rpms/systemd
5
0
Fork 0
Code Issues Pull Requests Releases Activity

import systemd-239-58.el8_6.1

Browse Source
This commit is contained in:
CentOS Sources 2022-05-14 12:15:06 +00:00 committed by Stepan Oksanichenko
parent f1127b866b
commit 5ec01836ae
8 changed files with 316 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
SOURCES/0744-acpi-fpdt-mark-structures-as-packed.patch Normal file
View File

@ -0,0 +1,51 @@
From 96bc9caf3216b391a1da88b92ca507fa617177f7 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 23 Apr 2020 08:49:10 +0200
Subject: [PATCH] acpi-fpdt: mark structures as packed
Let's make sure the alignment doesn't matter.
(cherry picked from commit 49490c1d353bc920cbf73f4c71e9c35d2e3eb8b1)
Related: #2084052
---
src/shared/acpi-fpdt.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/shared/acpi-fpdt.c b/src/shared/acpi-fpdt.c
index d565ebd43e..38c464c912 100644
--- a/src/shared/acpi-fpdt.c
+++ b/src/shared/acpi-fpdt.c
@@ -23,7 +23,7 @@ struct acpi_table_header {
uint32_t oem_revision;
char asl_compiler_id[4];
uint32_t asl_compiler_revision;
-};
+} _packed_;
enum {
ACPI_FPDT_TYPE_BOOT = 0,
@@ -36,12 +36,12 @@ struct acpi_fpdt_header {
uint8_t revision;
uint8_t reserved[4];
uint64_t ptr;
-};
+} _packed_;
struct acpi_fpdt_boot_header {
char signature[4];
uint32_t length;
-};
+} _packed_;
enum {
ACPI_FPDT_S3PERF_RESUME_REC = 0,
@@ -59,7 +59,7 @@ struct acpi_fpdt_boot {
uint64_t startup_start;
uint64_t exit_services_entry;
uint64_t exit_services_exit;
-};
+} _packed;
int acpi_get_boot_usec(usec_t *loader_start, usec_t *loader_exit) {
_cleanup_free_ char *buf = NULL;

46
SOURCES/0745-core-slice-make-slice_freezer_action-return-0-if-fre.patch Normal file
View File

@ -0,0 +1,46 @@
From 9e3aefa21a631e7f47a8121097384a8b08ae8502 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 6 May 2022 14:01:22 +0900
Subject: [PATCH] core/slice: make slice_freezer_action() return 0 if freezing
state is unchanged
Fixes #23278.
(cherry picked from commit d171e72e7afa11b238ba20758384d223b0c76e39)
Related: #2084052
---
src/core/slice.c | 6 +-----
src/core/unit.c | 2 ++
2 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/src/core/slice.c b/src/core/slice.c
index c10e830917..34f3c84bf9 100644
--- a/src/core/slice.c
+++ b/src/core/slice.c
@@ -395,11 +395,7 @@ static int slice_freezer_action(Unit *s, FreezerAction action) {
return r;
}
- r = unit_cgroup_freezer_action(s, action);
- if (r < 0)
- return r;
-
- return 1;
+ return unit_cgroup_freezer_action(s, action);
}
static int slice_freeze(Unit *s) {
diff --git a/src/core/unit.c b/src/core/unit.c
index e2c61ce866..bd79578255 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -5622,6 +5622,8 @@ static int unit_freezer_action(Unit *u, FreezerAction action) {
if (r <= 0)
return r;
+ assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING));
+
return 1;
}

29
SOURCES/0746-core-unit-fix-use-after-free.patch Normal file
View File

@ -0,0 +1,29 @@
From 330e0ea2859db6107fae65bce982c0f2e2ababf5 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 9 May 2022 00:56:05 +0900
Subject: [PATCH] core/unit: fix use-after-free
Fixes #23312.
(cherry picked from commit 734582830b58e000a26e18807ea277c18778573c)
Related: #2084052
---
src/core/unit.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/unit.c b/src/core/unit.c
index bd79578255..68affa2c0e 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -580,8 +580,8 @@ void unit_free(Unit *u) {
unit_dequeue_rewatch_pids(u);
- sd_bus_slot_unref(u->match_bus_slot);
- sd_bus_track_unref(u->bus_track);
+ u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
+ u->bus_track = sd_bus_track_unref(u->bus_track);
u->deserialized_refs = strv_free(u->deserialized_refs);
u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);

58
SOURCES/0747-sd-bus-fix-reference-counter-to-be-incremented.patch Normal file
View File

@ -0,0 +1,58 @@
From d3d0969d7c366d6bb2f66501e61cbcd11a60face Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 17 Apr 2022 07:05:07 +0900
Subject: [PATCH] sd-bus: fix reference counter to be incremented
Fixes #23097.
(cherry picked from commit b21f237d996c8c18991a68e1204f060d07dc4745)
[msekleta: This commit also contains the hunk from c2d7dd35d2
(in sd_bus_track_remove_name). I've decided to not backport that commit
fully because of conflicts and because its was made largely irrelevant
by 7f40cb7c86]
Related: #2084052
---
src/libsystemd/sd-bus/bus-track.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c
index 16bf615f50..b1ec5ecbbb 100644
--- a/src/libsystemd/sd-bus/bus-track.c
+++ b/src/libsystemd/sd-bus/bus-track.c
@@ -208,12 +208,12 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) {
i = hashmap_get(track->names, name);
if (i) {
if (track->recursive) {
- unsigned k = track->n_ref + 1;
+ unsigned k = i->n_ref + 1;
- if (k < track->n_ref) /* Check for overflow */
+ if (k < i->n_ref) /* Check for overflow */
return -EOVERFLOW;
- track->n_ref = k;
+ i->n_ref = k;
}
bus_track_remove_from_queue(track);
@@ -281,14 +281,13 @@ _public_ int sd_bus_track_remove_name(sd_bus_track *track, const char *name) {
i = hashmap_get(track->names, name);
if (!i)
return -EUNATCH;
- if (i->n_ref <= 0)
- return -EUNATCH;
-
- i->n_ref--;
- if (i->n_ref <= 0)
+ assert(i->n_ref >=1);
+ if (i->n_ref <= 1)
return bus_track_remove_name_fully(track, name);
+ i->n_ref--;
+
return 1;
}

32
SOURCES/0748-sd-bus-do-not-read-unused-value.patch Normal file
View File

@ -0,0 +1,32 @@
From 6f8278097070d77e39d15e5f5d11e1c8b83871c2 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 17 Apr 2022 07:25:09 +0900
Subject: [PATCH] sd-bus: do not read unused value
(cherry picked from commit 6a7ca27740be4229b4c9f540cd610b205ca5752c)
Related: #2084052
---
src/libsystemd/sd-bus/bus-track.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c
index b1ec5ecbbb..b9965d9d64 100644
--- a/src/libsystemd/sd-bus/bus-track.c
+++ b/src/libsystemd/sd-bus/bus-track.c
@@ -182,13 +182,13 @@ _public_ sd_bus_track* sd_bus_track_unref(sd_bus_track *track) {
static int on_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
sd_bus_track *track = userdata;
- const char *name, *old, *new;
+ const char *name;
int r;
assert(message);
assert(track);
- r = sd_bus_message_read(message, "sss", &name, &old, &new);
+ r = sd_bus_message_read(message, "sss", &name, NULL, NULL);
if (r < 0)
return 0;

35
SOURCES/0749-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch Normal file
View File

@ -0,0 +1,35 @@
From 3005733945670cc4a77920bb55e5cdda331cff4d Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 17 Apr 2022 07:29:24 +0900
Subject: [PATCH] sd-bus: do not return negative errno when unknown name is
specified
When 'recursive' is false, then sd_bus_track_remove_name() does not
return negative errno when unknown name is specified. Let's follow the
same pattern for the case that 'recursive' is true.
(cherry picked from commit 55bfacc6c33eaf3475762e71172b2ef504be5af8)
Related: #2084052
---
src/libsystemd/sd-bus/bus-track.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c
index b9965d9d64..8893f190a1 100644
--- a/src/libsystemd/sd-bus/bus-track.c
+++ b/src/libsystemd/sd-bus/bus-track.c
@@ -275,12 +275,9 @@ _public_ int sd_bus_track_remove_name(sd_bus_track *track, const char *name) {
if (!track) /* Treat a NULL track object as an empty track object */
return 0;
- if (!track->recursive)
- return bus_track_remove_name_fully(track, name);
-
i = hashmap_get(track->names, name);
if (!i)
- return -EUNATCH;
+ return 0;
assert(i->n_ref >=1);
if (i->n_ref <= 1)

48
SOURCES/0750-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch Normal file
View File

@ -0,0 +1,48 @@
From 78b5b6dbd0bb4e5644e798748d186cca88fc523d Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 20 Apr 2022 22:30:22 +0200
Subject: [PATCH] sd-bus: switch to a manual overflow check in
sd_bus_track_add_name()
This is generally used in a directly client controllable way, hence we
should handle ref count overflow gracefully, instead of hitting an
assert().
As discussed:
https://github.com/systemd/systemd/pull/23099#discussion_r854341850
(cherry picked from commit 7f40cb7c86b0fff3a82096a9499570bad9c19fd2)
[msekleta: We've never switched to using track_item_ref/unref introduced
in c2d7dd35d2 hence we still had potential undefined behavior related to
overflow check and this commit fixes that.]
Related: #2084052
---
src/libsystemd/sd-bus/bus-track.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c
index 8893f190a1..b818e93bec 100644
--- a/src/libsystemd/sd-bus/bus-track.c
+++ b/src/libsystemd/sd-bus/bus-track.c
@@ -208,12 +208,16 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) {
i = hashmap_get(track->names, name);
if (i) {
if (track->recursive) {
- unsigned k = i->n_ref + 1;
+ assert(i->n_ref > 0);
- if (k < i->n_ref) /* Check for overflow */
+ /* Manual oveflow check (instead of a DEFINE_TRIVIAL_REF_FUNC() helper or so), so
+ * that we can return a proper error, given this is almost always called in a
+ * directly client controllable way, and thus better should never hit an assertion
+ * here. */
+ if (i->n_ref >= UINT_MAX)
return -EOVERFLOW;
- i->n_ref = k;
+ i->n_ref++;
}
bus_track_remove_from_queue(track);

18
SPECS/systemd.spec
View File

@ -13,7 +13,7 @@
Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
Version: 239
Release: 58%{?dist}
Release: 58%{?dist}.1
# For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+
Summary: System and Service Manager
@ -793,6 +793,13 @@ Patch0740: 0740-sysctl-fix-segfault.patch
Patch0741: 0741-ci-drop-CentOS-8-CI.patch
Patch0742: 0742-test-adapt-to-the-new-capsh-format.patch
Patch0743: 0743-test-ignore-IAB-capabilities-in-test-execute.patch
Patch0744: 0744-acpi-fpdt-mark-structures-as-packed.patch
Patch0745: 0745-core-slice-make-slice_freezer_action-return-0-if-fre.patch
Patch0746: 0746-core-unit-fix-use-after-free.patch
Patch0747: 0747-sd-bus-fix-reference-counter-to-be-incremented.patch
Patch0748: 0748-sd-bus-do-not-read-unused-value.patch
Patch0749: 0749-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch
Patch0750: 0750-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch
%ifarch %{ix86} x86_64 aarch64
@ -1423,6 +1430,15 @@ fi
%files tests -f .file-list-tests
%changelog
* Wed May 11 2022 systemd maintenance team <systemd-maint@redhat.com> - 239-58.1
- acpi-fpdt: mark structures as packed (#2084052)
- core/slice: make slice_freezer_action() return 0 if freezing state is unchanged (#2084052)
- core/unit: fix use-after-free (#2084052)
- sd-bus: fix reference counter to be incremented (#2084052)
- sd-bus: do not read unused value (#2084052)
- sd-bus: do not return negative errno when unknown name is specified (#2084052)
- sd-bus: switch to a manual overflow check in sd_bus_track_add_name() (#2084052)
* Tue Feb 08 2022 systemd maintenance team <systemd-maint@redhat.com> - 239-58
- ci: drop CentOS 8 CI (#2017033)
- test: adapt to the new capsh format (#2017033)