diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2020-01-15 15:51:32 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2020-01-15 15:51:32 +0000 |
| commit | 21435953e16cda318a82334ddbadb3b5c36d9ea7 (patch) | |
| tree | e1810a4b135afce04b34862ef0fab2bfaeb8aeca /sys-apps/systemd/files | |
| parent | 7bc9c63c9da678a7e6fceb095d56c634afd22c56 (diff) | |
gentoo resync : 15.01.2020
Diffstat (limited to 'sys-apps/systemd/files')
| -rw-r--r-- | sys-apps/systemd/files/242-file-max.patch | 31 | ||||
| -rw-r--r-- | sys-apps/systemd/files/242-gcc-9.patch | 163 | ||||
| -rw-r--r-- | sys-apps/systemd/files/242-network-domains.patch | 57 | ||||
| -rw-r--r-- | sys-apps/systemd/files/242-networkd-ipv6-token.patch | 152 | ||||
| -rw-r--r-- | sys-apps/systemd/files/242-rdrand-ryzen.patch | 353 | ||||
| -rw-r--r-- | sys-apps/systemd/files/242-socket-util-flush-accept.patch | 46 | ||||
| -rw-r--r-- | sys-apps/systemd/files/242-wireguard-listenport.patch | 49 | ||||
| -rw-r--r-- | sys-apps/systemd/files/CVE-2019-15718.patch | 31 |
8 files changed, 0 insertions, 882 deletions
diff --git a/sys-apps/systemd/files/242-file-max.patch b/sys-apps/systemd/files/242-file-max.patch deleted file mode 100644 index 0a1fe950e298..000000000000 --- a/sys-apps/systemd/files/242-file-max.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 6e2f78948403a4cce45b9e34311c9577c624f066 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Mon, 17 Jun 2019 10:51:25 +0200 -Subject: [PATCH] core: set fs.file-max sysctl to LONG_MAX rather than - ULONG_MAX - -Since kernel 5.2 the kernel thankfully returns proper errors when we -write a value out of range to the sysctl. Which however breaks writing -ULONG_MAX to request the maximum value. Hence let's write the new -maximum value instead, LONG_MAX. ---- - src/core/main.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/core/main.c b/src/core/main.c -index b33ea1b5b52..e7f51815f07 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -1245,9 +1245,9 @@ static void bump_file_max_and_nr_open(void) { - #endif - - #if BUMP_PROC_SYS_FS_FILE_MAX -- /* I so wanted to use STRINGIFY(ULONG_MAX) here, but alas we can't as glibc/gcc define that as -- * "(0x7fffffffffffffffL * 2UL + 1UL)". Seriously. 😢 */ -- if (asprintf(&t, "%lu\n", ULONG_MAX) < 0) { -+ /* The maximum the kernel allows for this since 5.2 is LONG_MAX, use that. (Previously thing where -+ * different but the operation would fail silently.) */ -+ if (asprintf(&t, "%li\n", LONG_MAX) < 0) { - log_oom(); - return; - } diff --git a/sys-apps/systemd/files/242-gcc-9.patch b/sys-apps/systemd/files/242-gcc-9.patch deleted file mode 100644 index e9f690a65be5..000000000000 --- a/sys-apps/systemd/files/242-gcc-9.patch +++ /dev/null @@ -1,163 +0,0 @@ -From c98b3545008d8e984ab456dcf79787418fcbfe13 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> -Date: Tue, 7 May 2019 13:46:55 +0200 -Subject: [PATCH] network: remove redunant link name in message - -Fixes #12454. - -gcc was complaining that the link->ifname argument is NULL. Adding -assert(link->ifname) right before the call has no effect. It seems that -gcc is confused by the fact that log_link_warning_errno() internally -calls log_object(), with link->ifname passed as the object. log_object() -is also a macro and is does a check whether the passed object is NULL. -So we have a check if something is NULL right next an unconditional use -of it where it cannot be NULL. I think it's a bug in gcc. - -Anyway, we don't need to use link->ifname here. log_object() already prepends -the object name to the message. ---- - src/network/networkd-link.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c -index 533193ac932..6fc82940033 100644 ---- a/src/network/networkd-link.c -+++ b/src/network/networkd-link.c -@@ -338,8 +338,7 @@ static int link_enable_ipv6(Link *link) { - - r = sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "disable_ipv6", disabled); - if (r < 0) -- log_link_warning_errno(link, r, "Cannot %s IPv6 for interface %s: %m", -- enable_disable(!disabled), link->ifname); -+ log_link_warning_errno(link, r, "Cannot %s IPv6: %m", enable_disable(!disabled)); - else - log_link_info(link, "IPv6 successfully %sd", enable_disable(!disabled)); - -From bcb846f30f9ca8f42e79d109706aee9f2032261b Mon Sep 17 00:00:00 2001 -From: Mike Gilbert <floppym@gentoo.org> -Date: Wed, 22 May 2019 10:31:01 -0400 -Subject: [PATCH] shared/machine-image: avoid passing NULL to log_debug_errno - -Fixes: https://github.com/systemd/systemd/issues/12534 ---- - src/shared/machine-image.c | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) - -diff --git a/src/shared/machine-image.c b/src/shared/machine-image.c -index 6b9d8fb97a6..6a6d952b424 100644 ---- a/src/shared/machine-image.c -+++ b/src/shared/machine-image.c -@@ -201,11 +201,13 @@ static int image_make( - Image **ret) { - - _cleanup_free_ char *pretty_buffer = NULL; -+ _cleanup_free_ char *cwd = NULL; - struct stat stbuf; - bool read_only; - int r; - - assert(dfd >= 0 || dfd == AT_FDCWD); -+ assert(path || dfd == AT_FDCWD); - assert(filename); - - /* We explicitly *do* follow symlinks here, since we want to allow symlinking trees, raw files and block -@@ -221,6 +223,9 @@ static int image_make( - st = &stbuf; - } - -+ if (!path) -+ safe_getcwd(&cwd); -+ - read_only = - (path && path_startswith(path, "/usr")) || - (faccessat(dfd, filename, W_OK, AT_EACCESS) < 0 && errno == EROFS); -@@ -359,7 +364,7 @@ static int image_make( - - block_fd = openat(dfd, filename, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY); - if (block_fd < 0) -- log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path, filename); -+ log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path ?: strnull(cwd), filename); - else { - /* Refresh stat data after opening the node */ - if (fstat(block_fd, &stbuf) < 0) -@@ -373,13 +378,13 @@ static int image_make( - int state = 0; - - if (ioctl(block_fd, BLKROGET, &state) < 0) -- log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path, filename); -+ log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename); - else if (state) - read_only = true; - } - - if (ioctl(block_fd, BLKGETSIZE64, &size) < 0) -- log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path, filename); -+ log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename); - - block_fd = safe_close(block_fd); - } -From 2570578d908a8e010828fa1f88826b1c45d534ff Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Fri, 24 May 2019 10:54:09 +0200 -Subject: [PATCH] machine-image: openat() doesn't operate on the cwd if the - first argument is specified - -A fix-up for bcb846f30f9ca8f42e79d109706aee9f2032261b. ---- - src/shared/machine-image.c | 17 ++++++++++------- - 1 file changed, 10 insertions(+), 7 deletions(-) - -diff --git a/src/shared/machine-image.c b/src/shared/machine-image.c -index 6a6d952b424..55e5f08f91e 100644 ---- a/src/shared/machine-image.c -+++ b/src/shared/machine-image.c -@@ -200,8 +200,7 @@ static int image_make( - const struct stat *st, - Image **ret) { - -- _cleanup_free_ char *pretty_buffer = NULL; -- _cleanup_free_ char *cwd = NULL; -+ _cleanup_free_ char *pretty_buffer = NULL, *parent = NULL; - struct stat stbuf; - bool read_only; - int r; -@@ -223,8 +222,12 @@ static int image_make( - st = &stbuf; - } - -- if (!path) -- safe_getcwd(&cwd); -+ if (!path) { -+ if (dfd == AT_FDCWD) -+ (void) safe_getcwd(&parent); -+ else -+ (void) fd_get_path(dfd, &parent); -+ } - - read_only = - (path && path_startswith(path, "/usr")) || -@@ -364,7 +367,7 @@ static int image_make( - - block_fd = openat(dfd, filename, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY); - if (block_fd < 0) -- log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path ?: strnull(cwd), filename); -+ log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path ?: strnull(parent), filename); - else { - /* Refresh stat data after opening the node */ - if (fstat(block_fd, &stbuf) < 0) -@@ -378,13 +381,13 @@ static int image_make( - int state = 0; - - if (ioctl(block_fd, BLKROGET, &state) < 0) -- log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename); -+ log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path ?: strnull(parent), filename); - else if (state) - read_only = true; - } - - if (ioctl(block_fd, BLKGETSIZE64, &size) < 0) -- log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename); -+ log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path ?: strnull(parent), filename); - - block_fd = safe_close(block_fd); - } diff --git a/sys-apps/systemd/files/242-network-domains.patch b/sys-apps/systemd/files/242-network-domains.patch deleted file mode 100644 index 166a8ee5b76f..000000000000 --- a/sys-apps/systemd/files/242-network-domains.patch +++ /dev/null @@ -1,57 +0,0 @@ -From fe0e16db093a7da09fcb52a2bc7017197047443d Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Mon, 13 May 2019 05:40:31 +0900 -Subject: [PATCH] network: do not use ordered_set_printf() for DOMAINS= or - ROUTE_DOMAINS= - -This partially reverts 5e2a51d588dde4b52c6017ea80b75c16e6e23431. - -Fixes #12531. ---- - src/network/networkd-link.c | 17 +++++++++++------ - 1 file changed, 11 insertions(+), 6 deletions(-) - -diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c -index f8ee48802cb..1dc10c65a1b 100644 ---- a/src/network/networkd-link.c -+++ b/src/network/networkd-link.c -@@ -3495,12 +3495,11 @@ int link_save(Link *link) { - admin_state, oper_state); - - if (link->network) { -- bool space; -+ char **dhcp6_domains = NULL, **dhcp_domains = NULL; -+ const char *dhcp_domainname = NULL, *p; - sd_dhcp6_lease *dhcp6_lease = NULL; -- const char *dhcp_domainname = NULL; -- char **dhcp6_domains = NULL; -- char **dhcp_domains = NULL; - unsigned j; -+ bool space; - - fprintf(f, "REQUIRED_FOR_ONLINE=%s\n", - yes_no(link->network->required_for_online)); -@@ -3617,7 +3616,10 @@ int link_save(Link *link) { - (void) sd_dhcp6_lease_get_domains(dhcp6_lease, &dhcp6_domains); - } - -- ordered_set_print(f, "DOMAINS=", link->network->search_domains); -+ fputs("DOMAINS=", f); -+ space = false; -+ ORDERED_SET_FOREACH(p, link->network->search_domains, i) -+ fputs_with_space(f, p, NULL, &space); - - if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES) { - NDiscDNSSL *dd; -@@ -3635,7 +3637,10 @@ int link_save(Link *link) { - - fputc('\n', f); - -- ordered_set_print(f, "ROUTE_DOMAINS=", link->network->route_domains); -+ fputs("ROUTE_DOMAINS=", f); -+ space = false; -+ ORDERED_SET_FOREACH(p, link->network->route_domains, i) -+ fputs_with_space(f, p, NULL, &space); - - if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_ROUTE) { - NDiscDNSSL *dd; diff --git a/sys-apps/systemd/files/242-networkd-ipv6-token.patch b/sys-apps/systemd/files/242-networkd-ipv6-token.patch deleted file mode 100644 index 87a85f6f6ab0..000000000000 --- a/sys-apps/systemd/files/242-networkd-ipv6-token.patch +++ /dev/null @@ -1,152 +0,0 @@ -From 4eb086a38712ea98faf41e075b84555b11b54362 Mon Sep 17 00:00:00 2001 -From: Susant Sahani <ssahani@gmail.com> -Date: Thu, 9 May 2019 07:35:35 +0530 -Subject: [PATCH] networkd: fix link_up() (#12505) - -Fillup IFLA_INET6_ADDR_GEN_MODE while we do link_up. - -Fixes the following error: -``` -dummy-test: Could not bring up interface: Invalid argument -``` - -After reading the kernel code when we do a link up -``` -net/core/rtnetlink.c -IFLA_AF_SPEC - af_ops->set_link_af(dev, af); - inet6_set_link_af - if (tb[IFLA_INET6_ADDR_GEN_MODE]) - Here it looks for IFLA_INET6_ADDR_GEN_MODE -``` -Since link up we didn't filling up that it's failing. - -Closes #12504. ---- - src/network/networkd-link.c | 15 +++++++++++++++ - 1 file changed, 15 insertions(+) - -diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c -index 3c8b5c5cb43..4db9f3f980f 100644 ---- a/src/network/networkd-link.c -+++ b/src/network/networkd-link.c -@@ -2031,6 +2031,8 @@ static int link_up(Link *link) { - } - - if (link_ipv6_enabled(link)) { -+ uint8_t ipv6ll_mode; -+ - r = sd_netlink_message_open_container(req, IFLA_AF_SPEC); - if (r < 0) - return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m"); -@@ -2046,6 +2048,19 @@ static int link_up(Link *link) { - return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m"); - } - -+ if (!link_ipv6ll_enabled(link)) -+ ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE; -+ else if (sysctl_read_ip_property(AF_INET6, link->ifname, "stable_secret", NULL) < 0) -+ /* The file may not exist. And event if it exists, when stable_secret is unset, -+ * reading the file fails with EIO. */ -+ ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64; -+ else -+ ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY; -+ -+ r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode); -+ if (r < 0) -+ return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m"); -+ - r = sd_netlink_message_close_container(req); - if (r < 0) - return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m"); -From 9f6e82e6eb3b6e73d66d00d1d6eee60691fb702f Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Thu, 9 May 2019 14:39:46 +0900 -Subject: [PATCH] network: do not send ipv6 token to kernel - -We disabled kernel RA support. Then, we should not send -IFLA_INET6_TOKEN. -Thus, we do not need to send IFLA_INET6_ADDR_GEN_MODE twice. - -Follow-up for 0e2fdb83bb5e22047e0c7cc058b415d0e93f02cf and -4eb086a38712ea98faf41e075b84555b11b54362. ---- - src/network/networkd-link.c | 51 +++++-------------------------------- - 1 file changed, 6 insertions(+), 45 deletions(-) - -diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c -index 2b6ff2b6c58..b6da4ea70b7 100644 ---- a/src/network/networkd-link.c -+++ b/src/network/networkd-link.c -@@ -1954,6 +1954,9 @@ static int link_configure_addrgen_mode(Link *link) { - assert(link->manager); - assert(link->manager->rtnl); - -+ if (!socket_ipv6_is_supported()) -+ return 0; -+ - log_link_debug(link, "Setting address genmode for link"); - - r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex); -@@ -2047,46 +2050,6 @@ static int link_up(Link *link) { - return log_link_error_errno(link, r, "Could not set MAC address: %m"); - } - -- if (link_ipv6_enabled(link)) { -- uint8_t ipv6ll_mode; -- -- r = sd_netlink_message_open_container(req, IFLA_AF_SPEC); -- if (r < 0) -- return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m"); -- -- /* if the kernel lacks ipv6 support setting IFF_UP fails if any ipv6 options are passed */ -- r = sd_netlink_message_open_container(req, AF_INET6); -- if (r < 0) -- return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m"); -- -- if (!in_addr_is_null(AF_INET6, &link->network->ipv6_token)) { -- r = sd_netlink_message_append_in6_addr(req, IFLA_INET6_TOKEN, &link->network->ipv6_token.in6); -- if (r < 0) -- return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m"); -- } -- -- if (!link_ipv6ll_enabled(link)) -- ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE; -- else if (sysctl_read_ip_property(AF_INET6, link->ifname, "stable_secret", NULL) < 0) -- /* The file may not exist. And event if it exists, when stable_secret is unset, -- * reading the file fails with EIO. */ -- ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64; -- else -- ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY; -- -- r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode); -- if (r < 0) -- return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m"); -- -- r = sd_netlink_message_close_container(req); -- if (r < 0) -- return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m"); -- -- r = sd_netlink_message_close_container(req); -- if (r < 0) -- return log_link_error_errno(link, r, "Could not close IFLA_AF_SPEC container: %m"); -- } -- - r = netlink_call_async(link->manager->rtnl, NULL, req, link_up_handler, - link_netlink_destroy_callback, link); - if (r < 0) -@@ -3226,11 +3189,9 @@ static int link_configure(Link *link) { - if (r < 0) - return r; - -- if (socket_ipv6_is_supported()) { -- r = link_configure_addrgen_mode(link); -- if (r < 0) -- return r; -- } -+ r = link_configure_addrgen_mode(link); -+ if (r < 0) -+ return r; - - return link_configure_after_setting_mtu(link); - } diff --git a/sys-apps/systemd/files/242-rdrand-ryzen.patch b/sys-apps/systemd/files/242-rdrand-ryzen.patch deleted file mode 100644 index ec690c1b3f6c..000000000000 --- a/sys-apps/systemd/files/242-rdrand-ryzen.patch +++ /dev/null @@ -1,353 +0,0 @@ -From d351699739471734666230ae3c6f9ba56ce5ce45 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Tue, 7 May 2019 16:18:13 -0400 -Subject: [PATCH 1/6] =?UTF-8?q?random-util:=20rename=20RANDOM=5FDONT=5FDRA?= - =?UTF-8?q?IN=20=E2=86=92=20RANDOM=5FMAY=5FFAIL?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The old flag name was a bit of a misnomer, as /dev/urandom cannot be -"drained". Once it's initialized it's initialized and then is good -forever. (Only /dev/random has a concept of 'draining', but we never use -that, as it's an obsolete interface). - -The flag is still useful though, since it allows us to suppress accesses -to the random pool while it is not initialized, as that trips up the -kernel and it logs about any such attempts, which we really don't want. - -(cherry picked from commit 1a0ffa1e737e65312abac63dcf4b44e1ac0e1642) ---- - src/basic/random-util.c | 36 +++++++++++++++++++----------------- - src/basic/random-util.h | 4 ++-- - 2 files changed, 21 insertions(+), 19 deletions(-) - -diff --git a/src/basic/random-util.c b/src/basic/random-util.c -index ca25fd2420..de29e07549 100644 ---- a/src/basic/random-util.c -+++ b/src/basic/random-util.c -@@ -71,21 +71,22 @@ int genuine_random_bytes(void *p, size_t n, RandomFlags flags) { - bool got_some = false; - int r; - -- /* Gathers some randomness from the kernel (or the CPU if the RANDOM_ALLOW_RDRAND flag is set). This call won't -- * block, unless the RANDOM_BLOCK flag is set. If RANDOM_DONT_DRAIN is set, an error is returned if the random -- * pool is not initialized. Otherwise it will always return some data from the kernel, regardless of whether -- * the random pool is fully initialized or not. */ -+ /* Gathers some randomness from the kernel (or the CPU if the RANDOM_ALLOW_RDRAND flag is set). This -+ * call won't block, unless the RANDOM_BLOCK flag is set. If RANDOM_MAY_FAIL is set, an error is -+ * returned if the random pool is not initialized. Otherwise it will always return some data from the -+ * kernel, regardless of whether the random pool is fully initialized or not. */ - - if (n == 0) - return 0; - - if (FLAGS_SET(flags, RANDOM_ALLOW_RDRAND)) -- /* Try x86-64' RDRAND intrinsic if we have it. We only use it if high quality randomness is not -- * required, as we don't trust it (who does?). Note that we only do a single iteration of RDRAND here, -- * even though the Intel docs suggest calling this in a tight loop of 10 invocations or so. That's -- * because we don't really care about the quality here. We generally prefer using RDRAND if the caller -- * allows us too, since this way we won't drain the kernel randomness pool if we don't need it, as the -- * pool's entropy is scarce. */ -+ /* Try x86-64' RDRAND intrinsic if we have it. We only use it if high quality randomness is -+ * not required, as we don't trust it (who does?). Note that we only do a single iteration of -+ * RDRAND here, even though the Intel docs suggest calling this in a tight loop of 10 -+ * invocations or so. That's because we don't really care about the quality here. We -+ * generally prefer using RDRAND if the caller allows us to, since this way we won't upset -+ * the kernel's random subsystem by accessing it before the pool is initialized (after all it -+ * will kmsg log about every attempt to do so)..*/ - for (;;) { - unsigned long u; - size_t m; -@@ -153,12 +154,13 @@ int genuine_random_bytes(void *p, size_t n, RandomFlags flags) { - break; - - } else if (errno == EAGAIN) { -- /* The kernel has no entropy whatsoever. Let's remember to use the syscall the next -- * time again though. -+ /* The kernel has no entropy whatsoever. Let's remember to use the syscall -+ * the next time again though. - * -- * If RANDOM_DONT_DRAIN is set, return an error so that random_bytes() can produce some -- * pseudo-random bytes instead. Otherwise, fall back to /dev/urandom, which we know is empty, -- * but the kernel will produce some bytes for us on a best-effort basis. */ -+ * If RANDOM_MAY_FAIL is set, return an error so that random_bytes() can -+ * produce some pseudo-random bytes instead. Otherwise, fall back to -+ * /dev/urandom, which we know is empty, but the kernel will produce some -+ * bytes for us on a best-effort basis. */ - have_syscall = true; - - if (got_some && FLAGS_SET(flags, RANDOM_EXTEND_WITH_PSEUDO)) { -@@ -167,7 +169,7 @@ int genuine_random_bytes(void *p, size_t n, RandomFlags flags) { - return 0; - } - -- if (FLAGS_SET(flags, RANDOM_DONT_DRAIN)) -+ if (FLAGS_SET(flags, RANDOM_MAY_FAIL)) - return -ENODATA; - - /* Use /dev/urandom instead */ -@@ -250,7 +252,7 @@ void pseudo_random_bytes(void *p, size_t n) { - - void random_bytes(void *p, size_t n) { - -- if (genuine_random_bytes(p, n, RANDOM_EXTEND_WITH_PSEUDO|RANDOM_DONT_DRAIN|RANDOM_ALLOW_RDRAND) >= 0) -+ if (genuine_random_bytes(p, n, RANDOM_EXTEND_WITH_PSEUDO|RANDOM_MAY_FAIL|RANDOM_ALLOW_RDRAND) >= 0) - return; - - /* If for some reason some user made /dev/urandom unavailable to us, or the kernel has no entropy, use a PRNG instead. */ -diff --git a/src/basic/random-util.h b/src/basic/random-util.h -index 3e8c288d3d..148b6c7813 100644 ---- a/src/basic/random-util.h -+++ b/src/basic/random-util.h -@@ -8,11 +8,11 @@ - typedef enum RandomFlags { - RANDOM_EXTEND_WITH_PSEUDO = 1 << 0, /* If we can't get enough genuine randomness, but some, fill up the rest with pseudo-randomness */ - RANDOM_BLOCK = 1 << 1, /* Rather block than return crap randomness (only if the kernel supports that) */ -- RANDOM_DONT_DRAIN = 1 << 2, /* If we can't get any randomness at all, return early with -EAGAIN */ -+ RANDOM_MAY_FAIL = 1 << 2, /* If we can't get any randomness at all, return early with -ENODATA */ - RANDOM_ALLOW_RDRAND = 1 << 3, /* Allow usage of the CPU RNG */ - } RandomFlags; - --int genuine_random_bytes(void *p, size_t n, RandomFlags flags); /* returns "genuine" randomness, optionally filled upwith pseudo random, if not enough is available */ -+int genuine_random_bytes(void *p, size_t n, RandomFlags flags); /* returns "genuine" randomness, optionally filled up with pseudo random, if not enough is available */ - void pseudo_random_bytes(void *p, size_t n); /* returns only pseudo-randommess (but possibly seeded from something better) */ - void random_bytes(void *p, size_t n); /* returns genuine randomness if cheaply available, and pseudo randomness if not. */ - --- -2.22.0 - - -From 1f492b9ecc31aa3782f9ce82058d8fb72a5c323f Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Tue, 7 May 2019 16:21:44 -0400 -Subject: [PATCH 2/6] random-util: use gcc's bit_RDRND definition if it exists - -(cherry picked from commit cc28145d51f62711fdc4b4c229aecd5778806419) ---- - src/basic/random-util.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/src/basic/random-util.c b/src/basic/random-util.c -index de29e07549..205d5501e5 100644 ---- a/src/basic/random-util.c -+++ b/src/basic/random-util.c -@@ -45,7 +45,12 @@ int rdrand(unsigned long *ret) { - return -EOPNOTSUPP; - } - -- have_rdrand = !!(ecx & (1U << 30)); -+/* Compat with old gcc where bit_RDRND didn't exist yet */ -+#ifndef bit_RDRND -+#define bit_RDRND (1U << 30) -+#endif -+ -+ have_rdrand = !!(ecx & bit_RDRND); - } - - if (have_rdrand == 0) --- -2.22.0 - - -From 6460c540e6183dd19de89b7f0672b3b47c4d41cc Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Tue, 7 May 2019 17:26:55 -0400 -Subject: [PATCH 3/6] random-util: hash AT_RANDOM getauxval() value before - using it - -Let's be a bit paranoid and hash the 16 bytes we get from getauxval() -before using them. AFter all they might be used by other stuff too (in -particular ASLR), and we probably shouldn't end up leaking that seed -though our crappy pseudo-random numbers. - -(cherry picked from commit 80eb560a5bd7439103036867d5e09a5e0393e5d3) ---- - src/basic/random-util.c | 18 ++++++++++++------ - 1 file changed, 12 insertions(+), 6 deletions(-) - -diff --git a/src/basic/random-util.c b/src/basic/random-util.c -index 205d5501e5..40f1928936 100644 ---- a/src/basic/random-util.c -+++ b/src/basic/random-util.c -@@ -28,6 +28,7 @@ - #include "io-util.h" - #include "missing.h" - #include "random-util.h" -+#include "siphash24.h" - #include "time-util.h" - - int rdrand(unsigned long *ret) { -@@ -203,14 +204,19 @@ void initialize_srand(void) { - return; - - #if HAVE_SYS_AUXV_H -- /* The kernel provides us with 16 bytes of entropy in auxv, so let's -- * try to make use of that to seed the pseudo-random generator. It's -- * better than nothing... */ -+ /* The kernel provides us with 16 bytes of entropy in auxv, so let's try to make use of that to seed -+ * the pseudo-random generator. It's better than nothing... But let's first hash it to make it harder -+ * to recover the original value by watching any pseudo-random bits we generate. After all the -+ * AT_RANDOM data might be used by other stuff too (in particular: ASLR), and we probably shouldn't -+ * leak the seed for that. */ - -- auxv = (const void*) getauxval(AT_RANDOM); -+ auxv = ULONG_TO_PTR(getauxval(AT_RANDOM)); - if (auxv) { -- assert_cc(sizeof(x) <= 16); -- memcpy(&x, auxv, sizeof(x)); -+ static const uint8_t auxval_hash_key[16] = { -+ 0x92, 0x6e, 0xfe, 0x1b, 0xcf, 0x00, 0x52, 0x9c, 0xcc, 0x42, 0xcf, 0xdc, 0x94, 0x1f, 0x81, 0x0f -+ }; -+ -+ x = (unsigned) siphash24(auxv, 16, auxval_hash_key); - } else - #endif - x = 0; --- -2.22.0 - - -From 17d52f6320b45d1728af6007b4df4aaccc6fdaf4 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Tue, 7 May 2019 18:51:26 -0400 -Subject: [PATCH 4/6] random-util: rename "err" to "success" - -After all rdrand returns 1 on success, and 0 on failure, hence let's -name this accordingly. - -(cherry picked from commit 328f850e36e86d14ab06d11fa8f2397e9575a7f9) ---- - src/basic/random-util.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/basic/random-util.c b/src/basic/random-util.c -index 40f1928936..7c64857592 100644 ---- a/src/basic/random-util.c -+++ b/src/basic/random-util.c -@@ -35,7 +35,7 @@ int rdrand(unsigned long *ret) { - - #if defined(__i386__) || defined(__x86_64__) - static int have_rdrand = -1; -- unsigned char err; -+ uint8_t success; - - if (have_rdrand < 0) { - uint32_t eax, ebx, ecx, edx; -@@ -60,9 +60,9 @@ int rdrand(unsigned long *ret) { - asm volatile("rdrand %0;" - "setc %1" - : "=r" (*ret), -- "=qm" (err)); -- msan_unpoison(&err, sizeof(err)); -- if (!err) -+ "=qm" (success)); -+ msan_unpoison(&success, sizeof(sucess)); -+ if (!success) - return -EAGAIN; - - return 0; --- -2.22.0 - - -From a6c72245ba5ba688cd6544650b9c6e313b39b53e Mon Sep 17 00:00:00 2001 -From: Evgeny Vereshchagin <evvers@ya.ru> -Date: Wed, 8 May 2019 15:50:53 +0200 -Subject: [PATCH 5/6] util-lib: fix a typo in rdrand - -Otherwise, the fuzzers will fail to compile with MSan: -``` -../../src/systemd/src/basic/random-util.c:64:40: error: use of undeclared identifier 'sucess'; did you mean 'success'? - msan_unpoison(&success, sizeof(sucess)); - ^~~~~~ - success -../../src/systemd/src/basic/alloc-util.h:169:50: note: expanded from macro 'msan_unpoison' - ^ -../../src/systemd/src/basic/random-util.c:38:17: note: 'success' declared here - uint8_t success; - ^ -1 error generated. -[80/545] Compiling C object 'src/basic/a6ba3eb@@basic@sta/process-util.c.o'. -ninja: build stopped: subcommand failed. -Fuzzers build failed -``` - -(cherry picked from commit 7f2cdceaed4d37c4e601e531c7d863fca1bd1460) ---- - src/basic/random-util.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/basic/random-util.c b/src/basic/random-util.c -index 7c64857592..b8bbf2d418 100644 ---- a/src/basic/random-util.c -+++ b/src/basic/random-util.c -@@ -61,7 +61,7 @@ int rdrand(unsigned long *ret) { - "setc %1" - : "=r" (*ret), - "=qm" (success)); -- msan_unpoison(&success, sizeof(sucess)); -+ msan_unpoison(&success, sizeof(success)); - if (!success) - return -EAGAIN; - --- -2.22.0 - - -From 47eec0ae61c887cb8cc05ce8d49b8d151bc4ef25 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Fri, 10 May 2019 15:16:16 -0400 -Subject: [PATCH 6/6] random-util: eat up bad RDRAND values seen on AMD CPUs - -An ugly, ugly work-around for #11810. And no, we shouldn't have to do -this. This is something for AMD, the firmware or the kernel to -fix/work-around, not us. But nonetheless, this should do it for now. - -Fixes: #11810 -(cherry picked from commit 1c53d4a070edbec8ad2d384ba0014d0eb6bae077) ---- - src/basic/random-util.c | 15 ++++++++++++++- - 1 file changed, 14 insertions(+), 1 deletion(-) - -diff --git a/src/basic/random-util.c b/src/basic/random-util.c -index b8bbf2d418..0561f0cb22 100644 ---- a/src/basic/random-util.c -+++ b/src/basic/random-util.c -@@ -35,6 +35,7 @@ int rdrand(unsigned long *ret) { - - #if defined(__i386__) || defined(__x86_64__) - static int have_rdrand = -1; -+ unsigned long v; - uint8_t success; - - if (have_rdrand < 0) { -@@ -59,12 +60,24 @@ int rdrand(unsigned long *ret) { - - asm volatile("rdrand %0;" - "setc %1" -- : "=r" (*ret), -+ : "=r" (v), - "=qm" (success)); - msan_unpoison(&success, sizeof(success)); - if (!success) - return -EAGAIN; - -+ /* Apparently on some AMD CPUs RDRAND will sometimes (after a suspend/resume cycle?) report success -+ * via the carry flag but nonetheless return the same fixed value -1 in all cases. This appears to be -+ * a bad bug in the CPU or firmware. Let's deal with that and work-around this by explicitly checking -+ * for this special value (and also 0, just to be sure) and filtering it out. This is a work-around -+ * only however and something AMD really should fix properly. The Linux kernel should probably work -+ * around this issue by turning off RDRAND altogether on those CPUs. See: -+ * https://github.com/systemd/systemd/issues/11810 */ -+ if (v == 0 || v == ULONG_MAX) -+ return log_debug_errno(SYNTHETIC_ERRNO(EUCLEAN), -+ "RDRAND returned suspicious value %lx, assuming bad hardware RNG, not using value.", v); -+ -+ *ret = v; - return 0; - #else - return -EOPNOTSUPP; --- -2.22.0 - diff --git a/sys-apps/systemd/files/242-socket-util-flush-accept.patch b/sys-apps/systemd/files/242-socket-util-flush-accept.patch deleted file mode 100644 index 4849c4c0789e..000000000000 --- a/sys-apps/systemd/files/242-socket-util-flush-accept.patch +++ /dev/null @@ -1,46 +0,0 @@ -From f3d75364fbebf2ddb6393e54db5e10b6f6234e14 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering <lennart@poettering.net> -Date: Thu, 18 Apr 2019 15:13:54 +0200 -Subject: [PATCH] socket-util: make sure flush_accept() doesn't hang on - unexpected EOPNOTSUPP - -So apparently there are two reasons why accept() can return EOPNOTSUPP: -because the socket is not a listening stream socket (or similar), or -because the incoming TCP connection for some reason wasn't acceptable to -the host. THe latter should be a transient error, as suggested on -accept(2). The former however should be considered fatal for -flush_accept(). Let's fix this by explicitly checking whether the socket -is a listening socket beforehand. ---- - src/basic/socket-util.c | 17 +++++++++++++++-- - 1 file changed, 15 insertions(+), 2 deletions(-) - -diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c -index 904bafb76f9..e787d53d8f4 100644 ---- a/src/basic/socket-util.c -+++ b/src/basic/socket-util.c -@@ -1225,9 +1225,22 @@ int flush_accept(int fd) { - .fd = fd, - .events = POLLIN, - }; -- int r; -+ int r, b; -+ socklen_t l = sizeof(b); -+ -+ /* Similar to flush_fd() but flushes all incoming connection by accepting them and immediately -+ * closing them. */ -+ -+ if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &b, &l) < 0) -+ return -errno; - -- /* Similar to flush_fd() but flushes all incoming connection by accepting them and immediately closing them. */ -+ assert(l == sizeof(b)); -+ if (!b) /* Let's check if this is a socket accepting connections before calling accept(). That's -+ * because accept4() can return EOPNOTSUPP in the fd we are called on is not a listening -+ * socket, or in case the incoming TCP connection transiently triggered that (see accept(2) -+ * man page for details). The latter case is a transient error we should continue looping -+ * on. The former case however is fatal. */ -+ return -ENOTTY; - - for (;;) { - int cfd; diff --git a/sys-apps/systemd/files/242-wireguard-listenport.patch b/sys-apps/systemd/files/242-wireguard-listenport.patch deleted file mode 100644 index 39b3c7c0a54c..000000000000 --- a/sys-apps/systemd/files/242-wireguard-listenport.patch +++ /dev/null @@ -1,49 +0,0 @@ -From a62b7bb79e9a2aa683624c32cde1c756d8466fb4 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Thu, 25 Apr 2019 00:39:04 +0200 -Subject: [PATCH] network: fix ListenPort= in [WireGuard] section - -This fixes a bug introduced by f1368a333e5e08575f0b45dfe41e936b106a8627. - -Fixes #12377. ---- - src/network/netdev/wireguard.c | 19 ++++++++++--------- - 1 file changed, 10 insertions(+), 9 deletions(-) - -diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c -index f3084c0773f..5ebc5dfed84 100644 ---- a/src/network/netdev/wireguard.c -+++ b/src/network/netdev/wireguard.c -@@ -452,22 +452,23 @@ int config_parse_wireguard_listen_port( - void *userdata) { - - uint16_t *s = data; -- uint16_t port = 0; - int r; - - assert(rvalue); - assert(data); - -- if (!streq(rvalue, "auto")) { -- r = parse_ip_port(rvalue, s); -- if (r < 0) { -- log_syntax(unit, LOG_ERR, filename, line, r, -- "Invalid port specification, ignoring assignment: %s", rvalue); -- return 0; -- } -+ if (isempty(rvalue) || streq(rvalue, "auto")) { -+ *s = 0; -+ return 0; -+ } -+ -+ r = parse_ip_port(rvalue, s); -+ if (r < 0) { -+ log_syntax(unit, LOG_ERR, filename, line, r, -+ "Invalid port specification, ignoring assignment: %s", rvalue); -+ return 0; - } - -- *s = port; - return 0; - } - diff --git a/sys-apps/systemd/files/CVE-2019-15718.patch b/sys-apps/systemd/files/CVE-2019-15718.patch deleted file mode 100644 index 8186f7096f82..000000000000 --- a/sys-apps/systemd/files/CVE-2019-15718.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 35e528018f315798d3bffcb592b32a0d8f5162bd Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> -Date: Tue, 27 Aug 2019 19:00:34 +0200 -Subject: [PATCH] shared/but-util: drop trusted annotation from - bus_open_system_watch_bind_with_description() - -https://bugzilla.redhat.com/show_bug.cgi?id=1746057 - -This only affects systemd-resolved. bus_open_system_watch_bind_with_description() -is also used in timesyncd, but it has no methods, only read-only properties, and -in networkd, but it annotates all methods with SD_BUS_VTABLE_UNPRIVILEGED and does -polkit checks. ---- - src/shared/bus-util.c | 4 ---- - 1 file changed, 4 deletions(-) - -diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c -index 6af115e7aa..821339d4ae 100644 ---- a/src/shared/bus-util.c -+++ b/src/shared/bus-util.c -@@ -1705,10 +1705,6 @@ int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *descri - if (r < 0) - return r; - -- r = sd_bus_set_trusted(bus, true); -- if (r < 0) -- return r; -- - r = sd_bus_negotiate_creds(bus, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS); - if (r < 0) - return r; |