* [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21
@ 2019-10-25 19:12 luca.boccassi
2019-10-25 19:12 ` [meta-oe][PATCH 2/3] dbus-broker: backport patches from master luca.boccassi
` (4 more replies)
0 siblings, 5 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-25 19:12 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Add /lib/systemd/catalog to the package, as snippets for the journal are
now shipped.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
.../recipes-core/dbus/{dbus-broker_19.bb => dbus-broker_21.bb} | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
rename meta-oe/recipes-core/dbus/{dbus-broker_19.bb => dbus-broker_21.bb} (80%)
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_19.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
similarity index 80%
rename from meta-oe/recipes-core/dbus/dbus-broker_19.bb
rename to meta-oe/recipes-core/dbus/dbus-broker_21.bb
index 82d8b8ba6..0b0301fe0 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_19.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -7,7 +7,7 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
-SRC_URI[sha256sum] = "1648227f5a347d4f38d8a29bb9295a73a25c3feb4f3e79e3f04cc847343da3ed"
+SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
inherit meson pkgconfig systemd distro_features_check
@@ -19,3 +19,4 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
FILES_${PN} += "${systemd_system_unitdir}"
FILES_${PN} += "${systemd_user_unitdir}"
+FILES_${PN} += "${libdir}/systemd/catalog"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH 2/3] dbus-broker: backport patches from master
2019-10-25 19:12 [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 luca.boccassi
@ 2019-10-25 19:12 ` luca.boccassi
2019-10-26 7:18 ` Khem Raj
2019-10-25 19:12 ` [meta-oe][PATCH 3/3] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
` (3 subsequent siblings)
4 siblings, 1 reply; 15+ messages in thread
From: luca.boccassi @ 2019-10-25 19:12 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
These patches fix issues found in Fedora 30, which switched from
dbus-daemon to dbus-broker.
These backports align meta-oe to Fedora 30.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
...h-improve-error-handling-for-opendir.patch | 48 +++++++++++
...he-constant-used-for-invalid-timesta.patch | 86 +++++++++++++++++++
...s-socket-treat-MSG_CTRUNC-gracefully.patch | 83 ++++++++++++++++++
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +
4 files changed, 220 insertions(+)
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
new file mode 100644
index 000000000..ccc175bb8
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
@@ -0,0 +1,48 @@
+From f42d5e38859c65a186acd0da94bbeeca12faf7a2 Mon Sep 17 00:00:00 2001
+From: David Rheinsberg <david.rheinsberg@gmail.com>
+Date: Thu, 2 May 2019 17:33:34 +0200
+Subject: [PATCH] launch: improve error handling for opendir()
+
+This improves the error-handling of opendir() by always printing
+diagnostics. Furthermore, it aligns the behavior with dbus-deamon and
+ignores EACCES.
+
+Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
+Upstream-Status: dbus-broker@f42d5e38859c65a186acd0da94bbeeca12faf7a2
+---
+ src/launch/launcher.c | 17 +++++++++++++++--
+ 1 file changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/src/launch/launcher.c b/src/launch/launcher.c
+index 31a5364..2ec4bda 100644
+--- a/src/launch/launcher.c
++++ b/src/launch/launcher.c
+@@ -749,10 +749,23 @@ static int launcher_load_service_dir(Launcher *launcher, const char *dirpath, NS
+
+ dir = opendir(dirpath);
+ if (!dir) {
+- if (errno == ENOENT || errno == ENOTDIR)
++ if (errno == ENOENT || errno == ENOTDIR) {
+ return 0;
+- else
++ } else if (errno == EACCES) {
++ log_append_here(&launcher->log, LOG_ERR, 0, NULL);
++ r = log_commitf(&launcher->log, "Access denied to service directory '%s'\n", dirpath);
++ if (r)
++ return error_fold(r);
++
++ return 0;
++ } else {
++ log_append_here(&launcher->log, LOG_ERR, errno, NULL);
++ r = log_commitf(&launcher->log, "Unable to open service directory '%s': %m\n", dirpath);
++ if (r)
++ return error_fold(r);
++
+ return error_origin(-errno);
++ }
+ }
+
+ r = dirwatch_add(launcher->dirwatch, dirpath);
+--
+2.20.1
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
new file mode 100644
index 000000000..67a2dc46f
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
@@ -0,0 +1,86 @@
+From 3570b3e9ba367f10718b56336ce32d5254f66575 Mon Sep 17 00:00:00 2001
+From: Tom Gundersen <teg@jklm.no>
+Date: Thu, 9 May 2019 13:00:37 +0200
+Subject: [PATCH] metrics: change the constant used for invalid timestamps
+
+Use (uint64_t)-1 rather than 0 to indicate an invalid timestamp. It
+should not be possible for the kernel to return 0 from
+clock_gettime(), but we have received some reports of our asserts
+triggering, so avoid the issue entirely by using -1 instead (which
+really can never be returned).
+
+See https://retrace.fedoraproject.org/faf/reports/2539484/
+
+Signed-off-by: Tom Gundersen <teg@jklm.no>
+Upstream-Status: dbus-broker@3570b3e9ba367f10718b56336ce32d5254f66575
+---
+ src/util/metrics.c | 8 ++++----
+ src/util/metrics.h | 9 ++++++---
+ 2 files changed, 10 insertions(+), 7 deletions(-)
+
+diff --git a/src/util/metrics.c b/src/util/metrics.c
+index b5a7182..eef94eb 100644
+--- a/src/util/metrics.c
++++ b/src/util/metrics.c
+@@ -26,7 +26,7 @@ void metrics_init(Metrics *metrics, clockid_t id) {
+ }
+
+ void metrics_deinit(Metrics *metrics) {
+- c_assert(!metrics->timestamp);
++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
+ metrics_init(metrics, metrics->id);
+ }
+
+@@ -82,7 +82,7 @@ void metrics_sample_add(Metrics *metrics, uint64_t timestamp) {
+ * a sample is not currently running.
+ */
+ void metrics_sample_start(Metrics *metrics) {
+- c_assert(!metrics->timestamp);
++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
+ metrics->timestamp = metrics_get_time(metrics);
+ }
+
+@@ -93,11 +93,11 @@ void metrics_sample_start(Metrics *metrics) {
+ * End a currently running sample, and update the internal state.
+ */
+ void metrics_sample_end(Metrics *metrics) {
+- c_assert(metrics->timestamp);
++ c_assert(metrics->timestamp != METRICS_TIMESTAMP_INVALID);
+
+ metrics_sample_add(metrics, metrics->timestamp);
+
+- metrics->timestamp = 0;
++ metrics->timestamp = METRICS_TIMESTAMP_INVALID;
+ }
+
+ /**
+diff --git a/src/util/metrics.h b/src/util/metrics.h
+index a8ee915..b00dee6 100644
+--- a/src/util/metrics.h
++++ b/src/util/metrics.h
+@@ -8,6 +8,8 @@
+ #include <stdlib.h>
+ #include <time.h>
+
++#define METRICS_TIMESTAMP_INVALID ((uint64_t) -1)
++
+ typedef struct Metrics Metrics;
+
+ struct Metrics {
+@@ -23,9 +25,10 @@ struct Metrics {
+ uint64_t sum_of_squares;
+ };
+
+-#define METRICS_INIT(_id) { \
+- .minimum = (uint64_t) -1, \
+- .id = (_id), \
++#define METRICS_INIT(_id) { \
++ .minimum = (uint64_t) -1, \
++ .id = (_id), \
++ .timestamp = METRICS_TIMESTAMP_INVALID, \
+ }
+
+ void metrics_init(Metrics *metrics, clockid_t id);
+--
+2.21.0
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
new file mode 100644
index 000000000..53f9e71aa
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
@@ -0,0 +1,83 @@
+From 520c47c53deeb893e03194fefaf3c5b9223ede27 Mon Sep 17 00:00:00 2001
+From: David Rheinsberg <david.rheinsberg@gmail.com>
+Date: Fri, 10 May 2019 10:58:06 +0200
+Subject: [PATCH] dbus/socket: treat MSG_CTRUNC gracefully
+
+As it turns out, LSMs allow clients to trigger a MSG_CTRUNC on the
+remote side of a unix socket. Whenever LSMs reject the transmission of
+an FD, they will simply drop the FD and set MSG_CTRUNC, without any
+other error notification.
+
+Therefore, we must assume any occurance of MSG_CTRUNC is trigger by a
+client. This makes it impossible to consider MSG_CTRUNC for any other
+error handling, and as such we are left to disconnecting the client and
+ignoring the flag.
+
+Luckily, MSG_CTRUNC is expected for any other event, so we only used it
+for diagnostics so far.
+
+Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
+Upstream-Status: dbus-broker@520c47c53deeb893e03194fefaf3c5b9223ede27
+---
+ src/dbus/socket.c | 44 +++++++++++++++++++++++++++++++++-----------
+ 1 file changed, 33 insertions(+), 11 deletions(-)
+
+diff --git a/src/dbus/socket.c b/src/dbus/socket.c
+index cacdff2..6e6ba10 100644
+--- a/src/dbus/socket.c
++++ b/src/dbus/socket.c
+@@ -593,18 +593,40 @@ static int socket_recvmsg(Socket *socket,
+
+ if (msg.msg_flags & MSG_CTRUNC) {
+ /*
+- * This flag means the control-buffer was too small to retrieve
+- * all data. If this can be triggered remotely, it means a peer
+- * can cause us to miss FDs. Hence, we really must protect
+- * against this.
+- * We do provide suitably sized buffers to be prepared for any
+- * possible scenario. So if this happens, something is fishy
+- * and we better report it.
+- * Note that this is also reported by the kernel if we exceeded
+- * our NOFILE limit. Since this implies resource
+- * misconfiguration as well, we treat it the same way.
++ * Our control-buffer-size is carefully calculated to be big
++ * enough for any possible ancillary data we expect. Therefore,
++ * the kernel should never be required to truncate it, and thus
++ * MSG_CTRUNC will never be set. This is also foward compatible
++ * to future extensions to the ancillary data, since these must
++ * be enabled explicitly before the kernel considers forwarding
++ * them.
++ *
++ * Unfortunately, the SCM_RIGHTS implementation might set this
++ * flag as well. In particular, if not all FDs can be returned
++ * to user-space, MSG_CTRUNC will be set (signalling that the
++ * FD-set is non-complete). No other error is returned or
++ * signalled, though. There are several reasons why the FD
++ * transmission can fail. Most importantly, if we exhaust our
++ * FD limit, further FDs will simply be discarded. We are
++ * protected against this by our accounting-quotas, but we
++ * would still like to catch this condition and warn loudly.
++ * However, FDs are also dropped if the security layer refused
++ * the transmission of the FD in question. This means, if an
++ * LSM refuses the D-Bus client to send us an FD, the FD is
++ * just dropped and MSG_CTRUNC will be set. This can be
++ * triggered by clients.
++ *
++ * To summarize: In an ideal world, we would expect this flag
++ * to never be set, and we would just use
++ * `error_origin(-ENOTRECOVERABLE)` to provide diagnostics.
++ * Unfortunately, the gross misuse of this flag for LSM
++ * security enforcements means we have to assume any occurence
++ * of MSG_CTRUNC means the client was refused to send a
++ * specific message. Our only possible way to deal with this is
++ * to disconnect the client.
+ */
+- r = error_origin(-ENOTRECOVERABLE);
++ socket_close(socket);
++ r = SOCKET_E_LOST_INTEREST;
+ goto error;
+ }
+
+--
+2.21.0
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index 0b0301fe0..fd77afc60 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -8,6 +8,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
+SRC_URI_append += "file://0001-launch-improve-error-handling-for-opendir.patch"
+SRC_URI_append += "file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
+SRC_URI_append += "file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
inherit meson pkgconfig systemd distro_features_check
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH 3/3] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES
2019-10-25 19:12 [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 luca.boccassi
2019-10-25 19:12 ` [meta-oe][PATCH 2/3] dbus-broker: backport patches from master luca.boccassi
@ 2019-10-25 19:12 ` luca.boccassi
2019-10-26 7:09 ` [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 Khem Raj
` (2 subsequent siblings)
4 siblings, 0 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-25 19:12 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index fd77afc60..c353fcad6 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -15,6 +15,7 @@ SRC_URI_append += "file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
inherit meson pkgconfig systemd distro_features_check
DEPENDS = "expat systemd"
+DEPENDS += " ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'libselinux', '', d)}"
REQUIRED_DISTRO_FEATURES = "systemd"
@@ -23,3 +24,5 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
FILES_${PN} += "${systemd_system_unitdir}"
FILES_${PN} += "${systemd_user_unitdir}"
FILES_${PN} += "${libdir}/systemd/catalog"
+
+EXTRA_OEMESON += " -Dselinux=${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'true', 'false', d)}"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21
2019-10-25 19:12 [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 luca.boccassi
2019-10-25 19:12 ` [meta-oe][PATCH 2/3] dbus-broker: backport patches from master luca.boccassi
2019-10-25 19:12 ` [meta-oe][PATCH 3/3] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
@ 2019-10-26 7:09 ` Khem Raj
2019-10-28 10:18 ` Luca Boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 1/4] " luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 1/4] dbus-broker: 19 -> 21 luca.boccassi
4 siblings, 1 reply; 15+ messages in thread
From: Khem Raj @ 2019-10-26 7:09 UTC (permalink / raw)
To: Luca Boccassi; +Cc: openembeded-devel
Luca
This fails to build on musl/x86
| ../dbus-broker-21/src/launch/launcher.c: In function 'launcher_fork':
| ../dbus-broker-21/src/launch/launcher.c:378:60: error: 'WEXITED'
undeclared (first use in this function); did you mean 'WIFEXITED'?
| 378 | r = sd_event_add_child(launcher->event, NULL, pid,
WEXITED, launcher_on_child_exit, launcher);
| | ^~~~~~~
| | WIFEXITED
II think the source file needs to include <sys/wait.h>
On Fri, Oct 25, 2019 at 8:13 PM <luca.boccassi@gmail.com> wrote:
>
> From: Luca Boccassi <luca.boccassi@microsoft.com>
>
> Add /lib/systemd/catalog to the package, as snippets for the journal are
> now shipped.
>
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
> .../recipes-core/dbus/{dbus-broker_19.bb => dbus-broker_21.bb} | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
> rename meta-oe/recipes-core/dbus/{dbus-broker_19.bb => dbus-broker_21.bb} (80%)
>
> diff --git a/meta-oe/recipes-core/dbus/dbus-broker_19.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> similarity index 80%
> rename from meta-oe/recipes-core/dbus/dbus-broker_19.bb
> rename to meta-oe/recipes-core/dbus/dbus-broker_21.bb
> index 82d8b8ba6..0b0301fe0 100644
> --- a/meta-oe/recipes-core/dbus/dbus-broker_19.bb
> +++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> @@ -7,7 +7,7 @@ LICENSE = "Apache-2.0"
> LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
>
> SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
> -SRC_URI[sha256sum] = "1648227f5a347d4f38d8a29bb9295a73a25c3feb4f3e79e3f04cc847343da3ed"
> +SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
>
> inherit meson pkgconfig systemd distro_features_check
>
> @@ -19,3 +19,4 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
>
> FILES_${PN} += "${systemd_system_unitdir}"
> FILES_${PN} += "${systemd_user_unitdir}"
> +FILES_${PN} += "${libdir}/systemd/catalog"
> --
> 2.20.1
>
> --
> _______________________________________________
> Openembedded-devel mailing list
> Openembedded-devel@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [meta-oe][PATCH 2/3] dbus-broker: backport patches from master
2019-10-25 19:12 ` [meta-oe][PATCH 2/3] dbus-broker: backport patches from master luca.boccassi
@ 2019-10-26 7:18 ` Khem Raj
2019-10-28 10:20 ` Luca Boccassi
0 siblings, 1 reply; 15+ messages in thread
From: Khem Raj @ 2019-10-26 7:18 UTC (permalink / raw)
To: Luca Boccassi; +Cc: openembeded-devel
On Fri, Oct 25, 2019 at 8:13 PM <luca.boccassi@gmail.com> wrote:
>
> From: Luca Boccassi <luca.boccassi@microsoft.com>
>
> These patches fix issues found in Fedora 30, which switched from
> dbus-daemon to dbus-broker.
> These backports align meta-oe to Fedora 30.
>
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
> ...h-improve-error-handling-for-opendir.patch | 48 +++++++++++
> ...he-constant-used-for-invalid-timesta.patch | 86 +++++++++++++++++++
> ...s-socket-treat-MSG_CTRUNC-gracefully.patch | 83 ++++++++++++++++++
> meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +
> 4 files changed, 220 insertions(+)
> create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
> create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
> create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
>
> diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
> new file mode 100644
> index 000000000..ccc175bb8
> --- /dev/null
> +++ b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
> @@ -0,0 +1,48 @@
> +From f42d5e38859c65a186acd0da94bbeeca12faf7a2 Mon Sep 17 00:00:00 2001
> +From: David Rheinsberg <david.rheinsberg@gmail.com>
> +Date: Thu, 2 May 2019 17:33:34 +0200
> +Subject: [PATCH] launch: improve error handling for opendir()
> +
> +This improves the error-handling of opendir() by always printing
> +diagnostics. Furthermore, it aligns the behavior with dbus-deamon and
> +ignores EACCES.
> +
> +Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
> +Upstream-Status: dbus-broker@f42d5e38859c65a186acd0da94bbeeca12faf7a2
> +---
> + src/launch/launcher.c | 17 +++++++++++++++--
> + 1 file changed, 15 insertions(+), 2 deletions(-)
> +
> +diff --git a/src/launch/launcher.c b/src/launch/launcher.c
> +index 31a5364..2ec4bda 100644
> +--- a/src/launch/launcher.c
> ++++ b/src/launch/launcher.c
> +@@ -749,10 +749,23 @@ static int launcher_load_service_dir(Launcher *launcher, const char *dirpath, NS
> +
> + dir = opendir(dirpath);
> + if (!dir) {
> +- if (errno == ENOENT || errno == ENOTDIR)
> ++ if (errno == ENOENT || errno == ENOTDIR) {
> + return 0;
> +- else
> ++ } else if (errno == EACCES) {
> ++ log_append_here(&launcher->log, LOG_ERR, 0, NULL);
> ++ r = log_commitf(&launcher->log, "Access denied to service directory '%s'\n", dirpath);
> ++ if (r)
> ++ return error_fold(r);
> ++
> ++ return 0;
> ++ } else {
> ++ log_append_here(&launcher->log, LOG_ERR, errno, NULL);
> ++ r = log_commitf(&launcher->log, "Unable to open service directory '%s': %m\n", dirpath);
> ++ if (r)
> ++ return error_fold(r);
> ++
> + return error_origin(-errno);
> ++ }
> + }
> +
> + r = dirwatch_add(launcher->dirwatch, dirpath);
> +--
> +2.20.1
> +
> diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
> new file mode 100644
> index 000000000..67a2dc46f
> --- /dev/null
> +++ b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
> @@ -0,0 +1,86 @@
> +From 3570b3e9ba367f10718b56336ce32d5254f66575 Mon Sep 17 00:00:00 2001
> +From: Tom Gundersen <teg@jklm.no>
> +Date: Thu, 9 May 2019 13:00:37 +0200
> +Subject: [PATCH] metrics: change the constant used for invalid timestamps
> +
> +Use (uint64_t)-1 rather than 0 to indicate an invalid timestamp. It
> +should not be possible for the kernel to return 0 from
> +clock_gettime(), but we have received some reports of our asserts
> +triggering, so avoid the issue entirely by using -1 instead (which
> +really can never be returned).
> +
> +See https://retrace.fedoraproject.org/faf/reports/2539484/
> +
> +Signed-off-by: Tom Gundersen <teg@jklm.no>
> +Upstream-Status: dbus-broker@3570b3e9ba367f10718b56336ce32d5254f66575
> +---
> + src/util/metrics.c | 8 ++++----
> + src/util/metrics.h | 9 ++++++---
> + 2 files changed, 10 insertions(+), 7 deletions(-)
> +
> +diff --git a/src/util/metrics.c b/src/util/metrics.c
> +index b5a7182..eef94eb 100644
> +--- a/src/util/metrics.c
> ++++ b/src/util/metrics.c
> +@@ -26,7 +26,7 @@ void metrics_init(Metrics *metrics, clockid_t id) {
> + }
> +
> + void metrics_deinit(Metrics *metrics) {
> +- c_assert(!metrics->timestamp);
> ++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
> + metrics_init(metrics, metrics->id);
> + }
> +
> +@@ -82,7 +82,7 @@ void metrics_sample_add(Metrics *metrics, uint64_t timestamp) {
> + * a sample is not currently running.
> + */
> + void metrics_sample_start(Metrics *metrics) {
> +- c_assert(!metrics->timestamp);
> ++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
> + metrics->timestamp = metrics_get_time(metrics);
> + }
> +
> +@@ -93,11 +93,11 @@ void metrics_sample_start(Metrics *metrics) {
> + * End a currently running sample, and update the internal state.
> + */
> + void metrics_sample_end(Metrics *metrics) {
> +- c_assert(metrics->timestamp);
> ++ c_assert(metrics->timestamp != METRICS_TIMESTAMP_INVALID);
> +
> + metrics_sample_add(metrics, metrics->timestamp);
> +
> +- metrics->timestamp = 0;
> ++ metrics->timestamp = METRICS_TIMESTAMP_INVALID;
> + }
> +
> + /**
> +diff --git a/src/util/metrics.h b/src/util/metrics.h
> +index a8ee915..b00dee6 100644
> +--- a/src/util/metrics.h
> ++++ b/src/util/metrics.h
> +@@ -8,6 +8,8 @@
> + #include <stdlib.h>
> + #include <time.h>
> +
> ++#define METRICS_TIMESTAMP_INVALID ((uint64_t) -1)
> ++
> + typedef struct Metrics Metrics;
> +
> + struct Metrics {
> +@@ -23,9 +25,10 @@ struct Metrics {
> + uint64_t sum_of_squares;
> + };
> +
> +-#define METRICS_INIT(_id) { \
> +- .minimum = (uint64_t) -1, \
> +- .id = (_id), \
> ++#define METRICS_INIT(_id) { \
> ++ .minimum = (uint64_t) -1, \
> ++ .id = (_id), \
> ++ .timestamp = METRICS_TIMESTAMP_INVALID, \
> + }
> +
> + void metrics_init(Metrics *metrics, clockid_t id);
> +--
> +2.21.0
> +
> diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
> new file mode 100644
> index 000000000..53f9e71aa
> --- /dev/null
> +++ b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
> @@ -0,0 +1,83 @@
> +From 520c47c53deeb893e03194fefaf3c5b9223ede27 Mon Sep 17 00:00:00 2001
> +From: David Rheinsberg <david.rheinsberg@gmail.com>
> +Date: Fri, 10 May 2019 10:58:06 +0200
> +Subject: [PATCH] dbus/socket: treat MSG_CTRUNC gracefully
> +
> +As it turns out, LSMs allow clients to trigger a MSG_CTRUNC on the
> +remote side of a unix socket. Whenever LSMs reject the transmission of
> +an FD, they will simply drop the FD and set MSG_CTRUNC, without any
> +other error notification.
> +
> +Therefore, we must assume any occurance of MSG_CTRUNC is trigger by a
> +client. This makes it impossible to consider MSG_CTRUNC for any other
> +error handling, and as such we are left to disconnecting the client and
> +ignoring the flag.
> +
> +Luckily, MSG_CTRUNC is expected for any other event, so we only used it
> +for diagnostics so far.
> +
> +Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
> +Upstream-Status: dbus-broker@520c47c53deeb893e03194fefaf3c5b9223ede27
> +---
> + src/dbus/socket.c | 44 +++++++++++++++++++++++++++++++++-----------
> + 1 file changed, 33 insertions(+), 11 deletions(-)
> +
> +diff --git a/src/dbus/socket.c b/src/dbus/socket.c
> +index cacdff2..6e6ba10 100644
> +--- a/src/dbus/socket.c
> ++++ b/src/dbus/socket.c
> +@@ -593,18 +593,40 @@ static int socket_recvmsg(Socket *socket,
> +
> + if (msg.msg_flags & MSG_CTRUNC) {
> + /*
> +- * This flag means the control-buffer was too small to retrieve
> +- * all data. If this can be triggered remotely, it means a peer
> +- * can cause us to miss FDs. Hence, we really must protect
> +- * against this.
> +- * We do provide suitably sized buffers to be prepared for any
> +- * possible scenario. So if this happens, something is fishy
> +- * and we better report it.
> +- * Note that this is also reported by the kernel if we exceeded
> +- * our NOFILE limit. Since this implies resource
> +- * misconfiguration as well, we treat it the same way.
> ++ * Our control-buffer-size is carefully calculated to be big
> ++ * enough for any possible ancillary data we expect. Therefore,
> ++ * the kernel should never be required to truncate it, and thus
> ++ * MSG_CTRUNC will never be set. This is also foward compatible
> ++ * to future extensions to the ancillary data, since these must
> ++ * be enabled explicitly before the kernel considers forwarding
> ++ * them.
> ++ *
> ++ * Unfortunately, the SCM_RIGHTS implementation might set this
> ++ * flag as well. In particular, if not all FDs can be returned
> ++ * to user-space, MSG_CTRUNC will be set (signalling that the
> ++ * FD-set is non-complete). No other error is returned or
> ++ * signalled, though. There are several reasons why the FD
> ++ * transmission can fail. Most importantly, if we exhaust our
> ++ * FD limit, further FDs will simply be discarded. We are
> ++ * protected against this by our accounting-quotas, but we
> ++ * would still like to catch this condition and warn loudly.
> ++ * However, FDs are also dropped if the security layer refused
> ++ * the transmission of the FD in question. This means, if an
> ++ * LSM refuses the D-Bus client to send us an FD, the FD is
> ++ * just dropped and MSG_CTRUNC will be set. This can be
> ++ * triggered by clients.
> ++ *
> ++ * To summarize: In an ideal world, we would expect this flag
> ++ * to never be set, and we would just use
> ++ * `error_origin(-ENOTRECOVERABLE)` to provide diagnostics.
> ++ * Unfortunately, the gross misuse of this flag for LSM
> ++ * security enforcements means we have to assume any occurence
> ++ * of MSG_CTRUNC means the client was refused to send a
> ++ * specific message. Our only possible way to deal with this is
> ++ * to disconnect the client.
> + */
> +- r = error_origin(-ENOTRECOVERABLE);
> ++ socket_close(socket);
> ++ r = SOCKET_E_LOST_INTEREST;
> + goto error;
> + }
> +
> +--
> +2.21.0
> +
> diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> index 0b0301fe0..fd77afc60 100644
> --- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> +++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> @@ -8,6 +8,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
>
> SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
> SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
It seems to be missing md5sum also move is below SRC_URI for formatting sake
> +SRC_URI_append += "file://0001-launch-improve-error-handling-for-opendir.patch"
> +SRC_URI_append += "file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
> +SRC_URI_append += "file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
Please add it to main SRC_URI there is no need for appends then.
>
> inherit meson pkgconfig systemd distro_features_check
>
> --
> 2.20.1
>
> --
> _______________________________________________
> Openembedded-devel mailing list
> Openembedded-devel@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21
2019-10-26 7:09 ` [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 Khem Raj
@ 2019-10-28 10:18 ` Luca Boccassi
0 siblings, 0 replies; 15+ messages in thread
From: Luca Boccassi @ 2019-10-28 10:18 UTC (permalink / raw)
To: Khem Raj; +Cc: openembeded-devel
On Sat, 2019-10-26 at 08:09 +0100, Khem Raj wrote:
> Luca
>
> This fails to build on musl/x86
>
> > ../dbus-broker-21/src/launch/launcher.c: In function
> > 'launcher_fork':
> > ../dbus-broker-21/src/launch/launcher.c:378:60: error: 'WEXITED'
>
> undeclared (first use in this function); did you mean 'WIFEXITED'?
> > 378 | r = sd_event_add_child(launcher->event, NULL, pid,
>
> WEXITED, launcher_on_child_exit, launcher);
> > |
> > ^~~~~~~
> > |
> > WIFEXITED
>
>
> II think the source file needs to include <sys/wait.h>
Thank you for the test and the hint - my distro builds with glibc so I
missed this. I'll test it locally and send a v2.
> On Fri, Oct 25, 2019 at 8:13 PM <
> luca.boccassi@gmail.com
> > wrote:
> > From: Luca Boccassi <
> > luca.boccassi@microsoft.com
> > >
> >
> > Add /lib/systemd/catalog to the package, as snippets for the
> > journal are
> > now shipped.
> >
> > Signed-off-by: Luca Boccassi <
> > luca.boccassi@microsoft.com
> > >
> > ---
> > .../recipes-core/dbus/{dbus-broker_19.bb => dbus-broker_21.bb} | 3
> > ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> > rename meta-oe/recipes-core/dbus/{dbus-broker_19.bb => dbus-
> > broker_21.bb} (80%)
> >
> > diff --git a/meta-oe/recipes-core/dbus/dbus-broker_19.bb b/meta-
> > oe/recipes-core/dbus/dbus-broker_21.bb
> > similarity index 80%
> > rename from meta-oe/recipes-core/dbus/dbus-broker_19.bb
> > rename to meta-oe/recipes-core/dbus/dbus-broker_21.bb
> > index 82d8b8ba6..0b0301fe0 100644
> > --- a/meta-oe/recipes-core/dbus/dbus-broker_19.bb
> > +++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> > @@ -7,7 +7,7 @@ LICENSE = "Apache-2.0"
> > LIC_FILES_CHKSUM = "
> > file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
> >
> >
> > SRC_URI = "
> > https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz
> > "
> > -SRC_URI[sha256sum] =
> > "1648227f5a347d4f38d8a29bb9295a73a25c3feb4f3e79e3f04cc847343da3ed"
> > +SRC_URI[sha256sum] =
> > "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
> >
> > inherit meson pkgconfig systemd distro_features_check
> >
> > @@ -19,3 +19,4 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
> >
> > FILES_${PN} += "${systemd_system_unitdir}"
> > FILES_${PN} += "${systemd_user_unitdir}"
> > +FILES_${PN} += "${libdir}/systemd/catalog"
> > --
> > 2.20.1
> >
> > --
> > _______________________________________________
> > Openembedded-devel mailing list
> > Openembedded-devel@lists.openembedded.org
> >
> > http://lists.openembedded.org/mailman/listinfo/openembedded-devel
> >
--
Kind regards,
Luca Boccassi
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [meta-oe][PATCH 2/3] dbus-broker: backport patches from master
2019-10-26 7:18 ` Khem Raj
@ 2019-10-28 10:20 ` Luca Boccassi
0 siblings, 0 replies; 15+ messages in thread
From: Luca Boccassi @ 2019-10-28 10:20 UTC (permalink / raw)
To: Khem Raj; +Cc: openembeded-devel
On Sat, 2019-10-26 at 08:18 +0100, Khem Raj wrote:
> On Fri, Oct 25, 2019 at 8:13 PM <
> luca.boccassi@gmail.com
> > wrote:
> > From: Luca Boccassi <
> > luca.boccassi@microsoft.com
> > >
> >
> > These patches fix issues found in Fedora 30, which switched from
> > dbus-daemon to dbus-broker.
> > These backports align meta-oe to Fedora 30.
> >
> > Signed-off-by: Luca Boccassi <
> > luca.boccassi@microsoft.com
> > >
> > ---
> > ...h-improve-error-handling-for-opendir.patch | 48 +++++++++++
> > ...he-constant-used-for-invalid-timesta.patch | 86
> > +++++++++++++++++++
> > ...s-socket-treat-MSG_CTRUNC-gracefully.patch | 83
> > ++++++++++++++++++
> > meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +
> > 4 files changed, 220 insertions(+)
> > create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0001-
> > launch-improve-error-handling-for-opendir.patch
> > create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0002-
> > metrics-change-the-constant-used-for-invalid-timesta.patch
> > create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0003-
> > dbus-socket-treat-MSG_CTRUNC-gracefully.patch
> >
> > diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-
> > improve-error-handling-for-opendir.patch b/meta-oe/recipes-
> > core/dbus/dbus-broker/0001-launch-improve-error-handling-for-
> > opendir.patch
> > new file mode 100644
> > index 000000000..ccc175bb8
> > --- /dev/null
> > +++ b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-
> > error-handling-for-opendir.patch
> > @@ -0,0 +1,48 @@
> > +From f42d5e38859c65a186acd0da94bbeeca12faf7a2 Mon Sep 17 00:00:00
> > 2001
> > +From: David Rheinsberg <
> > david.rheinsberg@gmail.com
> > >
> > +Date: Thu, 2 May 2019 17:33:34 +0200
> > +Subject: [PATCH] launch: improve error handling for opendir()
> > +
> > +This improves the error-handling of opendir() by always printing
> > +diagnostics. Furthermore, it aligns the behavior with dbus-deamon
> > and
> > +ignores EACCES.
> > +
> > +Signed-off-by: David Rheinsberg <
> > david.rheinsberg@gmail.com
> > >
> > +Upstream-Status:
> > dbus-broker@f42d5e38859c65a186acd0da94bbeeca12faf7a2
> > +---
> > + src/launch/launcher.c | 17 +++++++++++++++--
> > + 1 file changed, 15 insertions(+), 2 deletions(-)
> > +
> > +diff --git a/src/launch/launcher.c b/src/launch/launcher.c
> > +index 31a5364..2ec4bda 100644
> > +--- a/src/launch/launcher.c
> > ++++ b/src/launch/launcher.c
> > +@@ -749,10 +749,23 @@ static int
> > launcher_load_service_dir(Launcher *launcher, const char *dirpath,
> > NS
> > +
> > + dir = opendir(dirpath);
> > + if (!dir) {
> > +- if (errno == ENOENT || errno == ENOTDIR)
> > ++ if (errno == ENOENT || errno == ENOTDIR) {
> > + return 0;
> > +- else
> > ++ } else if (errno == EACCES) {
> > ++ log_append_here(&launcher->log, LOG_ERR,
> > 0, NULL);
> > ++ r = log_commitf(&launcher->log, "Access
> > denied to service directory '%s'\n", dirpath);
> > ++ if (r)
> > ++ return error_fold(r);
> > ++
> > ++ return 0;
> > ++ } else {
> > ++ log_append_here(&launcher->log, LOG_ERR,
> > errno, NULL);
> > ++ r = log_commitf(&launcher->log, "Unable
> > to open service directory '%s': %m\n", dirpath);
> > ++ if (r)
> > ++ return error_fold(r);
> > ++
> > + return error_origin(-errno);
> > ++ }
> > + }
> > +
> > + r = dirwatch_add(launcher->dirwatch, dirpath);
> > +--
> > +2.20.1
> > +
> > diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-
> > change-the-constant-used-for-invalid-timesta.patch b/meta-
> > oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-
> > used-for-invalid-timesta.patch
> > new file mode 100644
> > index 000000000..67a2dc46f
> > --- /dev/null
> > +++ b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-
> > the-constant-used-for-invalid-timesta.patch
> > @@ -0,0 +1,86 @@
> > +From 3570b3e9ba367f10718b56336ce32d5254f66575 Mon Sep 17 00:00:00
> > 2001
> > +From: Tom Gundersen <
> > teg@jklm.no
> > >
> > +Date: Thu, 9 May 2019 13:00:37 +0200
> > +Subject: [PATCH] metrics: change the constant used for invalid
> > timestamps
> > +
> > +Use (uint64_t)-1 rather than 0 to indicate an invalid timestamp.
> > It
> > +should not be possible for the kernel to return 0 from
> > +clock_gettime(), but we have received some reports of our asserts
> > +triggering, so avoid the issue entirely by using -1 instead
> > (which
> > +really can never be returned).
> > +
> > +See
> > https://retrace.fedoraproject.org/faf/reports/2539484/
> >
> > +
> > +Signed-off-by: Tom Gundersen <
> > teg@jklm.no
> > >
> > +Upstream-Status:
> > dbus-broker@3570b3e9ba367f10718b56336ce32d5254f66575
> > +---
> > + src/util/metrics.c | 8 ++++----
> > + src/util/metrics.h | 9 ++++++---
> > + 2 files changed, 10 insertions(+), 7 deletions(-)
> > +
> > +diff --git a/src/util/metrics.c b/src/util/metrics.c
> > +index b5a7182..eef94eb 100644
> > +--- a/src/util/metrics.c
> > ++++ b/src/util/metrics.c
> > +@@ -26,7 +26,7 @@ void metrics_init(Metrics *metrics, clockid_t
> > id) {
> > + }
> > +
> > + void metrics_deinit(Metrics *metrics) {
> > +- c_assert(!metrics->timestamp);
> > ++ c_assert(metrics->timestamp ==
> > METRICS_TIMESTAMP_INVALID);
> > + metrics_init(metrics, metrics->id);
> > + }
> > +
> > +@@ -82,7 +82,7 @@ void metrics_sample_add(Metrics *metrics,
> > uint64_t timestamp) {
> > + * a sample is not currently running.
> > + */
> > + void metrics_sample_start(Metrics *metrics) {
> > +- c_assert(!metrics->timestamp);
> > ++ c_assert(metrics->timestamp ==
> > METRICS_TIMESTAMP_INVALID);
> > + metrics->timestamp = metrics_get_time(metrics);
> > + }
> > +
> > +@@ -93,11 +93,11 @@ void metrics_sample_start(Metrics *metrics) {
> > + * End a currently running sample, and update the internal state.
> > + */
> > + void metrics_sample_end(Metrics *metrics) {
> > +- c_assert(metrics->timestamp);
> > ++ c_assert(metrics->timestamp !=
> > METRICS_TIMESTAMP_INVALID);
> > +
> > + metrics_sample_add(metrics, metrics->timestamp);
> > +
> > +- metrics->timestamp = 0;
> > ++ metrics->timestamp = METRICS_TIMESTAMP_INVALID;
> > + }
> > +
> > + /**
> > +diff --git a/src/util/metrics.h b/src/util/metrics.h
> > +index a8ee915..b00dee6 100644
> > +--- a/src/util/metrics.h
> > ++++ b/src/util/metrics.h
> > +@@ -8,6 +8,8 @@
> > + #include <stdlib.h>
> > + #include <time.h>
> > +
> > ++#define METRICS_TIMESTAMP_INVALID ((uint64_t) -1)
> > ++
> > + typedef struct Metrics Metrics;
> > +
> > + struct Metrics {
> > +@@ -23,9 +25,10 @@ struct Metrics {
> > + uint64_t sum_of_squares;
> > + };
> > +
> > +-#define METRICS_INIT(_id) { \
> > +- .minimum = (uint64_t) -1, \
> > +- .id = (_id), \
> > ++#define METRICS_INIT(_id) { \
> > ++ .minimum = (uint64_t) -1, \
> > ++ .id = (_id), \
> > ++ .timestamp = METRICS_TIMESTAMP_INVALID, \
> > + }
> > +
> > + void metrics_init(Metrics *metrics, clockid_t id);
> > +--
> > +2.21.0
> > +
> > diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-
> > socket-treat-MSG_CTRUNC-gracefully.patch b/meta-oe/recipes-
> > core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-
> > gracefully.patch
> > new file mode 100644
> > index 000000000..53f9e71aa
> > --- /dev/null
> > +++ b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-
> > MSG_CTRUNC-gracefully.patch
> > @@ -0,0 +1,83 @@
> > +From 520c47c53deeb893e03194fefaf3c5b9223ede27 Mon Sep 17 00:00:00
> > 2001
> > +From: David Rheinsberg <
> > david.rheinsberg@gmail.com
> > >
> > +Date: Fri, 10 May 2019 10:58:06 +0200
> > +Subject: [PATCH] dbus/socket: treat MSG_CTRUNC gracefully
> > +
> > +As it turns out, LSMs allow clients to trigger a MSG_CTRUNC on the
> > +remote side of a unix socket. Whenever LSMs reject the
> > transmission of
> > +an FD, they will simply drop the FD and set MSG_CTRUNC, without
> > any
> > +other error notification.
> > +
> > +Therefore, we must assume any occurance of MSG_CTRUNC is trigger
> > by a
> > +client. This makes it impossible to consider MSG_CTRUNC for any
> > other
> > +error handling, and as such we are left to disconnecting the
> > client and
> > +ignoring the flag.
> > +
> > +Luckily, MSG_CTRUNC is expected for any other event, so we only
> > used it
> > +for diagnostics so far.
> > +
> > +Signed-off-by: David Rheinsberg <
> > david.rheinsberg@gmail.com
> > >
> > +Upstream-Status:
> > dbus-broker@520c47c53deeb893e03194fefaf3c5b9223ede27
> > +---
> > + src/dbus/socket.c | 44 +++++++++++++++++++++++++++++++++---------
> > --
> > + 1 file changed, 33 insertions(+), 11 deletions(-)
> > +
> > +diff --git a/src/dbus/socket.c b/src/dbus/socket.c
> > +index cacdff2..6e6ba10 100644
> > +--- a/src/dbus/socket.c
> > ++++ b/src/dbus/socket.c
> > +@@ -593,18 +593,40 @@ static int socket_recvmsg(Socket *socket,
> > +
> > + if (msg.msg_flags & MSG_CTRUNC) {
> > + /*
> > +- * This flag means the control-buffer was too
> > small to retrieve
> > +- * all data. If this can be triggered remotely,
> > it means a peer
> > +- * can cause us to miss FDs. Hence, we really
> > must protect
> > +- * against this.
> > +- * We do provide suitably sized buffers to be
> > prepared for any
> > +- * possible scenario. So if this happens,
> > something is fishy
> > +- * and we better report it.
> > +- * Note that this is also reported by the kernel
> > if we exceeded
> > +- * our NOFILE limit. Since this implies resource
> > +- * misconfiguration as well, we treat it the same
> > way.
> > ++ * Our control-buffer-size is carefully
> > calculated to be big
> > ++ * enough for any possible ancillary data we
> > expect. Therefore,
> > ++ * the kernel should never be required to
> > truncate it, and thus
> > ++ * MSG_CTRUNC will never be set. This is also
> > foward compatible
> > ++ * to future extensions to the ancillary data,
> > since these must
> > ++ * be enabled explicitly before the kernel
> > considers forwarding
> > ++ * them.
> > ++ *
> > ++ * Unfortunately, the SCM_RIGHTS implementation
> > might set this
> > ++ * flag as well. In particular, if not all FDs
> > can be returned
> > ++ * to user-space, MSG_CTRUNC will be set
> > (signalling that the
> > ++ * FD-set is non-complete). No other error is
> > returned or
> > ++ * signalled, though. There are several reasons
> > why the FD
> > ++ * transmission can fail. Most importantly, if we
> > exhaust our
> > ++ * FD limit, further FDs will simply be
> > discarded. We are
> > ++ * protected against this by our accounting-
> > quotas, but we
> > ++ * would still like to catch this condition and
> > warn loudly.
> > ++ * However, FDs are also dropped if the security
> > layer refused
> > ++ * the transmission of the FD in question. This
> > means, if an
> > ++ * LSM refuses the D-Bus client to send us an FD,
> > the FD is
> > ++ * just dropped and MSG_CTRUNC will be set. This
> > can be
> > ++ * triggered by clients.
> > ++ *
> > ++ * To summarize: In an ideal world, we would
> > expect this flag
> > ++ * to never be set, and we would just use
> > ++ * `error_origin(-ENOTRECOVERABLE)` to provide
> > diagnostics.
> > ++ * Unfortunately, the gross misuse of this flag
> > for LSM
> > ++ * security enforcements means we have to assume
> > any occurence
> > ++ * of MSG_CTRUNC means the client was refused to
> > send a
> > ++ * specific message. Our only possible way to
> > deal with this is
> > ++ * to disconnect the client.
> > + */
> > +- r = error_origin(-ENOTRECOVERABLE);
> > ++ socket_close(socket);
> > ++ r = SOCKET_E_LOST_INTEREST;
> > + goto error;
> > + }
> > +
> > +--
> > +2.21.0
> > +
> > diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-
> > oe/recipes-core/dbus/dbus-broker_21.bb
> > index 0b0301fe0..fd77afc60 100644
> > --- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> > +++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
> > @@ -8,6 +8,9 @@ LIC_FILES_CHKSUM = "
> > file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
> >
> >
> > SRC_URI = "
> > https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz
> > "
> > SRC_URI[sha256sum] =
> > "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
>
> It seems to be missing md5sum also move is below SRC_URI for
> formatting sake
>
> > +SRC_URI_append += "
> > file://0001-launch-improve-error-handling-for-opendir.patch"
> >
> > +SRC_URI_append += "
> > file://0002-metrics-change-the-constant-used-for-invalid-
> > timesta.patch"
> >
> > +SRC_URI_append += "
> > file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
> >
>
> Please add it to main SRC_URI there is no need for appends then.
Hi,
Will do both in v2, thanks for the review.
--
Kind regards,
Luca Boccassi
^ permalink raw reply [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v2 1/4] dbus-broker: 19 -> 21
2019-10-25 19:12 [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 luca.boccassi
` (2 preceding siblings ...)
2019-10-26 7:09 ` [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 Khem Raj
@ 2019-10-28 14:53 ` luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 2/4] dbus-broker: backport patches from master luca.boccassi
` (2 more replies)
2019-10-28 14:58 ` [meta-oe][PATCH v3 1/4] dbus-broker: 19 -> 21 luca.boccassi
4 siblings, 3 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:53 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Add /lib/systemd/catalog to the package, as snippets for the journal are
now shipped.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: add md5sum
.../dbus/{dbus-broker_19.bb => dbus-broker_21.bb} | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
rename meta-oe/recipes-core/dbus/{dbus-broker_19.bb => dbus-broker_21.bb} (74%)
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_19.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
similarity index 74%
rename from meta-oe/recipes-core/dbus/dbus-broker_19.bb
rename to meta-oe/recipes-core/dbus/dbus-broker_21.bb
index 82d8b8ba6..f22916aba 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_19.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -7,7 +7,8 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
-SRC_URI[sha256sum] = "1648227f5a347d4f38d8a29bb9295a73a25c3feb4f3e79e3f04cc847343da3ed"
+SRC_URI[md5sum] = "7d2e7e72b45c3cb7c25d21a53ce30c7d"
+SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
inherit meson pkgconfig systemd distro_features_check
@@ -19,3 +20,4 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
FILES_${PN} += "${systemd_system_unitdir}"
FILES_${PN} += "${systemd_user_unitdir}"
+FILES_${PN} += "${libdir}/systemd/catalog"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v2 2/4] dbus-broker: backport patches from master
2019-10-28 14:53 ` [meta-oe][PATCH v2 1/4] " luca.boccassi
@ 2019-10-28 14:53 ` luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 4/4] dbus-broker: add patch to fix build with musl libc luca.boccassi
2 siblings, 0 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:53 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
These patches fix issues found in Fedora 30, which switched from
dbus-daemon to dbus-broker.
These backports align meta-oe to Fedora 30.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: use SRC_URI instead of SRC_URI_append
...h-improve-error-handling-for-opendir.patch | 48 +++++++++++
...he-constant-used-for-invalid-timesta.patch | 86 +++++++++++++++++++
...s-socket-treat-MSG_CTRUNC-gracefully.patch | 83 ++++++++++++++++++
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +
4 files changed, 220 insertions(+)
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
new file mode 100644
index 000000000..ccc175bb8
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
@@ -0,0 +1,48 @@
+From f42d5e38859c65a186acd0da94bbeeca12faf7a2 Mon Sep 17 00:00:00 2001
+From: David Rheinsberg <david.rheinsberg@gmail.com>
+Date: Thu, 2 May 2019 17:33:34 +0200
+Subject: [PATCH] launch: improve error handling for opendir()
+
+This improves the error-handling of opendir() by always printing
+diagnostics. Furthermore, it aligns the behavior with dbus-deamon and
+ignores EACCES.
+
+Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
+Upstream-Status: dbus-broker@f42d5e38859c65a186acd0da94bbeeca12faf7a2
+---
+ src/launch/launcher.c | 17 +++++++++++++++--
+ 1 file changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/src/launch/launcher.c b/src/launch/launcher.c
+index 31a5364..2ec4bda 100644
+--- a/src/launch/launcher.c
++++ b/src/launch/launcher.c
+@@ -749,10 +749,23 @@ static int launcher_load_service_dir(Launcher *launcher, const char *dirpath, NS
+
+ dir = opendir(dirpath);
+ if (!dir) {
+- if (errno == ENOENT || errno == ENOTDIR)
++ if (errno == ENOENT || errno == ENOTDIR) {
+ return 0;
+- else
++ } else if (errno == EACCES) {
++ log_append_here(&launcher->log, LOG_ERR, 0, NULL);
++ r = log_commitf(&launcher->log, "Access denied to service directory '%s'\n", dirpath);
++ if (r)
++ return error_fold(r);
++
++ return 0;
++ } else {
++ log_append_here(&launcher->log, LOG_ERR, errno, NULL);
++ r = log_commitf(&launcher->log, "Unable to open service directory '%s': %m\n", dirpath);
++ if (r)
++ return error_fold(r);
++
+ return error_origin(-errno);
++ }
+ }
+
+ r = dirwatch_add(launcher->dirwatch, dirpath);
+--
+2.20.1
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
new file mode 100644
index 000000000..67a2dc46f
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
@@ -0,0 +1,86 @@
+From 3570b3e9ba367f10718b56336ce32d5254f66575 Mon Sep 17 00:00:00 2001
+From: Tom Gundersen <teg@jklm.no>
+Date: Thu, 9 May 2019 13:00:37 +0200
+Subject: [PATCH] metrics: change the constant used for invalid timestamps
+
+Use (uint64_t)-1 rather than 0 to indicate an invalid timestamp. It
+should not be possible for the kernel to return 0 from
+clock_gettime(), but we have received some reports of our asserts
+triggering, so avoid the issue entirely by using -1 instead (which
+really can never be returned).
+
+See https://retrace.fedoraproject.org/faf/reports/2539484/
+
+Signed-off-by: Tom Gundersen <teg@jklm.no>
+Upstream-Status: dbus-broker@3570b3e9ba367f10718b56336ce32d5254f66575
+---
+ src/util/metrics.c | 8 ++++----
+ src/util/metrics.h | 9 ++++++---
+ 2 files changed, 10 insertions(+), 7 deletions(-)
+
+diff --git a/src/util/metrics.c b/src/util/metrics.c
+index b5a7182..eef94eb 100644
+--- a/src/util/metrics.c
++++ b/src/util/metrics.c
+@@ -26,7 +26,7 @@ void metrics_init(Metrics *metrics, clockid_t id) {
+ }
+
+ void metrics_deinit(Metrics *metrics) {
+- c_assert(!metrics->timestamp);
++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
+ metrics_init(metrics, metrics->id);
+ }
+
+@@ -82,7 +82,7 @@ void metrics_sample_add(Metrics *metrics, uint64_t timestamp) {
+ * a sample is not currently running.
+ */
+ void metrics_sample_start(Metrics *metrics) {
+- c_assert(!metrics->timestamp);
++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
+ metrics->timestamp = metrics_get_time(metrics);
+ }
+
+@@ -93,11 +93,11 @@ void metrics_sample_start(Metrics *metrics) {
+ * End a currently running sample, and update the internal state.
+ */
+ void metrics_sample_end(Metrics *metrics) {
+- c_assert(metrics->timestamp);
++ c_assert(metrics->timestamp != METRICS_TIMESTAMP_INVALID);
+
+ metrics_sample_add(metrics, metrics->timestamp);
+
+- metrics->timestamp = 0;
++ metrics->timestamp = METRICS_TIMESTAMP_INVALID;
+ }
+
+ /**
+diff --git a/src/util/metrics.h b/src/util/metrics.h
+index a8ee915..b00dee6 100644
+--- a/src/util/metrics.h
++++ b/src/util/metrics.h
+@@ -8,6 +8,8 @@
+ #include <stdlib.h>
+ #include <time.h>
+
++#define METRICS_TIMESTAMP_INVALID ((uint64_t) -1)
++
+ typedef struct Metrics Metrics;
+
+ struct Metrics {
+@@ -23,9 +25,10 @@ struct Metrics {
+ uint64_t sum_of_squares;
+ };
+
+-#define METRICS_INIT(_id) { \
+- .minimum = (uint64_t) -1, \
+- .id = (_id), \
++#define METRICS_INIT(_id) { \
++ .minimum = (uint64_t) -1, \
++ .id = (_id), \
++ .timestamp = METRICS_TIMESTAMP_INVALID, \
+ }
+
+ void metrics_init(Metrics *metrics, clockid_t id);
+--
+2.21.0
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
new file mode 100644
index 000000000..53f9e71aa
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
@@ -0,0 +1,83 @@
+From 520c47c53deeb893e03194fefaf3c5b9223ede27 Mon Sep 17 00:00:00 2001
+From: David Rheinsberg <david.rheinsberg@gmail.com>
+Date: Fri, 10 May 2019 10:58:06 +0200
+Subject: [PATCH] dbus/socket: treat MSG_CTRUNC gracefully
+
+As it turns out, LSMs allow clients to trigger a MSG_CTRUNC on the
+remote side of a unix socket. Whenever LSMs reject the transmission of
+an FD, they will simply drop the FD and set MSG_CTRUNC, without any
+other error notification.
+
+Therefore, we must assume any occurance of MSG_CTRUNC is trigger by a
+client. This makes it impossible to consider MSG_CTRUNC for any other
+error handling, and as such we are left to disconnecting the client and
+ignoring the flag.
+
+Luckily, MSG_CTRUNC is expected for any other event, so we only used it
+for diagnostics so far.
+
+Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
+Upstream-Status: dbus-broker@520c47c53deeb893e03194fefaf3c5b9223ede27
+---
+ src/dbus/socket.c | 44 +++++++++++++++++++++++++++++++++-----------
+ 1 file changed, 33 insertions(+), 11 deletions(-)
+
+diff --git a/src/dbus/socket.c b/src/dbus/socket.c
+index cacdff2..6e6ba10 100644
+--- a/src/dbus/socket.c
++++ b/src/dbus/socket.c
+@@ -593,18 +593,40 @@ static int socket_recvmsg(Socket *socket,
+
+ if (msg.msg_flags & MSG_CTRUNC) {
+ /*
+- * This flag means the control-buffer was too small to retrieve
+- * all data. If this can be triggered remotely, it means a peer
+- * can cause us to miss FDs. Hence, we really must protect
+- * against this.
+- * We do provide suitably sized buffers to be prepared for any
+- * possible scenario. So if this happens, something is fishy
+- * and we better report it.
+- * Note that this is also reported by the kernel if we exceeded
+- * our NOFILE limit. Since this implies resource
+- * misconfiguration as well, we treat it the same way.
++ * Our control-buffer-size is carefully calculated to be big
++ * enough for any possible ancillary data we expect. Therefore,
++ * the kernel should never be required to truncate it, and thus
++ * MSG_CTRUNC will never be set. This is also foward compatible
++ * to future extensions to the ancillary data, since these must
++ * be enabled explicitly before the kernel considers forwarding
++ * them.
++ *
++ * Unfortunately, the SCM_RIGHTS implementation might set this
++ * flag as well. In particular, if not all FDs can be returned
++ * to user-space, MSG_CTRUNC will be set (signalling that the
++ * FD-set is non-complete). No other error is returned or
++ * signalled, though. There are several reasons why the FD
++ * transmission can fail. Most importantly, if we exhaust our
++ * FD limit, further FDs will simply be discarded. We are
++ * protected against this by our accounting-quotas, but we
++ * would still like to catch this condition and warn loudly.
++ * However, FDs are also dropped if the security layer refused
++ * the transmission of the FD in question. This means, if an
++ * LSM refuses the D-Bus client to send us an FD, the FD is
++ * just dropped and MSG_CTRUNC will be set. This can be
++ * triggered by clients.
++ *
++ * To summarize: In an ideal world, we would expect this flag
++ * to never be set, and we would just use
++ * `error_origin(-ENOTRECOVERABLE)` to provide diagnostics.
++ * Unfortunately, the gross misuse of this flag for LSM
++ * security enforcements means we have to assume any occurence
++ * of MSG_CTRUNC means the client was refused to send a
++ * specific message. Our only possible way to deal with this is
++ * to disconnect the client.
+ */
+- r = error_origin(-ENOTRECOVERABLE);
++ socket_close(socket);
++ r = SOCKET_E_LOST_INTEREST;
+ goto error;
+ }
+
+--
+2.21.0
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index f22916aba..425485a8b 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -7,6 +7,9 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
+SRC_URI += " file://0001-launch-improve-error-handling-for-opendir.patch"
+SRC_URI += " file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
+SRC_URI += " file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
SRC_URI[md5sum] = "7d2e7e72b45c3cb7c25d21a53ce30c7d"
SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v2 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES
2019-10-28 14:53 ` [meta-oe][PATCH v2 1/4] " luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 2/4] dbus-broker: backport patches from master luca.boccassi
@ 2019-10-28 14:53 ` luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 4/4] dbus-broker: add patch to fix build with musl libc luca.boccassi
2 siblings, 0 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:53 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: no changes
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index 425485a8b..a2cb85f8b 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -16,6 +16,7 @@ SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f6
inherit meson pkgconfig systemd distro_features_check
DEPENDS = "expat systemd"
+DEPENDS += " ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'libselinux', '', d)}"
REQUIRED_DISTRO_FEATURES = "systemd"
@@ -24,3 +25,5 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
FILES_${PN} += "${systemd_system_unitdir}"
FILES_${PN} += "${systemd_user_unitdir}"
FILES_${PN} += "${libdir}/systemd/catalog"
+
+EXTRA_OEMESON += " -Dselinux=${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'true', 'false', d)}"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v2 4/4] dbus-broker: add patch to fix build with musl libc
2019-10-28 14:53 ` [meta-oe][PATCH v2 1/4] " luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 2/4] dbus-broker: backport patches from master luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
@ 2019-10-28 14:53 ` luca.boccassi
2 siblings, 0 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:53 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Forwarded upstream: https://github.com/bus1/dbus-broker/pull/214
---
v2: added
...04-launcher-fix-build-with-musl-libc.patch | 38 +++++++++++++++++++
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch b/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
new file mode 100644
index 000000000..0348d9722
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
@@ -0,0 +1,38 @@
+From fc1d26dd08c48c04fc9883b36a94c219aba2091c Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <luca.boccassi@microsoft.com>
+Date: Mon, 28 Oct 2019 14:31:38 +0000
+Subject: [PATCH] launcher: fix build with musl libc
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+../src/launch/launcher.c: In function ‘launcher_fork’:
+../src/launch/launcher.c:378:60: error: ‘WEXITED’ undeclared (first use in this function); did you mean ‘WIFEXITED’?
+ r = sd_event_add_child(launcher->event, NULL, pid, WEXITED, launcher_on_child_exit, launcher);
+ ^~~~~~~
+ WIFEXITED
+
+Include sys/wait.h which defines it.
+
+Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
+Suggested-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: pending https://github.com/bus1/dbus-broker/pull/214
+---
+ src/launch/launcher.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/launch/launcher.c b/src/launch/launcher.c
+index 2ec4bda..1f38fcf 100644
+--- a/src/launch/launcher.c
++++ b/src/launch/launcher.c
+@@ -10,6 +10,7 @@
+ #include <stdlib.h>
+ #include <sys/prctl.h>
+ #include <sys/un.h>
++#include <sys/wait.h>
+ #include <systemd/sd-bus.h>
+ #include <systemd/sd-daemon.h>
+ #include <systemd/sd-event.h>
+--
+2.20.1
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index a2cb85f8b..71a7a5762 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -10,6 +10,7 @@ SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-bro
SRC_URI += " file://0001-launch-improve-error-handling-for-opendir.patch"
SRC_URI += " file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
SRC_URI += " file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
+SRC_URI += " file://0004-launcher-fix-build-with-musl-libc.patch"
SRC_URI[md5sum] = "7d2e7e72b45c3cb7c25d21a53ce30c7d"
SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v3 1/4] dbus-broker: 19 -> 21
2019-10-25 19:12 [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 luca.boccassi
` (3 preceding siblings ...)
2019-10-28 14:53 ` [meta-oe][PATCH v2 1/4] " luca.boccassi
@ 2019-10-28 14:58 ` luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 2/4] dbus-broker: backport patches from master luca.boccassi
` (2 more replies)
4 siblings, 3 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:58 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Add /lib/systemd/catalog to the package, as snippets for the journal are
now shipped.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: add md5sum
v3: fix md5sum, because git add is difficult
.../dbus/{dbus-broker_19.bb => dbus-broker_21.bb} | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
rename meta-oe/recipes-core/dbus/{dbus-broker_19.bb => dbus-broker_21.bb} (74%)
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_19.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
similarity index 74%
rename from meta-oe/recipes-core/dbus/dbus-broker_19.bb
rename to meta-oe/recipes-core/dbus/dbus-broker_21.bb
index 82d8b8ba6..9cb59e336 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_19.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -7,7 +7,8 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
-SRC_URI[sha256sum] = "1648227f5a347d4f38d8a29bb9295a73a25c3feb4f3e79e3f04cc847343da3ed"
+SRC_URI[md5sum] = "a17886a92ab1e0bc2e4b1a274339e388"
+SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
inherit meson pkgconfig systemd distro_features_check
@@ -19,3 +20,4 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
FILES_${PN} += "${systemd_system_unitdir}"
FILES_${PN} += "${systemd_user_unitdir}"
+FILES_${PN} += "${libdir}/systemd/catalog"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v3 2/4] dbus-broker: backport patches from master
2019-10-28 14:58 ` [meta-oe][PATCH v3 1/4] dbus-broker: 19 -> 21 luca.boccassi
@ 2019-10-28 14:58 ` luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 4/4] dbus-broker: add patch to fix build with musl libc luca.boccassi
2 siblings, 0 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:58 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
These patches fix issues found in Fedora 30, which switched from
dbus-daemon to dbus-broker.
These backports align meta-oe to Fedora 30.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: use SRC_URI instead of SRC_URI_append
v3: no changes
...h-improve-error-handling-for-opendir.patch | 48 +++++++++++
...he-constant-used-for-invalid-timesta.patch | 86 +++++++++++++++++++
...s-socket-treat-MSG_CTRUNC-gracefully.patch | 83 ++++++++++++++++++
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +
4 files changed, 220 insertions(+)
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
new file mode 100644
index 000000000..ccc175bb8
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0001-launch-improve-error-handling-for-opendir.patch
@@ -0,0 +1,48 @@
+From f42d5e38859c65a186acd0da94bbeeca12faf7a2 Mon Sep 17 00:00:00 2001
+From: David Rheinsberg <david.rheinsberg@gmail.com>
+Date: Thu, 2 May 2019 17:33:34 +0200
+Subject: [PATCH] launch: improve error handling for opendir()
+
+This improves the error-handling of opendir() by always printing
+diagnostics. Furthermore, it aligns the behavior with dbus-deamon and
+ignores EACCES.
+
+Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
+Upstream-Status: dbus-broker@f42d5e38859c65a186acd0da94bbeeca12faf7a2
+---
+ src/launch/launcher.c | 17 +++++++++++++++--
+ 1 file changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/src/launch/launcher.c b/src/launch/launcher.c
+index 31a5364..2ec4bda 100644
+--- a/src/launch/launcher.c
++++ b/src/launch/launcher.c
+@@ -749,10 +749,23 @@ static int launcher_load_service_dir(Launcher *launcher, const char *dirpath, NS
+
+ dir = opendir(dirpath);
+ if (!dir) {
+- if (errno == ENOENT || errno == ENOTDIR)
++ if (errno == ENOENT || errno == ENOTDIR) {
+ return 0;
+- else
++ } else if (errno == EACCES) {
++ log_append_here(&launcher->log, LOG_ERR, 0, NULL);
++ r = log_commitf(&launcher->log, "Access denied to service directory '%s'\n", dirpath);
++ if (r)
++ return error_fold(r);
++
++ return 0;
++ } else {
++ log_append_here(&launcher->log, LOG_ERR, errno, NULL);
++ r = log_commitf(&launcher->log, "Unable to open service directory '%s': %m\n", dirpath);
++ if (r)
++ return error_fold(r);
++
+ return error_origin(-errno);
++ }
+ }
+
+ r = dirwatch_add(launcher->dirwatch, dirpath);
+--
+2.20.1
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
new file mode 100644
index 000000000..67a2dc46f
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0002-metrics-change-the-constant-used-for-invalid-timesta.patch
@@ -0,0 +1,86 @@
+From 3570b3e9ba367f10718b56336ce32d5254f66575 Mon Sep 17 00:00:00 2001
+From: Tom Gundersen <teg@jklm.no>
+Date: Thu, 9 May 2019 13:00:37 +0200
+Subject: [PATCH] metrics: change the constant used for invalid timestamps
+
+Use (uint64_t)-1 rather than 0 to indicate an invalid timestamp. It
+should not be possible for the kernel to return 0 from
+clock_gettime(), but we have received some reports of our asserts
+triggering, so avoid the issue entirely by using -1 instead (which
+really can never be returned).
+
+See https://retrace.fedoraproject.org/faf/reports/2539484/
+
+Signed-off-by: Tom Gundersen <teg@jklm.no>
+Upstream-Status: dbus-broker@3570b3e9ba367f10718b56336ce32d5254f66575
+---
+ src/util/metrics.c | 8 ++++----
+ src/util/metrics.h | 9 ++++++---
+ 2 files changed, 10 insertions(+), 7 deletions(-)
+
+diff --git a/src/util/metrics.c b/src/util/metrics.c
+index b5a7182..eef94eb 100644
+--- a/src/util/metrics.c
++++ b/src/util/metrics.c
+@@ -26,7 +26,7 @@ void metrics_init(Metrics *metrics, clockid_t id) {
+ }
+
+ void metrics_deinit(Metrics *metrics) {
+- c_assert(!metrics->timestamp);
++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
+ metrics_init(metrics, metrics->id);
+ }
+
+@@ -82,7 +82,7 @@ void metrics_sample_add(Metrics *metrics, uint64_t timestamp) {
+ * a sample is not currently running.
+ */
+ void metrics_sample_start(Metrics *metrics) {
+- c_assert(!metrics->timestamp);
++ c_assert(metrics->timestamp == METRICS_TIMESTAMP_INVALID);
+ metrics->timestamp = metrics_get_time(metrics);
+ }
+
+@@ -93,11 +93,11 @@ void metrics_sample_start(Metrics *metrics) {
+ * End a currently running sample, and update the internal state.
+ */
+ void metrics_sample_end(Metrics *metrics) {
+- c_assert(metrics->timestamp);
++ c_assert(metrics->timestamp != METRICS_TIMESTAMP_INVALID);
+
+ metrics_sample_add(metrics, metrics->timestamp);
+
+- metrics->timestamp = 0;
++ metrics->timestamp = METRICS_TIMESTAMP_INVALID;
+ }
+
+ /**
+diff --git a/src/util/metrics.h b/src/util/metrics.h
+index a8ee915..b00dee6 100644
+--- a/src/util/metrics.h
++++ b/src/util/metrics.h
+@@ -8,6 +8,8 @@
+ #include <stdlib.h>
+ #include <time.h>
+
++#define METRICS_TIMESTAMP_INVALID ((uint64_t) -1)
++
+ typedef struct Metrics Metrics;
+
+ struct Metrics {
+@@ -23,9 +25,10 @@ struct Metrics {
+ uint64_t sum_of_squares;
+ };
+
+-#define METRICS_INIT(_id) { \
+- .minimum = (uint64_t) -1, \
+- .id = (_id), \
++#define METRICS_INIT(_id) { \
++ .minimum = (uint64_t) -1, \
++ .id = (_id), \
++ .timestamp = METRICS_TIMESTAMP_INVALID, \
+ }
+
+ void metrics_init(Metrics *metrics, clockid_t id);
+--
+2.21.0
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
new file mode 100644
index 000000000..53f9e71aa
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch
@@ -0,0 +1,83 @@
+From 520c47c53deeb893e03194fefaf3c5b9223ede27 Mon Sep 17 00:00:00 2001
+From: David Rheinsberg <david.rheinsberg@gmail.com>
+Date: Fri, 10 May 2019 10:58:06 +0200
+Subject: [PATCH] dbus/socket: treat MSG_CTRUNC gracefully
+
+As it turns out, LSMs allow clients to trigger a MSG_CTRUNC on the
+remote side of a unix socket. Whenever LSMs reject the transmission of
+an FD, they will simply drop the FD and set MSG_CTRUNC, without any
+other error notification.
+
+Therefore, we must assume any occurance of MSG_CTRUNC is trigger by a
+client. This makes it impossible to consider MSG_CTRUNC for any other
+error handling, and as such we are left to disconnecting the client and
+ignoring the flag.
+
+Luckily, MSG_CTRUNC is expected for any other event, so we only used it
+for diagnostics so far.
+
+Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
+Upstream-Status: dbus-broker@520c47c53deeb893e03194fefaf3c5b9223ede27
+---
+ src/dbus/socket.c | 44 +++++++++++++++++++++++++++++++++-----------
+ 1 file changed, 33 insertions(+), 11 deletions(-)
+
+diff --git a/src/dbus/socket.c b/src/dbus/socket.c
+index cacdff2..6e6ba10 100644
+--- a/src/dbus/socket.c
++++ b/src/dbus/socket.c
+@@ -593,18 +593,40 @@ static int socket_recvmsg(Socket *socket,
+
+ if (msg.msg_flags & MSG_CTRUNC) {
+ /*
+- * This flag means the control-buffer was too small to retrieve
+- * all data. If this can be triggered remotely, it means a peer
+- * can cause us to miss FDs. Hence, we really must protect
+- * against this.
+- * We do provide suitably sized buffers to be prepared for any
+- * possible scenario. So if this happens, something is fishy
+- * and we better report it.
+- * Note that this is also reported by the kernel if we exceeded
+- * our NOFILE limit. Since this implies resource
+- * misconfiguration as well, we treat it the same way.
++ * Our control-buffer-size is carefully calculated to be big
++ * enough for any possible ancillary data we expect. Therefore,
++ * the kernel should never be required to truncate it, and thus
++ * MSG_CTRUNC will never be set. This is also foward compatible
++ * to future extensions to the ancillary data, since these must
++ * be enabled explicitly before the kernel considers forwarding
++ * them.
++ *
++ * Unfortunately, the SCM_RIGHTS implementation might set this
++ * flag as well. In particular, if not all FDs can be returned
++ * to user-space, MSG_CTRUNC will be set (signalling that the
++ * FD-set is non-complete). No other error is returned or
++ * signalled, though. There are several reasons why the FD
++ * transmission can fail. Most importantly, if we exhaust our
++ * FD limit, further FDs will simply be discarded. We are
++ * protected against this by our accounting-quotas, but we
++ * would still like to catch this condition and warn loudly.
++ * However, FDs are also dropped if the security layer refused
++ * the transmission of the FD in question. This means, if an
++ * LSM refuses the D-Bus client to send us an FD, the FD is
++ * just dropped and MSG_CTRUNC will be set. This can be
++ * triggered by clients.
++ *
++ * To summarize: In an ideal world, we would expect this flag
++ * to never be set, and we would just use
++ * `error_origin(-ENOTRECOVERABLE)` to provide diagnostics.
++ * Unfortunately, the gross misuse of this flag for LSM
++ * security enforcements means we have to assume any occurence
++ * of MSG_CTRUNC means the client was refused to send a
++ * specific message. Our only possible way to deal with this is
++ * to disconnect the client.
+ */
+- r = error_origin(-ENOTRECOVERABLE);
++ socket_close(socket);
++ r = SOCKET_E_LOST_INTEREST;
+ goto error;
+ }
+
+--
+2.21.0
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index 9cb59e336..b1633e16b 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -7,6 +7,9 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=7b486c2338d225a1405d979ed2c15ce8"
SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-broker-${PV}.tar.xz"
+SRC_URI += " file://0001-launch-improve-error-handling-for-opendir.patch"
+SRC_URI += " file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
+SRC_URI += " file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
SRC_URI[md5sum] = "a17886a92ab1e0bc2e4b1a274339e388"
SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v3 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES
2019-10-28 14:58 ` [meta-oe][PATCH v3 1/4] dbus-broker: 19 -> 21 luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 2/4] dbus-broker: backport patches from master luca.boccassi
@ 2019-10-28 14:58 ` luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 4/4] dbus-broker: add patch to fix build with musl libc luca.boccassi
2 siblings, 0 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:58 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: no changes
v3: no changes
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index b1633e16b..c509ff6f2 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -16,6 +16,7 @@ SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f6
inherit meson pkgconfig systemd distro_features_check
DEPENDS = "expat systemd"
+DEPENDS += " ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'libselinux', '', d)}"
REQUIRED_DISTRO_FEATURES = "systemd"
@@ -24,3 +25,5 @@ SYSTEMD_SERVICE_${PN} = "${BPN}.service"
FILES_${PN} += "${systemd_system_unitdir}"
FILES_${PN} += "${systemd_user_unitdir}"
FILES_${PN} += "${libdir}/systemd/catalog"
+
+EXTRA_OEMESON += " -Dselinux=${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'true', 'false', d)}"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [meta-oe][PATCH v3 4/4] dbus-broker: add patch to fix build with musl libc
2019-10-28 14:58 ` [meta-oe][PATCH v3 1/4] dbus-broker: 19 -> 21 luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 2/4] dbus-broker: backport patches from master luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
@ 2019-10-28 14:58 ` luca.boccassi
2 siblings, 0 replies; 15+ messages in thread
From: luca.boccassi @ 2019-10-28 14:58 UTC (permalink / raw)
To: openembedded-devel
From: Luca Boccassi <luca.boccassi@microsoft.com>
Forwarded upstream: https://github.com/bus1/dbus-broker/pull/214
---
v2: added
v3: no changes
...04-launcher-fix-build-with-musl-libc.patch | 38 +++++++++++++++++++
meta-oe/recipes-core/dbus/dbus-broker_21.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch b/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
new file mode 100644
index 000000000..0348d9722
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0004-launcher-fix-build-with-musl-libc.patch
@@ -0,0 +1,38 @@
+From fc1d26dd08c48c04fc9883b36a94c219aba2091c Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <luca.boccassi@microsoft.com>
+Date: Mon, 28 Oct 2019 14:31:38 +0000
+Subject: [PATCH] launcher: fix build with musl libc
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+../src/launch/launcher.c: In function ‘launcher_fork’:
+../src/launch/launcher.c:378:60: error: ‘WEXITED’ undeclared (first use in this function); did you mean ‘WIFEXITED’?
+ r = sd_event_add_child(launcher->event, NULL, pid, WEXITED, launcher_on_child_exit, launcher);
+ ^~~~~~~
+ WIFEXITED
+
+Include sys/wait.h which defines it.
+
+Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
+Suggested-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: pending https://github.com/bus1/dbus-broker/pull/214
+---
+ src/launch/launcher.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/launch/launcher.c b/src/launch/launcher.c
+index 2ec4bda..1f38fcf 100644
+--- a/src/launch/launcher.c
++++ b/src/launch/launcher.c
+@@ -10,6 +10,7 @@
+ #include <stdlib.h>
+ #include <sys/prctl.h>
+ #include <sys/un.h>
++#include <sys/wait.h>
+ #include <systemd/sd-bus.h>
+ #include <systemd/sd-daemon.h>
+ #include <systemd/sd-event.h>
+--
+2.20.1
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index c509ff6f2..d2d051070 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -10,6 +10,7 @@ SRC_URI = "https://github.com/bus1/dbus-broker/releases/download/v${PV}/dbus-bro
SRC_URI += " file://0001-launch-improve-error-handling-for-opendir.patch"
SRC_URI += " file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
SRC_URI += " file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
+SRC_URI += " file://0004-launcher-fix-build-with-musl-libc.patch"
SRC_URI[md5sum] = "a17886a92ab1e0bc2e4b1a274339e388"
SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
end of thread, other threads:[~2019-10-28 14:58 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-25 19:12 [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 luca.boccassi
2019-10-25 19:12 ` [meta-oe][PATCH 2/3] dbus-broker: backport patches from master luca.boccassi
2019-10-26 7:18 ` Khem Raj
2019-10-28 10:20 ` Luca Boccassi
2019-10-25 19:12 ` [meta-oe][PATCH 3/3] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
2019-10-26 7:09 ` [meta-oe][PATCH 1/3] dbus-broker: 19 -> 21 Khem Raj
2019-10-28 10:18 ` Luca Boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 1/4] " luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 2/4] dbus-broker: backport patches from master luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
2019-10-28 14:53 ` [meta-oe][PATCH v2 4/4] dbus-broker: add patch to fix build with musl libc luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 1/4] dbus-broker: 19 -> 21 luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 2/4] dbus-broker: backport patches from master luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 3/4] dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES luca.boccassi
2019-10-28 14:58 ` [meta-oe][PATCH v3 4/4] dbus-broker: add patch to fix build with musl libc luca.boccassi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.