From 3b52db469ba97c6ff5102b73d768af49efcd7e60 Mon Sep 17 00:00:00 2001 From: Michal Sekletar Date: Wed, 17 Jun 2015 22:54:05 +0200 Subject: [PATCH] Fix checking for sender of rtnetlink messages So far we did check that incoming message comes has uid == 0. However this doesn't work if avahi is running inside net_ns && user_ns. Instead we should check that message comes from kernel, i.e. pid == 0. Thanks Lubomir Rintel for the patch. Resolves: #1227052 --- ...at-the-origin-of-the-rtnetlink-messa.patch | 41 +++++++++++++++++++ avahi.spec | 7 +++- 2 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 0001-netlink-check-that-the-origin-of-the-rtnetlink-messa.patch diff --git a/0001-netlink-check-that-the-origin-of-the-rtnetlink-messa.patch b/0001-netlink-check-that-the-origin-of-the-rtnetlink-messa.patch new file mode 100644 index 0000000..bd2186a --- /dev/null +++ b/0001-netlink-check-that-the-origin-of-the-rtnetlink-messa.patch @@ -0,0 +1,41 @@ +From b8b2b4a03de019e14e439d30ab2d929aec5d6524 Mon Sep 17 00:00:00 2001 +From: Lubomir Rintel +Date: Mon, 1 Jun 2015 21:13:40 +0200 +Subject: [PATCH] netlink: check that the origin of the rtnetlink messages is + kernel + +Instead of asserting it's from UID 0, which breaks in network namespaces. +--- + avahi-autoipd/iface-linux.c | 2 +- + avahi-core/netlink.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/avahi-autoipd/iface-linux.c b/avahi-autoipd/iface-linux.c +index 83e9e41..1888e37 100644 +--- a/avahi-autoipd/iface-linux.c ++++ b/avahi-autoipd/iface-linux.c +@@ -215,7 +215,7 @@ static int process_response(int wait_for_done, unsigned seq) { + + ucred = (struct ucred*) CMSG_DATA(cmsghdr); + +- if (ucred->uid != 0) ++ if (ucred->pid != 0) + return -1; + + bytes = (size_t) r; +diff --git a/avahi-core/netlink.c b/avahi-core/netlink.c +index 4ded5ec..b8c0c06 100644 +--- a/avahi-core/netlink.c ++++ b/avahi-core/netlink.c +@@ -82,7 +82,7 @@ int avahi_netlink_work(AvahiNetlink *nl, int block) { + + cred = (struct ucred*) CMSG_DATA(cmsg); + +- if (cred->uid != 0) ++ if (cred->pid != 0) + return -1; + + p = (struct nlmsghdr *) nl->buffer; +-- +2.4.3 + diff --git a/avahi.spec b/avahi.spec index fba7941..76d3039 100644 --- a/avahi.spec +++ b/avahi.spec @@ -18,7 +18,7 @@ Name: avahi Version: 0.6.31 -Release: 34%{?dist} +Release: 35%{?dist} Summary: Local network service discovery License: LGPLv2+ URL: http://avahi.org @@ -74,6 +74,7 @@ Patch1: avahi-0.6.31-no-deprecations.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1105647 Patch2: 0001-Disable-publish-workstation-and-publish-hinfo-by-def.patch +Patch3: 0001-netlink-check-that-the-origin-of-the-rtnetlink-messa.patch %description Avahi is a system which facilitates service discovery on @@ -325,6 +326,7 @@ fashion with mDNS. %patch0 -p1 -b .mono-libdir %patch1 -p1 -b .no_deprecations %patch2 -p1 -b .disable-workstation-hinfo +%patch3 -p1 -b .netlink-userns rm docs/INSTALL # patch1 requires autogen @@ -663,6 +665,9 @@ exit 0 %endif %changelog +* Wed Jun 17 2015 Michal Sekletar - 0.6.31-35 +- check that rtnetlink messages has pid == 0, i.e. they sender is kernel (#1227052) + * Wed Jun 17 2015 Fedora Release Engineering - 0.6.31-34 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild