From 97fb3556f09ddcfdde10cd5323b7518a27b6057f Mon Sep 17 00:00:00 2001 From: h30032433 Date: Wed, 28 Feb 2024 10:54:50 +0800 Subject: [PATCH] sync patches from systemd community --- ...fix-overflow-detection-in-sigbus_pop.patch | 51 ++++++++++ ...sctl-avoid-asserting-on-NULL-message.patch | 99 +++++++++++++++++++ ...d-sockets-to-the-graveyard-on-shutdo.patch | 57 +++++++++++ ...-sd-event-state-before-setting-up-po.patch | 58 +++++++++++ systemd.spec | 15 ++- 5 files changed, 279 insertions(+), 1 deletion(-) create mode 100644 backport-basic-fix-overflow-detection-in-sigbus_pop.patch create mode 100644 backport-busctl-avoid-asserting-on-NULL-message.patch create mode 100644 backport-resolve-don-t-add-sockets-to-the-graveyard-on-shutdo.patch create mode 100644 backport-sd-journal-check-sd-event-state-before-setting-up-po.patch diff --git a/backport-basic-fix-overflow-detection-in-sigbus_pop.patch b/backport-basic-fix-overflow-detection-in-sigbus_pop.patch new file mode 100644 index 0000000..b321a2b --- /dev/null +++ b/backport-basic-fix-overflow-detection-in-sigbus_pop.patch @@ -0,0 +1,51 @@ +From b4a9d19e4ec527a7b2d774a1349a6133f7739847 Mon Sep 17 00:00:00 2001 +From: Rose <83477269+AtariDreams@users.noreply.github.com> +Date: Tue, 2 Jan 2024 10:13:27 -0500 +Subject: [PATCH] basic: fix overflow detection in sigbus_pop + +The current check checks for n_sigbus_queue +being greater than or equal to SIGBUS_QUEUE_MAX, +when it should be just greater than as +n_sigbus_queue being SIGBUS_QUEUE_MAX indicates +that the queue is full, but not overflowed. + +Conflict:adapt context +Reference:https://github.com/systemd/systemd/commit/b4a9d19e4ec527a7b2d774a1349a6133f7739847 + +--- + src/basic/sigbus.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/basic/sigbus.c b/src/basic/sigbus.c +index 7e5a493f6b..47ab0b81d8 100644 +--- a/src/basic/sigbus.c ++++ b/src/basic/sigbus.c +@@ -40,14 +40,14 @@ static void sigbus_push(void *addr) { + } + + /* If we can't, make sure the queue size is out of bounds, to +- * mark it as overflow */ ++ * mark it as overflowed */ + for (;;) { + unsigned c; + + __sync_synchronize(); + c = n_sigbus_queue; + +- if (c > SIGBUS_QUEUE_MAX) /* already overflow */ ++ if (c > SIGBUS_QUEUE_MAX) /* already overflowed */ + return; + + if (__sync_bool_compare_and_swap(&n_sigbus_queue, c, c + SIGBUS_QUEUE_MAX)) +@@ -70,7 +70,7 @@ int sigbus_pop(void **ret) { + if (_likely_(c == 0)) + return 0; + +- if (_unlikely_(c >= SIGBUS_QUEUE_MAX)) ++ if (_unlikely_(c > SIGBUS_QUEUE_MAX)) + return -EOVERFLOW; + + for (u = 0; u < SIGBUS_QUEUE_MAX; u++) { +-- +2.39.1 + diff --git a/backport-busctl-avoid-asserting-on-NULL-message.patch b/backport-busctl-avoid-asserting-on-NULL-message.patch new file mode 100644 index 0000000..a7276dd --- /dev/null +++ b/backport-busctl-avoid-asserting-on-NULL-message.patch @@ -0,0 +1,99 @@ +From b4a21d51487e21052af49b755d1707d4616e2977 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Sun, 24 Dec 2023 14:49:23 +0100 +Subject: [PATCH] busctl: avoid asserting on NULL message +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Avoid passing a NULL message to sd_bus_message_is_signal(), to not trip +over an assertion: + +[ 132.869436] H testsuite-82.sh[614]: + systemctl --no-block --check-inhibitors=yes soft-reboot +[ 132.967386] H systemd[1]: Created slice system-systemd\x2dcoredump.slice. +[ 133.018292] H systemd[1]: Starting inhibit.service... +[ 133.122610] H systemd[1]: Started systemd-coredump@0-665-0.service. +[ 133.163643] H systemd[1]: Started inhibit.service. +[ 133.206836] H testsuite-82.sh[614]: + exec sleep infinity +[ 133.236762] H systemd-logind[611]: The system will reboot now! +[ 135.891607] H systemd-coredump[667]: [🡕] Process 663 (busctl) of user 0 dumped core. + + Stack trace of thread 663: + #0 0x00007f2ec45e6acf raise (libc.so.6 + 0x4eacf) + #1 0x00007f2ec45b9ea5 abort (libc.so.6 + 0x21ea5) + #2 0x00007f2ec4b5c9a6 log_assert_failed (libsystemd-shared-255.so + 0x1ff9a6) + #3 0x00007f2ec4b5dca5 log_assert_failed_return (libsystemd-shared-255.so + 0x200ca5) + #4 0x00007f2ec4bb3df6 sd_bus_message_is_signal (libsystemd-shared-255.so + 0x256df6) + #5 0x000000000040e478 monitor (busctl + 0xe478) + #6 0x000000000040e82f verb_monitor (busctl + 0xe82f) + #7 0x00007f2ec4b202cb dispatch_verb (libsystemd-shared-255.so + 0x1c32cb) + #8 0x00000000004074fa busctl_main (busctl + 0x74fa) + #9 0x0000000000407525 run (busctl + 0x7525) + #10 0x000000000040ff67 main (busctl + 0xff67) + #11 0x00007f2ec45d2d85 __libc_start_main (libc.so.6 + 0x3ad85) + #12 0x00000000004044be _start (busctl + 0x44be) + ELF object binary architecture: AMD x86-64 +[ 136.141152] H dbus-daemon[634]: [system] Monitoring connection :1.2 closed. +[ 136.152233] H systemd[1]: busctl.service: Main process exited, code=dumped, status=6/ABRT +[ 136.153996] H systemd[1]: busctl.service: Failed with result 'core-dump'. + +The asertion in question: + +Assertion 'm' failed at src/libsystemd/sd-bus/bus-message.c:1015, function sd_bus_message_is_signal(). Aborting. + +We can get a NULL message here through sd_bus_process() -> +bus_process_internal() -> process_running(), so let's handle this case +appropriately. + +Conflict:NA +Reference:https://github.com/systemd/systemd/commit/b4a21d51487e21052af49b755d1707d4616e2977 + +--- + src/busctl/busctl.c | 26 +++++++++++++------------- + 1 file changed, 13 insertions(+), 13 deletions(-) + +diff --git a/src/busctl/busctl.c b/src/busctl/busctl.c +index d233fc55ad..b2c2bc644d 100644 +--- a/src/busctl/busctl.c ++++ b/src/busctl/busctl.c +@@ -1320,24 +1320,24 @@ static int monitor(int argc, char **argv, int (*dump)(sd_bus_message *m, FILE *f + if (r < 0) + return log_error_errno(r, "Failed to process bus: %m"); + +- if (!is_monitor) { +- const char *name; ++ if (m) { ++ if (!is_monitor) { ++ const char *name; + +- /* wait until we lose our unique name */ +- if (sd_bus_message_is_signal(m, "org.freedesktop.DBus", "NameLost") <= 0) +- continue; ++ /* wait until we lose our unique name */ ++ if (sd_bus_message_is_signal(m, "org.freedesktop.DBus", "NameLost") <= 0) ++ continue; + +- r = sd_bus_message_read(m, "s", &name); +- if (r < 0) +- return bus_log_parse_error(r); ++ r = sd_bus_message_read(m, "s", &name); ++ if (r < 0) ++ return bus_log_parse_error(r); + +- if (streq(name, unique_name)) +- is_monitor = true; ++ if (streq(name, unique_name)) ++ is_monitor = true; + +- continue; +- } ++ continue; ++ } + +- if (m) { + dump(m, stdout); + fflush(stdout); + +-- +2.39.1 + diff --git a/backport-resolve-don-t-add-sockets-to-the-graveyard-on-shutdo.patch b/backport-resolve-don-t-add-sockets-to-the-graveyard-on-shutdo.patch new file mode 100644 index 0000000..7731128 --- /dev/null +++ b/backport-resolve-don-t-add-sockets-to-the-graveyard-on-shutdo.patch @@ -0,0 +1,57 @@ +From ac1b7b9e1933c14bc7bf36d4f32a888afb3f2f4d Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Sun, 24 Dec 2023 18:26:47 +0100 +Subject: [PATCH] resolve: don't add sockets to the graveyard on shutdown + +Since in that case the event loop is already finished and we'd hit an +assertion: + +[ 1295.993300] testsuite-75.sh[50]: + systemctl stop systemd-resolved.service +[ 1296.005152] systemd-resolved[298]: Assertion 'e->state != SD_EVENT_FINISHED' failed at src/libsystemd/sd-event/sd-event.c:1252, function sd_event_add_io(). Aborting. + +Thread 1 (Thread 0x7f17d25e2940 (LWP 298)): + #0 __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 + #1 0x00007f17d16ac8a3 in __pthread_kill_internal (signo=6, threadid=) at pthread_kill.c:78 + #2 0x00007f17d165c668 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 + #3 0x00007f17d16444b8 in __GI_abort () at abort.c:79 + #4 0x00007f17d2402d2d in log_assert_failed (text=, file=, line=, func=) at ../build/src/basic/log.c:968 + #5 0x00007f17d240401c in log_assert_failed_return (text=text@entry=0x7f17d2533f13 "e->state != SD_EVENT_FINISHED", file=file@entry=0x7f17d25195d9 "src/libsystemd/sd-event/sd-event.c", line=line@entry=1252, func=func@entry=0x7f17d2567260 <__func__.140> "sd_event_add_io") at ../build/src/basic/log.c:987 + #6 0x00007f17d24d011a in sd_event_add_io (e=0x55e5cb497270, ret=0x55e5cb4a5120, fd=fd@entry=26, events=events@entry=1, callback=callback@entry=0x55e5caff5466 , userdata=0x55e5cb4a5110) at ../build/src/libsystemd/sd-event/sd-event.c:1252 + #7 0x000055e5caff571c in manager_add_socket_to_graveyard (m=0x55e5cb43cf00, fd=26) at ../build/src/resolve/resolved-socket-graveyard.c:117 + #8 0x000055e5cafd4253 in dns_transaction_close_connection (t=t@entry=0x55e5cb57c7d0, use_graveyard=use_graveyard@entry=true) at ../build/src/resolve/resolved-dns-transaction.c:78 + #9 0x000055e5cafd8444 in dns_transaction_complete (t=t@entry=0x55e5cb57c7d0, state=state@entry=DNS_TRANSACTION_ABORTED) at ../build/src/resolve/resolved-dns-transaction.c:427 + #10 0x000055e5cafc4969 in dns_scope_abort_transactions (s=s@entry=0x55e5cb4b1a70) at ../build/src/resolve/resolved-dns-scope.c:91 + #11 0x000055e5cafc6aee in dns_scope_free (s=0x55e5cb4b1a70) at ../build/src/resolve/resolved-dns-scope.c:106 + #12 0x000055e5cafe72d1 in link_free (l=0x55e5cb4a5160) at ../build/src/resolve/resolved-link.c:94 + #13 0x000055e5cafedefc in manager_free (m=0x55e5cb43cf00) at ../build/src/resolve/resolved-manager.c:697 + #14 0x000055e5caff99b6 in manager_freep (p=p@entry=0x7ffd71fab8f8) at ../build/src/resolve/resolved-manager.h:198 + #15 0x000055e5caff9d66 in run (argc=argc@entry=1, argv=argv@entry=0x7ffd71faba78) at ../build/src/resolve/resolved.c:25 + #16 0x000055e5caff9fe3 in main (argc=1, argv=0x7ffd71faba78) at ../build/src/resolve/resolved.c:99 + +Resolves: #30618 + +Conflict:NA +Reference:https://github.com/systemd/systemd/commit/ac1b7b9e1933c14bc7bf36d4f32a888afb3f2f4d + +--- + src/resolve/resolved-dns-transaction.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c +index fe88e502e7..afc9a2ed45 100644 +--- a/src/resolve/resolved-dns-transaction.c ++++ b/src/resolve/resolved-dns-transaction.c +@@ -74,6 +74,10 @@ static void dns_transaction_close_connection( + * and the reply we might still get from the server will be eaten up instead of resulting in an ICMP + * port unreachable error message. */ + ++ /* Skip the graveyard stuff when we're shutting down, since that requires running event loop */ ++ if (!t->scope->manager->event || sd_event_get_state(t->scope->manager->event) == SD_EVENT_FINISHED) ++ use_graveyard = false; ++ + if (use_graveyard && t->dns_udp_fd >= 0 && t->sent && !t->received) { + r = manager_add_socket_to_graveyard(t->scope->manager, t->dns_udp_fd); + if (r < 0) +-- +2.39.1 + diff --git a/backport-sd-journal-check-sd-event-state-before-setting-up-po.patch b/backport-sd-journal-check-sd-event-state-before-setting-up-po.patch new file mode 100644 index 0000000..2b52b07 --- /dev/null +++ b/backport-sd-journal-check-sd-event-state-before-setting-up-po.patch @@ -0,0 +1,58 @@ +From 5b201ffb1e72100dc7a112c95bbac0ccbc98ab0d Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 29 Dec 2023 04:31:21 +0900 +Subject: [PATCH] sd-journal: check sd-event state before setting up post + change timer + +The similar check already exists in schedule_post_change(). + +The function is currently called at two places. +- journal_file_open() in sd-journal: + In this case, if the timer is not set up, then journal_file_post_change() + will be called at the end of journal_file_append_entry(). So, the necessary + task will be done sequentially when an journal entry is stored to the opened + journal file. That is desired when the function is called at outside of the + event loop. +- server_open_journal() in journald: + This is not called after we exit the event loop. + +So, we can safely do nothing in the function if the event loop is being +finished or already finished. + +Fixes #30644. + +Conflict:NA +Reference:https://github.com/systemd/systemd/commit/5b201ffb1e72100dc7a112c95bbac0ccbc98ab0d + +--- + src/libsystemd/sd-journal/journal-file.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-journal/journal-file.c b/src/libsystemd/sd-journal/journal-file.c +index cef59c8944..5e6ff66e3c 100644 +--- a/src/libsystemd/sd-journal/journal-file.c ++++ b/src/libsystemd/sd-journal/journal-file.c +@@ -2460,6 +2460,11 @@ int journal_file_enable_post_change_timer(JournalFile *f, sd_event *e, usec_t t) + assert(e); + assert(t); + ++ /* If we are already going down, we cannot install the timer. ++ * In such case, the caller needs to call journal_file_post_change() explicitly. */ ++ if (IN_SET(sd_event_get_state(e), SD_EVENT_EXITING, SD_EVENT_FINISHED)) ++ return 0; ++ + r = sd_event_add_time(e, &timer, CLOCK_MONOTONIC, 0, 0, post_change_thunk, f); + if (r < 0) + return r; +@@ -2471,7 +2476,7 @@ int journal_file_enable_post_change_timer(JournalFile *f, sd_event *e, usec_t t) + f->post_change_timer = TAKE_PTR(timer); + f->post_change_timer_period = t; + +- return r; ++ return 1; + } + + static int entry_item_cmp(const EntryItem *a, const EntryItem *b) { +-- +2.39.1 + diff --git a/systemd.spec b/systemd.spec index 8dd0293..2d75d9b 100644 --- a/systemd.spec +++ b/systemd.spec @@ -21,7 +21,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 249 -Release: 69 +Release: 70 License: MIT and LGPLv2+ and GPLv2+ Summary: System and Service Manager @@ -632,6 +632,10 @@ Patch6583: backport-sd-device-rename-arguments-and-variables.patch Patch6584: backport-sd-device-drop-unused-device_copy_properties.patch Patch6585: backport-sd-device-make-device_shallow_clone-static.patch Patch6586: backport-sd-device-do-not-read-uevent-file-in-device_clone_wi.patch +Patch6587: backport-basic-fix-overflow-detection-in-sigbus_pop.patch +Patch6588: backport-busctl-avoid-asserting-on-NULL-message.patch +Patch6589: backport-resolve-don-t-add-sockets-to-the-graveyard-on-shutdo.patch +Patch6590: backport-sd-journal-check-sd-event-state-before-setting-up-po.patch Patch9001: update-rtc-with-system-clock-when-shutdown.patch Patch9002: udev-add-actions-while-rename-netif-failed.patch @@ -2131,6 +2135,15 @@ grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null && %{_libdir}/security/pam_systemd.so %changelog +* Wed Feb 28 2024 huyubiao - 249-70 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:add backport-basic-fix-overflow-detection-in-sigbus_pop.patch + backport-busctl-avoid-asserting-on-NULL-message.patch + backport-resolve-don-t-add-sockets-to-the-graveyard-on-shutdo.patch + backport-sd-journal-check-sd-event-state-before-setting-up-po.patch + * Tue Feb 27 2024 huyubiao - 249-69 - add cpuset-cgv1 and freezer-cgv1 macros and enabled by default