pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/sysutils/xentools411 Add upstream patches for a bunch ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/d4346535787e
branches:  trunk
changeset: 443607:d4346535787e
user:      bouyer <bouyer%pkgsrc.org@localhost>
date:      Thu Dec 17 16:48:12 2020 +0000

description:
Add upstream patches for a bunch of Xen security avisories, related
to xenstore permissions.
Bump PKGREVISION

diffstat:

 sysutils/xentools411/Makefile                                     |     4 +-
 sysutils/xentools411/distinfo                                     |    15 +-
 sysutils/xentools411/patches/patch-XSA115-c                       |  1755 ++++++++++
 sysutils/xentools411/patches/patch-XSA115-o                       |   694 +++
 sysutils/xentools411/patches/patch-XSA322-c                       |   536 +++
 sysutils/xentools411/patches/patch-XSA322-o                       |   112 +
 sysutils/xentools411/patches/patch-XSA323                         |   142 +
 sysutils/xentools411/patches/patch-XSA324                         |    50 +
 sysutils/xentools411/patches/patch-XSA325                         |   194 +
 sysutils/xentools411/patches/patch-XSA330                         |    68 +
 sysutils/xentools411/patches/patch-XSA352                         |    44 +
 sysutils/xentools411/patches/patch-XSA353                         |    91 +
 sysutils/xentools411/patches/patch-tools_ocaml_xenstored_utils.ml |    12 +-
 13 files changed, 3706 insertions(+), 11 deletions(-)

diffs (truncated from 3803 to 300 lines):

diff -r a78c182da675 -r d4346535787e sysutils/xentools411/Makefile
--- a/sysutils/xentools411/Makefile     Thu Dec 17 16:47:30 2020 +0000
+++ b/sysutils/xentools411/Makefile     Thu Dec 17 16:48:12 2020 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2020/08/31 18:11:37 wiz Exp $
+# $NetBSD: Makefile,v 1.24 2020/12/17 16:48:12 bouyer Exp $
 #
 # VERSION is set in version.mk as it is shared with other packages
-PKGREVISION=   1
+PKGREVISION=   2
 .include       "version.mk"
 
 DIST_IPXE=     ipxe-git-${VERSION_IPXE}.tar.gz
diff -r a78c182da675 -r d4346535787e sysutils/xentools411/distinfo
--- a/sysutils/xentools411/distinfo     Thu Dec 17 16:47:30 2020 +0000
+++ b/sysutils/xentools411/distinfo     Thu Dec 17 16:48:12 2020 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.14 2020/08/24 10:33:27 bouyer Exp $
+$NetBSD: distinfo,v 1.15 2020/12/17 16:48:12 bouyer Exp $
 
 SHA1 (xen411/ipxe-git-356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d.tar.gz) = 272b8c904dc0127690eca2c5c20c67479e40da34
 RMD160 (xen411/ipxe-git-356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d.tar.gz) = cfcb4a314c15da19b36132b27126f3bd9699d0e5
@@ -12,6 +12,16 @@
 SHA1 (patch-.._ipxe_src_net_fcels.c) = eda41b25c3d5f5bef33caa9a6af28c40cb91e66b
 SHA1 (patch-Config.mk) = c41005a60de2f94a72b0206030eb021c137653d3
 SHA1 (patch-Makefile) = 2f3a5eafc5039b149c98dd5e59c39a3197fd9264
+SHA1 (patch-XSA115-c) = 7e3216a23c522fc73f47fa6deef8918c4dce7fae
+SHA1 (patch-XSA115-o) = 6dc292060441c388b9a05e31ddc37835568a3e86
+SHA1 (patch-XSA322-c) = c48a10eeab29775b9c97a36848556120741a9c9d
+SHA1 (patch-XSA322-o) = 943e2aee69ac278871925223478b11f6dfabc9d7
+SHA1 (patch-XSA323) = 98055b0c05ed0d0f5ebbe23d429a68a71d92f20f
+SHA1 (patch-XSA324) = a1cdb872a79fd7d9234030ec2765d0a474f72fbb
+SHA1 (patch-XSA325) = 59c7fba006588db4accee1068072612777620ac3
+SHA1 (patch-XSA330) = 03b4f1d9c14e11eaee5b863276d32cee0544e604
+SHA1 (patch-XSA352) = 7c4479c029d9bbbf6578ee148cb926bb2d849789
+SHA1 (patch-XSA353) = 6983aa18399dcf0ac1471ffdf7c27c1bc041f49c
 SHA1 (patch-always_inline) = 23201b2b63072e040630525416a0b61280492f93
 SHA1 (patch-docs_man_xl-disk-configuration.pod.5) = 03ff4c22dde1e1b60ab8750c8971ea057e479151
 SHA1 (patch-docs_man_xl.cfg.pod.5.in) = 951915037a9975b76cc5c41a0e1abe0a202a3696
@@ -56,7 +66,7 @@
 SHA1 (patch-tools_ocaml_libs_xentoollog_xentoollog__stubs.c) = adee03d87168e735cb0d42ce06d0c31a14315b8d
 SHA1 (patch-tools_ocaml_libs_xl__xenlight_stubs.c) = cc612908524670f650a294af133a5912f955f39e
 SHA1 (patch-tools_ocaml_xenstored_Makefile) = b267702cf4090c7b45bba530e60327fced24e3e5
-SHA1 (patch-tools_ocaml_xenstored_utils.ml) = fd951de732d6c31cae89bd4b58c5650108578d79
+SHA1 (patch-tools_ocaml_xenstored_utils.ml) = 96b69dd3b5adb10692d7646c1dbeb20d27e0e1a8
 SHA1 (patch-tools_qemu-xen-traditional_Makefile) = 5fbb55bf84f9856043be301d5d06530190fe9a60
 SHA1 (patch-tools_qemu-xen-traditional_block-raw-posix.c) = eb3efea4b0c7fd744f627f1926fca737ba826b99
 SHA1 (patch-tools_qemu-xen-traditional_configure) = 6a42dcac010f90439a347c0f6e886b07185cb19a
@@ -81,5 +91,4 @@
 SHA1 (patch-tools_xentrace_xentrace.c) = f964c7555f454358a39f28a2e75db8ee100a4243
 SHA1 (patch-tools_xl_Makefile) = dd4fa8cc66c74eea8b022cd6129aa2831776f2a8
 SHA1 (patch-xen_Rules.mk) = c743dc63f51fc280d529a7d9e08650292c171dac
-SHA1 (patch-xen_common_lz4_dexompress.c) = 521a247c2d36980b3433c4be92c77308a2d3f3b9
 SHA1 (patch-xen_tools_symbols.c) = 67b5a38312095029631e00457abc0e4bb633aaf8
diff -r a78c182da675 -r d4346535787e sysutils/xentools411/patches/patch-XSA115-c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/sysutils/xentools411/patches/patch-XSA115-c       Thu Dec 17 16:48:12 2020 +0000
@@ -0,0 +1,1755 @@
+$NetBSD: patch-XSA115-c,v 1.1 2020/12/17 16:48:12 bouyer Exp $
+
+From e92f3dfeaae21a335e666c9247954424e34e5c56 Mon Sep 17 00:00:00 2001
+From: Juergen Gross <jgross%suse.com@localhost>
+Date: Thu, 11 Jun 2020 16:12:37 +0200
+Subject: [PATCH 01/10] tools/xenstore: allow removing child of a node
+ exceeding quota
+
+An unprivileged user of Xenstore is not allowed to write nodes with a
+size exceeding a global quota, while privileged users like dom0 are
+allowed to write such nodes. The size of a node is the needed space
+to store all node specific data, this includes the names of all
+children of the node.
+
+When deleting a node its parent has to be modified by removing the
+name of the to be deleted child from it.
+
+This results in the strange situation that an unprivileged owner of a
+node might not succeed in deleting that node in case its parent is
+exceeding the quota of that unprivileged user (it might have been
+written by dom0), as the user is not allowed to write the updated
+parent node.
+
+Fix that by not checking the quota when writing a node for the
+purpose of removing a child's name only.
+
+The same applies to transaction handling: a node being read during a
+transaction is written to the transaction specific area and it should
+not be tested for exceeding the quota, as it might not be owned by
+the reader and presumably the original write would have failed if the
+node is owned by the reader.
+
+This is part of XSA-115.
+
+Signed-off-by: Juergen Gross <jgross%suse.com@localhost>
+Reviewed-by: Julien Grall <jgrall%amazon.com@localhost>
+Reviewed-by: Paul Durrant <paul%xen.org@localhost>
+---
+ tools/xenstore/xenstored_core.c        | 20 +++++++++++---------
+ tools/xenstore/xenstored_core.h        |  3 ++-
+ tools/xenstore/xenstored_transaction.c |  2 +-
+ 3 files changed, 14 insertions(+), 11 deletions(-)
+
+diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
+index 97ceabf9642d..b43e1018babd 100644
+--- tools/xenstore/xenstored_core.c.orig
++++ tools/xenstore/xenstored_core.c
+@@ -417,7 +417,8 @@ static struct node *read_node(struct connection *conn, const void *ctx,
+       return node;
+ }
+ 
+-int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node)
++int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node,
++                 bool no_quota_check)
+ {
+       TDB_DATA data;
+       void *p;
+@@ -427,7 +428,7 @@ int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node)
+               + node->num_perms*sizeof(node->perms[0])
+               + node->datalen + node->childlen;
+ 
+-      if (domain_is_unprivileged(conn) &&
++      if (!no_quota_check && domain_is_unprivileged(conn) &&
+           data.dsize >= quota_max_entry_size) {
+               errno = ENOSPC;
+               return errno;
+@@ -455,14 +456,15 @@ int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node)
+       return 0;
+ }
+ 
+-static int write_node(struct connection *conn, struct node *node)
++static int write_node(struct connection *conn, struct node *node,
++                    bool no_quota_check)
+ {
+       TDB_DATA key;
+ 
+       if (access_node(conn, node, NODE_ACCESS_WRITE, &key))
+               return errno;
+ 
+-      return write_node_raw(conn, &key, node);
++      return write_node_raw(conn, &key, node, no_quota_check);
+ }
+ 
+ static enum xs_perm_type perm_for_conn(struct connection *conn,
+@@ -999,7 +1001,7 @@ static struct node *create_node(struct connection *conn, const void *ctx,
+       /* We write out the nodes down, setting destructor in case
+        * something goes wrong. */
+       for (i = node; i; i = i->parent) {
+-              if (write_node(conn, i)) {
++              if (write_node(conn, i, false)) {
+                       domain_entry_dec(conn, i);
+                       return NULL;
+               }
+@@ -1039,7 +1041,7 @@ static int do_write(struct connection *conn, struct buffered_data *in)
+       } else {
+               node->data = in->buffer + offset;
+               node->datalen = datalen;
+-              if (write_node(conn, node))
++              if (write_node(conn, node, false))
+                       return errno;
+       }
+ 
+@@ -1115,7 +1117,7 @@ static int remove_child_entry(struct connection *conn, struct node *node,
+       size_t childlen = strlen(node->children + offset);
+       memdel(node->children, offset, childlen + 1, node->childlen);
+       node->childlen -= childlen + 1;
+-      return write_node(conn, node);
++      return write_node(conn, node, true);
+ }
+ 
+ 
+@@ -1254,7 +1256,7 @@ static int do_set_perms(struct connection *conn, struct buffered_data *in)
+       node->num_perms = num;
+       domain_entry_inc(conn, node);
+ 
+-      if (write_node(conn, node))
++      if (write_node(conn, node, false))
+               return errno;
+ 
+       fire_watches(conn, in, name, false);
+@@ -1514,7 +1516,7 @@ static void manual_node(const char *name, const char *child)
+       if (child)
+               node->childlen = strlen(child) + 1;
+ 
+-      if (write_node(NULL, node))
++      if (write_node(NULL, node, false))
+               barf_perror("Could not create initial node %s", name);
+       talloc_free(node);
+ }
+diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_core.h
+index 56a279cfbb47..3cb1c235a101 100644
+--- tools/xenstore/xenstored_core.h.orig
++++ tools/xenstore/xenstored_core.h
+@@ -149,7 +149,8 @@ void send_ack(struct connection *conn, enum xsd_sockmsg_type type);
+ char *canonicalize(struct connection *conn, const void *ctx, const char *node);
+ 
+ /* Write a node to the tdb data base. */
+-int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node);
++int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node,
++                 bool no_quota_check);
+ 
+ /* Get this node, checking we have permissions. */
+ struct node *get_node(struct connection *conn,
+diff --git a/tools/xenstore/xenstored_transaction.c b/tools/xenstore/xenstored_transaction.c
+index 2824f7b359b8..e87897573469 100644
+--- tools/xenstore/xenstored_transaction.c.orig
++++ tools/xenstore/xenstored_transaction.c
+@@ -276,7 +276,7 @@ int access_node(struct connection *conn, struct node *node,
+                       i->check_gen = true;
+                       if (node->generation != NO_GENERATION) {
+                               set_tdb_key(trans_name, &local_key);
+-                              ret = write_node_raw(conn, &local_key, node);
++                              ret = write_node_raw(conn, &local_key, node, true);
+                               if (ret)
+                                       goto err;
+                               i->ta_node = true;
+-- 
+2.17.1
+
+From e8076f73de65c4816f69d6ebf75839c706145fcd Mon Sep 17 00:00:00 2001
+From: Juergen Gross <jgross%suse.com@localhost>
+Date: Thu, 11 Jun 2020 16:12:38 +0200
+Subject: [PATCH 02/10] tools/xenstore: ignore transaction id for [un]watch
+
+Instead of ignoring the transaction id for XS_WATCH and XS_UNWATCH
+commands as it is documented in docs/misc/xenstore.txt, it is tested
+for validity today.
+
+Really ignore the transaction id for XS_WATCH and XS_UNWATCH.
+
+This is part of XSA-115.
+
+Signed-off-by: Juergen Gross <jgross%suse.com@localhost>
+Reviewed-by: Julien Grall <jgrall%amazon.com@localhost>
+Reviewed-by: Paul Durrant <paul%xen.org@localhost>
+---
+ tools/xenstore/xenstored_core.c | 26 ++++++++++++++++----------
+ 1 file changed, 16 insertions(+), 10 deletions(-)
+
+diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
+index b43e1018babd..bb2f9fd4e76e 100644
+--- tools/xenstore/xenstored_core.c.orig
++++ tools/xenstore/xenstored_core.c
+@@ -1268,13 +1268,17 @@ static int do_set_perms(struct connection *conn, struct buffered_data *in)
+ static struct {
+       const char *str;
+       int (*func)(struct connection *conn, struct buffered_data *in);
++      unsigned int flags;
++#define XS_FLAG_NOTID         (1U << 0)       /* Ignore transaction id. */
+ } const wire_funcs[XS_TYPE_COUNT] = {
+       [XS_CONTROL]           = { "CONTROL",           do_control },
+       [XS_DIRECTORY]         = { "DIRECTORY",         send_directory },
+       [XS_READ]              = { "READ",              do_read },
+       [XS_GET_PERMS]         = { "GET_PERMS",         do_get_perms },
+-      [XS_WATCH]             = { "WATCH",             do_watch },
+-      [XS_UNWATCH]           = { "UNWATCH",           do_unwatch },
++      [XS_WATCH]             =
++          { "WATCH",         do_watch,        XS_FLAG_NOTID },
++      [XS_UNWATCH]           =
++          { "UNWATCH",       do_unwatch,      XS_FLAG_NOTID },
+       [XS_TRANSACTION_START] = { "TRANSACTION_START", do_transaction_start },
+       [XS_TRANSACTION_END]   = { "TRANSACTION_END",   do_transaction_end },
+       [XS_INTRODUCE]         = { "INTRODUCE",         do_introduce },
+@@ -1296,7 +1300,7 @@ static struct {
+ 
+ static const char *sockmsg_string(enum xsd_sockmsg_type type)
+ {
+-      if ((unsigned)type < XS_TYPE_COUNT && wire_funcs[type].str)
++      if ((unsigned int)type < ARRAY_SIZE(wire_funcs) && wire_funcs[type].str)
+               return wire_funcs[type].str;
+ 
+       return "**UNKNOWN**";
+@@ -1311,7 +1315,14 @@ static void process_message(struct connection *conn, struct buffered_data *in)
+       enum xsd_sockmsg_type type = in->hdr.msg.type;
+       int ret;
+ 
+-      trans = transaction_lookup(conn, in->hdr.msg.tx_id);
++      if ((unsigned int)type >= XS_TYPE_COUNT || !wire_funcs[type].func) {
++              eprintf("Client unknown operation %i", type);
++              send_error(conn, ENOSYS);
++              return;
++      }
++
++      trans = (wire_funcs[type].flags & XS_FLAG_NOTID)
++              ? NULL : transaction_lookup(conn, in->hdr.msg.tx_id);
+       if (IS_ERR(trans)) {
+               send_error(conn, -PTR_ERR(trans));
+               return;
+@@ -1320,12 +1331,7 @@ static void process_message(struct connection *conn, struct buffered_data *in)
+       assert(conn->transaction == NULL);
+       conn->transaction = trans;
+ 
+-      if ((unsigned)type < XS_TYPE_COUNT && wire_funcs[type].func)
+-              ret = wire_funcs[type].func(conn, in);
+-      else {
+-              eprintf("Client unknown operation %i", type);
+-              ret = ENOSYS;
+-      }
++      ret = wire_funcs[type].func(conn, in);
+       if (ret)
+               send_error(conn, ret);
+ 



Home | Main Index | Thread Index | Old Index