Update to 2.61

2021-11-25 18:43:16 +08:00 · 2021-11-25 18:43:16 +08:00 · 290b9967ea
commit 290b9967ea
parent a3d45b1097
7 changed files with 22 additions and 293 deletions
--- a/Avoid-segfaulting-when-the-kernel-is-ahead-of-libcap.patch
+++ b/Avoid-segfaulting-when-the-kernel-is-ahead-of-libcap.patch
@ -1,58 +0,0 @@
 From 2f72ffb7c9f28fbd143010dd68730b73ad1596f4 Mon Sep 17 00:00:00 2001
 From: "Andrew G. Morgan" <morgan@kernel.org>
 Date: Sat, 2 May 2020 17:10:25 -0700
 Subject: [PATCH] Avoid segfaulting when the kernel is ahead of libcap.
 Fixes bug report from Heiner Kallweit:
  https://bugzilla.kernel.org/show_bug.cgi?id=207549
 This bug was triggered when the kernel being run knows about
 more capabilities than the running build of libcap does. The
 issue is that in two places libcap assumed that _cap_names[]
 was long enough to name cap_max_bits() worth of capabilities.
 Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
 ---
 libcap/cap_text.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)
 diff --git a/libcap/cap_text.c b/libcap/cap_text.c
 index 00fbbc6..8ea4b05 100644
 --- a/libcap/cap_text.c
 +++ b/libcap/cap_text.c
@@ -57,8 +57,9 @@ static char const *namcmp(char const *str, char const *nam)
 }
 /*
 - * forceall forces all of the named capabilities to be assigned the
 - * masked value, and zeroed otherwise.
 + * forceall forces all of the kernel named capabilities to be assigned
 + * the masked value, and zeroed otherwise. Note, if the kernel is ahead
 + * of libcap, the upper bits will be referred to by number.
  */
 static void forceall(__u32 *flat, __u32 value, unsigned blks)
 {
@@ -112,13 +113,16 @@ static int lookupname(char const **strp)
 	}
 #else /* ie., ndef GPERF_DOWNCASE */
 	char const *s;
 -	unsigned n;
 -
 -	for (n = cap_max_bits(); n--; )
 +	unsigned n = cap_max_bits();
 +	if (n > __CAP_BITS) {
 +	    n = __CAP_BITS;
 +	}
 +	while (n--) {
 	    if (_cap_names[n] && (s = namcmp(str.constp, _cap_names[n]))) {
 		*strp = s;
 		return n;
 	    }
 +	}
 #endif /* def GPERF_DOWNCASE */
 	return -1;   	/* No definition available */
 -- 
 2.27.GIT
--- a/backport-capsh-better-error-handling-for-integer-parsing.patch
+++ b/backport-capsh-better-error-handling-for-integer-parsing.patch
@ -1,141 +0,0 @@
 From 9c4997d6592e5daf046a6968ac83cf615c51fbe1 Mon Sep 17 00:00:00 2001
 From: "Andrew G. Morgan" <morgan@kernel.org>
 Date: Sat, 6 Nov 2021 08:45:06 -0700
 Subject: [PATCH] capsh: better error handling for integer parsing.
 Bug reported by meitingli:
   https://bugzilla.kernel.org/show_bug.cgi?id=214911
 Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
 ---
 progs/capsh.c | 49 ++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 40 insertions(+), 9 deletions(-)
 diff --git a/progs/capsh.c b/progs/capsh.c
 index 2295359..4f568c3 100644
 --- a/progs/capsh.c
 +++ b/progs/capsh.c
@@ -40,6 +40,35 @@
 #define MAX_GROUPS       100   /* max number of supplementary groups for user */
 +/* parse a non-negative integer with some error handling */
 +static unsigned long nonneg_uint(const char *text, const char *prefix, int *ok)
 +{
 +    char *remains;
 +    unsigned long value;
 +    ssize_t len = strlen(text);
 +
 +    if (len == 0 || *text == '-') {
 +	goto fail;
 +    }
 +    value = strtoul(text, &remains, 0);
 +    if (*remains) {
 +	goto fail;
 +    }
 +    if (ok != NULL) {
 +	*ok = 1;
 +    }
 +    return value;
 +
 +fail:
 +    if (ok == NULL) {
 +	fprintf(stderr, "%s: want non-negative integer, got \"%s\"\n",
 +		prefix, text);
 +	exit(1);
 +    }
 +    *ok = 0;
 +    return 0;
 +}
 +
 static char *binary(unsigned long value)
 {
     static char string[8*sizeof(unsigned long) + 1];
@@ -667,7 +696,7 @@ int main(int argc, char *argv[], char *envp[])
 	    unsigned value;
 	    int set;
 -	    value = strtoul(argv[i]+7, NULL, 0);
 +	    value = nonneg_uint(argv[i]+7, "invalid --keep value", NULL);
 	    set = prctl(PR_SET_KEEPCAPS, value);
 	    if (set < 0) {
 		fprintf(stderr, "prctl(PR_SET_KEEPCAPS, %u) failed: %s\n",
@@ -724,7 +753,7 @@ int main(int argc, char *argv[], char *envp[])
 	} else if (!strncmp("--secbits=", argv[i], 10)) {
 	    unsigned value;
 	    int status;
 -	    value = strtoul(argv[i]+10, NULL, 0);
 +	    value = nonneg_uint(argv[i]+10, "invalid --secbits value", NULL);
 	    status = cap_set_secbits(value);
 	    if (status < 0) {
 		fprintf(stderr, "failed to set securebits to 0%o/0x%x\n",
@@ -737,8 +766,9 @@ int main(int argc, char *argv[], char *envp[])
 		fprintf(stderr, "already forked\n");
 		exit(1);
 	    }
 -	    value = strtoul(argv[i]+10, NULL, 0);
 +	    value = nonneg_uint(argv[i]+10, "invalid --forkfor value", NULL);
 	    if (value == 0) {
 +		fprintf(stderr, "require non-zero --forkfor value\n");
 		goto usage;
 	    }
 	    child = fork();
@@ -753,7 +783,8 @@ int main(int argc, char *argv[], char *envp[])
 	    pid_t result;
 	    unsigned value;
 -	    value = strtoul(argv[i]+9, NULL, 0);
 +	    value = nonneg_uint(argv[i]+9, "invalid --killit signo value",
 +				NULL);
 	    if (!child) {
 		fprintf(stderr, "no forked process to kill\n");
 		exit(1);
@@ -779,7 +810,7 @@ int main(int argc, char *argv[], char *envp[])
 	    unsigned value;
 	    int status;
 -	    value = strtoul(argv[i]+6, NULL, 0);
 +	    value = nonneg_uint(argv[i]+6, "invalid --uid value", NULL);
 	    status = setuid(value);
 	    if (status < 0) {
 		fprintf(stderr, "Failed to set uid=%u: %s\n",
@@ -790,7 +821,7 @@ int main(int argc, char *argv[], char *envp[])
 	    unsigned value;
 	    int status;
 -	    value = strtoul(argv[i]+10, NULL, 0);
 +	    value = nonneg_uint(argv[i]+10, "invalid --cap-uid value", NULL);
 	    status = cap_setuid(value);
 	    if (status < 0) {
 		fprintf(stderr, "Failed to cap_setuid(%u): %s\n",
@@ -801,7 +832,7 @@ int main(int argc, char *argv[], char *envp[])
 	    unsigned value;
 	    int status;
 -	    value = strtoul(argv[i]+6, NULL, 0);
 +	    value = nonneg_uint(argv[i]+6, "invalid --gid value", NULL);
 	    status = setgid(value);
 	    if (status < 0) {
 		fprintf(stderr, "Failed to set gid=%u: %s\n",
@@ -1009,7 +1040,7 @@ int main(int argc, char *argv[], char *envp[])
 	} else if (!strncmp("--is-uid=", argv[i], 9)) {
 	    unsigned value;
 	    uid_t uid;
 -	    value = strtoul(argv[i]+9, NULL, 0);
 +	    value = nonneg_uint(argv[i]+9, "invalid --is-uid value", NULL);
 	    uid = getuid();
 	    if (uid != value) {
 		fprintf(stderr, "uid: got=%d, want=%d\n", uid, value);
@@ -1018,7 +1049,7 @@ int main(int argc, char *argv[], char *envp[])
 	} else if (!strncmp("--is-gid=", argv[i], 9)) {
 	    unsigned value;
 	    gid_t gid;
 -	    value = strtoul(argv[i]+9, NULL, 0);
 +	    value = nonneg_uint(argv[i]+9, "invalid --is-gid value", NULL);
 	    gid = getgid();
 	    if (gid != value) {
 		fprintf(stderr, "gid: got=%d, want=%d\n", gid, value);
 -- 
 1.8.3.1
--- a/backport-setcap-clean-up-error-handling-of-the-ns-rootid-argument.patch
+++ b/backport-setcap-clean-up-error-handling-of-the-ns-rootid-argument.patch
@ -1,70 +0,0 @@
 From 8e1e967bc8d99a3233d51f67f6b88620cdff78dc Mon Sep 17 00:00:00 2001
 From: "Andrew G. Morgan" <morgan@kernel.org>
 Date: Sat, 6 Nov 2021 08:02:20 -0700
 Subject: [PATCH] setcap: clean up error handling of the ns rootid argument.
 Bug reported by Artem S. Tashkinov:
 https://bugzilla.kernel.org/show_bug.cgi?id=214909
 Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
 ---
 progs/setcap.c | 35 ++++++++++++++++++++++++++++++-----
 1 file changed, 30 insertions(+), 5 deletions(-)
 diff --git a/progs/setcap.c b/progs/setcap.c
 index 442685d..fe985cd 100644
 --- a/progs/setcap.c
 +++ b/progs/setcap.c
@@ -22,6 +22,35 @@ static void usage(void)
     exit(1);
 }
 +/* parse a positive integer with some error handling */
 +static unsigned long pos_uint(const char *text, const char *prefix, int *ok)
 +{
 +    char *remains;
 +    unsigned long value;
 +    ssize_t len = strlen(text);
 +
 +    if (len == 0 || *text == '-') {
 +       goto fail;
 +    }
 +    value = strtoul(text, &remains, 0);
 +    if (*remains || value == 0) {
 +       goto fail;
 +    }
 +    if (ok != NULL) {
 +       *ok = 1;
 +    }
 +    return value;
 +
 +fail:
 +    if (ok == NULL) {
 +       fprintf(stderr, "%s: want positive integer, got \"%s\"\n",
 +               prefix, text);
 +       exit(1);
 +    }
 +    *ok = 0;
 +    return 0;
 +}
 +
 #define MAXCAP  2048
 static int read_caps(int quiet, const char *filename, char *buffer)
@@ -93,11 +122,7 @@ int main(int argc, char **argv)
 		exit(1);
 	    }
 	    --argc;
 -	    rootid = (uid_t) atoi(*++argv);
 -	    if (rootid+1 < 2) {
 -		fprintf(stderr, "invalid rootid!=0 of '%s'", *argv);
 -		exit(1);
 -	    }
 +           rootid = (uid_t) pos_uint(*++argv, "bad ns rootid", NULL);
 	    continue;
 	}
 -- 
 1.8.3.1
--- a/libcap-2.32.tar.gz
+++ b/libcap-2.32.tar.gz
--- a/libcap-2.61.tar.gz
+++ b/libcap-2.61.tar.gz
--- a/libcap-buildflags.patch
+++ b/libcap-buildflags.patch
@ -1,34 +1,29 @@
 From 11bdd43001c41d96769e437498bc57e8665ada2f Mon Sep 17 00:00:00 2001
 From: zhangchenfeng <zhangchenfeng1@huawei.com>
 Date: Fri, 17 Apr 2020 10:21:28 +0800
-Subject: [PATCH] bcap-2.32-buildflags
+Subject: [PATCH] libcap-2.61-buildflags
 ---
 Make.Rules | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/Make.Rules b/Make.Rules
-index f02c770..b5d682b 100644
+index 70d5829..2160012 100644
 --- a/Make.Rules
 +++ b/Make.Rules
-@@ -50,7 +50,7 @@ KERNEL_HEADERS := $(topdir)/libcap/include/uapi
+@@ -81,10 +81,10 @@ WARNINGS=-Wall -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align \
- IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include
+ 	-Wstrict-prototypes -Wmissing-prototypes -Wnested-externs       \
- 
+ 	-Winline -Wshadow -Wunreachable-code
- CC := gcc
+ COPTS ?= -O2
-CFLAGS := -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
+-CFLAGS ?= $(COPTS) $(DEBUG)
-+CFLAGS := $(RPM_OPT_FLAGS) -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
+CFLAGS ?= $(RPM_OPT_FLAGS) $(DEBUG)
- BUILD_CC := $(CC)
+ CFLAGS += $(WARNINGS)
- BUILD_CFLAGS := $(CFLAGS) $(IPATH)
+ CPPFLAGS += -Dlinux $(DEFINES) $(LIBCAP_INCLUDES)
- AR := ar
+-LDFLAGS ?= # -g
-@@ -61,7 +61,7 @@ WARNINGS=-Wall -Wwrite-strings \
+LDFLAGS ?= $(RPM_OPT_FLAGS) 
         -Wstrict-prototypes -Wmissing-prototypes \
         -Wnested-externs -Winline -Wshadow
 LD=$(CC) -Wl,-x -shared
 -LDFLAGS := #-g
 +LDFLAGS := $(RPM_LD_FLAGS) #-g
 LIBCAPLIB := -L$(topdir)/libcap -lcap
 LIBPSXLIB := -L$(topdir)/libcap -lpsx -lpthread
 BUILD_CC ?= $(CC)
 BUILD_LD ?= $(BUILD_CC) -Wl,-x -shared
 -- 
 1.8.3.1
--- a/libcap.spec
+++ b/libcap.spec
@ -1,15 +1,12 @@
 Name:     libcap
-Version:  2.32
+Version:  2.61
-Release:  3
+Release:  1
 Summary:  A library for getting and setting POSIX.1e draft 15 capabilities        
 License:  GPLv2
 URL:      https://sites.google.com/site/fullycapable
 Source0:  https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/%{name}-%{version}.tar.gz
 Patch0:   libcap-buildflags.patch
 Patch1:   Avoid-segfaulting-when-the-kernel-is-ahead-of-libcap.patch
 Patch2:   backport-capsh-better-error-handling-for-integer-parsing.patch
 Patch3:   backport-setcap-clean-up-error-handling-of-the-ns-rootid-argument.patch
 BuildRequires: libattr-devel pam-devel perl-interpreter gcc
@ -40,6 +37,9 @@ mkdir -p %{buildroot}/%{_mandir}/man{2,3,8}
 mv -f doc/*.3 %{buildroot}/%{_mandir}/man3/
 chmod +x %{buildroot}/%{_libdir}/*.so.*
 %check
 %make_build COPTS="%{optflags}" test
 %pre
 %preun
@ -70,6 +70,9 @@ chmod +x %{buildroot}/%{_libdir}/*.so.*
 %{_mandir}/man8/*.gz
 %changelog
 * Thu Nov 25 2021 yixiangzhike <yixiangzhike007@163.com> - 2.61-1
 - update to 2.61
 * Mon Nov 8 2021 yixiangzhike <yixiangzhike007@163.com> - 2.32-3
 - capsh better error handling for integer parsing
 - setcap clean up error handling of the ns rootid argument