[oe-commits] [meta-openembedded] 01/13: dbus-broker: upgrade 21 -> 22
git at git.openembedded.org
git at git.openembedded.org
Wed Mar 11 01:21:23 UTC 2020
This is an automated email from the git hooks/post-receive script.
khem pushed a commit to branch master-next
in repository meta-openembedded.
commit ad371d63cab20c98d522607001340b6ea276eac3
Author: Pierre-Jean Texier <pjtexier at koncepto.io>
AuthorDate: Mon Mar 9 17:59:25 2020 +0000
dbus-broker: upgrade 21 -> 22
See full changelog https://github.com/bus1/dbus-broker/releases/tag/v22
Also remove patches applied upstream
Signed-off-by: Pierre-Jean Texier <pjtexier at koncepto.io>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
---
...launch-improve-error-handling-for-opendir.patch | 48 ------------
...nge-the-constant-used-for-invalid-timesta.patch | 86 ----------------------
...3-dbus-socket-treat-MSG_CTRUNC-gracefully.patch | 83 ---------------------
.../0004-launcher-fix-build-with-musl-libc.patch | 38 ----------
...h-policy-fix-crash-when-importing-selinux.patch | 50 -------------
...h-policy-fix-crash-when-exporting-selinux.patch | 59 ---------------
.../dbus/{dbus-broker_21.bb => dbus-broker_22.bb} | 10 +--
7 files changed, 2 insertions(+), 372 deletions(-)
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
deleted file mode 100644
index ccc175b..0000000
--- a/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From f42d5e38859c65a186acd0da94bbeeca12faf7a2 Mon Sep 17 00:00:00 2001
-From: David Rheinsberg <david.rheinsberg at gmail.com>
-Date: Thu, 2 May 2019 17:33:34 +0200
-Subject: [PATCH] launch: improve error handling for opendir()
-
-This improves the error-handling of opendir() by always printing
-diagnostics. Furthermore, it aligns the behavior with dbus-deamon and
-ignores EACCES.
-
-Signed-off-by: David Rheinsberg <david.rheinsberg at gmail.com>
-Upstream-Status: dbus-broker at f42d5e38859c65a186acd0da94bbeeca12faf7a2
----
- src/launch/launcher.c | 17 +++++++++++++++--
- 1 file changed, 15 insertions(+), 2 deletions(-)
-
-diff --git a/src/launch/launcher.c b/src/launch/launcher.c
-index 31a5364..2ec4bda 100644
---- a/src/launch/launcher.c
-+++ b/src/launch/launcher.c
-@@ -749,10 +749,23 @@ static int launcher_load_service_dir(Launcher *launcher, const char *dirpath, NS
-
- dir = opendir(dirpath);
- if (!dir) {
-- if (errno == ENOENT || errno == ENOTDIR)
-+ if (errno == ENOENT || errno == ENOTDIR) {
- return 0;
-- else
-+ } else if (errno == EACCES) {
-+ log_append_here(&launcher->log, LOG_ERR, 0, NULL);
-+ r = log_commitf(&launcher->log, "Access denied to service directory '%s'\n", dirpath);
-+ if (r)
-+ return error_fold(r);
-+
-+ return 0;
-+ } else {
-+ log_append_here(&launcher->log, LOG_ERR, errno, NULL);
-+ r = log_commitf(&launcher->log, "Unable to open service directory '%s': %m\n", dirpath);
-+ if (r)
-+ return error_fold(r);
-+
- return error_origin(-errno);
-+ }
- }
-
- r = dirwatch_add(launcher->dirwatch, dirpath);
---
-2.20.1
-
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
deleted file mode 100644
index 67a2dc4..0000000
--- a/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-From 3570b3e9ba367f10718b56336ce32d5254f66575 Mon Sep 17 00:00:00 2001
-From: Tom Gundersen <teg at jklm.no>
-Date: Thu, 9 May 2019 13:00:37 +0200
-Subject: [PATCH] metrics: change the constant used for invalid timestamps
-
-Use (uint64_t)-1 rather than 0 to indicate an invalid timestamp. It
-should not be possible for the kernel to return 0 from
-clock_gettime(), but we have received some reports of our asserts
-triggering, so avoid the issue entirely by using -1 instead (which
-really can never be returned).
-
-See https://retrace.fedoraproject.org/faf/reports/2539484/
-
-Signed-off-by: Tom Gundersen <teg at jklm.no>
-Upstream-Status: dbus-broker at 3570b3e9ba367f10718b56336ce32d5254f66575
----
- src/util/metrics.c | 8 ++++----
- src/util/metrics.h | 9 ++++++---
- 2 files changed, 10 insertions(+), 7 deletions(-)
-
-diff --git a/src/util/metrics.c b/src/util/metrics.c
-index b5a7182..eef94eb 100644
---- a/src/util/metrics.c
-+++ b/src/util/metrics.c
-@@ -26,7 +26,7 @@ void metrics_init(Metrics *metrics, clockid_t id) {
- }
-
- void metrics_deinit(Metrics *metrics) {
-- c_assert(!metrics->timestamp);
-+ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
- metrics_init(metrics, metrics->id);
- }
-
-@@ -82,7 +82,7 @@ void metrics_sample_add(Metrics *metrics, uint64_t timestamp) {
- * a sample is not currently running.
- */
- void metrics_sample_start(Metrics *metrics) {
-- c_assert(!metrics->timestamp);
-+ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
- metrics->timestamp = metrics_get_time(metrics);
- }
-
-@@ -93,11 +93,11 @@ void metrics_sample_start(Metrics *metrics) {
- * End a currently running sample, and update the internal state.
- */
- void metrics_sample_end(Metrics *metrics) {
-- c_assert(metrics->timestamp);
-+ c_assert(metrics->timestamp != METRICS_TIMESTAMP_INVALID);
-
- metrics_sample_add(metrics, metrics->timestamp);
-
-- metrics->timestamp = 0;
-+ metrics->timestamp = METRICS_TIMESTAMP_INVALID;
- }
-
- /**
-diff --git a/src/util/metrics.h b/src/util/metrics.h
-index a8ee915..b00dee6 100644
---- a/src/util/metrics.h
-+++ b/src/util/metrics.h
-@@ -8,6 +8,8 @@
- #include <stdlib.h>
- #include <time.h>
-
-+#define METRICS_TIMESTAMP_INVALID ((uint64_t) -1)
-+
- typedef struct Metrics Metrics;
-
- struct Metrics {
-@@ -23,9 +25,10 @@ struct Metrics {
- uint64_t sum_of_squares;
- };
-
--#define METRICS_INIT(_id) { \
-- .minimum = (uint64_t) -1, \
-- .id = (_id), \
-+#define METRICS_INIT(_id) { \
-+ .minimum = (uint64_t) -1, \
-+ .id = (_id), \
-+ .timestamp = METRICS_TIMESTAMP_INVALID, \
- }
-
- void metrics_init(Metrics *metrics, clockid_t id);
---
-2.21.0
-
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
deleted file mode 100644
index 53f9e71..0000000
--- a/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From 520c47c53deeb893e03194fefaf3c5b9223ede27 Mon Sep 17 00:00:00 2001
-From: David Rheinsberg <david.rheinsberg at gmail.com>
-Date: Fri, 10 May 2019 10:58:06 +0200
-Subject: [PATCH] dbus/socket: treat MSG_CTRUNC gracefully
-
-As it turns out, LSMs allow clients to trigger a MSG_CTRUNC on the
-remote side of a unix socket. Whenever LSMs reject the transmission of
-an FD, they will simply drop the FD and set MSG_CTRUNC, without any
-other error notification.
-
-Therefore, we must assume any occurance of MSG_CTRUNC is trigger by a
-client. This makes it impossible to consider MSG_CTRUNC for any other
-error handling, and as such we are left to disconnecting the client and
-ignoring the flag.
-
-Luckily, MSG_CTRUNC is expected for any other event, so we only used it
-for diagnostics so far.
-
-Signed-off-by: David Rheinsberg <david.rheinsberg at gmail.com>
-Upstream-Status: dbus-broker at 520c47c53deeb893e03194fefaf3c5b9223ede27
----
- src/dbus/socket.c | 44 +++++++++++++++++++++++++++++++++-----------
- 1 file changed, 33 insertions(+), 11 deletions(-)
-
-diff --git a/src/dbus/socket.c b/src/dbus/socket.c
-index cacdff2..6e6ba10 100644
---- a/src/dbus/socket.c
-+++ b/src/dbus/socket.c
-@@ -593,18 +593,40 @@ static int socket_recvmsg(Socket *socket,
-
- if (msg.msg_flags & MSG_CTRUNC) {
- /*
-- * This flag means the control-buffer was too small to retrieve
-- * all data. If this can be triggered remotely, it means a peer
-- * can cause us to miss FDs. Hence, we really must protect
-- * against this.
-- * We do provide suitably sized buffers to be prepared for any
-- * possible scenario. So if this happens, something is fishy
-- * and we better report it.
-- * Note that this is also reported by the kernel if we exceeded
-- * our NOFILE limit. Since this implies resource
-- * misconfiguration as well, we treat it the same way.
-+ * Our control-buffer-size is carefully calculated to be big
-+ * enough for any possible ancillary data we expect. Therefore,
-+ * the kernel should never be required to truncate it, and thus
-+ * MSG_CTRUNC will never be set. This is also foward compatible
-+ * to future extensions to the ancillary data, since these must
-+ * be enabled explicitly before the kernel considers forwarding
-+ * them.
-+ *
-+ * Unfortunately, the SCM_RIGHTS implementation might set this
-+ * flag as well. In particular, if not all FDs can be returned
-+ * to user-space, MSG_CTRUNC will be set (signalling that the
-+ * FD-set is non-complete). No other error is returned or
-+ * signalled, though. There are several reasons why the FD
-+ * transmission can fail. Most importantly, if we exhaust our
-+ * FD limit, further FDs will simply be discarded. We are
-+ * protected against this by our accounting-quotas, but we
-+ * would still like to catch this condition and warn loudly.
-+ * However, FDs are also dropped if the security layer refused
-+ * the transmission of the FD in question. This means, if an
-+ * LSM refuses the D-Bus client to send us an FD, the FD is
-+ * just dropped and MSG_CTRUNC will be set. This can be
-+ * triggered by clients.
-+ *
-+ * To summarize: In an ideal world, we would expect this flag
-+ * to never be set, and we would just use
-+ * `error_origin(-ENOTRECOVERABLE)` to provide diagnostics.
-+ * Unfortunately, the gross misuse of this flag for LSM
-+ * security enforcements means we have to assume any occurence
-+ * of MSG_CTRUNC means the client was refused to send a
-+ * specific message. Our only possible way to deal with this is
-+ * to disconnect the client.
- */
-- r = error_origin(-ENOTRECOVERABLE);
-+ socket_close(socket);
-+ r = SOCKET_E_LOST_INTEREST;
- goto error;
- }
-
---
-2.21.0
-
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch b/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
deleted file mode 100644
index 0348d97..0000000
--- a/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From fc1d26dd08c48c04fc9883b36a94c219aba2091c Mon Sep 17 00:00:00 2001
-From: Luca Boccassi <luca.boccassi at microsoft.com>
-Date: Mon, 28 Oct 2019 14:31:38 +0000
-Subject: [PATCH] launcher: fix build with musl libc
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-../src/launch/launcher.c: In function ‘launcher_fork’:
-../src/launch/launcher.c:378:60: error: ‘WEXITED’ undeclared (first use in this function); did you mean ‘WIFEXITED’?
- r = sd_event_add_child(launcher->event, NULL, pid, WEXITED, launcher_on_child_exit, launcher);
- ^~~~~~~
- WIFEXITED
-
-Include sys/wait.h which defines it.
-
-Signed-off-by: Luca Boccassi <luca.boccassi at microsoft.com>
-Suggested-by: Khem Raj <raj.khem at gmail.com>
-Upstream-Status: pending https://github.com/bus1/dbus-broker/pull/214
----
- src/launch/launcher.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/launch/launcher.c b/src/launch/launcher.c
-index 2ec4bda..1f38fcf 100644
---- a/src/launch/launcher.c
-+++ b/src/launch/launcher.c
-@@ -10,6 +10,7 @@
- #include <stdlib.h>
- #include <sys/prctl.h>
- #include <sys/un.h>
-+#include <sys/wait.h>
- #include <systemd/sd-bus.h>
- #include <systemd/sd-daemon.h>
- #include <systemd/sd-event.h>
---
-2.20.1
-
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0005-launch-policy-fix-crash-when-importing-selinux.patch b/meta-oe/recipes-core/dbus/dbus-broker/0005-launch-policy-fix-crash-when-importing-selinux.patch
deleted file mode 100644
index c5f3092..0000000
--- a/meta-oe/recipes-core/dbus/dbus-broker/0005-launch-policy-fix-crash-when-importing-selinux.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From d28e59c451375e8b08fa431b1d64cb3ce9f078ee Mon Sep 17 00:00:00 2001
-From: Luca Boccassi <luca.boccassi at microsoft.com>
-Date: Fri, 25 Oct 2019 21:04:36 +0100
-Subject: [PATCH 1/2] launch/policy: fix crash when importing <selinux>
-
-If a policy contains a <selinux> element, dbus-broker-launch crashes:
-
-Oct 22 12:02:51 localhost dbus-broker-launch[885]: dbus-broker-launch: ../dbus-broker-19/src/launch/policy.c:232: policy_import_verdict: Assertion `cnode->parent->type == CONFIG_NODE_POLICY' failed.
-
-Minimal config to reproduce:
-
-<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-<busconfig>
- <selinux>
- <associate own="com.example1" context="system_u:object_r:example1_t" />
- <associate own="com.example2" context="system_u:object_r:example2_t" />
- </selinux>
-</busconfig>
-
-policy_import_verdict is being called on an associate element,
-but not only it cannot work as that function checks that the
-parent is a policy node (but it's a selinux node in this case),
-it is also not necessary as the selinux node only defines ownership,
-it does not have allow/deny.
-
-Fixes #212
-
-Signed-off-by: Luca Boccassi <luca.boccassi at microsoft.com>
-Upstream-Status: merged https://github.com/bus1/dbus-broker/pull/213
----
- src/launch/policy.c | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/src/launch/policy.c b/src/launch/policy.c
-index a8ba8e7..466e4bd 100644
---- a/src/launch/policy.c
-+++ b/src/launch/policy.c
-@@ -613,8 +613,6 @@ static int policy_import_selinux(Policy *policy, ConfigNode *cnode) {
- if (r)
- return error_trace(r);
-
-- policy_import_verdict(policy, record, cnode);
--
- record->selinux.name = cnode->associate.own;
- record->selinux.context = cnode->associate.context;
-
---
-2.20.1
-
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0006-launch-policy-fix-crash-when-exporting-selinux.patch b/meta-oe/recipes-core/dbus/dbus-broker/0006-launch-policy-fix-crash-when-exporting-selinux.patch
deleted file mode 100644
index 51f4536..0000000
--- a/meta-oe/recipes-core/dbus/dbus-broker/0006-launch-policy-fix-crash-when-exporting-selinux.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From f1cdef4d98ddbfeeb4a688712d54b3adc89bfe26 Mon Sep 17 00:00:00 2001
-From: Luca Boccassi <luca.boccassi at microsoft.com>
-Date: Fri, 25 Oct 2019 21:05:43 +0100
-Subject: [PATCH 2/2] launch/policy: fix crash when exporting <selinux>
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-If a policy contains a <selinux> element, dbus-broker-launch crashes:
-
-[ 30.048705] dbus-broker-launch[221]: ERROR policy_export @ ../dbus-broker-21/src/launch/policy.c +1142: Return code 1
-[ 30.050963] dbus-broker-launch[221]: launcher_add_listener @ ../dbus-broker-21/src/launch/launcher.c +1130
-[ 30.079620] dbus-broker[228]: Dispatched 0 messages @ 0(±0)μs / message.
-[ 30.082613] dbus-broker-launch[221]: launcher_run @ ../dbus-broker-21/src/launch/launcher.c +1389
-[ 30.084426] dbus-broker-launch[221]: run @ ../dbus-broker-21/src/launch/main.c +153
-[ 30.085797] dbus-broker-launch[221]: main @ ../dbus-broker-21/src/launch/main.c +181
-[ 30.087208] dbus-broker-launch[221]: Exiting due to fatal error: -131
-
-Minimal config to reproduce:
-
-<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-<busconfig>
- <selinux>
- <associate own="com.example1" context="system_u:object_r:example1_t" />
- <associate own="com.example2" context="system_u:object_r:example2_t" />
- </selinux>
-</busconfig>
-
-As per the libsystemd API, sd_bus_message_append can return an int
-greater than 0 on success, which for example happens when processing
-vectors.
-The export function is treating every non-zero result as an error,
-which causes dbus-broker-launch to terminate.
-
-Fixes #212
-
-Signed-off-by: Luca Boccassi <luca.boccassi at microsoft.com>
-Upstream-Status: merged https://github.com/bus1/dbus-broker/pull/213
----
- src/launch/policy.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/launch/policy.c b/src/launch/policy.c
-index 466e4bd..f91f11b 100644
---- a/src/launch/policy.c
-+++ b/src/launch/policy.c
-@@ -1138,7 +1138,7 @@ int policy_export(Policy *policy, sd_bus_message *m, uint32_t *at_console_uids,
- r = sd_bus_message_append(m, "(ss)",
- i_record->selinux.name,
- i_record->selinux.context);
-- if (r)
-+ if (r < 0)
- return error_origin(r);
- }
-
---
-2.20.1
-
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_22.bb
similarity index 63%
rename from meta-oe/recipes-core/dbus/dbus-broker_21.bb
rename to meta-oe/recipes-core/dbus/dbus-broker_22.bb
index 67b515d..c0b6f7f 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_22.bb
@@ -7,14 +7,8 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
-SRC_URI += " file://0001-launch-improve-error-handling-for-opendir.patch"
-SRC_URI += " file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
-SRC_URI += " file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
-SRC_URI += " file://0004-launcher-fix-build-with-musl-libc.patch"
-SRC_URI += " file://0005-launch-policy-fix-crash-when-importing-selinux.patch"
-SRC_URI += " file://0006-launch-policy-fix-crash-when-exporting-selinux.patch"
-SRC_URI[md5sum] = "a17886a92ab1e0bc2e4b1a274339e388"
-SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
+SRC_URI[md5sum] = "03c4730f2110b5492e1212c81af325dc"
+SRC_URI[sha256sum] = "32f30700cefc997c479d75fcc42f3177940f1ebbee9c5a60c1e3ee39b90a9783"
UPSTREAM_CHECK_URI = "https://github.com/bus1/${BPN}/releases"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list