From bd6af4d1fd60212db9cae2ee891a318e9bc44a42 Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Mon, 5 May 2008 10:20:59 +0000 Subject: [PATCH] - readded bind-9.5-libcap.patch - added bind-9.5-recv-race.patch from F8 branch (#400461) --- bind-9.5-libcap.patch | 259 +++++++++++++++++++++++++++++++++++++++ bind-9.5-recv-race.patch | 172 ++++++++++++++++++++++++++ bind.spec | 12 +- 3 files changed, 441 insertions(+), 2 deletions(-) create mode 100644 bind-9.5-libcap.patch create mode 100644 bind-9.5-recv-race.patch diff --git a/bind-9.5-libcap.patch b/bind-9.5-libcap.patch new file mode 100644 index 0000000..3140eff --- /dev/null +++ b/bind-9.5-libcap.patch @@ -0,0 +1,259 @@ +diff -up bind-9.5.0b3/bin/named/unix/os.c.libcap bind-9.5.0b3/bin/named/unix/os.c +--- bind-9.5.0b3/bin/named/unix/os.c.libcap 2008-01-30 05:55:51.000000000 +0100 ++++ bind-9.5.0b3/bin/named/unix/os.c 2008-05-05 10:56:00.000000000 +0200 +@@ -69,7 +69,7 @@ static int devnullfd = -1; + /* + * Linux defines: + * (T) HAVE_LINUXTHREADS +- * (C) HAVE_LINUX_CAPABILITY_H ++ * (C) HAVE_SYS_CAPABILITY_H (or HAVE_LINUX_CAPABILITY_H) + * (P) HAVE_SYS_PRCTL_H + * The possible cases are: + * none: setuid() normally +@@ -116,16 +116,9 @@ static int dfd[2] = { -1, -1 }; + static isc_boolean_t non_root = ISC_FALSE; + static isc_boolean_t non_root_caps = ISC_FALSE; + +-#if defined(HAVE_CAPSET) +-#undef _POSIX_SOURCE + #ifdef HAVE_SYS_CAPABILITY_H + #include + #else +-#include +-int capset(cap_user_header_t hdrp, const cap_user_data_t datap); +-#endif +-#include +-#else + /*% + * We define _LINUX_FS_H to prevent it from being included. We don't need + * anything from it, and the files it includes cause warnings with 2.2 +@@ -133,9 +126,20 @@ int capset(cap_user_header_t hdrp, const + * and ) on 2.3 kernels. + */ + #define _LINUX_FS_H +- +-#include /* Required for syscall(). */ +-#include /* Required for _LINUX_CAPABILITY_VERSION. */ ++#include ++#ifdef HAVE_CAPSET ++int capset(cap_user_header_t hdrp, const cap_user_data_t datap); ++#else ++/* We don't have libcap or capset, let's use syscall*/ ++#include ++#ifndef SYS_capset ++#ifndef __NR_capset ++#include /* Slackware 4.0 needs this. */ ++#endif /* __NR_capset */ ++#define SYS_capset __NR_capset ++#endif /* SYS_capset */ ++#endif /* HAVE_CAPSET */ ++#endif /* HAVE_SYS_CAPABILITY_H */ + + #ifdef HAVE_SYS_PRCTL_H + #include /* Required for prctl(). */ +@@ -152,23 +156,28 @@ int capset(cap_user_header_t hdrp, const + + #endif /* HAVE_SYS_PRCTL_H */ + +-#ifndef SYS_capset +-#ifndef __NR_capset +-#include /* Slackware 4.0 needs this. */ +-#endif +-#define SYS_capset __NR_capset +-#endif +-#endif ++#ifdef HAVE_LIBCAP ++#define SETCAPS_FUNC "cap_set_proc " ++#else ++typedef unsigned int cap_t; ++#ifdef HAVE_CAPSET ++#define SETCAPS_FUNC "capset " ++#else ++#define SETCAPS_FUNC "syscall(capset) " ++#endif /* HAVE_CAPSET */ ++#endif /* HAVE_LIBCAP */ + + static void +-linux_setcaps(unsigned int caps) { ++linux_setcaps(cap_t caps) { ++#ifndef HAVE_LIBCAP + struct __user_cap_header_struct caphead; + struct __user_cap_data_struct cap; ++#endif + char strbuf[ISC_STRERRORSIZE]; + + if ((getuid() != 0 && !non_root_caps) || non_root) + return; +- ++#ifndef HAVE_LIBCAP + memset(&caphead, 0, sizeof(caphead)); + caphead.version = _LINUX_CAPABILITY_VERSION; + caphead.pid = 0; +@@ -176,46 +185,76 @@ linux_setcaps(unsigned int caps) { + cap.effective = caps; + cap.permitted = caps; + cap.inheritable = 0; +-#ifdef HAVE_CAPSET ++#endif ++#ifdef HAVE_LIBCAP ++ if (cap_set_proc(caps) < 0) { ++#elif defined(HAVE_CAPSET) + if (capset(&caphead, &cap) < 0 ) { +- isc__strerror(errno, strbuf, sizeof(strbuf)); +- ns_main_earlyfatal("capset failed: %s:" +- " please ensure that the capset kernel" +- " module is loaded. see insmod(8)", +- strbuf); +- } + #else + if (syscall(SYS_capset, &caphead, &cap) < 0) { ++#endif + isc__strerror(errno, strbuf, sizeof(strbuf)); +- ns_main_earlyfatal("syscall(capset) failed: %s:" ++ ns_main_earlyfatal(SETCAPS_FUNC "failed: %s:" + " please ensure that the capset kernel" + " module is loaded. see insmod(8)", + strbuf); + } +-#endif + } + ++#ifdef HAVE_LIBCAP ++#define SET_CAP(flag) \ ++ do { \ ++ capval = (flag); \ ++ err = cap_set_flag(caps, CAP_EFFECTIVE, 1, &capval, CAP_SET); \ ++ if (err == -1) { \ ++ isc__strerror(errno, strbuf, sizeof(strbuf)); \ ++ ns_main_earlyfatal("cap_set_proc failed: %s", strbuf); \ ++ } \ ++ \ ++ err = cap_set_flag(caps, CAP_PERMITTED, 1, &capval, CAP_SET); \ ++ if (err == -1) { \ ++ isc__strerror(errno, strbuf, sizeof(strbuf)); \ ++ ns_main_earlyfatal("cap_set_proc failed: %s", strbuf); \ ++ } \ ++ } while (0) ++#define INIT_CAP \ ++ do { \ ++ caps = cap_init(); \ ++ if (caps == NULL) { \ ++ isc__strerror(errno, strbuf, sizeof(strbuf)); \ ++ ns_main_earlyfatal("cap_init failed: %s", strbuf); \ ++ } \ ++ } while (0) ++#else ++#define SET_CAP(flag) { caps |= (1 << (flag)); } ++#define INIT_CAP { caps = 0; } ++#endif /* HAVE_LIBCAP */ ++ + static void + linux_initialprivs(void) { +- unsigned int caps; ++ cap_t caps; ++#ifdef HAVE_LIBCAP ++ cap_value_t capval; ++ char strbuf[ISC_STRERRORSIZE]; ++ int err; ++#endif + + /*% + * We don't need most privileges, so we drop them right away. + * Later on linux_minprivs() will be called, which will drop our + * capabilities to the minimum needed to run the server. + */ +- +- caps = 0; ++ INIT_CAP; + + /* + * We need to be able to bind() to privileged ports, notably port 53! + */ +- caps |= (1 << CAP_NET_BIND_SERVICE); ++ SET_CAP(CAP_NET_BIND_SERVICE); + + /* + * We need chroot() initially too. + */ +- caps |= (1 << CAP_SYS_CHROOT); ++ SET_CAP(CAP_SYS_CHROOT); + + #if defined(HAVE_SYS_PRCTL_H) || !defined(HAVE_LINUXTHREADS) + /* +@@ -224,19 +263,19 @@ linux_initialprivs(void) { + * tried) or we're not using threads. If either of these is + * true, we want the setuid capability. + */ +- caps |= (1 << CAP_SETUID); ++ SET_CAP(CAP_SETUID); + #endif + + /* + * Since we call initgroups, we need this. + */ +- caps |= (1 << CAP_SETGID); ++ SET_CAP(CAP_SETGID); + + /* + * Without this, we run into problems reading a configuration file + * owned by a non-root user and non-world-readable on startup. + */ +- caps |= (1 << CAP_DAC_READ_SEARCH); ++ SET_CAP(CAP_DAC_READ_SEARCH); + + /* + * XXX We might want to add CAP_SYS_RESOURCE, though it's not +@@ -245,15 +284,21 @@ linux_initialprivs(void) { + * of files, the stack size, data size, and core dump size to + * support named.conf options, this is now being added to test. + */ +- caps |= (1 << CAP_SYS_RESOURCE); ++ SET_CAP(CAP_SYS_RESOURCE); + + linux_setcaps(caps); + } + + static void + linux_minprivs(void) { +- unsigned int caps; ++ cap_t caps; ++#ifdef HAVE_LIBCAP ++ cap_value_t capval; ++ char strbuf[ISC_STRERRORSIZE]; ++ int err; ++#endif + ++ INIT_CAP; + /*% + * Drop all privileges except the ability to bind() to privileged + * ports. +@@ -262,8 +307,7 @@ linux_minprivs(void) { + * chroot() could be used to escape from the chrooted area. + */ + +- caps = 0; +- caps |= (1 << CAP_NET_BIND_SERVICE); ++ SET_CAP(CAP_NET_BIND_SERVICE); + + /* + * XXX We might want to add CAP_SYS_RESOURCE, though it's not +@@ -272,7 +316,7 @@ linux_minprivs(void) { + * of files, the stack size, data size, and core dump size to + * support named.conf options, this is now being added to test. + */ +- caps |= (1 << CAP_SYS_RESOURCE); ++ SET_CAP(CAP_SYS_RESOURCE); + + linux_setcaps(caps); + } +diff -up bind-9.5.0b3/configure.in.libcap bind-9.5.0b3/configure.in +--- bind-9.5.0b3/configure.in.libcap 2008-01-30 05:55:51.000000000 +0100 ++++ bind-9.5.0b3/configure.in 2008-05-05 10:53:11.000000000 +0200 +@@ -1876,6 +1876,7 @@ AC_ARG_ENABLE(linux-caps, + case "$enable_linux_caps" in + yes|'') + AC_CHECK_HEADERS(linux/capability.h sys/capability.h) ++ AC_CHECK_LIB(cap, cap_set_proc) + AC_CHECK_FUNCS(capset) + ;; + no) diff --git a/bind-9.5-recv-race.patch b/bind-9.5-recv-race.patch new file mode 100644 index 0000000..2207d53 --- /dev/null +++ b/bind-9.5-recv-race.patch @@ -0,0 +1,172 @@ +diff -up bind-9.5.0b2/lib/isc/unix/socket.c.recv bind-9.5.0b2/lib/isc/unix/socket.c +--- bind-9.5.0b2/lib/isc/unix/socket.c.recv 2008-04-10 16:45:33.000000000 +0200 ++++ bind-9.5.0b2/lib/isc/unix/socket.c 2008-04-10 17:00:46.000000000 +0200 +@@ -261,10 +261,10 @@ static isc_result_t allocate_socket(isc_ + static void destroy(isc_socket_t **); + static void internal_accept(isc_task_t *, isc_event_t *); + static void internal_connect(isc_task_t *, isc_event_t *); +-static void internal_recv(isc_task_t *, isc_event_t *); ++static void internal_recv(isc_event_t *); + static void internal_send(isc_task_t *, isc_event_t *); + static void internal_fdwatch_write(isc_task_t *, isc_event_t *); +-static void internal_fdwatch_read(isc_task_t *, isc_event_t *); ++static void internal_fdwatch_read(isc_event_t *); + static void process_cmsg(isc_socket_t *, struct msghdr *, isc_socketevent_t *); + static void build_msghdr_send(isc_socket_t *, isc_socketevent_t *, + struct msghdr *, struct iovec *, size_t *); +@@ -1830,7 +1830,7 @@ isc_socket_detach(isc_socket_t **socketp + * + * The socket and manager must be locked before calling this function. + */ +-static void ++static isc_boolean_t + dispatch_recv(isc_socket_t *sock) { + intev_t *iev; + isc_socketevent_t *ev; +@@ -1841,7 +1841,7 @@ dispatch_recv(isc_socket_t *sock) { + if (sock->type != isc_sockettype_fdwatch) { + ev = ISC_LIST_HEAD(sock->recv_list); + if (ev == NULL) +- return; ++ return ISC_FALSE; + socket_log(sock, NULL, EVENT, NULL, 0, 0, + "dispatch_recv: event %p -> task %p", + ev, ev->ev_sender); +@@ -1855,13 +1855,16 @@ dispatch_recv(isc_socket_t *sock) { + + sock->references++; + iev->ev_sender = sock; ++ iev->ev_arg = sock; + if (sock->type == isc_sockettype_fdwatch) +- iev->ev_action = internal_fdwatch_read; ++ internal_fdwatch_read (iev); + else +- iev->ev_action = internal_recv; +- iev->ev_arg = sock; ++ internal_recv (iev); + +- isc_task_send(sender, (isc_event_t **)&iev); ++ if (sock->references == 0) ++ return ISC_TRUE; ++ ++ return ISC_FALSE; + } + + static void +@@ -2228,7 +2231,7 @@ internal_accept(isc_task_t *me, isc_even + } + + static void +-internal_recv(isc_task_t *me, isc_event_t *ev) { ++internal_recv(isc_event_t *ev) { + isc_socketevent_t *dev; + isc_socket_t *sock; + +@@ -2237,21 +2240,13 @@ internal_recv(isc_task_t *me, isc_event_ + sock = ev->ev_sender; + INSIST(VALID_SOCKET(sock)); + +- LOCK(&sock->lock); +- socket_log(sock, NULL, IOEVENT, +- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV, +- "internal_recv: task %p got event %p", me, ev); +- + INSIST(sock->pending_recv == 1); + sock->pending_recv = 0; + + INSIST(sock->references > 0); + sock->references--; /* the internal event is done with this socket */ +- if (sock->references == 0) { +- UNLOCK(&sock->lock); +- destroy(&sock); ++ if (sock->references == 0) + return; +- } + + /* + * Try to do as much I/O as possible on this socket. There are no +@@ -2289,7 +2284,6 @@ internal_recv(isc_task_t *me, isc_event_ + if (!ISC_LIST_EMPTY(sock->recv_list)) + select_poke(sock->manager, sock->fd, SELECT_POKE_READ); + +- UNLOCK(&sock->lock); + } + + static void +@@ -2388,7 +2382,7 @@ internal_fdwatch_write(isc_task_t *me, i + } + + static void +-internal_fdwatch_read(isc_task_t *me, isc_event_t *ev) { ++internal_fdwatch_read(isc_event_t *ev) { + isc_socket_t *sock; + int more_data; + +@@ -2400,31 +2394,19 @@ internal_fdwatch_read(isc_task_t *me, is + sock = (isc_socket_t *)ev->ev_sender; + INSIST(VALID_SOCKET(sock)); + +- LOCK(&sock->lock); +- socket_log(sock, NULL, IOEVENT, +- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV, +- "internal_fdwatch_read: task %p got event %p", me, ev); +- + INSIST(sock->pending_recv == 1); + +- UNLOCK(&sock->lock); +- more_data = (sock->fdwatchcb)(me, sock, sock->fdwatcharg); +- LOCK(&sock->lock); ++ INSIST(0); /* We should not be here */ + + sock->pending_recv = 0; + + INSIST(sock->references > 0); + sock->references--; /* the internal event is done with this socket */ +- if (sock->references == 0) { +- UNLOCK(&sock->lock); +- destroy(&sock); ++ if (sock->references == 0) + return; +- } + + if (more_data) + select_poke(sock->manager, sock->fd, SELECT_POKE_READ); +- +- UNLOCK(&sock->lock); + } + + static void +@@ -2434,6 +2416,7 @@ process_fds(isc_socketmgr_t *manager, in + int i; + isc_socket_t *sock; + isc_boolean_t unlock_sock; ++ isc_boolean_t destroy_sock; + + REQUIRE(maxfd <= (int)FD_SETSIZE); + +@@ -2462,6 +2445,7 @@ process_fds(isc_socketmgr_t *manager, in + + sock = manager->fds[i]; + unlock_sock = ISC_FALSE; ++ destroy_sock = ISC_FALSE; + if (FD_ISSET(i, readfds)) { + if (sock == NULL) { + FD_CLR(i, &manager->read_fds); +@@ -2473,7 +2457,7 @@ process_fds(isc_socketmgr_t *manager, in + if (sock->listener) + dispatch_accept(sock); + else +- dispatch_recv(sock); ++ destroy_sock = dispatch_recv(sock); + } + FD_CLR(i, &manager->read_fds); + } +@@ -2497,6 +2481,8 @@ process_fds(isc_socketmgr_t *manager, in + } + if (unlock_sock) + UNLOCK(&sock->lock); ++ if (destroy_sock) ++ destroy(&sock); + } + } + diff --git a/bind.spec b/bind.spec index aada54e..7da7080 100644 --- a/bind.spec +++ b/bind.spec @@ -18,7 +18,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.5.0 -Release: 30.1.%{RELEASEVER}%{dist} +Release: 31.%{RELEASEVER}%{dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -57,6 +57,8 @@ Patch63: bind-9.4.0-dnssec-directory.patch Patch71: bind-9.5-overflow.patch Patch72: bind-9.5-dlz-64bit.patch Patch87: bind-9.5-parallel-build.patch +Patch88: bind-9.5-libcap.patch +Patch89: bind-9.5-recv-race.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -179,6 +181,7 @@ Based on the code from Jan "Yenya" Kasprzak %patch5 -p1 -b .nonexec %patch10 -p1 -b .PIE %patch16 -p1 -b .redhat_doc +%patch88 -p1 -b .libcap %if %{SDB} mkdir bin/named-sdb cp -r bin/named/* bin/named-sdb @@ -235,6 +238,7 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named %patch83 -p1 -b .libidn2 %patch85 -p1 -b .libidn3 %patch87 -p1 -b .parallel +%patch89 -p1 -b .recv-race :; @@ -243,7 +247,7 @@ export CFLAGS="$CFLAGS $RPM_OPT_FLAGS -O0" export CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE" export STD_CDEFINES="$CPPFLAGS" -libtoolize -c -f; aclocal --force; autoconf -f +libtoolize -c -f; aclocal --force; autoheader -f; autoconf -f %if %{WITH_DBUS} %ifarch s390x x86_64 ppc64 @@ -641,6 +645,10 @@ rm -rf ${RPM_BUILD_ROOT} %{_sbindir}/bind-chroot-admin %changelog +* Mon May 05 2008 Adam Tkac 32:9.5.0-31.b3 +- readded bind-9.5-libcap.patch +- added bind-9.5-recv-race.patch from F8 branch (#400461) + * Wed Apr 23 2008 Adam Tkac 32:9.5.0-30.1.b3 - build Berkeley DB DLZ backend