Actually prevent the loading of unknown kernel headers

The previous fix didn't actually do anything but print a warning.
Actually fix the issue this time.

Resolves: RHEL-28768
CVE CVE-2024-2314

Signed-off-by: Jerome Marchand <jmarchan@redhat.com>

bcc-0.25.0-clang-Fix-file_exists_and_ownedby-return-value-4935.patch

@@ -0,0 +1,33 @@
+From 509b05f2790fd1f9e725e353521a5a555ca57aaf Mon Sep 17 00:00:00 2001
+From: Chunsheng Luo <48231204+luochenglcs@users.noreply.github.com>
+Date: Mon, 18 Mar 2024 00:09:21 +0800
+Subject: [PATCH] clang: Fix file_exists_and_ownedby return value (#4935)
+
+commit 008ea09 (clang: check header ownership) updates file_exists()
+to file_exists_and_ownedby(), add verifies onwer, but the return value
+is different from before, causing problems with the original code.
+
+Signed-off-by: Chunsheng Luo <luochunsheng@ustc.edu>
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+---
+ src/cc/frontends/clang/kbuild_helper.cc | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/cc/frontends/clang/kbuild_helper.cc b/src/cc/frontends/clang/kbuild_helper.cc
+index 1b291469..0387f872 100644
+--- a/src/cc/frontends/clang/kbuild_helper.cc
++++ b/src/cc/frontends/clang/kbuild_helper.cc
+@@ -143,8 +143,8 @@ int KBuildHelper::get_flags(const char *uname_machine, vector<string> *cflags) {
+ static inline int file_exists_and_ownedby(const char *f, uid_t uid)
+ {
+   struct stat buffer;
+-  int ret;
+-  if ((ret = stat(f, &buffer)) == 0) {
++  int ret = stat(f, &buffer) == 0;
++  if (ret) {
+     if (buffer.st_uid != uid) {
+       std::cout << "ERROR: header file ownership unexpected: " << std::string(f) << "\n";
+       return -1;
+-- 
+2.44.0
+

bcc-0.25.0-clang-fail-when-the-kheaders-ownership-is-wrong-4928.patch

@@ -0,0 +1,76 @@
+From 1d504ac46d2a0210813147b6a57d657b6c2a5d2e Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Fri, 17 May 2024 15:36:07 +0200
+Subject: [PATCH] clang: fail when the kheaders ownership is wrong (#4928)
+ (#4985)
+
+file_exists_and_ownedby() returns -1 when the file exists but its
+ownership is unexpected, which is very misleading since anything non
+zero is interpreted as true and a function with such a name is
+expected to return a boolean. So currently all this does, is write a
+warning message, and continues as if nothing is wrong.
+
+Make file_exists_and_ownedby() returns false when the ownership is
+wrong and have get_proc_kheaders() fails when this happen. Also have
+all the *exists* functions return bool to avoid such issues in the
+future.
+
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+---
+ src/cc/frontends/clang/kbuild_helper.cc | 22 +++++++++++++++++-----
+ 1 file changed, 17 insertions(+), 5 deletions(-)
+
+diff --git a/src/cc/frontends/clang/kbuild_helper.cc b/src/cc/frontends/clang/kbuild_helper.cc
+index 0387f872..9dd3c3c8 100644
+--- a/src/cc/frontends/clang/kbuild_helper.cc
++++ b/src/cc/frontends/clang/kbuild_helper.cc
+@@ -140,20 +140,26 @@ int KBuildHelper::get_flags(const char *uname_machine, vector<string> *cflags) {
+   return 0;
+ }
+ 
+-static inline int file_exists_and_ownedby(const char *f, uid_t uid)
++static inline bool file_exists(const char *f)
++{
++  struct stat buffer;
++  return (stat(f, &buffer) == 0);
++}
++
++static inline bool file_exists_and_ownedby(const char *f, uid_t uid)
+ {
+   struct stat buffer;
+   int ret = stat(f, &buffer) == 0;
+   if (ret) {
+     if (buffer.st_uid != uid) {
+       std::cout << "ERROR: header file ownership unexpected: " << std::string(f) << "\n";
+-      return -1;
++      return false;
+     }
+   }
+   return ret;
+ }
+ 
+-static inline int proc_kheaders_exists(void)
++static inline bool proc_kheaders_exists(void)
+ {
+   return file_exists_and_ownedby(PROC_KHEADERS_PATH, 0);
+ }
+@@ -221,8 +227,14 @@ int get_proc_kheaders(std::string &dirpath)
+   snprintf(dirpath_tmp, 256, "/tmp/kheaders-%s", uname_data.release);
+   dirpath = std::string(dirpath_tmp);
+ 
+-  if (file_exists_and_ownedby(dirpath_tmp, 0))
+-    return 0;
++  if (file_exists(dirpath_tmp)) {
++    if (file_exists_and_ownedby(dirpath_tmp, 0))
++      return 0;
++    else
++      // The path exists, but is owned by a non-root user
++      // Something fishy is going on
++      return -EEXIST;
++  }
+ 
+   // First time so extract it
+   return extract_kheaders(dirpath, uname_data);
+-- 
+2.44.0
+

bcc.spec

@@ -9,7 +9,7 @@
 
 Name:           bcc
 Version:        0.25.0
-Release:        8%{?dist}
+Release:        9%{?dist}
 Summary:        BPF Compiler Collection (BCC)
 License:        ASL 2.0
 URL:            https://github.com/iovisor/bcc
@@ -30,6 +30,8 @@ Patch12:        %{name}-%{version}-Fix-compilation-error-when-built-with-llvm17.
 Patch13:        %{name}-%{version}-tools-tcpstates-fix-context-ptr-modified-error.patch
 Patch14:        %{name}-%{version}-tools-tcpstates-fix-IPv6-journal.patch
 Patch15:        %{name}-%{version}-clang-check-header-ownership-4928.patch
+Patch16:        %{name}-%{version}-clang-Fix-file_exists_and_ownedby-return-value-4935.patch
+Patch17:        %{name}-%{version}-clang-fail-when-the-kheaders-ownership-is-wrong-4928.patch
 
 # Arches will be included as upstream support is added and dependencies are
 # satisfied in the respective arches
@@ -227,6 +229,9 @@ done
 
 
 %changelog
+* Tue May 28 2024 Jerome Marchand <jmarchan@redhat.com> - 0.25.0-9
+- Really prevent the loading of compromised headers (RHEL-28768, CVE-2024-2314)
+
 * Tue Mar 12 2024 Jerome Marchand <jmarchan@redhat.com> - 0.25.0-8
 - Check header ownership (RHEL-28768)