From 87e2dab60a109c823e8d8ce66e9e5f50a5bdb24a Mon Sep 17 00:00:00 2001 From: xh Date: Tue, 15 Apr 2025 06:22:01 +0000 Subject: [PATCH] sync some patches from upstream --- backport-close-socket-in-helper-process.patch | 57 +++++++++++ ...t-load-sourcedir-during-initstepslew.patch | 94 +++++++++++++++++++ ...-fix-finalization-for-async-resolver.patch | 43 +++++++++ ...memory-leak-of-empty-readline-string.patch | 32 +++++++ chrony.spec | 13 ++- 5 files changed, 238 insertions(+), 1 deletion(-) create mode 100644 backport-close-socket-in-helper-process.patch create mode 100644 backport-dont-load-sourcedir-during-initstepslew.patch create mode 100644 backport-fix-finalization-for-async-resolver.patch create mode 100644 backport-fix-memory-leak-of-empty-readline-string.patch diff --git a/backport-close-socket-in-helper-process.patch b/backport-close-socket-in-helper-process.patch new file mode 100644 index 0000000..889741e --- /dev/null +++ b/backport-close-socket-in-helper-process.patch @@ -0,0 +1,57 @@ +From 7196943f112c3087bcdf04d0106213a30d177a27 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar +Date: Thu, 28 Nov 2024 14:45:23 +0100 +Subject: [PATCH] nts: close socket in helper process on exit + +Close the socket used for receiving helper requests before exit to avoid +another valgrind error. + +Conflict:NA +Reference:https://github.com/mlichvar/chrony/commit/7196943f112c3087bcdf04d0106213a30d177a27 +--- + nts_ke_server.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/nts_ke_server.c b/nts_ke_server.c +index 6fe28be..6dd6251 100644 +--- a/nts_ke_server.c ++++ b/nts_ke_server.c +@@ -702,7 +702,7 @@ key_timeout(void *arg) + /* ================================================== */ + + static void +-run_helper(uid_t uid, gid_t gid, int scfilter_level) ++run_helper(uid_t uid, gid_t gid, int scfilter_level, int sock_fd) + { + LOG_Severity log_severity; + +@@ -729,10 +729,15 @@ run_helper(uid_t uid, gid_t gid, int scfilter_level) + if (scfilter_level != 0) + SYS_EnableSystemCallFilter(scfilter_level, SYS_NTSKE_HELPER); + ++ SCH_AddFileHandler(sock_fd, SCH_FILE_INPUT, handle_helper_request, NULL); ++ + SCH_MainLoop(); + + DEBUG_LOG("Helper exiting"); + ++ SCH_RemoveFileHandler(sock_fd); ++ close(sock_fd); ++ + NKS_Finalise(); + SCK_Finalise(); + SYS_Finalise(); +@@ -792,9 +797,8 @@ NKS_PreInitialise(uid_t uid, gid_t gid, int scfilter_level) + LOG_CloseParentFd(); + + SCK_CloseSocket(sock_fd1); +- SCH_AddFileHandler(sock_fd2, SCH_FILE_INPUT, handle_helper_request, NULL); + +- run_helper(uid, gid, scfilter_level); ++ run_helper(uid, gid, scfilter_level, sock_fd2); + } + + SCK_CloseSocket(sock_fd2); +-- +2.33.0 + diff --git a/backport-dont-load-sourcedir-during-initstepslew.patch b/backport-dont-load-sourcedir-during-initstepslew.patch new file mode 100644 index 0000000..0974640 --- /dev/null +++ b/backport-dont-load-sourcedir-during-initstepslew.patch @@ -0,0 +1,94 @@ +From f49be7f06343ee27fff2950937d7f6742f53976f Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar +Date: Tue, 12 Mar 2024 14:30:27 +0100 +Subject: [PATCH] conf: don't load sourcedir during initstepslew and RTC init + +If the reload sources command was received in the chronyd start-up +sequence with initstepslew and/or RTC init (-s option), the sources +loaded from sourcedirs caused a crash due to failed assertion after +adding sources specified in the config. + +Ignore the reload sources command until chronyd enters the normal +operation mode. + +Fixes: 519796de3756 ("conf: add sourcedirs directive") + +Conflict:The log feature is added in the pre-patch. Therefore, the test cases are adapted. +Reference:https://github.com/mlichvar/chrony/commit/f49be7f06343ee27fff2950937d7f6742f53976f +--- + conf.c | 11 ++++++++++- + test/simulation/203-initreload | 26 ++++++++++++++++++++++++++ + 2 files changed, 36 insertions(+), 1 deletion(-) + create mode 100755 test/simulation/203-initreload + +diff --git a/conf.c b/conf.c +index 6eae11c..8849bdc 100644 +--- a/conf.c ++++ b/conf.c +@@ -298,6 +298,8 @@ static ARR_Instance ntp_sources; + static ARR_Instance ntp_source_dirs; + /* Array of uint32_t corresponding to ntp_sources (for sourcedirs reload) */ + static ARR_Instance ntp_source_ids; ++/* Flag indicating ntp_sources and ntp_source_ids are used for sourcedirs */ ++static int conf_ntp_sources_added = 0; + + /* Array of RefclockParameters */ + static ARR_Instance refclock_sources; +@@ -1689,8 +1691,12 @@ reload_source_dirs(void) + NSR_Status s; + int d; + ++ /* Ignore reload command before adding configured sources */ ++ if (!conf_ntp_sources_added) ++ return; ++ + prev_size = ARR_GetSize(ntp_source_ids); +- if (prev_size > 0 && ARR_GetSize(ntp_sources) != prev_size) ++ if (ARR_GetSize(ntp_sources) != prev_size) + assert(0); + + /* Save the current sources and their configuration IDs */ +@@ -1859,7 +1865,10 @@ CNF_AddSources(void) + Free(source->params.name); + } + ++ /* The arrays will be used for sourcedir (re)loading */ + ARR_SetSize(ntp_sources, 0); ++ ARR_SetSize(ntp_source_ids, 0); ++ conf_ntp_sources_added = 1; + + reload_source_dirs(); + } +diff --git a/test/simulation/203-initreload b/test/simulation/203-initreload +new file mode 100755 +index 0000000..cf7924b +--- /dev/null ++++ b/test/simulation/203-initreload +@@ -0,0 +1,24 @@ ++#!/usr/bin/env bash ++ ++. ./test.common ++ ++check_config_h 'FEAT_CMDMON 1' || test_skip ++ ++# Test fix "conf: don't load sourcedir during initstepslew and RTC init" ++ ++test_start "reload during initstepslew" ++ ++client_conf="initstepslew 5 192.168.123.1 ++sourcedir tmp" ++client_server_conf="#" ++chronyc_conf="reload sources" ++chronyc_start=4 ++ ++echo 'server 192.168.123.1' > tmp/sources.sources ++ ++run_test || test_fail ++check_chronyd_exit || test_fail ++check_source_selection || test_fail ++check_sync || test_fail ++ ++test_pass +-- +2.33.0 + diff --git a/backport-fix-finalization-for-async-resolver.patch b/backport-fix-finalization-for-async-resolver.patch new file mode 100644 index 0000000..be08394 --- /dev/null +++ b/backport-fix-finalization-for-async-resolver.patch @@ -0,0 +1,43 @@ +From 08b67dba98b5dbc0184c38b3c1963dd2f00d2bd9 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar +Date: Thu, 22 Aug 2024 09:26:59 +0200 +Subject: [PATCH] ntp: fix finalization for async resolver + +If an attempt to resolve addresses of an NTP server is made right before +starting the termination sequence, the asynchronous resolver thread +could read the server name when it was already freed. + +Leave unresolved sources allocated in NSR_Finalise() if the async +resolver did not finish yet, at least for now. Waiting for the resolving +result or cancelling the thread would complicate the code. The scheduler +is not expected to be running at this point. + +Conflict:Context adaptation +Reference:https://github.com/mlichvar/chrony/commit/08b67dba98b5dbc0184c38b3c1963dd2f00d2bd9 +--- + ntp_sources.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/ntp_sources.c b/ntp_sources.c +index 29c99ac..d2cd113 100644 +--- a/ntp_sources.c ++++ b/ntp_sources.c +@@ -219,8 +219,13 @@ NSR_Finalise(void) + ARR_DestroyInstance(records); + ARR_DestroyInstance(pools); + +- while (unresolved_sources) +- remove_unresolved_source(unresolved_sources); ++ /* Leave the unresolved sources allocated if the async resolver is running ++ to avoid reading the name from freed memory. The handler will not be ++ called as the scheduler should no longer be running at this point. */ ++ if (!resolving_source) { ++ while (unresolved_sources) ++ remove_unresolved_source(unresolved_sources); ++ } + + initialised = 0; + } +-- +2.33.0 + diff --git a/backport-fix-memory-leak-of-empty-readline-string.patch b/backport-fix-memory-leak-of-empty-readline-string.patch new file mode 100644 index 0000000..3fa7098 --- /dev/null +++ b/backport-fix-memory-leak-of-empty-readline-string.patch @@ -0,0 +1,32 @@ +From 55898e9b07d2bf97cb3bb96987dbe57f1b6376ef Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar +Date: Wed, 12 Feb 2025 13:22:04 +0100 +Subject: [PATCH] client: fix memory leak of empty readline() string + +Conflict:NA +Reference:https://github.com/mlichvar/chrony/commit/55898e9b07d2bf97cb3bb96987dbe57f1b6376ef +--- + client.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/client.c b/client.c +index 70bcdae..6bbce14 100644 +--- a/client.c ++++ b/client.c +@@ -125,12 +125,11 @@ read_line(void) + strncpy(line, cmd, sizeof(line) - 1); + line[sizeof(line) - 1] = '\0'; + add_history(cmd); +- /* free the buffer allocated by readline */ +- Free(cmd); + } else { + /* simulate the user has entered an empty line */ + *line = '\0'; + } ++ Free(cmd); + return( line ); + #else + printf("%s", prompt); +-- +2.33.0 + diff --git a/chrony.spec b/chrony.spec index 8211e8e..97350e5 100644 --- a/chrony.spec +++ b/chrony.spec @@ -2,7 +2,7 @@ Name: chrony Version: 4.3 -Release: 2 +Release: 3 Summary: An NTP client/server License: GPLv2 URL: https://chrony.tuxfamily.org @@ -13,6 +13,11 @@ Source6: https://github.com/mlichvar/clknetsim/archive/%{clknetsim_ver}/clknet Patch1: chrony-nm-dispatcher-dhcp.patch Patch2: chrony-services.patch +Patch3: backport-dont-load-sourcedir-during-initstepslew.patch +Patch4: backport-fix-finalization-for-async-resolver.patch +Patch5: backport-close-socket-in-helper-process.patch +Patch6: backport-fix-memory-leak-of-empty-readline-string.patch + BuildRequires: gcc gcc-c++ bison systemd libcap-devel libedit-devel nettle-devel pps-tools-devel libseccomp-devel m4 gnutls-devel gnutls-utils Requires: shadow-utils systemd timedatex @@ -138,6 +143,12 @@ fi %{_mandir}/man[158]/%{name}*.[158]* %changelog +* Tue Apr 15 2025 xinghe - 4.3-3 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:sync some patches from upstream + * Sat May 6 2023 chengyechun - 4.3-2 - Type:bugfix - ID:NA -- Gitee