pseudo: Backport two upstream fixes

Backport fixes from pseudo master for an acl issue and more importantly, a segfault issue with bash which can be triggered by the recent useradd changes. (From OE-Core rev: 949214761998a93fc6b8b009f1cdad0db3bfa5db) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-04-14 10:07:33 +01:00 · 2017-04-14 10:07:33 +01:00 · c5269fd210
parent 0bf9cb2272
commit c5269fd210
3 changed files with 149 additions and 0 deletions
--- a/meta/recipes-devtools/pseudo/files/b6b68db896f9963558334aff7fca61adde4ec10f.patch
+++ b/meta/recipes-devtools/pseudo/files/b6b68db896f9963558334aff7fca61adde4ec10f.patch
@ -0,0 +1,48 @@
+From b6b68db896f9963558334aff7fca61adde4ec10f Mon Sep 17 00:00:00 2001
+From: Seebs <seebs@seebs.net>
+Date: Thu, 13 Apr 2017 18:12:01 -0500
+Subject: Prevent bash from segfaulting when unloading pseudo
+
+bash's extremely fancy internal awareness of how the environment looks
+means that, if you directly call the underlying libc "unsetenv" on
+a variable, bash can end up trying to access a null pointer. Fixing
+this generically is actually rather hard; you can't really avoid
+writing to environ on fork() or popen(), even if you change all
+execv*() functions to use the execv*e() variants. So for now, instead
+of unsetting the variable, set it to an empty string.
+
+Thanks to Saur in IRC for spotting this and helping debug it.
+
+Signed-off-by: Seebs <seebs@seebs.net>
+
+Upstream-Status: Backport
+
+diff --git a/ChangeLog.txt b/ChangeLog.txt
+index a2d30e9..8ba1ffa 100644
+--- a/ChangeLog.txt
+++ b/ChangeLog.txt
+@@ -1,3 +1,8 @@
+2017-04-13:
+	* (seebs) don't unset LD_PRELOAD or the like, because if you
+	  do that, bash can segfault because it "knows" how many
+	  fields are in environ.
+
+ 2017-02-24:
+ 	* (seebs) import posix_acl_default fix from Anton Gerasimov
+ 	  <anton@advancedtelematic.com>
+diff --git a/pseudo_util.c b/pseudo_util.c
+index 172990b..6a1fac2 100644
+--- a/pseudo_util.c
+++ b/pseudo_util.c
+@@ -844,7 +844,7 @@ void pseudo_dropenv() {
+ 		if (ld_preload && strlen(ld_preload)) {
+ 			SETENV(PRELINK_LIBRARIES, ld_preload, 1);
+ 		} else {
+-			UNSETENV(PRELINK_LIBRARIES);
+			SETENV(PRELINK_LIBRARIES, "", 1);
+ 		}
+ 	}
+ }
+-- 
+cgit v0.10.2
+
--- a/meta/recipes-devtools/pseudo/files/efe0be279901006f939cd357ccee47b651c786da.patch
+++ b/meta/recipes-devtools/pseudo/files/efe0be279901006f939cd357ccee47b651c786da.patch
@ -0,0 +1,99 @@
+From efe0be279901006f939cd357ccee47b651c786da Mon Sep 17 00:00:00 2001
+From: Seebs <seebs@seebs.net>
+Date: Fri, 24 Feb 2017 12:47:38 -0600
+Subject: Don't try to record 0-length posix_acl_default xattrs
+
+Based on a submission from Anton Gerasimov <anton@advancedtelematic.com>
+
+On some systems, with some kernel configs, "cp -a" apparently tries to
+set an empty ACL list, with a valid header but no contents, which causes
+strange and mysterious behavior later if we actually create such an entry.
+So filter that out, also sanity-check a couple of other things.
+
+Signed-off-by: Seebs <seebs@seebs.net>
+
+Upstream-Status: Backport
+
+diff --git a/ChangeLog.txt b/ChangeLog.txt
+index ae2a6e9..a2d30e9 100644
+--- a/ChangeLog.txt
+++ b/ChangeLog.txt
+@@ -1,3 +1,6 @@
+2017-02-24:
+	* (seebs) import posix_acl_default fix from Anton Gerasimov
+	  <anton@advancedtelematic.com>
+ 2017-02-01:
+    * (seebs) handle xattr deletion slightly more carefully.
+    * (seebs) tag this as 1.8.2
+diff --git a/ports/linux/xattr/pseudo_wrappers.c b/ports/linux/xattr/pseudo_wrappers.c
+index 46bc053..d69d53e 100644
+--- a/ports/linux/xattr/pseudo_wrappers.c
+++ b/ports/linux/xattr/pseudo_wrappers.c
+@@ -62,9 +62,9 @@ static int
+ posix_permissions(const acl_header *header, int entries, int *extra, int *mode) {
+ 	int acl_seen = 0;
+ 	if (le32(header->version) != 2) {
+-		pseudo_diag("Fatal: ACL support no available for header version %d.\n",
+		pseudo_diag("Fatal: ACL support not available for header version %d.\n",
+ 			le32(header->version));
+-		return 1;
+		return -1;
+ 	}
+ 	*mode = 0;
+ 	*extra = 0;
+@@ -140,12 +140,38 @@ static int shared_setxattr(const char *path, int fd, const char *name, const voi
+ 	pseudo_debug(PDBGF_XATTR, "setxattr(%s [fd %d], %s => '%.*s')\n",
+ 		path ? path : "<no path>", fd, name, (int) size, (char *) value);
+ 
+	/* Filter out erroneous sizes for POSIX ACL
+	 *  see posix_acl_xattr_count in include/linux/posix_acl_xattr.h of Linux source code */
+	/* I don't think there's any posix_acl_* values that aren't in this format */
+	if (!strncmp(name, "system.posix_acl_", 17)) {
+		// ACL is corrupt, issue an error
+		if(size < sizeof(acl_header) || (size - sizeof(acl_header)) % sizeof(acl_entry) != 0) {
+			pseudo_debug(PDBGF_XATTR, "invalid data size for %s: %d\n",
+				name, (int) size);
+			errno = EINVAL;
+			return -1;
+		}
+
+		// ACL is empty, do nothing
+		if((size - sizeof(acl_header)) / sizeof(acl_entry) == 0) {
+			/* on some systems, "cp -a" will attempt to clone the
+			 * posix_acl_default entry for a directory (which would specify
+			 * default ACLs for new files in that directory), but if the
+			 * original was empty, we get a header but no entries. With
+			 * real xattr, that ends up being silently discarded, apparently,
+			 * so we discard it too.
+			 */
+			pseudo_debug(PDBGF_XATTR, "0-length ACL entry %s.\n", name);
+			return 0;
+		}
+	}
+ 	/* this may be a plain chmod */
+ 	if (!strcmp(name, "system.posix_acl_access")) {
+ 		int extra;
+ 		int mode;
+ 		int entries = (size - sizeof(acl_header)) / sizeof(acl_entry);
+-		if (!posix_permissions(value, entries, &extra, &mode)) {
+		int res = posix_permissions(value, entries, &extra, &mode);
+		if (res == 0) {
+ 			pseudo_debug(PDBGF_XATTR, "posix_acl_access translated to mode %04o. Remaining attribute(s): %d.\n",
+ 				mode, extra);
+ 			buf.st_mode = mode;
+@@ -164,8 +190,12 @@ static int shared_setxattr(const char *path, int fd, const char *name, const voi
+ 			if (!extra) {
+ 				return 0;
+ 			}
+		} else if (res == -1) {
+			errno = EOPNOTSUPP;
+			return -1;
+ 		}
+ 	}
+
+ 	if (!strcmp(name, "user.pseudo_data")) {
+ 		pseudo_debug(PDBGF_XATTR | PDBGF_XATTRDB, "user.pseudo_data xattribute does not get to go in database.\n");
+ 		return -1;
+-- 
+cgit v0.10.2
+
--- a/meta/recipes-devtools/pseudo/pseudo_1.8.2.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_1.8.2.bb
@ -5,6 +5,8 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/pseudo/${BPN}-${PV}.tar.bz
           file://fallback-passwd \
           file://fallback-group \
           file://moreretries.patch \
+           file://efe0be279901006f939cd357ccee47b651c786da.patch \
+           file://b6b68db896f9963558334aff7fca61adde4ec10f.patch \
           "

 SRC_URI[md5sum] = "7d41e72188fbea1f696c399c1a435675"