diff --git a/powerpc-utils-1.3.10-nvram-manpage.patch b/powerpc-utils-1.3.10-nvram-manpage.patch new file mode 100644 index 0000000..fb82723 --- /dev/null +++ b/powerpc-utils-1.3.10-nvram-manpage.patch @@ -0,0 +1,47 @@ +commit d604cc779741c29cbdc8da97cbfc1512fd21fc1b +Author: Likhitha Korrapati +Date: Fri Aug 11 00:41:14 2023 -0500 + + nvram man page and --help output are not in sync + + The nvram man page and the output from --help option are not in + sync and few of the options are missing in man page. + + The options that are missing are ascii, dump, nvram-size, zero. + These options are added through the commit ids [1], [2]. + + This patch adds the above missing options to the nvram. + + [1] https://github.com/ibm-power-utilities/powerpc-utils/commit/0e09f4e2898e7dea556479b018a7f4bf12108099 + [2] https://github.com/ibm-power-utilities/powerpc-utils/commit/976dbe9bb7b01b135cac3e7bbd1dce0cdc88636a + + Signed-off-by: Likhitha Korrapati + Signed-off-by: Tyrel Datwyler + +diff --git a/man/nvram.8 b/man/nvram.8 +index 2938e34..6071712 100644 +--- a/man/nvram.8 ++++ b/man/nvram.8 +@@ -67,6 +67,22 @@ be more verbose. + \fB\--help + print usage information including other low level options useful for + debugging nvram. ++.TP ++\fB\--ascii \fIname ++print partition contents as ASCII text ++.TP ++\fB\--dump \fIname ++raw dump of partition (use --partitions to see names) ++.TP ++\fB\--nvram-size ++specify size of nvram data, must in multiples of 16 Bytes (for repair ++operations) ++.TP ++\fB\--unzip \fIname ++decompress and print compressed data from partition ++.TP ++\fB\--zero | 0 \fR ++terminate config pairs with a NULL character + .SH FILES + /dev/nvram + .SH AUTHOR diff --git a/powerpc-utils-1.3.10-nvram-print-config-crash.patch b/powerpc-utils-1.3.10-nvram-print-config-crash.patch new file mode 100644 index 0000000..8764e50 --- /dev/null +++ b/powerpc-utils-1.3.10-nvram-print-config-crash.patch @@ -0,0 +1,47 @@ +commit 3f72b8326a2fc9a9dffb4b31d0ce3abf12e24751 +Author: Likhitha Korrapati +Date: Thu Jan 25 15:44:02 2024 +0530 + + powerpc/nvram: fix segmentation fault issue in print-config + + print-config option in nvram results in segmentation fault when the + user provides a very large value. + + without the patch: + [root@xxx powerpc-utils]# nvram --print-config=real-mode? + true + [root@xxx powerpc-utils]# nvram --print-config=$(perl -e 'p + rint "A"x1000000') + Segmentation fault (core dumped) + + The Segmentation fault occurs because the code tries to access memory + beyond the bounds of the data at index varlen. varlen is the length of + the string provided by the user. + + This patch adds a condition to check whether the length of the data is + greater than varlen to prevent accessing out of bounds. + + with the patch: + [root@xxx powerpc-utils]# ./src/nvram --print-config=real-m + ode? + true + [root@xxx powerpc-utils]# ./src/nvram --print-config=$(perl + -e 'print "A"x1000000') + + Reported-by: Shirisha Ganta + Signed-off-by: Likhitha Korrapati + Signed-off-by: Tyrel Datwyler + +diff --git a/src/nvram.c b/src/nvram.c +index f051e9c..095e747 100644 +--- a/src/nvram.c ++++ b/src/nvram.c +@@ -1280,7 +1280,7 @@ print_of_config(struct nvram *nvram, char *config_var, char *pname, + + data = (char *)phead + sizeof(*phead); + while (*data != '\0') { +- if ((data[varlen] == '=') && ++ if (strlen(data) > varlen && (data[varlen] == '=') && + strncmp(config_var, data, varlen) == 0) { + printf("%s%c", data + varlen + 1, terminator); + rc = 0; diff --git a/powerpc-utils-1.3.10-nvram-size-crash.patch b/powerpc-utils-1.3.10-nvram-size-crash.patch new file mode 100644 index 0000000..cee837e --- /dev/null +++ b/powerpc-utils-1.3.10-nvram-size-crash.patch @@ -0,0 +1,51 @@ +commit a6d31caf4eaa453d3ec879f02163b3a515789b85 +Author: Likhitha Korrapati +Date: Mon Sep 11 05:23:37 2023 -0500 + + powerpc/nvram: Fix Segmentation fault issue in nvram-size. + + nvram-size option results in segmentation fault when the user + specifies value larger than the default nvram size + + Without the patch: + [root@xxx ~]# nvram --nvram-size 1048592 + nvram: WARNING: expected 1048592 bytes, but only read 15360! + Segmentation fault (core dumped) + + Segmentation fault is caused because the phead->length is becoming 0. + And because of this the p_start doesn't get updated which makes the + while loop run infinitely resulting in segmentation fault. + This patch adds a condition check for phead->length to avoid infinite + while loop. + + With the patch: + [root@xxx src]# ./nvram --nvram-size 1048592 + ./nvram: WARNING: expected 1048592 bytes, but only read 15360! + [root@xxx src]# ./nvram --nvram-size 268435456 + ./nvram: WARNING: expected 268435456 bytes, but only read 15360! + [root@xxx src]# + + Reported-by: Shirisha Ganta + Signed-off-by: Likhitha Korrapati + [tyreld: fixed up else block] + Signed-off-by: Tyrel Datwyler + +diff --git a/src/nvram.c b/src/nvram.c +index 095e747..1987c3d 100644 +--- a/src/nvram.c ++++ b/src/nvram.c +@@ -460,8 +460,12 @@ nvram_parse_partitions(struct nvram *nvram) + c_sum = checksum(phead); + if (c_sum != phead->checksum) + warn_msg("this partition checksum should be %02x!\n", c_sum); +- phead->length = be16toh(phead->length); +- p_start += phead->length * NVRAM_BLOCK_SIZE; ++ if (phead->length != 0) { ++ phead->length = be16toh(phead->length); ++ p_start += phead->length * NVRAM_BLOCK_SIZE; ++ } else { ++ break; ++ } + } + + if (verbose) diff --git a/powerpc-utils.spec b/powerpc-utils.spec index d3c1b46..371c29a 100644 --- a/powerpc-utils.spec +++ b/powerpc-utils.spec @@ -1,6 +1,6 @@ Name: powerpc-utils Version: 1.3.10 -Release: 10%{?dist} +Release: 11%{?dist} Summary: PERL-based scripts for maintaining and servicing PowerPC systems License: GPLv2 @@ -45,13 +45,25 @@ Patch18: powerpc-utils-372599ed28d65a79d4c3b3405a8e04034eb58e09.patch Patch19: powerpc-utils-e0928dc5e5375591a4cff6ffabc6063771288f59.patch Patch20: powerpc-utils-d0bc79aedaf76eff09a5d1f399da09561a4d4d7d.patch Patch21: powerpc-utils-7698adc945372e901c2bc3f7066a5a1c219bf1d8.patch + # lpar can't boot up after installation if nsid of nvme device is greater than 10. Patch22: powerpc-utils-8a7aa61c5f520df03e53e6f7e1d63b7d5c432376.patch + # rtas_dbg -l returns large negativ value Patch23: powerpc-utils-rtas_dbg_return_negativ_value.patch + # Support multiple dev paths for a nvme boot device Patch24: 0001-scripts-bootlist-Support-multiple-dev-paths-for-a-nv.patch +# segault when running nvram --print-config +Patch25: powerpc-utils-1.3.10-nvram-print-config-crash.patch + +# segault when running nvram --nvram-size 268435456 +Patch26: powerpc-utils-1.3.10-nvram-size-crash.patch + +# nvram help page and man page are not in sync +Patch27: powerpc-utils-1.3.10-nvram-manpage.patch + ExclusiveArch: ppc %{power64} BuildRequires: gcc @@ -168,7 +180,7 @@ systemctl enable hcn-init.service >/dev/null 2>&1 || : %license COPYING %dir %{_localstatedir}/lib/powerpc-utils %dir /etc/drmgr.d/pmig -%config(noreplace) %{_localstatedir}/lib/powerpc-utils/smt.state +%verify(not md5 size mtime) %config(noreplace) %{_localstatedir}/lib/powerpc-utils/smt.state %{_unitdir}/smtstate.service %{_unitdir}/smt_off.service %{_unitdir}/hcn-init.service @@ -245,6 +257,11 @@ systemctl enable hcn-init.service >/dev/null 2>&1 || : %changelog +* Sat Jun 29 2024 Than Ngo - 1.3.10-11 +- Resolves: RHEL-23620, nvram help page and man page are not in sync +- Resolves: RHEL-23619, segault when running nvram --nvram-size 268435456 +- Resolves: RHEL-23624, segault when running nvram --print-config + * Tue Jan 30 2024 Than Ngo - 1.3.10-10 - Resolves: RHEL-22830, Support multiple dev paths for a nvme boot device