From 8a417ecb166a616b3606ca8dd5b137a60e9a86d8 Mon Sep 17 00:00:00 2001 From: Michal Sekletar Date: Thu, 16 May 2024 12:17:46 +0200 Subject: [PATCH] Make sure biosdevname works on systems with enabled SecureBoot Resolves: RHEL-18300 --- 0001-Add-SMBIOS-3.x-support.patch | 63 +++++++ ...er-read-helper-using-read-explicitly.patch | 168 ++++++++++++++++++ ...-recursion-in-dmidecode.c-smbios_set.patch | 29 +++ ...ies-from-sys-firmware-dmi-tables-DMI.patch | 145 +++++++++++++++ biosdevname.spec | 11 +- 5 files changed, 414 insertions(+), 2 deletions(-) create mode 100644 0001-Add-SMBIOS-3.x-support.patch create mode 100644 0001-Add-buffer-read-helper-using-read-explicitly.patch create mode 100644 0001-Prevent-infinite-recursion-in-dmidecode.c-smbios_set.patch create mode 100644 0001-Read-DMI-entries-from-sys-firmware-dmi-tables-DMI.patch diff --git a/0001-Add-SMBIOS-3.x-support.patch b/0001-Add-SMBIOS-3.x-support.patch new file mode 100644 index 0000000..57ce92f --- /dev/null +++ b/0001-Add-SMBIOS-3.x-support.patch @@ -0,0 +1,63 @@ +From 495ab76e0d5f0eba83f9c86baf779a244ea1b60d Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Mon, 24 Aug 2020 14:42:44 +0200 +Subject: [PATCH] Add SMBIOS 3.x support + +Handle only the path from sysfs for now. + +Signed-off-by: Takashi Iwai +CC: Thomas Renninger +CC: Michal Suchanek +--- + src/dmidecode/dmidecode.c | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/src/dmidecode/dmidecode.c b/src/dmidecode/dmidecode.c +index f4c1269..f478cc5 100644 +--- a/src/dmidecode/dmidecode.c ++++ b/src/dmidecode/dmidecode.c +@@ -236,7 +236,7 @@ static int dmi_table(u32 base, u16 len, u16 num, u16 ver, const char *devmem, co + int i=0; + + /* Verify SMBIOS version */ +- if (!isvalidsmbios(ver >> 8, ver & 0xFF)) { ++ if (ver && !isvalidsmbios(ver >> 8, ver & 0xFF)) { + return 0; + } + +@@ -253,7 +253,7 @@ static int dmi_table(u32 base, u16 len, u16 num, u16 ver, const char *devmem, co + } + + data=buf; +- while(i= 0x18 && memcmp(buf, "_SM3_", 5) == 0) ++ return smbios3_decode(buf, SYSFS_TABLE_DMI, state); + return 0; + } + +-- +2.44.0 + diff --git a/0001-Add-buffer-read-helper-using-read-explicitly.patch b/0001-Add-buffer-read-helper-using-read-explicitly.patch new file mode 100644 index 0000000..8416d72 --- /dev/null +++ b/0001-Add-buffer-read-helper-using-read-explicitly.patch @@ -0,0 +1,168 @@ +From f64c3f549eda36d11b5690117173b0847535ebbe Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Mon, 24 Aug 2020 14:40:17 +0200 +Subject: [PATCH] Add buffer read helper using read explicitly + +Since mmap can't work well with a sysfs file, we need to read the +contents explicitly via read, even if USE_MMAP is enabled. +Provide a new helper, __mem_cunk(), that does behave like mem_chunk() +but with the extra use_mmap argument to specify the method to read a +file. + +Signed-off-by: Takashi Iwai +CC: Thomas Renninger +CC: Michal Suchanek +--- + src/dmidecode/util.c | 82 ++++++++++++++++++++++++++++---------------- + src/dmidecode/util.h | 1 + + 2 files changed, 53 insertions(+), 30 deletions(-) + +diff --git a/src/dmidecode/util.c b/src/dmidecode/util.c +index ea06663..09934ea 100644 +--- a/src/dmidecode/util.c ++++ b/src/dmidecode/util.c +@@ -47,7 +47,6 @@ + #include "types.h" + #include "util.h" + +-#ifndef USE_MMAP + static int myread(int fd, u8 *buf, size_t count, const char *prefix) + { + ssize_t r=1; +@@ -78,7 +77,6 @@ static int myread(int fd, u8 *buf, size_t count, const char *prefix) + + return 0; + } +-#endif + + int checksum(const u8 *buf, size_t len) + { +@@ -94,28 +92,13 @@ int checksum(const u8 *buf, size_t len) + * Copy a physical memory chunk into a memory buffer. + * This function allocates memory. + */ +-void *mem_chunk(size_t base, size_t len, const char *devmem) +-{ +- void *p; +- int fd; + #ifdef USE_MMAP ++static void *mem_chunk_mmap(size_t base, size_t len, const char *devmem, ++ int fd, void *p) ++{ + size_t mmoffset; + void *mmp; +-#endif +- +- if((fd=open(devmem, O_RDONLY))==-1) +- { +- return NULL; +- } +- +- if((p=malloc(len))==NULL) +- { +- perror("malloc"); +- close(fd); +- return NULL; +- } +- +-#ifdef USE_MMAP ++ + #ifdef _SC_PAGESIZE + mmoffset=base%sysconf(_SC_PAGESIZE); + #else +@@ -129,8 +112,6 @@ void *mem_chunk(size_t base, size_t len, const char *devmem) + mmp=mmap(0, mmoffset+len, PROT_READ, MAP_SHARED, fd, base-mmoffset); + if(mmp==MAP_FAILED) + { +- free(p); +- close(fd); + return NULL; + } + +@@ -141,26 +122,67 @@ void *mem_chunk(size_t base, size_t len, const char *devmem) + fprintf(stderr, "%s: ", devmem); + perror("munmap"); + } +-#else /* USE_MMAP */ ++ ++ return p; ++} ++#endif /* USE_MMAP */ ++ ++static void *mem_chunk_read(size_t base, size_t len, const char *devmem, ++ int fd, void *p) ++{ + if(lseek(fd, base, SEEK_SET)==-1) + { + fprintf(stderr, "%s: ", devmem); + perror("lseek"); +- free(p); +- close(fd); + return NULL; + } + + if(myread(fd, p, len, devmem)==-1) + { +- free(p); +- close(fd); + return NULL; + } +-#endif /* USE_MMAP */ ++ ++ return p; ++} ++ ++void *__mem_chunk(size_t base, size_t len, const char *devmem, int use_mmap) ++{ ++ void *ret; ++ void *p; ++ int fd; ++ ++#ifndef USE_MMAP ++ use_mmap = 0; ++#endif ++ ++ if((fd=open(devmem, O_RDONLY))==-1) ++ { ++ return NULL; ++ } + ++ if((p=malloc(len))==NULL) ++ { ++ perror("malloc"); ++ close(fd); ++ return NULL; ++ } ++ ++#ifdef USE_MMAP ++ if (use_mmap) ++ ret = mem_chunk_mmap(base, len, devmem, fd, p); ++ else ++#endif ++ ret = mem_chunk_read(base, len, devmem, fd, p); ++ + if(close(fd)==-1) + perror(devmem); ++ if (!ret) ++ free(p); + +- return p; ++ return ret; ++} ++ ++void *mem_chunk(size_t base, size_t len, const char *devmem) ++{ ++ return __mem_chunk(base, len, devmem, 1); + } +diff --git a/src/dmidecode/util.h b/src/dmidecode/util.h +index b546f64..90c411e 100644 +--- a/src/dmidecode/util.h ++++ b/src/dmidecode/util.h +@@ -6,3 +6,4 @@ + + int checksum(const u8 *buf, size_t len); + void *mem_chunk(size_t base, size_t len, const char *devmem); ++void *__mem_chunk(size_t base, size_t len, const char *devmem, int use_mmap); +-- +2.44.0 + diff --git a/0001-Prevent-infinite-recursion-in-dmidecode.c-smbios_set.patch b/0001-Prevent-infinite-recursion-in-dmidecode.c-smbios_set.patch new file mode 100644 index 0000000..0f48cfa --- /dev/null +++ b/0001-Prevent-infinite-recursion-in-dmidecode.c-smbios_set.patch @@ -0,0 +1,29 @@ +From d6fa84f8a80d5e1c526fe675c345f709a700e33e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Josef=20M=C3=B6llers?= +Date: Fri, 20 Jul 2018 08:56:48 +0200 +Subject: [PATCH] Prevent infinite recursion in dmidecode.c::smbios_setslot by + (#7) + +Checking that subordinate bus has a number greater than the +current bus. +Fixes SUSE bug#1093625 +--- + src/dmidecode/dmidecode.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/dmidecode/dmidecode.c b/src/dmidecode/dmidecode.c +index 1d805bb..a01a6ce 100644 +--- a/src/dmidecode/dmidecode.c ++++ b/src/dmidecode/dmidecode.c +@@ -153,7 +153,7 @@ void smbios_setslot(const struct libbiosdevname_state *state, + } + + /* Found a PDEV, now is it a bridge? */ +- if (pdev->sbus != -1) { ++ if (pdev->sbus != -1 && pdev->sbus > bus) { + smbios_setslot(state, domain, pdev->sbus, -1, -1, type, slot, index, label); + } + } +-- +2.44.0 + diff --git a/0001-Read-DMI-entries-from-sys-firmware-dmi-tables-DMI.patch b/0001-Read-DMI-entries-from-sys-firmware-dmi-tables-DMI.patch new file mode 100644 index 0000000..f8b0118 --- /dev/null +++ b/0001-Read-DMI-entries-from-sys-firmware-dmi-tables-DMI.patch @@ -0,0 +1,145 @@ +From b3bb4ed21e8802cb38eb693952da058f52cf76b0 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Mon, 24 Aug 2020 14:41:54 +0200 +Subject: [PATCH] Read DMI entries from /sys/firmware/dmi/tables/DMI + +A kernel with Secure Boot lockdown may prohibit reading the contents +of /dev/mem, hence biosdevname fails. The recent kernel provides the +DMI byte contents in /sys/firmware/dmi/tables/*, and we can use this +instead of poking /dev/mem. + +Signed-off-by: Takashi Iwai +CC: Thomas Renninger +CC: Michal Suchanek +--- + src/dmidecode/dmidecode.c | 54 +++++++++++++++++++++++++++++---------- + 1 file changed, 41 insertions(+), 13 deletions(-) + +diff --git a/src/dmidecode/dmidecode.c b/src/dmidecode/dmidecode.c +index a01a6ce..f4c1269 100644 +--- a/src/dmidecode/dmidecode.c ++++ b/src/dmidecode/dmidecode.c +@@ -229,7 +229,7 @@ static int isvalidsmbios(int mjr, int mnr) + return 0; + } + +-static void dmi_table(u32 base, u16 len, u16 num, u16 ver, const char *devmem, const struct libbiosdevname_state *state) ++static int dmi_table(u32 base, u16 len, u16 num, u16 ver, const char *devmem, const struct libbiosdevname_state *state, int sysfs) + { + u8 *buf; + u8 *data; +@@ -237,14 +237,19 @@ static void dmi_table(u32 base, u16 len, u16 num, u16 ver, const char *devmem, c + + /* Verify SMBIOS version */ + if (!isvalidsmbios(ver >> 8, ver & 0xFF)) { +- return; ++ return 0; + } +- if((buf=mem_chunk(base, len, devmem))==NULL) ++ ++ if (sysfs) ++ buf = __mem_chunk(0, len, devmem, 0); ++ else ++ buf = mem_chunk(base, len, devmem); ++ if(buf == NULL) + { + #ifndef USE_MMAP + printf("Table is unreachable, sorry. Try compiling dmidecode with -DUSE_MMAP.\n"); + #endif +- return; ++ return 0; + } + + data=buf; +@@ -280,18 +285,18 @@ static void dmi_table(u32 base, u16 len, u16 num, u16 ver, const char *devmem, c + i++; + } + free(buf); ++ return 1; + } + +- +-static int smbios_decode(u8 *buf, const char *devmem, const struct libbiosdevname_state *state) ++static int smbios_decode(u8 *buf, const char *devmem, const struct libbiosdevname_state *state, int sysfs) + { + if(checksum(buf, buf[0x05]) + && memcmp(buf+0x10, "_DMI_", 5)==0 + && checksum(buf+0x10, 0x0F)) + { +- dmi_table(DWORD(buf+0x18), WORD(buf+0x16), WORD(buf+0x1C), +- (buf[0x06]<<8)+buf[0x07], devmem, state); +- return 1; ++ return dmi_table(DWORD(buf+0x18), WORD(buf+0x16), WORD(buf+0x1C), ++ (buf[0x06]<<8)+buf[0x07], devmem, state, ++ sysfs); + } + + return 0; +@@ -302,13 +307,32 @@ static int legacy_decode(u8 *buf, const char *devmem, const struct libbiosdevnam + if(checksum(buf, 0x0F)) + { + dmi_table(DWORD(buf+0x08), WORD(buf+0x06), WORD(buf+0x0C), +- ((buf[0x0E]&0xF0)<<4)+(buf[0x0E]&0x0F), devmem, state); ++ ((buf[0x0E]&0xF0)<<4)+(buf[0x0E]&0x0F), devmem, state, 0); + return 1; + } + + return 0; + } + ++#define SYSFS_TABLE_SMBIOS "/sys/firmware/dmi/tables/smbios_entry_point" ++#define SYSFS_TABLE_DMI "/sys/firmware/dmi/tables/DMI" ++ ++static int smibios_decode_from_sysfs(const struct libbiosdevname_state *state) ++{ ++ FILE *fp; ++ u8 buf[0x1f]; ++ int len; ++ ++ fp = fopen(SYSFS_TABLE_SMBIOS, "r"); ++ if (!fp) ++ return 0; ++ len = fread(buf, 1, sizeof(buf), fp); ++ fclose(fp); ++ if (len == 0x1f && memcmp(buf, "_SM_", 4) == 0) ++ return smbios_decode(buf, SYSFS_TABLE_DMI, state, 1); ++ return 0; ++} ++ + /* + * Probe for EFI interface + */ +@@ -417,7 +441,11 @@ int dmidecode_main(const struct libbiosdevname_state *state) + if (dmidecode_read_file(state)) + return 0; + +- /* First try EFI (ia64, Intel-based Mac) */ ++ /* First try sysfs entries */ ++ if (smibios_decode_from_sysfs(state)) ++ return 0; ++ ++ /* Next try EFI (ia64, Intel-based Mac) */ + efi=address_from_efi(&fp); + switch(efi) + { +@@ -434,7 +462,7 @@ int dmidecode_main(const struct libbiosdevname_state *state) + goto exit_free; + } + +- if(smbios_decode(buf, devmem, state)) ++ if(smbios_decode(buf, devmem, state, 0)) + found++; + goto done; + +@@ -450,7 +478,7 @@ memory_scan: + { + if(memcmp(buf+fp, "_SM_", 4)==0 && fp<=0xFFE0) + { +- if(smbios_decode(buf+fp, devmem, state)) ++ if(smbios_decode(buf+fp, devmem, state, 0)) + { + found++; + fp+=16; +-- +2.44.0 + diff --git a/biosdevname.spec b/biosdevname.spec index 44e83a8..52ee69e 100644 --- a/biosdevname.spec +++ b/biosdevname.spec @@ -1,6 +1,6 @@ Name: biosdevname Version: 0.7.3 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Udev helper for naming devices per BIOS names License: GPLv2 URL: http://linux.dell.com/files/%{name} @@ -19,6 +19,10 @@ BuildRequires: make Patch1: 0001-Disable-biosdevname-by-default.patch Patch2: 0002-Place-udev-rules-to-usr-lib.patch +Patch3: 0001-Prevent-infinite-recursion-in-dmidecode.c-smbios_set.patch +Patch4: 0001-Add-buffer-read-helper-using-read-explicitly.patch +Patch5: 0001-Read-DMI-entries-from-sys-firmware-dmi-tables-DMI.patch +Patch6: 0001-Add-SMBIOS-3.x-support.patch %description biosdevname in its simplest form takes a kernel device name as an @@ -29,7 +33,7 @@ name (e.g. eth0). %prep %setup -q -%autopatch +%autopatch -p1 %build autoreconf -fvi @@ -46,6 +50,9 @@ make install install-data DESTDIR=%{buildroot} %{_mandir}/man1/%{name}.1* %changelog +* Thu May 16 2024 Michal Sekletar - 0.7.3-10 +- Make sure biosdevname works on systems with enabled SecureBoot (RHEL-18300) + * Mon Aug 09 2021 Mohan Boddu - 0.7.3-9 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688