mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-22 15:32:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

systemd: Update to systemd-stable v241-stable release

Browse Source 
This changes the repository to use the systemd-stable, and update to
the latest release from v241-stable branch.

Following changes are included:

c1f8ff8d0d login: mark nomodeset fb devices as master-of-seat
59f2213e45 login: HyperV requires master-of-seat to be set
a09c170122 Allocate temporary strings to hold dbus paths on the heap
4f54afd5a1 Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit.
b22a96ef2f NEWS: add entry about 'udevadm trigger --wait-daemon'
bada94eb3e NEWS: fix release date
e9f930b2f5 udev-event: make subst_format_var() always provide null-terminated string on success
66320aec80 sd-device: also store properties read from udev database to sd_device::properties_db
dffc22c833 udev-rules: update log messages about OWNER= or GROUP= settings on --resolve=names=never

(From OE-Core rev: 0111855d2c5029c93844e08fcd48592137bfb68a)

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Otavio Salvador
2019-03-18 17:04:10 -03:00
committed by Richard Purdie
parent 5061e7e9b5
commit 6c66a46c51
3 changed files with 5 additions and 220 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
meta/recipes-core/systemd/systemd.inc
View File

@@ -14,8 +14,10 @@ LICENSE = "GPLv2 & LGPLv2.1"
LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"
SRCREV = "e62a7fea757f259eb330da5b6d3ab4ede46400a2"
SRC_URI = "git://github.com/systemd/systemd.git;protocol=git"
SRCREV = "c1f8ff8d0de7e303b8004b02a0a47d4cc103a7f8"
SRCBRANCH = "v241-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}"
S = "${WORKDIR}/git"
PV_append = "+${SRCPV}"

216
meta/recipes-core/systemd/systemd/CVE-2019-6454.patch
View File

@@ -1,216 +0,0 @@
Description: sd-bus: enforce a size limit for dbus paths, and don't allocate
them on the stacka
Forwarded: no
Patch from: systemd_239-7ubuntu10.8
For information see:
https://usn.ubuntu.com/3891-1/
https://git.launchpad.net/ubuntu/+source/systemd/commit/?id=f8e75d5634904c8e672658856508c3a02f349adb
CVE: CVE-2019-6454
Upstream-Status: Backport
Signed-off-by: George McCollister <george.mccollister@gmail.com>
diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c
index 40acae2133..598b7f110c 100644
--- a/src/libsystemd/sd-bus/bus-internal.c
+++ b/src/libsystemd/sd-bus/bus-internal.c
@@ -43,7 +43,7 @@ bool object_path_is_valid(const char *p) {
if (slash)
return false;
- return true;
+ return (q - p) <= BUS_PATH_SIZE_MAX;
}
char* object_path_startswith(const char *a, const char *b) {
diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
index f208b294d8..a8d61bf72a 100644
--- a/src/libsystemd/sd-bus/bus-internal.h
+++ b/src/libsystemd/sd-bus/bus-internal.h
@@ -332,6 +332,10 @@ struct sd_bus {
#define BUS_MESSAGE_SIZE_MAX (128*1024*1024)
#define BUS_AUTH_SIZE_MAX (64*1024)
+/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one
+ * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however,
+ * to not clash unnecessarily with real-life applications. */
+#define BUS_PATH_SIZE_MAX (64*1024)
#define BUS_CONTAINER_DEPTH 128
diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
index 58329f3fe7..54b977418e 100644
--- a/src/libsystemd/sd-bus/bus-objects.c
+++ b/src/libsystemd/sd-bus/bus-objects.c
@@ -1133,7 +1133,8 @@ static int object_manager_serialize_path_and_fallbacks(
const char *path,
sd_bus_error *error) {
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -1149,7 +1150,12 @@ static int object_manager_serialize_path_and_fallbacks(
return 0;
/* Second, add fallback vtables registered for any of the prefixes */
- prefix = newa(char, strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = object_manager_serialize_path(bus, reply, prefix, path, true, error);
if (r < 0)
@@ -1345,6 +1351,7 @@ static int object_find_and_run(
}
int bus_process_object(sd_bus *bus, sd_bus_message *m) {
+ _cleanup_free_ char *prefix = NULL;
int r;
size_t pl;
bool found_object = false;
@@ -1369,9 +1376,12 @@ int bus_process_object(sd_bus *bus, sd_bus_message *m) {
assert(m->member);
pl = strlen(m->path);
- do {
- char prefix[pl+1];
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+ do {
bus->nodes_modified = false;
r = object_find_and_run(bus, m, m->path, false, &found_object);
@@ -1498,9 +1508,15 @@ static int bus_find_parent_object_manager(sd_bus *bus, struct node **out, const
n = hashmap_get(bus->nodes, path);
if (!n) {
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
+
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
- prefix = newa(char, strlen(path) + 1);
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
n = hashmap_get(bus->nodes, prefix);
if (n)
@@ -2083,8 +2099,9 @@ _public_ int sd_bus_emit_properties_changed_strv(
const char *interface,
char **names) {
+ _cleanup_free_ char *prefix = NULL;
bool found_interface = false;
- char *prefix;
+ size_t pl;
int r;
assert_return(bus, -EINVAL);
@@ -2105,6 +2122,12 @@ _public_ int sd_bus_emit_properties_changed_strv(
BUS_DONT_DESTROY(bus);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
do {
bus->nodes_modified = false;
@@ -2114,7 +2137,6 @@ _public_ int sd_bus_emit_properties_changed_strv(
if (bus->nodes_modified)
continue;
- prefix = newa(char, strlen(path) + 1);
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = emit_properties_changed_on_interface(bus, prefix, path, interface, true, &found_interface, names);
if (r != 0)
@@ -2246,7 +2268,8 @@ static int object_added_append_all_prefix(
static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
_cleanup_set_free_ Set *s = NULL;
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -2291,7 +2314,12 @@ static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *p
if (bus->nodes_modified)
return 0;
- prefix = newa(char, strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = object_added_append_all_prefix(bus, m, s, prefix, path, true);
if (r < 0)
@@ -2430,7 +2458,8 @@ static int object_removed_append_all_prefix(
static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
_cleanup_set_free_ Set *s = NULL;
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -2462,7 +2491,12 @@ static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char
if (bus->nodes_modified)
return 0;
- prefix = newa(char, strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = object_removed_append_all_prefix(bus, m, s, prefix, path, true);
if (r < 0)
@@ -2612,7 +2646,8 @@ static int interfaces_added_append_one(
const char *path,
const char *interface) {
- char *prefix;
+ _cleanup_free_ char *prefix = NULL;
+ size_t pl;
int r;
assert(bus);
@@ -2626,7 +2661,12 @@ static int interfaces_added_append_one(
if (bus->nodes_modified)
return 0;
- prefix = newa(char, strlen(path) + 1);
+ pl = strlen(path);
+ assert(pl <= BUS_PATH_SIZE_MAX);
+ prefix = new(char, pl + 1);
+ if (!prefix)
+ return -ENOMEM;
+
OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
r = interfaces_added_append_one_prefix(bus, m, prefix, path, interface, true);
if (r != 0)

1
meta/recipes-core/systemd/systemd_241.bb
View File

@@ -24,7 +24,6 @@ SRC_URI += "file://touchscreen.rules \
file://0005-rules-watch-metadata-changes-in-ide-devices.patch \
file://0001-meson-declare-version.h-as-dep-for-various-targets-t.patch \
file://0001-meson-declare-version.h-as-dependency-for-systemd.patch \
file://CVE-2019-6454.patch \
"
# patches needed by musl