From db90368fc7d2ceb35f791b823e614fdc90321681 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= Date: Mon, 26 Feb 2024 21:16:28 +0100 Subject: [PATCH] Add normal task queue also to non-thread version Non-thread builds are used by us for dhcp package. Make it working again. Related to [GL #4424] and [GL #4459]. ; Resolves: CVE-2023-50387 CVE-2023-50868 Resolves: RHEL-25681 RHEL-25649 --- bind-9.11-CVE-2023-50387-fixup.patch | 64 ++++++++++++++++++++++++++++ bind.spec | 3 ++ 2 files changed, 67 insertions(+) create mode 100644 bind-9.11-CVE-2023-50387-fixup.patch diff --git a/bind-9.11-CVE-2023-50387-fixup.patch b/bind-9.11-CVE-2023-50387-fixup.patch new file mode 100644 index 0000000..42b8287 --- /dev/null +++ b/bind-9.11-CVE-2023-50387-fixup.patch @@ -0,0 +1,64 @@ +From f0fc9d7999a94da3d471c4e0a35b1f447f25eea6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Mon, 26 Feb 2024 21:08:42 +0100 +Subject: [PATCH] Add normal task queue also to non-thread version + +Non-thread builds are used by us for dhcp package. Make it working +again. + +Related to [GL #4424] and [GL #4459]. +--- + lib/isc/task.c | 14 ++++++++------ + 1 file changed, 8 insertions(+), 6 deletions(-) + +diff --git a/lib/isc/task.c b/lib/isc/task.c +index cc83269..5315b51 100644 +--- a/lib/isc/task.c ++++ b/lib/isc/task.c +@@ -1115,7 +1115,7 @@ dispatch(isc__taskmgr_t *manager, isc_taskqueue_t qid) { + } + #else /* USE_WORKER_THREADS */ + if (total_dispatch_count >= DEFAULT_TASKMGR_QUANTUM || +- empty_readyq(manager)) ++ empty_readyq(manager, qid)) + break; + #endif /* USE_WORKER_THREADS */ + XTHREADTRACE(isc_msgcat_get(isc_msgcat, ISC_MSGSET_TASK, +@@ -1318,11 +1318,11 @@ dispatch(isc__taskmgr_t *manager, isc_taskqueue_t qid) { + } + + #ifndef USE_WORKER_THREADS +- ISC_LIST_APPENDLIST(manager->ready_tasks, new_ready_tasks, ready_link); +- ISC_LIST_APPENDLIST(manager->ready_priority_tasks, new_priority_tasks, ++ ISC_LIST_APPENDLIST(manager->ready_tasks[qid], new_ready_tasks, ready_link); ++ ISC_LIST_APPENDLIST(manager->ready_priority_tasks[qid], new_priority_tasks, + ready_priority_link); + manager->tasks_ready += tasks_ready; +- if (empty_readyq(manager)) ++ if (empty_readyq(manager, qid)) + manager->mode = isc_taskmgrmode_normal; + #endif + +@@ -1713,7 +1713,8 @@ isc__taskmgr_ready(isc_taskmgr_t *manager0) { + return (false); + + LOCK(&manager->lock); +- is_ready = !empty_readyq(manager); ++ is_ready = !empty_readyq(manager, isc_taskqueue_normal) || ++ !empty_readyq(manager, isc_taskqueue_slow); + UNLOCK(&manager->lock); + + return (is_ready); +@@ -1730,7 +1731,8 @@ isc__taskmgr_dispatch(isc_taskmgr_t *manager0) { + if (manager == NULL) + return (ISC_R_NOTFOUND); + +- dispatch(manager); ++ dispatch(manager, isc_taskqueue_normal); ++ dispatch(manager, isc_taskqueue_slow); + + return (ISC_R_SUCCESS); + } +-- +2.43.2 + diff --git a/bind.spec b/bind.spec index e8d080a..34b69d7 100644 --- a/bind.spec +++ b/bind.spec @@ -185,6 +185,8 @@ Patch201: bind-9.11-CVE-2023-4408.patch Patch202: bind-9.11-CVE-2023-50387.patch # https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/8778 Patch203: bind-9.11-CVE-2023-2828-fixup.patch +# addition to patch 200 +Patch204: bind-9.11-CVE-2023-50387-fixup.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -598,6 +600,7 @@ are used for building ISC DHCP. %patch201 -p1 -b .CVE-2023-4408 %patch202 -p1 -b .CVE-2023-50387+50868 %patch203 -p1 -b .CVE-2023-2828-fixup +%patch204 -p1 -b .CVE-2023-50387-fixup mkdir lib/dns/tests/testdata/dstrandom cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data