Compare commits
No commits in common. "c8-stream-rhel" and "imports/c9/libnbd-1.10.5-1.el9" have entirely different histories.
c8-stream-
...
imports/c9
|
@ -1,2 +1,2 @@
|
||||||
SOURCES/libguestfs.keyring
|
SOURCES/libguestfs.keyring
|
||||||
SOURCES/libnbd-1.6.0.tar.gz
|
SOURCES/libnbd-1.10.5.tar.gz
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring
|
cc1b37b9cfafa515aab3eefd345ecc59aac2ce7b SOURCES/libguestfs.keyring
|
||||||
b14ac9349d324df71d26cf3de9fb606c56f18cb0 SOURCES/libnbd-1.6.0.tar.gz
|
ae15a534a451d34bfc13397b6ca7a7287cf2371a SOURCES/libnbd-1.10.5.tar.gz
|
||||||
|
|
|
@ -0,0 +1,469 @@
|
||||||
|
From c79706af4e7475bf58861a143b77b77a54e7a1cd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eric Blake <eblake@redhat.com>
|
||||||
|
Date: Wed, 9 Feb 2022 15:39:49 -0600
|
||||||
|
Subject: [PATCH] api: Add new API nbd_set_pread_initialize()
|
||||||
|
|
||||||
|
The recent patch series for CVE-2022-0485 demonstrated that when
|
||||||
|
applications using libnbd are not careful about error checking, the
|
||||||
|
difference on whether a data leak is at least sanitized (all zeroes,
|
||||||
|
partial reads, or data leftover from a prior read) vs. a dangerous
|
||||||
|
information leak (uninitialized data from the heap) was partly under
|
||||||
|
libnbd's control. The previous two patches changed libnbd to always
|
||||||
|
sanitize, as a security hardening technique that prevents heap leaks
|
||||||
|
no matter how buggy the client app is. But a blind memset() also adds
|
||||||
|
an execution delay, even if it doesn't show up as the hot spot in our
|
||||||
|
profiling when compared to the time spent with network traffic.
|
||||||
|
|
||||||
|
At any rate, if client apps choose to pre-initialize their buffers, or
|
||||||
|
otherwise audit their code to take on their own risk about not
|
||||||
|
dereferencing a buffer on failure paths, then the time spent by libnbd
|
||||||
|
doing memset() is wasted; so it is worth adding a knob to let a user
|
||||||
|
opt in to faster execution at the expense of giving up our memset()
|
||||||
|
hardening on their behalf.
|
||||||
|
|
||||||
|
In addition to adding two new APIs, this patch also causes changes to
|
||||||
|
the four existing APIs nbd_{aio_,}pread{,_structured}, with those
|
||||||
|
generated lib/api.c changes looking like:
|
||||||
|
|
||||||
|
| --- lib/api.c.bak 2022-02-10 08:17:09.973381979 -0600
|
||||||
|
| +++ lib/api.c 2022-02-10 08:22:27.503428024 -0600
|
||||||
|
| @@ -2871,7 +2914,8 @@ nbd_pread (struct nbd_handle *h, void *b
|
||||||
|
| debug (h, "enter: buf=<buf> count=%zu offset=%" PRIu64 " flags=0x%x", count, offset, flags);
|
||||||
|
| }
|
||||||
|
|
|
||||||
|
| - memset (buf, 0, count);
|
||||||
|
| + if (h->pread_initialize)
|
||||||
|
| + memset (buf, 0, count);
|
||||||
|
| if (unlikely (!pread_in_permitted_state (h))) {
|
||||||
|
| ret = -1;
|
||||||
|
| goto out;
|
||||||
|
|
||||||
|
Message-Id: <20220209220726.1902761-4-eblake@redhat.com>
|
||||||
|
Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
[eblake: enhance commit message to show generated file diff, mention CVE
|
||||||
|
in doc text]
|
||||||
|
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
|
||||||
|
|
||||||
|
(cherry picked from commit e0953cb71250947bb97b25e34ff1ea34bd504bf3)
|
||||||
|
---
|
||||||
|
generator/API.ml | 90 ++++++++++++++++---
|
||||||
|
generator/C.ml | 3 +-
|
||||||
|
.../libnbd/libnbd_110_defaults_test.go | 10 ++-
|
||||||
|
.../libnbd_120_set_non_defaults_test.go | 12 +++
|
||||||
|
lib/handle.c | 17 +++-
|
||||||
|
lib/internal.h | 5 +-
|
||||||
|
ocaml/tests/test_110_defaults.ml | 4 +-
|
||||||
|
ocaml/tests/test_120_set_non_defaults.ml | 5 +-
|
||||||
|
python/t/110-defaults.py | 3 +-
|
||||||
|
python/t/120-set-non-defaults.py | 4 +-
|
||||||
|
tests/errors.c | 25 +++++-
|
||||||
|
11 files changed, 156 insertions(+), 22 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/generator/API.ml b/generator/API.ml
|
||||||
|
index d8df7c8..00ab34f 100644
|
||||||
|
--- a/generator/API.ml
|
||||||
|
+++ b/generator/API.ml
|
||||||
|
@@ -778,6 +778,49 @@ the time of compilation.";
|
||||||
|
Link "aio_is_created"; Link "aio_is_ready"];
|
||||||
|
};
|
||||||
|
|
||||||
|
+ "set_pread_initialize", {
|
||||||
|
+ default_call with
|
||||||
|
+ args = [Bool "request"]; ret = RErr;
|
||||||
|
+ shortdesc = "control whether libnbd pre-initializes read buffers";
|
||||||
|
+ longdesc = "\
|
||||||
|
+By default, libnbd will pre-initialize the contents of a buffer
|
||||||
|
+passed to calls such as L<nbd_pread(3)> to all zeroes prior to
|
||||||
|
+checking for any other errors, so that even if a client application
|
||||||
|
+passed in an uninitialized buffer but fails to check for errors, it
|
||||||
|
+will not result in a potential security risk caused by an accidental
|
||||||
|
+leak of prior heap contents (see CVE-2022-0485 in
|
||||||
|
+L<libnbd-security(3)> for an example of a security hole in an
|
||||||
|
+application built against an earlier version of libnbd that lacked
|
||||||
|
+consistent pre-initialization). However, for a client application
|
||||||
|
+that has audited that an uninitialized buffer is never dereferenced,
|
||||||
|
+or which performs its own pre-initialization, libnbd's sanitization
|
||||||
|
+efforts merely pessimize performance (although the time spent in
|
||||||
|
+pre-initialization may pale in comparison to time spent waiting on
|
||||||
|
+network packets).
|
||||||
|
+
|
||||||
|
+Calling this function with C<request> set to false tells libnbd to
|
||||||
|
+skip the buffer initialization step in read commands.";
|
||||||
|
+ see_also = [Link "get_pread_initialize";
|
||||||
|
+ Link "set_strict_mode";
|
||||||
|
+ Link "pread"; Link "pread_structured"; Link "aio_pread";
|
||||||
|
+ Link "aio_pread_structured"];
|
||||||
|
+ };
|
||||||
|
+
|
||||||
|
+ "get_pread_initialize", {
|
||||||
|
+ default_call with
|
||||||
|
+ args = []; ret = RBool;
|
||||||
|
+ may_set_error = false;
|
||||||
|
+ shortdesc = "see whether libnbd pre-initializes read buffers";
|
||||||
|
+ longdesc = "\
|
||||||
|
+Return whether libnbd performs a pre-initialization of a buffer passed
|
||||||
|
+to L<nbd_pread(3)> and similar to all zeroes, as set by
|
||||||
|
+L<nbd_set_pread_initialize(3)>.";
|
||||||
|
+ see_also = [Link "set_pread_initialize";
|
||||||
|
+ Link "set_strict_mode";
|
||||||
|
+ Link "pread"; Link "pread_structured"; Link "aio_pread";
|
||||||
|
+ Link "aio_pread_structured"];
|
||||||
|
+ };
|
||||||
|
+
|
||||||
|
"set_strict_mode", {
|
||||||
|
default_call with
|
||||||
|
args = [ Flags ("flags", strict_flags) ]; ret = RErr;
|
||||||
|
@@ -1825,11 +1868,16 @@ C<LIBNBD_CMD_FLAG_DF>.
|
||||||
|
The C<flags> parameter must be C<0> for now (it exists for future NBD
|
||||||
|
protocol extensions).
|
||||||
|
|
||||||
|
-Note that if this command fails, it is unspecified whether the contents
|
||||||
|
-of C<buf> will read as zero or as partial results from the server."
|
||||||
|
+Note that if this command fails, and L<nbd_get_pread_initialize(3)>
|
||||||
|
+returns true, then libnbd sanitized C<buf>, but it is unspecified
|
||||||
|
+whether the contents of C<buf> will read as zero or as partial results
|
||||||
|
+from the server. If L<nbd_get_pread_initialize(3)> returns false,
|
||||||
|
+then libnbd did not sanitize C<buf>, and the contents are undefined
|
||||||
|
+on failure."
|
||||||
|
^ strict_call_description;
|
||||||
|
see_also = [Link "aio_pread"; Link "pread_structured";
|
||||||
|
- Link "get_block_size"; Link "set_strict_mode"];
|
||||||
|
+ Link "get_block_size"; Link "set_strict_mode";
|
||||||
|
+ Link "set_pread_initialize"];
|
||||||
|
example = Some "examples/fetch-first-sector.c";
|
||||||
|
};
|
||||||
|
|
||||||
|
@@ -1907,12 +1955,16 @@ more than one fragment (if that is supported - some servers cannot do
|
||||||
|
this, see L<nbd_can_df(3)>). Libnbd does not validate that the server
|
||||||
|
actually obeys the flag.
|
||||||
|
|
||||||
|
-Note that if this command fails, it is unspecified whether the contents
|
||||||
|
-of C<buf> will read as zero or as partial results from the server."
|
||||||
|
+Note that if this command fails, and L<nbd_get_pread_initialize(3)>
|
||||||
|
+returns true, then libnbd sanitized C<buf>, but it is unspecified
|
||||||
|
+whether the contents of C<buf> will read as zero or as partial results
|
||||||
|
+from the server. If L<nbd_get_pread_initialize(3)> returns false,
|
||||||
|
+then libnbd did not sanitize C<buf>, and the contents are undefined
|
||||||
|
+on failure."
|
||||||
|
^ strict_call_description;
|
||||||
|
see_also = [Link "can_df"; Link "pread";
|
||||||
|
Link "aio_pread_structured"; Link "get_block_size";
|
||||||
|
- Link "set_strict_mode"];
|
||||||
|
+ Link "set_strict_mode"; Link "set_pread_initialize"];
|
||||||
|
};
|
||||||
|
|
||||||
|
"pwrite", {
|
||||||
|
@@ -2420,14 +2472,19 @@ as described in L<libnbd(3)/Completion callbacks>.
|
||||||
|
Note that you must ensure C<buf> is valid until the command has
|
||||||
|
completed. Furthermore, if the C<error> parameter to
|
||||||
|
C<completion_callback> is set or if L<nbd_aio_command_completed(3)>
|
||||||
|
-reports failure, it is unspecified whether the contents
|
||||||
|
-of C<buf> will read as zero or as partial results from the server.
|
||||||
|
+reports failure, and if L<nbd_get_pread_initialize(3)> returns true,
|
||||||
|
+then libnbd sanitized C<buf>, but it is unspecified whether the
|
||||||
|
+contents of C<buf> will read as zero or as partial results from the
|
||||||
|
+server. If L<nbd_get_pread_initialize(3)> returns false, then
|
||||||
|
+libnbd did not sanitize C<buf>, and the contents are undefined
|
||||||
|
+on failure.
|
||||||
|
+
|
||||||
|
Other parameters behave as documented in L<nbd_pread(3)>."
|
||||||
|
^ strict_call_description;
|
||||||
|
example = Some "examples/aio-connect-read.c";
|
||||||
|
see_also = [SectionLink "Issuing asynchronous commands";
|
||||||
|
Link "aio_pread_structured"; Link "pread";
|
||||||
|
- Link "set_strict_mode"];
|
||||||
|
+ Link "set_strict_mode"; Link "set_pread_initialize"];
|
||||||
|
};
|
||||||
|
|
||||||
|
"aio_pread_structured", {
|
||||||
|
@@ -2449,13 +2506,18 @@ as described in L<libnbd(3)/Completion callbacks>.
|
||||||
|
Note that you must ensure C<buf> is valid until the command has
|
||||||
|
completed. Furthermore, if the C<error> parameter to
|
||||||
|
C<completion_callback> is set or if L<nbd_aio_command_completed(3)>
|
||||||
|
-reports failure, it is unspecified whether the contents
|
||||||
|
-of C<buf> will read as zero or as partial results from the server.
|
||||||
|
+reports failure, and if L<nbd_get_pread_initialize(3)> returns true,
|
||||||
|
+then libnbd sanitized C<buf>, but it is unspecified whether the
|
||||||
|
+contents of C<buf> will read as zero or as partial results from the
|
||||||
|
+server. If L<nbd_get_pread_initialize(3)> returns false, then
|
||||||
|
+libnbd did not sanitize C<buf>, and the contents are undefined
|
||||||
|
+on failure.
|
||||||
|
+
|
||||||
|
Other parameters behave as documented in L<nbd_pread_structured(3)>."
|
||||||
|
^ strict_call_description;
|
||||||
|
see_also = [SectionLink "Issuing asynchronous commands";
|
||||||
|
Link "aio_pread"; Link "pread_structured";
|
||||||
|
- Link "set_strict_mode"];
|
||||||
|
+ Link "set_strict_mode"; Link "set_pread_initialize"];
|
||||||
|
};
|
||||||
|
|
||||||
|
"aio_pwrite", {
|
||||||
|
@@ -3093,6 +3155,10 @@ let first_version = [
|
||||||
|
"get_private_data", (1, 8);
|
||||||
|
"get_uri", (1, 8);
|
||||||
|
|
||||||
|
+ (* Added in 1.11.x development cycle, will be stable and supported in 1.12. *)
|
||||||
|
+ "set_pread_initialize", (1, 12);
|
||||||
|
+ "get_pread_initialize", (1, 12);
|
||||||
|
+
|
||||||
|
(* These calls are proposed for a future version of libnbd, but
|
||||||
|
* have not been added to any released version so far.
|
||||||
|
"get_tls_certificates", (1, ??);
|
||||||
|
diff --git a/generator/C.ml b/generator/C.ml
|
||||||
|
index 4a5bb58..2b6198c 100644
|
||||||
|
--- a/generator/C.ml
|
||||||
|
+++ b/generator/C.ml
|
||||||
|
@@ -496,7 +496,8 @@ let generate_lib_api_c () =
|
||||||
|
function
|
||||||
|
| BytesOut (n, count)
|
||||||
|
| BytesPersistOut (n, count) ->
|
||||||
|
- pr " memset (%s, 0, %s);\n" n count
|
||||||
|
+ pr " if (h->pread_initialize)\n";
|
||||||
|
+ pr " memset (%s, 0, %s);\n" n count
|
||||||
|
| _ -> ()
|
||||||
|
) args;
|
||||||
|
|
||||||
|
diff --git a/golang/src/libguestfs.org/libnbd/libnbd_110_defaults_test.go b/golang/src/libguestfs.org/libnbd/libnbd_110_defaults_test.go
|
||||||
|
index b3ceb45..ca7c1c4 100644
|
||||||
|
--- a/golang/src/libguestfs.org/libnbd/libnbd_110_defaults_test.go
|
||||||
|
+++ b/golang/src/libguestfs.org/libnbd/libnbd_110_defaults_test.go
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
/* libnbd golang tests
|
||||||
|
- * Copyright (C) 2013-2021 Red Hat Inc.
|
||||||
|
+ * Copyright (C) 2013-2022 Red Hat Inc.
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@@ -59,6 +59,14 @@ func Test110Defaults(t *testing.T) {
|
||||||
|
t.Fatalf("unexpected structured replies state")
|
||||||
|
}
|
||||||
|
|
||||||
|
+ init, err := h.GetPreadInitialize()
|
||||||
|
+ if err != nil {
|
||||||
|
+ t.Fatalf("could not get pread initialize state: %s", err)
|
||||||
|
+ }
|
||||||
|
+ if init != true {
|
||||||
|
+ t.Fatalf("unexpected pread initialize state")
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
flags, err := h.GetHandshakeFlags()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("could not get handshake flags: %s", err)
|
||||||
|
diff --git a/golang/src/libguestfs.org/libnbd/libnbd_120_set_non_defaults_test.go b/golang/src/libguestfs.org/libnbd/libnbd_120_set_non_defaults_test.go
|
||||||
|
index f112456..029f0db 100644
|
||||||
|
--- a/golang/src/libguestfs.org/libnbd/libnbd_120_set_non_defaults_test.go
|
||||||
|
+++ b/golang/src/libguestfs.org/libnbd/libnbd_120_set_non_defaults_test.go
|
||||||
|
@@ -93,6 +93,18 @@ func Test120SetNonDefaults(t *testing.T) {
|
||||||
|
t.Fatalf("unexpected structured replies state")
|
||||||
|
}
|
||||||
|
|
||||||
|
+ err = h.SetPreadInitialize(false)
|
||||||
|
+ if err != nil {
|
||||||
|
+ t.Fatalf("could not set pread initialize state: %s", err)
|
||||||
|
+ }
|
||||||
|
+ init, err := h.GetPreadInitialize()
|
||||||
|
+ if err != nil {
|
||||||
|
+ t.Fatalf("could not get pread initialize state: %s", err)
|
||||||
|
+ }
|
||||||
|
+ if init != false {
|
||||||
|
+ t.Fatalf("unexpected pread initialize state")
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
err = h.SetHandshakeFlags(HANDSHAKE_FLAG_MASK + 1)
|
||||||
|
if err == nil {
|
||||||
|
t.Fatalf("expect failure for out-of-range flags")
|
||||||
|
diff --git a/lib/handle.c b/lib/handle.c
|
||||||
|
index 67aa875..ac6c16e 100644
|
||||||
|
--- a/lib/handle.c
|
||||||
|
+++ b/lib/handle.c
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
/* NBD client library in userspace
|
||||||
|
- * Copyright (C) 2013-2020 Red Hat Inc.
|
||||||
|
+ * Copyright (C) 2013-2022 Red Hat Inc.
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@@ -64,6 +64,7 @@ nbd_create (void)
|
||||||
|
h->unique = 1;
|
||||||
|
h->tls_verify_peer = true;
|
||||||
|
h->request_sr = true;
|
||||||
|
+ h->pread_initialize = true;
|
||||||
|
|
||||||
|
h->uri_allow_transports = LIBNBD_ALLOW_TRANSPORT_MASK;
|
||||||
|
h->uri_allow_tls = LIBNBD_TLS_ALLOW;
|
||||||
|
@@ -393,6 +394,20 @@ nbd_unlocked_get_handshake_flags (struct nbd_handle *h)
|
||||||
|
return h->gflags;
|
||||||
|
}
|
||||||
|
|
||||||
|
+int
|
||||||
|
+nbd_unlocked_set_pread_initialize (struct nbd_handle *h, bool request)
|
||||||
|
+{
|
||||||
|
+ h->pread_initialize = request;
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/* NB: may_set_error = false. */
|
||||||
|
+int
|
||||||
|
+nbd_unlocked_get_pread_initialize (struct nbd_handle *h)
|
||||||
|
+{
|
||||||
|
+ return h->pread_initialize;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
int
|
||||||
|
nbd_unlocked_set_strict_mode (struct nbd_handle *h, uint32_t flags)
|
||||||
|
{
|
||||||
|
diff --git a/lib/internal.h b/lib/internal.h
|
||||||
|
index 0e205ab..525499a 100644
|
||||||
|
--- a/lib/internal.h
|
||||||
|
+++ b/lib/internal.h
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
/* nbd client library in userspace: internal definitions
|
||||||
|
- * Copyright (C) 2013-2020 Red Hat Inc.
|
||||||
|
+ * Copyright (C) 2013-2022 Red Hat Inc.
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@@ -123,6 +123,9 @@ struct nbd_handle {
|
||||||
|
/* Full info mode. */
|
||||||
|
bool full_info;
|
||||||
|
|
||||||
|
+ /* Sanitization for pread. */
|
||||||
|
+ bool pread_initialize;
|
||||||
|
+
|
||||||
|
/* Global flags from the server. */
|
||||||
|
uint16_t gflags;
|
||||||
|
|
||||||
|
diff --git a/ocaml/tests/test_110_defaults.ml b/ocaml/tests/test_110_defaults.ml
|
||||||
|
index b36949f..04aa744 100644
|
||||||
|
--- a/ocaml/tests/test_110_defaults.ml
|
||||||
|
+++ b/ocaml/tests/test_110_defaults.ml
|
||||||
|
@@ -1,6 +1,6 @@
|
||||||
|
(* hey emacs, this is OCaml code: -*- tuareg -*- *)
|
||||||
|
(* libnbd OCaml test case
|
||||||
|
- * Copyright (C) 2013-2020 Red Hat Inc.
|
||||||
|
+ * Copyright (C) 2013-2022 Red Hat Inc.
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@@ -28,6 +28,8 @@ let () =
|
||||||
|
assert (tls = NBD.TLS.DISABLE);
|
||||||
|
let sr = NBD.get_request_structured_replies nbd in
|
||||||
|
assert (sr = true);
|
||||||
|
+ let init = NBD.get_pread_initialize nbd in
|
||||||
|
+ assert (init = true);
|
||||||
|
let flags = NBD.get_handshake_flags nbd in
|
||||||
|
assert (flags = NBD.HANDSHAKE_FLAG.mask);
|
||||||
|
let opt = NBD.get_opt_mode nbd in
|
||||||
|
diff --git a/ocaml/tests/test_120_set_non_defaults.ml b/ocaml/tests/test_120_set_non_defaults.ml
|
||||||
|
index 67928bb..f949807 100644
|
||||||
|
--- a/ocaml/tests/test_120_set_non_defaults.ml
|
||||||
|
+++ b/ocaml/tests/test_120_set_non_defaults.ml
|
||||||
|
@@ -1,6 +1,6 @@
|
||||||
|
(* hey emacs, this is OCaml code: -*- tuareg -*- *)
|
||||||
|
(* libnbd OCaml test case
|
||||||
|
- * Copyright (C) 2013-2020 Red Hat Inc.
|
||||||
|
+ * Copyright (C) 2013-2022 Red Hat Inc.
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@@ -42,6 +42,9 @@ let () =
|
||||||
|
NBD.set_request_structured_replies nbd false;
|
||||||
|
let sr = NBD.get_request_structured_replies nbd in
|
||||||
|
assert (sr = false);
|
||||||
|
+ NBD.set_pread_initialize nbd false;
|
||||||
|
+ let init = NBD.get_pread_initialize nbd in
|
||||||
|
+ assert (init = false);
|
||||||
|
(try
|
||||||
|
NBD.set_handshake_flags nbd [ NBD.HANDSHAKE_FLAG.UNKNOWN 2 ];
|
||||||
|
assert false
|
||||||
|
diff --git a/python/t/110-defaults.py b/python/t/110-defaults.py
|
||||||
|
index fb961cf..a4262da 100644
|
||||||
|
--- a/python/t/110-defaults.py
|
||||||
|
+++ b/python/t/110-defaults.py
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
# libnbd Python bindings
|
||||||
|
-# Copyright (C) 2010-2020 Red Hat Inc.
|
||||||
|
+# Copyright (C) 2010-2022 Red Hat Inc.
|
||||||
|
#
|
||||||
|
# This program is free software; you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
@@ -22,5 +22,6 @@ assert h.get_export_name() == ""
|
||||||
|
assert h.get_full_info() is False
|
||||||
|
assert h.get_tls() == nbd.TLS_DISABLE
|
||||||
|
assert h.get_request_structured_replies() is True
|
||||||
|
+assert h.get_pread_initialize() is True
|
||||||
|
assert h.get_handshake_flags() == nbd.HANDSHAKE_FLAG_MASK
|
||||||
|
assert h.get_opt_mode() is False
|
||||||
|
diff --git a/python/t/120-set-non-defaults.py b/python/t/120-set-non-defaults.py
|
||||||
|
index 3da0c23..e71c6ad 100644
|
||||||
|
--- a/python/t/120-set-non-defaults.py
|
||||||
|
+++ b/python/t/120-set-non-defaults.py
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
# libnbd Python bindings
|
||||||
|
-# Copyright (C) 2010-2020 Red Hat Inc.
|
||||||
|
+# Copyright (C) 2010-2022 Red Hat Inc.
|
||||||
|
#
|
||||||
|
# This program is free software; you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
@@ -33,6 +33,8 @@ if h.supports_tls():
|
||||||
|
assert h.get_tls() == nbd.TLS_ALLOW
|
||||||
|
h.set_request_structured_replies(False)
|
||||||
|
assert h.get_request_structured_replies() is False
|
||||||
|
+h.set_pread_initialize(False)
|
||||||
|
+assert h.get_pread_initialize() is False
|
||||||
|
try:
|
||||||
|
h.set_handshake_flags(nbd.HANDSHAKE_FLAG_MASK + 1)
|
||||||
|
assert False
|
||||||
|
diff --git a/tests/errors.c b/tests/errors.c
|
||||||
|
index f597b7e..0298da8 100644
|
||||||
|
--- a/tests/errors.c
|
||||||
|
+++ b/tests/errors.c
|
||||||
|
@@ -213,7 +213,15 @@ main (int argc, char *argv[])
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
- /* Issue a connected command when not connected. */
|
||||||
|
+ /* Issue a connected command when not connected. pread_initialize defaults
|
||||||
|
+ * to set.
|
||||||
|
+ */
|
||||||
|
+ if (nbd_get_pread_initialize (nbd) != 1) {
|
||||||
|
+ fprintf (stderr, "%s: test failed: "
|
||||||
|
+ "nbd_get_pread_initialize gave unexpected result\n",
|
||||||
|
+ argv[0]);
|
||||||
|
+ exit (EXIT_FAILURE);
|
||||||
|
+ }
|
||||||
|
buf[0] = '1';
|
||||||
|
if (nbd_pread (nbd, buf, 512, 0, 0) != -1) {
|
||||||
|
fprintf (stderr, "%s: test failed: "
|
||||||
|
@@ -294,7 +302,14 @@ main (int argc, char *argv[])
|
||||||
|
}
|
||||||
|
check (EINVAL, "nbd_aio_command_completed: ");
|
||||||
|
|
||||||
|
- /* Read from an invalid offset, client-side */
|
||||||
|
+ /* Read from an invalid offset, client-side. When pread_initialize is off,
|
||||||
|
+ * libnbd should not have touched our buffer.
|
||||||
|
+ */
|
||||||
|
+ if (nbd_set_pread_initialize (nbd, false) == -1) {
|
||||||
|
+ fprintf (stderr, "%s\n", nbd_get_error ());
|
||||||
|
+ exit (EXIT_FAILURE);
|
||||||
|
+ }
|
||||||
|
+ buf[0] = '1';
|
||||||
|
strict = nbd_get_strict_mode (nbd) | LIBNBD_STRICT_BOUNDS;
|
||||||
|
if (nbd_set_strict_mode (nbd, strict) == -1) {
|
||||||
|
fprintf (stderr, "%s\n", nbd_get_error ());
|
||||||
|
@@ -307,6 +322,12 @@ main (int argc, char *argv[])
|
||||||
|
exit (EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
check (EINVAL, "nbd_aio_pread: ");
|
||||||
|
+ if (buf[0] != '1') {
|
||||||
|
+ fprintf (stderr, "%s: test failed: "
|
||||||
|
+ "nbd_pread incorrectly sanitized buffer on client-side error\n",
|
||||||
|
+ argv[0]);
|
||||||
|
+ exit (EXIT_FAILURE);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/* We guarantee callbacks will be freed even on all error paths. */
|
||||||
|
if (nbd_aio_pread_structured (nbd, buf, 512, -1,
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
|
@ -1,30 +0,0 @@
|
||||||
From 486799e853aa9df034366303230a1785087a507a Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
||||||
Date: Fri, 8 Jan 2021 12:14:18 +0000
|
|
||||||
Subject: [PATCH] copy/copy-nbd-to-sparse-file.sh: Skip test unless nbdkit
|
|
||||||
available.
|
|
||||||
|
|
||||||
This test used nbdkit without checking it is available, which broke
|
|
||||||
the test on RHEL 8 i686.
|
|
||||||
|
|
||||||
Fixes: commit 28fe8d9d8d1ecb491070d20f22e2f34bb147f19f
|
|
||||||
(cherry picked from commit 781cb44b63a87f2d5f40590ab8c446ad2e7b6702)
|
|
||||||
---
|
|
||||||
copy/copy-nbd-to-sparse-file.sh | 1 +
|
|
||||||
1 file changed, 1 insertion(+)
|
|
||||||
|
|
||||||
diff --git a/copy/copy-nbd-to-sparse-file.sh b/copy/copy-nbd-to-sparse-file.sh
|
|
||||||
index aa2cb1b..47ff09a 100755
|
|
||||||
--- a/copy/copy-nbd-to-sparse-file.sh
|
|
||||||
+++ b/copy/copy-nbd-to-sparse-file.sh
|
|
||||||
@@ -24,6 +24,7 @@ set -x
|
|
||||||
requires cmp --version
|
|
||||||
requires dd --version
|
|
||||||
requires dd oflag=seek_bytes </dev/null
|
|
||||||
+requires nbdkit --version
|
|
||||||
requires test -r /dev/urandom
|
|
||||||
requires test -r /dev/zero
|
|
||||||
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
|
@ -1,57 +0,0 @@
|
||||||
From 5dc2d2261224c9533d2b5ec4df6ed822de4cfc3b Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
||||||
Date: Thu, 4 Feb 2021 17:57:06 +0000
|
|
||||||
Subject: [PATCH] generator: Refactor CONNECT.START state.
|
|
||||||
|
|
||||||
Small, neutral refactoring to the CONNECT.START to make the subsequent
|
|
||||||
commit easier.
|
|
||||||
|
|
||||||
(cherry picked from commit cd231fd94bbfaacdd9b89e7d355ba2bbc83c2aeb)
|
|
||||||
---
|
|
||||||
generator/states-connect.c | 21 ++++++++++-----------
|
|
||||||
1 file changed, 10 insertions(+), 11 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/generator/states-connect.c b/generator/states-connect.c
|
|
||||||
index 392879d..03b34c7 100644
|
|
||||||
--- a/generator/states-connect.c
|
|
||||||
+++ b/generator/states-connect.c
|
|
||||||
@@ -47,11 +47,12 @@ disable_nagle (int sock)
|
|
||||||
|
|
||||||
STATE_MACHINE {
|
|
||||||
CONNECT.START:
|
|
||||||
- int fd;
|
|
||||||
+ sa_family_t family;
|
|
||||||
+ int fd, r;
|
|
||||||
|
|
||||||
assert (!h->sock);
|
|
||||||
- fd = socket (h->connaddr.ss_family,
|
|
||||||
- SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0);
|
|
||||||
+ family = h->connaddr.ss_family;
|
|
||||||
+ fd = socket (family, SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0);
|
|
||||||
if (fd == -1) {
|
|
||||||
SET_NEXT_STATE (%.DEAD);
|
|
||||||
set_error (errno, "socket");
|
|
||||||
@@ -65,14 +66,12 @@ STATE_MACHINE {
|
|
||||||
|
|
||||||
disable_nagle (fd);
|
|
||||||
|
|
||||||
- if (connect (fd, (struct sockaddr *) &h->connaddr,
|
|
||||||
- h->connaddrlen) == -1) {
|
|
||||||
- if (errno != EINPROGRESS) {
|
|
||||||
- SET_NEXT_STATE (%.DEAD);
|
|
||||||
- set_error (errno, "connect");
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
+ r = connect (fd, (struct sockaddr *) &h->connaddr, h->connaddrlen);
|
|
||||||
+ if (r == 0 || (r == -1 && errno == EINPROGRESS))
|
|
||||||
+ return 0;
|
|
||||||
+ assert (r == -1);
|
|
||||||
+ SET_NEXT_STATE (%.DEAD);
|
|
||||||
+ set_error (errno, "connect");
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
CONNECT.CONNECTING:
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
|
@ -1,48 +0,0 @@
|
||||||
From f094472efcf34cea8bf1f02a1c5c9442ffc4ca53 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
||||||
Date: Thu, 4 Feb 2021 18:02:46 +0000
|
|
||||||
Subject: [PATCH] generator: Print a better error message if connect(2) returns
|
|
||||||
EAGAIN.
|
|
||||||
|
|
||||||
The new error message is:
|
|
||||||
|
|
||||||
nbd_connect_unix: connect: server backlog overflowed, see https://bugzilla.redhat.com/1925045: Resource temporarily unavailable
|
|
||||||
|
|
||||||
Fixes: https://bugzilla.redhat.com/1925045
|
|
||||||
Thanks: Xin Long, Lukas Doktor, Eric Blake
|
|
||||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
|
||||||
(cherry picked from commit 85ed74960a658a82d7b61b0be07f43d1b2dcede9)
|
|
||||||
---
|
|
||||||
generator/states-connect.c | 16 ++++++++++++++++
|
|
||||||
1 file changed, 16 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/generator/states-connect.c b/generator/states-connect.c
|
|
||||||
index 03b34c7..98c26e5 100644
|
|
||||||
--- a/generator/states-connect.c
|
|
||||||
+++ b/generator/states-connect.c
|
|
||||||
@@ -70,6 +70,22 @@ STATE_MACHINE {
|
|
||||||
if (r == 0 || (r == -1 && errno == EINPROGRESS))
|
|
||||||
return 0;
|
|
||||||
assert (r == -1);
|
|
||||||
+#ifdef __linux__
|
|
||||||
+ if (errno == EAGAIN && family == AF_UNIX) {
|
|
||||||
+ /* This can happen on Linux when connecting to a Unix domain
|
|
||||||
+ * socket, if the server's backlog is full. Unfortunately there
|
|
||||||
+ * is nothing good we can do on the client side when this happens
|
|
||||||
+ * since any solution would involve sleeping or busy-waiting. The
|
|
||||||
+ * only solution is on the server side, increasing the backlog.
|
|
||||||
+ * But at least improve the error message.
|
|
||||||
+ * https://bugzilla.redhat.com/1925045
|
|
||||||
+ */
|
|
||||||
+ SET_NEXT_STATE (%.DEAD);
|
|
||||||
+ set_error (errno, "connect: server backlog overflowed, "
|
|
||||||
+ "see https://bugzilla.redhat.com/1925045");
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
SET_NEXT_STATE (%.DEAD);
|
|
||||||
set_error (errno, "connect");
|
|
||||||
return 0;
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
|
@ -1,59 +0,0 @@
|
||||||
From ffe8f0a994c1f2656aa011353b386663d32db69e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eric Blake <eblake@redhat.com>
|
|
||||||
Date: Mon, 1 Mar 2021 15:25:31 -0600
|
|
||||||
Subject: [PATCH] opt_go: Tolerate unplanned server death
|
|
||||||
|
|
||||||
While debugging some experimental nbdkit code that was triggering an
|
|
||||||
assertion failure in nbdkit, I noticed a secondary failure of nbdsh
|
|
||||||
also dying from an assertion:
|
|
||||||
|
|
||||||
libnbd: debug: nbdsh: nbd_opt_go: transition: NEWSTYLE.OPT_GO.SEND -> DEAD
|
|
||||||
libnbd: debug: nbdsh: nbd_opt_go: option queued, ignoring state machine failure
|
|
||||||
nbdsh: opt.c:86: nbd_unlocked_opt_go: Assertion `nbd_internal_is_state_negotiating (get_next_state (h))' failed.
|
|
||||||
|
|
||||||
Although my trigger was from non-production nbdkit code, libnbd should
|
|
||||||
never die from an assertion failure merely because a server
|
|
||||||
disappeared at the wrong moment during an incomplete reply to
|
|
||||||
NBD_OPT_GO or NBD_OPT_INFO. If this is assigned a CVE, a followup
|
|
||||||
patch will add mention of it in docs/libnbd-security.pod.
|
|
||||||
|
|
||||||
Fixes: bbf1c51392 (api: Give aio_opt_go a completion callback)
|
|
||||||
(cherry picked from commit fb4440de9cc76e9c14bd3ddf3333e78621f40ad0)
|
|
||||||
---
|
|
||||||
lib/opt.c | 8 +++++---
|
|
||||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/lib/opt.c b/lib/opt.c
|
|
||||||
index 2317b72..e5802f4 100644
|
|
||||||
--- a/lib/opt.c
|
|
||||||
+++ b/lib/opt.c
|
|
||||||
@@ -1,5 +1,5 @@
|
|
||||||
/* NBD client library in userspace
|
|
||||||
- * Copyright (C) 2020 Red Hat Inc.
|
|
||||||
+ * Copyright (C) 2020-2021 Red Hat Inc.
|
|
||||||
*
|
|
||||||
* This library is free software; you can redistribute it and/or
|
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
|
||||||
@@ -83,7 +83,8 @@ nbd_unlocked_opt_go (struct nbd_handle *h)
|
|
||||||
|
|
||||||
r = wait_for_option (h);
|
|
||||||
if (r == 0 && err) {
|
|
||||||
- assert (nbd_internal_is_state_negotiating (get_next_state (h)));
|
|
||||||
+ assert (nbd_internal_is_state_negotiating (get_next_state (h)) ||
|
|
||||||
+ nbd_internal_is_state_dead (get_next_state (h)));
|
|
||||||
set_error (err, "server replied with error to opt_go request");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
@@ -105,7 +106,8 @@ nbd_unlocked_opt_info (struct nbd_handle *h)
|
|
||||||
|
|
||||||
r = wait_for_option (h);
|
|
||||||
if (r == 0 && err) {
|
|
||||||
- assert (nbd_internal_is_state_negotiating (get_next_state (h)));
|
|
||||||
+ assert (nbd_internal_is_state_negotiating (get_next_state (h)) ||
|
|
||||||
+ nbd_internal_is_state_dead (get_next_state (h)));
|
|
||||||
set_error (err, "server replied with error to opt_info request");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
From 171ffdde8be590f784086a021a7e6f36c4ecdb4b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eric Blake <eblake@redhat.com>
|
|
||||||
Date: Fri, 12 Mar 2021 17:00:58 -0600
|
|
||||||
Subject: [PATCH] security: Document assignment of CVE-2021-20286
|
|
||||||
|
|
||||||
Now that we finally have a CVE number, it's time to document
|
|
||||||
the problem (it's low severity, but still a denial of service).
|
|
||||||
|
|
||||||
Fixes: fb4440de9cc7 (opt_go: Tolerate unplanned server death)
|
|
||||||
(cherry picked from commit 40308a005eaa6b2e8f98da8952d0c0cacc51efde)
|
|
||||||
---
|
|
||||||
docs/libnbd-security.pod | 8 +++++++-
|
|
||||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/docs/libnbd-security.pod b/docs/libnbd-security.pod
|
|
||||||
index d8ead87..0cae846 100644
|
|
||||||
--- a/docs/libnbd-security.pod
|
|
||||||
+++ b/docs/libnbd-security.pod
|
|
||||||
@@ -22,6 +22,12 @@ L<https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html>
|
|
||||||
See the full announcement here:
|
|
||||||
L<https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html>
|
|
||||||
|
|
||||||
+=head2 CVE-2021-20286
|
|
||||||
+denial of service when using L<nbd_set_opt_mode(3)>
|
|
||||||
+
|
|
||||||
+See the full announcement here:
|
|
||||||
+L<https://listman.redhat.com/archives/libguestfs/2021-March/msg00092.html>
|
|
||||||
+
|
|
||||||
=head1 SEE ALSO
|
|
||||||
|
|
||||||
L<libnbd(3)>.
|
|
||||||
@@ -34,4 +40,4 @@ Richard W.M. Jones
|
|
||||||
|
|
||||||
=head1 COPYRIGHT
|
|
||||||
|
|
||||||
-Copyright (C) 2019 Red Hat Inc.
|
|
||||||
+Copyright (C) 2019-2021 Red Hat Inc.
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
|
@ -1,163 +0,0 @@
|
||||||
From 22572f8ac13e2e8daf91d227eac2f384303fb5b4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eric Blake <eblake@redhat.com>
|
|
||||||
Date: Thu, 3 Feb 2022 14:25:57 -0600
|
|
||||||
Subject: [PATCH] copy: Pass in dummy variable rather than &errno to callback
|
|
||||||
|
|
||||||
In several places where asynch handlers manually call the provided
|
|
||||||
nbd_completion_callback, the value of errno is indeterminate (for
|
|
||||||
example, in file-ops.c:file_asynch_read(), the previous call to
|
|
||||||
file_synch_read() already triggered exit() on error, but does not
|
|
||||||
guarantee what is left in errno on success). As the callback should
|
|
||||||
be paying attention to the value of *error (to be fixed in the next
|
|
||||||
patch), we are better off ensuring that we pass in a pointer to a
|
|
||||||
known-zero value. Besides, passing in &errno carries a risk that if
|
|
||||||
the callback uses any other library function that alters errno prior
|
|
||||||
to dereferncing *error, it will no longer see the value we passed in.
|
|
||||||
Thus, it is easier to use a dummy variable on the stack than to mess
|
|
||||||
around with errno and it's magic macro expansion into a thread-local
|
|
||||||
storage location.
|
|
||||||
|
|
||||||
Note that several callsites then check if the callback returned -1,
|
|
||||||
and if so assume that the callback has caused errno to now have a sane
|
|
||||||
value to pass on to perror. In theory, the fact that we are no longer
|
|
||||||
passing in &errno means that if the callback assigns into *error but
|
|
||||||
did not otherwise affect errno (a tenuous assumption, given our
|
|
||||||
argument above that we could not even guarantee that the callback does
|
|
||||||
not accidentally alter errno prior to reading *error), our perror call
|
|
||||||
would no longer reflect the intended error value from the callback.
|
|
||||||
But in practice, since the callback never actually returned -1, nor
|
|
||||||
even assigned into *error, the call to perror is dead code; although I
|
|
||||||
have chosen to defer that additional cleanup to the next patch.
|
|
||||||
|
|
||||||
Message-Id: <20220203202558.203013-5-eblake@redhat.com>
|
|
||||||
Acked-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
Acked-by: Nir Soffer <nsoffer@redhat.com>
|
|
||||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
(cherry picked from commit 794c8ce06e995ebd282e8f2b9465a06140572112)
|
|
||||||
Conflicts:
|
|
||||||
copy/file-ops.c - no backport of d5f65e56 ("copy: Do not use trim
|
|
||||||
for zeroing"), so asynch_trim needed same treatment
|
|
||||||
copy/multi-thread-copying.c - context due to missing refactoring
|
|
||||||
copy/null-ops.c - no backport of 0b16205e "copy: Implement "null:"
|
|
||||||
destination."
|
|
||||||
(cherry picked from commit 26e3dcf80815fe2db320d3046aabc2580c2f7a0d)
|
|
||||||
---
|
|
||||||
copy/file-ops.c | 22 +++++++++++++---------
|
|
||||||
copy/multi-thread-copying.c | 8 +++++---
|
|
||||||
2 files changed, 18 insertions(+), 12 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/copy/file-ops.c b/copy/file-ops.c
|
|
||||||
index 086348a..cc312b4 100644
|
|
||||||
--- a/copy/file-ops.c
|
|
||||||
+++ b/copy/file-ops.c
|
|
||||||
@@ -1,5 +1,5 @@
|
|
||||||
/* NBD client library in userspace.
|
|
||||||
- * Copyright (C) 2020 Red Hat Inc.
|
|
||||||
+ * Copyright (C) 2020-2022 Red Hat Inc.
|
|
||||||
*
|
|
||||||
* This library is free software; you can redistribute it and/or
|
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
|
||||||
@@ -158,10 +158,11 @@ file_asynch_read (struct rw *rw,
|
|
||||||
struct command *command,
|
|
||||||
nbd_completion_callback cb)
|
|
||||||
{
|
|
||||||
+ int dummy = 0;
|
|
||||||
+
|
|
||||||
file_synch_read (rw, slice_ptr (command->slice),
|
|
||||||
command->slice.len, command->offset);
|
|
||||||
- errno = 0;
|
|
||||||
- if (cb.callback (cb.user_data, &errno) == -1) {
|
|
||||||
+ if (cb.callback (cb.user_data, &dummy) == -1) {
|
|
||||||
perror (rw->name);
|
|
||||||
exit (EXIT_FAILURE);
|
|
||||||
}
|
|
||||||
@@ -172,10 +173,11 @@ file_asynch_write (struct rw *rw,
|
|
||||||
struct command *command,
|
|
||||||
nbd_completion_callback cb)
|
|
||||||
{
|
|
||||||
+ int dummy = 0;
|
|
||||||
+
|
|
||||||
file_synch_write (rw, slice_ptr (command->slice),
|
|
||||||
command->slice.len, command->offset);
|
|
||||||
- errno = 0;
|
|
||||||
- if (cb.callback (cb.user_data, &errno) == -1) {
|
|
||||||
+ if (cb.callback (cb.user_data, &dummy) == -1) {
|
|
||||||
perror (rw->name);
|
|
||||||
exit (EXIT_FAILURE);
|
|
||||||
}
|
|
||||||
@@ -185,10 +187,11 @@ static bool
|
|
||||||
file_asynch_trim (struct rw *rw, struct command *command,
|
|
||||||
nbd_completion_callback cb)
|
|
||||||
{
|
|
||||||
+ int dummy = 0;
|
|
||||||
+
|
|
||||||
if (!file_synch_trim (rw, command->offset, command->slice.len))
|
|
||||||
return false;
|
|
||||||
- errno = 0;
|
|
||||||
- if (cb.callback (cb.user_data, &errno) == -1) {
|
|
||||||
+ if (cb.callback (cb.user_data, &dummy) == -1) {
|
|
||||||
perror (rw->name);
|
|
||||||
exit (EXIT_FAILURE);
|
|
||||||
}
|
|
||||||
@@ -199,10 +202,11 @@ static bool
|
|
||||||
file_asynch_zero (struct rw *rw, struct command *command,
|
|
||||||
nbd_completion_callback cb)
|
|
||||||
{
|
|
||||||
+ int dummy = 0;
|
|
||||||
+
|
|
||||||
if (!file_synch_zero (rw, command->offset, command->slice.len))
|
|
||||||
return false;
|
|
||||||
- errno = 0;
|
|
||||||
- if (cb.callback (cb.user_data, &errno) == -1) {
|
|
||||||
+ if (cb.callback (cb.user_data, &dummy) == -1) {
|
|
||||||
perror (rw->name);
|
|
||||||
exit (EXIT_FAILURE);
|
|
||||||
}
|
|
||||||
diff --git a/copy/multi-thread-copying.c b/copy/multi-thread-copying.c
|
|
||||||
index a7aaa7d..2593ff7 100644
|
|
||||||
--- a/copy/multi-thread-copying.c
|
|
||||||
+++ b/copy/multi-thread-copying.c
|
|
||||||
@@ -1,5 +1,5 @@
|
|
||||||
/* NBD client library in userspace.
|
|
||||||
- * Copyright (C) 2020 Red Hat Inc.
|
|
||||||
+ * Copyright (C) 2020-2022 Red Hat Inc.
|
|
||||||
*
|
|
||||||
* This library is free software; you can redistribute it and/or
|
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
|
||||||
@@ -391,6 +391,7 @@ finished_read (void *vp, int *error)
|
|
||||||
bool last_is_hole = false;
|
|
||||||
uint64_t i;
|
|
||||||
struct command *newcommand;
|
|
||||||
+ int dummy = 0;
|
|
||||||
|
|
||||||
/* Iterate over whole blocks in the command, starting on a block
|
|
||||||
* boundary.
|
|
||||||
@@ -473,7 +474,7 @@ finished_read (void *vp, int *error)
|
|
||||||
/* Free the original command since it has been split into
|
|
||||||
* subcommands and the original is no longer needed.
|
|
||||||
*/
|
|
||||||
- free_command (command, &errno);
|
|
||||||
+ free_command (command, &dummy);
|
|
||||||
}
|
|
||||||
|
|
||||||
return 1; /* auto-retires the command */
|
|
||||||
@@ -498,6 +499,7 @@ static void
|
|
||||||
fill_dst_range_with_zeroes (struct command *command)
|
|
||||||
{
|
|
||||||
char *data;
|
|
||||||
+ int dummy = 0;
|
|
||||||
|
|
||||||
if (destination_is_zero)
|
|
||||||
goto free_and_return;
|
|
||||||
@@ -541,7 +543,7 @@ fill_dst_range_with_zeroes (struct command *command)
|
|
||||||
free (data);
|
|
||||||
|
|
||||||
free_and_return:
|
|
||||||
- free_command (command, &errno);
|
|
||||||
+ free_command (command, &dummy);
|
|
||||||
}
|
|
||||||
|
|
||||||
static int
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
|
@ -1,318 +0,0 @@
|
||||||
From 1b0b732e6a9b4979fccf6a09eb6704264edf675d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eric Blake <eblake@redhat.com>
|
|
||||||
Date: Thu, 3 Feb 2022 14:25:58 -0600
|
|
||||||
Subject: [PATCH] copy: CVE-2022-0485: Fail nbdcopy if NBD read or write fails
|
|
||||||
|
|
||||||
nbdcopy has a nasty bug when performing multi-threaded copies using
|
|
||||||
asynchronous nbd calls - it was blindly treating the completion of an
|
|
||||||
asynchronous command as successful, rather than checking the *error
|
|
||||||
parameter. This can result in the silent creation of a corrupted
|
|
||||||
image in two different ways: when a read fails, we blindly wrote
|
|
||||||
garbage to the destination; when a write fails, we did not flag that
|
|
||||||
the destination was not written.
|
|
||||||
|
|
||||||
Since nbdcopy already calls exit() on a synchronous read or write
|
|
||||||
failure to a file, doing the same for an asynchronous op to an NBD
|
|
||||||
server is the simplest solution. A nicer solution, but more invasive
|
|
||||||
to code and thus not done here, might be to allow up to N retries of
|
|
||||||
the transaction (in case the read or write failure was transient), or
|
|
||||||
even having a mode where as much data is copied as possible (portions
|
|
||||||
of the copy that failed would be logged on stderr, and nbdcopy would
|
|
||||||
still fail with a non-zero exit status, but this would copy more than
|
|
||||||
just stopping at the first error, as can be done with rsync or
|
|
||||||
ddrescue).
|
|
||||||
|
|
||||||
Note that since we rely on auto-retiring and do NOT call
|
|
||||||
nbd_aio_command_completed, our completion callbacks must always return
|
|
||||||
1 (if they do not exit() first), even when acting on *error, so as not
|
|
||||||
leave the command allocated until nbd_close. As such, there is no
|
|
||||||
sane way to return an error to a manual caller of the callback, and
|
|
||||||
therefore we can drop dead code that calls perror() and exit() if the
|
|
||||||
callback "failed". It is also worth documenting the contract on when
|
|
||||||
we must manually call the callback during the asynch_zero callback, so
|
|
||||||
that we do not leak or double-free the command; thankfully, all the
|
|
||||||
existing code paths were correct.
|
|
||||||
|
|
||||||
The added testsuite script demonstrates several scenarios, some of
|
|
||||||
which fail without the rest of this patch in place, and others which
|
|
||||||
showcase ways in which sparse images can bypass errors.
|
|
||||||
|
|
||||||
Once backports are complete, a followup patch on the main branch will
|
|
||||||
edit docs/libnbd-security.pod with the mailing list announcement of
|
|
||||||
the stable branch commit ids and release versions that incorporate
|
|
||||||
this fix.
|
|
||||||
|
|
||||||
Reported-by: Nir Soffer <nsoffer@redhat.com>
|
|
||||||
Fixes: bc896eec4d ("copy: Implement multi-conn, multiple threads, multiple requests in flight.", v1.5.6)
|
|
||||||
Fixes: https://bugzilla.redhat.com/2046194
|
|
||||||
Message-Id: <20220203202558.203013-6-eblake@redhat.com>
|
|
||||||
Acked-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
Acked-by: Nir Soffer <nsoffer@redhat.com>
|
|
||||||
[eblake: fix error message per Nir, tweak requires lines in unit test per Rich]
|
|
||||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
|
|
||||||
(cherry picked from commit 8d444b41d09a700c7ee6f9182a649f3f2d325abb)
|
|
||||||
Conflicts:
|
|
||||||
copy/nbdcopy.h - copyright context
|
|
||||||
copy/null-ops.c - no backport of 0b16205e "copy: Implement "null:"
|
|
||||||
destination."
|
|
||||||
copy/copy-nbd-error.sh - no backport of d5f65e56 ("copy: Do not use
|
|
||||||
trim for zeroing"), so one test needed an additional error-trim-rate;
|
|
||||||
no backport of 4ff9e62d (copy: Add --request-size option") and friends, so
|
|
||||||
this version uses larger transactions, so change error rate of 0.5 to 1;
|
|
||||||
no backport of 0b16205e "copy: Implement "null:" destination.", so use
|
|
||||||
nbdkit null instead
|
|
||||||
Note that while the use of NBD_CMD_TRIM can create data corruption, it is
|
|
||||||
not as severe as what this patch fixes, since trim corruption will only
|
|
||||||
expose what had previously been on the disk, compared to this patch fixing
|
|
||||||
a potential leak of nbdcopy heap contents into the destination.
|
|
||||||
(cherry picked from commit 6c8f2f859926b82094fb5e85c446ea099700fa10)
|
|
||||||
---
|
|
||||||
TODO | 1 +
|
|
||||||
copy/Makefile.am | 4 +-
|
|
||||||
copy/copy-nbd-error.sh | 81 +++++++++++++++++++++++++++++++++++++
|
|
||||||
copy/file-ops.c | 17 +++-----
|
|
||||||
copy/multi-thread-copying.c | 13 ++++++
|
|
||||||
copy/nbdcopy.h | 7 ++--
|
|
||||||
6 files changed, 107 insertions(+), 16 deletions(-)
|
|
||||||
create mode 100755 copy/copy-nbd-error.sh
|
|
||||||
|
|
||||||
diff --git a/TODO b/TODO
|
|
||||||
index 510c219..19c21d4 100644
|
|
||||||
--- a/TODO
|
|
||||||
+++ b/TODO
|
|
||||||
@@ -35,6 +35,7 @@ nbdcopy:
|
|
||||||
- Better page cache usage, see nbdkit-file-plugin options
|
|
||||||
fadvise=sequential cache=none.
|
|
||||||
- Consider io_uring if there are performance bottlenecks.
|
|
||||||
+ - Configurable retries in response to read or write failures.
|
|
||||||
|
|
||||||
nbdfuse:
|
|
||||||
- If you write beyond the end of the virtual file, it returns EIO.
|
|
||||||
diff --git a/copy/Makefile.am b/copy/Makefile.am
|
|
||||||
index d318388..3406cd8 100644
|
|
||||||
--- a/copy/Makefile.am
|
|
||||||
+++ b/copy/Makefile.am
|
|
||||||
@@ -1,5 +1,5 @@
|
|
||||||
# nbd client library in userspace
|
|
||||||
-# Copyright (C) 2020 Red Hat Inc.
|
|
||||||
+# Copyright (C) 2020-2022 Red Hat Inc.
|
|
||||||
#
|
|
||||||
# This library is free software; you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU Lesser General Public
|
|
||||||
@@ -30,6 +30,7 @@ EXTRA_DIST = \
|
|
||||||
copy-nbd-to-small-nbd-error.sh \
|
|
||||||
copy-nbd-to-sparse-file.sh \
|
|
||||||
copy-nbd-to-stdout.sh \
|
|
||||||
+ copy-nbd-error.sh \
|
|
||||||
copy-progress-bar.sh \
|
|
||||||
copy-sparse.sh \
|
|
||||||
copy-sparse-allocated.sh \
|
|
||||||
@@ -105,6 +106,7 @@ TESTS += \
|
|
||||||
copy-nbd-to-sparse-file.sh \
|
|
||||||
copy-stdin-to-nbd.sh \
|
|
||||||
copy-nbd-to-stdout.sh \
|
|
||||||
+ copy-nbd-error.sh \
|
|
||||||
copy-progress-bar.sh \
|
|
||||||
copy-sparse.sh \
|
|
||||||
copy-sparse-allocated.sh \
|
|
||||||
diff --git a/copy/copy-nbd-error.sh b/copy/copy-nbd-error.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 0000000..bba71db
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/copy/copy-nbd-error.sh
|
|
||||||
@@ -0,0 +1,81 @@
|
|
||||||
+#!/usr/bin/env bash
|
|
||||||
+# nbd client library in userspace
|
|
||||||
+# Copyright (C) 2022 Red Hat Inc.
|
|
||||||
+#
|
|
||||||
+# This library is free software; you can redistribute it and/or
|
|
||||||
+# modify it under the terms of the GNU Lesser General Public
|
|
||||||
+# License as published by the Free Software Foundation; either
|
|
||||||
+# version 2 of the License, or (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This library is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
||||||
+# Lesser General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU Lesser General Public
|
|
||||||
+# License along with this library; if not, write to the Free Software
|
|
||||||
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
|
||||||
+
|
|
||||||
+# Tests several scenarios of handling NBD server errors
|
|
||||||
+# Serves as a regression test for the CVE-2022-0485 fix.
|
|
||||||
+
|
|
||||||
+. ../tests/functions.sh
|
|
||||||
+
|
|
||||||
+set -e
|
|
||||||
+set -x
|
|
||||||
+
|
|
||||||
+requires nbdkit --exit-with-parent --version
|
|
||||||
+requires nbdkit --filter=noextents null --version
|
|
||||||
+requires nbdkit --filter=error pattern --version
|
|
||||||
+requires nbdkit --filter=nozero memory --version
|
|
||||||
+
|
|
||||||
+fail=0
|
|
||||||
+
|
|
||||||
+# Failure to get block status should not be fatal, but merely downgrade to
|
|
||||||
+# reading the entire image as if data
|
|
||||||
+echo "Testing extents failures on source"
|
|
||||||
+$VG nbdcopy -- [ nbdkit --exit-with-parent -v --filter=error pattern 5M \
|
|
||||||
+ error-extents-rate=1 ] [ nbdkit --exit-with-parent -v null 5M ] || fail=1
|
|
||||||
+
|
|
||||||
+# Failure to read should be fatal
|
|
||||||
+echo "Testing read failures on non-sparse source"
|
|
||||||
+$VG nbdcopy -- [ nbdkit --exit-with-parent -v --filter=error pattern 5M \
|
|
||||||
+ error-pread-rate=1 ] [ nbdkit --exit-with-parent -v null 5M ] && fail=1
|
|
||||||
+
|
|
||||||
+# However, reliable block status on a sparse image can avoid the need to read
|
|
||||||
+echo "Testing read failures on sparse source"
|
|
||||||
+$VG nbdcopy -- [ nbdkit --exit-with-parent -v --filter=error null 5M \
|
|
||||||
+ error-pread-rate=1 ] [ nbdkit --exit-with-parent -v null 5M ] || fail=1
|
|
||||||
+
|
|
||||||
+# Failure to write data should be fatal
|
|
||||||
+echo "Testing write data failures on arbitrary destination"
|
|
||||||
+$VG nbdcopy -- [ nbdkit --exit-with-parent -v pattern 5M ] \
|
|
||||||
+ [ nbdkit --exit-with-parent -v --filter=error --filter=noextents \
|
|
||||||
+ memory 5M error-pwrite-rate=1 ] && fail=1
|
|
||||||
+
|
|
||||||
+# However, writing zeroes can bypass the need for normal writes
|
|
||||||
+echo "Testing write data failures from sparse source"
|
|
||||||
+$VG nbdcopy -- [ nbdkit --exit-with-parent -v null 5M ] \
|
|
||||||
+ [ nbdkit --exit-with-parent -v --filter=error --filter=noextents \
|
|
||||||
+ memory 5M error-pwrite-rate=1 ] || fail=1
|
|
||||||
+
|
|
||||||
+# Failure to write zeroes should be fatal
|
|
||||||
+echo "Testing write zero failures on arbitrary destination"
|
|
||||||
+$VG nbdcopy -- [ nbdkit --exit-with-parent -v null 5M ] \
|
|
||||||
+ [ nbdkit --exit-with-parent -v --filter=error memory 5M \
|
|
||||||
+ error-trim-rate=1 error-zero-rate=1 ] && fail=1
|
|
||||||
+
|
|
||||||
+# However, assuming/learning destination is zero can skip need to write
|
|
||||||
+echo "Testing write failures on pre-zeroed destination"
|
|
||||||
+$VG nbdcopy --destination-is-zero -- \
|
|
||||||
+ [ nbdkit --exit-with-parent -v null 5M ] \
|
|
||||||
+ [ nbdkit --exit-with-parent -v --filter=error memory 5M \
|
|
||||||
+ error-pwrite-rate=1 error-zero-rate=1 ] || fail=1
|
|
||||||
+
|
|
||||||
+# Likewise, when write zero is not advertised, fallback to normal write works
|
|
||||||
+echo "Testing write zeroes to destination without zero support"
|
|
||||||
+$VG nbdcopy -- [ nbdkit --exit-with-parent -v null 5M ] \
|
|
||||||
+ [ nbdkit --exit-with-parent -v --filter=nozero --filter=error memory 5M \
|
|
||||||
+ error-zero-rate=1 ] || fail=1
|
|
||||||
+
|
|
||||||
+exit $fail
|
|
||||||
diff --git a/copy/file-ops.c b/copy/file-ops.c
|
|
||||||
index cc312b4..b19af04 100644
|
|
||||||
--- a/copy/file-ops.c
|
|
||||||
+++ b/copy/file-ops.c
|
|
||||||
@@ -162,10 +162,8 @@ file_asynch_read (struct rw *rw,
|
|
||||||
|
|
||||||
file_synch_read (rw, slice_ptr (command->slice),
|
|
||||||
command->slice.len, command->offset);
|
|
||||||
- if (cb.callback (cb.user_data, &dummy) == -1) {
|
|
||||||
- perror (rw->name);
|
|
||||||
- exit (EXIT_FAILURE);
|
|
||||||
- }
|
|
||||||
+ /* file_synch_read called exit() on error */
|
|
||||||
+ cb.callback (cb.user_data, &dummy);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void
|
|
||||||
@@ -177,10 +175,8 @@ file_asynch_write (struct rw *rw,
|
|
||||||
|
|
||||||
file_synch_write (rw, slice_ptr (command->slice),
|
|
||||||
command->slice.len, command->offset);
|
|
||||||
- if (cb.callback (cb.user_data, &dummy) == -1) {
|
|
||||||
- perror (rw->name);
|
|
||||||
- exit (EXIT_FAILURE);
|
|
||||||
- }
|
|
||||||
+ /* file_synch_write called exit() on error */
|
|
||||||
+ cb.callback (cb.user_data, &dummy);
|
|
||||||
}
|
|
||||||
|
|
||||||
static bool
|
|
||||||
@@ -206,10 +202,7 @@ file_asynch_zero (struct rw *rw, struct command *command,
|
|
||||||
|
|
||||||
if (!file_synch_zero (rw, command->offset, command->slice.len))
|
|
||||||
return false;
|
|
||||||
- if (cb.callback (cb.user_data, &dummy) == -1) {
|
|
||||||
- perror (rw->name);
|
|
||||||
- exit (EXIT_FAILURE);
|
|
||||||
- }
|
|
||||||
+ cb.callback (cb.user_data, &dummy);
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/copy/multi-thread-copying.c b/copy/multi-thread-copying.c
|
|
||||||
index 2593ff7..28749ae 100644
|
|
||||||
--- a/copy/multi-thread-copying.c
|
|
||||||
+++ b/copy/multi-thread-copying.c
|
|
||||||
@@ -28,6 +28,7 @@
|
|
||||||
#include <errno.h>
|
|
||||||
#include <assert.h>
|
|
||||||
#include <sys/stat.h>
|
|
||||||
+#include <inttypes.h>
|
|
||||||
|
|
||||||
#include <pthread.h>
|
|
||||||
|
|
||||||
@@ -374,6 +375,12 @@ finished_read (void *vp, int *error)
|
|
||||||
{
|
|
||||||
struct command *command = vp;
|
|
||||||
|
|
||||||
+ if (*error) {
|
|
||||||
+ fprintf (stderr, "read at offset %" PRId64 " failed: %s\n",
|
|
||||||
+ command->offset, strerror (*error));
|
|
||||||
+ exit (EXIT_FAILURE);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (allocated || sparse_size == 0) {
|
|
||||||
/* If sparseness detection (see below) is turned off then we write
|
|
||||||
* the whole command.
|
|
||||||
@@ -552,6 +559,12 @@ free_command (void *vp, int *error)
|
|
||||||
struct command *command = vp;
|
|
||||||
struct buffer *buffer = command->slice.buffer;
|
|
||||||
|
|
||||||
+ if (*error) {
|
|
||||||
+ fprintf (stderr, "write at offset %" PRId64 " failed: %s\n",
|
|
||||||
+ command->offset, strerror (*error));
|
|
||||||
+ exit (EXIT_FAILURE);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (buffer != NULL) {
|
|
||||||
if (--buffer->refs == 0) {
|
|
||||||
free (buffer->data);
|
|
||||||
diff --git a/copy/nbdcopy.h b/copy/nbdcopy.h
|
|
||||||
index 3dcc6df..9626a52 100644
|
|
||||||
--- a/copy/nbdcopy.h
|
|
||||||
+++ b/copy/nbdcopy.h
|
|
||||||
@@ -1,5 +1,5 @@
|
|
||||||
/* NBD client library in userspace.
|
|
||||||
- * Copyright (C) 2020 Red Hat Inc.
|
|
||||||
+ * Copyright (C) 2020-2022 Red Hat Inc.
|
|
||||||
*
|
|
||||||
* This library is free software; you can redistribute it and/or
|
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
|
||||||
@@ -134,7 +134,8 @@ struct rw_ops {
|
|
||||||
bool (*synch_zero) (struct rw *rw, uint64_t offset, uint64_t count);
|
|
||||||
|
|
||||||
/* Asynchronous I/O operations. These start the operation and call
|
|
||||||
- * 'cb' on completion.
|
|
||||||
+ * 'cb' on completion. 'cb' will return 1, for auto-retiring with
|
|
||||||
+ * asynchronous libnbd calls.
|
|
||||||
*
|
|
||||||
* The file_ops versions are actually implemented synchronously, but
|
|
||||||
* still call 'cb'.
|
|
||||||
@@ -156,7 +157,7 @@ struct rw_ops {
|
|
||||||
nbd_completion_callback cb);
|
|
||||||
|
|
||||||
/* Asynchronously zero. command->slice.buffer is not used. If not possible,
|
|
||||||
- * returns false.
|
|
||||||
+ * returns false. 'cb' must be called only if returning true.
|
|
||||||
*/
|
|
||||||
bool (*asynch_zero) (struct rw *rw, struct command *command,
|
|
||||||
nbd_completion_callback cb);
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
|
@ -6,7 +6,7 @@ set -e
|
||||||
# directory. Use it like this:
|
# directory. Use it like this:
|
||||||
# ./copy-patches.sh
|
# ./copy-patches.sh
|
||||||
|
|
||||||
rhel_version=8.6
|
rhel_version=9.0
|
||||||
|
|
||||||
# Check we're in the right directory.
|
# Check we're in the right directory.
|
||||||
if [ ! -f libnbd.spec ]; then
|
if [ ! -f libnbd.spec ]; then
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmIFM4YRHHJpY2hAYW5u
|
||||||
|
ZXhpYS5vcmcACgkQkXOPc+G3aKDrPhAAjwTeg6XxTtPAbBFqwgYeux742i4ufnrL
|
||||||
|
xdCQgtmyF4jFhW6E0q/dYKr32iUxL6BabswcbmHHhjU4XEa16mSPbkbYAMNvsPJa
|
||||||
|
FpzW4KMJh+vHCarqm3UFiBwVKEEu+VXbOVh9bVjpCdJRx+jE6hbr5tlR9CHQuNQY
|
||||||
|
3LoZ7YU+QvQyIVQDOzDSD/8swyfOeX1c4D4Wok0w9qgHsT54GQmT4VTQ93Z/8RXK
|
||||||
|
D3vCNOt2J+bnJx9WNkboNIfS/FI4L6j4TpuB7tucJlk8Wtfj7LI526LBZwaLYO8E
|
||||||
|
MH63xr0dvbSA19kNY8M3Sff+YqOEKcufZREt5pX6LJLM/ARXKc0KwmaXR+U2zoNy
|
||||||
|
gFomzICsvhGusP6mgLc60VYSUO+od9qZDYsmGZ0mtNL18ISKqIjRRxEXWG6z6mT7
|
||||||
|
kkbifoZC4tOQqKzvswzlWb0upaC5IOju8tGSwpuZosoVcAs63CmU71/CIA7CT4s0
|
||||||
|
qUw+g0ISJYXMFGp3gNzkie9d/a8fAhaCYQKuSxtb5bCNaFegc/6djLy5/MAa65x0
|
||||||
|
difLH3sHYEtB4CzPQnQ8wM5khZ/D789CtqGFtI4fz1aMShW0AJfnsUU8DtAi9pAg
|
||||||
|
3wcjR0N8wQLq68Evj0+VO2rzq/2FSKaR9P7r2cobHC+ucAdvZRAzWOMcHIzfszkN
|
||||||
|
vMYr5xX3G8o=
|
||||||
|
=1qAE
|
||||||
|
-----END PGP SIGNATURE-----
|
|
@ -1,17 +0,0 @@
|
||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAl/3RFQRHHJpY2hAYW5u
|
|
||||||
ZXhpYS5vcmcACgkQkXOPc+G3aKD9aw/+Pfg3owjJmhTcCyFvuH2lgiiBb+qL2An+
|
|
||||||
hsoax6dM5JxzV6x1Ikgn3C8z2+dLRMowo2FrRgpzTwfaS+ngLDipSC04hKl9MhFN
|
|
||||||
7OPLCm+L7wcP7KUk4cC0qTSHpHkApo2SP3/bD7vVBYZMYSjgUVFcRoqZlRl3N9RF
|
|
||||||
7XNsxA2YG9bV4Ln3KbB+k2uxIKNUZIVjmEpretVbb+NTKW9C23ZHicSHYB+Eok1M
|
|
||||||
iTN6j66rYFn0Xb+L2v7jty19tSdYOMbkdSn0KpniURAWevjjVWGqcojMqW4YuAZ5
|
|
||||||
h2MpRfyKFyusbsbtX5bjICTu6+AgFFUALKH7ReDs1RY1cEph9XdBLVulXTggxY05
|
|
||||||
E3I1Nns1YmjRlV6ky2Abl2e+Doc44mycINRlwL2q8+Q3TqlVVPFXoVTWxIJ6/Uae
|
|
||||||
tqnEwWIa2wGv3KU1KLNbWTn1z6I8NM/Nj+7pMKDNnxJzFmHEjL94tmG+iNmHsF34
|
|
||||||
vWBZ1q7h9EezxHLOPFYDjlpS+IxeuXakbpuTX2jXvi3zSAbr5WmRR1uO8dAiwu9b
|
|
||||||
RwOHRmVQOFLAAICYTZDmxl42DpWs5Z2aP7eRwpe8/MOSRiAVepjhUD/bsdaFwmBR
|
|
||||||
8Z7CGNzyTtt+sy5l7cPBYZ+4RdxWgFEBceBbHs06zdlD/Pui288UQVB/0e9AXYOc
|
|
||||||
wluyWT1v7sA=
|
|
||||||
=BaN1
|
|
||||||
-----END PGP SIGNATURE-----
|
|
|
@ -5,15 +5,15 @@
|
||||||
%global patches_touch_autotools 1
|
%global patches_touch_autotools 1
|
||||||
|
|
||||||
# The source directory.
|
# The source directory.
|
||||||
%global source_directory 1.6-stable
|
%global source_directory 1.10-stable
|
||||||
|
|
||||||
Name: libnbd
|
Name: libnbd
|
||||||
Version: 1.6.0
|
Version: 1.10.5
|
||||||
Release: 5%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: NBD client library in userspace
|
Summary: NBD client library in userspace
|
||||||
|
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
URL: https://github.com/libguestfs/libnbd
|
URL: https://gitlab.com/nbdkit/libnbd
|
||||||
|
|
||||||
Source0: http://libguestfs.org/download/libnbd/%{source_directory}/%{name}-%{version}.tar.gz
|
Source0: http://libguestfs.org/download/libnbd/%{source_directory}/%{name}-%{version}.tar.gz
|
||||||
Source1: http://libguestfs.org/download/libnbd/%{source_directory}/%{name}-%{version}.tar.gz.sig
|
Source1: http://libguestfs.org/download/libnbd/%{source_directory}/%{name}-%{version}.tar.gz.sig
|
||||||
|
@ -25,17 +25,11 @@ Source2: libguestfs.keyring
|
||||||
# Maintainer script which helps with handling patches.
|
# Maintainer script which helps with handling patches.
|
||||||
Source3: copy-patches.sh
|
Source3: copy-patches.sh
|
||||||
|
|
||||||
# Patches come from this upstream branch:
|
# Patches are stored in the upstream repository:
|
||||||
# https://github.com/libguestfs/libnbd/tree/rhel-8.6
|
# https://gitlab.com/nbdkit/libnbd/-/commits/rhel-9.0/
|
||||||
|
|
||||||
# Patches.
|
# Patches.
|
||||||
Patch0001: 0001-copy-copy-nbd-to-sparse-file.sh-Skip-test-unless-nbd.patch
|
Patch0001: 0001-api-Add-new-API-nbd_set_pread_initialize.patch
|
||||||
Patch0002: 0002-generator-Refactor-CONNECT.START-state.patch
|
|
||||||
Patch0003: 0003-generator-Print-a-better-error-message-if-connect-2-.patch
|
|
||||||
Patch0004: 0004-opt_go-Tolerate-unplanned-server-death.patch
|
|
||||||
Patch0005: 0005-security-Document-assignment-of-CVE-2021-20286.patch
|
|
||||||
Patch0006: 0006-copy-Pass-in-dummy-variable-rather-than-errno-to-cal.patch
|
|
||||||
Patch0007: 0007-copy-CVE-2022-0485-Fail-nbdcopy-if-NBD-read-or-write.patch
|
|
||||||
|
|
||||||
%if 0%{patches_touch_autotools}
|
%if 0%{patches_touch_autotools}
|
||||||
BuildRequires: autoconf, automake, libtool
|
BuildRequires: autoconf, automake, libtool
|
||||||
|
@ -47,12 +41,13 @@ BuildRequires: gnupg2
|
||||||
|
|
||||||
# For the core library.
|
# For the core library.
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
|
BuildRequires: make
|
||||||
BuildRequires: /usr/bin/pod2man
|
BuildRequires: /usr/bin/pod2man
|
||||||
BuildRequires: gnutls-devel
|
BuildRequires: gnutls-devel
|
||||||
BuildRequires: libxml2-devel
|
BuildRequires: libxml2-devel
|
||||||
|
|
||||||
# For nbdfuse.
|
# For nbdfuse.
|
||||||
BuildRequires: fuse, fuse-devel
|
BuildRequires: fuse3, fuse3-devel
|
||||||
|
|
||||||
# For the Python 3 bindings.
|
# For the Python 3 bindings.
|
||||||
BuildRequires: python3-devel
|
BuildRequires: python3-devel
|
||||||
|
@ -72,20 +67,28 @@ BuildRequires: bash-completion
|
||||||
BuildRequires: coreutils
|
BuildRequires: coreutils
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
BuildRequires: gnutls-utils
|
BuildRequires: gnutls-utils
|
||||||
#BuildRequires: jq
|
BuildRequires: iproute
|
||||||
|
BuildRequires: jq
|
||||||
|
%if !0%{?rhel}
|
||||||
|
BuildRequires: nbd
|
||||||
|
%endif
|
||||||
|
BuildRequires: util-linux
|
||||||
|
|
||||||
|
# On RHEL, maybe even in Fedora in future, we do not build qemu-img or
|
||||||
|
# nbdkit for i686. These are only needed for the test suite so make
|
||||||
|
# them optional. This reduces our test exposure on 32 bit platforms,
|
||||||
|
# although there is still Fedora/armv7 and some upstream testing.
|
||||||
%ifnarch %{ix86}
|
%ifnarch %{ix86}
|
||||||
|
BuildRequires: qemu-img
|
||||||
BuildRequires: nbdkit
|
BuildRequires: nbdkit
|
||||||
BuildRequires: nbdkit-data-plugin
|
BuildRequires: nbdkit-data-plugin
|
||||||
#BuildRequires: nbdkit-eval-plugin
|
BuildRequires: nbdkit-eval-plugin
|
||||||
BuildRequires: nbdkit-memory-plugin
|
BuildRequires: nbdkit-memory-plugin
|
||||||
BuildRequires: nbdkit-null-plugin
|
BuildRequires: nbdkit-null-plugin
|
||||||
BuildRequires: nbdkit-pattern-plugin
|
BuildRequires: nbdkit-pattern-plugin
|
||||||
BuildRequires: nbdkit-sh-plugin
|
BuildRequires: nbdkit-sh-plugin
|
||||||
#BuildRequires: nbdkit-sparse-random-plugin
|
BuildRequires: nbdkit-sparse-random-plugin
|
||||||
#BuildRequires: nbd
|
|
||||||
BuildRequires: qemu-img
|
|
||||||
%endif
|
%endif
|
||||||
BuildRequires: util-linux
|
|
||||||
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
|
@ -157,6 +160,7 @@ python3-%{name} contains Python 3 bindings for %{name}.
|
||||||
Summary: FUSE support for %{name}
|
Summary: FUSE support for %{name}
|
||||||
License: LGPLv2+ and BSD
|
License: LGPLv2+ and BSD
|
||||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||||
|
Recommends: fuse3
|
||||||
|
|
||||||
|
|
||||||
%description -n nbdfuse
|
%description -n nbdfuse
|
||||||
|
@ -179,8 +183,7 @@ for %{name}.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%if 0%{verify_tarball_signature}
|
%if 0%{verify_tarball_signature}
|
||||||
tmphome="$(mktemp -d)"
|
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
|
||||||
gpgv2 --homedir "$tmphome" --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
|
|
||||||
%endif
|
%endif
|
||||||
%autosetup -p1
|
%autosetup -p1
|
||||||
%if 0%{patches_touch_autotools}
|
%if 0%{patches_touch_autotools}
|
||||||
|
@ -212,28 +215,36 @@ rm $RPM_BUILD_ROOT%{_mandir}/man3/libnbd-golang.3*
|
||||||
|
|
||||||
|
|
||||||
%check
|
%check
|
||||||
|
function skip_test ()
|
||||||
|
{
|
||||||
|
for f in "$@"; do
|
||||||
|
rm -f "$f"
|
||||||
|
echo 'exit 77' > "$f"
|
||||||
|
chmod +x "$f"
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
# interop/structured-read.sh fails with the old qemu-nbd in Fedora 29,
|
# interop/structured-read.sh fails with the old qemu-nbd in Fedora 29,
|
||||||
# so disable it there.
|
# so disable it there.
|
||||||
%if 0%{?fedora} <= 29
|
%if 0%{?fedora} <= 29
|
||||||
rm interop/structured-read.sh
|
skip_test interop/structured-read.sh
|
||||||
touch interop/structured-read.sh
|
%endif
|
||||||
chmod +x interop/structured-read.sh
|
|
||||||
|
# interop/interop-qemu-storage-daemon.sh fails in RHEL 9 because of
|
||||||
|
# this bug in qemu:
|
||||||
|
# https://lists.nongnu.org/archive/html/qemu-devel/2021-03/threads.html#03544
|
||||||
|
%if 0%{?rhel}
|
||||||
|
skip_test interop/interop-qemu-storage-daemon.sh
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
# All fuse tests fail in Koji with:
|
# All fuse tests fail in Koji with:
|
||||||
# fusermount: entry for fuse/test-*.d not found in /etc/mtab
|
# fusermount: entry for fuse/test-*.d not found in /etc/mtab
|
||||||
# for unknown reasons but probably related to the Koji environment.
|
# for unknown reasons but probably related to the Koji environment.
|
||||||
for f in fuse/test-*.sh; do
|
skip_test fuse/test-*.sh
|
||||||
rm $f
|
|
||||||
touch $f
|
|
||||||
chmod +x $f
|
|
||||||
done
|
|
||||||
|
|
||||||
# info/info-map-base-allocation-json.sh fails because of a bug in
|
# IPv6 loopback connections fail in Koji.
|
||||||
# jq 1.5 in RHEL 8 (fixed in later versions).
|
make -C tests connect-tcp6 ||:
|
||||||
rm info/info-map-base-allocation-json.sh
|
skip_test tests/connect-tcp6
|
||||||
touch info/info-map-base-allocation-json.sh
|
|
||||||
chmod +x info/info-map-base-allocation-json.sh
|
|
||||||
|
|
||||||
make %{?_smp_mflags} check || {
|
make %{?_smp_mflags} check || {
|
||||||
for f in $(find -name test-suite.log); do
|
for f in $(find -name test-suite.log); do
|
||||||
|
@ -312,44 +323,271 @@ make %{?_smp_mflags} check || {
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Feb 7 2022 Richard W.M. Jones <rjones@redhat.com> - 1.6.0-5.el8
|
* Thu Feb 10 2022 Richard W.M. Jones <rjones@redhat.com> - 1.10.5-1
|
||||||
- Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails
|
- Rebase to new stable branch version 1.10.5
|
||||||
resolves: rhbz#2045718
|
resolves: rhbz#2011708
|
||||||
|
- Map uint32_t to OCaml int64 to avoid signedness problems
|
||||||
|
resolves: rhbz#2040610
|
||||||
|
- CVE-2022-0485 nbdcopy destination image corruption
|
||||||
|
- New upstream API to control initialization of pread buffer
|
||||||
|
resolves: rhbz#2046194
|
||||||
|
|
||||||
* Thu Sep 2 2021 Danilo C. L. de Paula <ddepaula@redhat.com> - 1.6.0-4.el8
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.8.2-3
|
||||||
- Resolves: bz#2000225
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
(Rebase virt:rhel module:stream based on AV-8.6)
|
Related: rhbz#1991688
|
||||||
|
|
||||||
* Mon Jul 13 2020 Danilo C. L. de Paula <ddepaula@redhat.com> - 1.2.2
|
* Fri Jul 30 2021 Richard W.M. Jones <rjones@redhat.com> - 1.8.2-2
|
||||||
- Resolves: bz#1844296
|
- Fix nbdcopy progress bar.
|
||||||
(Upgrade components in virt:rhel module:stream for RHEL-8.3 release)
|
- Add nbdinfo --map --totals and --can/--is options.
|
||||||
|
resolves: rhbz#1950630
|
||||||
|
|
||||||
* Wed Feb 5 2020 Richard W.M. Jones <rjones@redhat.com> - 1.2.2-1
|
* Sat Jul 03 2021 Richard W.M. Jones <rjones@redhat.com> - 1.8.2-1
|
||||||
- New stable release 1.2.2.
|
- New upstream stable version 1.8.2.
|
||||||
|
|
||||||
* Tue Dec 3 2019 Richard W.M. Jones <rjones@redhat.com> - 1.2.1-1
|
* Wed Jun 23 2021 Richard W.M. Jones <rjones@redhat.com> - 1.8.1-2
|
||||||
- New stable release 1.2.1.
|
- Bump and rebuild
|
||||||
|
resolves: rhbz#1975316
|
||||||
|
|
||||||
|
* Fri Jun 11 2021 Richard W.M. Jones <rjones@redhat.com> - 1.8.1-1
|
||||||
|
- New upstream stable version 1.8.1.
|
||||||
|
|
||||||
|
* Mon Jun 07 2021 Richard W.M. Jones <rjones@redhat.com> - 1.8.0-1
|
||||||
|
- New upstream version 1.8.0.
|
||||||
|
|
||||||
|
* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 1.7.12-2
|
||||||
|
- Rebuilt for Python 3.10
|
||||||
|
|
||||||
|
* Sat May 29 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.12-1
|
||||||
|
- New upstream version 1.7.12.
|
||||||
|
|
||||||
|
* Thu May 20 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.11-1
|
||||||
|
- New upstream version 1.7.11.
|
||||||
|
|
||||||
|
* Fri May 14 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.10-1
|
||||||
|
- New upstream version 1.7.10.
|
||||||
|
|
||||||
|
* Thu Apr 29 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.9-1
|
||||||
|
- New upstream version 1.7.9.
|
||||||
|
- Switch to fuse3.
|
||||||
|
- Make nbdfuse package recommend fuse3 (to get fusermount3).
|
||||||
|
|
||||||
|
* Sat Apr 24 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.8-1
|
||||||
|
- New upstream development version 1.7.8.
|
||||||
|
|
||||||
|
* Sat Apr 10 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.7-1
|
||||||
|
- New upstream development version 1.7.7.
|
||||||
|
- +BR iproute
|
||||||
|
- Add skip_test helper function.
|
||||||
|
- Skip connect-tcp6 test which fails under Koji.
|
||||||
|
|
||||||
|
* Thu Apr 08 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.6-1
|
||||||
|
- New upstream development version 1.7.6.
|
||||||
|
|
||||||
|
* Sat Apr 03 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.5-1
|
||||||
|
- New upstream development version 1.7.5.
|
||||||
|
|
||||||
|
* Mon Mar 15 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.4-1
|
||||||
|
- New upstream development version 1.7.4.
|
||||||
|
|
||||||
|
* Mon Mar 15 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.3-3
|
||||||
|
- Update documentation for CVE-2021-20286.
|
||||||
|
- Workaround broken interop/interop-qemu-storage-daemon.sh test in RHEL 9.
|
||||||
|
|
||||||
|
* Thu Mar 4 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.3-2
|
||||||
|
- Add fix for nbdkit test suite.
|
||||||
|
|
||||||
|
* Tue Mar 2 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.3-1
|
||||||
|
- New upstream version 1.7.3.
|
||||||
|
|
||||||
|
* Mon Mar 1 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.2-3
|
||||||
|
- OCaml 4.12.0 build
|
||||||
|
|
||||||
|
* Wed Feb 24 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.2-2
|
||||||
|
- Disable nbd BR on RHEL.
|
||||||
|
|
||||||
|
* Mon Feb 22 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.2-1
|
||||||
|
- New upstream version 1.7.2.
|
||||||
|
|
||||||
|
* Fri Jan 29 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.1-6
|
||||||
|
- Disable BR qemu-img on i686.
|
||||||
|
|
||||||
|
* Thu Jan 28 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.1-3
|
||||||
|
- Disable BR nbdkit on i686 because it breaks ELN/RHEL 9.
|
||||||
|
|
||||||
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.1-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jan 20 2021 Richard W.M. Jones <rjones@redhat.com> - 1.7.1-1
|
||||||
|
- New upstream development version 1.7.1.
|
||||||
|
|
||||||
|
* Thu Jan 07 2021 Richard W.M. Jones <rjones@redhat.com> - 1.6.0-1
|
||||||
|
- New upstream stable version 1.6.0.
|
||||||
|
|
||||||
|
* Tue Dec 08 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.9-1
|
||||||
|
- New upstream development version 1.5.9.
|
||||||
|
|
||||||
|
* Thu Dec 03 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.8-1
|
||||||
|
- New upstream development version 1.5.8.
|
||||||
|
- Unify Fedora and RHEL spec files.
|
||||||
|
|
||||||
|
* Wed Nov 25 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.7-1
|
||||||
|
- New upstream development version 1.5.7.
|
||||||
|
- Add some more test suite buildrequires lines.
|
||||||
|
- Fix bogus date in changelog.
|
||||||
|
|
||||||
|
* Thu Nov 12 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.6-1
|
||||||
|
- New upstream development version 1.5.6.
|
||||||
|
|
||||||
|
* Mon Nov 02 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.5-1
|
||||||
|
- New upstream development version 1.5.5.
|
||||||
|
|
||||||
|
* Mon Oct 05 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.4-1
|
||||||
|
- New upstream development version 1.5.4.
|
||||||
|
- More OCaml man pages.
|
||||||
|
|
||||||
|
* Sat Sep 26 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.3-1
|
||||||
|
- New upstream development version 1.5.3.
|
||||||
|
|
||||||
|
* Thu Sep 10 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.2-1
|
||||||
|
- New upstream development version 1.5.2.
|
||||||
|
|
||||||
|
* Tue Sep 08 2020 Richard W.M. Jones <rjones@redhat.com> - 1.5.1-1
|
||||||
|
- New upstream development version 1.5.1.
|
||||||
|
|
||||||
|
* Tue Sep 01 2020 Richard W.M. Jones <rjones@redhat.com> - 1.4.0-2
|
||||||
|
- OCaml 4.11.1 rebuild
|
||||||
|
|
||||||
|
* Tue Aug 25 2020 Richard W.M. Jones <rjones@redhat.com> - 1.4.0-1
|
||||||
|
- New stable release 1.4.0.
|
||||||
|
|
||||||
|
* Fri Aug 21 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.12-3
|
||||||
|
- Bump release and rebuild.
|
||||||
|
|
||||||
|
* Fri Aug 21 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.12-2
|
||||||
|
- OCaml 4.11.0 rebuild
|
||||||
|
|
||||||
|
* Thu Aug 20 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.12-1
|
||||||
|
- New upstream version 1.3.12.
|
||||||
|
|
||||||
|
* Thu Aug 6 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.11-1
|
||||||
|
- New upstream version 1.3.11.
|
||||||
|
|
||||||
|
* Tue Aug 4 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.10-1
|
||||||
|
- New upstream version 1.3.10.
|
||||||
|
|
||||||
|
* Wed Jul 29 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.9-3
|
||||||
|
- Bump and rebuild.
|
||||||
|
|
||||||
|
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.9-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jul 21 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.9-1
|
||||||
|
- New upstream version 1.3.9.
|
||||||
|
- New tool: nbdinfo.
|
||||||
|
|
||||||
|
* Fri Jul 17 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.8-2
|
||||||
|
- New upstream version 1.3.8.
|
||||||
|
- New tool: nbdcopy
|
||||||
|
- Add upstream patch to fix compilation with glibc from Rawhide.
|
||||||
|
|
||||||
|
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 1.3.7-3
|
||||||
|
- Rebuilt for Python 3.9
|
||||||
|
|
||||||
|
* Mon May 04 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.7-2
|
||||||
|
- OCaml 4.11.0+dev2-2020-04-22 rebuild
|
||||||
|
|
||||||
|
* Thu Apr 23 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.7-1
|
||||||
|
- New upstream version 1.3.7.
|
||||||
|
|
||||||
|
* Tue Apr 21 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.6-5
|
||||||
|
- OCaml 4.11.0 pre-release attempt 2
|
||||||
|
|
||||||
|
* Fri Apr 17 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.6-4
|
||||||
|
- OCaml 4.11.0 pre-release
|
||||||
|
- Add upstream patch to fix one of the tests that fails on slow machines.
|
||||||
|
|
||||||
|
* Thu Apr 02 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.6-2
|
||||||
|
- Update all OCaml dependencies for RPM 4.16.
|
||||||
|
|
||||||
|
* Tue Mar 31 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.6-1
|
||||||
|
- New upstream development version 1.3.6.
|
||||||
|
- Golang bindings are contained in this release but not distributed.
|
||||||
|
|
||||||
|
* Wed Mar 11 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.5-2
|
||||||
|
- Fix bogus runtime Requires of new bash-completion package.
|
||||||
|
|
||||||
|
* Tue Mar 10 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.5-1
|
||||||
|
- New upstream development version 1.3.5.
|
||||||
|
- Add new bash-completion subpackage.
|
||||||
|
|
||||||
|
* Sat Feb 29 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.4-1
|
||||||
|
- New upstream development version 1.3.4.
|
||||||
|
|
||||||
|
* Wed Feb 26 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.3-2
|
||||||
|
- OCaml 4.10.0 final.
|
||||||
|
|
||||||
|
* Wed Feb 05 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.3-1
|
||||||
|
- New upstream development version 1.3.3.
|
||||||
|
|
||||||
|
* Thu Jan 30 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.2-1
|
||||||
|
- New upstream development version 1.3.2.
|
||||||
|
|
||||||
|
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sun Jan 19 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.1-4
|
||||||
|
- Bump release and rebuild.
|
||||||
|
|
||||||
|
* Sun Jan 19 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.1-3
|
||||||
|
- OCaml 4.10.0+beta1 rebuild.
|
||||||
|
|
||||||
|
* Thu Dec 12 2019 Richard W.M. Jones <rjones@redhat.com> - 1.3.1-2
|
||||||
|
- Rebuild for OCaml 4.09.0.
|
||||||
|
|
||||||
|
* Tue Dec 03 2019 Richard W.M. Jones <rjones@redhat.com> - 1.3.1-1
|
||||||
|
- New upstream development version 1.3.1.
|
||||||
|
|
||||||
|
* Wed Nov 27 2019 Richard W.M. Jones <rjones@redhat.com> - 1.2.0-2
|
||||||
|
- Use gpgverify macro instead of explicit gpgv2 command.
|
||||||
|
|
||||||
* Thu Nov 14 2019 Richard W.M. Jones <rjones@redhat.com> - 1.2.0-1
|
* Thu Nov 14 2019 Richard W.M. Jones <rjones@redhat.com> - 1.2.0-1
|
||||||
- New stable release 1.2.0.
|
- New stable release 1.2.0
|
||||||
|
|
||||||
* Wed Oct 9 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.3-1
|
* Sat Nov 09 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.9-1
|
||||||
- New upstream version 1.0.3.
|
- New upstream version 1.1.9.
|
||||||
|
- Add new nbdkit-release-notes-1.2(1) man page.
|
||||||
|
|
||||||
|
* Wed Nov 06 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.8-1
|
||||||
|
- New upstream version 1.1.8.
|
||||||
|
|
||||||
|
* Thu Oct 24 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.7-1
|
||||||
|
- New upstream version 1.1.7.
|
||||||
|
|
||||||
|
* Sat Oct 19 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.6-1
|
||||||
|
- New upstream version 1.1.6.
|
||||||
|
|
||||||
|
* Sat Oct 12 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.5-1
|
||||||
|
- New upstream version 1.1.5.
|
||||||
|
- New tool and subpackage nbdfuse.
|
||||||
|
|
||||||
|
* Wed Oct 9 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.4-1
|
||||||
|
- New upstream version 1.1.4.
|
||||||
- Contains fix for remote code execution vulnerability.
|
- Contains fix for remote code execution vulnerability.
|
||||||
- Add new libnbd-security(3) man page.
|
- Add new libnbd-security(3) man page.
|
||||||
|
|
||||||
* Tue Sep 17 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.2-1
|
* Tue Oct 1 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.3-1
|
||||||
- New upstream version 1.0.2.
|
- New upstream version 1.1.3.
|
||||||
|
|
||||||
|
* Tue Sep 17 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.2-1
|
||||||
|
- New upstream version 1.1.2.
|
||||||
- Remove patches which are upstream.
|
- Remove patches which are upstream.
|
||||||
- Contains fix for NBD Protocol Downgrade Attack (CVE-2019-14842).
|
- Contains fix for NBD Protocol Downgrade Attack (CVE-2019-14842).
|
||||||
- Fix previous commit message.
|
|
||||||
|
|
||||||
* Thu Sep 12 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.1-2
|
* Thu Sep 12 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.1-2
|
||||||
- Add upstream patch to fix nbdsh (for nbdkit tests).
|
- Add upstream patch to fix nbdsh (for nbdkit tests).
|
||||||
- Fix interop tests on slow machines.
|
|
||||||
|
|
||||||
* Sun Sep 08 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.1-1
|
* Sun Sep 08 2019 Richard W.M. Jones <rjones@redhat.com> - 1.1.1-1
|
||||||
- New stable version 1.0.1.
|
- New development version 1.1.1.
|
||||||
|
|
||||||
* Wed Aug 28 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.0-1
|
* Wed Aug 28 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.0-1
|
||||||
- New upstream version 1.0.0.
|
- New upstream version 1.0.0.
|
||||||
|
|
Loading…
Reference in New Issue