import CS rpm-4.16.1.3-29.el9

This commit is contained in:
eabdullin 2024-03-28 11:41:33 +00:00
parent dff934935e
commit 6de86b12e5
13 changed files with 2450 additions and 1 deletions

View File

@ -0,0 +1,107 @@
From 186e0ab025b9ad92d900697f611633a6f6162f3b Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Wed, 9 Feb 2022 14:47:14 +0200
Subject: [PATCH] Add optional callback on directory changes during rpmfi
iteration
Internal only for now in case we need to fiddle with the API some more,
but no reason this couldn't be made public later.
---
lib/rpmfi.c | 24 ++++++++++++++++++++----
lib/rpmfi_internal.h | 17 +++++++++++++++++
2 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/lib/rpmfi.c b/lib/rpmfi.c
index aec8220a3..6c631fdb5 100644
--- a/lib/rpmfi.c
+++ b/lib/rpmfi.c
@@ -53,6 +53,9 @@ struct rpmfi_s {
int intervalStart; /*!< Start of iterating interval. */
int intervalEnd; /*!< End of iterating interval. */
+ rpmfiChdirCb onChdir; /*!< Callback for directory changes */
+ void *onChdirData; /*!< Caller private callback data */
+
rpmfiles files; /*!< File info set */
rpmcpio_t archive; /*!< Archive with payload */
unsigned char * found; /*!< Bit field of files found in the archive */
@@ -298,11 +301,16 @@ rpm_count_t rpmfiDC(rpmfi fi)
return (fi != NULL ? rpmfilesDC(fi->files) : 0);
}
-#ifdef NOTYET
-int rpmfiDI(rpmfi fi)
+int rpmfiSetOnChdir(rpmfi fi, rpmfiChdirCb cb, void *data)
{
+ int rc = -1;
+ if (fi != NULL) {
+ fi->onChdir = cb;
+ fi->onChdirData = data;
+ rc = 0;
+ }
+ return rc;
}
-#endif
int rpmfiFX(rpmfi fi)
{
@@ -314,9 +322,17 @@ int rpmfiSetFX(rpmfi fi, int fx)
int i = -1;
if (fi != NULL && fx >= 0 && fx < rpmfilesFC(fi->files)) {
+ int dx = fi->j;
i = fi->i;
fi->i = fx;
fi->j = rpmfilesDI(fi->files, fi->i);
+ i = fi->i;
+
+ if (fi->j != dx && fi->onChdir) {
+ int chrc = fi->onChdir(fi, fi->onChdirData);
+ if (chrc < 0)
+ i = chrc;
+ }
}
return i;
}
@@ -1682,9 +1698,9 @@ static rpmfi initIter(rpmfiles files, int itype, int link)
if (files && itype>=0 && itype<=RPMFILEITERMAX) {
fi = xcalloc(1, sizeof(*fi));
fi->i = -1;
+ fi->j = -1;
fi->files = link ? rpmfilesLink(files) : files;
fi->next = nextfuncs[itype];
- fi->i = -1;
if (itype == RPMFI_ITER_BACK) {
fi->i = rpmfilesFC(fi->files);
} else if (itype >=RPMFI_ITER_READ_ARCHIVE
diff --git a/lib/rpmfi_internal.h b/lib/rpmfi_internal.h
index dccc6ccbe..37f1d45f5 100644
--- a/lib/rpmfi_internal.h
+++ b/lib/rpmfi_internal.h
@@ -13,6 +13,23 @@
extern "C" {
#endif
+/** \ingroup rpmfi
+ * Callback on file iterator directory changes
+ * @param fi file info
+ * @param data caller private callback data
+ * @return 0 on success, < 0 on error (to stop iteration)
+ */
+typedef int (*rpmfiChdirCb)(rpmfi fi, void *data);
+
+/** \ingroup rpmfi
+ * Set a callback for directory changes during iteration.
+ * @param fi file info
+ * @param cb callback function
+ * @param data caller private callback data
+ * @return string pool handle (weak reference)
+ */
+int rpmfiSetOnChdir(rpmfi fi, rpmfiChdirCb cb, void *data);
+
/** \ingroup rpmfi
* Return file info set string pool handle
* @param fi file info
--
2.41.0

View File

@ -0,0 +1,30 @@
From 6c66abd34cccbb5b3c063f8f613e0c2faffc415f Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Wed, 13 Dec 2023 11:57:50 +0200
Subject: [PATCH] Don't warn about missing user/group on skipped files
There's no reason to complain about missing user/group for entities
we don't create at all. It's cosmetical only, but "regressed" in the
4.17 fsm robustness rewrite.
Reported in https://issues.redhat.com/browse/RHEL-18037
---
lib/fsm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index 2189bd84c..a54e43bae 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -903,7 +903,7 @@ int rpmPackageFilesInstall(rpmts ts, rpmte te, rpmfiles files,
fp->fpath = fsmFsPath(fi, fp->suffix);
/* Remap file perms, owner, and group. */
- rc = rpmfiStat(fi, 1, &fp->sb);
+ rc = rpmfiStat(fi, (fp->skip == 0), &fp->sb);
/* Hardlinks are tricky and handled elsewhere for install */
fp->setmeta = (fp->skip == 0) &&
--
2.43.0

View File

@ -0,0 +1,35 @@
From 0bc13d75b5883ccf4d6579f7a60fb1badd104649 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Thu, 10 Feb 2022 10:23:22 +0200
Subject: [PATCH] Eliminate code duplication from rpmfiNext()
Now that we can, let rpmfiSetFX() take care of the details.
---
lib/rpmfi.c | 11 ++---------
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/lib/rpmfi.c b/lib/rpmfi.c
index 689ead2c5..aec8220a3 100644
--- a/lib/rpmfi.c
+++ b/lib/rpmfi.c
@@ -856,15 +856,8 @@ int rpmfiNext(rpmfi fi)
next = fi->next(fi);
} while (next == RPMERR_ITER_SKIP);
- if (next >= 0 && next < rpmfilesFC(fi->files)) {
- fi->i = next;
- fi->j = rpmfilesDI(fi->files, fi->i);
- } else {
- fi->i = -1;
- if (next >= 0) {
- next = -1;
- }
- }
+ if (next >= 0)
+ next = rpmfiSetFX(fi, next);
}
return next;
}
--
2.41.0

View File

@ -0,0 +1,66 @@
From c140768202e271b60910644c1e4bf848a50218d3 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Mon, 27 Nov 2023 11:52:34 +0200
Subject: [PATCH] Emit full paths for file disposition diagnostics on
--fsmdebug
The full path is visible in the actual file operations later, but the
pre-flight disposition diagnostics is unreadable without the full path.
This regressed in the switch to relative paths for the *at() API family
for the symlink CVE fixes.
---
lib/fsm.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index 091e90554..fcd764648 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -482,14 +482,14 @@ static void removeSBITS(int dirfd, const char *path)
}
}
-static void fsmDebug(const char *fpath, rpmFileAction action,
+static void fsmDebug(const char *dn, const char *fpath, rpmFileAction action,
const struct stat *st)
{
- rpmlog(RPMLOG_DEBUG, "%-10s %06o%3d (%4d,%4d)%6d %s\n",
+ rpmlog(RPMLOG_DEBUG, "%-10s %06o%3d (%4d,%4d)%6d %s%s\n",
fileActionString(action), (int)st->st_mode,
(int)st->st_nlink, (int)st->st_uid,
(int)st->st_gid, (int)st->st_size,
- (fpath ? fpath : ""));
+ (dn ? dn : ""), (fpath ? fpath : ""));
}
static int fsmSymlink(const char *opath, int dirfd, const char *path)
@@ -910,7 +910,7 @@ int rpmPackageFilesInstall(rpmts ts, rpmte te, rpmfiles files,
(fp->sb.st_nlink == 1 || fp->action == FA_TOUCH);
setFileState(fs, fx);
- fsmDebug(fp->fpath, fp->action, &fp->sb);
+ fsmDebug(rpmfiDN(fi), fp->fpath, fp->action, &fp->sb);
fp->stage = FILE_PRE;
}
@@ -975,7 +975,7 @@ int rpmPackageFilesInstall(rpmts ts, rpmte te, rpmfiles files,
rpmlog(RPMLOG_DEBUG, "file %s vanished unexpectedly\n",
fp->fpath);
fp->action = FA_CREATE;
- fsmDebug(fp->fpath, fp->action, &fp->sb);
+ fsmDebug(rpmfiDN(fi), fp->fpath, fp->action, &fp->sb);
}
/* When touching we don't need any of this... */
@@ -1138,7 +1138,7 @@ int rpmPackageFilesRemove(rpmts ts, rpmte te, rpmfiles files,
rc = fsmStat(di.dirfd, fp->fpath, 1, &fp->sb);
- fsmDebug(fp->fpath, fp->action, &fp->sb);
+ fsmDebug(rpmfiDN(fi), fp->fpath, fp->action, &fp->sb);
/* Run fsm file pre hook for all plugins */
rc = rpmpluginsCallFsmFilePre(plugins, fi, fp->fpath,
--
2.43.0

View File

@ -0,0 +1,148 @@
From 173b737f40e7da85f79544e3f4ea4ad7b8f7d5c2 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Mon, 6 Nov 2023 15:58:54 +0200
Subject: [PATCH] Expose and document rpmdb --verifydb operation
After years of BDB, sometimes folks just want some assurance that their db
is still fine. Properly exposing an operation to do so hopefully makes
less likely to poke at the db directly (with eg sqlite3 command).
---
docs/man/rpmdb.8.md | 4 ++++
tools/rpmdb.c | 4 ++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/rpmdb.c b/rpmdb.c
index 22b0b3e5d..36efff8af 100644
--- a/rpmdb.c
+++ b/rpmdb.c
@@ -23,8 +23,8 @@ static struct poptOption dbOptsTable[] = {
{ "rebuilddb", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_REBUILDDB,
N_("rebuild database inverted lists from installed package headers"),
NULL},
- { "verifydb", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR|POPT_ARGFLAG_DOC_HIDDEN),
- &mode, MODE_VERIFYDB, N_("verify database files"), NULL},
+ { "verifydb", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR),
+ &mode, MODE_VERIFYDB, N_("verify database"), NULL},
{ "salvagedb", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR|POPT_ARGFLAG_DOC_HIDDEN),
&mode, MODE_SALVAGEDB, N_("salvage database"), NULL},
{ "exportdb", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_EXPORTDB,
--
2.41.0
--- a/doc/rpmdb.8 2020-05-28 12:04:25.024136615 +0200
+++ b/doc/rpmdb.8 2023-12-13 11:57:30.646202901 +0100
@@ -1,48 +1,70 @@
-.TH "RPMDB" "8" "29 June 2010" "Red Hat, Inc"
+.\" Automatically generated by Pandoc 3.1.3
+.\"
+.\" Define V font for inline verbatim, using C font in formats
+.\" that render this, and otherwise B font.
+.ie "\f[CB]x\f[]"x" \{\
+. ftr V B
+. ftr VI BI
+. ftr VB B
+. ftr VBI BI
+.\}
+.el \{\
+. ftr V CR
+. ftr VI CI
+. ftr VB CB
+. ftr VBI CBI
+.\}
+.TH "RPMDB" "8" "29 June 2010" "" ""
+.hy
.SH NAME
-rpmdb \- RPM Database Tool
+.PP
+rpmdb - RPM Database Tool
.SH SYNOPSIS
-
-\fBrpm\fR {\fB--initdb|--rebuilddb\fR}
-
-.SH "DESCRIPTION"
-The general form of an rpm rebuild database command is
-.PP
-
-\fBrpm\fR {\fB--initdb|--rebuilddb\fR} [\fB-v\fR] [\fB--dbpath \fIDIRECTORY\fB\fR] [\fB--root \fIDIRECTORY\fB\fR]
-
-.PP
-Use \fB--initdb\fR to create a new database if one doesn't already exist
-(existing database is not overwritten), use
-\fB--rebuilddb\fR to rebuild the database indices from
-the installed package headers.
-.PP
-
-.SH "SEE ALSO"
-
-.nf
-\fBpopt\fR(3),
-\fBrpm\fR(8),
-\fBrpmkeys\fR(8),
-\fBrpmsign\fR(8),
-\fBrpm2cpio\fR(8),
-\fBrpmbuild\fR(8),
-\fBrpmspec\fR(8),
-.fi
-
-\fBrpm --help\fR - as rpm supports customizing the options via popt aliases
-it's impossible to guarantee that what's described in the manual matches
-what's available.
-
-
-\fBhttp://www.rpm.org/ <URL:http://www.rpm.org/>
-\fR
-.SH "AUTHORS"
-
+.PP
+\f[B]rpmdb\f[R] {\f[B]--initdb|--rebuilddb\f[R]}
+.PP
+\f[B]rpmdb\f[R] {\f[B]--verifydb\f[R]}
+.PP
+\f[B]rpmdb\f[R] {\f[B]--exportdb|--importdb\f[R]}
+.SH DESCRIPTION
+.PP
+The general form of an rpmdb command is
+.PP
+\f[B]rpm\f[R] {\f[B]--initdb|--rebuilddb\f[R]} [\f[B]-v\f[R]]
+[\f[B]--dbpath \f[R]\f[I]DIRECTORY\f[R]] [\f[B]--root
+\f[R]\f[I]DIRECTORY\f[R]]
+.PP
+Use \f[B]--initdb\f[R] to create a new database if one doesn\[aq]t
+already exist (existing database is not overwritten), use
+\f[B]--rebuilddb\f[R] to rebuild the database indices from the installed
+package headers.
+.PP
+\f[B]--verifydb\f[R] performs a low-level integrity check on the
+database.
+.PP
+\f[B]--exportdb\f[R] exports the database in header-list format,
+suitable for transfporting to another host or database type.
+.PP
+\f[B]--importdb\f[R] imports a database from a header-list format as
+created by \f[B]--exportdb\f[R].
+.SH SEE ALSO
+.PP
+\f[B]popt\f[R](3), \f[B]rpm\f[R](8), \f[B]rpmkeys\f[R](8),
+\f[B]rpmsign\f[R](8), \f[B]rpm2cpio\f[R](8), \f[B]rpmbuild\f[R](8),
+\f[B]rpmspec\f[R](8)
+.PP
+\f[B]rpm --help\f[R] - as rpm supports customizing the options via popt
+aliases it\[aq]s impossible to guarantee that what\[aq]s described in
+the manual matches what\[aq]s available.
+.PP
+\f[B]http://www.rpm.org/ <URL:http://www.rpm.org/>\f[R]
+.SH AUTHORS
+.IP
.nf
-Marc Ewing <marc@redhat.com>
-Jeff Johnson <jbj@redhat.com>
-Erik Troan <ewt@redhat.com>
-Panu Matilainen <pmatilai@redhat.com>
+\f[C]
+Marc Ewing <marc\[at]redhat.com>
+Jeff Johnson <jbj\[at]redhat.com>
+Erik Troan <ewt\[at]redhat.com>
+Panu Matilainen <pmatilai\[at]redhat.com>
+\f[R]
.fi
-

View File

@ -0,0 +1,26 @@
From 03525592c944957f3b7b200b7daeb9f615cdcde7 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 23 May 2023 12:46:22 +0300
Subject: [PATCH] Fix a copy-paste --help description of --whatconflicts
(RhBug:2208661)
---
lib/poptQV.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/poptQV.c b/lib/poptQV.c
index ac8e8975d..8bd91c652 100644
--- a/lib/poptQV.c
+++ b/lib/poptQV.c
@@ -108,7 +108,7 @@ struct poptOption rpmQVSourcePoptTable[] = {
{ "verify", 'V', POPT_ARGFLAG_DOC_HIDDEN, NULL, 'V',
N_("rpm verify mode"), NULL },
{ "whatconflicts", '\0', 0, 0, POPT_WHATCONFLICTS,
- N_("query/verify the package(s) which require a dependency"), "CAPABILITY" },
+ N_("query/verify the package(s) which conflict with a dependency"), "CAPABILITY" },
{ "whatrequires", '\0', 0, 0, POPT_WHATREQUIRES,
N_("query/verify the package(s) which require a dependency"), "CAPABILITY" },
{ "whatobsoletes", '\0', 0, 0, POPT_WHATOBSOLETES,
--
2.41.0

View File

@ -0,0 +1,50 @@
From 321933f060896f721e361a1c8a8d3731bdcee827 Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Wed, 22 Jun 2022 14:07:01 +0200
Subject: [PATCH] Fix short circuiting of version strings in expressions
We use an empty string when discarding a value due to short circuiting, but
an empty string is not allowed for versions. So use "0" in that case.
Fixes: #1883
---
rpmio/expression.c | 2 +-
tests/rpmmacro.at | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/rpmio/expression.c b/rpmio/expression.c
index a389a04d5..98a44bbdb 100644
--- a/rpmio/expression.c
+++ b/rpmio/expression.c
@@ -477,7 +477,7 @@ static int rdToken(ParseState state)
if (qtok == TOK_STRING) {
v = valueMakeString(temp);
} else {
- v = valueMakeVersion(temp);
+ v = valueMakeVersion(state->flags & RPMEXPR_DISCARD ? "0" : temp);
free(temp); /* version doesn't take ownership of the string */
if (v == 0) {
exprErr(state, _("invalid version"), p+1);
diff --git a/tests/rpmmacro.at b/tests/rpmmacro.at
index d1490b4d9..c4376d49e 100644
--- a/tests/rpmmacro.at
+++ b/tests/rpmmacro.at
@@ -533,6 +533,7 @@ runroot rpm \
--eval '%["%{aaa}"]' \
--eval '%[%{?ccc}]' \
--eval '%[v"1:2.3-4"]' \
+ --eval '%[v"0" && v"0"]' \
]],
[0],
[4096
@@ -542,6 +543,7 @@ runroot rpm \
5
0
1:2.3-4
+0
],
[])
AT_CLEANUP
--
2.41.0

View File

@ -0,0 +1,46 @@
From 89ce4e7ca592f5abafc3f25aeaa07d36a7b43a61 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 14 Nov 2023 11:37:48 +0200
Subject: [PATCH] Fix wrong return code on O_DIRECTORY open of invalid symlink
The dir argument to fsmOpenpath() is supposed to be a rough O_DIRECTORY
equivalent, and if the path is actually a misowned symlink it should
return ENOTDIR instead of ELOOP. Makes the resulting error messages
at least a little more comprehensible.
---
lib/fsm.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index 51f439ef3..091e90554 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -304,6 +304,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
struct stat lsb, sb;
int sflags = flags | O_NOFOLLOW;
int fd = openat(dirfd, path, sflags);
+ int ffd = fd;
/*
* Only ever follow symlinks by root or target owner. Since we can't
@@ -312,7 +313,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
* it could've only been the link owner or root.
*/
if (fd < 0 && errno == ELOOP && flags != sflags) {
- int ffd = openat(dirfd, path, flags);
+ ffd = openat(dirfd, path, flags);
if (ffd >= 0) {
if (fstatat(dirfd, path, &lsb, AT_SYMLINK_NOFOLLOW) == 0) {
if (fstat(ffd, &sb) == 0) {
@@ -327,7 +328,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
}
/* O_DIRECTORY equivalent */
- if (dir && fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)) {
+ if (dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)))) {
errno = ENOTDIR;
fsmClose(&fd);
}
--
2.43.0

View File

@ -0,0 +1,158 @@
From ac7b0dbd5a18d2c57a942ca14ac856b8047425ff Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 15 Feb 2022 10:43:13 +0200
Subject: [PATCH] Pass file descriptor to file prepare plugin hook, use when
possible
Sadly the thing that allegedly makes things better mostly just makes
things more complicated as symlinks can't be opened, so we'll now have
to deal with both cases in plugins too. To make matters worse, most
APIs out there support either an fd or a path, but very few support
the *at() style dirfd + basename approach so plugins are stuck with
absolute paths for now.
This is of course a plugin API/ABI change too.
---
lib/rpmplugin.h | 2 +-
lib/rpmplugins.c | 4 ++--
lib/rpmplugins.h | 3 ++-
plugins/ima.c | 9 +++++++--
plugins/selinux.c | 13 ++++++++-----
5 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/lib/rpmplugin.h b/lib/rpmplugin.h
index fd81aec8d..fab4b3e83 100644
--- a/lib/rpmplugin.h
+++ b/lib/rpmplugin.h
@@ -57,7 +57,7 @@ typedef rpmRC (*plugin_fsm_file_post_func)(rpmPlugin plugin, rpmfi fi,
const char* path, mode_t file_mode,
rpmFsmOp op, int res);
typedef rpmRC (*plugin_fsm_file_prepare_func)(rpmPlugin plugin, rpmfi fi,
- const char* path,
+ int fd, const char* path,
const char *dest,
mode_t file_mode, rpmFsmOp op);
diff --git a/lib/rpmplugins.c b/lib/rpmplugins.c
index 65e684e84..923084b78 100644
--- a/lib/rpmplugins.c
+++ b/lib/rpmplugins.c
@@ -384,7 +384,7 @@ rpmRC rpmpluginsCallFsmFilePost(rpmPlugins plugins, rpmfi fi, const char *path,
}
rpmRC rpmpluginsCallFsmFilePrepare(rpmPlugins plugins, rpmfi fi,
- const char *path, const char *dest,
+ int fd, const char *path, const char *dest,
mode_t file_mode, rpmFsmOp op)
{
plugin_fsm_file_prepare_func hookFunc;
@@ -394,7 +394,7 @@ rpmRC rpmpluginsCallFsmFilePrepare(rpmPlugins plugins, rpmfi fi,
for (i = 0; i < plugins->count; i++) {
rpmPlugin plugin = plugins->plugins[i];
RPMPLUGINS_SET_HOOK_FUNC(fsm_file_prepare);
- if (hookFunc && hookFunc(plugin, fi, path, dest, file_mode, op) == RPMRC_FAIL) {
+ if (hookFunc && hookFunc(plugin, fi, fd, path, dest, file_mode, op) == RPMRC_FAIL) {
rpmlog(RPMLOG_ERR, "Plugin %s: hook fsm_file_prepare failed\n", plugin->name);
rc = RPMRC_FAIL;
}
diff --git a/lib/rpmplugins.h b/lib/rpmplugins.h
index 39762c376..ddf5d7048 100644
--- a/lib/rpmplugins.h
+++ b/lib/rpmplugins.h
@@ -156,6 +156,7 @@ rpmRC rpmpluginsCallFsmFilePost(rpmPlugins plugins, rpmfi fi, const char* path,
* permissions etc, but before committing file to destination path.
* @param plugins plugins structure
* @param fi file info iterator (or NULL)
+ * @param fd file descriptor (or -1 if not available)
* @param path file object current path
* @param dest file object destination path
* @param mode file object mode
@@ -164,7 +165,7 @@ rpmRC rpmpluginsCallFsmFilePost(rpmPlugins plugins, rpmfi fi, const char* path,
*/
RPM_GNUC_INTERNAL
rpmRC rpmpluginsCallFsmFilePrepare(rpmPlugins plugins, rpmfi fi,
- const char *path, const char *dest,
+ int fd, const char *path, const char *dest,
mode_t mode, rpmFsmOp op);
#ifdef __cplusplus
diff --git a/plugins/ima.c b/plugins/ima.c
index fe6d3ad7f..9c28a41a3 100644
--- a/plugins/ima.c
+++ b/plugins/ima.c
@@ -39,7 +39,7 @@ static int check_zero_hdr(const unsigned char *fsig, size_t siglen)
return (memcmp(fsig, &zero_hdr, sizeof(zero_hdr)) == 0);
}
-static rpmRC ima_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
+static rpmRC ima_fsm_file_prepare(rpmPlugin plugin, rpmfi fi, int fd,
const char *path,
const char *dest,
mode_t file_mode, rpmFsmOp op)
@@ -68,8 +68,13 @@
fsig = rpmfiFSignature(fi, &len);
if (fsig && (check_zero_hdr(fsig, len) == 0)) {
- if (lsetxattr(path, XATTR_NAME_IMA, fsig, len, 0) < 0) {
- int is_err = errno != EOPNOTSUPP;
+ int xx;
+ if (fd >= 0)
+ xx = fsetxattr(fd, XATTR_NAME_IMA, fsig, len, 0);
+ else
+ xx = lsetxattr(path, XATTR_NAME_IMA, fsig, len, 0);
+ if (xx < 0) {
+ int is_err = errno != EOPNOTSUPP;
rpmlog(is_err?RPMLOG_ERR:RPMLOG_DEBUG,
"ima: could not apply signature on '%s': %s\n",
path, strerror(errno));
diff --git a/plugins/fapolicyd.c b/plugins/fapolicyd.c
index 7ac44f0d0..1ff50c30f 100644
--- a/plugins/fapolicyd.c
+++ b/plugins/fapolicyd.c
@@ -145,7 +145,8 @@ static rpmRC fapolicyd_scriptlet_pre(rpmPlugin plugin, const char *s_name,
}
static rpmRC fapolicyd_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
- const char *path, const char *dest,
+ int fd, const char *path,
+ const char *dest,
mode_t file_mode, rpmFsmOp op)
{
/* not ready */
diff --git a/plugins/selinux.c b/plugins/selinux.c
index 32c3b7529..a7f20aeca 100644
--- a/plugins/selinux.c
+++ b/plugins/selinux.c
@@ -149,7 +149,7 @@ static rpmRC selinux_scriptlet_fork_post(rpmPlugin plugin,
return rc;
}
-static rpmRC selinux_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
+static rpmRC selinux_fsm_file_prepare(rpmPlugin plugin, rpmfi fi, int fd,
const char *path, const char *dest,
mode_t file_mode, rpmFsmOp op)
{
@@ -194,13 +194,17 @@
if (sehandle && !XFA_SKIPPING(action)) {
char *scon = NULL;
if (selabel_lookup_raw(sehandle, &scon, dest, file_mode) == 0) {
- int conrc = lsetfilecon(path, scon);
+ int conrc;
+ if (fd >= 0)
+ conrc = fsetfilecon(fd, scon);
+ else
+ conrc = lsetfilecon(path, scon);
if (conrc == 0 || (conrc < 0 && errno == EOPNOTSUPP))
rc = RPMRC_OK;
- rpmlog(loglvl(rc != RPMRC_OK), "lsetfilecon: (%s, %s) %s\n",
- path, scon, (conrc < 0 ? strerror(errno) : ""));
+ rpmlog(loglvl(rc != RPMRC_OK), "lsetfilecon: (%d %s, %s) %s\n",
+ fd, path, scon, (conrc < 0 ? strerror(errno) : ""));
freecon(scon);
} else {
--
2.41.0

View File

@ -0,0 +1,32 @@
From f1503ab6e898430b80017c0f8347860f3a74d5bb Mon Sep 17 00:00:00 2001
From: Florian Festi <ffesti@redhat.com>
Date: Mon, 11 Dec 2023 15:50:15 +0100
Subject: [PATCH] Print full path if file removal fails
For normal debug output the basename of the files are sufficient as when
debugging is enabled the directories are also printed. But here the
warning is given without a debug flag so we need the full context right
there.
---
lib/fsm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index fcd764648..2189bd84c 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -1174,9 +1174,9 @@ int rpmPackageFilesRemove(rpmts ts, rpmte te, rpmfiles files,
if (rc) {
int lvl = strict_erasures ? RPMLOG_ERR : RPMLOG_WARNING;
- rpmlog(lvl, _("%s %s: remove failed: %s\n"),
+ rpmlog(lvl, _("%s %s%s: remove failed: %s\n"),
S_ISDIR(fp->sb.st_mode) ? _("directory") : _("file"),
- fp->fpath, strerror(errno));
+ rpmfiDN(fi), fp->fpath, strerror(errno));
}
}
--
2.43.0

View File

@ -0,0 +1,90 @@
From 6dd62720fe84f7e2ad902c915b952fc0b29e3dcd Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 15 Feb 2022 11:34:37 +0200
Subject: [PATCH] Swap over to dirfd+basename based operation within the fsm
Within fsm this is just a matter of adjusting error messages to include
the directory... if it only wasn't for the plugins requiring absolute
paths for outside users. For the plugins, we need to assemble absolute
paths as needed, both in ensureDir() and plugin file slots.
---
lib/rpmplugins.c | 20 +++++++++++++++++---
2 files changed, 36 insertions(+), 14 deletions(-)
diff --git a/lib/rpmplugins.c b/lib/rpmplugins.c
index 703368c0d..f06fd7895 100644
--- a/lib/rpmplugins.c
+++ b/lib/rpmplugins.c
@@ -350,21 +350,31 @@ rpmRC rpmpluginsCallScriptletPost(rpmPlugins plugins, const char *s_name, int ty
return rc;
}
+static char *abspath(rpmfi fi, const char *path)
+{
+ if (*path == '/')
+ return xstrdup(path);
+ else
+ return rstrscat(NULL, rpmfiDN(fi), path, NULL);
+}
+
rpmRC rpmpluginsCallFsmFilePre(rpmPlugins plugins, rpmfi fi, const char *path,
mode_t file_mode, rpmFsmOp op)
{
plugin_fsm_file_pre_func hookFunc;
int i;
rpmRC rc = RPMRC_OK;
+ char *apath = abspath(fi, path);
for (i = 0; i < plugins->count; i++) {
rpmPlugin plugin = plugins->plugins[i];
RPMPLUGINS_SET_HOOK_FUNC(fsm_file_pre);
- if (hookFunc && hookFunc(plugin, fi, path, file_mode, op) == RPMRC_FAIL) {
+ if (hookFunc && hookFunc(plugin, fi, apath, file_mode, op) == RPMRC_FAIL) {
rpmlog(RPMLOG_ERR, "Plugin %s: hook fsm_file_pre failed\n", plugin->name);
rc = RPMRC_FAIL;
}
}
+ free(apath);
return rc;
}
@@ -375,14 +385,16 @@ rpmRC rpmpluginsCallFsmFilePost(rpmPlugins plugins, rpmfi fi, const char *path,
plugin_fsm_file_post_func hookFunc;
int i;
rpmRC rc = RPMRC_OK;
+ char *apath = abspath(fi, path);
for (i = 0; i < plugins->count; i++) {
rpmPlugin plugin = plugins->plugins[i];
RPMPLUGINS_SET_HOOK_FUNC(fsm_file_post);
- if (hookFunc && hookFunc(plugin, fi, path, file_mode, op, res) == RPMRC_FAIL) {
+ if (hookFunc && hookFunc(plugin, fi, apath, file_mode, op, res) == RPMRC_FAIL) {
rpmlog(RPMLOG_WARNING, "Plugin %s: hook fsm_file_post failed\n", plugin->name);
}
}
+ free(apath);
return rc;
}
@@ -394,15 +406,17 @@ rpmRC rpmpluginsCallFsmFilePrepare(rpmPlugins plugins, rpmfi fi,
plugin_fsm_file_prepare_func hookFunc;
int i;
rpmRC rc = RPMRC_OK;
+ char *apath = abspath(fi, path);
for (i = 0; i < plugins->count; i++) {
rpmPlugin plugin = plugins->plugins[i];
RPMPLUGINS_SET_HOOK_FUNC(fsm_file_prepare);
- if (hookFunc && hookFunc(plugin, fi, fd, path, dest, file_mode, op) == RPMRC_FAIL) {
+ if (hookFunc && hookFunc(plugin, fi, fd, apath, dest, file_mode, op) == RPMRC_FAIL) {
rpmlog(RPMLOG_ERR, "Plugin %s: hook fsm_file_prepare failed\n", plugin->name);
rc = RPMRC_FAIL;
}
}
+ free(apath);
return rc;
}
--
2.41.0

File diff suppressed because it is too large Load Diff

View File

@ -32,7 +32,7 @@
%global rpmver 4.16.1.3 %global rpmver 4.16.1.3
#global snapver rc1 #global snapver rc1
%global rel 25 %global rel 29
%global sover 9 %global sover 9
%global srcver %{rpmver}%{?snapver:-%{snapver}} %global srcver %{rpmver}%{?snapver:-%{snapver}}
@ -94,6 +94,20 @@ Patch122: rpm-4.16.1.3-Support-long-languages-names-for-QT.patch
Patch123: rpm-4.14.3-rpm2archive-parse-popt-options.patch Patch123: rpm-4.14.3-rpm2archive-parse-popt-options.patch
Patch124: rpm-4.14.3-rpm2archive-Don-t-print-usage.patch Patch124: rpm-4.14.3-rpm2archive-Don-t-print-usage.patch
Patch125: rpm-4.16.1.3-IMA-without-xattr.patch Patch125: rpm-4.16.1.3-IMA-without-xattr.patch
# Backport fsm to fix CVEs
Patch126: 0001-Eliminate-code-duplication-from-rpmfiNext.patch
Patch127: 0001-Add-optional-callback-on-directory-changes-during-rp.patch
Patch128: 0001-Pass-file-descriptor-to-file-prepare-plugin-hook-use.patch
Patch129: 0001-Swap-over-to-dirfd-basename-based-operation-within-t.patch
Patch130: 0001-Use-file-state-machine-from-rpm-4.19.patch
Patch131: 0001-Emit-full-paths-for-file-disposition-diagnostics-on-.patch
Patch132: 0001-Fix-wrong-return-code-on-O_DIRECTORY-open-of-invalid.patch
Patch133: 0001-Print-full-path-if-file-removal-fails.patch
Patch134: 0001-Don-t-warn-about-missing-user-group-on-skipped-files.patch
Patch140: 0001-Fix-short-circuiting-of-version-strings-in-expressio.patch
Patch141: 0001-Fix-a-copy-paste-help-description-of-whatconflicts-R.patch
Patch142: 0001-Expose-and-document-rpmdb-verifydb-operation.patch
# These are not yet upstream # These are not yet upstream
Patch906: rpm-4.7.1-geode-i686.patch Patch906: rpm-4.7.1-geode-i686.patch
@ -643,6 +657,22 @@ fi
%doc doc/librpm/html/* %doc doc/librpm/html/*
%changelog %changelog
* Wed Dec 13 2023 Florian Festi <ffesti@redhat.com> - 4.16.1.3-29
- Actually add --verifydb to the man page (RHEL-14591)
- Don't warn about missing user/group on skipped files (RHEL-18037)
* Mon Dec 11 2023 Florian Festi <ffesti@redhat.com> - 4.16.1.3-28
- Fix warning if file removal fails
* Mon Nov 27 2023 Florian Festi <ffesti@redhat.com> - 4.16.1.3-27
- Fix short circuiting of version strings in expressions (RHEL-15688)
- Fix description of whatconflicts in the man page (RHEL-6303)
- Expose and document rpmdb --verifydb operation (RHEL-14591)
- Fixes to the file handling backport
* Fri Nov 10 2023 Florian Festi <ffesti@redhat.com> - 4.16.1.3-26
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
CVE-2021-35938 and CVE-2021-35939
* Fri Jun 30 2023 Florian Festi <ffesti@redhat.com> - 4.16.1.3-25 * Fri Jun 30 2023 Florian Festi <ffesti@redhat.com> - 4.16.1.3-25
- Followup on #2166383 - Followup on #2166383