diff --git a/Add-check-to-resolve-uname26-version-test-failed.patch b/Add-check-to-resolve-uname26-version-test-failed.patch deleted file mode 100644 index 193c6ede090f9e23e675fd4980dd7868a34576bf..0000000000000000000000000000000000000000 --- a/Add-check-to-resolve-uname26-version-test-failed.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 72466ac801928c205604b99fe01f830809bda930 Mon Sep 17 00:00:00 2001 -From: Liquor -Date: Thu, 17 Dec 2020 15:04:56 +0800 -Subject: [PATCH] Add check to resolve uname26-version test failed - -The uname command is modified in packages uname-build-checks, -but the uname26-version test case needs to use the uname -r query -result.As a result,the test fails. -So we add a judgment to check whether uname-build-checks is installed. ---- - tests/ts/misc/setarch | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/tests/ts/misc/setarch b/tests/ts/misc/setarch -index 7c99cca..25d02c1 100755 ---- a/tests/ts/misc/setarch -+++ b/tests/ts/misc/setarch -@@ -77,7 +77,12 @@ ts_finalize_subtest "$finmsg" - # conditional subtest - if [ "$uname26_seems_supported" = "yes" ]; then - ts_init_subtest uname26-version -- tmp=$($TS_CMD_SETARCH $ARCH --uname-2.6 uname -r) -+ rpm -qa | grep -q "uname-build-checks" -+ if [ $? -eq 0 ]; then -+ tmp=$($TS_CMD_SETARCH $ARCH --uname-2.6 uname.bin -r) -+ else -+ tmp=$($TS_CMD_SETARCH $ARCH --uname-2.6 uname -r) -+ fi - if echo "$tmp" | grep -q "^2\.6\."; then - echo "kernel version changed to 2.6" >> $TS_OUTPUT - else --- -2.27.0 - diff --git a/Do-not-excute-Utmp-testcases.patch b/Do-not-excute-Utmp-testcases.patch deleted file mode 100644 index 8850484577259aaa33fad2b97e42e4d769c8d068..0000000000000000000000000000000000000000 --- a/Do-not-excute-Utmp-testcases.patch +++ /dev/null @@ -1,26 +0,0 @@ -From b629f0e02c2ac6283012131404380acc56beb5e8 Mon Sep 17 00:00:00 2001 -From: yang_zhuang_zhuang -Date: Mon, 2 Nov 2020 17:17:13 +0800 -Subject: Do not excute Utmp testcases. - -The compilation environment and test cases are vulnerable.As a result,the Utmp testcase fail to be compiled.Therefore,the Utmp testcases are commented out. ---- - tests/commands.sh | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/commands.sh b/tests/commands.sh -index 5f34452..ad3edb2 100644 ---- a/tests/commands.sh -+++ b/tests/commands.sh -@@ -100,7 +100,7 @@ TS_CMD_SWAPOFF=${TS_CMD_SWAPOFF:-"${ts_commandsdir}swapoff"} - TS_CMD_SWAPON=${TS_CMD_SWAPON:-"${ts_commandsdir}swapon"} - TS_CMD_UL=${TS_CMD_UL-"${ts_commandsdir}ul"} - TS_CMD_UMOUNT=${TS_CMD_UMOUNT:-"${ts_commandsdir}umount"} --TS_CMD_UTMPDUMP=${TS_CMD_UTMPDUMP-"${ts_commandsdir}utmpdump"} -+#TS_CMD_UTMPDUMP=${TS_CMD_UTMPDUMP-"${ts_commandsdir}utmpdump"} - TS_CMD_UUIDD=${TS_CMD_UUIDD-"${ts_commandsdir}uuidd"} - TS_CMD_UUIDGEN=${TS_CMD_UUIDGEN-"${ts_commandsdir}uuidgen"} - TS_CMD_UUIDPARSE=${TS_CMD_UUIDPARSE-"${ts_commandsdir}uuidparse"} --- -1.8.3.1 - diff --git a/SKIPPED-no-root-permissions-test.patch b/SKIPPED-no-root-permissions-test.patch new file mode 100644 index 0000000000000000000000000000000000000000..0f9ddfb9a6f14c577b1ce2052018a33ca56c55f1 --- /dev/null +++ b/SKIPPED-no-root-permissions-test.patch @@ -0,0 +1,25 @@ +From 1691faae5ed946ca6058bb9afaeb98b6b2e25f51 Mon Sep 17 00:00:00 2001 +From: shangyibin +Date: Mon, 10 Jan 2022 15:05:34 +0800 +Subject: [PATCH] unshare: SKIPPED (no root permissions) + +--- + tests/ts/lsns/ioctl_ns | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/ts/lsns/ioctl_ns b/tests/ts/lsns/ioctl_ns +index 6f306d5..9d436c7 100755 +--- a/tests/ts/lsns/ioctl_ns ++++ b/tests/ts/lsns/ioctl_ns +@@ -21,7 +21,7 @@ TS_DESC="ownership and hierarchy" + . "$TS_TOPDIR"/functions.sh + ts_init "$*" + +-# ts_skip_nonroot ++ts_skip_nonroot + grep -q '#define HAVE_LINUX_NSFS_H' ${top_builddir}/config.h || ts_skip "no ioctl_ns support" + + [ -r /proc/self/ns/user ] || ts_skip "no USER namespace kernel support" +-- +2.33.0 + diff --git a/add-new-gmo-file.patch b/add-new-gmo-file.patch new file mode 100644 index 0000000000000000000000000000000000000000..5c0093f8f151720a5f54a7ba7d760eda4bc06159 --- /dev/null +++ b/add-new-gmo-file.patch @@ -0,0 +1,571 @@ +From 692d768d99540e4fed57fb26bad70ea566264f70 Mon Sep 17 00:00:00 2001 +From: biubiuzy <294772273@qq.com> +Date: Sat, 11 May 2024 10:40:58 +0800 +Subject: [PATCH] add new gmo file + +--- + po/zh_CN.gmo | Bin 371922 -> 371917 bytes + 1 file changed, 0 insertions(+), 0 deletions(-) + +diff --git a/po/zh_CN.gmo b/po/zh_CN.gmo +index 31d3cfa549cf187c5ef53fe4494c214db3bfd1b4..8f70312f6a9f3df8c79ff18e69738118473bc9d8 100644 +GIT binary patch +delta 32240 +zcmZwP3Dl0&9`OI0=aDiNMapoSd(1MAJ!Tm*CMiTBN#WbU_jO%+`0d}`*UjmikMkK9bSbcAInH&$6WH)3^sW@bhzeeoF;Hkf->M&dfm#vb?tUW3Q65jJ}~BheVgM_)xd{0m!P_1PJT +z<~S1T;7iyBe?srqo|BQd3GYS+@Wq@|cp>lHj6^jmI-xThk9N2|dJOHj!n}+`RUCkJ +z@EH2sc5IIs^FxQ7u{Gtn*b2WwCs^)@j6_Gg0Ugkq6c-J-_!XOAr3E2$gVFLbtc~BG +zOLED=P~QZvqdVRm{fn%QF(2a1h>&$*021=A#4s3bU}x(_uy((4`rT&U`sKfIaAv=2{UVRTo|R +z;do^tMYeL`+J1yKT=1FDQ8!#nc^)pu`YS^RU!qHsXH`bxGHi=U9DrqT61r=iL7&@( +zhCb)&5Q&;ti}D>!YVJX~*&GBP&=0(Z +z(efm;gQa*mzJoS+5KH1|bUzo{6za3lj;=$WzaL$K#b^Y!q7g{#%hWnY8{S%=}(-09(-Q_AA~=rGq9HBx +zSr~a2G-*41Yr@Rc^w%?&0<=Y=3)CV2d40Hlpu|DSgJhaymiAX9j +zkqbNCjM;bw&4tEagoYkKL%9jfjU(txOMe-j?}83+Ci(+o4|>1ofshMr(A>Enjp&Ey +zK>oqH?*BSpg@%Tq9j`-k;UxNCm9N7Z-;9q^o`-f=;hPYN0ceM-&~3UO-Btghk!^P{ +zwEqbD)!U6OmR{;zf@G}sSqU=cciw`2X^XejF*jsroHX&yR|kI|&O@Y^upmS}lA +z+TjKqjh~~DzUI4-JJT`ceteS)vpeti;l=itO*w@o*&Aqf|BlY6?2%Bu89g`Vpaa~E +z4(K0r8#eeMI2z5B4bc;5^3^-a{&znqa; +z#%#)uq67N?&6Nv(3K49I9@V2_`FZpp`vFU0^`F`QuV-+!{~SV^|F;n0w&+sagDr3= +zntb1(OH=Ci@OkcmCf8Urk~`2OEc8d1VQ+NTtU|v9Covn#o(S7;V2TSvGanu4m*~hY +z`!hVy01ff&=*XW&8~O>yVzHB9K#!vX*oh|J#eaqE*cT1;v*`QhV!73+jKn-9o_d@M +z4~nY)gpTgSbT*?i-H+ZccsA5`N0)388tRwP9Qh87P|2l8B2Q-efNO;AqDh!?=Igj9g?rF7{}qd4`Mjaw=2(Gp +z3Oxr_pgHmxnghA>g(awiF69vHfveEx{zYe8J%4zA1YSdVS^mth|No%EhAI>Y5$KMt +z=@hhn3)=9H=u9gY49^WllW`Hc=6f+4FTXG|{W0o;PG~I}u|sG?FS;l^*ZHDUxG{qY +z8{Ud$`#)$1n-vOcKORk@7trl`6z#A|;V`2yIE3;_G}{YZ9NKM!&(i&^k)?-@!-d3_MSu6x?1Vrf6!#yhIX7;CRhVq +ziazKPK7c0gTJ*^N9GyV!vLRwEu?qbsCUfC_e-Sbs($osLFmGkX6tx|CN|4Ku$D9q1}_`+kYpSgKkoG~BORXmAO- +z<_FMim%n-lZFh743(*07iN&!%jnGkLG^+=pyJjkyWCt*bMQeru)W>YfL(zz=O>tr9 +zenUrI;mWXPH=;9Jf^M_jXz2gM8}QOvp`p95Gv$}jvp;w3&~a;Y2_|5ASH<$-SiZPU +zxSwjxg)<(5Zo_BLP#(sPSh{ZLU^tedycKW8uhHCTRWA&D1R9}LXgf#I`{nD0au@U? +z_b8fEpCRp~5;+@$nU%qA+-QZa-Tde$*oAVzh9SiL(KUPkUDF+C(w#vMpmL2e(|<*C +zJzD=Cw8Ld+((OhgRiv@ID3wU`;G!HADQu5VVKyE|m!xKs(7+IMhL58&`veVfqG?#d +zn&_GjLeGmO=zxAi2U6y$5ZU&aO?e7drT@fEE*#M*9EJ6=!%@5z?eHUXmlSFimMR&2@U+7GVcL)RNhQ2ouJ!;pZ5&IVX_*~dA46G%3UfiDI +z!jQ~FL%9u0My$J~@}#^!h%Ug-XRj*C20you-I`{){fikX;sZAg|2(B~>(5v+-J&=xPo-e~R& +z$3nOUjo|C(fOGZ=^;zg|!p2yD{u4KGaS4uy4?Kh>*ArL_x8h~EAMNl2y06c>E;IeN +z-}TVvT46!#iwxevEc}D3*_-1N^r)`@bX?g{}`XsEIb*9v%5jXy}HcGn<1K;tI6E +zm$4MS6YqZ)@BbO^pVuek!o}$GCDC@OV0sDqu>TG1O;k9d@#suvpaWTlzOW7L=o55l +zPN3Vg*bQMojj%A~4(LAbhnM2xSQXcy=fD@}Qsure^jA8?g$>n4AMA+^U=kXErRYG` +zqceC1?cif%`y_Jr4Y^YZjbt{uM19dE91-t7iT3jXI-z}Nd#Ufau%i=bXmj)n2XY72bpOxf!UJd_OX04D=vl|CQmw +zQ1yyFfDI@=k9PPI`r?H*hnY1)Lw`#wPemj3Ty!V;-nZz$&L0$hkR-7><)-L4aXXfD +z|F4b@yobJUB>Hc(=q(}Xs-q$9j;`?tbV=?wNt +z;=Wk%WPD&tEbqr8_fMf678?>etc?CB%|-`27)#&;^c(VItUre4O3quu&-)VS5)VLk +z)1$Yt|C3y-qr#bdfWB}T?cf|b(h5UE$Xi7RqigsuI)HWP0N+7#<1=)d9!J}|WLVfm +zHPGkUpb@)nSSma?o(daUhR)HdttQ*mk|K8Rco{3Aq=O_!s)#rFVoG +zSHilKo1ypbMngXz9YAUm7ryWzn$?HV8JssFcscrD4K%cE(UY=&tRIC&>JjXS>(NO4 +z6Ym$jGrV6Nlhn6C`x_igCB|~$N8}N7dn}0MU1&p}qc8j!%ehB}hRR@n>RX@@cp9C+ +z`{)7mD>lYUMunf>UD5XLiOxyO{@cKX$?!h9R>#pLxO{YYu_4;v05mD5#QF`<&*S}! +zyTbEXXo$O_zX9(=2e=X)z@At>hK1=ranYD?#Fj@NsEbCV3%V5j&;~}M+jSw<##hj9 +z!_Sz+%)7%t%cI%fK9=vmnw00DOSJ=C(qowNK*{-^&_F4)qipPfx1cXrsLWFzIY84j(l)@;GS5X +z6(3xI=D;gx#J<96cm`eTO817`X%`)hPGkwX6g$zS{1xpdlYU*oqA4ysvpb*-jYZe~ +z3G}nO3JvY6=y&^r=vV0Tzo1{i0u#b#yC@o|a_IBTqh0X=$~U1C9u~`~Nn9kUn1=o! +zcsAbH65Sr}e;CWZqXYT}UE2#MhPAGY?xJ?+L3TTuGb^zK8;aXgmL3`+u%$Xd1 +z#=n8({r>Ob!hQN1x~3JUgrw?;o(JQjE71eyV>G!=VmiC0h6q+fL*Ew7{y~_H51=!D +z7q7t|n(eF5gXUc{=?~kZY9zFs$o97YI@xN9jNdtcO%--LUipmq67F9J^Av@2ws7uDYuLc +zLI*w>U7C$(q~1e!!Ov(U&f@bl@o2-- +z(QUODozbf3OR@fKbYQ#DBt3;4u>8z$g5H_p!WS2y4X#8({|egh0d&Mi;{9LHke)-c +zJm;)1(4y#(nuRW99rU^D(QVilYv4m@d#_+_Ol{@Dj<%x%_z)eyK{VUXdp!IdP8RyY +z<7fv9(Y1do`U{#9m(33Cv_%KhD>@L}6?dTROh*QiO3dZLBk@V}?A{P=BzB?$`w)%L +z7wDS)fOeE`P8eWAbig;D1G*1e;d;!%6KD>VoST`*g^kemnqfireF*z +z`=T4stp64rVCKBAy-GyuMZ2I!>rnLh`_Yb<$MPG|Z?FpWiTSic|B0$x_(B_WX18D_ +z&PJ2)33Q*YjpaAc{rwSMfj^-gU-CqFt|~h7X6XAv(QP+A-k*lPw+vH0u!{>%t^=6F +zGiY)ZUl6Q`cGw!7Q9pDk#-lm26pi2pw7sp-57B`iMxXl&-G;drh6xs0$o_YYi&CMb +z(d4R(ZksM>$K#@NurB52(4{(pz40u%G`$vu=SQFudKiuDDs%wvp-H_Toxnef*#9P9 +z^2soRTIh(Ip)=`$X7MfPXLcmo&^R=kA3-}_gSN8`{V08g4!qdn@LVl4a$PZr!?7mL +zNO3Wki?`63RbCR-<|Z@}52G{LfE92LnjU_WPK-eW@E7yEa5Ykj+IO+<>KVJ9_pXMQ5Jt>9D4?FiE)^Hp5ZqfL}t7>}}DH +z(MTLZm*{tN|L0oa60`pbap8?}=!5mpnY2MW?1a8B4t;J4nyd@aHC=%oJa3~X+plPr +z{}s*oOn5Fo`hF#JDVkVz|M%p=7lxoS7=;exK6LG8qS^W!IR&0-7V>VV^9X=w%(Byg?UBexC +z6&^t&QgKZfKuz?1Q}h?o4QRICjUGI!(O+60uVMc?fShYXHeZ0A<+acV^g@ry!B`Pz +zqX*NLSpEp@=rp=ri>(V0sf<2X4?P(>pgA-UTj2z>{dd=;!i@J((T$3e=m^`b4=;>F +z*LXTwzZT7jPh&ab*|6=ZL_4EL?VV^6-;Zw7`RG93Mh9{zdM?F)>oO2X>+Fe}(7cQFOq+qcbeHAv4hjOQDe%hvv-V=&nmG;lj0f3SEkQ +zXvYW885}`>j-N$yqyFL9L?%Y(T~ui{Slo|!Hpru>PLG9Q;AVr7_ymY +z1Iy8nZN>`tJvy-bFNFISqe)m5-RJ$Icc8hFLI<`M3*#_*!;jCPoKCDa#2-_Jq^)C!$Q +z4@|kO#&Th(m&F_Jp&|SwntxMxp$ZzxF6eoY!YgqRI!1zXh#oLAqHEAKeiu#Rqi9b2 +zfwr66oS7JdHPG_P&Fp_Wc!dfZdLIql5j5#eqYdTQ5<1L_hPVmZaBp-*51}(&h<*cB +zq1$W&dZcfOc6)*n8T-?ZfJ?zUo=!sS!mXqi}%b^X{kG4iT?2Zng4;q0X +z=u$j_PHY9btKN*|AJGY>&f6M7n;)~OsE%g+9cT{BL1+9Tx;s8X&w&GI4xB{?aQPdd +z!LsOcmCymzi8e<=-WiQ(Uu0mZ#1Jl==_GVSbI=zT#qw&bM0o?6BVVE&T>NGTaVfOn +z%F#yXlC(!7)-RSvp%Ix9>zAj??Eja!Fr*)%9e<6E@Fz^-$yhG>R>w=sA$@{jemZ&~g^KRE^P)w#ABgGa89Uu{yqrM(h|mfxpoAtL_f<*=Uk>OvQ?u +zur?LL(E&V#o{TS`q1=UT$1l-_&!90CIn<Ej&o{GMVPH-m{_51&A +z`hqn_8@Twx@IrZX5g|1`Fs{8qew-p65pN%TmrhqbT=`rV&`4)|$wfG@}L +z4ounb=Uk)@7`&2l{!hX=kc~;o{m}hB5gq7C^!eA&qxmbe;|o3w&s9X9>x6dPKbA+L +z2hxLB7hnIB{ci(*QsMqi?hDyl7mY*{bd9^BOK@v+B07_K=mb`w9c_x`UFZP5i2f4I +z@mUz)#pwM;pT+&(i3+z(KXlvNf;K!NmM5ZT_`~Qxo$LGeHKIvRoJ(H{)k(E;wm>UaSCy`O)7I5&!*_uHe% +z)-`$q+U{U9DMz8_#^h*f4i~=o6nem{!6fcPXZ9nyG-uGrT=aSHax?qdE36I)Ovzuk4>N{lEXa;y@VDaI~ZQ(CnOvzW5&2z!T^imj5a|-z_=_ +zo!Nh)526E`74NS?JKh|9H{RcC+5P`L7j}F+K9Kl2%sdZTUjfaLx@bd9(KT(0nb;l8 +zmFv)RzK%bw19yCv* +zpVj^7Kyw}pNt*{NQZ9x&uo>E3oTDjd;6=nNi1PpFl +z@6hK?MhhPfCuI$Ed$vQfygxeQ;b;WLq36l{=#Sh5hf`tXZ&Hyy0nwS{|2CY2bwBdKq{e3*%zu;)d{$gl{RnU$aphs{Iw4GbffsBdeiRcnMhVK7)p+1#Z!-Z@1 +zTBt~T6dyQ*zVIiymj9sJFVC?sp!#SobU`C{Q*<2K!5nlztI&bIhP81A+TU5c%fQy!_(1xKZSBh^!*y>0ag!vzbCeI +z{}189?Y17B(I)hBx-*u4K$qZebmWD84oQ}UHrNiWAA+v&1gwiI(KG*RbQk@BF4f=Y +z(p>Tj``?OET=-xkbenZXXF3oK-B@%651}tki}mwj`RQ1G7M;LmH2ZgBWjv1NMDbt4 +z`&H0yMcrT7|8BRQRJb-NY=tkNAv%rDJpb_!$_ml?=s??{OV$_toZcS26LV9(D|##^kH-f +z=VLQm5z9ZIOPuhI7%9e}*HtDcaF3XoSW`A4Riy5t{AG(ShzlL;p2; +zLjI2Kj!RF5&v!knPkAt!YfCZx@Bi;hUr_T`m`NpcCLPg+yT|fi^gI}j)$nmN>E1?{ +zY&-hiH)xI=L6_p!c>gTA6h%&jr7nx7u;xrCQHxgEz!H9Q=(6x4Xr`ndj$>Y +zb~G3EqXQ}UcUYn#XgP^Vtcbqf7Sn(K--8R+vJV=%LFk%35`7k(=||`Q_n|X8g6@t# +z(FPNzLp%A=-Bc8r<>-10R0-v|1{8$;0YNc2pffKBiTbSeIe=EP6vjB=g{ +zxp4t{kQGDk*NNr!ScUQ}=t1;2I75yF213jAWz^*y?8ZAyx15GVK21)c5H;xuomvb(s&NnU@}*(bk4kwM&Nh!e%|wPrIW2HI-pMI51LzX +zAwGm}y8p}N&XxZ6f4;|F+$ei~uJjs>LpxrKHv9$J(1}>S@Pb_F{hozJurc}*tQ&g9 +z&qSYJfSw;Oqf4+IP4+|B*6;sMTvVWgiA*enzE~8?ViQbaf3(B< +z&}@DN9oSBEmwbfIE)2;%n8XLrwO@gD{4ToPj-fC9 +zhIX8@K(6$WS{@z1jc5mB(e|dHOEV8m#%IxiA4A(MSTI*Ay&Y;54B31u`jME0cJMm3 +z#DnMy6)p?|X@^P5U9cJ6iN5y&+QHZ805UHM7KmONErTX`m5WkgZZ0gXj-VRF1bAN|F% +z3LE1N^!;4LL;IJa+q5Q{I~_6o_kTCUirX-qmC>o_+Ra5nx(QvHz489%=pR&$#QV8Q +zgaH&sXWR(ws0-R|e{=%3V>(w#u>ZZ-NJVvgKi>EUZQzoUVOLZ}XVN5k4LYy^cqcx9 +z&iGWkU#C=9ine$q_5ILXnT6)so3Z>$sZ8?cwGBVarKn9*l%;Cb3t-~a~i*|Gb-A*~mhmMM& +zXORg7f}gx8~p{(b24PoO`=HpTK+XfB;aldnXL +zbo>1OKXPH{d!R3l!AzWkKDYpF_*ry&ZO8PQq7nNR?dV^0Uze*HBG4S2`2aNJ<6?Ox +z8p$2Mm^Xi4% +zDuedZ49%Sz>#_fB;6GIO@t7N39(@))@m`DNy|MfyI@90K4s+KJGfiTWaxFBOyJHrP +zM4wxPF3C&i`yZs@jc?KYdKT+rfd*mwwL$BLq9GfH6>tiAPCSQ(_;qx*e26~(T`ZrB +z_wzIi6D)zXxSxedOx?hR`}|(4ip$W@?L|BK2_0$SMq&G9p=(CjhtSqQXVwQx;X~-a +zo_cRqr0OI`u;F90{6xH3!>}MB!4p%EB2vDbQGOgW}DDa5wzio=>3M#9%%C2 +zfzId=w4?Qy#O<;C1G0Qn@)~qzo6+z3 +zf6?uC2>rO^?-Z<|A(MbD^`3OA2@=}>~yqn=P-jR +zXa}9p0rijN@z|L140MThqucR7yniB^`S*-qU-#z@&O4Z`R&^AK9YF*F} +zO+Xu%foAs;*a%-lzZJh>4J_Xybl4Le;8=7C9**U8@&4;*KZnq7#VI6-Q;Exah7h$z +z&+h9mJ;Uf^bcWN>P%e$W5btkCXZ``&@fUa{o<;xATI1Rf*>>oz8H7gSF)Zo+U(JOb +zz8Bq#6)1m(j`$q9jV|sL%!)Qem!=!~+%4!p$D<#w>F9u;MVIO=bmpIh`%_cx<6-Gk=P5%jsg&<=C-3862F?v@&T +z*#F+>M1><8h?Xay4b6$JN7wA#=-23Tr=kUJ2m>n@y$XH4H`>lfw8Mwv{Z*KxyzK_| +zzYlyDA3Te0k4tV0+piINe;|6IjYA_f3ys9{Xb$W~lkH&i3>xxF`i4kULX)&1R>3xC +zGLA}d;fssWSy^o$N +zC(v^yRib}bqta+YmC?1XkFIU|Xm9jj8G?rXQS|xc(dW?jwxBcLiw@vBbU=A-3Inf- +z?vB<-BvXk&vEl)=;iu6NzlP?-L3GAv(QR5}K=|5~K+A2=jys`A*B?!~5$FK#L1#J{ +z{hjd$w#HY}_t}3r28PfVKs!pJ4K+X;zB-os#PTq7hADJ_kE0zuhvviqh9$oV>(eda2?ngVAgXYL`tdB3E9sGh0yvU&NeD!E^ +z^oZ_(F2#fBb8FD0+=l6Y|K|rT96;tR;lU&tfmUdC_dv6C2&QL@&geOG$@WCQL*F}t +zKA(4Rc&;uwksjzS8jQY|8qEH8WV5L-DPBc8_#AEEB)Vp$hlI86jPB!}XoyFl9o~yZ +zW*YhtT7qud4YB^c=off5^*^IaFzD7)7~%c5=1TwHSwf}6X=@e8X7uGq8(L2 +zXVe%SU}toR#-lTvif+dxvHmSgQr?3O{5aar=@b`+GRLs6_DOVYE1(VZMb~&DHp5kz +zi9ezZ97j9;3ms7AZQ;G5Xh#ju=USkVZifzdIA&pL5f_elJDMy9(Ct#-_7LhqXhSv7 +z=Nh6NT@xLEF2P-Bay^JXw-{UDi}C&$^u4^p!-PvB15YKIaN&#X&=&`wC*6P07iPu! +z6|uZIx(6NDq3BQOpZiZ@ZY*<0xL*ltQ?8A+Hv~P9#$j>4|BJbB#+%Uw-#`bn6Wu0< +z(a_}{5x(11(2#e-7T6D6qNmVYc^^%#Bj|gXcZPPe(Cu9deZK*w|M!2bx$woCt-uNB +zE?A5X)R-k;|-68v{Vv=$bbl^9}`WfhZOVD;#V?%r!P4aUo +zE_~tA|Af%A!*rIS+iG0&5p?7W(T1K!pWB75?N{i4PohU`#@JAQ85*f8(WATp`d&vg +z=~Ml<@N+vbIu*_8=g@6(BGwnZCzP8+`(ZZs??-cH8+wEvMF)7nxRBIk(1A6<{MZi7 +zrC!K$sl;e54AHdcyy!ACDc7Qr_yFBzU!lKX&Kn=xI%F7yol0$sWbCWNJ_jz*>{+TJ~A +z#HOLS^Ag(5`_cWF{`>#$xo{i)fl17q7&Tdl=o% +zIUfjrSydc8xVoW9JOZ7_EOa8zMmMLpF!b-CFMN)kRHx99=6NuL?o#x*E6}WN5X&Q? +z_o2_vLT9=Zjl|1ngb$$YXFe33D}ydcssDlN=+oLnT4Gr-~w1G!33pb(%)`57x +z;N~nPA9z&Dq_jvyw^q{$5 +zN;qJ$(EBaX2z5e}wr{K-hYsXHbcyC;E!>D@{Qe)|!Zpk@HEg3S^o0&s75k$5`cZV> +zKOOIHKnJ=Fo$)8=N%#f24HFNC`YbfUHPC@KLI-j^7IgoQ=E9_SAUYGx>cwbMZbx7I +z16|X?kAxp44bY{y0Ug+MbU+Kxh^&eAFQNl@6J3J$(Fq;HlovT44cqN9bmrBf&Crvo +zJDLkaqW7T#UVwJAGS)vI-4*MS=e+{q3 +zBUl4#P7mIM-k*g=U@ID--_Y#8XhvAdis;g|!}J8uf!~J?eEJObzayMag)?7`Hn1f= +z@Nq03KqK`B*2TP!g&&p8(HV_Ff5J_}vbYL;emA)DU97kk +zvnbyh>mSG3l$W9%?2Glkp-FcRZ8+Dgu=bas=RhU2-TLUvTcHELG1kwHrj~JG(macv +z>08mzyp4{0H#(qS(NGq9Jak+i-S1bS&vl88M1METMt8w0SP2iJ1Ijl$EOjwt7x3?Y +z#)@muHM|WS(4%NpFG54L3eAzt=#2Mc5`RH=OTjrYq?lfFG~0)uOZpJH?G~W}c{wfn +zZyOhO@FDubx9Ed8=Y|)HqXW7!mYbuY?-lKf=FlKCB4f}2PC=LANp$Jf#`^7OWWKaa +z|A}1lLb6 +z(r&=?zyG&`3)lR=Xao+SAxk_FIx2z=s0kXG{%8aDpfjI|4rDnxkay6eJBV)6)0o5x +z3&QV(HfVc27qI_byRlT*@iH`d-axm{VYHz$(Tf*`rK*ZPpB=psUGs6Vya0{FCbXkZ +z(1Dza<#LO{`)wDo|7~bcteAvtDKEn${)jf5@5xZEjILb=bYP>=+?j@UxHQ&pMkDws +zChziB)S3{P(F-4S7J#BaYZ!rEzp5oVk+Cft^yW658?u@?J2mP)0K&*cp(;c88-V)0P(Iq^K +z)iJp&{HVPKt5KeUCgm&G#QlGmi;+~6ULIbUjXv-W@<8G^8p>)Q?M`%DE~29ZftF%DLxW +z-9E>HCIu*Z9{P``!N2@dl{$B{|D4Z%tZV)MQ`dKH=?*yx=NL7&PKO+2b4;CkU56Z( +zH<`_Yj>CWc*WfGEnN~UepSmxptLa1h<1a%yDKvKj4VGxTG8_p1yQQvyk4&0-kVh_g +znMa(pkukd7+B5fpjyW#Rb(&iR=jQL2qiBw@bDMQ!fL+pLrB;O{;_>wKd}ls&riK5Q +zm!X}LRCTc6%Uoj(cv=YOI2k-95GReFQ?T;;hVI_0?hlA&wD!JCuY|Lbtp+@-W$VlB7Q +zM=ZCDnE&{gZy%idp>LO5`+wKxe?e_OH%DiJI+|N~((nA=rJMCoR_7f2C+EvqoioN| +TKeT#!2LH)?dG+*MSCsfaEYhpV + +delta 32245 +zcmZwP3Dl0&9`OI0=Xo-u%u%LCB2#8EdyttZlCj8;IU-3qcVtL~GGvM(Q;A4vR-~ec +zL?xYy1}afWh2;Hy@4e4@-?je#);jBR?R{O>9)A0`_jTtuXZOL&_8q)z!^r!RRTGKC +zf>~*ai*W}Q#r=3S{({A^@S|yosaON6;j35|f5IkM=CQOy7WTtyaRt`HFR=_>Hajg* +z9_wRk?1%RI-0ZYu>f%c(Y%tH9v_yAofj8lk*a=T#18g}rEzuAsMc+a@{0Ez3t$AsQ +zW;hOOn0$bp>=maY)N=tOW+t2}RNODo1i$AatR$UxIHykam##;D2 +zx+GUT5$c;^4a)bU4R6AVcpR_8B1_T|m9Q6D{~$WSP3Te_!E%_qcxh;;20EevSRJ3i +zEIfn`u=tZIYJ<+9Dghu8_Fqx>ZJS}lO +z6(ey7zJ*y>@#(b0t2h+LVc8X7W=qk5ev1|G>Xl(eH=s*19-a9bbO8I&CC$AmM5+P0 +z_G7R{B1yJ#;o5$NHe6_R=%^b$NqGrAjg8iX4i2MBllPgl#1+^9GjR}JiPOL!MGeB#yso702bgv%AaAISyuki9+462mOXS9;XlUAF54;}@-61sl +zbH5lOQv-eP7Q6%>MU!wTX5vA-4A0_KnE$2FP93y<0A7w0UP^|G$EmP`4OkXGj}QDC +zExI|(qz0DY{wU1ES!f3vunZnR+c^`QRosqiDU5-ycFBMo|Y(p-O(i*h7Nc!y4~JF&w-QZ(p7mQb#f*X +zeYo((6X*;MMYF#dj@AlTm-+#C11^o_U(tptYzgo6M7P@{Y>ID3v%i&=XiNFJ=qzkQ +z`3r36{=e$&@W4=XDK?`A$6@qrFS0c)@c?$l)H#86RA^fW@r~%VoPZw5>(K4{4OYfH +z?}Tza^tl1i$MHJ)PrT1X9Ut5t8fcD&dTcDOK$G&b=y|-6a+!D268(G*JK`5O8Y{jR +zI$DYjXb<{)_V>ecH(_haD=}$kPH^D>>g@<8;7D{yUPL2t3O%zc>8|r=m--3EiHj(a=}>FgX50_P-5mr@|5aiFcf}6ufS2qJGwO*B +za3*?y?T+Q_ABBN5MJIG0`upHTG*^zJ5h=MRMCgV+$uN^iR5;UjFbmJ1OHhArcwrDW +zp}ZK){zGVkc|Q*Ko1$ww2F>=B==%rI38d`{5onF(&;!x8lUx|0^Rc4ICuxbBDNjI? +zaX+@h3+PPR?GH1503E_3MY +zmBr?iug5H$jSlP+G*=2A4-ssR9@Y26^2_K!_6wH8TEDRWx1@2l{}Mu4;I|Os4(L+c +zk9M>QO}?MdrMc?&@OkcmCRY-T(Ot)In2WHe}ru~ILU>fS&EMI +zFgmhQr^5q{(GZVDNB%6@&~G>%Oa2)Kv=AM@9yIwb|0`_A{%ELQMBh*QJCxhv0w$hZ +z$b|<*jekN%cVjA>(V2dQ-Y;}M)OSahY&sh1H_#mU35`(ke?vQ6(VUur?xNl3H{zlT +zp`B((IhnYV3m;sMhVld&iH3>vR7c~n8|8Ia8ZXM0o{Cs`bQ=vtv;Ao_0-vD~D4jh# +zHw^toJdZBvcj!;F+-d3T2KHYKE^K%d-hp$_q)SUrPn}%Xpi6KM+TjLlfybg%GQx9X +z&>6msM&chdY3p2+o?6oGXuIRkWL=K!=s)ot7mmDIjxf^kXh+YZkvNKmxNOew;?3xG +zTZmb>1KoDHaycXZEg2oi6f}9aqUS|M?)20FmxZ1S(=qAHU*Mt??nl@B4=j!qFAfd2 +z!g7=+qvya{G)KNfb0ANiumttdr5u4b;d=DB^h?6PYoYIt#ZI{TlJv0u|E9u*DqR{P +z&>daVnP~kswBcXTnO4gio*RxP<8pM(4`3E%=1Wg~jQXMz+K5K%C>qhr@`vZTx3x^JSp)*;AhI&6b@^k3Et$tbPa2(puJLvO&qib2INNA@E8o7no1$U#lb7j$B +z7xX-singCT5HBviJdCs{nmo7TjrcVB;GeO+@)aS;2BF(%HJW65&`1?57Vfu22Ra?i +z`YmXLk6{@sTRauHWTFihb~qj#>1MRUV>k^?M-HnDc +zd)d%IWi+XJpdBnnlkjUa5=F~}2=_oE`#9R)E=)Ru^s7U|)zCE^5X&>rNNkJcU(gfn +z%JS){uUZRqDQ2Ssdl!wsS#+P5sgRz?#4hNrx(j#UYuFkesL1{|M7t`6BlRqr16h?q +z=QQnRN@H;ej+Flz5J{FD8dbFJr=>3XyL%A#Z +zk(-U?)R#zm$wZENVP;ojXKu7b*KTR_Al^W^Q2h|%f#@1Ogs$msH0crz!U0qPOHk~C +z*8d0Xa5b8A`_M=gYv?XYvTeAyii*kD4xhm+JdG|%okpR75$FsTqBA>)hB%{fSi(B! +znh(XcxDq`Pe?*eka{*1V`Hko`a@zjI-q~hnUroH2GR|EZz_7!ZbBpWBl__v+#w9C4SHUTPI6&L +z=A)t9iKX#hEQOiZhX%9InGQ$SaxuCj`_VNo+A*}#4b7#8&?VT3Mxs!sFp$P*?hHY{ +z4apT;80sI;?7!-UkOL#p4xWx4MI%({#xS#y=(({9ZRpcz(avGl^gstT8;#IDwBuY| +zLgbp`mG1vRT-d^jIya>!@>3p&&TJf-BQK)|)K_>hR_+?Ci@7LYhrV}x +zEcd}2l!st5yc6@e|6k%FHx=(;PW%{M<1a8BbKM-0#9dy7sx`p~G=x@TNcq#oSZs(#fj*SmIf+p9KcsXvzEAT6{!!ziQBEL +zqR+L(yx1Qdz!=Pf)6j{{#Y=DrUW#imY3N>y74M;;Ie=zy(H`N27U;I=j1FKV8i7e@ +zLkna5npl1Bo{?`h8fgB8}5XT{B|^SW6+r`#(cOIZSV~& +zg&)NGKgIiJGkY={$5GFQ6~%L_0c&F3lNq +zo0jYy29$*bDc^wZ^8r{C7veSe0(uU7gDzE`TS9;3l3dtOJ@mnz=m4gp5mfi6*hbP31C`%k0&yoyff5ZYeyXD;mM3>w;t`h;>3bfj0I +z^^MUi?}$dMKRS>kdT?z*2Yw6*&`_Z%hIQGXn{lb72qwTzc?wb8*dl~&b$k=~Zb781@ +zM<2p^lwU?W{0)7v@PIJ0mT2gQ#qumPQZGgKpzr;N4(yVF;Ri`stV+2#dQObSlJ5WK +z;{zX|FC34i-yX`v(WI+|hPXSr#$(YXc@XVz37SJ&WBFvfUvN;kUmlG_do))DVbY3e +zvEu3Yz_wWa3NyKX9__H?;Lu?;^haq6bil*01WrM}Ay3EplW4Bw7!rQoUx_a9Aapm) +z9>V_59*Jcg+!u#m%IEbyV$Q@zZ-HJ^q&p}Vf1DJ{bpzoC!8D?A+ +z>rifq-oFnG{Ze!Q$t_&?!l!76kD)WTcvLVGeXuqf+79SRIWX4WgGTBx?0}olNM*Y- +zyjMJ03p1&2kM=h_m`o(O@FVgVx;>tX<-KS_U!yOajpaO}Lqk_%U+P<<5qK7zz{ltT +z^anP?E5?MM-#4S}-5*_?lKr=t3zOkvbgfRKOOSb2c(DoE;2<<9XU6)?(XZqEoMXfD +zRnQRMjQ$3^8y(;}bO8Hf`6L#k|HNf?haC4}zr)6uXMC7x +zJM2n%4Epu^5Y3IR(Fp#IPALDqVIq~$rEH4+?&y3k``?ONsc?j&&;#OWG#7S9&!gMz +znhBwycIdY3gARBGI-?iSB;AGnqWV78pNkf}FFaQX?YH@T?0;Xpi3&$PJU(!LEH8); +zu0?a;O*CTPViipMC#-c`ur*MD_HRU@YyboMydk(e5>fqn2Yl5=!8eba&kHsnN-X{e-OMF +zZ)}V1iuXT_<-gDYWt$k*wlKQZ)zDqk5k1I8qdBtXEFiH7+g>BlhB6eqT6Z( +zI-~W`*JJ$-bYT0?1M57t$BMJV33_*u3txN+ZEzhL`Zv*rkDwzy9`Bz*Lz*@xWO)vB +zpvBQ6wFMco_TI!CnB2~V9qmE~@F_ZgAJA;Scy9PJoGR!G3(*di +zq1)~K=qWTOO3e%HbU+8xJ31KM6?dWS%tZ#0OgzDbN8;1y*}Xa3NbEre_9+^nZ_qXU +z1??#R<6(eJ&;j3u4rm&-z)e^I&!9O}W`24i1GCWfT4G-Je`hW{`TC(bFbWOTwCF2n +z*8hkOFxP^xy{?QljCMtj){*G*5278fiRE{r-(zL!GZxYg{U>U0;S252nGM5qT!gOe +zljuI*7|ZXX`};F2kH4WEU$H1WR|B1SOZ5Gb=(d{_@6SQsTa8H{*vo|{*AdLb#Nv=# +zrK5Gw4%?wK8h|dvBs6DMp%L7Swzoa{DLU|D=yU&|+b+)&VS+`TVE?+ECZf;HM3Z$Hx~6No=k~@kK1>d_HWu>d`LfQF}L<#1Ep|bSXN}9q2%gM$?iT!rGTYBT*6Us5%SO6(-Xb$Dl`%k(VSU`?z-ekE?k>u&;cAmJ3fNW +z;5hnoJo^hFQjO4T?~TrAI{MriG^@8nKSPuDS9C&!HiaB(6zv&IChp~s(S>UCROSLh>{ogxv!S^2x +z-rWs4Y5?9+-4n +zCAl!vtK*H2&=8)A7I-zhP#q0rSM+XaV^e4NBAL{G>6d8r@tP)1x3;N`e+0F&;w>(bOXA^AEHTo0?moP(RRze +zk)F64Yoq0LZ?OOE;7uxQ=wmc=$I+y_fHri|o1w#eXo#Dk4d05+=n-_r%g}GYdUTs@ +zMvwGuvAh>e+ApI&C*#Fg%-}|@En#2gMNhPXv0N4%Xa%&vM$vX?huzTu^hF~u0$qy7 +z(21=@ch!5b{3|-a+h_6B$t`^Ng +zm!uOKu>rAs4;qn~v3^ae%>I9a3q$%T+VOYj2!F#&JQvHww}mV&hj!Qy?Vvr@#6D=G +z=EnMsn4R*w=yuzI)$kW|NlL!Mefm$-@4y?eGHyfH^d#DGf$d?SS7K?( +zRnhtz&~4Ti-IjNw5qlOL*b!`o7oyGHW&f9>VhR^_@Ep3fd(Z>sB)TMt_d;CkVG_P<&AX?!rTBg~)x+Ch1&jU8kC +z6ugo0Vmyc^tj|VhcZOfHUwsgM>0I++IFS0I6T1)7@G12CSb^@E-5(~y2oF$UavViN +znQd1%2lAs!a#bu>L6@p28qyAUH4Z@|F&nGmTbKt=q7(QBJy&Y%4)rb2B)u^iD{jYH +zRE$9f@C*^nN+?eswfLjnM&KAL|FA9gL1nMmw5^w)af*4RnHgu!!IPA5#~s +z`NyGw%h4Aqq9bpF&hW(Fy#HK6gIW7uZMgy8p{^ +zVM7hj2d+nxs~`xk!_23Qt7k{e=8?16swXQBgs79HRlvAi3T +zHvBagsRIUUP%f}PoC7T|lkxy`J5EIhx(VX|DCCD+YCUr%`mj#v9UZAJ;NVG2l5h{jJwe14n}`O2X-c!`}1(-7ejwJ +zwMWjY#CY^Tnvmqeljwf*V0jP??OZehFQY#gcA*12gjMkf=EMRA!?{rmz26Bct3T+D?pK7$@G8!!|1pfmdwU7ExfAu^XmGtmfCM1T8Ti+(#gq0f(u +z^;4ryqR+pAhW_19pGk#QW>fj<-fXjQ0;%cK`p(g&m)c4`h5DW}X+VuY~4E1GJ&$=$dxGbnK4i$}Q-* +zF*=qXjjlwO_%(E(ThVqt!ekFFKIg&)YJL-JjV4iVG@A!S?}_yfq0i4l51MDu&+1p` +zKyw@pNt+k_I+ny8*b;3o?~(Awc9}=m|5n^fg(G?dox$Vi+HXR?UVG3E51`Nggg$pJ +zTJ+m+Qr1SdXGb*42ck0`gGOK?dY(Lp{>XjG{~FDazeh#t1VqaPz6&Q|1N67r2y`aX +zV|gQ1ro0Pn@C-J_{NIP&(+O>F6grW)csp*u8?opQ;ph0!Bp06X^J2yG=*SMDGrSPX +z#gB#to1ymypy$HFXp$~MXZkK0$$eS#xe(IdDA+RiX^AQNJFD!K%Zqx*kJs81#~aN(N09V!x^ +z#Rra}FPuf!GTTpK`{hLk)CkRmu4n{rk4{88Sd0#6Jvz|0u@>$|`^)~bOUwSdoC_PQ +zg@&{Py1ja#XZ|2`AT!X&%tbqR7VG1i@&4avhZmyxkB4#@^!?iC0oD+Gzb9Vj{vW}G +z+iep%qb=y?bWbe*f)4OsbmT>T2}xE3ZLlL+KLTCjDOd;Bp=bVg=q~yjU8;Z4rMcn+ +z``?PIxbVR&benZSXF3=ST@szaBj}5BV*Qd>em0h0L?^Hn&HjB@2~VRrQTk+fzdHJ@ +zXmFDK?{@1+g=;ezTi~l`h%TTrFYs#!Wu<5%bf6v4CF_rVPDe-Y#vGLIjXr?oC_juj +z@r79b`mgMNXY>vguKDixz`Dw?9$0oV(!TIQnR--e1BYGg-KY_mZFM8k<_&pp<6|pwu7H9|eqPt~M^igyPmts>~ +z8_U0-OPoB*MRzXpoeCo#61@-Y@KH3xD`Nd7^u_nk$bE^f^$+L(a{UpuV?G>AxgwgJ +zbJ6o;ExJoSMNZaa;useuL)z(J88j!Fqa6)HBQz;G8_nkBXtu9G2f7yx{dedI`4_r7 +zO8gl<-wm-Y<>6?qt-{pb|38$v;E&7x3NxvS&g4e4;qI|K96b-lU=>`5CfyEn$#$Xd +zeUIkEadavEi1)Mq9hRaPy42+{_4j`pc|k>cG+BB^hehv;&Wt{ZuIUE!y*JU2?m~0n +zD|8@*&V(f@hL+1>CRRq@?|`X4|L?(tYuOhK-B5H*AB(<-&h#^MfQQhT9Y=S^S+v27 +zv!R^==x!>G)|Zd&s3mXWv)kD->aYzY>NH_>xQ23^U>#@ +zLeGyk&?VS~Ci_ur?f3sTF3M3+KX+)bFZ#k5G|MNWNjV#B@JaLlc^w_tuV^T9U7V3h +z$|`8C)W$A29F5R6ycmz6yXg2Ag3f4n#YghGz3~ +z=)m@%yX0qdn_fUq#C(^8=gXk?Tch`TVbTYNb74sC$4q<(UHi3Y#~-5G?Iil*pJ>N9 +zF3m_CsTI)y^g}yHqV3H=mu3l?j4z@CKZ&+mC~rnGwH@l_4cUAL`jJ?GcJK~fhd-b% +zRLU0y(h)N$cg3c7H~QYIXb0b+1IU#>STI^5dNrEl)$=FA$Xik2Nc*899giNVFQGGf +zAD#K3=yCLbI*;Z^kpjW8=o;5VkLD(^{(3ahy`p!ZIW;NCg)huPJ6s$eSQj678x8$# +zw4?p#K#rhEdJ3IsTES4h1l>g?ur!WEx7`Btpn3_N;1TrenJiH#gscU&qGAY|)i0ng +zeuy{WF|2@%3x{nq2p!l1=-2Ea^t~t1ZTJd$K>dXdB=fTHd^5D&Hpl>yiGf@=vYF_| +z>9XgRe +zu#Ee^#$pD}L?bj8O}548 +zQg1|)`%O&!{hx2RFmz|pq$pS{tYs#eG}U6cIXa-u=zx-FF3gDcm!bn&j}37*`hM=> +zq5Tr*Hm!r^&W)J*^S|3-#hsYS%IGX~?VdnGx&>XD1M&XX=)b5OkN0zz2m>gM&NvJ0 +zs4Lp;Ky(75F_kMN*#BO(of$f+kB+oGI)m<*iFcrD`6wFl`RL5npdo(+&GygG +z97>c9yW}b~H=3aD4?!m~3SGj=)}tqbJ@}%*3bACD@A2 +z{9Cl+JXeLtRg1Pnldcy!ka4ko3Nr9yVlfwv>;=rk57CZ}quc4CvZ14rXgLc#K)RvN +z-Gwf}EOdLVM-Qae(02Er6FG*y|2LYn`O5h|`@aeohN3k((n078lhL)Fi*~RQJ&3lW +zx$!sJ(WO_1j>@1**$|y+EA)OBwB5mIyHjF$9+s#7#6~V0=@)26r{V(z%7+nGiMB)= +zxCPyYBQO`Rf6?cPRtWExMNi7wnELy_ZMbkoJ?8Cri$EH^_3+8qt~U~~WzF%xH^OZa?6_P^U;7Zv&ix;>7e12~5{ +z@QO;|7txjIHo6+k`YP!2Ezn)k4gD5OL*IV|JwHA}m*7YA`Hae80!1sc{~c)+Dx7&^ +zwA?2?FcR%(D%#MJc>no$|E*X)5X;}A&!0n=sK7O0X^W$|R2z+4OZ2&3$yhNO-LKQp +zNUT6d`~o`SkI)bvMh9{NZ7@+K+|M7q3Nxv`7QNpM&8@*`L?)pTToz5P;ld7{N7rgw +zEPsLS=U>nl^H&WGRYRX|gASxutRI2CKMj5UN%W`KmRSB4&86(sLh@aSw9oH9E)0DS +z^u-C7j*HPOeF|;(MRa@Z!ql3g5&IGCD7|{v*A+06aw~M^gV2yqjOF=gBsZjF|GmkD +zA^8Ap_+xYc-^Ti5(Ua(lf1){(RwFD?!Dv-9GVNmd7Ib3cWBCbmAg`ePe1t{lKk-d` +z;BT~pLN&vHN~1|q9!;humWSPSdobvPW|UN4|W=V5dJ7tk3Ms~rYj9W6IT+v$Q1xPL6)9i4{uJHIyjzcLpq +zsPI7e7~StD(E2~opGsxwg!?TqlXAaUo{SD?85*g#&^7-Q9pK66#n*=1x*F}LC7L_^ +zu4Vt*z<;Rl|4LO5-G1%S`jKeJCSp09iJlWLp&@<;-7TM@&;Jz5=i>dm^}__O +zL_cCxFcXuvabZUf;5E1!4c!5>qu!AZ`gGR7xERVrV$`jFDwH%Ga +zGiU^ML=PhaPbSXB2QFzCLQ@$H`E{|}9i8DQbRd(_h8D&0CiDl)PBgS9(I1&P8inU; +zqR+R9<=dj;QnLSM#s^lQBYhK1jxRA2|3Z_dXyY)D+URa*jYjHj^!YjHL9{;Be}ew@ +zJBbebiYDQHHMF0b@Cx_;7%m*)EOZ8I&^3G;Q@a9v;RL!HF3Ac@Pz}AGg{84KW?~Xu +zlBc3u(EDGaYyWSwMpO2`6$81@Md(OBihhSSbQV()Xcj_S8=YBSEQODt1A7kbXiu#F +z4V_s2=D~{5=IC$6Ud`k0|0z_s#!E31H=+&iLw}6^j;`?)*M;Y@(37q+8mR&3{vV4z +zKLd@}OPGoK(f3cI11#1e*r-J^T--{94^BjvU^yCz*U*{ojsAjmn7d_I^J3`pbJnx_#{1zWbYa1FYh;^thhrZYweQr1!ktEvjB6I@l +z&`9h=*ZfGlpR-*!=!&8Dn_zi=|99gelZuIGsFug_+vt8ijOM^a?So~|$Yh}n-HHxm +zTrAH)Bl=t{Z%3Etzi94UKqH#31Igg$NG3zEN?((wiW%Z{}Gd)ax{W3Vd~HS-j5Yu#0QR}GrJHi+A++aI@&>JbU*`R +zc@j3HJP%!>edu;P67Qdh=IIm$Rw`P#6Z_wh)}z7>TSjk<4~#=UPE*hbJ%j!-*G}PzN--;z}2oWuhMxY)#z%2CNkUHJK{&yx1#T%>84mYE@@I~}*G#4(r +zF|2KaXy@oq^!W$S2`xjHay=Tcw_e +zoyk-*$!4Hyxf1R8Wpo1D(TE&FpZ^_=@ELSh6zCFuX(j7&VQ90^uUc0$L{rcP=AqgB +zBsRd;&~L?`SPd)Q6gupQ4ls!>!K1PKLcISD+Rst+TX7yqV*dXhx`q(7L(lG8Fg3&I +z40MKb(NM06z8dfELTCO7+VMA71GC>8{-w1xy2KsPT{9Go#N$}f{r@}{cKA{B0G6Zt +zB|74?Zebf;9<35>jxJ3%^toZ^KqsLeues=eUqqMceRSquqwQz!&hzg73S9V$r2!i1 +z+tC*%Md!u(HJC~LJ7|aBMbDx$%-17yR2gmOy6COwIWQi5ZWj9fT1;kgv6Tx?v?JIC +zv-ONig1&G|ERRPUo`L4Z8oU%=i1)XmGu@Bo&~fy+f6xvu>J>s?9NjIod$Iq$(U}T6 +z8jO~wpbagKZbH}W!{~SDbLXQ4dxwElh+c<2e=FL~IJCn@BIgB&woG+5{_Odo&sENpj(f +zE70WG65Wd#l#fJ@q0gN_XO^>1SfbKs!?n=tZ;B>aKlH$withKd=^=Pw4rKf@-;%&wo~+0^k5l*hJH5s{F>-X=zH7HWIKQk;3srId2b5?uYvB4c1R?X +ziJ`ILA++IV(GkCm=EM)^jI;L(+q4)~pnPR4w?{kfjD~t3nsj5)0p5?!bO!o6<1uWB +zZ>8?D|1RnuLSGQ=s4Uu0W3=JxW4UiEk3wfS86Dt4w4;~MoY;mA;J;|dkD@t~cR*;j +z3i^AZG4kJk^WXP#VMBe;HJ=cjgbv_Aw1dTHj;z7D_!`>5DRkh)28QQrMO&dqbPseX +z9!8(rfG*`uO#S_zU$}4pxo!^+mPI4b7R~M+Xts{P)Qr&?y@W2={^(EWdx=5e`F!Ye +z4bX}7KzGq_^u5W0*#C}f5fvuITWAMgqaB_@*R0&&u=ZWhecTfb@jYmV51^5mgMNfo +zqT6)>y*97h8 +zrsyDa3GPLc>tXb{71#n_i}w?Eg!l5H6E1@cJeg?5g)eqQUmS#!Iz9Ko6veSlsXb3ND=SR*p}XM`G%_pD_n*V09d6>nWZQ?1_>bu2 +zW8z5B2HRn79E1*VG`bsRq3tY-<+m}D^1kS)c)!qH;klaVz;3*Y{qHuL5O2&tbKp6w +zj@!`v{s*?l0%Jo`-HOg&B{s(A(1HAneepaRv0LvBOFJ07KOAj88J%}G``@)#ONIYJ +z@d_I9?P&dfqd%by{uRwOF66?+X!h5@Ol*b@ykD%JhrYKGZTESsk2}yLPfOktUMPWv +zup_3j6m587^f7eg%g}~iMxWb@uI;zzfX|^vY|inaz7!g%Ytf^;G5X$(XwoMKaN*~6 +zaC8=$)i0sjtDes3r@iw?jn?mvj;%ue(OKYMmspu51x&#gBS~LQ0p&cKJ9z#QW8lB;#4}|2agGQt)x`Y#O +zD9%A6Z~^V7@Z_*mWhN6sKN=0F(A&`$=b&fxv*?I7L|;Zjy9IsjV{~ngq5C<2MR;{9yX!&+a8el@G0 +z_uHTm>Wn6B|5!f}9mvDz5-r7=_zGU>_y0H-u3_GX!ZxaczHkFxgZJ?~G?m}Pu8(q_) +zkAxp4jnSpJ4IS8AbU;s`5!n#yUqc7*9=Ze{qZ2xbNiTBD2-~d`I`f**mgq^<9nFOi +z(P`*_pF%rY7wcb+?v3?7qDyirnm#k^n!@N3RG!KHcdhzRq4%LPT!ha2ZES(S@;p}XoQG?IB{hv!P8{WVN-;fOlMie6ZO@*S~$ +zA=aY23hm%ftp5{Dy0kf=;oRujmqO2hs%X27(3!VI2i`B%FN!8tbK#3GqG$ScG&DQV +zk?%tX^amQsl5<1HjnMsm9r|3?=s5Iu!y<30=cG +z(E-gyvwAris`Y4&Y(+!)6=vcobhi|GJcblgYmR372y{swLATv4FeQap_=-NsnI3ysWS%k-bfy&xn@ +zDfA<8Et*7~(FX5E8=M|pisdM8LPP%r`rbciM@1Kg$kaqb-vvFGl4yG?(4^grslWfX +zn+wWmnXsnoyttqd@O#BsXIRDa6u7pRbbS!qB&g6`ipmOs{ +zne9b$Yk%|~bb?o{3|7HQ{r=ZYUGNu%&<4B42L_`ZjYdN}3sYH+cToNS{aDps75+%3 +z58CknbSVa-1D}k3?G~Yt{RkcK0nDGy#rK=e|5dZ|<$qDmLGj;c#_CYcGrvu{Y>OKe +zr099*Kb{5`_@@SS?r8tX$$zYC_y1GZe}3uq*$QU6XMXMW*~(;_HNSiNY{eQa;z7sZ +zKmTj+P3lamZ2wQ)Vd|>;5dZkg&`yfX-$;WcI;;r?!vAimYv3c(=O5;g!f)`1vo?hipZ%m7m|V0|V@uqQc~7!V>X#YI?r2lsePGf6U9!&SSjQ +z=p48H7X>5ats>9~ +z-a?%}3H|4Pq4<@$8lft+L42;-{886uD^_^q+Hmk@=l1_PTrhtbt(VxyEtA84jF|uU +zm~a0u|6|`S^W6VkpZ^85)BJ253F>%m8 + +-- +2.33.0 + diff --git a/backport-CVE-2021-37600.patch b/backport-CVE-2021-37600.patch deleted file mode 100644 index 139656e7ca6500cb73b8de369eff78e6b71eb135..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-37600.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001 -From: Karel Zak -Date: Tue, 27 Jul 2021 11:58:31 +0200 -Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64 - nmembs - -Fix: https://github.com/karelzak/util-linux/issues/1395 -Signed-off-by: Karel Zak ---- - sys-utils/ipcutils.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c -index e784c4dcb9..18868cfd38 100644 ---- a/sys-utils/ipcutils.c -+++ b/sys-utils/ipcutils.c -@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p) - { - size_t i; - -- if (!p || !p->sem_nsems || p->sem_perm.id < 0) -+ if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0) - return; - - p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem)); diff --git a/backport-CVE-2024-28085.patch b/backport-CVE-2024-28085.patch new file mode 100644 index 0000000000000000000000000000000000000000..874b45576f017ee8b76d985d9b93855024bf4e9c --- /dev/null +++ b/backport-CVE-2024-28085.patch @@ -0,0 +1,29 @@ +From 404b0781f52f7c045ca811b2dceec526408ac253 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 21 Mar 2024 11:16:20 +0100 +Subject: [PATCH] wall: fix escape sequence Injection [CVE-2024-28085] + +Let's use for all cases the same output function. + +Reported-by: Skyler Ferrante +Signed-off-by: Karel Zak +--- + term-utils/wall.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/term-utils/wall.c b/term-utils/wall.c +index f894a32f8..588d3a963 100644 +--- a/term-utils/wall.c ++++ b/term-utils/wall.c +@@ -368,7 +368,7 @@ static char *makemsg(char *fname, char **mvec, int mvecsz, + int i; + + for (i = 0; i < mvecsz; i++) { +- fputs(mvec[i], fs); ++ fputs_careful(mvec[i], fs, '^', true, TERM_WIDTH); + if (i < mvecsz - 1) + fputc(' ', fs); + } +-- +2.33.0 + diff --git a/backport-Fix-ul_path_read_buffer.patch b/backport-Fix-ul_path_read_buffer.patch new file mode 100644 index 0000000000000000000000000000000000000000..41fe2446c353ea862706b176f213fff96f84e696 --- /dev/null +++ b/backport-Fix-ul_path_read_buffer.patch @@ -0,0 +1,29 @@ +From 6273c12257973cbd3c59a710049ee8a8027bbbb1 Mon Sep 17 00:00:00 2001 +From: Daan De Meyer +Date: Thu, 9 May 2024 12:32:31 +0200 +Subject: [PATCH] Fix ul_path_read_buffer() + +The current implementation cuts off the last character of the buffer +if there is no trailing newline. +Reference:https://github.com/util-linux/util-linux/commit/6273c12257973cbd3c59a710049ee8a8027bbbb1 +Conflict:NA +--- + lib/path.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/path.c b/lib/path.c +index 202f19ac4..f897599fd 100644 +--- a/lib/path.c ++++ b/lib/path.c +@@ -682,7 +682,7 @@ int ul_path_read_buffer(struct path_cxt *pc, char *buf, size_t bufsz, const char + if (*(buf + rc - 1) == '\n') + buf[--rc] = '\0'; + else +- buf[rc - 1] = '\0'; ++ buf[rc] = '\0'; + } + + return rc; +-- +2.33.0 + diff --git a/backport-blkid-fix-call-to-err_exclusive_options.patch b/backport-blkid-fix-call-to-err_exclusive_options.patch new file mode 100644 index 0000000000000000000000000000000000000000..d68efdd21404deaf68c85ec5b65e16549b7ec566 --- /dev/null +++ b/backport-blkid-fix-call-to-err_exclusive_options.patch @@ -0,0 +1,34 @@ +From ee84a3bfaf1706269c3a54a546bb057189556e67 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Mon, 2 Oct 2023 11:39:53 +0200 +Subject: [PATCH] blkid: fix call to err_exclusive_options +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +err_exclusive_options needs to be passed the long options array, +otherwise it will crash. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/ee84a3bfaf1706269c3a54a546bb057189556e67 +Conflict:NA +--- + misc-utils/blkid.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/misc-utils/blkid.c b/misc-utils/blkid.c +index 32bc6feea..6df4e074e 100644 +--- a/misc-utils/blkid.c ++++ b/misc-utils/blkid.c +@@ -717,7 +717,7 @@ int main(int argc, char **argv) + while ((c = getopt_long (argc, argv, + "c:DdgH:hilL:n:ko:O:ps:S:t:u:U:w:Vv", longopts, NULL)) != -1) { + +- err_exclusive_options(c, NULL, excl, excl_st); ++ err_exclusive_options(c, longopts, excl, excl_st); + + switch (c) { + case 'c': +-- +2.33.0 + diff --git a/backport-cal-avoid-out-of-bound-write.patch b/backport-cal-avoid-out-of-bound-write.patch new file mode 100644 index 0000000000000000000000000000000000000000..929320225ebeebb3e6c930dc082c3ece7cdce172 --- /dev/null +++ b/backport-cal-avoid-out-of-bound-write.patch @@ -0,0 +1,34 @@ +From 1be53cb47e5e94f5efecaf6ebc55311493343183 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Tue, 26 Dec 2023 11:18:00 +0100 +Subject: [PATCH] cal: avoid out of bound write +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/1be53cb47e5e94f5efecaf6ebc55311493343183 +Conflict:NA +--- + misc-utils/cal.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/misc-utils/cal.c b/misc-utils/cal.c +index 693449dbc..e6f4a6e4f 100644 +--- a/misc-utils/cal.c ++++ b/misc-utils/cal.c +@@ -692,9 +692,9 @@ static void headers_init(struct cal_control *ctl) + for (i = 0; i < DAYS_IN_WEEK; i++) { + size_t space_left; + +- if (i) +- strcat(cur_dh++, " "); + space_left = sizeof(day_headings) - (cur_dh - day_headings); ++ if (i && space_left) ++ strncat(cur_dh++, " ", space_left--); + + if (space_left <= (ctl->day_width - 1)) + break; +-- +2.33.0 + diff --git a/backport-cfdisk-add-hint-about-labels-for-bootable-flag.patch b/backport-cfdisk-add-hint-about-labels-for-bootable-flag.patch new file mode 100644 index 0000000000000000000000000000000000000000..bd7d53f46596c4054cfa4d1c4969e59cccc5e972 --- /dev/null +++ b/backport-cfdisk-add-hint-about-labels-for-bootable-flag.patch @@ -0,0 +1,49 @@ +From 793e8d2ab81324d0a712132b26ee16c08575101b Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 12 Jun 2023 12:33:01 +0200 +Subject: [PATCH] cfdisk: add hint about labels for bootable flag + +Addresses: https://github.com/util-linux/util-linux/discussions/2220 +Signed-off-by: Karel Zak + +Reference:https://github.com/util-linux/util-linux/commit/793e8d2ab81324d0a712132b26ee16c08575101b +Conflict:NA +--- + disk-utils/cfdisk.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/disk-utils/cfdisk.c b/disk-utils/cfdisk.c +index 5f4de8b48..2e29421d7 100644 +--- a/disk-utils/cfdisk.c ++++ b/disk-utils/cfdisk.c +@@ -1,7 +1,7 @@ + /* + * cfdisk.c - Display or manipulate a disk partition table. + * +- * Copyright (C) 2014-2015 Karel Zak ++ * Copyright (C) 2014-2023 Karel Zak + * Copyright (C) 1994 Kevin E. Martin (martin@cs.unc.edu) + * + * The original cfdisk was inspired by the fdisk program +@@ -2257,7 +2257,8 @@ static int ui_help(void) + " ", + N_("Command Meaning"), + N_("------- -------"), +- N_(" b Toggle bootable flag of the current partition"), ++ N_(" b Toggle bootable flag of the current partition;"), ++ N_(" implemented for DOS (MBR) and SGI labels only"), + N_(" d Delete the current partition"), + N_(" h Print this screen"), + N_(" n Create new partition from free space"), +@@ -2281,7 +2282,7 @@ static int ui_help(void) + N_("Use lsblk(8) or partx(8) to see more details about the device."), + " ", + " ", +- "Copyright (C) 2014-2017 Karel Zak " ++ "Copyright (C) 2014-2023 Karel Zak " + }; + + erase(); +-- +2.33.0 + diff --git a/backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch b/backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch new file mode 100644 index 0000000000000000000000000000000000000000..81f0f297093ce1bf5c849283ee784dbd31406740 --- /dev/null +++ b/backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch @@ -0,0 +1,28 @@ +From 72f801dbcd99bc1dcbfdb0bf8e1f5d2f1ad753c6 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 24 Jun 2024 09:46:37 +0200 +Subject: [PATCH] cfdisk: fix possible integer overflow [coverity scan] + +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/72f801dbcd99bc1dcbfdb0bf8e1f5d2f1ad753c6 +Conflict:NA +--- + disk-utils/cfdisk.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/disk-utils/cfdisk.c b/disk-utils/cfdisk.c +index 7b619296..2e0aada4 100644 +--- a/disk-utils/cfdisk.c ++++ b/disk-utils/cfdisk.c +@@ -1733,6 +1733,8 @@ static int ui_table_goto(struct cfdisk *cf, int where) + + if (where < 0) + where = 0; ++ if (!nparts) ++ where = 0; + else if ((size_t) where > nparts - 1) + where = nparts - 1; + +-- +2.33.0 + diff --git a/backport-column-fix-l.patch b/backport-column-fix-l.patch new file mode 100644 index 0000000000000000000000000000000000000000..5c4d94f9849bb02d76173df02ba14a035ee20e92 --- /dev/null +++ b/backport-column-fix-l.patch @@ -0,0 +1,109 @@ +From 6dd30a72e7074493152e8ef9c76759218f489985 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 2 Aug 2023 12:57:37 +0200 +Subject: [PATCH] column: fix -l +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The original implementation is complicated and broken. + +It's possible to calculate the rest of the string (for the last +column) from the current position rather than calculate it +continuously. Use the last wcstok() result also means that it will +work as expected independently on "greedy" mode (skips repeating +separators. + + # printf 'a b c d\n1 2 3 4\n' | ./column -t -o '|' -l3 + a|b|c d + 1|2|3 4 + +(see space between 'a' and 'b' on input) + +References: 8ac75e31de0ece74515e98e0b22e54cc0a9808bd +Fixes: https://github.com/util-linux/util-linux/issues/1763 +Signed-off-by: Karel Zak + +Reference:https://github.com/util-linux/util-linux/commit/6dd30a72e7074493152e8ef9c76759218f489985 +Conflict:NA +--- + text-utils/column.c | 37 ++++++++++++++++--------------------- + 1 file changed, 16 insertions(+), 21 deletions(-) + +diff --git a/text-utils/column.c b/text-utils/column.c +index 88d46b9..79245cd 100644 +--- a/text-utils/column.c ++++ b/text-utils/column.c +@@ -471,37 +471,33 @@ static void modify_table(struct column_control *ctl) + + static int add_line_to_table(struct column_control *ctl, wchar_t *wcs0) + { +- wchar_t *wcdata, *sv = NULL, *wcs = wcs0; +- size_t n = 0, nchars = 0, skip = 0, len; ++ wchar_t *sv = NULL, *wcs = wcs0, *all = NULL; ++ size_t n = 0; + struct libscols_line *ln = NULL; + ++ + if (!ctl->tab) + init_table(ctl); + +- len = wcslen(wcs0); ++ if (ctl->maxncols) { ++ all = wcsdup(wcs0); ++ if (!all) ++ err(EXIT_FAILURE, _("failed to allocate input line")); ++ } + + do { + char *data; ++ wchar_t *wcdata = local_wcstok(ctl, wcs, &sv); ++ ++ if (!wcdata) ++ break; + + if (ctl->maxncols && n + 1 == ctl->maxncols) { +- if (nchars + skip < len) +- wcdata = wcs0 + (nchars + skip); +- else +- wcdata = NULL; +- } else { +- wcdata = local_wcstok(ctl, wcs, &sv); +- +- /* For the default separator ('greedy' mode) it uses +- * strtok() and it skips leading white chars. In this +- * case we need to remember size of the ignored white +- * chars due to wcdata calculation in maxncols case */ +- if (wcdata && ctl->greedy +- && n == 0 && nchars == 0 && wcdata > wcs) +- skip = wcdata - wcs; ++ /* Use rest of the string as column data */ ++ size_t skip = wcdata - wcs0; ++ wcdata = all + skip; + } + +- if (!wcdata) +- break; + if (scols_table_get_ncols(ctl->tab) < n + 1) { + if (scols_table_is_json(ctl->tab) && !ctl->hide_unnamed) + errx(EXIT_FAILURE, _("line %zu: for JSON the name of the " +@@ -517,8 +513,6 @@ static int add_line_to_table(struct column_control *ctl, wchar_t *wcs0) + err(EXIT_FAILURE, _("failed to allocate output line")); + } + +- nchars += wcslen(wcdata) + 1; +- + data = wcs_to_mbs(wcdata); + if (!data) + err(EXIT_FAILURE, _("failed to allocate output data")); +@@ -530,6 +524,7 @@ static int add_line_to_table(struct column_control *ctl, wchar_t *wcs0) + break; + } while (1); + ++ free(all); + return 0; + } + +-- +2.33.0 + diff --git a/backport-column-fix-memory-leak.patch b/backport-column-fix-memory-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..13504c81e47fe53c49664bc9a6f40584b2b90734 --- /dev/null +++ b/backport-column-fix-memory-leak.patch @@ -0,0 +1,32 @@ +From aad8a6079a5cfcf27344a2efdba61017049a927d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Mon, 17 Jul 2023 21:07:18 +0200 +Subject: [PATCH] column: fix memory leak +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh + +Reference:https://github.com/util-linux/util-linux/commit/ +Conflict:NA +--- + text-utils/column.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/text-utils/column.c b/text-utils/column.c +index a443ab8b1..ad3d8f3d7 100644 +--- a/text-utils/column.c ++++ b/text-utils/column.c +@@ -667,6 +667,8 @@ static int read_input(struct column_control *ctl, FILE *fp) + } + } while (rc == 0); + ++ free(buf); ++ + return rc; + } + +-- +2.33.0 + diff --git a/backport-dmesg-print-object-closing-brace-while-waiting-for-n.patch b/backport-dmesg-print-object-closing-brace-while-waiting-for-n.patch new file mode 100644 index 0000000000000000000000000000000000000000..5722ee7e0ff82a8d32fc31667908d57fd151d933 --- /dev/null +++ b/backport-dmesg-print-object-closing-brace-while-waiting-for-n.patch @@ -0,0 +1,44 @@ +From 5740148a20be4ac84884c342199d90553c90f04d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 10 Mar 2024 10:43:20 +0100 +Subject: [PATCH] dmesg: print object closing brace while waiting for next + message +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Allow incremental parsers to process the full object as it is written by +dmesg. + +Closes #2833 + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/5740148a20be4ac84884c342199d90553c90f04d +Conflict:NA +--- + sys-utils/dmesg.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/sys-utils/dmesg.c b/sys-utils/dmesg.c +index 25c674be..e73cddf5 100644 +--- a/sys-utils/dmesg.c ++++ b/sys-utils/dmesg.c +@@ -1344,10 +1344,13 @@ full_output: + + done: + free(mesg_copy); +- if (ctl->json) ++ if (ctl->json) { + ul_jsonwrt_object_close(&ctl->jfmt); +- else ++ if (ctl->follow) ++ ul_jsonwrt_flush(&ctl->jfmt); ++ } else { + putchar('\n'); ++ } + } + + /* +-- +2.33.0 + diff --git a/backport-fadvise-test-don-t-compare-fincore-page-counts.patch b/backport-fadvise-test-don-t-compare-fincore-page-counts.patch new file mode 100644 index 0000000000000000000000000000000000000000..757d9d4fd3f6649ac4edbdc0e51fdc46666b8ad0 --- /dev/null +++ b/backport-fadvise-test-don-t-compare-fincore-page-counts.patch @@ -0,0 +1,71 @@ +From 33980996d0b429fc59c40f8352633c0a21a0f96a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 21 May 2023 21:44:20 +0200 +Subject: [PATCH] fadvise: (test) don't compare fincore page counts +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +These depend on the machines pagesize and are therefore not a good +comparision. + +Signed-off-by: Thomas Weißschuh +--- + tests/expected/fadvise/drop | 20 ++++++++++---------- + tests/ts/fadvise/drop | 2 +- + 2 files changed, 11 insertions(+), 11 deletions(-) + +diff --git a/tests/expected/fadvise/drop b/tests/expected/fadvise/drop +index f2360b56f..25f23e050 100644 +--- a/tests/expected/fadvise/drop ++++ b/tests/expected/fadvise/drop +@@ -1,23 +1,23 @@ +- RES PAGES SIZE FILE +- 32K 8 32K ddtest ++ RES SIZE FILE ++ 32K 32K ddtest + + whole file + status: 0 +-RES PAGES SIZE FILE +- 0B 0 32K ddtest ++RES SIZE FILE ++ 0B 32K ddtest + + offset: 8192 + status: 0 +-RES PAGES SIZE FILE +- 8K 2 32K ddtest ++RES SIZE FILE ++ 8K 32K ddtest + + length: 16384 + status: 0 +- RES PAGES SIZE FILE +- 16K 4 32K ddtest ++ RES SIZE FILE ++ 16K 32K ddtest + + offset: 8192, length: 16384 fd: 42 + status: 0 +- RES PAGES SIZE FILE +- 16K 4 32K ddtest ++ RES SIZE FILE ++ 16K 32K ddtest + +diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop +index 8869b7da4..6c4298e87 100755 +--- a/tests/ts/fadvise/drop ++++ b/tests/ts/fadvise/drop +@@ -29,7 +29,7 @@ create_file() { + } + + do_fincore() { +- "$TS_CMD_FINCORE" "$FILE" ++ "$TS_CMD_FINCORE" -o RES,SIZE,FILE "$FILE" + } + + { +-- +2.33.0 + diff --git a/backport-fadvise-test-dynamically-calculate-expected-test-val.patch b/backport-fadvise-test-dynamically-calculate-expected-test-val.patch new file mode 100644 index 0000000000000000000000000000000000000000..2304bb55e74f1c41f6cc9da42c108b902537cbe6 --- /dev/null +++ b/backport-fadvise-test-dynamically-calculate-expected-test-val.patch @@ -0,0 +1,58 @@ +From 8b36444f447949c3ab477f2c43b45a94c30ee7bf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 21 May 2023 21:42:14 +0200 +Subject: [PATCH] fadvise: (test) dynamically calculate expected test values +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +--- + tests/ts/fadvise/drop | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop +index 7c7eee5dc..86c0d5b0a 100755 +--- a/tests/ts/fadvise/drop ++++ b/tests/ts/fadvise/drop +@@ -16,7 +16,7 @@ ts_check_prog "sleep" + ts_cd "$TS_OUTDIR" + + FILE="ddtest" +-BS=4k ++BS=4096 + COUNT=8 + + FILE_FS="$("$TS_CMD_FINDMNT" -nr -o FSTYPE -T "$PWD")" +@@ -41,22 +41,22 @@ create_file() { + echo + + create_file +- echo "offset: 8192" +- "$TS_CMD_FADVISE" -o 8192 "$FILE" ++ echo "offset: $(( 2 * $BS ))" ++ "$TS_CMD_FADVISE" -o $(( 2 * $BS )) "$FILE" + echo status: $? + "$TS_CMD_FINCORE" "$FILE" + echo + + create_file +- echo "length: 16384" +- "$TS_CMD_FADVISE" -l 16384 "$FILE" ++ echo "length: $(( 4 * $BS ))" ++ "$TS_CMD_FADVISE" -l $(( 4 * $BS )) "$FILE" + echo status: $? + "$TS_CMD_FINCORE" "$FILE" + echo + + create_file +- echo "offset: 8192, length: 16384 fd: 42" +- "$TS_CMD_FADVISE" -o 8192 -l 16384 --fd 42 42<"$FILE" ++ echo "offset: $(( 2 * $BS )), length: $(( 4 * $BS )) fd: 42" ++ "$TS_CMD_FADVISE" -o $(( 2 * $BS )) -l $(( 4 * $BS )) --fd 42 42<"$FILE" + echo status: $? + "$TS_CMD_FINCORE" "$FILE" + echo +-- +2.33.0 + diff --git a/backport-fadvise-test-test-with-64k-blocks.patch b/backport-fadvise-test-test-with-64k-blocks.patch new file mode 100644 index 0000000000000000000000000000000000000000..c588c0316d062447153e2784de7d8f8f51cd9bfb --- /dev/null +++ b/backport-fadvise-test-test-with-64k-blocks.patch @@ -0,0 +1,74 @@ +From c0f31b79f5d1c665cdc057fb32f4d161d28aa5b2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 21 May 2023 21:45:10 +0200 +Subject: [PATCH] fadvise: (test) test with 64k blocks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This will allow the tests to also pass on systems with 64k pagesizes. + +Closes #2249 +Signed-off-by: Thomas Weißschuh +--- + tests/expected/fadvise/drop | 26 +++++++++++++------------- + tests/ts/fadvise/drop | 2 +- + 2 files changed, 14 insertions(+), 14 deletions(-) + +diff --git a/tests/expected/fadvise/drop b/tests/expected/fadvise/drop +index 25f23e050..e7bb26b6e 100644 +--- a/tests/expected/fadvise/drop ++++ b/tests/expected/fadvise/drop +@@ -1,23 +1,23 @@ +- RES SIZE FILE +- 32K 32K ddtest ++ RES SIZE FILE ++ 512K 512K ddtest + + whole file + status: 0 +-RES SIZE FILE +- 0B 32K ddtest ++RES SIZE FILE ++ 0B 512K ddtest + +-offset: 8192 ++offset: 131072 + status: 0 +-RES SIZE FILE +- 8K 32K ddtest ++ RES SIZE FILE ++ 128K 512K ddtest + +-length: 16384 ++length: 262144 + status: 0 +- RES SIZE FILE +- 16K 32K ddtest ++ RES SIZE FILE ++ 256K 512K ddtest + +-offset: 8192, length: 16384 fd: 42 ++offset: 131072, length: 262144 fd: 42 + status: 0 +- RES SIZE FILE +- 16K 32K ddtest ++ RES SIZE FILE ++ 256K 512K ddtest + +diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop +index 6c4298e87..45dcb9110 100755 +--- a/tests/ts/fadvise/drop ++++ b/tests/ts/fadvise/drop +@@ -16,7 +16,7 @@ ts_check_prog "sleep" + ts_cd "$TS_OUTDIR" + + FILE="ddtest" +-BS=4096 ++BS=65536 + COUNT=8 + + FILE_FS="$("$TS_CMD_FINDMNT" -nr -o FSTYPE -T "$PWD")" +-- +2.33.0 + diff --git a/backport-fadvise-tests-factor-out-calls-to-fincore.patch b/backport-fadvise-tests-factor-out-calls-to-fincore.patch new file mode 100644 index 0000000000000000000000000000000000000000..2698f9e576d5901dd1078fceb60cabd0704eda7e --- /dev/null +++ b/backport-fadvise-tests-factor-out-calls-to-fincore.patch @@ -0,0 +1,69 @@ +From e5009e773fc801eca887dd43b721cd1b1aa327be Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 21 May 2023 21:43:38 +0200 +Subject: [PATCH] fadvise: (tests) factor out calls to "fincore" +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This will make it easier to pass argument later. + +Signed-off-by: Thomas Weißschuh +--- + tests/ts/fadvise/drop | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop +index 86c0d5b0a..8869b7da4 100755 +--- a/tests/ts/fadvise/drop ++++ b/tests/ts/fadvise/drop +@@ -28,37 +28,41 @@ create_file() { + dd if=/dev/zero of="$FILE" bs=$BS count=$COUNT conv=fsync >& /dev/null + } + ++do_fincore() { ++ "$TS_CMD_FINCORE" "$FILE" ++} ++ + { + create_file +- "$TS_CMD_FINCORE" "$FILE" ++ do_fincore + echo + + create_file + echo "whole file" + "$TS_CMD_FADVISE" "$FILE" + echo status: $? +- "$TS_CMD_FINCORE" "$FILE" ++ do_fincore + echo + + create_file + echo "offset: $(( 2 * $BS ))" + "$TS_CMD_FADVISE" -o $(( 2 * $BS )) "$FILE" + echo status: $? +- "$TS_CMD_FINCORE" "$FILE" ++ do_fincore + echo + + create_file + echo "length: $(( 4 * $BS ))" + "$TS_CMD_FADVISE" -l $(( 4 * $BS )) "$FILE" + echo status: $? +- "$TS_CMD_FINCORE" "$FILE" ++ do_fincore + echo + + create_file + echo "offset: $(( 2 * $BS )), length: $(( 4 * $BS )) fd: 42" + "$TS_CMD_FADVISE" -o $(( 2 * $BS )) -l $(( 4 * $BS )) --fd 42 42<"$FILE" + echo status: $? +- "$TS_CMD_FINCORE" "$FILE" ++ do_fincore + echo + + rm "$FILE" +-- +2.33.0 + diff --git a/backport-fsck.minix-fix-possible-overrun.patch b/backport-fsck.minix-fix-possible-overrun.patch new file mode 100644 index 0000000000000000000000000000000000000000..10627e75c7e4f472e5184285ebeb90a8a8110581 --- /dev/null +++ b/backport-fsck.minix-fix-possible-overrun.patch @@ -0,0 +1,28 @@ +From a972f4096b7c730acf57db35df01ea3788de986a Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 30 Apr 2024 11:04:32 +0200 +Subject: [PATCH] fsck.minix: fix possible overrun + +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/a972f4096b7c730acf57db35df01ea3788de986a +Conflict:NA +--- + disk-utils/fsck.minix.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/disk-utils/fsck.minix.c b/disk-utils/fsck.minix.c +index 03a47460e..08903587b 100644 +--- a/disk-utils/fsck.minix.c ++++ b/disk-utils/fsck.minix.c +@@ -548,7 +548,7 @@ get_dirsize(void) { + block = Inode[ROOT_INO].i_zone[0]; + read_block(block, blk); + +- for (size = 16; size < MINIX_BLOCK_SIZE; size <<= 1) { ++ for (size = 16; size + 2 < MINIX_BLOCK_SIZE; size <<= 1) { + if (strcmp(blk + size + 2, "..") == 0) { + dirsize = size; + namelen = size - 2; +-- +2.33.0 + diff --git a/backport-hexdump-check-blocksize-when-display-data.patch b/backport-hexdump-check-blocksize-when-display-data.patch new file mode 100644 index 0000000000000000000000000000000000000000..a47dae6149754a4e9b17a4597a49b12286955980 --- /dev/null +++ b/backport-hexdump-check-blocksize-when-display-data.patch @@ -0,0 +1,61 @@ +From dfa1ad272528a92384adac523cf2f2949b767d8d Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 27 Feb 2024 18:38:02 +0100 +Subject: [PATCH] hexdump: check blocksize when display data + +hexdump(1) stores input to buffer and apply format unit when prints +the output. The unit can move pointer which points to the buffer, but +code does not check for limits. + +Fixes: https://github.com/util-linux/util-linux/issues/2806 +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/dfa1ad272528a92384adac523cf2f2949b767d8d +Conflict:NA +--- + text-utils/hexdump-display.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/text-utils/hexdump-display.c b/text-utils/hexdump-display.c +index bc92bd0ca..c865127c8 100644 +--- a/text-utils/hexdump-display.c ++++ b/text-utils/hexdump-display.c +@@ -250,6 +250,8 @@ void display(struct hexdump *hex) + struct list_head *p, *q, *r; + + while ((bp = get(hex)) != NULL) { ++ ssize_t rem = hex->blocksize; ++ + fs = &hex->fshead; savebp = bp; saveaddress = address; + + list_for_each(p, fs) { +@@ -263,7 +265,7 @@ void display(struct hexdump *hex) + + cnt = fu->reps; + +- while (cnt) { ++ while (cnt && rem >= 0) { + list_for_each(r, &fu->prlist) { + pr = list_entry(r, struct hexdump_pr, prlist); + +@@ -280,12 +282,18 @@ void display(struct hexdump *hex) + print(pr, bp); + + address += pr->bcnt; ++ ++ rem -= pr->bcnt; ++ if (rem < 0) ++ break; ++ + bp += pr->bcnt; + } + --cnt; + } + } + bp = savebp; ++ rem = hex->blocksize; + address = saveaddress; + } + } +-- +2.33.0 + diff --git a/backport-include-c.h-add-helpers-for-unaligned-structure-acce.patch b/backport-include-c.h-add-helpers-for-unaligned-structure-acce.patch new file mode 100644 index 0000000000000000000000000000000000000000..21bd5071c0e3b490de4102f8db829d6476c5bc83 --- /dev/null +++ b/backport-include-c.h-add-helpers-for-unaligned-structure-acce.patch @@ -0,0 +1,37 @@ +From 68459714838c8c0c2d34b6d658638f5d59298bc7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 1 Oct 2023 13:57:12 +0200 +Subject: [PATCH] include/c.h: add helpers for unaligned structure access +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/68459714838c8c0c2d34b6d658638f5d59298bc7 +Conflict:NA +--- + include/c.h | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/include/c.h b/include/c.h +index 752f568c5..224a8e54f 100644 +--- a/include/c.h ++++ b/include/c.h +@@ -213,6 +213,14 @@ + (type *)( (char *)__mptr - offsetof(type,member) );}) + #endif + ++#define read_unaligned_member(p, m) __extension__ ({ \ ++ size_t offset = offsetof(__typeof__(* p), m); \ ++ __typeof__(p->m) v; \ ++ memcpy(&v, ((unsigned char *)p) + offset, sizeof(v)); \ ++ v; }) ++ ++#define member_ptr(p, m) (((unsigned char *)p) + offsetof(__typeof__(*p), m)) ++ + #ifndef HAVE_PROGRAM_INVOCATION_SHORT_NAME + # ifdef HAVE___PROGNAME + extern char *__progname; +-- +2.33.0 + diff --git a/backport-jsonwrt-add-ul_jsonwrt_flush.patch b/backport-jsonwrt-add-ul_jsonwrt_flush.patch new file mode 100644 index 0000000000000000000000000000000000000000..7f55b41b3e239e93dee9d20fa267c2a0a7e01abd --- /dev/null +++ b/backport-jsonwrt-add-ul_jsonwrt_flush.patch @@ -0,0 +1,47 @@ +From 79e77816c424e25d9299ea4d63f5c0c7cfe1844f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 10 Mar 2024 07:17:25 +0100 +Subject: [PATCH] jsonwrt: add ul_jsonwrt_flush +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/79e77816c424e25d9299ea4d63f5c0c7cfe1844f +Conflict:NA +--- + include/jsonwrt.h | 1 + + lib/jsonwrt.c | 5 +++++ + 2 files changed, 6 insertions(+) + +diff --git a/include/jsonwrt.h b/include/jsonwrt.h +index b450afcf..1944d993 100644 +--- a/include/jsonwrt.h ++++ b/include/jsonwrt.h +@@ -23,6 +23,7 @@ int ul_jsonwrt_is_ready(struct ul_jsonwrt *fmt); + void ul_jsonwrt_indent(struct ul_jsonwrt *fmt); + void ul_jsonwrt_open(struct ul_jsonwrt *fmt, const char *name, int type); + void ul_jsonwrt_close(struct ul_jsonwrt *fmt, int type); ++void ul_jsonwrt_flush(struct ul_jsonwrt *fmt); + + #define ul_jsonwrt_root_open(_f) ul_jsonwrt_open(_f, NULL, UL_JSON_OBJECT) + #define ul_jsonwrt_root_close(_f) ul_jsonwrt_close(_f, UL_JSON_OBJECT) +diff --git a/lib/jsonwrt.c b/lib/jsonwrt.c +index 243ed823..e21368de 100644 +--- a/lib/jsonwrt.c ++++ b/lib/jsonwrt.c +@@ -178,6 +178,11 @@ void ul_jsonwrt_close(struct ul_jsonwrt *fmt, int type) + fmt->after_close = 1; + } + ++void ul_jsonwrt_flush(struct ul_jsonwrt *fmt) ++{ ++ fflush(fmt->out); ++} ++ + void ul_jsonwrt_value_raw(struct ul_jsonwrt *fmt, + const char *name, const char *data) + { +-- +2.33.0 + diff --git a/backport-last-avoid-out-of-bounds-array-access.patch b/backport-last-avoid-out-of-bounds-array-access.patch new file mode 100644 index 0000000000000000000000000000000000000000..d3568c4f0620616ac2de4530117e2574debca5ff --- /dev/null +++ b/backport-last-avoid-out-of-bounds-array-access.patch @@ -0,0 +1,30 @@ +From 75822efb8e948b538d9e9ccc329a5430fdabb7ea Mon Sep 17 00:00:00 2001 +From: biubiuzy <294772273@qq.com> +Date: Fri, 23 Feb 2024 17:44:12 +0800 +Subject: [PATCH] last: avoid out of bounds array access + +Reference:https://github.com/util-linux/util-linux/commit/75822efb8e948b538d9e9ccc329a5430fdabb7ea +Conflict:NA +--- + login-utils/last.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/login-utils/last.c b/login-utils/last.c +index bbbe817f8..f5a9fec08 100644 +--- a/login-utils/last.c ++++ b/login-utils/last.c +@@ -351,7 +351,10 @@ static int time_formatter(int fmt, char *dst, size_t dlen, time_t *when) + { + char buf[CTIME_BUFSIZ]; + +- ctime_r(when, buf); ++ if (!ctime_r(when, buf)) { ++ ret = -1; ++ break; ++ } + snprintf(dst, dlen, "%s", buf); + ret = rtrim_whitespace((unsigned char *) dst); + break; +-- +2.33.0 + diff --git a/backport-ldattach-don-t-call-exit-from-signal-handler.patch b/backport-ldattach-don-t-call-exit-from-signal-handler.patch new file mode 100644 index 0000000000000000000000000000000000000000..5d166f0ddc97eeb9336e578498daf5298a7ae659 --- /dev/null +++ b/backport-ldattach-don-t-call-exit-from-signal-handler.patch @@ -0,0 +1,33 @@ +From de13900d71a968e859ab7aece4537dfd87c7185c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Fri, 22 Sep 2023 20:21:38 +0200 +Subject: [PATCH] ldattach: don't call exit() from signal handler +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Instead use _exit(). + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/de13900d71a968e859ab7aece4537dfd87c7185c +Conflict:NA +--- + sys-utils/ldattach.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sys-utils/ldattach.c b/sys-utils/ldattach.c +index 0a6b6f2d2..9c67eeec8 100644 +--- a/sys-utils/ldattach.c ++++ b/sys-utils/ldattach.c +@@ -257,7 +257,7 @@ static int my_cfsetspeed(struct termios *ts, int speed) + static void handler(int s) + { + dbg("got SIG %i -> exiting", s); +- exit(EXIT_SUCCESS); ++ _exit(EXIT_SUCCESS); + } + + static void gsm0710_set_conf(int tty_fd) +-- +2.33.0 + diff --git a/backport-lib-caputils-fix-integer-handling-issues-coverity-sc.patch b/backport-lib-caputils-fix-integer-handling-issues-coverity-sc.patch new file mode 100644 index 0000000000000000000000000000000000000000..67f8b2691642ceaeff6ce7937036f703c97f2953 --- /dev/null +++ b/backport-lib-caputils-fix-integer-handling-issues-coverity-sc.patch @@ -0,0 +1,26 @@ +From 01a0a556018694bfaf6b01a5a40f8d0d10641a1f Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 18 May 2023 10:26:02 +0200 +Subject: [PATCH] lib/caputils: fix integer handling issues [coverity scan] + +Signed-off-by: Karel Zak +--- + lib/caputils.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/caputils.c b/lib/caputils.c +index 3041c3078..23866c071 100644 +--- a/lib/caputils.c ++++ b/lib/caputils.c +@@ -119,7 +119,7 @@ void cap_permitted_to_ambient(void) + if (cap > (uint64_t) cap_last_cap()) + continue; + +- if ((effective & (1 << cap)) ++ if ((effective & (1ULL << cap)) + && prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0) < 0) + err(EXIT_FAILURE, _("prctl(PR_CAP_AMBIENT) failed")); + } +-- +2.33.0 + diff --git a/backport-lib-cpuset-exit-early-from-cpulist_parse.patch b/backport-lib-cpuset-exit-early-from-cpulist_parse.patch new file mode 100644 index 0000000000000000000000000000000000000000..e242224cf1fd9064f49436572526e3cff2bf7f75 --- /dev/null +++ b/backport-lib-cpuset-exit-early-from-cpulist_parse.patch @@ -0,0 +1,43 @@ +From 566b1d348897a34016653d6de040688a2c0a136c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Thu, 1 Feb 2024 20:09:41 +0100 +Subject: [PATCH] lib/cpuset: exit early from cpulist_parse +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If `a` exceeds `max`, any increment of `a` will also `exceed` max. +In this case the CPU_SET_S will never do anything all additional loops +are wasted. + +Fixes #2748 + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/566b1d348897a34016653d6de040688a2c0a136c +Conflict:NA +--- + lib/cpuset.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/lib/cpuset.c b/lib/cpuset.c +index 643537f6d..533b8ab30 100644 +--- a/lib/cpuset.c ++++ b/lib/cpuset.c +@@ -326,8 +326,12 @@ int cpulist_parse(const char *str, cpu_set_t *set, size_t setsize, int fail) + if (!(a <= b)) + return 1; + while (a <= b) { +- if (fail && (a >= max)) +- return 2; ++ if (a >= max) { ++ if (fail) ++ return 2; ++ else ++ break; ++ } + CPU_SET_S(a, setsize, set); + a += s; + } +-- +2.33.0 + diff --git a/backport-lib-path-fix-possible-out-of-boundary-access.patch b/backport-lib-path-fix-possible-out-of-boundary-access.patch new file mode 100644 index 0000000000000000000000000000000000000000..2f6afc5476344446d6a2d6b2d096f1606b03091f --- /dev/null +++ b/backport-lib-path-fix-possible-out-of-boundary-access.patch @@ -0,0 +1,47 @@ +From 0129c883459894f3e7101cbfb987f08a2242474b Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Sun, 8 Oct 2023 20:41:29 +0200 +Subject: [PATCH] lib/path: fix possible out of boundary access + +If fgets reads from a file starting with a NUL byte in ul_path_cpuparse, +then the check for newline leads to an out of boundary access. + +Proof of Concept (compile with --enable-asan): + +1. Prepare /tmp/poc with required files +``` +$ install -d /tmp/poc/sys/devices/system/cpu +$ dd if=/dev/zero of=/tmp/poc/sys/devices/system/cpu/possible bs=1 count=1 +$ install -D /dev/null /tmp/poc/proc/cpuinfo +``` + +2. Run lscpu with sysroot option +``` +$ lscpu --sysroot /tmp/poc +================================================================= +==78238==ERROR: AddressSanitizer: heap-buffer-overflow +``` + +Signed-off-by: Tobias Stoeckmann +Reference:https://github.com/util-linux/util-linux/commit/0129c883459894f3e7101cbfb987f08a2242474b +Conflict:NA +--- + lib/path.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/path.c b/lib/path.c +index bf15ab9..5114e44 100644 +--- a/lib/path.c ++++ b/lib/path.c +@@ -1013,7 +1013,7 @@ static int ul_path_cpuparse(struct path_cxt *pc, cpu_set_t **set, int maxcpus, i + return rc; + + len = strlen(buf); +- if (buf[len - 1] == '\n') ++ if (len > 0 && buf[len - 1] == '\n') + buf[len - 1] = '\0'; + + *set = cpuset_alloc(maxcpus, &setsize, NULL); +-- +2.33.0 + diff --git a/backport-libblkid-Check-offset-in-LUKS2-header.patch b/backport-libblkid-Check-offset-in-LUKS2-header.patch new file mode 100644 index 0000000000000000000000000000000000000000..584d83a05fcfa785569b60efa8c834d610f06821 --- /dev/null +++ b/backport-libblkid-Check-offset-in-LUKS2-header.patch @@ -0,0 +1,84 @@ +From e49de00f4a22f91ec5af08d97e30a198cd64e00d Mon Sep 17 00:00:00 2001 +From: Milan Broz +Date: Fri, 16 Feb 2024 16:44:12 +0100 +Subject: [PATCH] libblkid: Check offset in LUKS2 header + +LUKS2 binary header contains offset field that describes where +the header should be located. + +If this offset is not correct, blkid should tread this header +as invalid. + +This patch fixes problem when both swap and LUKS headers are +present (LUKS header was swapped out) and detected LUKS header +is at a wrong offset. +As LUKS has higher priority, it confuses detection. + +Signed-off-by: Milan Broz +Reference:https://github.com/util-linux/util-linux/commit/e49de00f4a22f91ec5af08d97e30a198cd64e00d +Conflict:Delete binary file +--- + libblkid/src/superblocks/luks.c | 20 +++++++++++++++++--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +diff --git a/libblkid/src/superblocks/luks.c b/libblkid/src/superblocks/luks.c +index 0230b34..4623c98 100644 +--- a/libblkid/src/superblocks/luks.c ++++ b/libblkid/src/superblocks/luks.c +@@ -1,6 +1,6 @@ + /* + * Copyright (C) 2008 Karel Zak +- * Copyright (C) 2018 Milan Broz ++ * Copyright (C) 2018-2024 Milan Broz + * + * Inspired by libvolume_id by + * Kay Sievers +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + + #include "superblocks.h" + +@@ -96,6 +97,19 @@ static int luks_attributes(blkid_probe pr, struct luks2_phdr *header, uint64_t o + return BLKID_PROBE_OK; + } + ++static bool luks_valid(struct luks2_phdr *header, const char *magic, uint64_t offset) ++{ ++ if (memcmp(header->magic, magic, LUKS_MAGIC_L)) ++ return false; ++ ++ /* LUKS2 header is not at expected offset */ ++ if (be16_to_cpu(header->version) == 2 && ++ be64_to_cpu(header->hdr_offset) != offset) ++ return false; ++ ++ return true; ++} ++ + static int probe_luks(blkid_probe pr, const struct blkid_idmag *mag __attribute__((__unused__))) + { + struct luks2_phdr *header; +@@ -105,7 +119,7 @@ static int probe_luks(blkid_probe pr, const struct blkid_idmag *mag __attribute_ + if (!header) + return errno ? -errno : BLKID_PROBE_NONE; + +- if (!memcmp(header->magic, LUKS_MAGIC, LUKS_MAGIC_L)) { ++ if (luks_valid(header, LUKS_MAGIC, 0)) { + /* LUKS primary header was found. */ + return luks_attributes(pr, header, 0); + } +@@ -118,7 +132,7 @@ static int probe_luks(blkid_probe pr, const struct blkid_idmag *mag __attribute_ + if (!header) + return errno ? -errno : BLKID_PROBE_NONE; + +- if (!memcmp(header->magic, LUKS_MAGIC_2, LUKS_MAGIC_L)) ++ if (luks_valid(header, LUKS_MAGIC_2, secondary_offsets[i])) + return luks_attributes(pr, header, secondary_offsets[i]); + } + +-- +2.33.0 + diff --git a/backport-libblkid-apfs-validate-checksums.patch b/backport-libblkid-apfs-validate-checksums.patch new file mode 100644 index 0000000000000000000000000000000000000000..777d53426bf02524f927f73f4689931d6e6edfb4 --- /dev/null +++ b/backport-libblkid-apfs-validate-checksums.patch @@ -0,0 +1,75 @@ +From 2011a616aa533c336f9242f25017ce7043557e4c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Tue, 6 Aug 2024 19:07:48 +0200 +Subject: [PATCH] libblkid: apfs: validate checksums +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The apfs superblock contains a checksum based on Fletcher-64. +Validate the checksum to make the probing more robust. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/2011a616aa533c336f9242f25017ce7043557e4c +Conflict:NA +--- + libblkid/src/superblocks/apfs.c | 36 ++++++++++++++++++++++++++++++++- + 1 file changed, 35 insertions(+), 1 deletion(-) + +diff --git a/libblkid/src/superblocks/apfs.c b/libblkid/src/superblocks/apfs.c +index b7f09f33..4557abcb 100644 +--- a/libblkid/src/superblocks/apfs.c ++++ b/libblkid/src/superblocks/apfs.c +@@ -35,7 +35,38 @@ struct apfs_super_block { + uint64_t read_only_features; + uint64_t incompatible_features; + uint8_t uuid[16]; +-}; ++ ++ uint8_t padding[4008]; // Pad to 4096 bytes for checksum ++} __attribute__((packed)); ++ ++static uint64_t apfs_fletcher64(const uint8_t *buf, size_t size) ++{ ++ uint64_t lo32 = 0, hi32 = 0, csum_hi; ++ uint32_t csum_low; ++ size_t i; ++ ++ for (i = 0; i < size / 4; i++) { ++ lo32 += le32_to_cpu(((uint32_t *)buf)[i]); ++ hi32 += lo32; ++ } ++ ++ csum_low = ~((lo32 + hi32) % UINT32_MAX); ++ csum_hi = ~((lo32 + csum_low) % UINT32_MAX); ++ ++ return csum_hi << 32 | csum_low; ++} ++ ++static int apfs_verify_checksum(blkid_probe pr, ++ const struct apfs_super_block *sb) ++{ ++ const size_t csummed_start_offset = offsetof(__typeof__(*sb), oid); ++ uint64_t csum; ++ ++ csum = apfs_fletcher64(((const uint8_t *)sb) + csummed_start_offset, ++ sizeof(*sb) - csummed_start_offset); ++ ++ return blkid_probe_verify_csum(pr, csum, le64_to_cpu(sb->checksum)); ++} + + static int probe_apfs(blkid_probe pr, const struct blkid_idmag *mag) + { +@@ -45,6 +76,9 @@ static int probe_apfs(blkid_probe pr, const struct blkid_idmag *mag) + if (!sb) + return errno ? -errno : BLKID_PROBE_NONE; + ++ if (!apfs_verify_checksum(pr, sb)) ++ return BLKID_PROBE_NONE; ++ + if (le16_to_cpu(sb->type) != APFS_CONTAINER_SUPERBLOCK_TYPE) + return BLKID_PROBE_NONE; + +-- +2.33.0 + diff --git a/backport-libblkid-avoid-aligning-out-of-probing-area.patch b/backport-libblkid-avoid-aligning-out-of-probing-area.patch new file mode 100644 index 0000000000000000000000000000000000000000..9748029c2ee5c0f5d0d750cbb078c3721953a238 --- /dev/null +++ b/backport-libblkid-avoid-aligning-out-of-probing-area.patch @@ -0,0 +1,48 @@ +From 025b11465d086c55948eff484f40c993f2184990 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Fri, 12 Jan 2024 08:47:50 +0100 +Subject: [PATCH] libblkid: avoid aligning out of probing area +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When reading from the end of the device the IO size alignment could +enlarge the read buffer outside of the probing area. +This would then trigger a read failure. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/025b11465d086c55948eff484f40c993f2184990 +Conflict:Context adapt +--- + libblkid/src/probe.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/libblkid/src/probe.c b/libblkid/src/probe.c +index fee5b55..0e716b5 100644 +--- a/libblkid/src/probe.c ++++ b/libblkid/src/probe.c +@@ -648,13 +648,18 @@ static int hide_buffer(blkid_probe pr, uint64_t off, uint64_t len) + unsigned char *blkid_probe_get_buffer(blkid_probe pr, uint64_t off, uint64_t len) + { + struct blkid_bufinfo *bf = NULL; +- uint64_t real_off, bias; ++ uint64_t real_off, bias, len_align; + + bias = off % pr->io_size; + off -= bias; + len += bias; +- if (len % pr->io_size) +- len += pr->io_size - (len % pr->io_size); ++ ++ if (len % pr->io_size) { ++ len_align = pr->io_size - (len % pr->io_size); ++ ++ if (pr->off + off + len + len_align <= pr->size) ++ len += len_align; ++ } + + real_off = pr->off + off; + +-- +2.33.0 + diff --git a/backport-libblkid-avoid-memory-leak-of-cachefile-path.patch b/backport-libblkid-avoid-memory-leak-of-cachefile-path.patch new file mode 100644 index 0000000000000000000000000000000000000000..e5e0e0aaae95d096a0cc239278e28278ab2f24b3 --- /dev/null +++ b/backport-libblkid-avoid-memory-leak-of-cachefile-path.patch @@ -0,0 +1,30 @@ +From beead87f3b65b1e9149d27779f5aac215a1f8b24 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Fri, 22 Sep 2023 11:20:04 +0200 +Subject: [PATCH] libblkid: avoid memory leak of cachefile path +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/beead87f3b65b1e9149d27779f5aac215a1f8b24 +Conflict:NA +--- + libblkid/src/config.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/libblkid/src/config.c b/libblkid/src/config.c +index f229b3e63..d3f5eea3d 100644 +--- a/libblkid/src/config.c ++++ b/libblkid/src/config.c +@@ -155,6 +155,7 @@ dflt: + fclose(f); + return conf; + err: ++ free(conf->cachefile); + free(conf); + fclose(f); + return NULL; +-- +2.33.0 + diff --git a/backport-libblkid-constify-cached-disk-data.patch b/backport-libblkid-constify-cached-disk-data.patch new file mode 100644 index 0000000000000000000000000000000000000000..144959da49a8c0c30a762e2815c3847c5ed39019 --- /dev/null +++ b/backport-libblkid-constify-cached-disk-data.patch @@ -0,0 +1,44 @@ +From 7eba8f98bdc3ed9c0ef1c8527aa61e1a3656449c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Thu, 18 May 2023 22:37:10 +0200 +Subject: [PATCH] libblkid: constify cached disk data +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The data returned from blkid_probe_get_buffer() and friends may or may +not be cached between different calls. +If one copy is modified this may not be visible in other copies. + +This issue can be avoided by making any modification illegal. + +See also #2165 + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/7eba8f98bdc3ed9c0ef1c8527aa61e1a3656449c +Conflict:modify raid1_verify_csum +--- + libblkid/src/superblocks/linux_raid.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/libblkid/src/superblocks/linux_raid.c b/libblkid/src/superblocks/linux_raid.c +index 360cd4e..ed2dbb2 100644 +--- a/libblkid/src/superblocks/linux_raid.c ++++ b/libblkid/src/superblocks/linux_raid.c +@@ -191,11 +191,10 @@ static int raid1_verify_csum(blkid_probe pr, off_t off, + if (!csummed) + return 1; + +- memset(csummed + offsetof(struct mdp1_super_block, sb_csum), 0, +- sizeof(mdp1->sb_csum)); +- + uint64_t csum = 0; + ++ csum -= le32_to_cpu(*(uint32_t *) (csummed + offsetof(struct mdp1_super_block, sb_csum))); ++ + while (csummed_size >= 4) { + csum += le32_to_cpu(*(uint32_t *) csummed); + csummed_size -= 4; +-- +2.33.0 + diff --git a/backport-libblkid-drbd-reduce-false-positive.patch b/backport-libblkid-drbd-reduce-false-positive.patch new file mode 100644 index 0000000000000000000000000000000000000000..834370643791277385512d6ef58cdee83ee93162 --- /dev/null +++ b/backport-libblkid-drbd-reduce-false-positive.patch @@ -0,0 +1,52 @@ +From 4d19f9bec7997e90b36422c6779ec1d98def95f3 Mon Sep 17 00:00:00 2001 +From: biubiuzy <294772273@qq.com> +Date: Wed, 17 Jan 2024 11:23:47 +0800 +Subject: [PATCH] libblkid: (drbd) reduce false-positive + +Reference:https://github.com/util-linux/util-linux/commit/4d19f9bec7997e90b36422c6779ec1d98def95f3 +Conflict:Context adapt +--- + libblkid/src/superblocks/drbd.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/libblkid/src/superblocks/drbd.c b/libblkid/src/superblocks/drbd.c +index 1723229..410e21d 100644 +--- a/libblkid/src/superblocks/drbd.c ++++ b/libblkid/src/superblocks/drbd.c +@@ -18,6 +18,13 @@ + + #include "superblocks.h" + ++/* ++ * drbd/drbd_int.h ++ */ ++#define BM_BLOCK_SHIFT 12 /* 4k per bit */ ++#define BM_BLOCK_SIZE (1<magic) != DRBD_MD_MAGIC_84_UNCLEAN) + return 1; + ++ if (be32_to_cpu(read_unaligned_member(md, bm_bytes_per_bit)) != BM_BLOCK_SIZE) ++ return 1; ++ + if (!is_zero_padded(member_ptr(md, padding_start), + member_ptr(md, padding_end))) + return 1; +@@ -201,6 +211,9 @@ static int probe_drbd_90(blkid_probe pr) + if (be32_to_cpu(md->magic) != DRBD_MD_MAGIC_09) + return 1; + ++ if (be32_to_cpu(read_unaligned_member(md, bm_bytes_per_bit)) != BM_BLOCK_SIZE) ++ return 1; ++ + if (!is_zero_padded(member_ptr(md, padding_start), + member_ptr(md, padding_end))) + return 1; +-- +2.33.0 + diff --git a/backport-libblkid-drbd-validate-zero-padding.patch b/backport-libblkid-drbd-validate-zero-padding.patch new file mode 100644 index 0000000000000000000000000000000000000000..659a4d0ae421c8b85bbd9474cea5006ddbac400a --- /dev/null +++ b/backport-libblkid-drbd-validate-zero-padding.patch @@ -0,0 +1,83 @@ +From 4ee2db2a221f6404f9fe9470da7c384a25cceea3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Fri, 12 Jan 2024 08:50:14 +0100 +Subject: [PATCH] libblkid: (drbd) validate zero padding +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This should reduce false-positives. + +See #2701. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/4ee2db2a221f6404f9fe9470da7c384a25cceea3 +Conflict:Context adapt +--- + libblkid/src/superblocks/drbd.c | 27 +++++++++++++++++++++------ + 1 file changed, 21 insertions(+), 6 deletions(-) + +diff --git a/libblkid/src/superblocks/drbd.c b/libblkid/src/superblocks/drbd.c +index f360186..1723229 100644 +--- a/libblkid/src/superblocks/drbd.c ++++ b/libblkid/src/superblocks/drbd.c +@@ -70,9 +70,8 @@ struct md_on_disk_08 { + uint32_t bm_bytes_per_bit; + uint32_t reserved_u32[4]; + +- /* Unnecessary for libblkid ** +- * char reserved[8 * 512 - (8*(UI_SIZE+3)+4*11)]; +- */ ++ unsigned char padding_start[0]; ++ unsigned char padding_end[0] __attribute__((aligned(4096))); + }; + + /* +@@ -118,11 +117,19 @@ struct meta_data_on_disk_9 { + struct peer_dev_md_on_disk_9 peers[DRBD_PEERS_MAX]; + uint64_t history_uuids[HISTORY_UUIDS]; + +- /* Unnecessary for libblkid ** +- * char padding[0] __attribute__((aligned(4096))); +- */ ++ unsigned char padding_start[0]; ++ unsigned char padding_end[0] __attribute__((aligned(4096))); + } __attribute__((packed)); + ++static int is_zero_padded(const unsigned char *padding_start, ++ const unsigned char *padding_end) ++{ ++ for (; padding_start < padding_end; padding_start++) { ++ if (*padding_start != 0) ++ return 0; ++ } ++ return 1; ++} + + static int probe_drbd_84(blkid_probe pr) + { +@@ -146,6 +153,10 @@ static int probe_drbd_84(blkid_probe pr) + be32_to_cpu(md->magic) != DRBD_MD_MAGIC_84_UNCLEAN) + return 1; + ++ if (!is_zero_padded(member_ptr(md, padding_start), ++ member_ptr(md, padding_end))) ++ return 1; ++ + /* + * DRBD does not have "real" uuids; the following resembles DRBD's + * notion of uuids (64 bit, see struct above) +@@ -190,6 +201,10 @@ static int probe_drbd_90(blkid_probe pr) + if (be32_to_cpu(md->magic) != DRBD_MD_MAGIC_09) + return 1; + ++ if (!is_zero_padded(member_ptr(md, padding_start), ++ member_ptr(md, padding_end))) ++ return 1; ++ + /* + * DRBD does not have "real" uuids; the following resembles DRBD's + * notion of uuids (64 bit, see struct above) +-- +2.33.0 + diff --git a/backport-libblkid-hfsplus-reduce-false-positive.patch b/backport-libblkid-hfsplus-reduce-false-positive.patch new file mode 100644 index 0000000000000000000000000000000000000000..fcf5ac278382169ae1352e7d78dea878d45336c3 --- /dev/null +++ b/backport-libblkid-hfsplus-reduce-false-positive.patch @@ -0,0 +1,61 @@ +From 9f492c4963bb1a003de400a9d1fc0872a3b213d3 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 10 Jan 2024 09:35:35 +0100 +Subject: [PATCH] libblkid: (hfsplus) reduce false positive + +Fixes: https://github.com/util-linux/util-linux/issues/2692 +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/9f492c4963bb1a003de400a9d1fc0872a3b213d3 +Conflict:NA +--- + libblkid/src/superblocks/hfs.c | 22 ++++++++++++++++------ + 1 file changed, 16 insertions(+), 6 deletions(-) + +diff --git a/libblkid/src/superblocks/hfs.c b/libblkid/src/superblocks/hfs.c +index 184c98e0d..5066827c0 100644 +--- a/libblkid/src/superblocks/hfs.c ++++ b/libblkid/src/superblocks/hfs.c +@@ -217,6 +217,10 @@ static int probe_hfsplus(blkid_probe pr, const struct blkid_idmag *mag) + return 1; + + alloc_block_size = be32_to_cpu(sbd->al_blk_size); ++ if (alloc_block_size < HFSPLUS_SECTOR_SIZE || ++ alloc_block_size % HFSPLUS_SECTOR_SIZE) ++ return 1; ++ + alloc_first_block = be16_to_cpu(sbd->al_bl_st); + embed_first_block = be16_to_cpu(sbd->embed_startblock); + off = (alloc_first_block * 512) + +@@ -238,17 +242,23 @@ static int probe_hfsplus(blkid_probe pr, const struct blkid_idmag *mag) + (memcmp(hfsplus->signature, "HX", 2) != 0)) + return 1; + +- hfs_set_uuid(pr, hfsplus->finder_info.id, sizeof(hfsplus->finder_info.id)); +- ++ /* Verify blocksize is initialized */ + blocksize = be32_to_cpu(hfsplus->blocksize); +- if (blocksize < HFSPLUS_SECTOR_SIZE) ++ if (blocksize < HFSPLUS_SECTOR_SIZE || !is_power_of_2(blocksize)) + return 1; + +- blkid_probe_set_fsblocksize(pr, blocksize); +- blkid_probe_set_block_size(pr, blocksize); +- ++ /* Save extends (hfsplus buffer may be later overwritten) */ + memcpy(extents, hfsplus->cat_file.extents, sizeof(extents)); ++ ++ /* Make sure start_block is properly initialized */ + cat_block = be32_to_cpu(extents[0].start_block); ++ if (off + ((uint64_t) cat_block * blocksize) > pr->size) ++ return 1; ++ ++ hfs_set_uuid(pr, hfsplus->finder_info.id, sizeof(hfsplus->finder_info.id)); ++ ++ blkid_probe_set_fsblocksize(pr, blocksize); ++ blkid_probe_set_block_size(pr, blocksize); + + buf = blkid_probe_get_buffer(pr, + off + ((uint64_t) cat_block * blocksize), 0x2000); +-- +2.33.0 + diff --git a/backport-libblkid-improve-debug-for-proc-partitions.patch b/backport-libblkid-improve-debug-for-proc-partitions.patch deleted file mode 100644 index 718444700b5f36c93c18249aa93be6dab4de4cda..0000000000000000000000000000000000000000 --- a/backport-libblkid-improve-debug-for-proc-partitions.patch +++ /dev/null @@ -1,75 +0,0 @@ -From e9131920485962f33bd32b492cb93078ee7a3c34 Mon Sep 17 00:00:00 2001 -From: Karel Zak -Date: Wed, 30 Sep 2020 11:37:09 +0200 -Subject: [PATCH] libblkid: improve debug for /proc/partitions - -Signed-off-by: Karel Zak ---- - libblkid/src/devname.c | 15 +++++++++------ - 1 file changed, 9 insertions(+), 6 deletions(-) - -diff --git a/libblkid/src/devname.c b/libblkid/src/devname.c -index c58b784..8f2d89a 100644 ---- a/libblkid/src/devname.c -+++ b/libblkid/src/devname.c -@@ -351,7 +351,7 @@ static void lvm_probe_all(blkid_cache cache, int only_if_new) - lv_name); - dev = lvm_get_devno(lvm_device); - sprintf(lvm_device, "%s/%s", vg_name, lv_name); -- DBG(DEVNAME, ul_debug("LVM dev %s: devno 0x%04X", -+ DBG(DEVNAME, ul_debug("Probe LVM dev %s: devno 0x%04X", - lvm_device, - (unsigned int) dev)); - probe_one(cache, lvm_device, dev, BLKID_PRI_LVM, -@@ -383,7 +383,7 @@ evms_probe_all(blkid_cache cache, int only_if_new) - &ma, &mi, &sz, device) != 4) - continue; - -- DBG(DEVNAME, ul_debug("Checking partition %s (%d, %d)", -+ DBG(DEVNAME, ul_debug("Probe EVMS partition %s (%d, %d)", - device, ma, mi)); - - probe_one(cache, device, makedev(ma, mi), BLKID_PRI_EVMS, -@@ -433,7 +433,7 @@ ubi_probe_all(blkid_cache cache, int only_if_new) - - if (!S_ISCHR(st.st_mode) || !minor(dev)) - continue; -- DBG(DEVNAME, ul_debug("UBI vol %s/%s: devno 0x%04X", -+ DBG(DEVNAME, ul_debug("Probe UBI vol %s/%s: devno 0x%04X", - *dirname, name, (int) dev)); - probe_one(cache, name, dev, BLKID_PRI_UBI, only_if_new, 0); - } -@@ -506,7 +506,7 @@ static int probe_all(blkid_cache cache, int only_if_new) - - /* probably partition, so check */ - if (!iswhole[which]) { -- DBG(DEVNAME, ul_debug(" partition dev %s, devno 0x%04X", -+ DBG(DEVNAME, ul_debug(" Probe partition dev %s, devno 0x%04X", - ptname, (unsigned int) devs[which])); - - if (sz > 1) -@@ -545,7 +545,7 @@ static int probe_all(blkid_cache cache, int only_if_new) - * check last as well. - */ - if (lens[last] && strncmp(ptnames[last], ptname, lens[last]) != 0) { -- DBG(DEVNAME, ul_debug(" whole dev %s, devno 0x%04X", -+ DBG(DEVNAME, ul_debug(" Probe whole dev %s, devno 0x%04X", - ptnames[last], (unsigned int) devs[last])); - probe_one(cache, ptnames[last], devs[last], 0, - only_if_new, 0); -@@ -555,8 +555,11 @@ static int probe_all(blkid_cache cache, int only_if_new) - } - - /* Handle the last device if it wasn't partitioned */ -- if (lens[which]) -+ if (lens[which]) { -+ DBG(DEVNAME, ul_debug(" Probe whole dev %s, devno 0x%04X", -+ ptname, (unsigned int) devs[which])); - probe_one(cache, ptname, devs[which], 0, only_if_new, 0); -+ } - - fclose(proc); - blkid_flush_cache(cache); --- -1.8.3.1 - diff --git a/backport-libblkid-ntfs-validate-that-sector_size-is-a-power-o.patch b/backport-libblkid-ntfs-validate-that-sector_size-is-a-power-o.patch new file mode 100644 index 0000000000000000000000000000000000000000..400ce0a3c66b24f394cc437e7e9f4c57d9c0089c --- /dev/null +++ b/backport-libblkid-ntfs-validate-that-sector_size-is-a-power-o.patch @@ -0,0 +1,42 @@ +From 0cf52fc4a03db3c59ad31bde4e9a28b5642086dc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Tue, 26 Sep 2023 00:27:22 +0200 +Subject: [PATCH] libblkid: (ntfs) validate that sector_size is a power of two +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The NTFS prober reads data based off an offset of the sector size. +If the sector size is unaligned and the read data is cached then other +probers can read unaligned values. + +Sector sizes for NTFS actually only make sense as power-of-two so +validate that and as a sideeffect avoid the unaligned reads. + +Also add the reproducer from OSS-Fuzz that found this issue. + +Fixes #2509 + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/0cf52fc4a03db3c59ad31bde4e9a28b5642086dc +Conflict:NA +--- + libblkid/src/superblocks/ntfs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libblkid/src/superblocks/ntfs.c b/libblkid/src/superblocks/ntfs.c +index dced699..0c4f297 100644 +--- a/libblkid/src/superblocks/ntfs.c ++++ b/libblkid/src/superblocks/ntfs.c +@@ -97,7 +97,7 @@ static int __probe_ntfs(blkid_probe pr, const struct blkid_idmag *mag, int save_ + */ + sector_size = le16_to_cpu(ns->bpb.sector_size); + +- if (sector_size < 256 || sector_size > 4096) ++ if (sector_size < 256 || sector_size > 4096 || !is_power_of_2(sector_size)) + return 1; + + switch (ns->bpb.sectors_per_cluster) { +-- +2.33.0 + diff --git a/backport-libblkid-probe-read-data-in-chunks.patch b/backport-libblkid-probe-read-data-in-chunks.patch new file mode 100644 index 0000000000000000000000000000000000000000..6b970e2f9a3a3b275f17da0279607d4e9cf46df0 --- /dev/null +++ b/backport-libblkid-probe-read-data-in-chunks.patch @@ -0,0 +1,121 @@ +From 8a534253bc52f453db21af02299efacd12f40fda Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sat, 30 Sep 2023 23:59:44 +0200 +Subject: [PATCH] libblkid: (probe) read data in chunks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/8a534253bc52f453db21af02299efacd12f40fda +Conflict:context adapt +--- + libblkid/src/blkidP.h | 1 + + libblkid/src/probe.c | 39 ++++++++++++++++++++++++++++++++++----- + 2 files changed, 35 insertions(+), 5 deletions(-) + +diff --git a/libblkid/src/blkidP.h b/libblkid/src/blkidP.h +index 007cc35..00ca5a9 100644 +--- a/libblkid/src/blkidP.h ++++ b/libblkid/src/blkidP.h +@@ -205,6 +205,7 @@ struct blkid_struct_probe + int fd; /* device file descriptor */ + uint64_t off; /* begin of data on the device */ + uint64_t size; /* end of data on the device */ ++ uint64_t io_size; /* optimal size of IO */ + + dev_t devno; /* device number (st.st_rdev) */ + dev_t disk_devno; /* devno of the whole-disk or 0 */ +diff --git a/libblkid/src/probe.c b/libblkid/src/probe.c +index b429949..da153e9 100644 +--- a/libblkid/src/probe.c ++++ b/libblkid/src/probe.c +@@ -182,6 +182,7 @@ blkid_probe blkid_clone_probe(blkid_probe parent) + pr->fd = parent->fd; + pr->off = parent->off; + pr->size = parent->size; ++ pr->io_size = parent->io_size; + pr->devno = parent->devno; + pr->disk_devno = parent->disk_devno; + pr->blkssz = parent->blkssz; +@@ -672,13 +673,21 @@ static int hide_buffer(blkid_probe pr, uint64_t off, uint64_t len) + unsigned char *blkid_probe_get_buffer(blkid_probe pr, uint64_t off, uint64_t len) + { + struct blkid_bufinfo *bf = NULL; +- uint64_t real_off = pr->off + off; ++ uint64_t real_off, bias; ++ ++ bias = off % pr->io_size; ++ off -= bias; ++ len += bias; ++ if (len % pr->io_size) ++ len += pr->io_size - (len % pr->io_size); ++ ++ real_off = pr->off + off; + + /* + DBG(BUFFER, ul_debug("\t>>>> off=%ju, real-off=%ju (probe <%ju..%ju>, len=%ju", + off, real_off, pr->off, pr->off + pr->size, len)); + */ +- if (pr->size == 0) { ++ if (pr->size == 0 || pr->io_size == 0) { + errno = EINVAL; + return NULL; + } +@@ -725,7 +734,7 @@ unsigned char *blkid_probe_get_buffer(blkid_probe pr, uint64_t off, uint64_t len + assert(bf->off + bf->len >= real_off + len); + + errno = 0; +- return real_off ? bf->data + (real_off - bf->off) : bf->data; ++ return real_off ? bf->data + (real_off - bf->off + bias) : bf->data + bias; + } + + /** +@@ -891,6 +900,22 @@ failed: + + #endif + ++static uint64_t blkid_get_io_size(int fd) ++{ ++ static const int ioctls[] = { BLKIOOPT, BLKIOMIN, BLKBSZGET }; ++ unsigned int s; ++ size_t i; ++ int r; ++ ++ for (i = 0; i < ARRAY_SIZE(ioctls); i++) { ++ r = ioctl(fd, ioctls[i], &s); ++ if (r == 0 && is_power_of_2(s) && s >= DEFAULT_SECTOR_SIZE) ++ return min(s, 1U << 16); ++ } ++ ++ return DEFAULT_SECTOR_SIZE; ++} ++ + /** + * blkid_probe_set_device: + * @pr: probe +@@ -934,6 +959,7 @@ int blkid_probe_set_device(blkid_probe pr, int fd, + pr->fd = fd; + pr->off = (uint64_t) off; + pr->size = 0; ++ pr->io_size = DEFAULT_SECTOR_SIZE; + pr->devno = 0; + pr->disk_devno = 0; + pr->mode = 0; +@@ -1097,8 +1123,11 @@ int blkid_probe_set_device(blkid_probe pr, int fd, + } + # endif + +- DBG(LOWPROBE, ul_debug("ready for low-probing, offset=%"PRIu64", size=%"PRIu64", zonesize=%"PRIu64, +- pr->off, pr->size, pr->zone_size)); ++ if (S_ISBLK(sb.st_mode) && !is_floppy && !blkid_probe_is_tiny(pr)) ++ pr->io_size = blkid_get_io_size(fd); ++ ++ DBG(LOWPROBE, ul_debug("ready for low-probing, offset=%"PRIu64", size=%"PRIu64", zonesize=%"PRIu64", iosize=%"PRIu64, ++ pr->off, pr->size, pr->zone_size, pr->io_size)); + DBG(LOWPROBE, ul_debug("whole-disk: %s, regfile: %s", + blkid_probe_is_wholedisk(pr) ?"YES" : "NO", + S_ISREG(pr->mode) ? "YES" : "NO")); +-- +2.33.0 + diff --git a/backport-libblkid-reset-errno-before-calling-probefuncs.patch b/backport-libblkid-reset-errno-before-calling-probefuncs.patch new file mode 100644 index 0000000000000000000000000000000000000000..4ed7951c914bc99dde54a7ece6ab2c98c0664e25 --- /dev/null +++ b/backport-libblkid-reset-errno-before-calling-probefuncs.patch @@ -0,0 +1,60 @@ +From 4bc69757312cad09f0cd9dc0c04f483a76176203 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Mon, 2 Oct 2023 22:24:21 +0200 +Subject: [PATCH] libblkid: reset errno before calling probefuncs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The probers optionally use errno to communicate error details. +When a leftover errno is set from libblkid internally this can confuse +the probers. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/4bc69757312cad09f0cd9dc0c04f483a76176203 +Conflict:NA +--- + libblkid/src/partitions/partitions.c | 1 + + libblkid/src/superblocks/superblocks.c | 1 + + libblkid/src/topology/topology.c | 1 + + 3 files changed, 3 insertions(+) + +diff --git a/libblkid/src/partitions/partitions.c b/libblkid/src/partitions/partitions.c +index 0e38cf4..38ec8df 100644 +--- a/libblkid/src/partitions/partitions.c ++++ b/libblkid/src/partitions/partitions.c +@@ -555,6 +555,7 @@ static int idinfo_probe(blkid_probe pr, const struct blkid_idinfo *id, + if (id->probefunc) { + DBG(LOWPROBE, ul_debug( + "%s: ---> call probefunc()", id->name)); ++ errno = 0; + rc = id->probefunc(pr, mag); + if (rc < 0) { + /* reset after error */ +diff --git a/libblkid/src/superblocks/superblocks.c b/libblkid/src/superblocks/superblocks.c +index f213655..09ac45e 100644 +--- a/libblkid/src/superblocks/superblocks.c ++++ b/libblkid/src/superblocks/superblocks.c +@@ -410,6 +410,7 @@ static int superblocks_probe(blkid_probe pr, struct blkid_chain *chn) + /* final check by probing function */ + if (id->probefunc) { + DBG(LOWPROBE, ul_debug("\tcall probefunc()")); ++ errno = 0; + rc = id->probefunc(pr, mag); + if (rc != BLKID_PROBE_OK) { + blkid_probe_chain_reset_values(pr, chn); +diff --git a/libblkid/src/topology/topology.c b/libblkid/src/topology/topology.c +index 53007d1..e8b9ba8 100644 +--- a/libblkid/src/topology/topology.c ++++ b/libblkid/src/topology/topology.c +@@ -180,6 +180,7 @@ static int topology_probe(blkid_probe pr, struct blkid_chain *chn) + + if (id->probefunc) { + DBG(LOWPROBE, ul_debug("%s: call probefunc()", id->name)); ++ errno = 0; + if (id->probefunc(pr, NULL) != 0) + continue; + } +-- +2.33.0 + diff --git a/backport-libblkid-use-sys-to-read-all-block-devices.patch b/backport-libblkid-use-sys-to-read-all-block-devices.patch deleted file mode 100644 index 4eea71c0b805131a5c179411895ccf71e236d7a7..0000000000000000000000000000000000000000 --- a/backport-libblkid-use-sys-to-read-all-block-devices.patch +++ /dev/null @@ -1,414 +0,0 @@ -From 8d3f9430c59416e4c1eddc899578158a7a1ed414 Mon Sep 17 00:00:00 2001 -From: Karel Zak -Date: Wed, 7 Oct 2020 13:49:45 +0200 -Subject: [PATCH] libblkid: use /sys to read all block devices - -The old implementation uses /proc/partitions where devices are -filtered by kernel (missing devices with ext_range=1 and removable -devices). - -The problem with the old implementation is whole-disk heuristic based -on device name, order of devices, etc. - -The new implementation use the same code to read also removable -devices. - -Addresses: https://github.com/karelzak/util-linux/issues/1151 -Signed-off-by: Karel Zak ---- - lib/sysfs.c | 36 +++++--- - libblkid/src/blkidP.h | 2 +- - libblkid/src/devname.c | 235 +++++++++++++++++++++---------------------------- - 3 files changed, 128 insertions(+), 145 deletions(-) - -diff --git a/lib/sysfs.c b/lib/sysfs.c -index 5b4de2c..0c360ce 100644 ---- a/lib/sysfs.c -+++ b/lib/sysfs.c -@@ -874,7 +874,7 @@ int sysfs_devname_is_hidden(const char *prefix, const char *name) - dev_t __sysfs_devname_to_devno(const char *prefix, const char *name, const char *parent) - { - char buf[PATH_MAX]; -- char *_name = NULL; /* name as encoded in sysfs */ -+ char *_name = NULL, *_parent = NULL; /* name as encoded in sysfs */ - dev_t dev = 0; - int len; - -@@ -901,19 +901,20 @@ dev_t __sysfs_devname_to_devno(const char *prefix, const char *name, const char - goto done; - sysfs_devname_dev_to_sys(_name); - -- if (parent && strncmp("dm-", name, 3) != 0) { -- /* -- * Create path to /sys/block///dev -- */ -- char *_parent = strdup(parent); -- -+ if (parent) { -+ _parent = strdup(parent); - if (!_parent) - goto done; -+ } -+ -+ if (parent && strncmp("dm-", name, 3) != 0) { -+ /* -+ * Create path to /sys/block///dev -+ */ - sysfs_devname_dev_to_sys(_parent); - len = snprintf(buf, sizeof(buf), - "%s" _PATH_SYS_BLOCK "/%s/%s/dev", - prefix, _parent, _name); -- free(_parent); - if (len < 0 || (size_t) len >= sizeof(buf)) - goto done; - -@@ -934,10 +935,22 @@ dev_t __sysfs_devname_to_devno(const char *prefix, const char *name, const char - goto done; - dev = read_devno(buf); - -+ /* -+ * Read from /sys/block///dev -+ */ -+ if (!dev && parent && startswith(name, parent)) { -+ len = snprintf(buf, sizeof(buf), -+ "%s" _PATH_SYS_BLOCK "/%s/%s/dev", -+ prefix, _parent, _name); -+ if (len < 0 || (size_t) len >= sizeof(buf)) -+ goto done; -+ dev = read_devno(buf); -+ } -+ -+ /* -+ * Read from /sys/block//device/dev -+ */ - if (!dev) { -- /* -- * Read from /sys/block//device/dev -- */ - len = snprintf(buf, sizeof(buf), - "%s" _PATH_SYS_BLOCK "/%s/device/dev", - prefix, _name); -@@ -947,6 +960,7 @@ dev_t __sysfs_devname_to_devno(const char *prefix, const char *name, const char - } - done: - free(_name); -+ free(_parent); - return dev; - } - -diff --git a/libblkid/src/blkidP.h b/libblkid/src/blkidP.h -index 802a1b3..fe3736f 100644 ---- a/libblkid/src/blkidP.h -+++ b/libblkid/src/blkidP.h -@@ -301,7 +301,7 @@ struct blkid_struct_cache - #define BLKID_PROBE_NONE 1 - - #define BLKID_ERR_IO 5 --#define BLKID_ERR_PROC 9 -+#define BLKID_ERR_SYSFS 9 - #define BLKID_ERR_MEM 12 - #define BLKID_ERR_CACHE 14 - #define BLKID_ERR_DEV 19 -diff --git a/libblkid/src/devname.c b/libblkid/src/devname.c -index 8f2d89a..4b9df5a 100644 ---- a/libblkid/src/devname.c -+++ b/libblkid/src/devname.c -@@ -39,6 +39,7 @@ - #include "canonicalize.h" /* $(top_srcdir)/include */ - #include "pathnames.h" - #include "sysfs.h" -+#include "fileutils.h" - - /* - * Find a dev struct in the cache by device name, if available. -@@ -442,178 +443,146 @@ ubi_probe_all(blkid_cache cache, int only_if_new) - } - - /* -- * Read the device data for all available block devices in the system. -+ * This function uses /sys to read all block devices in way compatible with -+ * /proc/partitions (like the original libblkid implementation) - */ --static int probe_all(blkid_cache cache, int only_if_new) -+static int -+sysfs_probe_all(blkid_cache cache, int only_if_new, int only_removable) - { -- FILE *proc; -- char line[1024]; -- char ptname0[128 + 1], ptname1[128 + 1], *ptname = NULL; -- char *ptnames[2]; -- dev_t devs[2] = { 0, 0 }; -- int iswhole[2] = { 0, 0 }; -- int ma, mi; -- unsigned long long sz; -- int lens[2] = { 0, 0 }; -- int which = 0, last = 0; -- struct list_head *p, *pnext; -+ DIR *sysfs; -+ struct dirent *dev; - -- ptnames[0] = ptname0; -- ptnames[1] = ptname1; -+ sysfs = opendir(_PATH_SYS_BLOCK); -+ if (!sysfs) -+ return -BLKID_ERR_SYSFS; - -- if (!cache) -- return -BLKID_ERR_PARAM; -+ /* scan /sys/block */ -+ while ((dev = xreaddir(sysfs))) { -+ DIR *dir = NULL; -+ dev_t devno; -+ size_t nparts = 0; -+ unsigned int maxparts = 0, removable = 0; -+ struct dirent *part; -+ struct path_cxt *pc = NULL; -+ uint64_t size = 0; - -- if (cache->bic_flags & BLKID_BIC_FL_PROBED && -- time(NULL) - cache->bic_time < BLKID_PROBE_INTERVAL) -- return 0; -+ DBG(DEVNAME, ul_debug("checking %s", dev->d_name)); - -- blkid_read_cache(cache); -- evms_probe_all(cache, only_if_new); --#ifdef VG_DIR -- lvm_probe_all(cache, only_if_new); --#endif -- ubi_probe_all(cache, only_if_new); -+ devno = sysfs_devname_to_devno(dev->d_name); -+ if (!devno) -+ goto next; -+ pc = ul_new_sysfs_path(devno, NULL, NULL); -+ if (!pc) -+ goto next; -+ -+ if (ul_path_read_u64(pc, &size, "size") != 0) -+ size = 0; -+ if (ul_path_read_u32(pc, &removable, "removable") != 0) -+ removable = 0; -+ -+ /* ingnore empty devices */ -+ if (!size) -+ goto next; -+ -+ /* accept removeable if only removable requested */ -+ if (only_removable) { -+ if (!removable) -+ goto next; -+ -+ /* emulate /proc/partitions -+ * -- ignore empty devices and non-partitionable removable devices */ -+ } else { -+ if (ul_path_read_u32(pc, &maxparts, "ext_range") != 0) -+ maxparts = 0; -+ if (!maxparts && removable) -+ goto next; -+ } - -- proc = fopen(PROC_PARTITIONS, "r" UL_CLOEXECSTR); -- if (!proc) -- return -BLKID_ERR_PROC; -+ DBG(DEVNAME, ul_debug("read device name %s", dev->d_name)); - -- while (fgets(line, sizeof(line), proc)) { -- last = which; -- which ^= 1; -- ptname = ptnames[which]; -+ dir = ul_path_opendir(pc, NULL); -+ if (!dir) -+ goto next; - -- if (sscanf(line, " %d %d %llu %128[^\n ]", -- &ma, &mi, &sz, ptname) != 4) -- continue; -- devs[which] = makedev(ma, mi); -- -- DBG(DEVNAME, ul_debug("read device name %s", ptname)); -- -- /* Skip whole disk devs unless they have no partitions. -- * If base name of device has changed, also -- * check previous dev to see if it didn't have a partn. -- * heuristic: partition name ends in a digit, & partition -- * names contain whole device name as substring. -- * -- * Skip extended partitions. -- * heuristic: size is 1 -- */ -+ /* read /sys/block// do get partitions */ -+ while ((part = xreaddir(dir))) { -+ dev_t partno; - -- lens[which] = strlen(ptname); -- iswhole[which] = sysfs_devno_is_wholedisk(devs[which]); -+ if (!sysfs_blkdev_is_partition_dirent(dir, part, dev->d_name)) -+ continue; - -- /* probably partition, so check */ -- if (!iswhole[which]) { -- DBG(DEVNAME, ul_debug(" Probe partition dev %s, devno 0x%04X", -- ptname, (unsigned int) devs[which])); -+ /* ignore extended partitions -+ * -- recount size to blocks like /proc/partitions */ -+ if (ul_path_readf_u64(pc, &size, "%s/size", part->d_name) == 0 -+ && (size >> 1) == 1) -+ continue; -+ partno = __sysfs_devname_to_devno(NULL, part->d_name, dev->d_name); -+ if (!partno) -+ continue; - -- if (sz > 1) -- probe_one(cache, ptname, devs[which], 0, -- only_if_new, 0); -- lens[which] = 0; /* mark as checked */ -+ DBG(DEVNAME, ul_debug(" Probe partition dev %s, devno 0x%04X", -+ part->d_name, (unsigned int) partno)); -+ nparts++; -+ probe_one(cache, part->d_name, partno, 0, only_if_new, 0); - } - -- /* -- * If last was a whole disk and we just found a partition -- * on it, remove the whole-disk dev from the cache if -- * it exists. -- */ -- if (lens[last] && iswhole[last] -- && !strncmp(ptnames[last], ptname, lens[last])) { -+ if (!nparts) { -+ /* add non-partitioned whole disk to cache */ -+ DBG(DEVNAME, ul_debug(" Probe whole dev %s, devno 0x%04X", -+ dev->d_name, (unsigned int) devno)); -+ probe_one(cache, dev->d_name, devno, 0, only_if_new, 0); -+ } else { -+ /* remove partitioned whole-disk from cache */ -+ struct list_head *p, *pnext; - - list_for_each_safe(p, pnext, &cache->bic_devs) { -- blkid_dev tmp; -- -- /* find blkid dev for the whole-disk devno */ -- tmp = list_entry(p, struct blkid_struct_dev, -- bid_devs); -- if (tmp->bid_devno == devs[last]) { -- DBG(DEVNAME, ul_debug(" freeing %s", -- tmp->bid_name)); -+ blkid_dev tmp = list_entry(p, struct blkid_struct_dev, -+ bid_devs); -+ if (tmp->bid_devno == devno) { -+ DBG(DEVNAME, ul_debug(" freeing %s", tmp->bid_name)); - blkid_free_dev(tmp); - cache->bic_flags |= BLKID_BIC_FL_CHANGED; - break; - } - } -- lens[last] = 0; /* mark as checked */ -- } -- /* -- * If last was not checked because it looked like a whole-disk -- * dev, and the device's base name has changed, -- * check last as well. -- */ -- if (lens[last] && strncmp(ptnames[last], ptname, lens[last]) != 0) { -- DBG(DEVNAME, ul_debug(" Probe whole dev %s, devno 0x%04X", -- ptnames[last], (unsigned int) devs[last])); -- probe_one(cache, ptnames[last], devs[last], 0, -- only_if_new, 0); -- -- lens[last] = 0; /* mark as checked */ - } -+ next: -+ if (dir) -+ closedir(dir); -+ if (pc) -+ ul_unref_path(pc); - } - -- /* Handle the last device if it wasn't partitioned */ -- if (lens[which]) { -- DBG(DEVNAME, ul_debug(" Probe whole dev %s, devno 0x%04X", -- ptname, (unsigned int) devs[which])); -- probe_one(cache, ptname, devs[which], 0, only_if_new, 0); -- } -- -- fclose(proc); -- blkid_flush_cache(cache); -+ closedir(sysfs); - return 0; - } - --/* Don't use it by default -- it's pretty slow (because cdroms, floppy, ...) -+/* -+ * Read the device data for all available block devices in the system. - */ --static int probe_all_removable(blkid_cache cache) -+static int probe_all(blkid_cache cache, int only_if_new) - { -- struct path_cxt *pc; -- DIR *dir; -- struct dirent *d; -- - if (!cache) - return -BLKID_ERR_PARAM; - -- dir = opendir(_PATH_SYS_BLOCK); -- if (!dir) -- return -BLKID_ERR_PROC; -- -- pc = ul_new_path(NULL); -+ if (cache->bic_flags & BLKID_BIC_FL_PROBED && -+ time(NULL) - cache->bic_time < BLKID_PROBE_INTERVAL) -+ return 0; - -- while((d = readdir(dir))) { -- int removable = 0; -- dev_t devno; -+ blkid_read_cache(cache); - --#ifdef _DIRENT_HAVE_D_TYPE -- if (d->d_type != DT_UNKNOWN && d->d_type != DT_LNK) -- continue; -+ evms_probe_all(cache, only_if_new); -+#ifdef VG_DIR -+ lvm_probe_all(cache, only_if_new); - #endif -- if (d->d_name[0] == '.' && -- ((d->d_name[1] == 0) || -- ((d->d_name[1] == '.') && (d->d_name[2] == 0)))) -- continue; -- -- devno = sysfs_devname_to_devno(d->d_name); -- if (!devno) -- continue; -- -- if (sysfs_blkdev_init_path(pc, devno, NULL) == 0 -- && ul_path_read_s32(pc, &removable, "removable") != 0) -- removable = 0; -+ ubi_probe_all(cache, only_if_new); - -- if (removable) -- probe_one(cache, d->d_name, devno, 0, 0, 1); -- } -+ sysfs_probe_all(cache, only_if_new, 0); - -- ul_unref_path(pc); -- closedir(dir); -+ blkid_flush_cache(cache); - return 0; - } - -- - /** - * blkid_probe_all: - * @cache: cache handler -@@ -677,7 +646,7 @@ int blkid_probe_all_removable(blkid_cache cache) - int ret; - - DBG(PROBE, ul_debug("Begin blkid_probe_all_removable()")); -- ret = probe_all_removable(cache); -+ ret = sysfs_probe_all(cache, 0, 1); - DBG(PROBE, ul_debug("End blkid_probe_all_removable() [rc=%d]", ret)); - return ret; - } --- -1.8.3.1 - diff --git a/backport-libfdisk-make-fdisk_partname-more-robust.patch b/backport-libfdisk-make-fdisk_partname-more-robust.patch deleted file mode 100644 index 89990e86973820441eb087cf0de6a6553ab1a3f6..0000000000000000000000000000000000000000 --- a/backport-libfdisk-make-fdisk_partname-more-robust.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 9f03ad60e58f7bdcac6a1046471a3374550ee384 Mon Sep 17 00:00:00 2001 -From: Karel Zak -Date: Thu, 13 Aug 2020 10:12:01 +0200 -Subject: [PATCH] libfdisk: make fdisk_partname() more robust - ---- - libfdisk/src/utils.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libfdisk/src/utils.c b/libfdisk/src/utils.c -index 6056e7f1f..38ad23393 100644 ---- a/libfdisk/src/utils.c -+++ b/libfdisk/src/utils.c -@@ -142,7 +142,7 @@ char *fdisk_partname(const char *dev, size_t partno) - - /* devfs kludge - note: fdisk partition names are not supposed - to equal kernel names, so there is no reason to do this */ -- if (strcmp(dev + w - 4, "disc") == 0) { -+ if (endswith(dev, "disc")) { - w -= 4; - p = "part"; - } diff --git a/backport-libfdisk-sun-properly-initialize-partition-data.patch b/backport-libfdisk-sun-properly-initialize-partition-data.patch new file mode 100644 index 0000000000000000000000000000000000000000..7afe44c8bca86fcd50d6e9e22107b70bf48acd99 --- /dev/null +++ b/backport-libfdisk-sun-properly-initialize-partition-data.patch @@ -0,0 +1,33 @@ +From 5672ba4fb56cce00615b235210d3801a0353c42f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Sun, 24 Dec 2023 13:32:56 +0100 +Subject: [PATCH] libfdisk: (sun) properly initialize partition data +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/5672ba4fb56cce00615b235210d3801a0353c42f +Conflict:NA +--- + libfdisk/src/sun.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/libfdisk/src/sun.c b/libfdisk/src/sun.c +index dde9750a0..66fd22380 100644 +--- a/libfdisk/src/sun.c ++++ b/libfdisk/src/sun.c +@@ -383,6 +383,10 @@ static void fetch_sun(struct fdisk_context *cxt, + lens[i] = 0; + } + } ++ for (i = cxt->label->nparts_max; i < SUN_MAXPARTITIONS; i++) { ++ starts[i] = 0; ++ lens[i] = 0; ++ } + } + + /* non-Linux qsort_r(3) has usually differently ordered arguments */ +-- +2.33.0 + diff --git a/backport-libmount-Fix-atime-remount-for-new-API.patch b/backport-libmount-Fix-atime-remount-for-new-API.patch new file mode 100644 index 0000000000000000000000000000000000000000..b1a9650f212b8ff20276a91bf9d79a323898a78c --- /dev/null +++ b/backport-libmount-Fix-atime-remount-for-new-API.patch @@ -0,0 +1,85 @@ +From 46eed8e1649cb8446d4c051ad1f1821cf3adca1a Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 14 May 2024 11:58:20 +0200 +Subject: [PATCH] libmount: Fix atime remount for new API + +All atime settings are mutually exclusive, and the attr_set mask for +the mount_setattr() syscall cannot contain multiple MOUNT_ATTR_ atime +related options. + +Unfortunately, during a remount, the list of options is composed of +both old and new options. In this case, libmount sets more atime +options to the mask. The correct behavior is to use the last atime +related option from the list. + +Fixes: https://github.com/util-linux/util-linux/issues/3032 +Signed-off-by: Karel Zak +--- + libmount/src/optlist.c | 33 +++++++++++++++++++++------------ + 1 file changed, 21 insertions(+), 12 deletions(-) + +diff --git a/libmount/src/optlist.c b/libmount/src/optlist.c +index 476acfd65..e32489627 100644 +--- a/libmount/src/optlist.c ++++ b/libmount/src/optlist.c +@@ -837,6 +837,7 @@ int mnt_optlist_get_attrs(struct libmnt_optlist *ls, uint64_t *set, uint64_t *cl + struct libmnt_iter itr; + struct libmnt_opt *opt; + uint64_t remount_reset = 0; ++ uint64_t atime_set = 0; + + if (!ls || !ls->linux_map || !set || !clr) + return -EINVAL; +@@ -879,29 +880,37 @@ int mnt_optlist_get_attrs(struct libmnt_optlist *ls, uint64_t *set, uint64_t *cl + remount_reset &= ~x; + + if (opt->ent->mask & MNT_INVERT) { +- DBG(OPTLIST, ul_debugobj(ls, " clr: %s", opt->ent->name)); +- /* +- * All atime settings are mutually exclusive so *clr must +- * have MOUNT_ATTR__ATIME set. +- * +- * See the function fs/namespace.c:build_mount_kattr() +- * in the linux kernel source. +- */ ++ DBG(OPTLIST, ul_debugobj(ls, " clr: %s 0x%08" PRIx64, ++ opt->ent->name, x)); ++ + if (x == MOUNT_ATTR_RELATIME || x == MOUNT_ATTR_NOATIME || + x == MOUNT_ATTR_STRICTATIME) + *clr |= MOUNT_ATTR__ATIME; + else + *clr |= x; + } else { +- DBG(OPTLIST, ul_debugobj(ls, " set: %s", opt->ent->name)); +- *set |= x; +- + if (x == MOUNT_ATTR_RELATIME || x == MOUNT_ATTR_NOATIME || +- x == MOUNT_ATTR_STRICTATIME) ++ x == MOUNT_ATTR_STRICTATIME) { ++ /* All atime settings are mutually exclusive, ++ * the last option wins and MOUNT_ATTR__ATIME ++ * is required in clr mask. ++ */ ++ DBG(OPTLIST, ul_debugobj(ls, " atime: %s 0x%08" PRIx64, ++ opt->ent->name, x)); + *clr |= MOUNT_ATTR__ATIME; ++ atime_set = x; ++ } else { ++ DBG(OPTLIST, ul_debugobj(ls, " set: %s 0x%08" PRIx64, ++ opt->ent->name, x)); ++ *set |= x; ++ } + } + } + ++ if (atime_set) { ++ DBG(OPTLIST, ul_debugobj(ls, " set atime 0x%08" PRIx64, atime_set)); ++ *set |= atime_set; ++ } + if (remount_reset) + *clr |= remount_reset; + +-- +2.33.0 + diff --git a/backport-libmount-Fix-regression-when-mounting-with-atime.patch b/backport-libmount-Fix-regression-when-mounting-with-atime.patch new file mode 100644 index 0000000000000000000000000000000000000000..129a6413b9d1c631a5302eeb8ca758fbdead438e --- /dev/null +++ b/backport-libmount-Fix-regression-when-mounting-with-atime.patch @@ -0,0 +1,133 @@ +From 2b99ee2526ae61be761b0e31c50e106dbec5e9e4 Mon Sep 17 00:00:00 2001 +From: Filipe Manana +Date: Thu, 17 Aug 2023 10:20:13 +0100 +Subject: [PATCH] libmount: Fix regression when mounting with atime + +A regression was introduced in v2.39 that causes mounting with the atime +option to fail: + + $ mkfs.ext4 -F /dev/sdi + $ mount -o atime /dev/sdi /mnt/sdi + mount: /mnt/sdi: not mount point or bad option. + dmesg(1) may have more information after failed mount system call. + +The failure comes from the mount_setattr(2) call returning -EINVAL. This +is because we pass an invalid value for the attr_clr argument. From a +strace capture we have: + + mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=0, attr_clr=MOUNT_ATTR_NOATIME, propagation=0 /* MS_??? */, userns_fd=0}, 32) = -1 EINVAL (Invalid argument) + +We can't pass MOUNT_ATTR_NOATIME to mount_setattr(2) through the attr_clr +argument because all atime options are exclusive, so in order to set atime +one has to pass MOUNT_ATTR__ATIME to attr_clr and leave attr_set as +MOUNT_ATTR_RELATIME (which is defined as a value of 0). + +This can be read from the man page for mount_setattr(2) and also from the +kernel source: + + $ cat fs/namespace.c + static int build_mount_kattr(const struct mount_attr *attr, size_t usize, + struct mount_kattr *kattr, unsigned int flags) + { + (...) + /* + * Since the MOUNT_ATTR_ values are an enum, not a bitmap, + * users wanting to transition to a different atime setting cannot + * simply specify the atime setting in @attr_set, but must also + * specify MOUNT_ATTR__ATIME in the @attr_clr field. + * So ensure that MOUNT_ATTR__ATIME can't be partially set in + * @attr_clr and that @attr_set can't have any atime bits set if + * MOUNT_ATTR__ATIME isn't set in @attr_clr. + */ + if (attr->attr_clr & MOUNT_ATTR__ATIME) { + if ((attr->attr_clr & MOUNT_ATTR__ATIME) != MOUNT_ATTR__ATIME) + return -EINVAL; + + /* + * Clear all previous time settings as they are mutually + * exclusive. + */ + kattr->attr_clr |= MNT_RELATIME | MNT_NOATIME; + switch (attr->attr_set & MOUNT_ATTR__ATIME) { + case MOUNT_ATTR_RELATIME: + kattr->attr_set |= MNT_RELATIME; + break; + case MOUNT_ATTR_NOATIME: + kattr->attr_set |= MNT_NOATIME; + break; + case MOUNT_ATTR_STRICTATIME: + break; + default: + return -EINVAL; + } + (...) + +So fix this by setting attr_clr MOUNT_ATTR__ATIME if we want to clear any +atime related option. + +Signed-off-by: Filipe Manana +--- + libmount/src/optlist.c | 13 ++++++++++++- + tests/expected/libmount/context-mount-flags | 3 +++ + tests/ts/libmount/context | 9 ++++++++- + 3 files changed, 23 insertions(+), 2 deletions(-) + +diff --git a/libmount/src/optlist.c b/libmount/src/optlist.c +index e93810b47..d0afc94f7 100644 +--- a/libmount/src/optlist.c ++++ b/libmount/src/optlist.c +@@ -875,7 +875,18 @@ int mnt_optlist_get_attrs(struct libmnt_optlist *ls, uint64_t *set, uint64_t *cl + + if (opt->ent->mask & MNT_INVERT) { + DBG(OPTLIST, ul_debugobj(ls, " clr: %s", opt->ent->name)); +- *clr |= x; ++ /* ++ * All atime settings are mutually exclusive so *clr must ++ * have MOUNT_ATTR__ATIME set. ++ * ++ * See the function fs/namespace.c:build_mount_kattr() ++ * in the linux kernel source. ++ */ ++ if (x == MOUNT_ATTR_RELATIME || x == MOUNT_ATTR_NOATIME || ++ x == MOUNT_ATTR_STRICTATIME) ++ *clr |= MOUNT_ATTR__ATIME; ++ else ++ *clr |= x; + } else { + DBG(OPTLIST, ul_debugobj(ls, " set: %s", opt->ent->name)); + *set |= x; +diff --git a/tests/expected/libmount/context-mount-flags b/tests/expected/libmount/context-mount-flags +index 960641863..eb71323dd 100644 +--- a/tests/expected/libmount/context-mount-flags ++++ b/tests/expected/libmount/context-mount-flags +@@ -3,3 +3,6 @@ ro,nosuid,noexec + successfully mounted + rw,nosuid,noexec + successfully umounted ++successfully mounted ++rw,relatime ++successfully umounted +diff --git a/tests/ts/libmount/context b/tests/ts/libmount/context +index f5b47185e..a5d2e81a3 100755 +--- a/tests/ts/libmount/context ++++ b/tests/ts/libmount/context +@@ -116,8 +116,15 @@ $TS_CMD_FINDMNT --kernel --mountpoint $MOUNTPOINT -o VFS-OPTIONS -n >> $TS_OUTPU + + ts_run $TESTPROG --umount $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG + is_mounted $DEVICE && echo "$DEVICE still mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG +-ts_finalize_subtest + ++# Test that the atime option works after the migration to use the new kernel mount APIs. ++ts_run $TESTPROG --mount -o atime $DEVICE $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG ++$TS_CMD_FINDMNT --kernel --mountpoint $MOUNTPOINT -o VFS-OPTIONS -n >> $TS_OUTPUT 2>> $TS_ERRLOG ++is_mounted $DEVICE || echo "$DEVICE not mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG ++ts_run $TESTPROG --umount $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG ++is_mounted $DEVICE && echo "$DEVICE still mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG ++ ++ts_finalize_subtest + + ts_init_subtest "mount-loopdev" + mkdir -p $MOUNTPOINT &> /dev/null +-- +2.33.0 + diff --git a/backport-libmount-cleanup-fake-mode.patch b/backport-libmount-cleanup-fake-mode.patch new file mode 100644 index 0000000000000000000000000000000000000000..203341e0c2496b6a798645ad2bf0f6ba6e6377b1 --- /dev/null +++ b/backport-libmount-cleanup-fake-mode.patch @@ -0,0 +1,167 @@ +From 39cd698282e51b3ce84aee72d7ff00063ae9a83f Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 1 Aug 2023 14:49:48 +0200 +Subject: [PATCH] libmount: cleanup --fake mode + +It was originally designed to play nasty games with /etc/mtab (mount +when /etc is read-only and update later when it's write-able). + +The --fake is completely useless with the new API due to complexity +where we cannot skip any step, because the next stuff depends on it. +So, it makes more sense skip all functionality where libmount does +anything significant. + +This commit add --fake check to hooks logic to skip all hooks as the +hooks are place where libmount implements mount related invasive +operations (create mountpoint, namespaces, create superblock, move, +mount, etc.). + +Frankly, --fake without mtab is useless. + +Fixes: https://github.com/util-linux/util-linux/issues/2395 +Signed-off-by: Karel Zak + +Reference:https://github.com/util-linux/util-linux/commit/b42e4e2350a26b13a6165b78990e8814535ceb80 +Conflict:NA +--- + libmount/src/context_mount.c | 5 +++++ + libmount/src/hook_mount.c | 7 ------- + libmount/src/hook_mount_legacy.c | 18 ------------------ + libmount/src/hooks.c | 12 ++++++++++-- + sys-utils/mount.8.adoc | 6 +++++- + 5 files changed, 20 insertions(+), 28 deletions(-) + +diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c +index d0da770..6ef6804 100644 +--- a/libmount/src/context_mount.c ++++ b/libmount/src/context_mount.c +@@ -541,6 +541,11 @@ static int do_mount(struct libmnt_context *cxt, const char *try_type) + if (!rc) + rc = mnt_context_call_hooks(cxt, MNT_STAGE_MOUNT); + ++ if (rc == 0 && mnt_context_is_fake(cxt)) { ++ DBG(CXT, ul_debugobj(cxt, "FAKE (-f) set status=0")); ++ cxt->syscall_status = 0; ++ } ++ + if (org_type && rc != 0) { + __mnt_fs_set_fstype_ptr(cxt->fs, org_type); + org_type = NULL; +diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c +index 1597d62..ac50428 100644 +--- a/libmount/src/hook_mount.c ++++ b/libmount/src/hook_mount.c +@@ -580,9 +580,6 @@ static int init_sysapi(struct libmnt_context *cxt, + if (!api) + return -ENOMEM; + +- if (mnt_context_is_fake(cxt)) +- goto fake; +- + if (path) { + api->fd_tree = open_mount_tree(cxt, path, flags); + if (api->fd_tree < 0) +@@ -615,10 +612,6 @@ static int init_sysapi(struct libmnt_context *cxt, + fail: + DBG(HOOK, ul_debugobj(hs, "init fs/tree failed [errno=%d %m]", errno)); + return -errno; +-fake: +- DBG(CXT, ul_debugobj(cxt, " FAKE (-f)")); +- cxt->syscall_status = 0; +- return 0; + } + + static int force_classic_mount(struct libmnt_context *cxt) +diff --git a/libmount/src/hook_mount_legacy.c b/libmount/src/hook_mount_legacy.c +index 2c07a01..7e62864 100644 +--- a/libmount/src/hook_mount_legacy.c ++++ b/libmount/src/hook_mount_legacy.c +@@ -61,12 +61,6 @@ static int hook_propagation(struct libmnt_context *cxt, + hd->flags, + hd->flags & MS_REC ? " (recursive)" : "")); + +- if (mnt_context_is_fake(cxt)) { +- DBG(CXT, ul_debugobj(cxt, " FAKE (-f)")); +- cxt->syscall_status = 0; +- return 0; +- } +- + /* + * hd->flags are propagation flags as set in prepare_propagation() + * +@@ -156,12 +150,6 @@ static int hook_bindremount(struct libmnt_context *cxt, + hd->flags, + hd->flags & MS_REC ? " (recursive)" : "")); + +- if (mnt_context_is_fake(cxt)) { +- DBG(CXT, ul_debugobj(cxt, " FAKE (-f)")); +- cxt->syscall_status = 0; +- return 0; +- } +- + if (mnt_optlist_is_silent(cxt->optlist)) + extra |= MS_SILENT; + +@@ -251,12 +239,6 @@ static int hook_mount(struct libmnt_context *cxt, + options ? (cxt->flags & MNT_FL_MOUNTDATA) ? "binary" : + options : "")); + +- if (mnt_context_is_fake(cxt)) { +- DBG(HOOK, ul_debugobj(hs, " FAKE (-f)")); +- cxt->syscall_status = 0; +- return 0; +- } +- + if (mount(src, target, type, flags, options)) { + cxt->syscall_status = -errno; + cxt->syscall_name = "mount"; +diff --git a/libmount/src/hooks.c b/libmount/src/hooks.c +index 88cf68d..2d79162 100644 +--- a/libmount/src/hooks.c ++++ b/libmount/src/hooks.c +@@ -313,7 +313,12 @@ int mnt_context_has_hook(struct libmnt_context *cxt, + + static int call_hook(struct libmnt_context *cxt, struct hookset_hook *hook) + { +- int rc = hook->func(cxt, hook->hookset, hook->data); ++ int rc = 0; ++ ++ if (mnt_context_is_fake(cxt)) ++ DBG(CXT, ul_debugobj(cxt, " FAKE call")); ++ else ++ rc = hook->func(cxt, hook->hookset, hook->data); + + hook->executed = 1; + if (!rc) +@@ -359,7 +364,10 @@ int mnt_context_call_hooks(struct libmnt_context *cxt, int stage) + + DBG(CXT, ul_debugobj(cxt, "calling %s [first]", hs->name)); + +- rc = hs->firstcall(cxt, hs, NULL); ++ if (mnt_context_is_fake(cxt)) ++ DBG(CXT, ul_debugobj(cxt, " FAKE call")); ++ else ++ rc = hs->firstcall(cxt, hs, NULL); + if (!rc) + rc = call_depend_hooks(cxt, hs->name, stage); + if (rc < 0) +diff --git a/sys-utils/mount.8.adoc b/sys-utils/mount.8.adoc +index 60661d8..71e3723 100644 +--- a/sys-utils/mount.8.adoc ++++ b/sys-utils/mount.8.adoc +@@ -325,7 +325,11 @@ Note that *mount* does not pass this option to the **/sbin/mount.**__type__ help + (Used in conjunction with *-a*.) Fork off a new incarnation of *mount* for each device. This will do the mounts on different devices or different NFS servers in parallel. This has the advantage that it is faster; also NFS timeouts proceed in parallel. A disadvantage is that the order of the mount operations is undefined. Thus, you cannot use this option if you want to mount both _/usr_ and _/usr/spool_. + + *-f, --fake*:: +-Causes everything to be done except for the actual system call; if it's not obvious, this "fakes" mounting the filesystem. This option is useful in conjunction with the *-v* flag to determine what the *mount* command is trying to do. It can also be used to add entries for devices that were mounted earlier with the *-n* option. The *-f* option checks for an existing record in _/etc/mtab_ and fails when the record already exists (with a regular non-fake mount, this check is done by the kernel). ++Causes everything to be done except for the mount-related system calls. The --fake option was originally designed to write an entry to /etc/mtab without actually mounting. +++ ++The /etc/mtab is no longer maintained in userspace, and starting from version 2.39, the mount operation can be a complex chain of operations with dependencies between the syscalls. The --fake option forces libmount to skip all mount source preparation, mount option analysis, and the actual mounting process. +++ ++The difference between fake and non-fake execution is huge. This is the reason why the --fake option has minimal significance for the current mount(8) implementation and it is maintained mostly for backward compatibility. + + *-i, --internal-only*:: + Don't call the **/sbin/mount.**__filesystem__ helper even if it exists. +-- +2.33.0 + diff --git a/backport-libmount-fix-possible-NULL-dereference-coverity-scan.patch b/backport-libmount-fix-possible-NULL-dereference-coverity-scan.patch new file mode 100644 index 0000000000000000000000000000000000000000..f6e4e795d1f8ed905565b53e621b7b417cde24d9 --- /dev/null +++ b/backport-libmount-fix-possible-NULL-dereference-coverity-scan.patch @@ -0,0 +1,36 @@ +From c8448495049b22e6ee30c84c377e61f65d886ca3 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 6 Nov 2023 11:40:27 +0100 +Subject: [PATCH] libmount: fix possible NULL dereference [coverity scan] + +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/c8448495049b22e6ee30c84c377e61f65d886ca3 +Conflict:NA +--- + libmount/src/tab.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libmount/src/tab.c b/libmount/src/tab.c +index 5c2d5c868..972566467 100644 +--- a/libmount/src/tab.c ++++ b/libmount/src/tab.c +@@ -660,7 +660,7 @@ int mnt_table_next_child_fs(struct libmnt_table *tb, struct libmnt_iter *itr, + { + struct libmnt_fs *fs, *chfs = NULL; + int parent_id, lastchld_id = 0, chld_id = 0; +- int direction = mnt_iter_get_direction(itr); ++ int direction; + + if (!tb || !itr || !parent || !is_mountinfo(tb)) + return -EINVAL; +@@ -668,6 +668,7 @@ int mnt_table_next_child_fs(struct libmnt_table *tb, struct libmnt_iter *itr, + DBG(TAB, ul_debugobj(tb, "lookup next child of '%s'", + mnt_fs_get_target(parent))); + parent_id = mnt_fs_get_id(parent); ++ direction = mnt_iter_get_direction(itr); + + /* get ID of the previously returned child */ + if (itr->head && itr->p != itr->head) { +-- +2.33.0 + diff --git a/backport-libmount-fix-possible-memory-leak.patch b/backport-libmount-fix-possible-memory-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..dd0029cdbb951416ccaf4b675dea405f38890e62 --- /dev/null +++ b/backport-libmount-fix-possible-memory-leak.patch @@ -0,0 +1,30 @@ +From 35ad7bf065db668d6604261066f049982563dabd Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 2 May 2024 10:15:29 +0200 +Subject: [PATCH] libmount: fix possible memory leak + +Signed-off-by: Karel Zak +--- + libmount/src/context_mount.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c +index 50e4a62..d0da770 100644 +--- a/libmount/src/context_mount.c ++++ b/libmount/src/context_mount.c +@@ -541,9 +541,10 @@ static int do_mount(struct libmnt_context *cxt, const char *try_type) + if (!rc) + rc = mnt_context_call_hooks(cxt, MNT_STAGE_MOUNT); + +- if (org_type && rc != 0) ++ if (org_type && rc != 0) { + __mnt_fs_set_fstype_ptr(cxt->fs, org_type); +- org_type = NULL; ++ org_type = NULL; ++ } + + if (rc == 0 && try_type && cxt->update) { + struct libmnt_fs *fs = mnt_update_get_fs(cxt->update); +-- +2.33.0 + diff --git a/backport-libmount-fix-tab-parser-for-badly-terminated-lines.patch b/backport-libmount-fix-tab-parser-for-badly-terminated-lines.patch deleted file mode 100644 index e3dea87cb863607891dfe04d32025633609140c1..0000000000000000000000000000000000000000 --- a/backport-libmount-fix-tab-parser-for-badly-terminated-lines.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 72f783d0ea5297e3fab22a93574aa63f421c5f69 Mon Sep 17 00:00:00 2001 -From: Karel Zak -Date: Mon, 17 Aug 2020 16:33:59 +0200 -Subject: [PATCH] libmount: fix tab parser for badly terminated lines - -Signed-off-by: Karel Zak ---- - libmount/src/tab_parse.c | 26 +++++++++++--------------- - 1 file changed, 11 insertions(+), 15 deletions(-) - -diff --git a/libmount/src/tab_parse.c b/libmount/src/tab_parse.c -index fa2d31b81..329987bcb 100644 ---- a/libmount/src/tab_parse.c -+++ b/libmount/src/tab_parse.c -@@ -481,7 +481,7 @@ static int is_terminated_by_blank(const char *str) - if (p == str) - return 1; /* only '\n' */ - p--; -- while (p >= str && (*p == ' ' || *p == '\t')) -+ while (p > str && (*p == ' ' || *p == '\t')) - p--; - return *p == '\n' ? 1 : 0; - } -@@ -553,22 +553,16 @@ static int mnt_table_parse_next(struct libmnt_parser *pa, - pa->line++; - s = strchr(pa->buf, '\n'); - if (!s) { -+ DBG(TAB, ul_debugobj(tb, "%s:%zu: no final newline", -+ pa->filename, pa->line)); -+ - /* Missing final newline? Otherwise an extremely */ - /* long line - assume file was corrupted */ -- if (feof(pa->f)) { -- DBG(TAB, ul_debugobj(tb, -- "%s: no final newline", pa->filename)); -- s = strchr(pa->buf, '\0'); -- } else { -- DBG(TAB, ul_debugobj(tb, -- "%s:%zu: missing newline at line", -- pa->filename, pa->line)); -- goto err; -- } -- } -+ if (feof(pa->f)) -+ s = memchr(pa->buf, '\0', pa->bufsiz); - - /* comments parser */ -- if (tb->comms -+ } else if (tb->comms - && (tb->fmt == MNT_FMT_GUESS || tb->fmt == MNT_FMT_FSTAB) - && is_comment_line(pa->buf)) { - do { -@@ -584,9 +578,11 @@ static int mnt_table_parse_next(struct libmnt_parser *pa, - - } - -+ if (!s) -+ goto err; - *s = '\0'; -- if (--s >= pa->buf && *s == '\r') -- *s = '\0'; -+ if (s > pa->buf && *(s - 1) == '\r') -+ *(--s) = '\0'; - s = (char *) skip_blank(pa->buf); - } while (*s == '\0' || *s == '#'); - diff --git a/backport-libmount-ifdef-statx-call.patch b/backport-libmount-ifdef-statx-call.patch new file mode 100644 index 0000000000000000000000000000000000000000..b1bebab7fa0f73b5b5077b3faca5c0a669a34d11 --- /dev/null +++ b/backport-libmount-ifdef-statx-call.patch @@ -0,0 +1,55 @@ +From ce266c9e168d4f88ae04fea3f9984deb9d9a5dfd Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 3 Aug 2023 12:39:19 +0200 +Subject: [PATCH] libmount: ifdef statx() call + +In this case the statx() is use to get mount ID. It's optional and not +required. Let's #ifdef the statx() call and also check for stx_mnt_id +struct member. + +Fixes: https://github.com/util-linux/util-linux/issues/2415 +Signed-off-by: Karel Zak +--- + configure.ac | 5 ++++- + libmount/src/hook_mount.c | 2 ++ + 2 files changed, 6 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 13eb6c1e6..b075f0265 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -514,7 +514,10 @@ AC_CHECK_MEMBERS([struct termios.c_line],,, + [[#include ]]) + + AC_CHECK_MEMBERS([struct stat.st_mtim.tv_nsec],,, +- [#include ]) ++ [[#include ]]) ++ ++AC_CHECK_MEMBERS([struct statx.stx_mnt_id],,, ++ [[#include ]]) + + AC_CHECK_DECLS([_NL_TIME_WEEK_1STDAY],[],[],[[#include ]]) + +diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c +index d69a018ec..056338c49 100644 +--- a/libmount/src/hook_mount.c ++++ b/libmount/src/hook_mount.c +@@ -294,6 +294,7 @@ static int hook_create_mount(struct libmnt_context *cxt, + /* cleanup after fail (libmount may only try the FS type) */ + close_sysapi_fds(api); + ++#if defined(HAVE_STRUCT_STATX) && defined(HAVE_STRUCT_STATX_STX_MNT_ID) + if (!rc && cxt->fs) { + struct statx st; + +@@ -306,6 +307,7 @@ static int hook_create_mount(struct libmnt_context *cxt, + fs->id = cxt->fs->id; + } + } ++#endif + + done: + DBG(HOOK, ul_debugobj(hs, "create FS done [rc=%d, id=%d]", rc, cxt->fs ? cxt->fs->id : -1)); +-- +2.33.0 + diff --git a/backport-libmount-improve-mnt_table_next_child_fs.patch b/backport-libmount-improve-mnt_table_next_child_fs.patch new file mode 100644 index 0000000000000000000000000000000000000000..4ecb36a514aa52eac8697335efd52bb1c48e8ac9 --- /dev/null +++ b/backport-libmount-improve-mnt_table_next_child_fs.patch @@ -0,0 +1,76 @@ +From f64ea9979a5eaddaed98bde17832f855f2f0daee Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 2 Nov 2023 10:41:03 +0100 +Subject: [PATCH] libmount: improve mnt_table_next_child_fs() + +The function utilizes the struct libmnt_itr to iterate through the mountinfo file +but neglects the direction specified by the iterator. This a bug. The application +must manage the direction, as, for instance, umount(8) requires the children of +the mountpoint in reverse order. + +Fixes: https://github.com/util-linux/util-linux/issues/2552 +Signed-off-by: Karel Zak +--- + libmount/src/tab.c | 25 ++++++++++++++++++------- + 1 file changed, 18 insertions(+), 7 deletions(-) + +diff --git a/libmount/src/tab.c b/libmount/src/tab.c +index 60bef8b2d..5c2d5c868 100644 +--- a/libmount/src/tab.c ++++ b/libmount/src/tab.c +@@ -650,8 +650,8 @@ int mnt_table_get_root_fs(struct libmnt_table *tb, struct libmnt_fs **root) + * @parent: parental FS + * @chld: NULL or returns the next child filesystem + * +- * Note that filesystems are returned in the order of mounting (according to +- * IDs in /proc/self/mountinfo). ++ * Since version 2.40, the filesystems are returned in the order specified by ++ * @itr. In the old versions the derection is always MNT_ITER_FORWARD. + * + * Returns: 0 on success, negative number in case of error or 1 at the end of list. + */ +@@ -660,6 +660,7 @@ int mnt_table_next_child_fs(struct libmnt_table *tb, struct libmnt_iter *itr, + { + struct libmnt_fs *fs, *chfs = NULL; + int parent_id, lastchld_id = 0, chld_id = 0; ++ int direction = mnt_iter_get_direction(itr); + + if (!tb || !itr || !parent || !is_mountinfo(tb)) + return -EINVAL; +@@ -675,7 +676,7 @@ int mnt_table_next_child_fs(struct libmnt_table *tb, struct libmnt_iter *itr, + lastchld_id = mnt_fs_get_id(fs); + } + +- mnt_reset_iter(itr, MNT_ITER_FORWARD); ++ mnt_reset_iter(itr, direction); + while (mnt_table_next_fs(tb, itr, &fs) == 0) { + int id; + +@@ -689,10 +690,20 @@ int mnt_table_next_child_fs(struct libmnt_table *tb, struct libmnt_iter *itr, + if (id == parent_id) + continue; + +- if ((!lastchld_id || id > lastchld_id) && +- (!chfs || id < chld_id)) { +- chfs = fs; +- chld_id = id; ++ if (direction == MNT_ITER_FORWARD) { ++ /* return in the order of mounting */ ++ if ((!lastchld_id || id > lastchld_id) && ++ (!chfs || id < chld_id)) { ++ chfs = fs; ++ chld_id = id; ++ } ++ } else { ++ /* return last child first */ ++ if ((!lastchld_id || id < lastchld_id) && ++ (!chfs || id > chld_id)) { ++ chfs = fs; ++ chld_id = id; ++ } + } + } + +-- +2.33.0 + diff --git a/backport-libmount-make-sure-option-is-used-as-string.patch b/backport-libmount-make-sure-option-is-used-as-string.patch new file mode 100644 index 0000000000000000000000000000000000000000..5d472f31cd1bf6946e06a4a9f4d08082af98d071 --- /dev/null +++ b/backport-libmount-make-sure-option-is-used-as-string.patch @@ -0,0 +1,111 @@ +From 0c5485348b155420ecd1bfcdabb1b869ca5ee3c2 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 20 Mar 2024 16:08:16 +0100 +Subject: [PATCH] libmount: make sure "option=" is used as string + +mount(8) cares about case when option specified as "name=" (it means +without data). See for example 727c689908c5e68c92aa1dd65e0d3bdb6d91c1e5. + +We need this also for new mount API and use FSCONFIG_SET_STRING rather +than FSCONFIG_SET_FLAG. + +strace -e fsconfig ./mount -o usrjquota= /dev/sdc1 /mnt/test + +Old: +fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc1", 0) = 0 +fsconfig(3, FSCONFIG_SET_FLAG, "usrjquota", NULL, 0) = -1 EINVAL (Invalid argument) + +Fixed: +fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc1", 0) = 0 +fsconfig(3, FSCONFIG_SET_STRING, "usrjquota", "", 0) = 0 + +Fixes: https://github.com/util-linux/util-linux/issues/2837 +Signed-off-by: Karel Zak +--- + libmount/src/hook_mount.c | 3 +++ + libmount/src/mountP.h | 1 + + libmount/src/optlist.c | 14 +++++++++++++- + 3 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c +index 92438966c..f0cc38196 100644 +--- a/libmount/src/hook_mount.c ++++ b/libmount/src/hook_mount.c +@@ -224,6 +224,9 @@ static int configure_superblock(struct libmnt_context *cxt, + /* Ignore VFS flags, userspace and external options */ + continue; + ++ if (!value && mnt_opt_is_sepnodata(opt)) ++ value = ""; /* force use the value as string */ ++ + rc = fsconfig_set_value(cxt, hs, fd, name, value); + if (rc != 0) + goto done; +diff --git a/libmount/src/mountP.h b/libmount/src/mountP.h +index 458aa1a00..fcc40bffc 100644 +--- a/libmount/src/mountP.h ++++ b/libmount/src/mountP.h +@@ -608,6 +608,7 @@ extern int mnt_opt_set_value(struct libmnt_opt *opt, const char *str); + extern int mnt_opt_set_u64value(struct libmnt_opt *opt, uint64_t num); + extern int mnt_opt_set_quoted_value(struct libmnt_opt *opt, const char *str); + extern int mnt_opt_is_external(struct libmnt_opt *opt); ++extern int mnt_opt_is_sepnodata(struct libmnt_opt *opt); + + /* fs.c */ + extern int mnt_fs_follow_optlist(struct libmnt_fs *fs, struct libmnt_optlist *ol); +diff --git a/libmount/src/optlist.c b/libmount/src/optlist.c +index 101c908ae..476acfd65 100644 +--- a/libmount/src/optlist.c ++++ b/libmount/src/optlist.c +@@ -46,6 +46,7 @@ struct libmnt_opt { + + unsigned int external : 1, /* visible for external helpers only */ + recursive : 1, /* recursive flag */ ++ sepnodata : 1, /* value separator, but without data ("name=") */ + is_linux : 1, /* defined in ls->linux_map (VFS attr) */ + quoted : 1; /* name="value" */ + }; +@@ -438,6 +439,10 @@ static struct libmnt_opt *optlist_new_opt(struct libmnt_optlist *ls, + opt->value = strndup(value, valsz); + if (!opt->value) + goto fail; ++ ++ } else if (value) { ++ /* separator specified, but empty value ("name=") */ ++ opt->sepnodata = 1; + } + if (namesz) { + opt->name = strndup(name, namesz); +@@ -957,7 +962,8 @@ int mnt_optlist_strdup_optstr(struct libmnt_optlist *ls, char **optstr, + continue; + rc = mnt_buffer_append_option(&buf, + opt->name, strlen(opt->name), +- opt->value, ++ opt->value ? opt->value : ++ opt->sepnodata ? "" : NULL, + opt->value ? strlen(opt->value) : 0, + opt->quoted); + if (rc) +@@ -1043,6 +1049,7 @@ struct libmnt_optlist *mnt_copy_optlist(struct libmnt_optlist *ls) + no->src = opt->src; + no->external = opt->external; + no->quoted = opt->quoted; ++ no->sepnodata = opt->sepnodata; + } + } + +@@ -1184,6 +1191,11 @@ int mnt_opt_is_external(struct libmnt_opt *opt) + return opt && opt->external ? 1 : 0; + } + ++int mnt_opt_is_sepnodata(struct libmnt_opt *opt) ++{ ++ return opt->sepnodata; ++} ++ + + #ifdef TEST_PROGRAM + +-- +2.33.0 + diff --git a/backport-libmount-use-some-MS_-flags-as-superblock-flags.patch b/backport-libmount-use-some-MS_-flags-as-superblock-flags.patch new file mode 100644 index 0000000000000000000000000000000000000000..1242ddd4b46d84b96fcd02c123950cec0bf16f1e --- /dev/null +++ b/backport-libmount-use-some-MS_-flags-as-superblock-flags.patch @@ -0,0 +1,104 @@ +From 54e4a6b145fd6ef943d93e16de748283e687855d Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 20 Jul 2023 12:34:14 +0200 +Subject: [PATCH] libmount: use some MS_* flags as superblock flags + +The old mount(2) API usually utilizes MS_* flags to set up the VFS +node. However, there are some exceptions like "sync" (MS_SYNCHRONOUS), +where the flag is used (by kernel) for the superblock instead. The new +API addresses this issue, ensuring that these options are used for +fsconfig(). + +This commit introduces MNT_SUPERBLOCK to identify these options in the +libmount options Linux map, and it enforces the new mount code to +utilize these options for fsconfig(FSCONFIG_SET_FLAG). + +Reported-by: Abbink Esger +Signed-off-by: Karel Zak +--- + libmount/src/hook_mount.c | 11 +++++++++-- + libmount/src/libmount.h.in | 1 + + libmount/src/optmap.c | 14 +++++++------- + 3 files changed, 17 insertions(+), 9 deletions(-) + +diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c +index 77a7bed30..ed4ec349c 100644 +--- a/libmount/src/hook_mount.c ++++ b/libmount/src/hook_mount.c +@@ -154,12 +154,19 @@ static int configure_superblock(struct libmnt_context *cxt, + const char *name = mnt_opt_get_name(opt); + const char *value = mnt_opt_get_value(opt); + const struct libmnt_optmap *ent = mnt_opt_get_mapent(opt); ++ const int is_linux = ent && mnt_opt_get_map(opt) == cxt->map_linux; + +- if (ent && mnt_opt_get_map(opt) == cxt->map_linux && +- ent->id == MS_RDONLY) { ++ if (is_linux && ent->id == MS_RDONLY) { ++ /* Use ro/rw for superblock (for backward compatibility) */ + value = NULL; + has_rwro = 1; ++ ++ } else if (is_linux && ent->mask & MNT_SUPERBLOCK) { ++ /* Use some old MS_* (VFS) flags as superblock flags */ ++ ; ++ + } else if (!name || mnt_opt_get_map(opt) || mnt_opt_is_external(opt)) ++ /* Ignore VFS flags, userspace and external options */ + continue; + + rc = fsconfig_set_value(cxt, hs, fd, name, value); +diff --git a/libmount/src/libmount.h.in b/libmount/src/libmount.h.in +index f156483b6..06c27047d 100644 +--- a/libmount/src/libmount.h.in ++++ b/libmount/src/libmount.h.in +@@ -89,6 +89,7 @@ struct libmnt_optmap + #define MNT_PREFIX (1 << 3) /* prefix used for some options (e.g. "x-foo") */ + #define MNT_NOHLPS (1 << 4) /* don't add the option to mount. helpers command line */ + #define MNT_NOFSTAB (1 << 5) /* not expected in fstab */ ++#define MNT_SUPERBLOCK (1 << 6) /* MS_* for mount(2), otherwise requires fsconfig() */ + + /** + * libmnt_fs: +diff --git a/libmount/src/optmap.c b/libmount/src/optmap.c +index 3a91f30d4..d7569a0f0 100644 +--- a/libmount/src/optmap.c ++++ b/libmount/src/optmap.c +@@ -79,10 +79,10 @@ static const struct libmnt_optmap linux_flags_map[] = + { "dev", MS_NODEV, MNT_INVERT }, /* interpret device files */ + { "nodev", MS_NODEV }, /* don't interpret devices */ + +- { "sync", MS_SYNCHRONOUS }, /* synchronous I/O */ +- { "async", MS_SYNCHRONOUS, MNT_INVERT },/* asynchronous I/O */ ++ { "sync", MS_SYNCHRONOUS, MNT_SUPERBLOCK }, /* synchronous I/O */ ++ { "async", MS_SYNCHRONOUS, MNT_INVERT | MNT_SUPERBLOCK },/* asynchronous I/O */ + +- { "dirsync", MS_DIRSYNC }, /* synchronous directory modifications */ ++ { "dirsync", MS_DIRSYNC, MNT_SUPERBLOCK },/* synchronous directory modifications */ + { "remount", MS_REMOUNT, MNT_NOMTAB }, /* alter flags of mounted FS */ + { "bind", MS_BIND }, /* Remount part of the tree elsewhere */ + { "rbind", MS_BIND | MS_REC }, /* Idem, plus mounted subtrees */ +@@ -95,8 +95,8 @@ static const struct libmnt_optmap linux_flags_map[] = + { "loud", MS_SILENT, MNT_INVERT }, /* print out messages. */ + #endif + #ifdef MS_MANDLOCK +- { "mand", MS_MANDLOCK }, /* Allow mandatory locks on this FS */ +- { "nomand", MS_MANDLOCK, MNT_INVERT }, /* Forbid mandatory locks on this FS */ ++ { "mand", MS_MANDLOCK, MNT_SUPERBLOCK }, /* Allow mandatory locks on this FS */ ++ { "nomand", MS_MANDLOCK, MNT_INVERT | MNT_SUPERBLOCK}, /* Forbid mandatory locks on this FS */ + #endif + #ifdef MS_NOATIME + { "atime", MS_NOATIME, MNT_INVERT }, /* Update access time */ +@@ -119,8 +119,8 @@ static const struct libmnt_optmap linux_flags_map[] = + { "nostrictatime", MS_STRICTATIME, MNT_INVERT }, /* kernel default atime */ + #endif + #ifdef MS_LAZYTIME +- { "lazytime", MS_LAZYTIME }, /* Update {a,m,c}time on the in-memory inode only */ +- { "nolazytime", MS_LAZYTIME, MNT_INVERT }, ++ { "lazytime", MS_LAZYTIME, MNT_SUPERBLOCK }, /* Update {a,m,c}time on the in-memory inode only */ ++ { "nolazytime", MS_LAZYTIME, MNT_INVERT | MNT_SUPERBLOCK }, + #endif + #ifdef MS_PROPAGATION + { "unbindable", MS_UNBINDABLE, MNT_NOHLPS | MNT_NOMTAB }, /* Unbindable */ +-- +2.33.0 + diff --git a/backport-libsmartcols-drop-spourious-newline-in-between-strea.patch b/backport-libsmartcols-drop-spourious-newline-in-between-strea.patch new file mode 100644 index 0000000000000000000000000000000000000000..346392d2d3989a2051509c89a13a9ec1763543bb --- /dev/null +++ b/backport-libsmartcols-drop-spourious-newline-in-between-strea.patch @@ -0,0 +1,34 @@ +From b2b0bf88d35513a746c144f35826eb47692386dc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Tue, 12 Dec 2023 18:41:33 +0100 +Subject: [PATCH] libsmartcols: drop spourious newline in between streamed JSON + objects +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +scols_table_print_range() already appends a newline correctly. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/b2b0bf88d35513a746c144f35826eb47692386dc +Conflict:NA +--- + misc-utils/findmnt.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/misc-utils/findmnt.c b/misc-utils/findmnt.c +index 40b80b365..14ae2c5b4 100644 +--- a/misc-utils/findmnt.c ++++ b/misc-utils/findmnt.c +@@ -1295,8 +1295,6 @@ static int poll_table(struct libmnt_table *tb, const char *tabfile, + + if (count) { + rc = scols_table_print_range(table, NULL, NULL); +- if (rc == 0) +- fputc('\n', scols_table_get_stream(table)); + fflush(stdout); + if (rc) + goto done; +-- +2.33.0 + diff --git a/backport-libsmartcols-fix-column-reduction.patch b/backport-libsmartcols-fix-column-reduction.patch new file mode 100644 index 0000000000000000000000000000000000000000..c5554ed1f093faf61169bf4723675dd5cba127da --- /dev/null +++ b/backport-libsmartcols-fix-column-reduction.patch @@ -0,0 +1,42 @@ +From 28c7c29b2d57705fdc4ff486b38937c73b2d9b5d Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 30 Apr 2024 10:26:09 +0200 +Subject: [PATCH] libsmartcols: fix column reduction + +4013986: libsmartcols: TAB: [0x5626b97f8e10]: #5 reduce stage (width=38, term=1) +4013986: libsmartcols: COL: [0x5626b97f9130]: [01] (null) reduced 2-->18446744073709551615 + +Fixes: https://github.com/util-linux/util-linux/issues/3003 +Signed-off-by: Karel Zak + +Reference:https://github.com/util-linux/util-linux/commit/28c7c29b2d57705fdc4ff486b38937c73b2d9b5d +Conflict:NA +--- + libsmartcols/src/calculate.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/libsmartcols/src/calculate.c b/libsmartcols/src/calculate.c +index deabb079..86e1b279 100644 +--- a/libsmartcols/src/calculate.c ++++ b/libsmartcols/src/calculate.c +@@ -379,9 +379,14 @@ static int reduce_column(struct libscols_table *tb, + /* columns are reduced in "bad first" way, be more + * agresive for the the worst column */ + reduce = 3; +- if (cl->width - reduce < st->width_min) +- reduce = cl->width - st->width_min; +- cl->width -= reduce; ++ ++ if (cl->width < reduce) ++ reduce = cl->width; ++ ++ if (cl->width - reduce > st->width_min) ++ cl->width -= reduce; ++ else ++ cl->width = st->width_min; + break; + default: + return -1; /* no more stages */ +-- +2.33.0 + diff --git a/backport-libsmartcols-flush-correct-stream.patch b/backport-libsmartcols-flush-correct-stream.patch new file mode 100644 index 0000000000000000000000000000000000000000..bae911631a7f89d231cd0a29a57eda09033dd29e --- /dev/null +++ b/backport-libsmartcols-flush-correct-stream.patch @@ -0,0 +1,31 @@ +From 36a853a9a71c46f088ab8f7416d68af112a59ce4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Tue, 12 Dec 2023 18:42:11 +0100 +Subject: [PATCH] libsmartcols: flush correct stream +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/36a853a9a71c46f088ab8f7416d68af112a59ce4 +Conflict:NA +--- + misc-utils/findmnt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/misc-utils/findmnt.c b/misc-utils/findmnt.c +index 14ae2c5b4..ecd56990c 100644 +--- a/misc-utils/findmnt.c ++++ b/misc-utils/findmnt.c +@@ -1295,7 +1295,7 @@ static int poll_table(struct libmnt_table *tb, const char *tabfile, + + if (count) { + rc = scols_table_print_range(table, NULL, NULL); +- fflush(stdout); ++ fflush(scols_table_get_stream(table)); + if (rc) + goto done; + } +-- +2.33.0 + diff --git a/backport-libsmartcols-only-recognize-closed-object-as-final-e.patch b/backport-libsmartcols-only-recognize-closed-object-as-final-e.patch new file mode 100644 index 0000000000000000000000000000000000000000..766912d0b19e16ddb83b2612ce86c2af52c64d13 --- /dev/null +++ b/backport-libsmartcols-only-recognize-closed-object-as-final-e.patch @@ -0,0 +1,48 @@ +From 5130ce8ee5b71c249e0c8bb7a4975dc8a48c64fa Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Tue, 12 Dec 2023 18:42:44 +0100 +Subject: [PATCH] libsmartcols: only recognize closed object as final element +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When streaming JSON normal values also have indent == 1. +For those however it is incorrect to close the stream. + +Fixes #2644 +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/5130ce8ee5b71c249e0c8bb7a4975dc8a48c64fa +Conflict:NA +--- + lib/jsonwrt.c | 8 ++------ + 1 file changed, 2 insertions(+), 6 deletions(-) + +diff --git a/lib/jsonwrt.c b/lib/jsonwrt.c +index dc20d2e46..243ed8232 100644 +--- a/lib/jsonwrt.c ++++ b/lib/jsonwrt.c +@@ -154,12 +154,6 @@ void ul_jsonwrt_open(struct ul_jsonwrt *fmt, const char *name, int type) + + void ul_jsonwrt_close(struct ul_jsonwrt *fmt, int type) + { +- if (fmt->indent == 1) { +- fputs("\n}\n", fmt->out); +- fmt->indent--; +- fmt->after_close = 1; +- return; +- } + assert(fmt->indent > 0); + + switch (type) { +@@ -168,6 +162,8 @@ void ul_jsonwrt_close(struct ul_jsonwrt *fmt, int type) + fputc('\n', fmt->out); + ul_jsonwrt_indent(fmt); + fputs("}", fmt->out); ++ if (fmt->indent == 0) ++ fputs("\n", fmt->out); + break; + case UL_JSON_ARRAY: + fmt->indent--; +-- +2.33.0 + diff --git a/backport-login-prevent-undefined-ioctl-and-tcsetattr-calls.patch b/backport-login-prevent-undefined-ioctl-and-tcsetattr-calls.patch new file mode 100644 index 0000000000000000000000000000000000000000..842a01a59e5f44c5ec3e78cc4bf60f5cf32b9d0e --- /dev/null +++ b/backport-login-prevent-undefined-ioctl-and-tcsetattr-calls.patch @@ -0,0 +1,98 @@ +From 3f13d198679437002df2dd0777a3bca879c0061c Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Thu, 21 Sep 2023 20:25:55 +0200 +Subject: [PATCH] login: prevent undefined ioctl and tcsetattr calls + +Do not call tcsetattr if tcgetattr fails, because the content of +tt and ttt is undefined in that case. + +Also do not just warn if ioctl fails, but also avoid calling it again +after tty has been re-opened. + +I've solved this by setting struct variables to values which cannot be +valid at this point. If they do have these exact values, then the +calls will be prevented. + +Signed-off-by: Tobias Stoeckmann +Reference:https://github.com/util-linux/util-linux/commit/3f13d198679437002df2dd0777a3bca879c0061c +Conflict:NA +--- + login-utils/login.c | 32 ++++++++++++++++++++------------ + 1 file changed, 20 insertions(+), 12 deletions(-) + +diff --git a/login-utils/login.c b/login-utils/login.c +index 31a7adb07..544eab5aa 100644 +--- a/login-utils/login.c ++++ b/login-utils/login.c +@@ -177,9 +177,10 @@ static void __attribute__((__noreturn__)) + struct termios ti; + + /* reset echo */ +- tcgetattr(0, &ti); +- ti.c_lflag |= ECHO; +- tcsetattr(0, TCSANOW, &ti); ++ if (tcgetattr(0, &ti) >= 0) { ++ ti.c_lflag |= ECHO; ++ tcsetattr(0, TCSANOW, &ti); ++ } + _exit(EXIT_SUCCESS); /* %% */ + } + +@@ -513,8 +514,8 @@ static void chown_tty(struct login_context *cxt) + static void init_tty(struct login_context *cxt) + { + struct stat st; +- struct termios tt, ttt; +- struct winsize ws; ++ struct termios tt, ttt = { 0 }; ++ struct winsize ws = { 0 }; + int fd; + + cxt->tty_mode = (mode_t) getlogindefs_num("TTYPERM", TTY_MODE); +@@ -549,13 +550,18 @@ static void init_tty(struct login_context *cxt) + + /* The TTY size might be reset to 0x0 by the kernel when we close the stdin/stdout/stderr file + * descriptors so let's save the size now so we can reapply it later */ +- memset(&ws, 0, sizeof(struct winsize)); +- if (ioctl(fd, TIOCGWINSZ, &ws) < 0) ++ if (ioctl(fd, TIOCGWINSZ, &ws) < 0) { + syslog(LOG_WARNING, _("TIOCGWINSZ ioctl failed: %m")); ++ ws.ws_row = 0; ++ ws.ws_col = 0; ++ } + +- tcgetattr(fd, &tt); +- ttt = tt; +- ttt.c_cflag &= ~HUPCL; ++ if (tcgetattr(fd, &tt) >= 0) { ++ ttt = tt; ++ ttt.c_cflag &= ~HUPCL; ++ } else { ++ ttt.c_cflag = HUPCL; ++ } + + if ((fchown(fd, 0, 0) || fchmod(fd, cxt->tty_mode)) && errno != EROFS) { + +@@ -565,7 +571,8 @@ static void init_tty(struct login_context *cxt) + } + + /* Kill processes left on this tty */ +- tcsetattr(fd, TCSANOW, &ttt); ++ if ((ttt.c_cflag & HUPCL) == 0) ++ tcsetattr(fd, TCSANOW, &ttt); + + /* + * Let's close file descriptors before vhangup +@@ -583,7 +590,8 @@ static void init_tty(struct login_context *cxt) + open_tty(cxt->tty_path); + + /* restore tty modes */ +- tcsetattr(STDIN_FILENO, TCSAFLUSH, &tt); ++ if ((ttt.c_cflag & HUPCL) == 0) ++ tcsetattr(STDIN_FILENO, TCSAFLUSH, &tt); + + /* Restore tty size */ + if ((ws.ws_row > 0 || ws.ws_col > 0) +-- +2.33.0 + diff --git a/backport-login-use-correct-terminal-fd-during-setup.patch b/backport-login-use-correct-terminal-fd-during-setup.patch new file mode 100644 index 0000000000000000000000000000000000000000..4d49128b8b3e00a1e098f7b38904776e69fbe6cb --- /dev/null +++ b/backport-login-use-correct-terminal-fd-during-setup.patch @@ -0,0 +1,106 @@ +From e361ef380fa2673e1de0f50d1f362b99e42cd0bb Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Thu, 21 Sep 2023 20:15:46 +0200 +Subject: [PATCH] login: use correct terminal fd during setup + +The function get_terminal_name iterates through standard file +descriptors until it finds a terminal. This means that it's not +guaranteed that STDIN_FILENO (i.e. 0) is actually a terminal. + +Do not modify permissions on possible files. Instead, retrieve +the file descriptor which was used by get_terminal_name as well. + +Proof of Concept (as root): + +1. Create a temporary file with a mode different than TTYPERM. +``` +install -m 700 /dev/null /tmp/test +ls -l /tmp/test +-rwx------ 1 root root 0 Sep 21 20:15 /tmp/test +``` + +2. Run login within a terminal with adjusted stdin. +``` +login < /tmp/test +host login: + Hangup +``` + +3. Check permissions of input file. +``` +ls -l /tmp/test +-rw------- 1 root root 0 Sep 21 20:15 /tmp/test +``` + +Signed-off-by: Tobias Stoeckmann +Reference:https://github.com/util-linux/util-linux/commit/e361ef380fa2673e1de0f50d1f362b99e42cd0bb +Conflict:NA +--- + login-utils/login.c | 14 ++++++++------ + 1 file changed, 8 insertions(+), 6 deletions(-) + +diff --git a/login-utils/login.c b/login-utils/login.c +index 129f3cfa2..31a7adb07 100644 +--- a/login-utils/login.c ++++ b/login-utils/login.c +@@ -515,10 +515,12 @@ static void init_tty(struct login_context *cxt) + struct stat st; + struct termios tt, ttt; + struct winsize ws; ++ int fd; + + cxt->tty_mode = (mode_t) getlogindefs_num("TTYPERM", TTY_MODE); + + get_terminal_name(&cxt->tty_path, &cxt->tty_name, &cxt->tty_number); ++ fd = get_terminal_stdfd(); + + /* + * In case login is suid it was possible to use a hardlink as stdin +@@ -531,7 +533,7 @@ static void init_tty(struct login_context *cxt) + if (!cxt->tty_path || !*cxt->tty_path || + lstat(cxt->tty_path, &st) != 0 || !S_ISCHR(st.st_mode) || + (st.st_nlink > 1 && strncmp(cxt->tty_path, "/dev/", 5) != 0) || +- access(cxt->tty_path, R_OK | W_OK) != 0) { ++ access(cxt->tty_path, R_OK | W_OK) != 0 || fd == -EINVAL) { + + syslog(LOG_ERR, _("FATAL: bad tty")); + sleepexit(EXIT_FAILURE); +@@ -548,14 +550,14 @@ static void init_tty(struct login_context *cxt) + /* The TTY size might be reset to 0x0 by the kernel when we close the stdin/stdout/stderr file + * descriptors so let's save the size now so we can reapply it later */ + memset(&ws, 0, sizeof(struct winsize)); +- if (ioctl(STDIN_FILENO, TIOCGWINSZ, &ws) < 0) ++ if (ioctl(fd, TIOCGWINSZ, &ws) < 0) + syslog(LOG_WARNING, _("TIOCGWINSZ ioctl failed: %m")); + +- tcgetattr(0, &tt); ++ tcgetattr(fd, &tt); + ttt = tt; + ttt.c_cflag &= ~HUPCL; + +- if ((fchown(0, 0, 0) || fchmod(0, cxt->tty_mode)) && errno != EROFS) { ++ if ((fchown(fd, 0, 0) || fchmod(fd, cxt->tty_mode)) && errno != EROFS) { + + syslog(LOG_ERR, _("FATAL: %s: change permissions failed: %m"), + cxt->tty_path); +@@ -563,7 +565,7 @@ static void init_tty(struct login_context *cxt) + } + + /* Kill processes left on this tty */ +- tcsetattr(0, TCSANOW, &ttt); ++ tcsetattr(fd, TCSANOW, &ttt); + + /* + * Let's close file descriptors before vhangup +@@ -581,7 +583,7 @@ static void init_tty(struct login_context *cxt) + open_tty(cxt->tty_path); + + /* restore tty modes */ +- tcsetattr(0, TCSAFLUSH, &tt); ++ tcsetattr(STDIN_FILENO, TCSAFLUSH, &tt); + + /* Restore tty size */ + if ((ws.ws_row > 0 || ws.ws_col > 0) +-- +2.33.0 + diff --git a/backport-lscpu-don-t-use-NULL-sharedmap.patch b/backport-lscpu-don-t-use-NULL-sharedmap.patch new file mode 100644 index 0000000000000000000000000000000000000000..09e4db98bdd7cb3087cf2045900fb0b47994b5aa --- /dev/null +++ b/backport-lscpu-don-t-use-NULL-sharedmap.patch @@ -0,0 +1,30 @@ +From 9ce09ccc3c8eee9be4fb5f33ae382d92c69dc411 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 20 Mar 2024 14:42:28 +0100 +Subject: [PATCH] lscpu: don't use NULL sharedmap + +Fixes: https://github.com/util-linux/util-linux/issues/2846 +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/9ce09ccc3c8eee9be4fb5f33ae382d92c69dc411 +Conflict:NA +--- + sys-utils/lscpu-topology.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/sys-utils/lscpu-topology.c b/sys-utils/lscpu-topology.c +index 7ee18e785..e3742e319 100644 +--- a/sys-utils/lscpu-topology.c ++++ b/sys-utils/lscpu-topology.c +@@ -253,7 +253,8 @@ struct lscpu_cache *lscpu_cpu_get_cache(struct lscpu_cxt *cxt, + for (i = 0; i < cxt->ncaches; i++) { + struct lscpu_cache *ca = &cxt->caches[i]; + +- if (strcmp(ca->name, name) == 0 && ++ if (ca->sharedmap && ++ strcmp(ca->name, name) == 0 && + CPU_ISSET_S(cpu->logical_id, cxt->setsize, ca->sharedmap)) + return ca; + } +-- +2.33.0 + diff --git a/backport-lsfd-fix-memory-leak-in-append_filter_expr.patch b/backport-lsfd-fix-memory-leak-in-append_filter_expr.patch new file mode 100644 index 0000000000000000000000000000000000000000..0242d42a36163e5990e32a11811aaa1528f63d3b --- /dev/null +++ b/backport-lsfd-fix-memory-leak-in-append_filter_expr.patch @@ -0,0 +1,25 @@ +From 53bcec4b25a60c125403a80a18ca3aacf1dc8269 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 25 Apr 2024 15:12:56 +0800 +Subject: [PATCH] lsfd: fix memory leak in append_filter_expr() + +--- + misc-utils/lsfd.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/misc-utils/lsfd.c b/misc-utils/lsfd.c +index 9f74862..56c0f7a 100644 +--- a/misc-utils/lsfd.c ++++ b/misc-utils/lsfd.c +@@ -1590,6 +1590,8 @@ static void append_filter_expr(char **a, const char *b, bool and) + xstrappend(a, "or("); + xstrappend(a, b); + xstrappend(a, ")"); ++ ++ free(tmp); + } + + static struct lsfd_filter *new_filter(const char *expr, bool debug, const char *err_prefix, struct lsfd_control *ctl) +-- +2.27.0 + diff --git a/backport-lsipc-fix-semaphore-USED-counter.patch b/backport-lsipc-fix-semaphore-USED-counter.patch new file mode 100644 index 0000000000000000000000000000000000000000..0eaa44074682fad548bdf9742a0165e24b362a96 --- /dev/null +++ b/backport-lsipc-fix-semaphore-USED-counter.patch @@ -0,0 +1,66 @@ +From fa45a6e516065f489b1cfb924ec3fc06960e0839 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 26 Mar 2024 12:45:24 +0100 +Subject: [PATCH] lsipc: fix semaphore USED counter + +The code incorrectly counts only with the first item in the linked +list (due to a typo). It seems rather fragile to use "semds" and +"semdsp" as variable names in the same code ... + + # lsipc -gs + +Old: + + KEY ID PERMS OWNER NSEMS RESOURCE DESCRIPTION LIMIT USED USE% + SEMMNI Number of semaphore identifiers 32000 3 0.01% + SEMMNS Total number of semaphores 1024000000 369 0.00% + SEMMSL Max semaphores per semaphore set. 32000 - - + SEMOPM Max number of operations per semop(2) 500 - - + SEMVMX Semaphore max value 32767 - - + +Fixed: + + KEY ID PERMS OWNER NSEMS RESOURCE DESCRIPTION LIMIT USED USE% + SEMMNI Number of semaphore identifiers 32000 3 0.01% + SEMMNS Total number of semaphores 1024000000 156 0.00% + SEMMSL Max semaphores per semaphore set. 32000 - - + SEMOPM Max number of operations per semop(2) 500 - - + SEMVMX Semaphore max value 32767 - - + +Addresses: https://issues.redhat.com/browse/RHEL-30269 +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/fa45a6e516065f489b1cfb924ec3fc06960e0839 +Conflict:NA +--- + sys-utils/lsipc.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/sys-utils/lsipc.c b/sys-utils/lsipc.c +index 2c5561112..515788c13 100644 +--- a/sys-utils/lsipc.c ++++ b/sys-utils/lsipc.c +@@ -717,16 +717,18 @@ static void do_sem(int id, struct lsipc_control *ctl, struct libscols_table *tb) + + static void do_sem_global(struct lsipc_control *ctl, struct libscols_table *tb) + { +- struct sem_data *semds, *semdsp; ++ struct sem_data *semds; + struct ipc_limits lim; + int nsems = 0, nsets = 0; + + ipc_sem_get_limits(&lim); + + if (ipc_sem_get_info(-1, &semds) > 0) { +- for (semdsp = semds; semdsp->next != NULL; semdsp = semdsp->next) { ++ struct sem_data *p; ++ ++ for (p = semds; p->next != NULL; p = p->next) { + ++nsets; +- nsems += semds->sem_nsems; ++ nsems += p->sem_nsems; + } + ipc_sem_free_info(semds); + } +-- +2.33.0 + diff --git a/backport-lslocks-fix-buffer-overflow.patch b/backport-lslocks-fix-buffer-overflow.patch new file mode 100644 index 0000000000000000000000000000000000000000..e53cf07c07b00bc277b52abe3e89f6356704dbfb --- /dev/null +++ b/backport-lslocks-fix-buffer-overflow.patch @@ -0,0 +1,69 @@ +From fcb83efb61c7898fa2ef20e010bf760278ec6746 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 29 Feb 2024 20:43:35 +0100 +Subject: [PATCH] lslocks: fix buffer overflow + +* don't use memset() to init variables +* use xreaddir() to reduce code +* use ssize_t for readlinkat() return value to avoid buffer overflow + +Signed-off-by: Karel Zak +(cherry picked from commit f030775ffeaa8627c88434f7d0cba1a454aa0ffa) +Reference:https://github.com/util-linux/util-linux/commit/fcb83efb61c7898fa2ef20e010bf760278ec6746 +Conflict:context adapt +--- + misc-utils/lslocks.c | 16 +++++++--------- + 1 file changed, 7 insertions(+), 9 deletions(-) + +diff --git a/misc-utils/lslocks.c b/misc-utils/lslocks.c +index caca13f..a2d634a 100644 +--- a/misc-utils/lslocks.c ++++ b/misc-utils/lslocks.c +@@ -45,6 +45,7 @@ + #include "closestream.h" + #include "optutils.h" + #include "procfs.h" ++#include "fileutils.h" + + /* column IDs */ + enum { +@@ -170,13 +171,12 @@ static char *get_filename_sz(ino_t inode, pid_t lock_pid, size_t *size) + struct stat sb; + struct dirent *dp; + DIR *dirp; +- size_t len; ++ size_t sz; + int fd; +- char path[PATH_MAX], sym[PATH_MAX], *ret = NULL; ++ char path[PATH_MAX] = { 0 }, ++ sym[PATH_MAX] = { 0 }, *ret = NULL; + + *size = 0; +- memset(path, 0, sizeof(path)); +- memset(sym, 0, sizeof(sym)); + + /* + * We know the pid so we don't have to +@@ -187,16 +187,14 @@ static char *get_filename_sz(ino_t inode, pid_t lock_pid, size_t *size) + if (!(dirp = opendir(path))) + return NULL; + +- if ((len = strlen(path)) >= (sizeof(path) - 2)) ++ if ((sz = strlen(path)) >= (sizeof(path) - 2)) + goto out; + + if ((fd = dirfd(dirp)) < 0 ) + goto out; + +- while ((dp = readdir(dirp))) { +- if (!strcmp(dp->d_name, ".") || +- !strcmp(dp->d_name, "..")) +- continue; ++ while ((dp = xreaddir(dirp))) { ++ ssize_t len; + + errno = 0; + +-- +2.33.0 + diff --git a/backport-lslogins-fix-realloc-loop-allocation-size.patch b/backport-lslogins-fix-realloc-loop-allocation-size.patch new file mode 100644 index 0000000000000000000000000000000000000000..e20bc9e78e05a558d4653427a668bc0c6222a3c0 --- /dev/null +++ b/backport-lslogins-fix-realloc-loop-allocation-size.patch @@ -0,0 +1,34 @@ +From 62104e69455c3add88adc360381176f3e83bda28 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Fri, 22 Sep 2023 20:08:22 +0200 +Subject: [PATCH] lslogins: fix realloc() loop allocation size +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If stat() fails the realloc loop would always try to allocate zero +bytes. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/62104e69455c3add88adc360381176f3e83bda28 +Conflict:NA +--- + login-utils/lslogins.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/login-utils/lslogins.c b/login-utils/lslogins.c +index ea5afb5ba..c624302bd 100644 +--- a/login-utils/lslogins.c ++++ b/login-utils/lslogins.c +@@ -478,7 +478,7 @@ static struct utmpx *get_last_btmp(struct lslogins_control *ctl, const char *use + + static int parse_utmpx(const char *path, size_t *nrecords, struct utmpx **records) + { +- size_t i, imax = 0; ++ size_t i, imax = 1; + struct utmpx *ary = NULL; + struct stat st; + +-- +2.33.0 + diff --git a/backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch b/backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch new file mode 100644 index 0000000000000000000000000000000000000000..ff86cc21db4374af8455a46718cdeb37796dbee6 --- /dev/null +++ b/backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch @@ -0,0 +1,44 @@ +From 57714290bdc99cab533edbc4a021d6ee3a7cc211 Mon Sep 17 00:00:00 2001 +From: zhangyao +Date: Thu, 4 Jul 2024 16:28:51 +0800 +Subject: [PATCH] lsmem: make lsmem to check for the nodes more robust + +See #3110. +Reference:https://github.com/util-linux/util-linux/commit/57714290bdc99cab533edbc4a021d6ee3a7cc211 +Conflict:NA +--- + sys-utils/lsmem.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/sys-utils/lsmem.c b/sys-utils/lsmem.c +index 3b5ca19a0..7c1be8e83 100644 +--- a/sys-utils/lsmem.c ++++ b/sys-utils/lsmem.c +@@ -485,6 +485,7 @@ static int memory_block_filter(const struct dirent *de) + static void read_basic_info(struct lsmem *lsmem) + { + char dir[PATH_MAX]; ++ int i = 0; + + if (ul_path_access(lsmem->sysmem, F_OK, "block_size_bytes") != 0) + errx(EXIT_FAILURE, _("This system does not support memory blocks")); +@@ -495,8 +496,14 @@ static void read_basic_info(struct lsmem *lsmem) + if (lsmem->ndirs <= 0) + err(EXIT_FAILURE, _("Failed to read %s"), dir); + +- if (memory_block_get_node(lsmem, lsmem->dirs[0]->d_name) != -1) +- lsmem->have_nodes = 1; ++ for (i = 0; i < lsmem->ndirs; i++) ++ { ++ if (memory_block_get_node(lsmem, lsmem->dirs[i]->d_name) != -1) ++ { ++ lsmem->have_nodes = 1; ++ break; ++ } ++ } + + /* The valid_zones sysmem attribute was introduced with kernel 3.18 */ + if (ul_path_access(lsmem->sysmem, F_OK, "memory0/valid_zones") == 0) +-- +2.33.0 + diff --git a/backport-more-avoid-out-of-bound-access.patch b/backport-more-avoid-out-of-bound-access.patch new file mode 100644 index 0000000000000000000000000000000000000000..fd1022fac03eb8cf4f7fd86877a8451cadc93f5f --- /dev/null +++ b/backport-more-avoid-out-of-bound-access.patch @@ -0,0 +1,38 @@ +From ecdfc9aa701b4f406c239b6e163a45a5cc5b4a8c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= +Date: Fri, 22 Sep 2023 19:53:24 +0200 +Subject: [PATCH] more: avoid out-of-bound access +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The realloc() needs to happen before that memory is used. + +Signed-off-by: Thomas Weißschuh +Reference:https://github.com/util-linux/util-linux/commit/ecdfc9aa701b4f406c239b6e163a45a5cc5b4a8c +Conflict:NA +--- + text-utils/more.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/text-utils/more.c b/text-utils/more.c +index bdb34e076..e25b0e24c 100644 +--- a/text-utils/more.c ++++ b/text-utils/more.c +@@ -356,11 +356,11 @@ static void env_argscan(struct more_control *ctl, const char *s) + env_argv = xmalloc(sizeof(char *) * size); + env_argv[0] = _("MORE environment variable"); /* program name */ + for (tok = strtok_r(str, delim, &key); tok; tok = strtok_r(NULL, delim, &key)) { +- env_argv[env_argc++] = tok; +- if (size < env_argc) { ++ if (size == env_argc) { + size *= 2; + env_argv = xrealloc(env_argv, sizeof(char *) * size); + } ++ env_argv[env_argc++] = tok; + } + + argscan(ctl, env_argc, env_argv); +-- +2.33.0 + diff --git a/backport-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-receive.patch b/backport-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-receive.patch new file mode 100644 index 0000000000000000000000000000000000000000..3d934a29a39b5ec81a09930118e19284c645bebc --- /dev/null +++ b/backport-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-receive.patch @@ -0,0 +1,51 @@ +From 68e14d3d5f4116ad3aca0e392d008645ea90cf70 Mon Sep 17 00:00:00 2001 +From: Goldwyn Rodrigues +Date: Fri, 8 Dec 2023 09:04:39 -0600 +Subject: [PATCH] more: exit if POLLERR and POLLHUP on stdin is received + +more command continues to run in case stdin have closed the file and it +takes 100% of CPU. This is because revents on stdin send +POLLIN | POLLHUP | POLLERR once stdin is closed. more receives it even +though it is not requested in events. This is common Linux behaviour to +never mask out POLLHUP or POLLERR. The loop in more_key_command() runs +infinitely because more_poll() returns 0 and read_command() reads 0 +bytes. + +Check for POLLERR and POLLHUP, and exit more in case of an error. + +Steps to reproduce: +1. Setup /etc/systemd/logind.conf with KillUserProcesses=no +2. Add config "Defaults use_pty" in /etc/sudoers +3. Start an ssh session to the machine +4. # sudo su - +5. # more +6. kill the parent ssh process, say close the tab + +At this time "more" runs with 100% CPU utilization. + +Signed-off-by: Goldwyn Rodrigues +Reference:https://github.com/util-linux/util-linux/commit/68e14d3d5f4116ad3aca0e392d008645ea90cf70 +Conflict:NA +--- + text-utils/more.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/text-utils/more.c b/text-utils/more.c +index d4db3d5eb..a49acbc3e 100644 +--- a/text-utils/more.c ++++ b/text-utils/more.c +@@ -1392,6 +1392,11 @@ static int more_poll(struct more_control *ctl, int timeout) + abort(); + } + } ++ ++ /* Check for POLLERR and POLLHUP in stdin revents */ ++ if ((pfd[1].revents & POLLERR) && (pfd[1].revents & POLLHUP)) ++ more_exit(ctl); ++ + if (pfd[1].revents == 0) + return 1; + return 0; +-- +2.33.0 + diff --git a/backport-more-fix-poll-use.patch b/backport-more-fix-poll-use.patch new file mode 100644 index 0000000000000000000000000000000000000000..182bd0d4d794f244c7e6a000da1f6f7898b0cf7a --- /dev/null +++ b/backport-more-fix-poll-use.patch @@ -0,0 +1,209 @@ +From fe23722854f651984fad597cbb5b44653f72832a Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 20 Feb 2024 12:26:33 +0100 +Subject: [PATCH] more: fix poll() use + +The more(1) command utilizes signalfd() to monitor signals and reads +commands from the user via stderr (as stdin is typically used for +piping and not for user interaction). + +However, the current more_poll() implementation ignores stderr. As a result, +more(1) waits on read(stderr) while completely ignoring signals. This issue +becomes evident when using commands like: + + grep foo /path/file | more + +In such cases, it's only possible to exit 'more' by pressing 'q'; +CTRL+C does not work. + +Changes: + +- Refactor more_poll() code: + - Introduce an enum to access pfd[] items instead of using magical constants. + - Implement a while() loop to handle EAGAIN or POLLHUP. + +- Ignore stdin after POLLHUP (indicating that the pipe's peer closed). +- Ensure stderr is also checked. +- Use return codes akin to classic poll(). + +Note: I have doubts regarding the usability of stdin in more_poll(), +as the function is primarily used to wait for user input (via stderr) +and to monitor signals. Nevertheless, it is retained for potential use +in detecting when the pipe's peer (or the entire session) has been +terminated (see commit 68e14d3d5f4116ad3aca0e392d008645ea90cf70). + +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/fe23722854f651984fad597cbb5b44653f72832a +Conflict:NA +--- + text-utils/more.c | 126 ++++++++++++++++++++++++++++++---------------- + 1 file changed, 82 insertions(+), 44 deletions(-) + +diff --git a/text-utils/more.c b/text-utils/more.c +index c4edbc0..eb58446 100644 +--- a/text-utils/more.c ++++ b/text-utils/more.c +@@ -199,6 +199,7 @@ struct more_control { + magic_t magic; /* libmagic database entries */ + #endif + unsigned int ++ ignore_stdin:1, /* POLLHUP; peer closed pipe */ + bad_stdout:1, /* true if overwriting does not turn off standout */ + catch_suspend:1, /* we should catch the SIGTSTP signal */ + clear_line_ends:1, /* do not scroll, paint each screen from the top */ +@@ -1341,55 +1342,92 @@ static void read_line(struct more_control *ctl) + *p = '\0'; + } + ++/* returns: 0 timeout or nothing; <0 error, >0 success */ + static int more_poll(struct more_control *ctl, int timeout) + { +- struct pollfd pfd[2]; ++ enum { ++ POLLFD_SIGNAL = 0, ++ POLLFD_STDIN, ++ POLLFD_STDERR, ++ }; ++ struct pollfd pfd[] = { ++ [POLLFD_SIGNAL] = { .fd = ctl->sigfd, .events = POLLIN | POLLERR | POLLHUP }, ++ [POLLFD_STDIN] = { .fd = STDIN_FILENO, .events = POLLIN | POLLERR | POLLHUP }, ++ [POLLFD_STDERR] = { .fd = STDERR_FILENO, .events = POLLIN | POLLERR | POLLHUP } ++ }; ++ int has_data = 0; + +- pfd[0].fd = ctl->sigfd; +- pfd[0].events = POLLIN | POLLERR | POLLHUP; +- pfd[1].fd = STDIN_FILENO; +- pfd[1].events = POLLIN; ++ while (!has_data) { ++ int rc; + +- if (poll(pfd, 2, timeout) < 0) { +- if (errno == EAGAIN) +- return 1; +- more_error(ctl, _("poll failed")); +- return 1; +- } +- if (pfd[0].revents != 0) { +- struct signalfd_siginfo info; +- ssize_t sz; +- +- sz = read(pfd[0].fd, &info, sizeof(info)); +- assert(sz == sizeof(info)); +- switch (info.ssi_signo) { +- case SIGINT: +- more_exit(ctl); +- break; +- case SIGQUIT: +- sigquit_handler(ctl); +- break; +- case SIGTSTP: +- sigtstp_handler(ctl); +- break; +- case SIGCONT: +- sigcont_handler(ctl); +- break; +- case SIGWINCH: +- sigwinch_handler(ctl); +- break; +- default: +- abort(); ++ if (ctl->ignore_stdin) ++ pfd[POLLFD_STDIN].fd = -1; /* probably closed, ignore */ ++ ++ rc = poll(pfd, ARRAY_SIZE(pfd), timeout); ++ ++ /* error */ ++ if (rc < 0) { ++ if (errno == EAGAIN) ++ continue; ++ ++ more_error(ctl, _("poll failed")); ++ return rc; + } +- } + +- /* Check for POLLERR and POLLHUP in stdin revents */ +- if ((pfd[1].revents & POLLERR) && (pfd[1].revents & POLLHUP)) +- more_exit(ctl); ++ /* timeout */ ++ if (rc == 0) ++ return 0; + +- if (pfd[1].revents == 0) +- return 1; +- return 0; ++ /* event on signal FD */ ++ if (pfd[POLLFD_SIGNAL].revents) { ++ struct signalfd_siginfo info; ++ ssize_t sz; ++ ++ sz = read(pfd[POLLFD_SIGNAL].fd, &info, sizeof(info)); ++ assert(sz == sizeof(info)); ++ switch (info.ssi_signo) { ++ case SIGINT: ++ more_exit(ctl); ++ break; ++ case SIGQUIT: ++ sigquit_handler(ctl); ++ break; ++ case SIGTSTP: ++ sigtstp_handler(ctl); ++ break; ++ case SIGCONT: ++ sigcont_handler(ctl); ++ break; ++ case SIGWINCH: ++ sigwinch_handler(ctl); ++ break; ++ default: ++ abort(); ++ } ++ } ++ ++ /* event on stdin */ ++ if (pfd[POLLFD_STDIN].revents) { ++ /* Check for POLLERR and POLLHUP in stdin revents */ ++ if ((pfd[POLLFD_STDIN].revents & POLLERR) && ++ (pfd[POLLFD_STDIN].revents & POLLHUP)) ++ more_exit(ctl); ++ ++ /* poll() return POLLHUP event after pipe close() and POLLNVAL ++ * means that fd is already closed. */ ++ if ((pfd[POLLFD_STDIN].revents & POLLHUP) || ++ (pfd[POLLFD_STDIN].revents & POLLNVAL)) ++ ctl->ignore_stdin = 1; ++ else ++ has_data++; ++ } ++ ++ /* event on stderr (we reads user commands from stderr!) */ ++ if (pfd[POLLFD_STDERR].revents) ++ has_data++; ++ } ++ ++ return has_data; + } + + /* Search for nth occurrence of regular expression contained in buf in +@@ -1457,7 +1495,7 @@ static void search(struct more_control *ctl, char buf[], int n) + } + break; + } +- more_poll(ctl, 1); ++ more_poll(ctl, 0); + } + /* Move ctrl+c signal handling back to more_key_command(). */ + signal(SIGINT, SIG_DFL); +@@ -1621,7 +1659,7 @@ static int more_key_command(struct more_control *ctl, char *filename) + ctl->report_errors = 0; + ctl->search_called = 0; + for (;;) { +- if (more_poll(ctl, -1) != 0) ++ if (more_poll(ctl, -1) <= 0) + continue; + cmd = read_command(ctl); + if (cmd.key == more_kc_unknown_command) +-- +2.33.0 + diff --git a/backport-more-make-sure-we-have-data-on-stderr.patch b/backport-more-make-sure-we-have-data-on-stderr.patch new file mode 100644 index 0000000000000000000000000000000000000000..62135816245ee19c3ea62ede80a412dfb8549928 --- /dev/null +++ b/backport-more-make-sure-we-have-data-on-stderr.patch @@ -0,0 +1,97 @@ +From 640b9480bd3efc0f4bc7f38a785d02cda70ec5c3 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 22 Aug 2024 08:56:52 +0200 +Subject: [PATCH] more: make sure we have data on stderr +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +more(1) uses more_poll() to monitor data on stdin, stderr, and +signals. It is used before read_command(), but this function only +reads from stderr. Therefore, if any other non-stderr event occurs, +this function will wait on read(). In this case, more(1) will not +react to signals anymore. We need to ensure that more(1) only waits in +more_poll(). + +Try + + for x in {1..1000}; do echo "line $x"; done | more + +to reproduce. + +Reported-by: Radka Skvarilova +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/640b9480bd3efc0f4bc7f38a785d02cda70ec5c3 +Conflict:NA +--- + text-utils/more.c | 18 +++++++++++++----- + 1 file changed, 13 insertions(+), 5 deletions(-) + +diff --git a/text-utils/more.c b/text-utils/more.c +index 4c225331..953e94db 100644 +--- a/text-utils/more.c ++++ b/text-utils/more.c +@@ -1350,7 +1350,7 @@ static void read_line(struct more_control *ctl) + } + + /* returns: 0 timeout or nothing; <0 error, >0 success */ +-static int more_poll(struct more_control *ctl, int timeout) ++static int more_poll(struct more_control *ctl, int timeout, int *stderr_active) + { + enum { + POLLFD_SIGNAL = 0, +@@ -1364,6 +1364,9 @@ static int more_poll(struct more_control *ctl, int timeout) + }; + int has_data = 0; + ++ if (stderr_active) ++ *stderr_active = 0; ++ + while (!has_data) { + int rc; + +@@ -1430,8 +1433,11 @@ static int more_poll(struct more_control *ctl, int timeout) + } + + /* event on stderr (we reads user commands from stderr!) */ +- if (pfd[POLLFD_STDERR].revents) ++ if (pfd[POLLFD_STDERR].revents) { + has_data++; ++ if (stderr_active) ++ *stderr_active = 1; ++ } + } + + return has_data; +@@ -1502,7 +1508,7 @@ static void search(struct more_control *ctl, char buf[], int n) + } + break; + } +- more_poll(ctl, 0); ++ more_poll(ctl, 0, NULL); + } + /* Move ctrl+c signal handling back to more_key_command(). */ + signal(SIGINT, SIG_DFL); +@@ -1656,7 +1662,7 @@ static int skip_forwards(struct more_control *ctl, int nlines, cc_t comchar) + static int more_key_command(struct more_control *ctl, char *filename) + { + int retval = 0; +- int done = 0, search_again = 0; ++ int done = 0, search_again = 0, stderr_active = 0; + char cmdbuf[INIT_BUF]; + struct number_command cmd; + +@@ -1666,7 +1672,9 @@ static int more_key_command(struct more_control *ctl, char *filename) + ctl->report_errors = 0; + ctl->search_called = 0; + for (;;) { +- if (more_poll(ctl, -1) <= 0) ++ if (more_poll(ctl, -1, &stderr_active) <= 0) ++ continue; ++ if (stderr_active == 0) + continue; + cmd = read_command(ctl); + if (cmd.key == more_kc_unknown_command) +-- +2.33.0 + diff --git a/backport-rev-Check-for-wchar-conversion-errors.patch b/backport-rev-Check-for-wchar-conversion-errors.patch new file mode 100644 index 0000000000000000000000000000000000000000..e094231c6174272a7e6a221e9051f40680d8630c --- /dev/null +++ b/backport-rev-Check-for-wchar-conversion-errors.patch @@ -0,0 +1,59 @@ +From a610cf8231a02163a4a2b2faf3047d24798fe180 Mon Sep 17 00:00:00 2001 +From: Tim Hallmann +Date: Sun, 24 Mar 2024 20:14:30 +0100 +Subject: [PATCH] rev: Check for wchar conversion errors + +Commit c9cc84621ca98ef85499e83ca56f05f12055f193 introduced a regression +where only the actual EOF is handled, not other error conditions +returning WEOF. This leads to an infinite loop upon encountering +conversion errors. For example (using LC_CTYPE="en_US.UTF-8"): + +$ printf '\x80' | rev + +Signed-off-by: Tim Hallmann + +Reference:https://github.com/util-linux/util-linux/commit/a610cf8231a02163a4a2b2faf3047d24798fe180 +Conflict:NA +--- + text-utils/rev.c | 14 ++++++++------ + 1 file changed, 8 insertions(+), 6 deletions(-) + +diff --git a/text-utils/rev.c b/text-utils/rev.c +index 81331719..4b731890 100644 +--- a/text-utils/rev.c ++++ b/text-utils/rev.c +@@ -173,8 +173,6 @@ int main(int argc, char *argv[]) + line = 0; + while (!feof(fp)) { + len = read_line(sep, buf, bufsiz, fp); +- if (len == 0) +- continue; + + /* This is my hack from setpwnam.c -janl */ + while (len == bufsiz && !feof(fp)) { +@@ -187,14 +185,18 @@ int main(int argc, char *argv[]) + /* And fill the rest of the buffer */ + len += read_line(sep, &buf[len], bufsiz/2, fp); + } ++ if (ferror(fp)) { ++ warn("%s: %ju", filename, line); ++ rval = EXIT_FAILURE; ++ break; ++ } ++ if (len == 0) ++ continue; ++ + reverse_str(buf, buf[len - 1] == sep ? len - 1 : len); + write_line(buf, len, stdout); + line++; + } +- if (ferror(fp)) { +- warn("%s: %ju", filename, line); +- rval = EXIT_FAILURE; +- } + if (fp != stdin) + fclose(fp); + } while(*argv); +-- +2.33.0 + diff --git a/backport-scriptreplay-support-ctrl-s-and-ctrl-g.patch b/backport-scriptreplay-support-ctrl-s-and-ctrl-g.patch new file mode 100644 index 0000000000000000000000000000000000000000..2ab0fb6f8d8049c662a008391713ed86ade280df --- /dev/null +++ b/backport-scriptreplay-support-ctrl-s-and-ctrl-g.patch @@ -0,0 +1,33 @@ +From 584e505186c1aa511ea96761a8d108f4fe734f0e Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 11 Sep 2023 15:17:01 +0200 +Subject: [PATCH] scriptreplay: support ctrl+s and ctrl+g + +The old scriptreplay supported XON/XOFF flow control. The new +implementation uses cfmakeraw() and it disables it by default. Let's +enable it by IXON iflag. + +Fixes: https://github.com/util-linux/util-linux/issues/2480 +References: https://github.com/util-linux/util-linux/pull/1101 +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/584e505186c1aa511ea96761a8d108f4fe734f0e +Conflict:NA +--- + term-utils/scriptreplay.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/term-utils/scriptreplay.c b/term-utils/scriptreplay.c +index fb68499c8..38fa4251c 100644 +--- a/term-utils/scriptreplay.c ++++ b/term-utils/scriptreplay.c +@@ -134,6 +134,7 @@ setterm(struct termios *backup) + tattr = *backup; + cfmakeraw(&tattr); + tattr.c_lflag |= ISIG; ++ tattr.c_iflag |= IXON; + tcsetattr(STDOUT_FILENO, TCSANOW, &tattr); + return 1; + } +-- +2.33.0 + diff --git a/backport-suL-fix-use-after-free-on-error.patch b/backport-suL-fix-use-after-free-on-error.patch new file mode 100644 index 0000000000000000000000000000000000000000..06b21da89a48010a204a9257d45fcc70231afce1 --- /dev/null +++ b/backport-suL-fix-use-after-free-on-error.patch @@ -0,0 +1,30 @@ +From 3b01374845f8bbe29ef945b866f679555b28cd38 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Tue, 30 Apr 2024 10:51:50 +0200 +Subject: [PATCH] suL fix use after free on error + +Signed-off-by: Karel Zak +--- + login-utils/su-common.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/login-utils/su-common.c b/login-utils/su-common.c +index b674920..35950ce 100644 +--- a/login-utils/su-common.c ++++ b/login-utils/su-common.c +@@ -446,9 +446,10 @@ static void supam_open_session(struct su_context *su) + + rc = pam_open_session(su->pamh, 0); + if (is_pam_failure(rc)) { ++ const char *msg = pam_strerror(su->pamh, rc); ++ + supam_cleanup(su, rc); +- errx(EXIT_FAILURE, _("cannot open session: %s"), +- pam_strerror(su->pamh, rc)); ++ errx(EXIT_FAILURE, _("cannot open session: %s"), msg); + } else + su->pam_has_session = 1; + } +-- +2.43.0 + diff --git a/backport-sys-utils-hwclock-rtc-fix-pointer-usage.patch b/backport-sys-utils-hwclock-rtc-fix-pointer-usage.patch new file mode 100644 index 0000000000000000000000000000000000000000..66b11b2ff427537ee1779396941089aac31f86b8 --- /dev/null +++ b/backport-sys-utils-hwclock-rtc-fix-pointer-usage.patch @@ -0,0 +1,31 @@ +From 1064a53e4ff357dc649a8c4a0a41dfb5a1191bba Mon Sep 17 00:00:00 2001 +From: Karthikeyan Krishnasamy +Date: Sat, 23 Mar 2024 13:39:55 +0530 +Subject: [PATCH] sys-utils: hwclock-rtc: fix pointer usage + +passing double pointer doesn't fill param value + +Signed-off-by: Karthikeyan Krishnasamy + +Reference:https://github.com/util-linux/util-linux/commit/1064a53e4ff357dc649a8c4a0a41dfb5a1191bba +Conflict:NA +--- + sys-utils/hwclock-rtc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sys-utils/hwclock-rtc.c b/sys-utils/hwclock-rtc.c +index 79867f64..113d4e8c 100644 +--- a/sys-utils/hwclock-rtc.c ++++ b/sys-utils/hwclock-rtc.c +@@ -429,7 +429,7 @@ static int resolve_rtc_param_alias(const char *alias, __u64 *value) + /* kernel uapi __u64 can be defined differently than uint64_t */ + static int strtoku64(const char *str, __u64 *num, int base) + { +- return ul_strtou64(str, (uint64_t *) &num, base); ++ return ul_strtou64(str, (uint64_t *) num, base); + } + + /* +-- +2.33.0 + diff --git a/backport-sys-utils-lscpu-Unblock-SIGSEGV-before-vmware_bdoor.patch b/backport-sys-utils-lscpu-Unblock-SIGSEGV-before-vmware_bdoor.patch new file mode 100644 index 0000000000000000000000000000000000000000..97dcff138ee71707166e94d3093f75e659914b73 --- /dev/null +++ b/backport-sys-utils-lscpu-Unblock-SIGSEGV-before-vmware_bdoor.patch @@ -0,0 +1,70 @@ +From 5533e237c8047ff941bb3720237c58413441e35c Mon Sep 17 00:00:00 2001 +From: WanBingjiang +Date: Fri, 2 Feb 2024 10:43:08 +0800 +Subject: [PATCH] sys-utils/lscpu: Unblock SIGSEGV before vmware_bdoor + +Reference:https://github.com/util-linux/util-linux/commit/5533e237c8047ff941bb3720237c58413441e35c +Conflict:NA +--- + sys-utils/lscpu-virt.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/sys-utils/lscpu-virt.c b/sys-utils/lscpu-virt.c +index 4d301271a..6ba7c02dc 100644 +--- a/sys-utils/lscpu-virt.c ++++ b/sys-utils/lscpu-virt.c +@@ -17,6 +17,7 @@ + #include + #include + #include ++#include + + #include "lscpu.h" + +@@ -454,6 +455,7 @@ void vmware_bdoor(uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx) + } + + static jmp_buf segv_handler_env; ++static sigset_t oset; + + static void + segv_handler(__attribute__((__unused__)) int sig, +@@ -467,6 +469,7 @@ static int is_vmware_platform(void) + { + uint32_t eax, ebx, ecx, edx; + struct sigaction act, oact; ++ sigset_t set; + + /* + * FIXME: Not reliable for non-root users. Note it works as expected if +@@ -485,8 +488,16 @@ static int is_vmware_platform(void) + * the signal. All this magic is needed because lscpu + * isn't supposed to require root privileges. + */ +- if (sigsetjmp(segv_handler_env, 1)) ++ if (sigsetjmp(segv_handler_env, 1)) { ++ if (sigprocmask(SIG_SETMASK, &oset, NULL)) ++ err(EXIT_FAILURE, _("cannot restore signal mask")); + return 0; ++ } ++ ++ sigemptyset(&set); ++ sigaddset(&set, SIGSEGV); ++ if (sigprocmask(SIG_UNBLOCK, &set, &oset)) ++ err(EXIT_FAILURE, _("cannot unblock signal")); + + memset(&act, 0, sizeof(act)); + act.sa_sigaction = segv_handler; +@@ -500,6 +511,9 @@ static int is_vmware_platform(void) + if (sigaction(SIGSEGV, &oact, NULL)) + err(EXIT_FAILURE, _("cannot restore signal handler")); + ++ if (sigprocmask(SIG_SETMASK, &oset, NULL)) ++ err(EXIT_FAILURE, _("cannot restore signal mask")); ++ + return eax != (uint32_t)-1 && ebx == VMWARE_BDOOR_MAGIC; + } + +-- +2.33.0 + diff --git a/backport-sys-utils-save_adjtime-fix-memory-leak.patch b/backport-sys-utils-save_adjtime-fix-memory-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..5afade97b6ea7bee76fa6b92a38973b84f420d6b --- /dev/null +++ b/backport-sys-utils-save_adjtime-fix-memory-leak.patch @@ -0,0 +1,40 @@ +From 4e4fd6a5fc84b8dc172e1ea67b28064c67376d1a Mon Sep 17 00:00:00 2001 +From: Maks Mishin +Date: Thu, 17 Oct 2024 07:14:26 +0300 +Subject: [PATCH] sys-utils: (save_adjtime): fix memory leak + +Dynamic memory, referenced by 'content', is allocated by calling function 'xasprintf' +and lost when function returns. + +Found by the static analyzer Svace. +--- + sys-utils/hwclock.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sys-utils/hwclock.c b/sys-utils/hwclock.c +index 87228b5..1318c13 100644 +--- a/sys-utils/hwclock.c ++++ b/sys-utils/hwclock.c +@@ -910,6 +910,7 @@ static int save_adjtime(const struct hwclock_control *ctl, + fp = fopen(ctl->adj_file_name, "w"); + if (fp == NULL) { + warn(_("cannot open %s"), ctl->adj_file_name); ++ free(content); + return EXIT_FAILURE; + } + +@@ -918,9 +919,11 @@ static int save_adjtime(const struct hwclock_control *ctl, + + if (rc) { + warn(_("cannot update %s"), ctl->adj_file_name); ++ free(content); + return EXIT_FAILURE; + } + } ++ free(content); + return EXIT_SUCCESS; + } + +-- +2.43.0 + diff --git a/backport-sys-utils-setpriv-fix-potential-memory-leak.patch b/backport-sys-utils-setpriv-fix-potential-memory-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..bcc73230fa4ef04724e3c3e1cc87af6debc74edb --- /dev/null +++ b/backport-sys-utils-setpriv-fix-potential-memory-leak.patch @@ -0,0 +1,37 @@ +From 8f15d94a21cbc6886bdf2474e6e1bb507cab1149 Mon Sep 17 00:00:00 2001 +From: Maks Mishin +Date: Thu, 10 Oct 2024 20:23:49 +0300 +Subject: [PATCH] sys-utils: (setpriv): fix potential memory leak + +Dynamic memory, referenced by 'buf' is allocated by calling function 'xstrdup' +add then changed by calling of strsep function. +The free(buf) call is incorrect if buf != NULL, and points to some +place inside or outside the source string. +--- + sys-utils/setpriv.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c +index ddc2cc6..44731fd 100644 +--- a/sys-utils/setpriv.c ++++ b/sys-utils/setpriv.c +@@ -552,6 +552,7 @@ static void do_caps(enum cap_type type, const char *caps) + static void parse_securebits(struct privctx *opts, const char *arg) + { + char *buf = xstrdup(arg); ++ char *source_buf = buf; + char *c; + + opts->have_securebits = 1; +@@ -605,7 +606,7 @@ static void parse_securebits(struct privctx *opts, const char *arg) + + opts->securebits |= SECBIT_KEEP_CAPS; /* We need it, and it's reset on exec */ + +- free(buf); ++ free(source_buf); + } + + static void do_selinux_label(const char *label) +-- +2.43.0 + diff --git a/backport-tests-functions.sh-add-a-helper-funcion-making-a-dev.patch b/backport-tests-functions.sh-add-a-helper-funcion-making-a-dev.patch new file mode 100644 index 0000000000000000000000000000000000000000..89f566b9010f0abc8803cbbc590240cbd7e033b9 --- /dev/null +++ b/backport-tests-functions.sh-add-a-helper-funcion-making-a-dev.patch @@ -0,0 +1,65 @@ +From d4dea14933bc3ee750d6762a6f615d2a4fe24c34 Mon Sep 17 00:00:00 2001 +From: Masatake YAMATO +Date: Wed, 10 Apr 2024 18:36:47 +0900 +Subject: [PATCH] tests: (functions.sh) add a helper funcion making a device + number from given major and minor nums + +Fixes #2919. +Suggested by Karel Zak . + +The original code used an obsolete formula to make a device number from +given major and minor numbers. + +ts_device_make is a new helper function based on the formula of +__SYSMACROS_DEFINE_MAKEDEV macro defined in +/usr/include/bits/sysmacros.h of GNU libc. + +Suggested by Karel Zak in #2919. +Signed-off-by: Masatake YAMATO +--- + tests/functions.sh | 15 +++++++++++++++ + tests/ts/lsfd/lsfd-functions.bash | 2 +- + 2 files changed, 16 insertions(+), 1 deletion(-) + +diff --git a/tests/functions.sh b/tests/functions.sh +index 5fe5ba07f..4a00b2ff4 100644 +--- a/tests/functions.sh ++++ b/tests/functions.sh +@@ -788,6 +788,21 @@ function ts_device_has { + return $res + } + ++# Based on __SYSMACROS_DEFINE_MAKEDEV macro ++# defined in /usr/include/bits/sysmacros.h of GNU libc. ++function ts_makedev ++{ ++ local major="$1" ++ local minor="$2" ++ local dev ++ ++ dev=$(( ( major & 0x00000fff ) << 8)) ++ dev=$((dev | ( major & 0xfffff000 ) << 32)) ++ dev=$((dev | ( minor & 0x000000ff ) << 0)) ++ dev=$((dev | ( minor & 0xffffff00 ) << 12)) ++ echo $dev ++} ++ + function ts_is_uuid() + { + printf "%s\n" "$1" | grep -E -q '^[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12}$' +diff --git a/tests/ts/lsfd/lsfd-functions.bash b/tests/ts/lsfd/lsfd-functions.bash +index 3a3f58f0c..533c25fae 100644 +--- a/tests/ts/lsfd/lsfd-functions.bash ++++ b/tests/ts/lsfd/lsfd-functions.bash +@@ -44,7 +44,7 @@ function lsfd_compare_dev { + echo 'DEV[RUN]:' $? + local MAJ=${DEV%:*} + local MIN=${DEV#*:} +- local DEVNUM=$(( ( MAJ << 8 ) + MIN )) ++ local DEVNUM=$(ts_makedev "$MAJ" "$MIN") + local STAT_DEVNUM=$(stat -c "%d" "$FILE") + echo 'STAT[RUN]:' $? + if [ "${DEVNUM}" == "${STAT_DEVNUM}" ]; then +-- +2.33.0 + diff --git a/backport-tests-lsfd-don-t-refer-on-the-line-follwoing-the-use.patch b/backport-tests-lsfd-don-t-refer-on-the-line-follwoing-the-use.patch new file mode 100644 index 0000000000000000000000000000000000000000..cda3705696b2d2a22a3c9891fee7ae077f38fb01 --- /dev/null +++ b/backport-tests-lsfd-don-t-refer-on-the-line-follwoing-the-use.patch @@ -0,0 +1,41 @@ +From 5aa0c75c78dfb6a0c9851b348ba778149a4550a5 Mon Sep 17 00:00:00 2001 +From: Masatake YAMATO +Date: Thu, 11 Apr 2024 11:49:21 +0900 +Subject: [PATCH] tests: (lsfd) don't refer "$?" on the line follwoing the use + of "local" + +Suggested by ShellCheck. + +Signed-off-by: Masatake YAMATO +--- + tests/ts/lsfd/lsfd-functions.bash | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/tests/ts/lsfd/lsfd-functions.bash b/tests/ts/lsfd/lsfd-functions.bash +index 533c25fae..9c2eb0785 100644 +--- a/tests/ts/lsfd/lsfd-functions.bash ++++ b/tests/ts/lsfd/lsfd-functions.bash +@@ -40,13 +40,18 @@ function lsfd_compare_dev { + ts_check_prog "expr" + ts_check_prog "stat" + +- local DEV=$("${LSFD}" --raw -n -o DEV -Q "${EXPR}") ++ local DEV ++ DEV=$("${LSFD}" --raw -n -o DEV -Q "${EXPR}") + echo 'DEV[RUN]:' $? ++ + local MAJ=${DEV%:*} + local MIN=${DEV#*:} + local DEVNUM=$(ts_makedev "$MAJ" "$MIN") +- local STAT_DEVNUM=$(stat -c "%d" "$FILE") ++ ++ local STAT_DEVNUM ++ STAT_DEVNUM=$(stat -c "%d" "$FILE") + echo 'STAT[RUN]:' $? ++ + if [ "${DEVNUM}" == "${STAT_DEVNUM}" ]; then + echo 'DEVNUM[STR]:' 0 + else +-- +2.33.0 + diff --git a/backport-tests-lsfd-mkfds-alter-the-L4-ports-for-avo.patch b/backport-tests-lsfd-mkfds-alter-the-L4-ports-for-avo.patch new file mode 100644 index 0000000000000000000000000000000000000000..ca549cb9aa3c3c303569a8faf0621d915828840d --- /dev/null +++ b/backport-tests-lsfd-mkfds-alter-the-L4-ports-for-avo.patch @@ -0,0 +1,248 @@ +From a0015aa974410ab07de205d99bdcbb5eed8712d6 Mon Sep 17 00:00:00 2001 +From: zhangyao +Date: Thu, 3 Aug 2023 10:22:18 +0800 +Subject: [PATCH] + backport-tests-lsfd-mkfds-alter-the-L4-ports-for-avoiding-the-conflict-w + +--- + tests/expected/lsfd/mkfds-tcp | 6 +++--- + tests/expected/lsfd/mkfds-tcp6 | 6 +++--- + tests/expected/lsfd/mkfds-udp | 20 ++++++++++---------- + tests/expected/lsfd/mkfds-udp6 | 20 ++++++++++---------- + tests/ts/lsfd/mkfds-tcp | 4 ++-- + tests/ts/lsfd/mkfds-tcp6 | 4 ++-- + tests/ts/lsfd/mkfds-udp | 16 ++++++++-------- + tests/ts/lsfd/mkfds-udp6 | 16 ++++++++-------- + 8 files changed, 46 insertions(+), 46 deletions(-) + +diff --git a/tests/expected/lsfd/mkfds-tcp b/tests/expected/lsfd/mkfds-tcp +index dfec0ae..9aa0cc6 100644 +--- a/tests/expected/lsfd/mkfds-tcp ++++ b/tests/expected/lsfd/mkfds-tcp +@@ -1,4 +1,4 @@ +- 3 TCP SOCK state=listen laddr=127.0.0.1:34567 listen stream 1 127.0.0.1 0.0.0.0 127.0.0.1:34567 34567 0.0.0.0:0 0 +- 4 TCP SOCK state=established laddr=127.0.0.1:23456 raddr=127.0.0.1:34567 established stream 0 127.0.0.1 127.0.0.1 127.0.0.1:23456 23456 127.0.0.1:34567 34567 +- 5 TCP SOCK state=established laddr=127.0.0.1:34567 raddr=127.0.0.1:23456 established stream 0 127.0.0.1 127.0.0.1 127.0.0.1:34567 34567 127.0.0.1:23456 23456 ++ 3 TCP SOCK state=listen laddr=127.0.0.1:56789 listen stream 1 127.0.0.1 0.0.0.0 127.0.0.1:56789 56789 0.0.0.0:0 0 ++ 4 TCP SOCK state=established laddr=127.0.0.1:45678 raddr=127.0.0.1:56789 established stream 0 127.0.0.1 127.0.0.1 127.0.0.1:45678 45678 127.0.0.1:56789 56789 ++ 5 TCP SOCK state=established laddr=127.0.0.1:56789 raddr=127.0.0.1:45678 established stream 0 127.0.0.1 127.0.0.1 127.0.0.1:56789 56789 127.0.0.1:45678 45678 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,TCP.LADDR,TCP.LPORT,TCP.RADDR,TCP.RPORT: 0 +diff --git a/tests/expected/lsfd/mkfds-tcp6 b/tests/expected/lsfd/mkfds-tcp6 +index 26b6039..ccd47c4 100644 +--- a/tests/expected/lsfd/mkfds-tcp6 ++++ b/tests/expected/lsfd/mkfds-tcp6 +@@ -1,4 +1,4 @@ +- 3 TCPv6 SOCK state=listen laddr=[::1]:34567 listen stream 1 ::1 :: [::1]:34567 34567 [::]:0 0 +- 4 TCPv6 SOCK state=established laddr=[::1]:23456 raddr=[::1]:34567 established stream 0 ::1 ::1 [::1]:23456 23456 [::1]:34567 34567 +- 5 TCPv6 SOCK state=established laddr=[::1]:34567 raddr=[::1]:23456 established stream 0 ::1 ::1 [::1]:34567 34567 [::1]:23456 23456 ++ 3 TCPv6 SOCK state=listen laddr=[::1]:56789 listen stream 1 ::1 :: [::1]:56789 56789 [::]:0 0 ++ 4 TCPv6 SOCK state=established laddr=[::1]:45678 raddr=[::1]:56789 established stream 0 ::1 ::1 [::1]:45678 45678 [::1]:56789 56789 ++ 5 TCPv6 SOCK state=established laddr=[::1]:56789 raddr=[::1]:45678 established stream 0 ::1 ::1 [::1]:56789 56789 [::1]:45678 45678 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,TCP.LADDR,TCP.LPORT,TCP.RADDR,TCP.RPORT: 0 +diff --git a/tests/expected/lsfd/mkfds-udp b/tests/expected/lsfd/mkfds-udp +index 58ce260..e3c44f1 100644 +--- a/tests/expected/lsfd/mkfds-udp ++++ b/tests/expected/lsfd/mkfds-udp +@@ -1,24 +1,24 @@ +- 3 UDP SOCK state=close laddr=127.0.0.1:34567 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:34567 34567 0.0.0.0:0 0 +- 4 UDP SOCK state=established laddr=127.0.0.1:23456 raddr=127.0.0.1:34567 established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:23456 23456 127.0.0.1:34567 34567 ++ 3 UDP SOCK state=close laddr=127.0.0.1:56789 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:56789 56789 0.0.0.0:0 0 ++ 4 UDP SOCK state=established laddr=127.0.0.1:45678 raddr=127.0.0.1:56789 established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:45678 45678 127.0.0.1:56789 56789 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDP.LADDR,UDP.LPORT,UDP.RADDR,UDP.RPORT: 0 + 3 UDP SOCK 0 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDP.LADDR,UDP.LPORT,UDP.RADDR,UDP.RPORT: 0 + NAME pattern match: OK +- 4 UDP SOCK established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:34567 34567 ++ 4 UDP SOCK established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:56789 56789 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDP.RADDR,UDP.RPORT: 0 + LADDR/LPORT pattern match: OK +- 3 UDP SOCK state=close laddr=127.0.0.1:34567 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:34567 34567 0.0.0.0:0 0 +- 4 UDP SOCK state=close laddr=127.0.0.1:23456 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:23456 23456 0.0.0.0:0 0 ++ 3 UDP SOCK state=close laddr=127.0.0.1:56789 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:56789 56789 0.0.0.0:0 0 ++ 4 UDP SOCK state=close laddr=127.0.0.1:45678 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:45678 45678 0.0.0.0:0 0 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDP.LADDR,UDP.LPORT,UDP.RADDR,UDP.RPORT: 0 +- 3 UDP-Lite SOCK state=close laddr=127.0.0.1:34567 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:34567 34567 0.0.0.0:0 0 +- 4 UDP-Lite SOCK state=established laddr=127.0.0.1:23456 raddr=127.0.0.1:34567 established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:23456 23456 127.0.0.1:34567 34567 ++ 3 UDP-Lite SOCK state=close laddr=127.0.0.1:56789 close dgram 0 127.0.0.1 0.0.0.0 127.0.0.1:56789 56789 0.0.0.0:0 0 ++ 4 UDP-Lite SOCK state=established laddr=127.0.0.1:45678 raddr=127.0.0.1:56789 established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:45678 45678 127.0.0.1:56789 56789 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDPLite.LADDR,UDPLite.LPORT,UDPLite.RADDR,UDPLite.RPORT: 0 + 3 UDP-Lite SOCK 0 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDPLite.LADDR,UDPLite.LPORT,UDPLite.RADDR,UDPLite.RPORT: 0 + NAME pattern match: OK +- 4 UDP-Lite SOCK established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:34567 34567 ++ 4 UDP-Lite SOCK established dgram 0 127.0.0.1 127.0.0.1 127.0.0.1:56789 56789 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDPLite.RADDR,UDPLite.RPORT: 0 + LADDR/LPORT pattern match: OK +- 3 UDP-Lite SOCK state=close laddr=127.0.0.1:34567 close dgram 0 127.0.0.1 0.0.0.0 +- 4 UDP-Lite SOCK state=close laddr=127.0.0.1:23456 close dgram 0 127.0.0.1 0.0.0.0 ++ 3 UDP-Lite SOCK state=close laddr=127.0.0.1:56789 close dgram 0 127.0.0.1 0.0.0.0 ++ 4 UDP-Lite SOCK state=close laddr=127.0.0.1:45678 close dgram 0 127.0.0.1 0.0.0.0 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,UDP.LADDR,UDP.LPORT,UDP.RADDR,UDP.RPORT: 0 +diff --git a/tests/expected/lsfd/mkfds-udp6 b/tests/expected/lsfd/mkfds-udp6 +index e29797b..0e45b36 100644 +--- a/tests/expected/lsfd/mkfds-udp6 ++++ b/tests/expected/lsfd/mkfds-udp6 +@@ -1,24 +1,24 @@ +- 3 UDPv6 SOCK state=close laddr=[::1]:34567 close dgram 0 ::1 :: [::1]:34567 34567 [::]:0 0 +- 4 UDPv6 SOCK state=established laddr=[::1]:23456 raddr=[::1]:34567 established dgram 0 ::1 ::1 [::1]:23456 23456 [::1]:34567 34567 ++ 3 UDPv6 SOCK state=close laddr=[::1]:56789 close dgram 0 ::1 :: [::1]:56789 56789 [::]:0 0 ++ 4 UDPv6 SOCK state=established laddr=[::1]:45678 raddr=[::1]:56789 established dgram 0 ::1 ::1 [::1]:45678 45678 [::1]:56789 56789 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDP.LADDR,UDP.LPORT,UDP.RADDR,UDP.RPORT: 0 + 3 UDPv6 SOCK 0 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDP.LADDR,UDP.LPORT,UDP.RADDR,UDP.RPORT: 0 + NAME pattern match: OK +- 4 UDPv6 SOCK established dgram 0 ::1 ::1 [::1]:34567 34567 ++ 4 UDPv6 SOCK established dgram 0 ::1 ::1 [::1]:56789 56789 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDP.RADDR,UDP.RPORT: 0 + LADDR/LPORT pattern match: OK +- 3 UDPv6 SOCK state=close laddr=[::1]:34567 close dgram 0 ::1 :: [::1]:34567 34567 [::]:0 0 +- 4 UDPv6 SOCK state=close laddr=[::1]:23456 close dgram 0 ::1 :: [::1]:23456 23456 [::]:0 0 ++ 3 UDPv6 SOCK state=close laddr=[::1]:56789 close dgram 0 ::1 :: [::1]:56789 56789 [::]:0 0 ++ 4 UDPv6 SOCK state=close laddr=[::1]:45678 close dgram 0 ::1 :: [::1]:45678 45678 [::]:0 0 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDP.LADDR,UDP.LPORT,UDP.RADDR,UDP.RPORT: 0 +- 3 UDPLITEv6 SOCK state=close laddr=[::1]:34567 close dgram 0 ::1 :: [::1]:34567 34567 [::]:0 0 +- 4 UDPLITEv6 SOCK state=established laddr=[::1]:23456 raddr=[::1]:34567 established dgram 0 ::1 ::1 [::1]:23456 23456 [::1]:34567 34567 ++ 3 UDPLITEv6 SOCK state=close laddr=[::1]:56789 close dgram 0 ::1 :: [::1]:56789 56789 [::]:0 0 ++ 4 UDPLITEv6 SOCK state=established laddr=[::1]:45678 raddr=[::1]:56789 established dgram 0 ::1 ::1 [::1]:45678 45678 [::1]:56789 56789 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDPLite.LADDR,UDPLite.LPORT,UDPLite.RADDR,UDPLite.RPORT: 0 + 3 UDPLITEv6 SOCK 0 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDPLite.LADDR,UDPLite.LPORT,UDPLite.RADDR,UDPLite.RPORT: 0 + NAME pattern match: OK +- 4 UDPLITEv6 SOCK established dgram 0 ::1 ::1 [::1]:34567 34567 ++ 4 UDPLITEv6 SOCK established dgram 0 ::1 ::1 [::1]:56789 56789 + ASSOC,TYPE,STTYPE,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDPLite.RADDR,UDPLite.RPORT: 0 + LADDR/LPORT pattern match: OK +- 3 UDPLITEv6 SOCK state=close laddr=[::1]:34567 close dgram 0 ::1 :: [::1]:34567 34567 [::]:0 0 +- 4 UDPLITEv6 SOCK state=close laddr=[::1]:23456 close dgram 0 ::1 :: [::1]:23456 23456 [::]:0 0 ++ 3 UDPLITEv6 SOCK state=close laddr=[::1]:56789 close dgram 0 ::1 :: [::1]:56789 56789 [::]:0 0 ++ 4 UDPLITEv6 SOCK state=close laddr=[::1]:45678 close dgram 0 ::1 :: [::1]:45678 45678 [::]:0 0 + ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,UDPLite.LADDR,UDPLite.LPORT,UDPLite.RADDR,UDPLite.RPORT: 0 +diff --git a/tests/ts/lsfd/mkfds-tcp b/tests/ts/lsfd/mkfds-tcp +index e531a7b..e1ebbec 100755 +--- a/tests/ts/lsfd/mkfds-tcp ++++ b/tests/ts/lsfd/mkfds-tcp +@@ -34,8 +34,8 @@ EXPR='(TYPE == "TCP") and (FD >= 3) and (FD <= 5)' + + { + coproc MKFDS { "$TS_HELPER_MKFDS" tcp $FDS $FDC $FDA \ +- server-port=34567 \ +- client-port=23456 ; } ++ server-port=56789 \ ++ client-port=45678 ; } + if read -r -u "${MKFDS[0]}" PID; then + ${TS_CMD_LSFD} -n \ + -o ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET.LADDR,INET.RADDR,TCP.LADDR,TCP.LPORT,TCP.RADDR,TCP.RPORT \ +diff --git a/tests/ts/lsfd/mkfds-tcp6 b/tests/ts/lsfd/mkfds-tcp6 +index 5f196da..0dd2426 100755 +--- a/tests/ts/lsfd/mkfds-tcp6 ++++ b/tests/ts/lsfd/mkfds-tcp6 +@@ -34,8 +34,8 @@ EXPR='(TYPE == "TCPv6") and (FD >= 3) and (FD <= 5)' + + { + coproc MKFDS { "$TS_HELPER_MKFDS" tcp6 $FDS $FDC $FDA \ +- server-port=34567 \ +- client-port=23456 ; } ++ server-port=56789 \ ++ client-port=45678 ; } + if read -r -u "${MKFDS[0]}" PID; then + ${TS_CMD_LSFD} -n \ + -o ASSOC,TYPE,STTYPE,NAME,SOCK.STATE,SOCK.TYPE,SOCK.LISTENING,INET6.LADDR,INET6.RADDR,TCP.LADDR,TCP.LPORT,TCP.RADDR,TCP.RPORT \ +diff --git a/tests/ts/lsfd/mkfds-udp b/tests/ts/lsfd/mkfds-udp +index e6e1f1c..f202100 100755 +--- a/tests/ts/lsfd/mkfds-udp ++++ b/tests/ts/lsfd/mkfds-udp +@@ -51,8 +51,8 @@ LPORT= + + for lite in 0 1; do + coproc MKFDS { "$TS_HELPER_MKFDS" udp $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then + ${TS_CMD_LSFD} -n \ +@@ -65,8 +65,8 @@ for lite in 0 1; do + wait "${MKFDS_PID}" + + coproc MKFDS { "$TS_HELPER_MKFDS" udp $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + server-do-bind=no \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then +@@ -90,8 +90,8 @@ for lite in 0 1; do + wait "${MKFDS_PID}" + + coproc MKFDS { "$TS_HELPER_MKFDS" udp $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + client-do-bind=no \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then +@@ -120,8 +120,8 @@ for lite in 0 1; do + wait "${MKFDS_PID}" + + coproc MKFDS { "$TS_HELPER_MKFDS" udp $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + client-do-connect=no \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then +diff --git a/tests/ts/lsfd/mkfds-udp6 b/tests/ts/lsfd/mkfds-udp6 +index cd8dc00..d726076 100755 +--- a/tests/ts/lsfd/mkfds-udp6 ++++ b/tests/ts/lsfd/mkfds-udp6 +@@ -51,8 +51,8 @@ LPORT= + + for lite in 0 1; do + coproc MKFDS { "$TS_HELPER_MKFDS" udp6 $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then + ${TS_CMD_LSFD} -n \ +@@ -65,8 +65,8 @@ for lite in 0 1; do + wait "${MKFDS_PID}" + + coproc MKFDS { "$TS_HELPER_MKFDS" udp6 $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + server-do-bind=no \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then +@@ -90,8 +90,8 @@ for lite in 0 1; do + wait "${MKFDS_PID}" + + coproc MKFDS { "$TS_HELPER_MKFDS" udp6 $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + client-do-bind=no \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then +@@ -120,8 +120,8 @@ for lite in 0 1; do + wait "${MKFDS_PID}" + + coproc MKFDS { "$TS_HELPER_MKFDS" udp6 $FDS $FDC \ +- server-port=34567 \ +- client-port=23456 \ ++ server-port=56789 \ ++ client-port=45678 \ + client-do-connect=no \ + lite=$lite; } + if read -r -u "${MKFDS[0]}" PID; then +-- +2.33.0 + diff --git a/backport-tests-test_mkfds-netlink-pass-a-correct-file-descrip.patch b/backport-tests-test_mkfds-netlink-pass-a-correct-file-descrip.patch new file mode 100644 index 0000000000000000000000000000000000000000..9942d456e6c1a4c65fb6dad20cbc40af51bf58bb --- /dev/null +++ b/backport-tests-test_mkfds-netlink-pass-a-correct-file-descrip.patch @@ -0,0 +1,30 @@ +From acdba9c454506cdd29ac400df3f72bde4c74647d Mon Sep 17 00:00:00 2001 +From: Masatake YAMATO +Date: Wed, 3 Apr 2024 00:01:27 +0900 +Subject: [PATCH] tests: (test_mkfds::netlink) pass a correct file descriptor + to bind(2) + +Close #2901 + +The original code passed a closed file descriptor to bind(2). + +Signed-off-by: Masatake YAMATO +--- + tests/helpers/test_mkfds.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tests/helpers/test_mkfds.c b/tests/helpers/test_mkfds.c +index dd0a128a8..28ed3bffc 100644 +--- a/tests/helpers/test_mkfds.c ++++ b/tests/helpers/test_mkfds.c +@@ -2293,6 +2293,7 @@ static void *make_netlink(const struct factory *factory, struct fdesc fdescs[], + err(EXIT_FAILURE, "failed to dup %d -> %d", sd, fdescs[0].fd); + } + close(sd); ++ sd = fdescs[0].fd; + } + + struct sockaddr_nl nl; +-- +2.33.0 + diff --git a/backport-unshare-Move-implementation-of-keep-caps-option-to-l.patch b/backport-unshare-Move-implementation-of-keep-caps-option-to-l.patch new file mode 100644 index 0000000000000000000000000000000000000000..4ce6ad49bee53457557b3c0436480ffac7cba6f8 --- /dev/null +++ b/backport-unshare-Move-implementation-of-keep-caps-option-to-l.patch @@ -0,0 +1,136 @@ +From acb72212eb41ca862b8bc29b0106a46a83297fcb Mon Sep 17 00:00:00 2001 +From: David Gibson +Date: Wed, 29 Mar 2023 13:36:15 +1100 +Subject: [PATCH] unshare: Move implementation of --keep-caps option to library + function + +unshare.c open codes some logic to copy the permitted capability set to the +ambient set in order to implement the --keep-caps option. Move this logic +to lib/caputils.c so that we can reuse it in nsenter. + +Signed-off-by: David Gibson +--- + include/caputils.h | 2 ++ + lib/caputils.c | 38 ++++++++++++++++++++++++++++++++++++++ + sys-utils/unshare.c | 38 ++------------------------------------ + 3 files changed, 42 insertions(+), 36 deletions(-) + +diff --git a/include/caputils.h b/include/caputils.h +index 852903a6e..8fc214e7f 100644 +--- a/include/caputils.h ++++ b/include/caputils.h +@@ -31,4 +31,6 @@ extern int capget(cap_user_header_t header, const cap_user_data_t data); + + extern int cap_last_cap(void); + ++extern void cap_permitted_to_ambient(void); ++ + #endif /* CAPUTILS_H */ +diff --git a/lib/caputils.c b/lib/caputils.c +index 987533a34..3041c3078 100644 +--- a/lib/caputils.c ++++ b/lib/caputils.c +@@ -24,6 +24,7 @@ + #include "caputils.h" + #include "pathnames.h" + #include "procfs.h" ++#include "nls.h" + + static int test_cap(unsigned int cap) + { +@@ -87,6 +88,43 @@ int cap_last_cap(void) + return cap; + } + ++void cap_permitted_to_ambient(void) ++{ ++ /* We use capabilities system calls to propagate the permitted ++ * capabilities into the ambient set because we may have ++ * already forked so be in async-signal-safe context. */ ++ struct __user_cap_header_struct header = { ++ .version = _LINUX_CAPABILITY_VERSION_3, ++ .pid = 0, ++ }; ++ struct __user_cap_data_struct payload[_LINUX_CAPABILITY_U32S_3] = {{ 0 }}; ++ uint64_t effective, cap; ++ ++ if (capget(&header, payload) < 0) ++ err(EXIT_FAILURE, _("capget failed")); ++ ++ /* In order the make capabilities ambient, we first need to ensure ++ * that they are all inheritable. */ ++ payload[0].inheritable = payload[0].permitted; ++ payload[1].inheritable = payload[1].permitted; ++ ++ if (capset(&header, payload) < 0) ++ err(EXIT_FAILURE, _("capset failed")); ++ ++ effective = ((uint64_t)payload[1].effective << 32) | (uint64_t)payload[0].effective; ++ ++ for (cap = 0; cap < (sizeof(effective) * 8); cap++) { ++ /* This is the same check as cap_valid(), but using ++ * the runtime value for the last valid cap. */ ++ if (cap > (uint64_t) cap_last_cap()) ++ continue; ++ ++ if ((effective & (1 << cap)) ++ && prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0) < 0) ++ err(EXIT_FAILURE, _("prctl(PR_CAP_AMBIENT) failed")); ++ } ++} ++ + #ifdef TEST_PROGRAM_CAPUTILS + int main(int argc, char *argv[]) + { +diff --git a/sys-utils/unshare.c b/sys-utils/unshare.c +index 2aa239eff..13aefa96c 100644 +--- a/sys-utils/unshare.c ++++ b/sys-utils/unshare.c +@@ -1089,42 +1089,8 @@ int main(int argc, char *argv[]) + if (force_uid && setuid(uid) < 0) /* change UID */ + err(EXIT_FAILURE, _("setuid failed")); + +- /* We use capabilities system calls to propagate the permitted +- * capabilities into the ambient set because we have already +- * forked so are in async-signal-safe context. */ +- if (keepcaps && (unshare_flags & CLONE_NEWUSER)) { +- struct __user_cap_header_struct header = { +- .version = _LINUX_CAPABILITY_VERSION_3, +- .pid = 0, +- }; +- +- struct __user_cap_data_struct payload[_LINUX_CAPABILITY_U32S_3] = {{ 0 }}; +- uint64_t effective, cap; +- +- if (capget(&header, payload) < 0) +- err(EXIT_FAILURE, _("capget failed")); +- +- /* In order the make capabilities ambient, we first need to ensure +- * that they are all inheritable. */ +- payload[0].inheritable = payload[0].permitted; +- payload[1].inheritable = payload[1].permitted; +- +- if (capset(&header, payload) < 0) +- err(EXIT_FAILURE, _("capset failed")); +- +- effective = ((uint64_t)payload[1].effective << 32) | (uint64_t)payload[0].effective; +- +- for (cap = 0; cap < (sizeof(effective) * 8); cap++) { +- /* This is the same check as cap_valid(), but using +- * the runtime value for the last valid cap. */ +- if (cap > (uint64_t) cap_last_cap()) +- continue; +- +- if ((effective & (1 << cap)) +- && prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0) < 0) +- err(EXIT_FAILURE, _("prctl(PR_CAP_AMBIENT) failed")); +- } +- } ++ if (keepcaps && (unshare_flags & CLONE_NEWUSER)) ++ cap_permitted_to_ambient(); + + if (optind < argc) { + execvp(argv[optind], argv + optind); +-- +2.33.0 + diff --git a/backport-wall-fix-calloc-cal-Werror-calloc-transposed-args.patch b/backport-wall-fix-calloc-cal-Werror-calloc-transposed-args.patch new file mode 100644 index 0000000000000000000000000000000000000000..84f2e2ee8355d6e2ecc59853cbd630f7b2336ea8 --- /dev/null +++ b/backport-wall-fix-calloc-cal-Werror-calloc-transposed-args.patch @@ -0,0 +1,33 @@ +From 07f0f0f5bd1e5e2268257ae1ff6d76a9b6c6ea8b Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 17 Jan 2024 12:37:08 +0100 +Subject: [PATCH] wall: fix calloc cal [-Werror=calloc-transposed-args] + +term-utils/wall.c:143:37: error: xcalloc sizes specified with sizeof in the earlier argument and not in the later argument [-Werror=calloc-transposed-args] + 143 | buf->groups = xcalloc(sizeof(*buf->groups), buf->ngroups); + | ^ +term-utils/wall.c:143:37: note: earlier argument should specify number of elements, later size of each element + +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/07f0f0f5bd1e5e2268257ae1ff6d76a9b6c6ea8b +Conflict:NA +--- + term-utils/wall.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/term-utils/wall.c b/term-utils/wall.c +index a3fe7d29a..f894a32f8 100644 +--- a/term-utils/wall.c ++++ b/term-utils/wall.c +@@ -140,7 +140,7 @@ static struct group_workspace *init_group_workspace(const char *group) + + buf->requested_group = get_group_gid(group); + buf->ngroups = sysconf(_SC_NGROUPS_MAX) + 1; /* room for the primary gid */ +- buf->groups = xcalloc(sizeof(*buf->groups), buf->ngroups); ++ buf->groups = xcalloc(buf->ngroups, sizeof(*buf->groups)); + + return buf; + } +-- +2.33.0 + diff --git a/backport-wall-fix-possible-memory-leak.patch b/backport-wall-fix-possible-memory-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..23914306fa5a58f5253018f103c7347530153846 --- /dev/null +++ b/backport-wall-fix-possible-memory-leak.patch @@ -0,0 +1,38 @@ +From 828f6506b488a67d26ea8b7c50042a505c450b79 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 29 Apr 2024 15:25:58 +0200 +Subject: [PATCH] wall: fix possible memory leak + +Signed-off-by: Karel Zak +--- + term-utils/wall.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/term-utils/wall.c b/term-utils/wall.c +index 1e7e9ab..cc39bdc 100644 +--- a/term-utils/wall.c ++++ b/term-utils/wall.c +@@ -284,10 +284,10 @@ static char *makemsg(char *fname, char **mvec, int mvecsz, + + if (print_banner == TRUE) { + char *hostname = xgethostname(); +- char *whom, *where, date[CTIME_BUFSIZ]; ++ char *whombuf, *whom, *where, date[CTIME_BUFSIZ]; + time_t now; + +- whom = xgetlogin(); ++ whombuf = whom = xgetlogin(); + if (!whom) { + whom = ""; + warn(_("cannot get passwd uid")); +@@ -318,6 +318,7 @@ static char *makemsg(char *fname, char **mvec, int mvecsz, + whom, hostname, where, date); + fprintf(fs, "%-*.*s\007\007\r\n", TERM_WIDTH, TERM_WIDTH, lbuf); + free(hostname); ++ free(whombuf); + } + fprintf(fs, "%*s\r\n", TERM_WIDTH, " "); + +-- +2.43.0 + diff --git a/backport-wall-make-sure-unsigned-variable-not-underflow.patch b/backport-wall-make-sure-unsigned-variable-not-underflow.patch new file mode 100644 index 0000000000000000000000000000000000000000..44797e1761789eb8bfe89f7b8ebcc05816e9c2c4 --- /dev/null +++ b/backport-wall-make-sure-unsigned-variable-not-underflow.patch @@ -0,0 +1,28 @@ +From 1658c0150e4a3d87d1e36b7755de0079e2e6a133 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 29 Apr 2024 14:55:16 +0200 +Subject: [PATCH] wall: make sure unsigned variable not underflow + +Signed-off-by: Karel Zak +Reference:https://github.com/util-linux/util-linux/commit/1658c0150e4a3d87d1e36b7755de0079e2e6a133 +Conflict:NA +--- + term-utils/ttymsg.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/term-utils/ttymsg.c b/term-utils/ttymsg.c +index faa0344fe..ef7e35899 100644 +--- a/term-utils/ttymsg.c ++++ b/term-utils/ttymsg.c +@@ -123,7 +123,7 @@ ttymsg(struct iovec *iov, size_t iovcnt, char *line, int tmout) { + iovcnt * sizeof(struct iovec)); + iov = localiov; + } +- for (cnt = 0; wret >= (ssize_t) iov->iov_len; ++cnt) { ++ for (cnt = 0; wret >= (ssize_t) iov->iov_len && iovcnt > 0; ++cnt) { + wret -= iov->iov_len; + ++iov; + --iovcnt; +-- +2.33.0 + diff --git a/op b/op new file mode 100644 index 0000000000000000000000000000000000000000..69157c8ed40436310b3bed03223f9ffe9e5e2144 --- /dev/null +++ b/op @@ -0,0 +1,27 @@ + origin/HEAD -> origin/master + origin/master + origin/openEuler-20.03-LTS + origin/openEuler-20.03-LTS-Next + origin/openEuler-20.03-LTS-SP1 + origin/openEuler-20.03-LTS-SP2 + origin/openEuler-20.03-LTS-SP3 + origin/openEuler-20.03-LTS-SP4 + origin/openEuler-20.09 + origin/openEuler-21.03 + origin/openEuler-21.09 + origin/openEuler-22.03-LTS + origin/openEuler-22.03-LTS-Next + origin/openEuler-22.03-LTS-SP1 + origin/openEuler-22.03-LTS-SP2 + origin/openEuler-22.03-LTS-SP3 + origin/openEuler-22.03-LTS-SP4 + origin/openEuler-22.09 + origin/openEuler-23.03 + origin/openEuler-23.09 + origin/openEuler-24.03-LTS + origin/openEuler-24.03-LTS-Next + origin/openEuler-24.03-LTS-SP1 + origin/openEuler-24.09 + origin/openEuler-25.03 + origin/openEuler1.0 + origin/openEuler1.0-base diff --git a/sfdisk-fix-crash-casued-by-out-of-bounds-access.patch b/sfdisk-fix-crash-casued-by-out-of-bounds-access.patch new file mode 100644 index 0000000000000000000000000000000000000000..98329644df365ba36772eedd6d9da166aa4ee432 --- /dev/null +++ b/sfdisk-fix-crash-casued-by-out-of-bounds-access.patch @@ -0,0 +1,25 @@ +From 0b91a6d77bfc88374558f6931020cec7475f24ed Mon Sep 17 00:00:00 2001 +From: biubiuzy <294772273@qq.com> +Date: Sat, 11 May 2024 10:33:48 +0800 +Subject: [PATCH] sfdisk: fix crash casued by out-of-bounds access + +--- + po/zh_CN.po | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/po/zh_CN.po b/po/zh_CN.po +index 121dc40..fe02dd8 100644 +--- a/po/zh_CN.po ++++ b/po/zh_CN.po +@@ -4593,7 +4593,7 @@ msgid "" + "Type 'help' to get more information.\n" + msgstr "" + "\n" +-"请执行“%s --help”了解更多信息。\n" ++"请执行“help”了解更多信息。\n" + + #: disk-utils/sfdisk.c:1875 + msgid "All partitions used." +-- +2.33.0 + diff --git a/util-linux-2.36.1.tar.xz b/util-linux-2.39.1.tar.xz similarity index 36% rename from util-linux-2.36.1.tar.xz rename to util-linux-2.39.1.tar.xz index 8d9ace96a01380b4dd9e487ab3cbca2a656c8fe8..28bcec434c5889ce2bef190225feb2eb4817b767 100644 Binary files a/util-linux-2.36.1.tar.xz and b/util-linux-2.39.1.tar.xz differ diff --git a/util-linux-Add-sw64-architecture.patch b/util-linux-Add-sw64-architecture.patch new file mode 100644 index 0000000000000000000000000000000000000000..33a6c77b7c300b93c9d9ffa771bff78c8ac41caf --- /dev/null +++ b/util-linux-Add-sw64-architecture.patch @@ -0,0 +1,326 @@ +From f59cfb87a948b2fb9c18ab059b74b9141419643a Mon Sep 17 00:00:00 2001 +From: wzx +Date: Wed, 26 Oct 2022 09:53:14 +0800 +Subject: [PATCH] Add sw64 architecture + +Signed-off-by: wzx +--- + configure | 2 ++ + configure.ac | 2 ++ + include/pt-bsd.h | 4 ++-- + libblkid/src/partitions/bsd.c | 1 + + libfdisk/src/bsd.c | 16 ++++++++-------- + sys-utils/hwclock-rtc.c | 2 +- + sys-utils/hwclock.c | 12 ++++++------ + sys-utils/hwclock.h | 6 +++--- + sys-utils/lscpu-cputype.c | 2 +- + sys-utils/setarch.c | 4 ++++ + tests/ts/fdisk/bsd | 5 ++++- + 11 files changed, 34 insertions(+), 22 deletions(-) + +diff --git a/configure b/configure +index 0671c06..6bd1f57 100755 +--- a/configure ++++ b/configure +@@ -39881,6 +39881,7 @@ else $as_nop + case $host_cpu in + #( + alpha) syscall="442" ;; #( ++ sw_64) syscall="442" ;; #( + i*86) syscall="289" ;; #( + ia64*) syscall="1274" ;; #( + powerpc*) syscall="273" ;; #( +@@ -39986,6 +39987,7 @@ else $as_nop + case $host_cpu in + #( + alpha) syscall="443" ;; #( ++ sw_64) syscall="443" ;; #( + i*86) syscall="290" ;; #( + ia64*) syscall="1275" ;; #( + powerpc*) syscall="274" ;; #( +diff --git a/configure.ac b/configure.ac +index 2cb236f..d9d8691 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2392,6 +2392,7 @@ UL_BUILD_INIT([ionice]) + UL_REQUIRES_SYSCALL_CHECK([ionice], + [UL_CHECK_SYSCALL([ioprio_set], + [alpha], [442], ++ [sw_64], [442], + [i*86], [289], + [ia64*], [1274], + [powerpc*], [273], +@@ -2404,6 +2405,7 @@ UL_REQUIRES_SYSCALL_CHECK([ionice], + UL_REQUIRES_SYSCALL_CHECK([ionice], + [UL_CHECK_SYSCALL([ioprio_get], + [alpha], [443], ++ [sw_64], [443], + [i*86], [290], + [ia64*], [1275], + [powerpc*], [274], +diff --git a/include/pt-bsd.h b/include/pt-bsd.h +index 20c24b7..b878258 100644 +--- a/include/pt-bsd.h ++++ b/include/pt-bsd.h +@@ -14,7 +14,7 @@ + + #define BSD_LINUX_BOOTDIR "/usr/ucb/mdec" + +-#if defined (__alpha__) || defined (__powerpc__) || \ ++#if defined (__alpha__) || defined (__sw_64__) || defined (__powerpc__) || \ + defined (__ia64__) || defined (__hppa__) + # define BSD_LABELSECTOR 0 + # define BSD_LABELOFFSET 64 +@@ -141,7 +141,7 @@ struct bsd_disklabel { + #define BSD_FS_ADVFS 16 /* Digital Unix AdvFS */ + + /* this is annoying, but it's also the way it is :-( */ +-#ifdef __alpha__ ++#if defined __alpha__ || defined __sw_64__ + #define BSD_FS_EXT2 8 /* ext2 file system */ + #else + #define BSD_FS_MSDOS 8 /* MS-DOS file system */ +diff --git a/libblkid/src/partitions/bsd.c b/libblkid/src/partitions/bsd.c +index ba12019..e7e4486 100644 +--- a/libblkid/src/partitions/bsd.c ++++ b/libblkid/src/partitions/bsd.c +@@ -183,6 +183,7 @@ nothing: + * ------------------------+-------------+------------ + * alpha luna88k mac68k | 0 | 64 + * sparc(OpenBSD) vax | | ++ * sw_64 | | + * ------------------------+-------------+------------ + * sparc64 sparc(NetBSD) | 0 | 128 + * ------------------------+-------------+------------ +diff --git a/libfdisk/src/bsd.c b/libfdisk/src/bsd.c +index 313ae5a..875fa11 100644 +--- a/libfdisk/src/bsd.c ++++ b/libfdisk/src/bsd.c +@@ -55,7 +55,7 @@ static struct fdisk_parttype bsd_fstypes[] = { + {BSD_FS_V71K, "4.1BSD"}, + {BSD_FS_V8, "Eighth Edition"}, + {BSD_FS_BSDFFS, "4.2BSD"}, +-#ifdef __alpha__ ++#if defined __alpha__ || defined __sw_64__ + {BSD_FS_EXT2, "ext2"}, + #else + {BSD_FS_MSDOS, "MS-DOS"}, +@@ -80,7 +80,7 @@ struct fdisk_bsd_label { + + struct dos_partition *dos_part; /* parent */ + struct bsd_disklabel bsd; /* on disk label */ +-#if defined (__alpha__) ++#if defined (__alpha__) || defined (__sw_64__) + /* We access this through a u_int64_t * when checksumming */ + char bsdbuffer[BSD_BBSIZE] __attribute__((aligned(8))); + #else +@@ -120,7 +120,7 @@ static struct fdisk_parttype *bsd_partition_parttype( + } + + +-#if defined (__alpha__) ++#if defined (__alpha__) || defined (__sw_64__) + static void alpha_bootblock_checksum (char *boot) + { + uint64_t *dp = (uint64_t *) boot, sum = 0; +@@ -606,7 +606,7 @@ int fdisk_bsd_edit_disklabel(struct fdisk_context *cxt) + struct bsd_disklabel *d = self_disklabel(cxt); + uintmax_t res; + +-#if defined (__alpha__) || defined (__ia64__) ++#if defined (__alpha__) || defined (__sw_64__) || defined (__ia64__) + if (fdisk_ask_number(cxt, DEFAULT_SECTOR_SIZE, d->d_secsize, + UINT32_MAX, _("bytes/sector"), &res) == 0) + d->d_secsize = res; +@@ -712,7 +712,7 @@ int fdisk_bsd_write_bootstrap(struct fdisk_context *cxt) + sector = 0; + if (l->dos_part) + sector = dos_partition_get_start(l->dos_part); +-#if defined (__alpha__) ++#if defined (__alpha__) || defined (__sw_64__) + alpha_bootblock_checksum(l->bsdbuffer); + #endif + if (lseek(cxt->dev_fd, (off_t) sector * DEFAULT_SECTOR_SIZE, SEEK_SET) == -1) { +@@ -769,7 +769,7 @@ static int bsd_initlabel (struct fdisk_context *cxt) + else + d -> d_type = BSD_DTYPE_ST506; + +-#if !defined (__alpha__) ++#if !defined (__alpha__) && !defined (__sw_64__) + d -> d_flags = BSD_D_DOSPART; + #else + d -> d_flags = 0; +@@ -893,7 +893,7 @@ static int bsd_write_disklabel(struct fdisk_context *cxt) + memmove(&l->bsdbuffer[BSD_LABELSECTOR * DEFAULT_SECTOR_SIZE + + BSD_LABELOFFSET], d, sizeof(*d)); + +-#if defined (__alpha__) && BSD_LABELSECTOR == 0 ++#if (defined (__alpha__) || defined (__sw_64__)) && BSD_LABELSECTOR == 0 + /* Write the checksum to the end of the first sector. */ + alpha_bootblock_checksum(l->bsdbuffer); + #endif +@@ -929,7 +929,7 @@ static int bsd_translate_fstype (int linux_type) + case 0x06: /* DOS 16-bit >=32M */ + case 0xe1: /* DOS access */ + case 0xe3: /* DOS R/O */ +-#if !defined (__alpha__) ++#if !defined (__alpha__) && !defined (__sw_64__) + case 0xf2: /* DOS secondary */ + return BSD_FS_MSDOS; + #endif +diff --git a/sys-utils/hwclock-rtc.c b/sys-utils/hwclock-rtc.c +index 7094cd0..11adb81 100644 +--- a/sys-utils/hwclock-rtc.c ++++ b/sys-utils/hwclock-rtc.c +@@ -340,7 +340,7 @@ const struct clock_ops *probe_for_rtc_clock(const struct hwclock_control *ctl) + return &rtc_interface; + } + +-#ifdef __alpha__ ++#if defined __alpha__ || defined __sw_64__ + /* + * Get the Hardware Clock epoch setting from the kernel. + */ +diff --git a/sys-utils/hwclock.c b/sys-utils/hwclock.c +index 2a18443..87228b5 100644 +--- a/sys-utils/hwclock.c ++++ b/sys-utils/hwclock.c +@@ -1133,7 +1133,7 @@ manipulate_clock(const struct hwclock_control *ctl, const time_t set_time, + * Get or set the kernel RTC driver's epoch on Alpha machines. + * ISA machines are hard coded for 1900. + */ +-#if defined(__linux__) && defined(__alpha__) ++#if defined(__linux__) && (defined(__alpha__) || defined(__sw_64__)) + static void + manipulate_epoch(const struct hwclock_control *ctl) + { +@@ -1208,7 +1208,7 @@ usage(void) + puts(_(" -w, --systohc set the RTC from the system time")); + puts(_(" --systz send timescale configurations to the kernel")); + puts(_(" -a, --adjust adjust the RTC to account for systematic drift")); +-#if defined(__linux__) && defined(__alpha__) ++#if defined(__linux__) && (defined(__alpha__) || defined(__sw_64__)) + puts(_(" --getepoch display the RTC epoch")); + puts(_(" --setepoch set the RTC epoch according to --epoch")); + #endif +@@ -1228,7 +1228,7 @@ usage(void) + " --directisa use the ISA bus instead of %1$s access\n"), _PATH_RTC_DEV); + puts(_(" --date