Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/libnbd.git#b5a71ab87ad8c2289fbd2364fae2fe7c2c3629b8
This commit is contained in:
DistroBaker 2021-03-19 14:45:29 +00:00
parent 17b6568d4f
commit bd814fcc34
9 changed files with 185 additions and 15 deletions

View File

@ -1,7 +1,7 @@
From 8b20bbd329c07941f3e4aa00e14c05ed27b25435 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 2 Mar 2021 22:20:49 +0000
Subject: [PATCH 1/5] copy: Stable sort in tests.
Subject: [PATCH 1/6] copy: Stable sort in tests.
When running the tests in Koji they behaved differently from running
locally (under a UTF-8 locale). This turned out to be a difference in

View File

@ -0,0 +1,39 @@
From 40308a005eaa6b2e8f98da8952d0c0cacc51efde Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Fri, 12 Mar 2021 17:00:58 -0600
Subject: [PATCH] security: Document assignment of CVE-2021-20286
Now that we finally have a CVE number, it's time to document
the problem (it's low severity, but still a denial of service).
Fixes: fb4440de9cc7 (opt_go: Tolerate unplanned server death)
---
docs/libnbd-security.pod | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/docs/libnbd-security.pod b/docs/libnbd-security.pod
index 876ef2f..3c994de 100644
--- a/docs/libnbd-security.pod
+++ b/docs/libnbd-security.pod
@@ -22,6 +22,12 @@ L<https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html>
See the full announcement here:
L<https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html>
+=head2 CVE-2021-20286
+denial of service when using L<nbd_set_opt_mode(3)>
+
+See the full announcement here:
+L<https://listman.redhat.com/archives/libguestfs/2021-March/msg00092.html>
+
=head1 SEE ALSO
L<libnbd(3)>.
@@ -34,4 +40,4 @@ Richard W.M. Jones
=head1 COPYRIGHT
-Copyright (C) 2019 Red Hat Inc.
+Copyright (C) 2019-2021 Red Hat Inc.
--
2.29.0.rc2

View File

@ -1,7 +1,7 @@
From bae7c41a5126c56da4ee77bce39955036fca8b5f Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Tue, 2 Mar 2021 16:31:39 -0600
Subject: [PATCH 2/5] copy: Nicer sort
Subject: [PATCH 2/6] copy: Nicer sort
Tell sort where the numbers live, so we can get columns in ascending
numeric order. Improves 8b20bbd329.

View File

@ -1,7 +1,7 @@
From 4e456ff6363580177ceffdad79b8fc1e8c7f35eb Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 3 Mar 2021 10:12:31 +0000
Subject: [PATCH 3/5] Revert "copy: file-ops.c: Remove unneeded check"
Subject: [PATCH 3/6] Revert "copy: file-ops.c: Remove unneeded check"
This reverts commit 0f6e4f38bc440fc52c20a3a448ef031f806ec5e2.

View File

@ -1,7 +1,7 @@
From 94a78764d80b6dc41ff2ae8a0e5f1b35c2fd8e78 Mon Sep 17 00:00:00 2001
From: Nir Soffer <nsoffer@redhat.com>
Date: Sat, 27 Feb 2021 05:36:38 +0200
Subject: [PATCH 4/5] copy: file-ops.c: Remove unneeded check
Subject: [PATCH 4/6] copy: file-ops.c: Remove unneeded check
This function is called only from page_cache_evict(), which already
check that we could map the cached pages. Add an assert to document this

View File

@ -1,7 +1,7 @@
From 107eb605cfb75238020332b5a5461d0e09d62bec Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 3 Mar 2021 12:51:51 +0100
Subject: [PATCH 5/5] copy/file-ops.c: Fix page eviction when len < page_size.
Subject: [PATCH 5/6] copy/file-ops.c: Fix page eviction when len < page_size.
On Fedora ppc64le at the moment page size is 64K. When asked to evict
a range with length < 64K the length calculation wrapped around and it

View File

@ -0,0 +1,119 @@
From 64962a582c00828cc2d26d94b149840ab2402165 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Thu, 4 Mar 2021 09:27:56 -0600
Subject: [PATCH 6/6] info: Let exit status reflect any failures during
NBD_OPT_INFO
It turns out that at least nbdkit's testsuite was relying on a
non-zero exit status from nbdinfo when purposefully attempting to get
info on an invalid export name. Printing as much information as
possible instead of going silent becaus of one error is good, but any
time we print to stderr, the exit status should reflect that.
Fixes: 5473e34fc1 (info: Don't kill --list early just because one opt_info fails)
Reported-by: Rich Jones <rjones@redhat.com>
---
info/nbdinfo.c | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/info/nbdinfo.c b/info/nbdinfo.c
index 4b18ab2..3dfc463 100644
--- a/info/nbdinfo.c
+++ b/info/nbdinfo.c
@@ -58,9 +58,9 @@ DEFINE_VECTOR_TYPE (uint32_vector, uint32_t)
static int collect_context (void *opaque, const char *name);
static int collect_export (void *opaque, const char *name,
const char *desc);
-static void list_one_export (struct nbd_handle *nbd, const char *desc,
+static bool list_one_export (struct nbd_handle *nbd, const char *desc,
bool first, bool last);
-static void list_all_exports (struct nbd_handle *nbd1, const char *uri);
+static bool list_all_exports (struct nbd_handle *nbd1, const char *uri);
static void print_json_string (const char *);
static char *get_content (struct nbd_handle *, int64_t size);
static int extent_callback (void *user_data, const char *metacontext,
@@ -124,6 +124,7 @@ main (int argc, char *argv[])
int tls_negotiated;
char *output = NULL;
size_t output_len = 0;
+ bool list_okay = true;
progname = argv[0];
@@ -336,9 +337,9 @@ main (int argc, char *argv[])
}
if (!list_all)
- list_one_export (nbd, NULL, true, true);
+ list_okay = list_one_export (nbd, NULL, true, true);
else
- list_all_exports (nbd, argv[optind]);
+ list_okay = list_all_exports (nbd, argv[optind]);
if (json_output)
fprintf (fp, "}\n");
@@ -365,7 +366,7 @@ main (int argc, char *argv[])
exit (EXIT_FAILURE);
}
- exit (EXIT_SUCCESS);
+ exit (list_okay ? EXIT_SUCCESS : EXIT_FAILURE);
}
static int
@@ -398,7 +399,7 @@ collect_export (void *opaque, const char *name, const char *desc)
return 0;
}
-static void
+static bool
list_one_export (struct nbd_handle *nbd, const char *desc,
bool first, bool last)
{
@@ -424,7 +425,7 @@ list_one_export (struct nbd_handle *nbd, const char *desc,
nbd_opt_go (nbd) == -1) {
fprintf (stderr, "%s: %s: %s\n", progname, nbd_get_export_name (nbd),
nbd_get_error ());
- return;
+ return false;
}
size = nbd_get_size (nbd);
if (size == -1) {
@@ -599,12 +600,14 @@ list_one_export (struct nbd_handle *nbd, const char *desc,
free (content);
free (export_name);
free (export_desc);
+ return true;
}
-static void
+static bool
list_all_exports (struct nbd_handle *nbd1, const char *uri)
{
size_t i;
+ bool list_okay = true;
if (export_list.size == 0 && json_output)
fprintf (fp, "\"exports\": []\n");
@@ -639,14 +642,16 @@ list_all_exports (struct nbd_handle *nbd1, const char *uri)
}
/* List the metadata of this export. */
- list_one_export (nbd2, export_list.ptr[i].desc, i == 0,
- i + 1 == export_list.size);
+ if (!list_one_export (nbd2, export_list.ptr[i].desc, i == 0,
+ i + 1 == export_list.size))
+ list_okay = false;
if (probe_content) {
nbd_shutdown (nbd2, 0);
nbd_close (nbd2);
}
}
+ return list_okay;
}
static void
--
2.29.0.rc2

View File

@ -8,7 +8,7 @@
%global source_directory 1.7-development
Name: libnbd
Version: 1.7.3
Version: 1.7.4
Release: 1%{?dist}
Summary: NBD client library in userspace
@ -25,13 +25,6 @@ Source2: libguestfs.keyring
# Maintainer script which helps with handling patches.
Source3: copy-patches.sh
# Upstream patches to fix tests.
Patch0001: 0001-copy-Stable-sort-in-tests.patch
Patch0002: 0002-copy-Nicer-sort.patch
Patch0003: 0003-Revert-copy-file-ops.c-Remove-unneeded-check.patch
Patch0004: 0004-copy-file-ops.c-Remove-unneeded-check.patch
Patch0005: 0005-copy-file-ops.c-Fix-page-eviction-when-len-page_size.patch
%if 0%{patches_touch_autotools}
BuildRequires: autoconf, automake, libtool
%endif
@ -222,6 +215,15 @@ touch interop/structured-read.sh
chmod +x interop/structured-read.sh
%endif
# interop/interop-qemu-storage-daemon.sh fails in RHEL 9 because of
# this bug in qemu:
# https://lists.nongnu.org/archive/html/qemu-devel/2021-03/threads.html#03544
%if 0%{?rhel}
rm interop/interop-qemu-storage-daemon.sh
touch interop/interop-qemu-storage-daemon.sh
chmod +x interop/interop-qemu-storage-daemon.sh
%endif
# All fuse tests fail in Koji with:
# fusermount: entry for fuse/test-*.d not found in /etc/mtab
# for unknown reasons but probably related to the Koji environment.
@ -308,6 +310,16 @@ make %{?_smp_mflags} check || {
%changelog
* Mon Mar 15 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.4-1
- New upstream development version 1.7.4.
* Mon Mar 15 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.3-3
- Update documentation for CVE-2021-20286.
- Workaround broken interop/interop-qemu-storage-daemon.sh test in RHEL 9.
* Thu Mar 4 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.3-2
- Add fix for nbdkit test suite.
* Tue Mar 2 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.3-1
- New upstream version 1.7.3.

View File

@ -1,2 +1,2 @@
SHA512 (libnbd-1.7.3.tar.gz) = 1d7a0e6a5797d1df2e40b5e211ccea78926e2df882423a557acbc3c040f1b4c3f782a4754340be64d1176f0fd3524b094b9266186e25a80668494c7f72e3ef13
SHA512 (libnbd-1.7.3.tar.gz.sig) = 0d693add7361b29dab7f744d24dce56518f64c0f3133847e685175d711e281c924850046a573d64d8354b5acd21bee34815163f7a8eb9f41266026435f1ba892
SHA512 (libnbd-1.7.4.tar.gz) = bf5174664b3950a6a81dc56393e51cd151ab6829206cc6289a149b371ab5ea85403c8501ee9d3ba14d16084fd9cdfaa4c35dcb4519cf6ce24d1713fadbc2dfb1
SHA512 (libnbd-1.7.4.tar.gz.sig) = d101df29237948ac6820ded33c10b80711ec24a5827fe4851904885382ef20b202537625dba301847be5bf22857655a2e3da36cc38e1202d546dc079a5121e19