diff options
author | Michael Laß | 2023-10-06 18:54:40 +0200 |
---|---|---|
committer | Michael Laß | 2023-10-06 18:54:40 +0200 |
commit | 08ff9654623509538494965a846119ebc4ca7028 (patch) | |
tree | 94556aff06fefc97ade991ced1b48686f17a686a | |
parent | 182504e8697f86112819eb94f6309d43f7975875 (diff) | |
download | aur-08ff9654623509538494965a846119ebc4ca7028.tar.gz |
Add missing patch for Linux 6.5
See: https://gerrit.openafs.org/15573
-rw-r--r-- | .SRCINFO | 14 | ||||
-rw-r--r-- | 0001-Linux-6.5-Replace-generic_file_splice_read.patch | 2 | ||||
-rw-r--r-- | 0002-LINUX-Make-sysctl-definitions-more-concise.patch | 2 | ||||
-rw-r--r-- | 0003-Linux-6.5-Use-register_sysctl.patch | 2 | ||||
-rw-r--r-- | 0004-hcrypto-rename-abort-to-_afscrypto_abort.patch | 2 | ||||
-rw-r--r-- | 0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch | 2 | ||||
-rw-r--r-- | 0006-dir-Introduce-struct-DirEntryMax.patch | 184 | ||||
-rw-r--r-- | PKGBUILD | 17 |
8 files changed, 207 insertions, 18 deletions
@@ -1,7 +1,7 @@ pkgbase = openafs-modules-dkms pkgdesc = Kernel module for OpenAFS (dkms) pkgver = 1.8.10 - pkgrel = 3 + pkgrel = 4 url = http://www.openafs.org arch = i686 arch = x86_64 @@ -22,12 +22,14 @@ pkgbase = openafs-modules-dkms source = 0003-Linux-6.5-Use-register_sysctl.patch source = 0004-hcrypto-rename-abort-to-_afscrypto_abort.patch source = 0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch + source = 0006-dir-Introduce-struct-DirEntryMax.patch sha256sums = 9fec11364623549e8db7374072f5c8f01b841f6bfe7e85673cbce35ff43ffb07 sha256sums = 5ea5e184f9b44f5ed45817d2b5a10149d15c8c54f49e0b5b4b773652673cb9b0 - sha256sums = 81f3cf88040eee89ed180d683ba1a42107ea4a6c7057fd3dac679be9a9a9ab01 - sha256sums = 873c2b3816eed95e1799954d299e4411aa8079f267077dc1a3a3c564d3e2524c - sha256sums = da4b625e6885ae9bccc7428b1556751ea134510540e59fa4e8170cfba4d454dc - sha256sums = 42d2363ac0bcd5e87afc60ac656bb1ead8ab885d0deca6b0f8318b9bbf191b67 - sha256sums = 05a52fcc975b940cf15ba78ec2f76c00580f2db939bea32bcd99ef4c1dfdad1b + sha256sums = e27ff48ca676ac8d4dc95209bd3b84fe13bb14861aa4a0e0776f3dfe7559ffab + sha256sums = 4e71ad2009125187632cdb48b2d5eccc9bcaa8ab0733751fed432cfe661ea86e + sha256sums = daaa1361d5db967bd8b72fff4038cfc933a7027e3c70d10ef6ff673a5d176cb6 + sha256sums = 40e50688a2d4d85eb9b971aaa8563e577db15550aa56c44eab8fe2a688d3f013 + sha256sums = c0792690ed273ce464966b22e36ca431196a913ded6f0def4a46154076fd0eff + sha256sums = be7e1b0304ff61ed899286fdd18ebdbe71cbbe3eb20f6ac38c5799083b339a4a pkgname = openafs-modules-dkms diff --git a/0001-Linux-6.5-Replace-generic_file_splice_read.patch b/0001-Linux-6.5-Replace-generic_file_splice_read.patch index 2e71324ff79c..53f352b403e6 100644 --- a/0001-Linux-6.5-Replace-generic_file_splice_read.patch +++ b/0001-Linux-6.5-Replace-generic_file_splice_read.patch @@ -1,7 +1,7 @@ From 04083bc9a31156e34782b689993737f7c9def427 Mon Sep 17 00:00:00 2001 From: Cheyenne Wills <cwills@sinenomine.net> Date: Sun, 9 Jul 2023 18:52:23 -0600 -Subject: [PATCH 1/5] Linux 6.5: Replace generic_file_splice_read +Subject: [PATCH 1/6] Linux 6.5: Replace generic_file_splice_read The Linux 6.5 commit: 'splice: Remove generic_file_splice_read()' (c6585011bc) diff --git a/0002-LINUX-Make-sysctl-definitions-more-concise.patch b/0002-LINUX-Make-sysctl-definitions-more-concise.patch index 9fbe6a757b80..926818ad8fbb 100644 --- a/0002-LINUX-Make-sysctl-definitions-more-concise.patch +++ b/0002-LINUX-Make-sysctl-definitions-more-concise.patch @@ -1,7 +1,7 @@ From 48e0bd7d929fac0cd415c7e8f7886782dcd324ef Mon Sep 17 00:00:00 2001 From: Andrew Deason <adeason@sinenomine.net> Date: Thu, 18 Jul 2019 22:56:48 -0500 -Subject: [PATCH 2/5] LINUX: Make sysctl definitions more concise +Subject: [PATCH 2/6] LINUX: Make sysctl definitions more concise Our sysctl definitions are quite verbose, and adding new ones involves copying a bunch of lines. Make these a little easier to specify, by diff --git a/0003-Linux-6.5-Use-register_sysctl.patch b/0003-Linux-6.5-Use-register_sysctl.patch index aa718cf774c6..aa269d22a9f3 100644 --- a/0003-Linux-6.5-Use-register_sysctl.patch +++ b/0003-Linux-6.5-Use-register_sysctl.patch @@ -1,7 +1,7 @@ From aef0016df74fcd3da0f6cb6622d73cd9ceb77358 Mon Sep 17 00:00:00 2001 From: Cheyenne Wills <cwills@sinenomine.net> Date: Thu, 13 Jul 2023 10:54:22 -0600 -Subject: [PATCH 3/5] Linux 6.5: Use register_sysctl() +Subject: [PATCH 3/6] Linux 6.5: Use register_sysctl() The linux 6.5 commit: "sysctl: Remove register_sysctl_table" (b8cbc0855a) diff --git a/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch b/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch index c7f9c109b887..02be188f3b30 100644 --- a/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch +++ b/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch @@ -1,7 +1,7 @@ From 01d7316f6773591186f606de5e3b12de28bb0cd9 Mon Sep 17 00:00:00 2001 From: Cheyenne Wills <cwills@sinenomine.net> Date: Sun, 9 Jul 2023 18:45:15 -0600 -Subject: [PATCH 4/5] hcrypto: rename abort to _afscrypto_abort +Subject: [PATCH 4/6] hcrypto: rename abort to _afscrypto_abort MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit diff --git a/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch b/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch index 97b367583db3..07350c17a2e2 100644 --- a/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch +++ b/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch @@ -1,7 +1,7 @@ From fea2bd506b40543d6d9ec862acafb6622fb97ff8 Mon Sep 17 00:00:00 2001 From: Cheyenne Wills <cwills@sinenomine.net> Date: Tue, 29 Aug 2023 14:58:10 -0600 -Subject: [PATCH 5/5] linux: Replace fop iterate with fop iterate_shared +Subject: [PATCH 5/6] linux: Replace fop iterate with fop iterate_shared The Linux 6.5 commit: 'vfs: get rid of old '->iterate' directory operation' (3e32715496) diff --git a/0006-dir-Introduce-struct-DirEntryMax.patch b/0006-dir-Introduce-struct-DirEntryMax.patch new file mode 100644 index 000000000000..3f989fedeef7 --- /dev/null +++ b/0006-dir-Introduce-struct-DirEntryMax.patch @@ -0,0 +1,184 @@ +From ffd16089036e05a9db4065eb4d5ae8a217811a78 Mon Sep 17 00:00:00 2001 +From: Mark Vitale <mvitale@sinenomine.net> +Date: Fri, 15 Sep 2023 15:01:56 -0400 +Subject: [PATCH 6/6] dir: Introduce struct DirEntryMax + +Since the introduction of AFS3, the directory package has allocated +space for each directory entry by allocating a DirEntry struct followed +by 0-8 contiguous DirEntryX structs, as needed. This is implemented by: + + - afs_dir_NameBlobs calculates the number of blocks needed + - FindBlobs allocates and returns index of entry + - afs_dir_GetBlob returns pointer to 1st DirEntry struct + +After this, we populate DirEntry (and any contiguous DirEntryX blocks) +with open code. Most existing code write the entry's name via a string +copy operation to DirEntry->name, which is only 16 bytes long. The +maximum supported directory name is AFSNAMEMAX 256 (+1 for the required +terminating nul). Therefore, for dir entry names that are 16 bytes or +longer, OpenAFS routinely does string copies that look like buffer +overruns, but are "safe" (barring undefined behavior) due to the +guaranteed presence of sufficient additional DirEntryX blocks. + +Recent changes in the OpenAFS build chain have made this approach no +longer viable: + +1) +Linux 6.3 commit 439a1bcac648fe9b59210cde8991fb2acf37bdab 'fortify: Use +__builtin_dynamic_object_size() when available' modified the hardening +of several kernel string operations when running with +CONFIG_FORTIFY_SOURCE=y. + +2) +gcc 13 commit 79a89108dd352cd9288f5de35481b1280c7588a5 +'__builtin_dynamic_object_size: Recognize builtin' provides some +enhancements to _builtin_object_size. The Linux commit above will now +use these when the kernel is built with gcc 13. + +When OpenAFS is built under Linux 6.3 or higher and gcc 13 or higher, +the hardened strlcpy will BUG for directory entry names longer than 16 +characters. + +Since there are multiple places where OpenAFS writes directory names, +there are several symptoms that may manifest. However, the first one is +usually a kernel BUG at cache manager initialization if running with +afsd -dynroot _and_ there are any cell names 15 characters or longer in +the client CellServDB. (A 15-character cellname reaches the 16 +character limit when -dyrnoot adds the RW mountpoint ".<cellname>".) + +Create a new overlay struct - DirEntryMax - with a name size of +AFSNAMEMAX + 1. Whenever we write a directory name, cast the existing +DirEntry pointer to DirEntryMax so that any hardening will be satisfied +that there is sufficient space for the name. However, the actual +guarantee that this is true is still provided by the OpenAFS directory +routines mentioned above - all of these remain unchanged. + +Change-Id: I6da5c6c295f051be90017084e5b3a3ef24d1271f +--- + src/afs/LINUX/osi_vnodeops.c | 4 ++-- + src/afs/afs_dynroot.c | 4 ++-- + src/dir/dir.c | 4 ++-- + src/dir/dir.h | 34 +++++++++++++++++++++++++++++++++- + 4 files changed, 39 insertions(+), 7 deletions(-) + +diff --git a/src/afs/LINUX/osi_vnodeops.c b/src/afs/LINUX/osi_vnodeops.c +index fb62752e6..4e33a189e 100644 +--- a/src/afs/LINUX/osi_vnodeops.c ++++ b/src/afs/LINUX/osi_vnodeops.c +@@ -426,7 +426,7 @@ afs_linux_readdir(struct file *fp, void *dirbuf, filldir_t filldir) + int code; + int offset; + afs_int32 dirpos; +- struct DirEntry *de; ++ struct DirEntryMax *de; + struct DirBuffer entry; + ino_t ino; + int len; +@@ -531,7 +531,7 @@ afs_linux_readdir(struct file *fp, void *dirbuf, filldir_t filldir) + goto unlock_out; + } + +- de = (struct DirEntry *)entry.data; ++ de = entry.data; + ino = afs_calc_inum (avc->f.fid.Cell, avc->f.fid.Fid.Volume, + ntohl(de->fid.vnode)); + len = strlen(de->name); +diff --git a/src/afs/afs_dynroot.c b/src/afs/afs_dynroot.c +index 281b168eb..79f5d9254 100644 +--- a/src/afs/afs_dynroot.c ++++ b/src/afs/afs_dynroot.c +@@ -228,7 +228,7 @@ afs_dynroot_addDirEnt(struct DirHeader *dirHeader, int *curPageP, + { + char *dirBase = (char *)dirHeader; + struct PageHeader *pageHeader; +- struct DirEntry *dirEntry; ++ struct DirEntryMax *dirEntry; + int sizeOfEntry, i, t1, t2; + int curPage = *curPageP; + int curChunk = *curChunkP; +@@ -257,7 +257,7 @@ afs_dynroot_addDirEnt(struct DirHeader *dirHeader, int *curPageP, + dirHeader->alloMap[curPage] = EPP - 1; + } + +- dirEntry = (struct DirEntry *)(pageHeader + curChunk); ++ dirEntry = (struct DirEntryMax *)(pageHeader + curChunk); + dirEntry->flag = 1; + dirEntry->length = 0; + dirEntry->next = 0; +diff --git a/src/dir/dir.c b/src/dir/dir.c +index bc5bb046d..b31a9ac46 100644 +--- a/src/dir/dir.c ++++ b/src/dir/dir.c +@@ -99,7 +99,7 @@ afs_dir_Create(dir_file_t dir, char *entry, void *voidfid) + int blobs, firstelt; + int i; + struct DirBuffer entrybuf, prevbuf, headerbuf; +- struct DirEntry *ep; ++ struct DirEntryMax *ep; + struct DirHeader *dhp; + int code; + size_t rlen; +@@ -127,7 +127,7 @@ afs_dir_Create(dir_file_t dir, char *entry, void *voidfid) + /* First, we fill in the directory entry. */ + if (afs_dir_GetBlob(dir, firstelt, &entrybuf) != 0) + return EIO; +- ep = (struct DirEntry *)entrybuf.data; ++ ep = entrybuf.data; + + ep->flag = FFIRST; + ep->fid.vnode = htonl(vfid[1]); +diff --git a/src/dir/dir.h b/src/dir/dir.h +index f5c8eef42..a26dab0c0 100644 +--- a/src/dir/dir.h ++++ b/src/dir/dir.h +@@ -11,6 +11,8 @@ + + #define __AFS_DIR_H + ++#include <afs/afsint.h> ++ + #define AFS_PAGESIZE 2048 /* bytes per page */ + #define NHASHENT 128 /* entries in the hash tbl */ + #define MAXPAGES 128 /* max pages in a dir */ +@@ -51,7 +53,37 @@ struct DirHeader { + unsigned short hashTable[NHASHENT]; + }; + +-struct DirEntry { ++/* ++ * This struct is just a copy of DirEntry with the maximum supported name ++ * length. It provides a more logical view of a maximum directory entry name ++ * which consists of a DirEntry struct followed by 8 consecutive DirEntryX ++ * structs. ++ * ++ * Using this helps us convince safety-minded string functions (e.g. ++ * CONFIG_FORTIFY_SOURCE) that an OpenAFS directory entry name really does fit ++ * in the allotted space, and thus avoid undefined behavior. ++ * ++ * NOTE: The size of name[] should be considered an upper bound for the current ++ * users of the directory package. (The directory package limit for an entry ++ * are actually much higher; up to an entire directory page.) However, the ++ * actual amount of space available/allocated for a given directory entry name ++ * may often be smaller. ++ */ ++struct DirEntryMax { ++ /* A directory entry - the biggest. */ ++ char flag; ++ char length; ++ unsigned short next; ++ struct MKFid fid; ++ char name[AFSNAMEMAX + 1]; /* max possible plus terminating NUL */ ++}; ++ ++/* ++ * This struct formerly described the format of directory entries in AFS2. ++ * Since the introduction of DirEntryX in AFS3, DirEntry merely describes the ++ * minimum possible directory entry. ++*/ ++ struct DirEntry { + /* A directory entry */ + char flag; + char length; /* currently unused */ +-- +2.42.0 + @@ -7,7 +7,7 @@ pkgname=openafs-modules-dkms _srcname=openafs pkgver=1.8.10 -pkgrel=3 +pkgrel=4 pkgdesc="Kernel module for OpenAFS (dkms)" arch=('i686' 'x86_64' 'armv7h') url="http://www.openafs.org" @@ -22,14 +22,16 @@ source=(http://openafs.org/dl/openafs/${pkgver}/${_srcname}-${pkgver}-src.tar.bz 0002-LINUX-Make-sysctl-definitions-more-concise.patch 0003-Linux-6.5-Use-register_sysctl.patch 0004-hcrypto-rename-abort-to-_afscrypto_abort.patch - 0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch) + 0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch + 0006-dir-Introduce-struct-DirEntryMax.patch) sha256sums=('9fec11364623549e8db7374072f5c8f01b841f6bfe7e85673cbce35ff43ffb07' '5ea5e184f9b44f5ed45817d2b5a10149d15c8c54f49e0b5b4b773652673cb9b0' - '81f3cf88040eee89ed180d683ba1a42107ea4a6c7057fd3dac679be9a9a9ab01' - '873c2b3816eed95e1799954d299e4411aa8079f267077dc1a3a3c564d3e2524c' - 'da4b625e6885ae9bccc7428b1556751ea134510540e59fa4e8170cfba4d454dc' - '42d2363ac0bcd5e87afc60ac656bb1ead8ab885d0deca6b0f8318b9bbf191b67' - '05a52fcc975b940cf15ba78ec2f76c00580f2db939bea32bcd99ef4c1dfdad1b') + 'e27ff48ca676ac8d4dc95209bd3b84fe13bb14861aa4a0e0776f3dfe7559ffab' + '4e71ad2009125187632cdb48b2d5eccc9bcaa8ab0733751fed432cfe661ea86e' + 'daaa1361d5db967bd8b72fff4038cfc933a7027e3c70d10ef6ff673a5d176cb6' + '40e50688a2d4d85eb9b971aaa8563e577db15550aa56c44eab8fe2a688d3f013' + 'c0792690ed273ce464966b22e36ca431196a913ded6f0def4a46154076fd0eff' + 'be7e1b0304ff61ed899286fdd18ebdbe71cbbe3eb20f6ac38c5799083b339a4a') prepare() { cd "${srcdir}/${_srcname}-${pkgver}" @@ -40,6 +42,7 @@ prepare() { patch -p1 < "${srcdir}"/0003-Linux-6.5-Use-register_sysctl.patch patch -p1 < "${srcdir}"/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch patch -p1 < "${srcdir}"/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch + patch -p1 < "${srcdir}"/0006-dir-Introduce-struct-DirEntryMax.patch # Only needed when changes to configure were made ./regen.sh -q |