "no" ; then
+ req_major=`echo $min_libgcrypt_version | \
+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
+ req_minor=`echo $min_libgcrypt_version | \
+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
+ req_micro=`echo $min_libgcrypt_version | \
+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'`
+ libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version`
+ major=`echo $libgcrypt_config_version | \
+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
+ minor=`echo $libgcrypt_config_version | \
+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
+ micro=`echo $libgcrypt_config_version | \
+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
+ if test "$major" -gt "$req_major"; then
+ ok=yes
+ else
+ if test "$major" -eq "$req_major"; then
+ if test "$minor" -gt "$req_minor"; then
+ ok=yes
+ else
+ if test "$minor" -eq "$req_minor"; then
+ if test "$micro" -ge "$req_micro"; then
+ ok=yes
+ fi
+ fi
+ fi
+ fi
+ fi
+ fi
+ if test $ok = yes; then
+ AC_MSG_RESULT([yes ($libgcrypt_config_version)])
+ else
+ AC_MSG_RESULT(no)
+ fi
+ if test $ok = yes; then
+ # If we have a recent libgcrypt, we should also check that the
+ # API is compatible
+ if test "$req_libgcrypt_api" -gt 0 ; then
+ tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0`
+ if test "$tmp" -gt 0 ; then
+ AC_MSG_CHECKING([LIBGCRYPT API version])
+ if test "$req_libgcrypt_api" -eq "$tmp" ; then
+ AC_MSG_RESULT([okay])
+ else
+ ok=no
+ AC_MSG_RESULT([does not match. want=$req_libgcrypt_api got=$tmp])
+ fi
+ fi
+ fi
+ fi
+ if test $ok = yes; then
+ LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags`
+ LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs`
+ ifelse([$2], , :, [$2])
+ if test x"$host" != x ; then
+ libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none`
+ if test x"$libgcrypt_config_host" != xnone ; then
+ if test x"$libgcrypt_config_host" != x"$host" ; then
+ AC_MSG_WARN([[
+***
+*** The config script $LIBGCRYPT_CONFIG was
+*** built for $libgcrypt_config_host and thus may not match the
+*** used host $host.
+*** You may want to use the configure option --with-libgcrypt-prefix
+*** to specify a matching config script.
+***]])
+ fi
+ fi
+ fi
+ else
+ LIBGCRYPT_CFLAGS=""
+ LIBGCRYPT_LIBS=""
+ ifelse([$3], , :, [$3])
+ fi
+ AC_SUBST(LIBGCRYPT_CFLAGS)
+ AC_SUBST(LIBGCRYPT_LIBS)
+])
--
2.13.3

60
bsp/buildroot/package/systemd/0003-meson-use-cross-compilation-compatible-c-check.patch Normal file
View File

@@ -0,0 +1,60 @@
From 180a940333c84495015bd5b24d41c1dbfff509f2 Mon Sep 17 00:00:00 2001
From: James Hilliard <james.hilliard1@gmail.com>
Date: Thu, 27 Dec 2018 09:16:20 +0800
Subject: [PATCH] meson: use cross compilation compatible c++ check
[james.hilliard1@gmail.com: backport from upstream commit
46e63a2a3ed46ce97430ce38e4cc0798c57900eb]
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
---
meson.build | 4 +---
src/systemd/meson.build | 3 +--
src/test/meson.build | 2 +-
3 files changed, 3 insertions(+), 6 deletions(-)
diff --git a/meson.build b/meson.build
index b338886..1964b1a 100644
--- a/meson.build
+++ b/meson.build
@@ -287,10 +287,8 @@ want_tests = get_option('tests')
slow_tests = want_tests != 'false' and get_option('slow-tests')
install_tests = get_option('install-tests')
-cxx = find_program('c++', required : fuzzer_build)
-if cxx.found()
+if add_languages('cpp', required : fuzzer_build)
# Used only for tests
- add_languages('cpp')
cxx_cmd = ' '.join(meson.get_compiler('cpp').cmd_array())
else
cxx_cmd = ''
diff --git a/src/systemd/meson.build b/src/systemd/meson.build
index e0c967e..75c48b0 100644
--- a/src/systemd/meson.build
+++ b/src/systemd/meson.build
@@ -52,8 +52,7 @@ if cc.has_argument('-std=iso9899:2017')
opts += [['c', '-std=iso9899:2017']]
endif
-cxx = find_program('c++', required : false)
-if cxx.found()
+if add_languages('cpp', required : false)
opts += [['c++'],
['c++', '-std=c++98'],
['c++', '-std=c++11']]
diff --git a/src/test/meson.build b/src/test/meson.build
index ea049a6..d9d87e0 100644
--- a/src/test/meson.build
+++ b/src/test/meson.build
@@ -957,7 +957,7 @@ tests += [
]
-if cxx.found()
+if cxx_cmd != ''
tests += [
[['src/libsystemd/sd-bus/test-bus-vtable-cc.cc'],
[],
--
2.7.4

61
bsp/buildroot/package/systemd/0004-capability-fix-build-without-PR_CAP_AMBIENT.patch Normal file
View File

@@ -0,0 +1,61 @@
From 822809d0afd0f984750a61b2391059411afa4333 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Fri, 11 Jan 2019 16:07:00 +0100
Subject: [PATCH] capability: fix build without PR_CAP_AMBIENT
systemd fails to build on kernel without PR_CAP_AMBIENT (< 4.3) since
https://github.com/systemd/systemd/commit/2a03bb3e65327c73008f1db485ffc75c432dc6b2
To fix this error, include missing_prctl.h in all files using
PR_CAP_AMBIENT
Fixes:
- http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status: https://github.com/systemd/systemd/pull/11400]
---
src/basic/capability-util.c | 1 +
src/test/test-capability.c | 1 +
src/test/test-execute.c | 1 +
3 files changed, 3 insertions(+)
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c
index a3f3ca9f5..b944ee6ea 100644
--- a/src/basic/capability-util.c
+++ b/src/basic/capability-util.c
@@ -13,6 +13,7 @@
#include "fileio.h"
#include "log.h"
#include "macro.h"
+#include "missing_prctl.h"
#include "parse-util.h"
#include "user-util.h"
#include "util.h"
diff --git a/src/test/test-capability.c b/src/test/test-capability.c
index dae85f2f9..3db05878a 100644
--- a/src/test/test-capability.c
+++ b/src/test/test-capability.c
@@ -13,6 +13,7 @@
#include "fd-util.h"
#include "fileio.h"
#include "macro.h"
+#include "missing_prctl.h"
#include "parse-util.h"
#include "tests.h"
#include "util.h"
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index 2115061ad..cea68b8cf 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -13,6 +13,7 @@
#include "fs-util.h"
#include "macro.h"
#include "manager.h"
+#include "missing_prctl.h"
#include "mkdir.h"
#include "path-util.h"
#include "rm-rf.h"
--
2.14.1

75
bsp/buildroot/package/systemd/0004-core-dont-include-libmount-h-in-a-header-file.patch
View File

@@ -1,75 +0,0 @@
From 227b8a762fea1458547be2cdf0e6e4aac0079730 Mon Sep 17 00:00:00 2001
From: Michael Olbrich <m.olbrich@pengutronix.de>
Date: Mon, 26 Mar 2018 17:34:53 +0200
Subject: [PATCH] core: don't include libmount.h in a header file (#8580)
linux/fs.h sys/mount.h, libmount.h and missing.h all include MS_*
definitions.
To avoid problems, only one of linux/fs.h, sys/mount.h and libmount.h
should be included. And missing.h must be included last.
Without this, building systemd may fail with:
In file included from [...]/libmount/libmount.h:31:0,
from ../systemd-238/src/core/manager.h:23,
from ../systemd-238/src/core/emergency-action.h:37,
from ../systemd-238/src/core/unit.h:34,
from ../systemd-238/src/core/dbus-timer.h:25,
from ../systemd-238/src/core/timer.c:26:
[...]/sys/mount.h:57:2: error: expected identifier before numeric constant
Upstream: https://github.com/systemd/systemd/pull/8580
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
---
src/core/dbus-execute.c | 1 +
src/core/manager.h | 3 ++-
src/core/mount.c | 2 ++
3 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index 7344623ebf6..c342093bca4 100644
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -18,6 +18,7 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include <sys/mount.h>
#include <sys/prctl.h>
#include <stdio_ext.h>
diff --git a/src/core/manager.h b/src/core/manager.h
index 28c5da225b1..e09e0cdf5e9 100644
--- a/src/core/manager.h
+++ b/src/core/manager.h
@@ -20,7 +20,6 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <libmount.h>
#include <stdbool.h>
#include <stdio.h>
@@ -34,6 +33,8 @@
#include "list.h"
#include "ratelimit.h"
+struct libmnt_monitor;
+
/* Enforce upper limit how many names we allow */
#define MANAGER_MAX_NAMES 131072 /* 128K */
diff --git a/src/core/mount.c b/src/core/mount.c
index 0e755da5c02..0154ebda5d6 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -23,6 +23,8 @@
#include <stdio.h>
#include <sys/epoll.h>
+#include <libmount.h>
+
#include "sd-messages.h"
#include "alloc-util.h"

201
bsp/buildroot/package/systemd/0005-basic-macros-rename-noreturn.patch
View File

@@ -1,201 +0,0 @@
From 848e863acc51ecfb0f3955c498874588201d9130 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Thu, 15 Mar 2018 06:23:46 +0100
Subject: [PATCH] basic/macros: rename noreturn into _noreturn_ (#8456)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
"noreturn" is reserved and can be used in other header files we include:
[ 16s] In file included from /usr/include/gcrypt.h:30:0,
[ 16s] from ../src/journal/journal-file.h:26,
[ 16s] from ../src/journal/journal-vacuum.c:31:
[ 16s] /usr/include/gpg-error.h:1544:46: error: expected , or ; before ) token
[ 16s] void gpgrt_log_bug (const char *fmt, ...) GPGRT_ATTR_NR_PRINTF(1,2);
Here we include grcrypt.h (which in turns include gpg-error.h) *after* we
"noreturn" was defined in macro.h.
Upstream: https://github.com/systemd/systemd/pull/8456
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
---
src/basic/log.c | 4 ++--
src/basic/log.h | 4 ++--
src/basic/macro.h | 19 +++++++++----------
src/basic/process-util.c | 2 +-
src/basic/process-util.h | 2 +-
src/core/main.c | 4 ++--
src/journal/test-journal-interleaving.c | 2 +-
src/shared/pager.c | 2 +-
src/udev/collect/collect.c | 2 +-
9 files changed, 20 insertions(+), 21 deletions(-)
diff --git a/src/basic/log.c b/src/basic/log.c
index 7a7f2cbec13..16a2431c548 100644
--- a/src/basic/log.c
+++ b/src/basic/log.c
@@ -814,7 +814,7 @@ static void log_assert(
log_dispatch_internal(level, 0, file, line, func, NULL, NULL, NULL, NULL, buffer);
}
-noreturn void log_assert_failed_realm(
+_noreturn_ void log_assert_failed_realm(
LogRealm realm,
const char *text,
const char *file,
@@ -826,7 +826,7 @@ noreturn void log_assert_failed_realm(
abort();
}
-noreturn void log_assert_failed_unreachable_realm(
+_noreturn_ void log_assert_failed_unreachable_realm(
LogRealm realm,
const char *text,
const char *file,
diff --git a/src/basic/log.h b/src/basic/log.h
index efcf0f1bfc1..314be128a23 100644
--- a/src/basic/log.h
+++ b/src/basic/log.h
@@ -186,7 +186,7 @@ int log_dump_internal(
char *buffer);
/* Logging for various assertions */
-noreturn void log_assert_failed_realm(
+_noreturn_ void log_assert_failed_realm(
LogRealm realm,
const char *text,
const char *file,
@@ -195,7 +195,7 @@ noreturn void log_assert_failed_realm(
#define log_assert_failed(text, ...) \
log_assert_failed_realm(LOG_REALM, (text), __VA_ARGS__)
-noreturn void log_assert_failed_unreachable_realm(
+_noreturn_ void log_assert_failed_unreachable_realm(
LogRealm realm,
const char *text,
const char *file,
diff --git a/src/basic/macro.h b/src/basic/macro.h
index 95be63a2040..8911edfc4be 100644
--- a/src/basic/macro.h
+++ b/src/basic/macro.h
@@ -53,6 +53,15 @@
#else
#define _fallthrough_
#endif
+/* Define C11 noreturn without <stdnoreturn.h> and even on older gcc
+ * compiler versions */
+#ifndef _noreturn_
+#if __STDC_VERSION__ >= 201112L
+#define _noreturn_ _Noreturn
+#else
+#define _noreturn_ __attribute__((noreturn))
+#endif
+#endif
/* Temporarily disable some warnings */
#define DISABLE_WARNING_DECLARATION_AFTER_STATEMENT \
@@ -414,16 +423,6 @@ static inline unsigned long ALIGN_POWER2(unsigned long u) {
#endif
#endif
-/* Define C11 noreturn without <stdnoreturn.h> and even on older gcc
- * compiler versions */
-#ifndef noreturn
-#if __STDC_VERSION__ >= 201112L
-#define noreturn _Noreturn
-#else
-#define noreturn __attribute__((noreturn))
-#endif
-#endif
-
#define DEFINE_TRIVIAL_CLEANUP_FUNC(type, func) \
static inline void func##p(type *p) { \
if (*p) \
diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index aa9846db5dc..e6120af5b68 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -987,7 +987,7 @@ bool is_main_thread(void) {
return cached > 0;
}
-noreturn void freeze(void) {
+_noreturn_ void freeze(void) {
log_close();
diff --git a/src/basic/process-util.h b/src/basic/process-util.h
index 93029e36e5f..5170adec7bb 100644
--- a/src/basic/process-util.h
+++ b/src/basic/process-util.h
@@ -91,7 +91,7 @@ int pid_from_same_root_fs(pid_t pid);
bool is_main_thread(void);
-noreturn void freeze(void);
+_noreturn_ void freeze(void);
bool oom_score_adjust_is_valid(int oa);
diff --git a/src/core/main.c b/src/core/main.c
index 076846a41c0..4b2d1492373 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -141,7 +141,7 @@ static uint64_t arg_default_tasks_max = UINT64_MAX;
static sd_id128_t arg_machine_id = {};
static EmergencyAction arg_cad_burst_action = EMERGENCY_ACTION_REBOOT_FORCE;
-noreturn static void freeze_or_reboot(void) {
+_noreturn_ static void freeze_or_reboot(void) {
if (arg_crash_reboot) {
log_notice("Rebooting in 10s...");
@@ -156,7 +156,7 @@ noreturn static void freeze_or_reboot(void) {
freeze();
}
-noreturn static void crash(int sig) {
+_noreturn_ static void crash(int sig) {
struct sigaction sa;
pid_t pid;
diff --git a/src/journal/test-journal-interleaving.c b/src/journal/test-journal-interleaving.c
index 5a88b2774fa..d87bdbdd32a 100644
--- a/src/journal/test-journal-interleaving.c
+++ b/src/journal/test-journal-interleaving.c
@@ -37,7 +37,7 @@
static bool arg_keep = false;
-noreturn static void log_assert_errno(const char *text, int error, const char *file, int line, const char *func) {
+_noreturn_ static void log_assert_errno(const char *text, int error, const char *file, int line, const char *func) {
log_internal(LOG_CRIT, error, file, line, func,
"'%s' failed at %s:%u (%s): %m", text, file, line, func);
abort();
diff --git a/src/shared/pager.c b/src/shared/pager.c
index 75db3c985bd..681af9c40e3 100644
--- a/src/shared/pager.c
+++ b/src/shared/pager.c
@@ -47,7 +47,7 @@ static int stored_stderr = -1;
static bool stdout_redirected = false;
static bool stderr_redirected = false;
-noreturn static void pager_fallback(void) {
+_noreturn_ static void pager_fallback(void) {
int r;
r = copy_bytes(STDIN_FILENO, STDOUT_FILENO, (uint64_t) -1, 0);
diff --git a/src/udev/collect/collect.c b/src/udev/collect/collect.c
index 2821640e93b..c8fa47b3d7d 100644
--- a/src/udev/collect/collect.c
+++ b/src/udev/collect/collect.c
@@ -58,7 +58,7 @@ static inline struct _mate *node_to_mate(struct udev_list_node *node)
return container_of(node, struct _mate, node);
}
-noreturn static void sig_alrm(int signo)
+_noreturn_ static void sig_alrm(int signo)
{
exit(4);
}

34
bsp/buildroot/package/systemd/0005-basic-tmpfile-util.c-fix-build-without-O_TMPFILE.patch Normal file
View File

@@ -0,0 +1,34 @@
From b1ca50178b97b3b827b0420ec7bdf9cb1d6fec56 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Fri, 11 Jan 2019 16:36:06 +0100
Subject: [PATCH] basic/tmpfile-util.c: fix build without O_TMPFILE
systemd fails to build on kernel without O_TMPFILE (< 3.11) since
https://github.com/systemd/systemd/commit/dea72eda9cdbfeedd24cbe8c734ad0639bf96cde
To fix this error, include missing_fcntl.h
Fixes:
- http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status: https://github.com/systemd/systemd/pull/11400]
---
src/basic/tmpfile-util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/basic/tmpfile-util.c b/src/basic/tmpfile-util.c
index 669eb2666..bc92d6a6d 100644
--- a/src/basic/tmpfile-util.c
+++ b/src/basic/tmpfile-util.c
@@ -8,6 +8,7 @@
#include "hexdecoct.h"
#include "macro.h"
#include "memfd-util.h"
+#include "missing_fcntl.h"
#include "missing_syscall.h"
#include "path-util.h"
#include "process-util.h"
--
2.14.1

30
bsp/buildroot/package/systemd/0005-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch
View File

@@ -1,30 +0,0 @@
From 49653743f69658aeeebdb14faf1ab158f1f2cb20 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 19 Oct 2018 12:12:33 +0200
Subject: [PATCH] dhcp6: make sure we have enough space for the DHCP6 option
header
Fixes CVE-2018-15688:
https://security-tracker.debian.org/tracker/CVE-2018-15688
Patch downloaded from upstream commit:
https://github.com/systemd/systemd/commit/49653743f69658aeeebdb14faf1ab158f1f2cb20
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
src/libsystemd-network/dhcp6-option.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libsystemd-network/dhcp6-option.c b/src/libsystemd-network/dhcp6-option.c
index cbd4bc7a2a3..2806415100c 100644
--- a/src/libsystemd-network/dhcp6-option.c
+++ b/src/libsystemd-network/dhcp6-option.c
@@ -106,7 +106,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, const DHCP6IA *ia) {
return -EINVAL;
}
- if (*buflen < len)
+ if (*buflen < offsetof(DHCP6Option, data) + len)
return -ENOBUFS;
ia_hdr = *buf;

49
bsp/buildroot/package/systemd/0006-missing_if_link.h-add-IFLA_BOND_MODE.patch Normal file
View File

@@ -0,0 +1,49 @@
From 9ab48a9b3bfadca4fbe055ddb4f6fc677ee4ae85 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Fri, 11 Jan 2019 17:08:48 +0100
Subject: [PATCH] missing_if_link.h: add IFLA_BOND_MODE
systemd fails to build on kernel without IFLA_BOND_MODE (< 3.13) since
https://github.com/systemd/systemd/commit/9714c020fc4cda1823c2a77e3fd08aefa7d78b25
So put back IFLA_BOND_MODE definition
Fixes:
- http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status: https://github.com/systemd/systemd/pull/11400]
---
meson.build | 1 +
src/basic/missing_if_link.h | 3 +++
2 files changed, 4 insertions(+)
diff --git a/meson.build b/meson.build
index 623c1ad6b..011e44980 100644
--- a/meson.build
+++ b/meson.build
@@ -476,6 +476,7 @@ foreach decl : [['ETHTOOL_LINK_MODE_10baseT_Half_BIT', 'linux/ethtool.h'],
['IFLA_TARGET_NETNSID', 'linux/if_link.h'],
['IFLA_NEW_IFINDEX', 'linux/if_link.h'],
['IFLA_MAX_MTU', 'linux/if_link.h'],
+ ['IFLA_BOND_MODE', 'linux/if_link.h'],
['IFLA_BOND_ACTIVE_SLAVE', 'linux/if_link.h'],
['IFLA_BOND_AD_INFO', 'linux/if_link.h'],
['IFLA_BOND_AD_ACTOR_SYSTEM', 'linux/if_link.h'],
diff --git a/src/basic/missing_if_link.h b/src/basic/missing_if_link.h
index 07675426b..761797f56 100644
--- a/src/basic/missing_if_link.h
+++ b/src/basic/missing_if_link.h
@@ -110,6 +110,9 @@ enum ipvlan_mode {
#define IFLA_MAX 51
#endif
+#if !HAVE_IFLA_BOND_MODE /* linux@90af231106c0b8d223c27d35464af95cb3d9cacf (3.13) */
+#define IFLA_BOND_MODE 1
+#endif
#if !HAVE_IFLA_BOND_ACTIVE_SLAVE /* linux@ec76aa49855f6d6fea5e01de179fb57dd47c619d (3.13) */
#define IFLA_BOND_ACTIVE_SLAVE 2
#endif
--
2.14.1

28
bsp/buildroot/package/systemd/0007-missing_syscall.h-include-errno.h.patch Normal file
View File

@@ -0,0 +1,28 @@
From 985d15d636b4d2c7086dbd305369c02756cdbe19 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Fri, 11 Jan 2019 17:24:21 +0100
Subject: [PATCH] missing_syscall.h: include errno.h
This include is needed for errno and ENOSYS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status: https://github.com/systemd/systemd/pull/11400]
---
src/basic/missing_syscall.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
index d5d4b26ac..d1aa32218 100644
--- a/src/basic/missing_syscall.h
+++ b/src/basic/missing_syscall.h
@@ -3,6 +3,7 @@
/* Missing glibc definitions to access certain kernel APIs */
+#include <errno.h>
#include <fcntl.h>
#include <sys/syscall.h>
#include <sys/types.h>
--
2.14.1

34
bsp/buildroot/package/systemd/0008-lockfile-util.c-fix-build-without-F_OFD_SETLK.patch Normal file
View File

@@ -0,0 +1,34 @@
From badb5dafa9efc89384d9d2bea5648f7b017204d7 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Fri, 11 Jan 2019 17:30:32 +0100
Subject: [PATCH] lockfile-util.c: fix build without F_OFD_SETLK
systemd fails to build on kernel without F_OFD_SETLK since
https://github.com/systemd/systemd/commit/9714c020fc4cda1823c2a77e3fd08aefa7d78b25
So put include missing_fcntl.h
Fixes:
- http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status: https://github.com/systemd/systemd/pull/11400]
---
src/shared/lockfile-util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/shared/lockfile-util.c b/src/shared/lockfile-util.c
index 4bae23b24..260c2088d 100644
--- a/src/shared/lockfile-util.c
+++ b/src/shared/lockfile-util.c
@@ -12,6 +12,7 @@
#include "fs-util.h"
#include "lockfile-util.h"
#include "macro.h"
+#include "missing_fcntl.h"
#include "path-util.h"
int make_lock_file(const char *p, int operation, LockFile *ret) {
--
2.14.1

205
bsp/buildroot/package/systemd/0009-journald-do-not-store-the-iovec-entry-for-process-co.patch Normal file
View File

@@ -0,0 +1,205 @@
From 084eeb865ca63887098e0945fb4e93c852b91b0f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 5 Dec 2018 18:38:39 +0100
Subject: [PATCH] journald: do not store the iovec entry for process
commandline on stack
This fixes a crash where we would read the commandline, whose length is under
control of the sending program, and then crash when trying to create a stack
allocation for it.
CVE-2018-16864
https://bugzilla.redhat.com/show_bug.cgi?id=1653855
The message actually doesn't get written to disk, because
journal_file_append_entry() returns -E2BIG.
[james.hilliard1@gmail.com: backport from upstream commit
084eeb865ca63887098e0945fb4e93c852b91b0f]
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
---
src/basic/io-util.c | 10 ++++++++++
src/basic/io-util.h | 2 ++
src/coredump/coredump.c | 31 +++++++++++--------------------
src/journal/journald-server.c | 25 +++++++++++++++----------
4 files changed, 38 insertions(+), 30 deletions(-)
diff --git a/src/basic/io-util.c b/src/basic/io-util.c
index 1f64cc9..575398f 100644
--- a/src/basic/io-util.c
+++ b/src/basic/io-util.c
@@ -8,6 +8,7 @@
#include <unistd.h>
#include "io-util.h"
+#include "string-util.h"
#include "time-util.h"
int flush_fd(int fd) {
@@ -252,3 +253,12 @@ ssize_t sparse_write(int fd, const void *p, size_t sz, size_t run_length) {
return q - (const uint8_t*) p;
}
+
+char* set_iovec_string_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value) {
+ char *x;
+
+ x = strappend(field, value);
+ if (x)
+ iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(x);
+ return x;
+}
diff --git a/src/basic/io-util.h b/src/basic/io-util.h
index ed189b5..792a64a 100644
--- a/src/basic/io-util.h
+++ b/src/basic/io-util.h
@@ -71,3 +71,5 @@ static inline bool FILE_SIZE_VALID_OR_INFINITY(uint64_t l) {
#define IOVEC_MAKE(base, len) (struct iovec) IOVEC_INIT(base, len)
#define IOVEC_INIT_STRING(string) IOVEC_INIT((char*) string, strlen(string))
#define IOVEC_MAKE_STRING(string) (struct iovec) IOVEC_INIT_STRING(string)
+
+char* set_iovec_string_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value);
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 20c1fb0..db2cf64 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -1063,19 +1063,10 @@ static int send_iovec(const struct iovec iovec[], size_t n_iovec, int input_fd)
return 0;
}
-static char* set_iovec_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value) {
- char *x;
-
- x = strappend(field, value);
- if (x)
- iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(x);
- return x;
-}
-
static char* set_iovec_field_free(struct iovec *iovec, size_t *n_iovec, const char *field, char *value) {
char *x;
- x = set_iovec_field(iovec, n_iovec, field, value);
+ x = set_iovec_string_field(iovec, n_iovec, field, value);
free(value);
return x;
}
@@ -1125,36 +1116,36 @@ static int gather_pid_metadata(
disable_coredumps();
}
- set_iovec_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]);
+ set_iovec_string_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]);
}
if (cg_pid_get_user_unit(pid, &t) >= 0)
set_iovec_field_free(iovec, n_iovec, "COREDUMP_USER_UNIT=", t);
/* The next few are mandatory */
- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_PID=", context[CONTEXT_PID]))
+ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_PID=", context[CONTEXT_PID]))
return log_oom();
- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_UID=", context[CONTEXT_UID]))
+ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_UID=", context[CONTEXT_UID]))
return log_oom();
- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_GID=", context[CONTEXT_GID]))
+ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_GID=", context[CONTEXT_GID]))
return log_oom();
- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_SIGNAL=", context[CONTEXT_SIGNAL]))
+ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_SIGNAL=", context[CONTEXT_SIGNAL]))
return log_oom();
- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT]))
+ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT]))
return log_oom();
- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_HOSTNAME=", context[CONTEXT_HOSTNAME]))
+ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_HOSTNAME=", context[CONTEXT_HOSTNAME]))
return log_oom();
- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_COMM=", context[CONTEXT_COMM]))
+ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_COMM=", context[CONTEXT_COMM]))
return log_oom();
if (context[CONTEXT_EXE] &&
- !set_iovec_field(iovec, n_iovec, "COREDUMP_EXE=", context[CONTEXT_EXE]))
+ !set_iovec_string_field(iovec, n_iovec, "COREDUMP_EXE=", context[CONTEXT_EXE]))
return log_oom();
if (sd_pid_get_session(pid, &t) >= 0)
@@ -1222,7 +1213,7 @@ static int gather_pid_metadata(
iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(t);
if (safe_atoi(context[CONTEXT_SIGNAL], &signo) >= 0 && SIGNAL_VALID(signo))
- set_iovec_field(iovec, n_iovec, "COREDUMP_SIGNAL_NAME=SIG", signal_to_string(signo));
+ set_iovec_string_field(iovec, n_iovec, "COREDUMP_SIGNAL_NAME=SIG", signal_to_string(signo));
return 0; /* we successfully acquired all metadata */
}
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index f096725..2a960eb 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -905,6 +905,7 @@ static void dispatch_message_real(
pid_t object_pid) {
char source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)];
+ _cleanup_free_ char *cmdline1 = NULL, *cmdline2 = NULL;
uid_t journal_uid;
ClientContext *o;
@@ -921,20 +922,23 @@ static void dispatch_message_real(
IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->uid, uid_t, uid_is_valid, UID_FMT, "_UID");
IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->gid, gid_t, gid_is_valid, GID_FMT, "_GID");
- IOVEC_ADD_STRING_FIELD(iovec, n, c->comm, "_COMM");
- IOVEC_ADD_STRING_FIELD(iovec, n, c->exe, "_EXE");
- IOVEC_ADD_STRING_FIELD(iovec, n, c->cmdline, "_CMDLINE");
- IOVEC_ADD_STRING_FIELD(iovec, n, c->capeff, "_CAP_EFFECTIVE");
+ IOVEC_ADD_STRING_FIELD(iovec, n, c->comm, "_COMM"); /* At most TASK_COMM_LENGTH (16 bytes) */
+ IOVEC_ADD_STRING_FIELD(iovec, n, c->exe, "_EXE"); /* A path, so at most PATH_MAX (4096 bytes) */
- IOVEC_ADD_SIZED_FIELD(iovec, n, c->label, c->label_size, "_SELINUX_CONTEXT");
+ if (c->cmdline)
+ /* At most _SC_ARG_MAX (2MB usually), which is too much to put on stack.
+ * Let's use a heap allocation for this one. */
+ cmdline1 = set_iovec_string_field(iovec, &n, "_CMDLINE=", c->cmdline);
+ IOVEC_ADD_STRING_FIELD(iovec, n, c->capeff, "_CAP_EFFECTIVE"); /* Read from /proc/.../status */
+ IOVEC_ADD_SIZED_FIELD(iovec, n, c->label, c->label_size, "_SELINUX_CONTEXT");
IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->auditid, uint32_t, audit_session_is_valid, "%" PRIu32, "_AUDIT_SESSION");
IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->loginuid, uid_t, uid_is_valid, UID_FMT, "_AUDIT_LOGINUID");
- IOVEC_ADD_STRING_FIELD(iovec, n, c->cgroup, "_SYSTEMD_CGROUP");
+ IOVEC_ADD_STRING_FIELD(iovec, n, c->cgroup, "_SYSTEMD_CGROUP"); /* A path */
IOVEC_ADD_STRING_FIELD(iovec, n, c->session, "_SYSTEMD_SESSION");
IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->owner_uid, uid_t, uid_is_valid, UID_FMT, "_SYSTEMD_OWNER_UID");
- IOVEC_ADD_STRING_FIELD(iovec, n, c->unit, "_SYSTEMD_UNIT");
+ IOVEC_ADD_STRING_FIELD(iovec, n, c->unit, "_SYSTEMD_UNIT"); /* Unit names are bounded by UNIT_NAME_MAX */
IOVEC_ADD_STRING_FIELD(iovec, n, c->user_unit, "_SYSTEMD_USER_UNIT");
IOVEC_ADD_STRING_FIELD(iovec, n, c->slice, "_SYSTEMD_SLICE");
IOVEC_ADD_STRING_FIELD(iovec, n, c->user_slice, "_SYSTEMD_USER_SLICE");
@@ -955,13 +959,14 @@ static void dispatch_message_real(
IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->uid, uid_t, uid_is_valid, UID_FMT, "OBJECT_UID");
IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->gid, gid_t, gid_is_valid, GID_FMT, "OBJECT_GID");
+ /* See above for size limits, only ->cmdline may be large, so use a heap allocation for it. */
IOVEC_ADD_STRING_FIELD(iovec, n, o->comm, "OBJECT_COMM");
IOVEC_ADD_STRING_FIELD(iovec, n, o->exe, "OBJECT_EXE");
- IOVEC_ADD_STRING_FIELD(iovec, n, o->cmdline, "OBJECT_CMDLINE");
- IOVEC_ADD_STRING_FIELD(iovec, n, o->capeff, "OBJECT_CAP_EFFECTIVE");
+ if (o->cmdline)
+ cmdline2 = set_iovec_string_field(iovec, &n, "OBJECT_CMDLINE=", o->cmdline);
+ IOVEC_ADD_STRING_FIELD(iovec, n, o->capeff, "OBJECT_CAP_EFFECTIVE");
IOVEC_ADD_SIZED_FIELD(iovec, n, o->label, o->label_size, "OBJECT_SELINUX_CONTEXT");
-
IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->auditid, uint32_t, audit_session_is_valid, "%" PRIu32, "OBJECT_AUDIT_SESSION");
IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->loginuid, uid_t, uid_is_valid, UID_FMT, "OBJECT_AUDIT_LOGINUID");
--
2.7.4

57
bsp/buildroot/package/systemd/0010-journald-set-a-limit-on-the-number-of-fields-1k.patch Normal file
View File

@@ -0,0 +1,57 @@
From 052c57f132f04a3cf4148f87561618da1a6908b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 5 Dec 2018 22:45:02 +0100
Subject: [PATCH] journald: set a limit on the number of fields (1k)
We allocate a iovec entry for each field, so with many short entries,
our memory usage and processing time can be large, even with a relatively
small message size. Let's refuse overly long entries.
CVE-2018-16865
https://bugzilla.redhat.com/show_bug.cgi?id=1653861
What from I can see, the problem is not from an alloca, despite what the CVE
description says, but from the attack multiplication that comes from creating
many very small iovecs: (void* + size_t) for each three bytes of input message.
[james.hilliard1@gmail.com: backport from upstream commit
052c57f132f04a3cf4148f87561618da1a6908b4]
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
---
src/journal/journald-native.c | 5 +++++
src/shared/journal-importer.h | 3 +++
2 files changed, 8 insertions(+)
diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c
index e86178e..d0fee2a 100644
--- a/src/journal/journald-native.c
+++ b/src/journal/journald-native.c
@@ -141,6 +141,11 @@ static int server_process_entry(
}
/* A property follows */
+ if (n > ENTRY_FIELD_COUNT_MAX) {
+ log_debug("Received an entry that has more than " STRINGIFY(ENTRY_FIELD_COUNT_MAX) " fields, ignoring entry.");
+ r = 1;
+ goto finish;
+ }
/* n existing properties, 1 new, +1 for _TRANSPORT */
if (!GREEDY_REALLOC(iovec, m,
diff --git a/src/shared/journal-importer.h b/src/shared/journal-importer.h
index 53354b7..7914c0c 100644
--- a/src/shared/journal-importer.h
+++ b/src/shared/journal-importer.h
@@ -21,6 +21,9 @@
#endif
#define LINE_CHUNK 8*1024u
+/* The maximum number of fields in an entry */
+#define ENTRY_FIELD_COUNT_MAX 1024
+
struct iovec_wrapper {
struct iovec *iovec;
size_t size_bytes;
--
2.7.4

112
bsp/buildroot/package/systemd/0011-journal-remote-verify-entry-length-from-header.patch Normal file
View File

@@ -0,0 +1,112 @@
From 7fdb237f5473cb8fc2129e57e8a0039526dcb4fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 7 Dec 2018 12:47:14 +0100
Subject: [PATCH] journal-remote: verify entry length from header
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Calling mhd_respond(), which ulimately calls MHD_queue_response() is
ineffective at point, becuase MHD_queue_response() immediately returns
MHD_NO signifying an error, because the connection is in state
MHD_CONNECTION_CONTINUE_SENT.
As Christian Grothoff kindly explained:
> You are likely calling MHD_queue_repsonse() too late: once you are
> receiving upload_data, HTTP forces you to process it all. At this time,
> MHD has already sent "100 continue" and cannot take it back (hence you
> get MHD_NO!).
>
> In your request handler, the first time when you are called for a
> connection (and when hence *upload_data_size == 0 and upload_data ==
> NULL) you must check the content-length header and react (with
> MHD_queue_response) based on this (to prevent MHD from automatically
> generating 100 continue).
If we ever encounter this kind of error, print a warning and immediately
abort the connection. (The alternative would be to keep reading the data,
but ignore it, and return an error after we get to the end of data.
That is possible, but of course puts additional load on both the
sender and reciever, and doesn't seem important enough just to return
a good error message.)
Note that sending of the error does not work (the connection is always aborted
when MHD_queue_response is used with MHD_RESPMEM_MUST_FREE, as in this case)
with libµhttpd 0.59, but works with 0.61:
https://src.fedoraproject.org/rpms/libmicrohttpd/pull-request/1
[james.hilliard1@gmail.com: backport from upstream commit
7fdb237f5473cb8fc2129e57e8a0039526dcb4fd]
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
---
src/journal-remote/journal-remote-main.c | 34 ++++++++++++++++++++++----------
1 file changed, 24 insertions(+), 10 deletions(-)
diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
index e1748cb..8543dba 100644
--- a/src/journal-remote/journal-remote-main.c
+++ b/src/journal-remote/journal-remote-main.c
@@ -221,16 +221,14 @@ static int process_http_upload(
journal_remote_server_global->seal);
if (r == -EAGAIN)
break;
- else if (r < 0) {
- log_warning("Failed to process data for connection %p", connection);
+ if (r < 0) {
if (r == -E2BIG)
- return mhd_respondf(connection,
- r, MHD_HTTP_PAYLOAD_TOO_LARGE,
- "Entry is too large, maximum is " STRINGIFY(DATA_SIZE_MAX) " bytes.");
+ log_warning_errno(r, "Entry is too above maximum of %u, aborting connection %p.",
+ DATA_SIZE_MAX, connection);
else
- return mhd_respondf(connection,
- r, MHD_HTTP_UNPROCESSABLE_ENTITY,
- "Processing failed: %m.");
+ log_warning_errno(r, "Failed to process data, aborting connection %p: %m",
+ connection);
+ return MHD_NO;
}
}
@@ -264,6 +262,7 @@ static int request_handler(
const char *header;
int r, code, fd;
_cleanup_free_ char *hostname = NULL;
+ size_t len;
assert(connection);
assert(connection_cls);
@@ -283,12 +282,27 @@ static int request_handler(
if (!streq(url, "/upload"))
return mhd_respond(connection, MHD_HTTP_NOT_FOUND, "Not found.");
- header = MHD_lookup_connection_value(connection,
- MHD_HEADER_KIND, "Content-Type");
+ header = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, "Content-Type");
if (!header || !streq(header, "application/vnd.fdo.journal"))
return mhd_respond(connection, MHD_HTTP_UNSUPPORTED_MEDIA_TYPE,
"Content-Type: application/vnd.fdo.journal is required.");
+ header = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, "Content-Length");
+ if (!header)
+ return mhd_respond(connection, MHD_HTTP_LENGTH_REQUIRED,
+ "Content-Length header is required.");
+ r = safe_atozu(header, &len);
+ if (r < 0)
+ return mhd_respondf(connection, r, MHD_HTTP_LENGTH_REQUIRED,
+ "Content-Length: %s cannot be parsed: %m", header);
+
+ if (len > ENTRY_SIZE_MAX)
+ /* When serialized, an entry of maximum size might be slightly larger,
+ * so this does not correspond exactly to the limit in journald. Oh well.
+ */
+ return mhd_respondf(connection, 0, MHD_HTTP_PAYLOAD_TOO_LARGE,
+ "Payload larger than maximum size of %u bytes", ENTRY_SIZE_MAX);
+
{
const union MHD_ConnectionInfo *ci;
--
2.7.4

81
bsp/buildroot/package/systemd/0012-journal-remote-set-a-limit-on-the-number-of-fields-i.patch Normal file
View File

@@ -0,0 +1,81 @@
From ef4d6abe7c7fab6cbff975b32e76b09feee56074 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 7 Dec 2018 10:48:10 +0100
Subject: [PATCH] journal-remote: set a limit on the number of fields in a
message
Existing use of E2BIG is replaced with ENOBUFS (entry too long), and E2BIG is
reused for the new error condition (too many fields).
This matches the change done for systemd-journald, hence forming the second
part of the fix for CVE-2018-16865
(https://bugzilla.redhat.com/show_bug.cgi?id=1653861).
[james.hilliard1@gmail.com: backport from upstream commit
ef4d6abe7c7fab6cbff975b32e76b09feee56074]
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
---
src/journal-remote/journal-remote-main.c | 7 +++++--
src/journal-remote/journal-remote.c | 3 +++
src/shared/journal-importer.c | 5 ++++-
3 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
index 8543dba..802c3ea 100644
--- a/src/journal-remote/journal-remote-main.c
+++ b/src/journal-remote/journal-remote-main.c
@@ -222,9 +222,12 @@ static int process_http_upload(
if (r == -EAGAIN)
break;
if (r < 0) {
- if (r == -E2BIG)
- log_warning_errno(r, "Entry is too above maximum of %u, aborting connection %p.",
+ if (r == -ENOBUFS)
+ log_warning_errno(r, "Entry is above the maximum of %u, aborting connection %p.",
DATA_SIZE_MAX, connection);
+ else if (r == -E2BIG)
+ log_warning_errno(r, "Entry with more fields than the maximum of %u, aborting connection %p.",
+ ENTRY_FIELD_COUNT_MAX, connection);
else
log_warning_errno(r, "Failed to process data, aborting connection %p: %m",
connection);
diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
index 3c0916c..1da32c5 100644
--- a/src/journal-remote/journal-remote.c
+++ b/src/journal-remote/journal-remote.c
@@ -407,6 +407,9 @@ int journal_remote_handle_raw_source(
log_debug("%zu active sources remaining", s->active);
return 0;
} else if (r == -E2BIG) {
+ log_notice("Entry with too many fields, skipped");
+ return 1;
+ } else if (r == -ENOBUFS) {
log_notice("Entry too big, skipped");
return 1;
} else if (r == -EAGAIN) {
diff --git a/src/shared/journal-importer.c b/src/shared/journal-importer.c
index b0e6192..8638cd3 100644
--- a/src/shared/journal-importer.c
+++ b/src/shared/journal-importer.c
@@ -23,6 +23,9 @@ enum {
};
static int iovw_put(struct iovec_wrapper *iovw, void* data, size_t len) {
+ if (iovw->count >= ENTRY_FIELD_COUNT_MAX)
+ return -E2BIG;
+
if (!GREEDY_REALLOC(iovw->iovec, iovw->size_bytes, iovw->count + 1))
return log_oom();
@@ -97,7 +100,7 @@ static int get_line(JournalImporter *imp, char **line, size_t *size) {
imp->scanned = imp->filled;
if (imp->scanned >= DATA_SIZE_MAX)
- return log_error_errno(SYNTHETIC_ERRNO(E2BIG),
+ return log_error_errno(SYNTHETIC_ERRNO(ENOBUFS),
"Entry is bigger than %u bytes.",
DATA_SIZE_MAX);
--
2.7.4

116
bsp/buildroot/package/systemd/0013-Pass-separate-dev_t-var-to-device_path_parse_major_minor.patch Normal file
View File

@@ -0,0 +1,116 @@
From f5855697aa19fb92637e72ab02e4623abe77f288 Mon Sep 17 00:00:00 2001
From: YunQiang Su <syq@debian.org>
Date: Tue, 25 Dec 2018 19:01:17 +0800
Subject: [PATCH] Pass separate dev_t var to device_path_parse_major_minor
MIPS/O32's st_rdev member of struct stat is unsigned long, which
is 32bit, while dev_t is defined as 64bit, which make some problems
in device_path_parse_major_minor.
Don't pass st.st_rdev, st_mode to device_path_parse_major_minor,
while pass 2 seperate variables. The result of stat is alos copied
out into these 2 variables. Fixes: #11247
[Retrieved from:
https://github.com/systemd/systemd/commit/f5855697aa19fb92637e72ab02e4623abe77f288]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/core/cgroup.c | 35 ++++++++++++++++++++++-------------
1 file changed, 22 insertions(+), 13 deletions(-)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 7b817dc225e..ed2f331b33e 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -396,26 +396,31 @@ static void cgroup_xattr_apply(Unit *u) {
}
static int lookup_block_device(const char *p, dev_t *ret) {
- struct stat st = {};
+ dev_t rdev, dev = 0;
+ mode_t mode;
int r;
assert(p);
assert(ret);
- r = device_path_parse_major_minor(p, &st.st_mode, &st.st_rdev);
+ r = device_path_parse_major_minor(p, &mode, &rdev);
if (r == -ENODEV) { /* not a parsable device node, need to go to disk */
+ struct stat st;
if (stat(p, &st) < 0)
return log_warning_errno(errno, "Couldn't stat device '%s': %m", p);
+ rdev = (dev_t)st.st_rdev;
+ dev = (dev_t)st.st_dev;
+ mode = st.st_mode;
} else if (r < 0)
return log_warning_errno(r, "Failed to parse major/minor from path '%s': %m", p);
- if (S_ISCHR(st.st_mode)) {
+ if (S_ISCHR(mode)) {
log_warning("Device node '%s' is a character device, but block device needed.", p);
return -ENOTBLK;
- } else if (S_ISBLK(st.st_mode))
- *ret = st.st_rdev;
- else if (major(st.st_dev) != 0)
- *ret = st.st_dev; /* If this is not a device node then use the block device this file is stored on */
+ } else if (S_ISBLK(mode))
+ *ret = rdev;
+ else if (major(dev) != 0)
+ *ret = dev; /* If this is not a device node then use the block device this file is stored on */
else {
/* If this is btrfs, getting the backing block device is a bit harder */
r = btrfs_get_block_device(p, ret);
@@ -436,7 +441,8 @@ static int lookup_block_device(const char *p, dev_t *ret) {
}
static int whitelist_device(BPFProgram *prog, const char *path, const char *node, const char *acc) {
- struct stat st = {};
+ dev_t rdev;
+ mode_t mode;
int r;
assert(path);
@@ -445,11 +451,12 @@ static int whitelist_device(BPFProgram *prog, const char *path, const char *node
/* Some special handling for /dev/block/%u:%u, /dev/char/%u:%u, /run/systemd/inaccessible/chr and
* /run/systemd/inaccessible/blk paths. Instead of stat()ing these we parse out the major/minor directly. This
* means clients can use these path without the device node actually around */
- r = device_path_parse_major_minor(node, &st.st_mode, &st.st_rdev);
+ r = device_path_parse_major_minor(node, &mode, &rdev);
if (r < 0) {
if (r != -ENODEV)
return log_warning_errno(r, "Couldn't parse major/minor from device path '%s': %m", node);
+ struct stat st;
if (stat(node, &st) < 0)
return log_warning_errno(errno, "Couldn't stat device %s: %m", node);
@@ -457,22 +464,24 @@ static int whitelist_device(BPFProgram *prog, const char *path, const char *node
log_warning("%s is not a device.", node);
return -ENODEV;
}
+ rdev = (dev_t) st.st_rdev;
+ mode = st.st_mode;
}
if (cg_all_unified() > 0) {
if (!prog)
return 0;
- return cgroup_bpf_whitelist_device(prog, S_ISCHR(st.st_mode) ? BPF_DEVCG_DEV_CHAR : BPF_DEVCG_DEV_BLOCK,
- major(st.st_rdev), minor(st.st_rdev), acc);
+ return cgroup_bpf_whitelist_device(prog, S_ISCHR(mode) ? BPF_DEVCG_DEV_CHAR : BPF_DEVCG_DEV_BLOCK,
+ major(rdev), minor(rdev), acc);
} else {
char buf[2+DECIMAL_STR_MAX(dev_t)*2+2+4];
sprintf(buf,
"%c %u:%u %s",
- S_ISCHR(st.st_mode) ? 'c' : 'b',
- major(st.st_rdev), minor(st.st_rdev),
+ S_ISCHR(mode) ? 'c' : 'b',
+ major(rdev), minor(rdev),
acc);
/* Changing the devices list of a populated cgroup might result in EINVAL, hence ignore EINVAL here. */

34
bsp/buildroot/package/systemd/0014-networkd-brvlan.c-fix-build-without-BRIDGE_VLAN_INFO.patch Normal file
View File

@@ -0,0 +1,34 @@
From 7bd188b1e628d11011cc6c98456e2e4ed72c645b Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Sun, 3 Feb 2019 17:32:46 +0100
Subject: [PATCH] networkd-brvlan.c: fix build without
BRIDGE_VLAN_INFO_RANGE_END
systemd fails to build on kernel without BRIDGE_VLAN_INFO_RANGE_END
since 9714c02
So put include missing_if_bridge.h
Fixes:
- http://autobuild.buildroot.org/results/970b09e1d49b53dff12a07ca4ad424ef9dd29a69
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/network/networkd-brvlan.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/network/networkd-brvlan.c b/src/network/networkd-brvlan.c
index 8f9103f14..8377623da 100644
--- a/src/network/networkd-brvlan.c
+++ b/src/network/networkd-brvlan.c
@@ -9,6 +9,7 @@
#include "alloc-util.h"
#include "conf-parser.h"
+#include "missing_if_bridge.h"
#include "netlink-util.h"
#include "networkd-brvlan.h"
#include "networkd-link.h"
--
2.14.1

33
bsp/buildroot/package/systemd/0015-networkd-ndisc.c-fix-build-without-IFA_F_NOPREFIXROU.patch Normal file
View File

@@ -0,0 +1,33 @@
From d909e4af6ac61f6777d429a0c84ab5b3d1907c6d Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Sun, 3 Feb 2019 18:28:16 +0100
Subject: [PATCH] networkd-ndisc.c: fix build without IFA_F_NOPREFIXROUTE
systemd fails to build on kernel without IFA_F_NOPREFIXROUTE
since 9714c02
So put include missing_network.h
Fixes:
- http://autobuild.buildroot.org/results/970b09e1d49b53dff12a07ca4ad424ef9dd29a69
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/network/networkd-ndisc.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c
index 80bfd2cba..e5b8d1155 100644
--- a/src/network/networkd-ndisc.c
+++ b/src/network/networkd-ndisc.c
@@ -8,6 +8,7 @@
#include "sd-ndisc.h"
+#include "missing_network.h"
#include "networkd-ndisc.h"
#include "networkd-route.h"
#include "strv.h"
--
2.14.1

33
bsp/buildroot/package/systemd/0016-networkd-address.c-fix-build-without-IFA_F_NOPREFIXR.patch Normal file
View File

@@ -0,0 +1,33 @@
From 081aea25022a987d349394ada2d6a959bf3ce4cd Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Sun, 3 Feb 2019 18:33:39 +0100
Subject: [PATCH] networkd-address.c: fix build without IFA_F_NOPREFIXROUTE
systemd fails to build on kernel without IFA_F_NOPREFIXROUTE
since 9714c02
So put include missing_network.h
Fixes:
- http://autobuild.buildroot.org/results/970b09e1d49b53dff12a07ca4ad424ef9dd29a69
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/network/networkd-address.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index fa7f9b8d7..3cdbd9e37 100644
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -5,6 +5,7 @@
#include "alloc-util.h"
#include "conf-parser.h"
#include "firewall-util.h"
+#include "missing_network.h"
#include "netlink-util.h"
#include "networkd-address.h"
#include "networkd-manager.h"
--
2.14.1

33
bsp/buildroot/package/systemd/0017-networkd-dhcp6.c-fix-build-without-IFA_F_NOPREFIXROU.patch Normal file
View File

@@ -0,0 +1,33 @@
From aeed8332afa88728ed914b2917ce758d9c2218a4 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Sun, 3 Feb 2019 18:38:10 +0100
Subject: [PATCH] networkd-dhcp6.c: fix build without IFA_F_NOPREFIXROUTE
systemd fails to build on kernel without IFA_F_NOPREFIXROUTE
since 9714c02
So put include missing_network.h
Fixes:
- http://autobuild.buildroot.org/results/970b09e1d49b53dff12a07ca4ad424ef9dd29a69
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/network/networkd-dhcp6.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/network/networkd-dhcp6.c b/src/network/networkd-dhcp6.c
index f9df26d75..c1fba03f9 100644
--- a/src/network/networkd-dhcp6.c
+++ b/src/network/networkd-dhcp6.c
@@ -11,6 +11,7 @@
#include "hashmap.h"
#include "hostname-util.h"
+#include "missing_network.h"
#include "network-internal.h"
#include "networkd-link.h"
#include "networkd-manager.h"
--
2.14.1

53
bsp/buildroot/package/systemd/0018-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch Normal file
View File

@@ -0,0 +1,53 @@
From febef5e18558c114f4fb7c94f6c8ed3520c50cdf Mon Sep 17 00:00:00 2001
From: Riccardo Schirone <rschiron@redhat.com>
Date: Mon, 4 Feb 2019 14:29:09 +0100
Subject: [PATCH] Refuse dbus message paths longer than BUS_PATH_SIZE_MAX
limit.
Even though the dbus specification does not enforce any length limit on the
path of a dbus message, having to analyze too long strings in PID1 may be
time-consuming and it may have security impacts.
In any case, the limit is set so high that real-life applications should not
have a problem with it.
(cherry picked from commit 61397a60d98e368a5720b37e83f3169e3eb511c4)
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: commit 61397a60d98
src/libsystemd/sd-bus/bus-internal.c | 2 +-
src/libsystemd/sd-bus/bus-internal.h | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c
index 40acae213381..598b7f110c73 100644
--- a/src/libsystemd/sd-bus/bus-internal.c
+++ b/src/libsystemd/sd-bus/bus-internal.c
@@ -43,7 +43,7 @@ bool object_path_is_valid(const char *p) {
if (slash)
return false;
- return true;
+ return (q - p) <= BUS_PATH_SIZE_MAX;
}
char* object_path_startswith(const char *a, const char *b) {
diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
index f208b294d8f1..a8d61bf72a4e 100644
--- a/src/libsystemd/sd-bus/bus-internal.h
+++ b/src/libsystemd/sd-bus/bus-internal.h
@@ -332,6 +332,10 @@ struct sd_bus {
#define BUS_MESSAGE_SIZE_MAX (128*1024*1024)
#define BUS_AUTH_SIZE_MAX (64*1024)
+/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one
+ * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however,
+ * to not clash unnecessarily with real-life applications. */
+#define BUS_PATH_SIZE_MAX (64*1024)
#define BUS_CONTAINER_DEPTH 128
--
2.20.1

194
bsp/buildroot/package/systemd/0019-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch Normal file
View File

@@ -0,0 +1,194 @@
From 9e3f5a77226d5320270c92df001f6c79be735af3 Mon Sep 17 00:00:00 2001
From: Riccardo Schirone <rschiron@redhat.com>
Date: Mon, 4 Feb 2019 14:29:28 +0100
Subject: [PATCH] Allocate temporary strings to hold dbus paths on the heap
Paths are limited to BUS_PATH_SIZE_MAX but the maximum size is anyway too big
to be allocated on the stack, so let's switch to the heap where there is a
clear way to understand if the allocation fails.
(cherry picked from commit f519a19bcd5afe674a9b8fc462cd77d8bad403c1)
[baruch: backport to v240]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: commit f519a19bcd5
src/libsystemd/sd-bus/bus-objects.c | 68 +++++++++++++++++++++++------
1 file changed, 54 insertions(+), 14 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
index d0538104ae25..54b977418e03 100644
--- a/src/libsystemd/sd-bus/bus-objects.c
+++ b/src/libsystemd/sd-bus/bus-objects.c
@@ -1133,7 +1133,8 @@ static int object_manager_serialize_path_and_fallbacks(
const char *path,
sd_bus_error *error) {
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -1149,7 +1150,12 @@ static int object_manager_serialize_path_and_fallbacks(
return 0;
/* Second, add fallback vtables registered for any of the prefixes */
- prefix = alloca(strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = object_manager_serialize_path(bus, reply, prefix, path, true, error);
if (r < 0)
@@ -1345,6 +1351,7 @@ static int object_find_and_run(
}
int bus_process_object(sd_bus *bus, sd_bus_message *m) {
+ _cleanup_free_ char *prefix = NULL;
int r;
size_t pl;
bool found_object = false;
@@ -1369,9 +1376,12 @@ int bus_process_object(sd_bus *bus, sd_bus_message *m) {
assert(m->member);
pl = strlen(m->path);
- do {
- char prefix[pl+1];
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+ do {
bus->nodes_modified = false;
r = object_find_and_run(bus, m, m->path, false, &found_object);
@@ -1498,9 +1508,15 @@ static int bus_find_parent_object_manager(sd_bus *bus, struct node **out, const
n = hashmap_get(bus->nodes, path);
if (!n) {
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
+
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
- prefix = alloca(strlen(path) + 1);
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
n = hashmap_get(bus->nodes, prefix);
if (n)
@@ -2083,8 +2099,9 @@ _public_ int sd_bus_emit_properties_changed_strv(
const char *interface,
char **names) {
+ _cleanup_free_ char *prefix = NULL;
bool found_interface = false;
- char *prefix;
+ size_t pl;
int r;
assert_return(bus, -EINVAL);
@@ -2105,6 +2122,12 @@ _public_ int sd_bus_emit_properties_changed_strv(
BUS_DONT_DESTROY(bus);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
do {
bus->nodes_modified = false;
@@ -2114,7 +2137,6 @@ _public_ int sd_bus_emit_properties_changed_strv(
if (bus->nodes_modified)
continue;
- prefix = alloca(strlen(path) + 1);
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = emit_properties_changed_on_interface(bus, prefix, path, interface, true, &found_interface, names);
if (r != 0)
@@ -2246,7 +2268,8 @@ static int object_added_append_all_prefix(
static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
_cleanup_set_free_ Set *s = NULL;
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -2291,7 +2314,12 @@ static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *p
if (bus->nodes_modified)
return 0;
- prefix = alloca(strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = object_added_append_all_prefix(bus, m, s, prefix, path, true);
if (r < 0)
@@ -2430,7 +2458,8 @@ static int object_removed_append_all_prefix(
static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
_cleanup_set_free_ Set *s = NULL;
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -2462,7 +2491,12 @@ static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char
if (bus->nodes_modified)
return 0;
- prefix = alloca(strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = object_removed_append_all_prefix(bus, m, s, prefix, path, true);
if (r < 0)
@@ -2612,7 +2646,8 @@ static int interfaces_added_append_one(
const char *path,
const char *interface) {
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -2626,7 +2661,12 @@ static int interfaces_added_append_one(
if (bus->nodes_modified)
return 0;
- prefix = alloca(strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = interfaces_added_append_one_prefix(bus, m, prefix, path, interface, true);
if (r != 0)
--
2.20.1

7
bsp/buildroot/package/systemd/Config.in
View File

@@ -5,7 +5,7 @@ config BR2_PACKAGE_SYSTEMD_ARCH_SUPPORTS
BR2_mipsel || BR2_powerpc || BR2_powerpc64 || \
BR2_powerpc64le || BR2_sh4 || BR2_sh4eb || \
BR2_sh4a || BR2_sh4aeb || BR2_sparc || BR2_x86_64 || \
BR2_aarch64 || BR2_m68k
BR2_aarch64 || BR2_m68k || BR2_arc
menuconfig BR2_PACKAGE_SYSTEMD
bool "systemd"
@@ -215,6 +215,7 @@ config BR2_PACKAGE_SYSTEMD_NETWORKD
config BR2_PACKAGE_SYSTEMD_POLKIT
bool "enable polkit support"
depends on BR2_TOOLCHAIN_USES_GLIBC # polkit
select BR2_PACKAGE_POLKIT
help
If enabled, systemd is built with polkit support and policy
@@ -224,6 +225,9 @@ config BR2_PACKAGE_SYSTEMD_POLKIT
http://wiki.freedesktop.org/www/Software/polkit/
comment "polkit support needs a glibc toolchain"
depends on !BR2_TOOLCHAIN_USES_GLIBC
config BR2_PACKAGE_SYSTEMD_QUOTACHECK
bool "enable quotacheck tools"
help
@@ -321,6 +325,7 @@ config BR2_PACKAGE_SYSTEMD_TMPFILES
config BR2_PACKAGE_SYSTEMD_VCONSOLE
bool "enable vconsole tool"
default y
help
systemd-vconsole-setup is an early boot service that
configures the virtual console font and console keymap.

4
bsp/buildroot/package/systemd/systemd.hash
View File

@@ -1,5 +1,5 @@
# sha256 locally computed
sha256 c83dabbe1c9de6b9db1dafdb7e04140c7d0535705c68842f6c0768653ba4913c systemd-237.tar.gz
sha256 8f15aec1ac926e13a21a04d0ca3fe371f7004951448142a6f8952075c5b5f0b5 systemd-240.tar.gz
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE.GPL2
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL2.1
sha256 9c7709aa401a41c4c3f33ea75c34ae5d5354d62c310c3391c2a5958952d8aadd README
sha256 a693f8f654fdf016e2aefe6b30aa6e1211728b8269ab325408a152c6c9b6ebe8 README

119
bsp/buildroot/package/systemd/systemd.mk
View File

@@ -4,52 +4,44 @@
#
################################################################################
SYSTEMD_VERSION = 237
SYSTEMD_VERSION = 240
SYSTEMD_SITE = $(call github,systemd,systemd,v$(SYSTEMD_VERSION))
SYSTEMD_LICENSE = LGPL-2.1+, GPL-2.0+ (udev), Public Domain (few source files, see README)
SYSTEMD_LICENSE_FILES = LICENSE.GPL2 LICENSE.LGPL2.1 README
SYSTEMD_INSTALL_STAGING = YES
SYSTEMD_DEPENDENCIES = \
$(if $(BR2_PACKAGE_BASH_COMPLETION),bash-completion) \
host-gperf \
host-intltool \
host-meson \
kmod \
libcap \
util-linux
SYSTEMD_PROVIDES = udev
# Make sure that systemd will always be built after busybox so that we have
# a consistent init setup between two builds
ifeq ($(BR2_PACKAGE_BUSYBOX),y)
SYSTEMD_DEPENDENCIES += busybox
endif
SYSTEMD_CONF_OPTS += \
--prefix=/usr \
--libdir='/usr/lib' \
--buildtype $(if $(BR2_ENABLE_DEBUG),debug,release) \
--cross-file $(HOST_DIR)/etc/meson/cross-compilation.conf \
-Drootlibdir='/usr/lib' \
-Dblkid=true \
-Dman=false \
-Dima=false \
-Dlibcryptsetup=false \
-Defi=false \
-Dgnu-efi=false \
-Dldconfig=false \
-Ddefault-dnssec=no \
-Dtests=false \
-Dsplit-bin=true \
-Dsplit-usr=false \
-Dsystem-uid-max=999 \
-Dsystem-gid-max=999 \
-Dtelinit-path=$(TARGET_DIR)/sbin/telinit \
-Dkill-path=/usr/bin/kill \
-Dkmod-path=/usr/bin/kmod \
-Dkexec-path=/usr/sbin/kexec \
-Dsulogin-path=/usr/sbin/sulogin \
-Dmount-path=/usr/bin/mount \
-Dumount-path=/usr/bin/umount \
-Dnobody-group=nogroup
-Dnobody-group=nogroup \
-Didn=true \
-Dnss-systemd=true
ifeq ($(BR2_PACKAGE_ACL),y)
SYSTEMD_DEPENDENCIES += acl
@@ -65,11 +57,36 @@ else
SYSTEMD_CONF_OPTS += -Daudit=false
endif
ifeq ($(BR2_PACKAGE_LIBIDN),y)
SYSTEMD_DEPENDENCIES += libidn
SYSTEMD_CONF_OPTS += -Dlibidn=true
ifeq ($(BR2_PACKAGE_CRYPTSETUP),y)
SYSTEMD_DEPENDENCIES += cryptsetup
SYSTEMD_CONF_OPTS += -Dlibcryptsetup=true
else
SYSTEMD_CONF_OPTS += -Dlibidn=false
SYSTEMD_CONF_OPTS += -Dlibcryptsetup=false
endif
ifeq ($(BR2_PACKAGE_ELFUTILS),y)
SYSTEMD_DEPENDENCIES += elfutils
SYSTEMD_CONF_OPTS += -Delfutils=true
else
SYSTEMD_CONF_OPTS += -Delfutils=false
endif
ifeq ($(BR2_PACKAGE_IPTABLES),y)
SYSTEMD_DEPENDENCIES += iptables
SYSTEMD_CONF_OPTS += -Dlibiptc=true
else
SYSTEMD_CONF_OPTS += -Dlibiptc=false
endif
# Both options can't be selected at the same time so prefer libidn2
ifeq ($(BR2_PACKAGE_LIBIDN2),y)
SYSTEMD_DEPENDENCIES += libidn2
SYSTEMD_CONF_OPTS += -Dlibidn2=true -Dlibidn=false
else ifeq ($(BR2_PACKAGE_LIBIDN),y)
SYSTEMD_DEPENDENCIES += libidn
SYSTEMD_CONF_OPTS += -Dlibidn=true -Dlibidn2=false
else
SYSTEMD_CONF_OPTS += -Dlibidn=false -Dlibidn2=false
endif
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
@@ -107,6 +124,13 @@ else
SYSTEMD_CONF_OPTS += -Dpam=false
endif
ifeq ($(BR2_PACKAGE_VALGRIND),y)
SYSTEMD_DEPENDENCIES += valgrind
SYSTEMD_CONF_OPTS += -Dvalgrind=true
else
SYSTEMD_CONF_OPTS += -Dvalgrind=false
endif
ifeq ($(BR2_PACKAGE_XZ),y)
SYSTEMD_DEPENDENCIES += xz
SYSTEMD_CONF_OPTS += -Dxz=true
@@ -135,6 +159,13 @@ else
SYSTEMD_CONF_OPTS += -Dgcrypt=false
endif
ifeq ($(BR2_PACKAGE_PCRE2),y)
SYSTEMD_DEPENDENCIES += pcre2
SYSTEMD_CONF_OPTS += -Dpcre2=true
else
SYSTEMD_CONF_OPTS += -Dpcre2=false
endif
ifeq ($(BR2_PACKAGE_SYSTEMD_JOURNAL_GATEWAY),y)
SYSTEMD_DEPENDENCIES += libmicrohttpd
SYSTEMD_CONF_OPTS += -Dmicrohttpd=true
@@ -240,9 +271,9 @@ SYSTEMD_CONF_OPTS += -Dhostnamed=false
endif
ifeq ($(BR2_PACKAGE_SYSTEMD_MYHOSTNAME),y)
SYSTEMD_CONF_OPTS += -Dmyhostname=true
SYSTEMD_CONF_OPTS += -Dnss-myhostname=true
else
SYSTEMD_CONF_OPTS += -Dmyhostname=false
SYSTEMD_CONF_OPTS += -Dnss-myhostname=false
endif
ifeq ($(BR2_PACKAGE_SYSTEMD_TIMEDATED),y)
@@ -366,19 +397,26 @@ endef
ifneq ($(call qstrip,$(BR2_TARGET_GENERIC_GETTY_PORT)),)
# systemd needs getty.service for VTs and serial-getty.service for serial ttys
# note that console-getty.service should be used on /dev/console as it should not have dependencies
# also patch the file to use the correct baud-rate, the default baudrate is 115200 so look for that
define SYSTEMD_INSTALL_SERVICE_TTY
if echo $(BR2_TARGET_GENERIC_GETTY_PORT) | egrep -q 'tty[0-9]*$$'; \
if [ $(BR2_TARGET_GENERIC_GETTY_PORT) = "console" ]; \
then \
SERVICE="getty"; \
TARGET="console-getty.service"; \
LINK_NAME="console-getty.service"; \
elif echo $(BR2_TARGET_GENERIC_GETTY_PORT) | egrep -q 'tty[0-9]*$$'; \
then \
TARGET="getty@.service"; \
LINK_NAME="getty@$(call qstrip,$(BR2_TARGET_GENERIC_GETTY_PORT)).service"; \
else \
SERVICE="serial-getty"; \
TARGET="serial-getty@.service"; \
LINK_NAME="serial-getty@$(call qstrip,$(BR2_TARGET_GENERIC_GETTY_PORT)).service"; \
fi; \
ln -fs ../../../../lib/systemd/system/$${SERVICE}@.service \
$(TARGET_DIR)/etc/systemd/system/getty.target.wants/$${SERVICE}@$(BR2_TARGET_GENERIC_GETTY_PORT).service; \
ln -fs ../../../../lib/systemd/system/$${TARGET} \
$(TARGET_DIR)/etc/systemd/system/getty.target.wants/$${LINK_NAME}; \
if [ $(call qstrip,$(BR2_TARGET_GENERIC_GETTY_BAUDRATE)) -gt 0 ] ; \
then \
$(SED) 's,115200,$(BR2_TARGET_GENERIC_GETTY_BAUDRATE),' $(TARGET_DIR)/lib/systemd/system/$${SERVICE}@.service; \
$(SED) 's,115200,$(BR2_TARGET_GENERIC_GETTY_BAUDRATE),' $(TARGET_DIR)/lib/systemd/system/$${TARGET}; \
fi
endef
endif
@@ -390,28 +428,7 @@ define SYSTEMD_INSTALL_INIT_SYSTEMD
$(SYSTEMD_INSTALL_NETWORK_CONFS)
endef
SYSTEMD_NINJA_OPTS = $(if $(VERBOSE),-v) -j$(PARALLEL_JOBS)
SYSTEMD_CONF_ENV = $(HOST_UTF8_LOCALE_ENV)
SYSTEMD_NINJA_ENV = $(HOST_UTF8_LOCALE_ENV)
SYSTEMD_ENV = $(TARGET_MAKE_ENV) $(HOST_UTF8_LOCALE_ENV)
define SYSTEMD_CONFIGURE_CMDS
rm -rf $(@D)/build
mkdir -p $(@D)/build
$(SYSTEMD_ENV) meson $(SYSTEMD_CONF_OPTS) $(@D) $(@D)/build
endef
define SYSTEMD_BUILD_CMDS
$(SYSTEMD_ENV) ninja $(SYSTEMD_NINJA_OPTS) -C $(@D)/build
endef
define SYSTEMD_INSTALL_TARGET_CMDS
$(SYSTEMD_ENV) DESTDIR=$(TARGET_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
-C $(@D)/build install
endef
define SYSTEMD_INSTALL_STAGING_CMDS
$(SYSTEMD_ENV) DESTDIR=$(STAGING_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
-C $(@D)/build install
endef
$(eval $(generic-package))
$(eval $(meson-package))