diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000000000000000000000000000000000..0a80fdce31f59c062e2abba28776e9521eddff30 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.gz filter=lfs diff=lfs merge=lfs -text diff --git a/.lfsconfig b/.lfsconfig new file mode 100644 index 0000000000000000000000000000000000000000..47c304e9fa8c377e49ba04ad973e96209ea05e9a --- /dev/null +++ b/.lfsconfig @@ -0,0 +1,2 @@ +[lfs] + url = https://artlfs.openeuler.openatom.cn/src-openEuler/nbdkit diff --git a/CVE-2025-47711.patch b/CVE-2025-47711.patch deleted file mode 100644 index 4cbc9a02237677d694f785c97ff55c53d2c9013b..0000000000000000000000000000000000000000 --- a/CVE-2025-47711.patch +++ /dev/null @@ -1,173 +0,0 @@ -From c3c1950867ea8d9c2108ff066ed9e78dde3cfc3f Mon Sep 17 00:00:00 2001 -From: Eric Blake -Date: Tue, 22 Apr 2025 17:01:12 -0500 -Subject: [PATCH] server: Fix off-by-one for maximum block_status length - [CVE-2025-47711] - -Origin: https://gitlab.com/nbdkit/nbdkit/-/commit/c3c1950867ea8d9c2108ff066ed9e78dde3cfc3f - -There has been an off-by-one bug in the code for .extents since the -introduction of that callback. Remember, internally the code allows -plugins to report on extents with 64-bit lengths, but the protocol -only supports 32-bit block status calls (nbdkit will need to create -plugin version 3 before it can support NBD's newer 64-bit block -status). As such, the server loop intentionally truncates a plugin's -large extent to 2**32-1 bytes. But in the process of checking whether -the loop should exit early, or if any additional extents should be -reported to the client, the server used 'pos > offset+count' instead -of >=, which is one byte too far. If the client has requested exactly -2**32-1 bytes, and the plugin's first extent has that same length, the -code erroneously proceeds on to the plugin's second extent. Worse, if -the plugin's first extent has 2**32 bytes or more, it was truncated to -2**31-1 bytes, but not completely handled, and the failure to exit the -loop early means that the server then fails the assertion: - -nbdkit: ../../server/protocol.c:505: extents_to_block_descriptors: -Assertion `e.length <= length' failed. - -The single-byte fix addresses both symptoms, while the added test -demonstrates both when run on older nbdkit (the protocol violation -when the plugin returns 2**32-1 bytes in the first extent, and the -assertion failure when the plugin returns 2**32 or more bytes in the -first extent). - -The problem can only be triggered by a client request for 2**32-1 -bytes; anything smaller is immune. The problem also does not occur -for plugins that do not return extents information beyond the client's -request, or if the first extent is smaller than the client's request. - -The ability to cause the server to die from an assertion failure can -be used as a denial of service attack against other clients. -Mitigations: if you require the use of TLS, then you can ensure that -you only have trusted clients that won't trigger a block status call -of length 2**32-1 bytes. Also, you can use "--filter=blocksize-policy -blocksize-minimum=512" to reject block status attempts from clients -that are not sector-aligned. - -Fixes: 26455d45 ('server: protocol: Implement Block Status "base:allocation".', v1.11.10) -Reported-by: Nikolay Ivanets -Signed-off-by: Eric Blake -Message-ID: <20250423211953.GR1450@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit e6f96bd1b77c0cc927ce6aeff650b52238304f39) - ---- - server/protocol.c | 2 +- - tests/Makefile.am | 2 ++ - tests/test-eval-extents.sh | 71 ++++++++++++++++++++++++++++++++++++++ - 3 files changed, 74 insertions(+), 1 deletion(-) - create mode 100755 tests/test-eval-extents.sh - -diff --git a/server/protocol.c b/server/protocol.c -index d428bfc..b4b1c16 100644 ---- a/server/protocol.c -+++ b/server/protocol.c -@@ -499,7 +499,7 @@ extents_to_block_descriptors (struct nbdkit_extents *extents, - (*nr_blocks)++; - - pos += length; -- if (pos > offset + count) /* this must be the last block */ -+ if (pos >= offset + count) /* this must be the last block */ - break; - - /* If we reach here then we must have consumed this whole -diff --git a/tests/Makefile.am b/tests/Makefile.am -index c0d1bdc..8521d65 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -845,6 +845,7 @@ TESTS += \ - test-eval.sh \ - test-eval-file.sh \ - test-eval-exports.sh \ -+ test-eval-extents.sh \ - test-eval-cache.sh \ - test-eval-dump-plugin.sh \ - test-eval-disconnect.sh \ -@@ -853,6 +854,7 @@ EXTRA_DIST += \ - test-eval.sh \ - test-eval-file.sh \ - test-eval-exports.sh \ -+ test-eval-extents.sh \ - test-eval-cache.sh \ - test-eval-dump-plugin.sh \ - test-eval-disconnect.sh \ -diff --git a/tests/test-eval-extents.sh b/tests/test-eval-extents.sh -new file mode 100755 -index 0000000..92b503e ---- /dev/null -+++ b/tests/test-eval-extents.sh -@@ -0,0 +1,71 @@ -+#!/usr/bin/env bash -+# nbdkit -+# Copyright Red Hat -+# -+# Redistribution and use in source and binary forms, with or without -+# modification, are permitted provided that the following conditions are -+# met: -+# -+# * Redistributions of source code must retain the above copyright -+# notice, this list of conditions and the following disclaimer. -+# -+# * Redistributions in binary form must reproduce the above copyright -+# notice, this list of conditions and the following disclaimer in the -+# documentation and/or other materials provided with the distribution. -+# -+# * Neither the name of Red Hat nor the names of its contributors may be -+# used to endorse or promote products derived from this software without -+# specific prior written permission. -+# -+# THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND -+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, -+# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -+# PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR -+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -+# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -+# SUCH DAMAGE. -+ -+source ./functions.sh -+set -e -+set -x -+ -+requires_run -+requires_plugin eval -+requires_nbdsh_uri -+requires nbdsh --base-allocation --version -+ -+files="eval-extents.out" -+rm -f $files -+cleanup_fn rm -f $files -+ -+# Trigger an off-by-one bug introduced in v1.11.10 and fixed in v1.43.7 -+export script=' -+def f(context, offset, extents, status): -+ print(extents) -+ -+# First, probe where the server should return 2 extents. -+h.block_status(2**32-1, 2, f) -+ -+# Next, probe where the server has exactly 2**32-1 bytes in its first extent. -+h.block_status(2**32-1, 1, f) -+ -+# Now, probe where the first extent has to be truncated. -+h.block_status(2**32-1, 0, f) -+' -+nbdkit eval \ -+ get_size='echo 5G' \ -+ pread='dd if=/dev/zero count=$3 iflag=count_bytes' \ -+ extents='echo 0 4G 1; echo 4G 1G 2' \ -+ --run 'nbdsh --base-allocation --uri "$uri" -c "$script"' \ -+ > eval-extents.out -+cat eval-extents.out -+diff -u - eval-extents.out < -Date: Tue, 22 Apr 2025 19:53:39 -0500 -Subject: [PATCH] blocksize: Fix 32-bit overflow in .extents [CVE-2025-47712] - -Origin: https://gitlab.com/nbdkit/nbdkit/-/commit/c3ed72811aca5684490b198737b2f0b921741547 - -If the original request is larger than 2**32 - minblock, then we were -calling nbdkit_extents_aligned() with a count that rounded up then -overflowed to 0 instead of the intended 4G because of overflowing a -32-bit type, which in turn causes an assertion failure: - -nbdkit: ../../server/backend.c:814: backend_extents: Assertion `backend_valid_range (c, offset, count)' failed. - -The fix is to force the rounding to be in a 64-bit type from the -get-go. - -The ability for a well-behaved client to cause the server to die from -an assertion failure can be used as a denial of service attack against -other clients. Mitigations: if you requrire the use of TLS, then you -can ensure that you only have trusted clients that won't trigger a -block status call that large. Also, the problem only occurs when -using the blocksize filter, although setting the filter's maxlen -parameter to a smaller value than its default of 2**32-1 does not -help. - -Fixes: 2680be00 ('blocksize: Fix .extents when plugin changes type within minblock', v1.21.16) -Signed-off-by: Eric Blake -Message-ID: <20250423210917.1784789-3-eblake@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit a486f88d1eea653ea88b0bf8804c4825dab25ec7) ---- - filters/blocksize/blocksize.c | 5 +- - tests/Makefile.am | 2 + - tests/test-blocksize-extents-overflow.sh | 83 ++++++++++++++++++++++++ - 3 files changed, 88 insertions(+), 2 deletions(-) - create mode 100755 tests/test-blocksize-extents-overflow.sh - -diff --git a/filters/blocksize/blocksize.c b/filters/blocksize/blocksize.c -index 09195cea1..e5c8b7445 100644 ---- a/filters/blocksize/blocksize.c -+++ b/filters/blocksize/blocksize.c -@@ -482,8 +482,9 @@ blocksize_extents (nbdkit_next *next, - return -1; - } - -- if (nbdkit_extents_aligned (next, MIN (ROUND_UP (count, h->minblock), -- h->maxlen), -+ if (nbdkit_extents_aligned (next, -+ MIN (ROUND_UP ((uint64_t) count, h->minblock), -+ h->maxlen), - ROUND_DOWN (offset, h->minblock), flags, - h->minblock, extents2, err) == -1) - return -1; -diff --git a/tests/Makefile.am b/tests/Makefile.am -index 6a951c3e8..10565b43a 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -1622,12 +1622,14 @@ test_layers_filter3_la_LIBADD = $(IMPORT_LIBRARY_ON_WINDOWS) - TESTS += \ - test-blocksize.sh \ - test-blocksize-extents.sh \ -+ test-blocksize-extents-overflow.sh \ - test-blocksize-default.sh \ - test-blocksize-sharding.sh \ - $(NULL) - EXTRA_DIST += \ - test-blocksize.sh \ - test-blocksize-extents.sh \ -+ test-blocksize-extents-overflow.sh \ - test-blocksize-default.sh \ - test-blocksize-sharding.sh \ - $(NULL) -diff --git a/tests/test-blocksize-extents-overflow.sh b/tests/test-blocksize-extents-overflow.sh -new file mode 100755 -index 000000000..844c3999a ---- /dev/null -+++ b/tests/test-blocksize-extents-overflow.sh -@@ -0,0 +1,83 @@ -+#!/usr/bin/env bash -+# nbdkit -+# Copyright Red Hat -+# -+# Redistribution and use in source and binary forms, with or without -+# modification, are permitted provided that the following conditions are -+# met: -+# -+# * Redistributions of source code must retain the above copyright -+# notice, this list of conditions and the following disclaimer. -+# -+# * Redistributions in binary form must reproduce the above copyright -+# notice, this list of conditions and the following disclaimer in the -+# documentation and/or other materials provided with the distribution. -+# -+# * Neither the name of Red Hat nor the names of its contributors may be -+# used to endorse or promote products derived from this software without -+# specific prior written permission. -+# -+# THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND -+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, -+# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -+# PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR -+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -+# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -+# SUCH DAMAGE. -+ -+# Demonstrate a fix for a bug where blocksize overflowed 32 bits -+ -+source ./functions.sh -+set -e -+set -x -+ -+requires_run -+requires_plugin eval -+requires_nbdsh_uri -+requires nbdsh --base-allocation --version -+ -+# Script a sparse server that requires 512-byte aligned requests. -+exts=' -+if test $(( ($3|$4) & 511 )) != 0; then -+ echo "EINVAL request unaligned" 2>&1 -+ exit 1 -+fi -+echo 0 5G 0 -+' -+ -+# We also need an nbdsh script to parse all extents, coalescing adjacent -+# types for simplicity. -+# FIXME: Once nbdkit plugin version 3 allows 64-bit block extents, run -+# this test twice, once for each bit size (32-bit needs 2 extents, 64-bit -+# will get the same result with only 1 extent). -+export script=' -+size = h.get_size() -+offs = 0 -+entries = [] -+def f(metacontext, offset, e, err): -+ global entries -+ global offs -+ assert offs == offset -+ for length, flags in zip(*[iter(e)] * 2): -+ if entries and flags == entries[-1][1]: -+ entries[-1] = (entries[-1][0] + length, flags) -+ else: -+ entries.append((length, flags)) -+ offs = offs + length -+ -+# Test a loop over the entire device -+while offs < size: -+ len = min(size - offs, 2**32-1) -+ h.block_status(len, offs, f) -+assert entries == [(5 * 2**30, 0)] -+' -+ -+# Now run everything -+nbdkit --filter=blocksize eval minblock=512 \ -+ get_size='echo 5G' pread='exit 1' extents="$exts" \ -+ --run 'nbdsh --base-allocation -u "$uri" -c "$script"' --- -GitLab - diff --git a/nbdkit-1.40.4.tar.gz b/nbdkit-1.40.4.tar.gz deleted file mode 100644 index fdf780267e54e5ddc940b48685f1951ab418fe32..0000000000000000000000000000000000000000 Binary files a/nbdkit-1.40.4.tar.gz and /dev/null differ diff --git a/nbdkit-1.44.2.tar.gz b/nbdkit-1.44.2.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ec6a0b403b270537f01c5245ceb34887d6ba321a --- /dev/null +++ b/nbdkit-1.44.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:48d3ba3d1be94b82c6c5aac886ba4491d1ea225be591ecdc90181e903f6a56f4 +size 2655846 diff --git a/nbdkit.spec b/nbdkit.spec index c9ba8499fff254ffd776c20893431f17ede8d78d..425a1f89389fdcd4d7193bf7cec04304aa256449 100644 --- a/nbdkit.spec +++ b/nbdkit.spec @@ -3,21 +3,18 @@ %global selinuxtype targeted Name: nbdkit -Version: 1.40.4 -Release: 2 +Version: 1.44.2 +Release: 1 Summary: NBD server License: BSD-3-Clause URL: https://gitlab.com/nbdkit/nbdkit -Source0: https://download.libguestfs.org/nbdkit/1.40-stable/nbdkit-%{version}.tar.gz +Source0: https://download.libguestfs.org/nbdkit/1.44-stable/nbdkit-%{version}.tar.gz # For nbdkit-selinux package: Source6: %{modulename}.te Source7: %{modulename}.if Source8: %{modulename}.fc -Patch0: CVE-2025-47711.patch -Patch1: CVE-2025-47712.patch - BuildRequires: gcc make BuildRequires: autoconf automake libtool BuildRequires: pkgconfig(bash-completion) >= 2.0 @@ -28,6 +25,7 @@ BuildRequires: pkgconfig(gnutls) >= 3.5.18 BuildRequires: pkgconfig(libcurl) BuildRequires: pkgconfig(libguestfs) BuildRequires: pkgconfig(liblzma) +BuildRequires: pkgconfig(libnfs) >= 16 BuildRequires: pkgconfig(libselinux) BuildRequires: pkgconfig(libssh) >= 0.8.0 BuildRequires: pkgconfig(libvirt) @@ -288,6 +286,13 @@ Requires: %{name}-server = %{version}-%{release} %description lua-plugin This package lets you write Lua plugins for %{name}. +%package nfs-plugin +Summary: NFS (Network File Server) plugin for %{name} +Requires: %{name}-server%{?_isa} = %{version}-%{release} + +%description nfs-plugin +This package contains Network File Server (NFS) support for %{name}. + %ifarch x86_64 %package vddk-plugin Summary: VMware VDDK plugin for nbdkit @@ -468,11 +473,17 @@ function skip_test () skip_test tests/test-shebang-cc.sh tests/test-floppy.sh tests/test-eval-file.sh skip_test tests/test-linuxdisk.sh tests/test-ondemand.sh tests/test-partitioning2.sh skip_test tests/test-partitioning3.sh tests/test-partitioning5.sh tests/test-tar.sh -skip_test tests/test-old-plugins-x86_64-Linux-v1.18.2.sh -skip_test tests/test-old-plugins-x86_64-Linux-v1.8.4.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.0.0.sh skip_test tests/test-old-plugins-x86_64-Linux-v1.12.8.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.18.2.sh skip_test tests/test-old-plugins-x86_64-Linux-v1.2.8.sh -skip_test tests/test-old-plugins-x86_64-Linux-v1.0.0.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.8.4.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.0.0-fs.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.12.8-fs.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.18.2-fs.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.2.8-fs.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.38.4-fs.sh +skip_test tests/test-old-plugins-x86_64-Linux-v1.8.4-fs.sh skip_test tests/test-floppy-size.sh tests/test-spinning-mkfs.sh skip_test tests/test-iso.sh mkdir -p $HOME/.cache/libvirt @@ -614,6 +625,11 @@ fi %{_libdir}/%{name}/plugins/nbdkit-vddk-plugin.so %endif +%files nfs-plugin +%doc README.md +%license LICENSE +%{_libdir}/%{name}/plugins/nbdkit-nfs-plugin.so + %files basic-filters %license LICENSE %doc README.md @@ -639,6 +655,7 @@ fi %{_libdir}/%{name}/filters/nbdkit-limit-filter.so %{_libdir}/%{name}/filters/nbdkit-log-filter.so %{_libdir}/%{name}/filters/nbdkit-luks-filter.so +%{_libdir}/%{name}/filters/nbdkit-lzip-filter.so %{_libdir}/%{name}/filters/nbdkit-multi-conn-filter.so %{_libdir}/%{name}/filters/nbdkit-nocache-filter.so %{_libdir}/%{name}/filters/nbdkit-noextents-filter.so @@ -646,6 +663,7 @@ fi %{_libdir}/%{name}/filters/nbdkit-noparallel-filter.so %{_libdir}/%{name}/filters/nbdkit-nozero-filter.so %{_libdir}/%{name}/filters/nbdkit-offset-filter.so +%{_libdir}/%{name}/filters/nbdkit-openonce-filter.so %{_libdir}/%{name}/filters/nbdkit-partition-filter.so %{_libdir}/%{name}/filters/nbdkit-pause-filter.so %{_libdir}/%{name}/filters/nbdkit-protect-filter.so @@ -661,6 +679,7 @@ fi %{_libdir}/%{name}/filters/nbdkit-stats-filter.so %{_libdir}/%{name}/filters/nbdkit-swab-filter.so %{_libdir}/%{name}/filters/nbdkit-tar-filter.so +%{_libdir}/%{name}/filters/nbdkit-time-limit-filter.so %{_libdir}/%{name}/filters/nbdkit-tls-fallback-filter.so %{_libdir}/%{name}/filters/nbdkit-truncate-filter.so %{_libdir}/%{name}/filters/nbdkit-xz-filter.so @@ -695,6 +714,9 @@ fi %{_mandir}/man?/* %changelog +* Tue Aug 05 2025 Funda Wang - 1.44.2-1 +- update to 1.44.2 stable + * Fri Jun 20 2025 wangkai <13474090681@163.com> - 1.40.4-2 - Fix CVE-2025-47711, CVE-2025-47712