packages/policycoreutils
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!51 backport patches from upstream

Browse Source 
From: @godvi 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
This commit is contained in:
openeuler-ci-bot 2022-11-26 07:50:36 +00:00 committed by Gitee
commit 679cc93b92
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
7 changed files with 315 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
backport-newrole-check-for-crypt-3-failure.patch Normal file
View File

@ -0,0 +1,35 @@
From 1af808982460ec74a23820dcc4d582bb39e2b223 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 22 Feb 2022 14:51:42 +0100
Subject: [PATCH] newrole: check for crypt(3) failure
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Depending on the implementation crypt(3) can fail either by returning
NULL, or returning a pointer to an invalid hash and setting errno.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
policycoreutils/newrole/newrole.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index c99898635..781f99b63 100644
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -368,9 +368,14 @@ static int authenticate_via_shadow_passwd(const char *uname)
}
/* Use crypt() to encrypt user's input password. */
+ errno = 0;
encrypted_password_s = crypt(unencrypted_password_s,
p_shadow_line->sp_pwdp);
memset(unencrypted_password_s, 0, strlen(unencrypted_password_s));
+ if (errno || !encrypted_password_s) {
+ fprintf(stderr, _("Cannot encrypt password.\n"));
+ return 0;
+ }
return (!strcmp(encrypted_password_s, p_shadow_line->sp_pwdp));
}
#endif /* if/else USE_PAM */

63
backport-newrole-ensure-password-memory-erasure.patch Normal file
View File

@ -0,0 +1,63 @@
From c71d14e824e965e42493f5275d90272ab0c6825c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 22 Feb 2022 14:51:43 +0100
Subject: [PATCH] newrole: ensure password memory erasure
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Compiler can optimize calls to memset(3), due to the as-if rule, away if
the object is not accessed later on. Use a wrapper using volatile
pointers to ensure the memory is guaranteed to be erased. Also erase
the encrypted password.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
policycoreutils/newrole/newrole.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index 781f99b63..ae37d7253 100644
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -333,6 +333,14 @@ static int read_pam_config(void)
#define PASSWORD_PROMPT _("Password:") /* prompt for getpass() */
+static void memzero(void *ptr, size_t size)
+{
+ volatile unsigned char * volatile p = ptr;
+ while (size--) {
+ *p++ = '\0';
+ }
+}
+
/* authenticate_via_shadow_passwd()
*
* in: uname - the calling user's user name
@@ -351,6 +359,7 @@ static int authenticate_via_shadow_passwd(const char *uname)
struct spwd *p_shadow_line;
char *unencrypted_password_s;
char *encrypted_password_s;
+ int ret;
setspent();
p_shadow_line = getspnam(uname);
@@ -371,12 +380,15 @@ static int authenticate_via_shadow_passwd(const char *uname)
errno = 0;
encrypted_password_s = crypt(unencrypted_password_s,
p_shadow_line->sp_pwdp);
- memset(unencrypted_password_s, 0, strlen(unencrypted_password_s));
+ memzero(unencrypted_password_s, strlen(unencrypted_password_s));
if (errno || !encrypted_password_s) {
fprintf(stderr, _("Cannot encrypt password.\n"));
return 0;
}
- return (!strcmp(encrypted_password_s, p_shadow_line->sp_pwdp));
+
+ ret = !strcmp(encrypted_password_s, p_shadow_line->sp_pwdp);
+ memzero(encrypted_password_s, strlen(encrypted_password_s));
+ return ret;
}
#endif /* if/else USE_PAM */

73
backport-policycoreutils-handle-argument-counter-of-zero.patch Normal file
View File

@ -0,0 +1,73 @@
From 9229f8b3b7348e4990c8493365d68ff241cfbeb7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Wed, 26 Jan 2022 15:56:45 +0100
Subject: [PATCH] policycoreutils: handle argument counter of zero
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The number of arguments passed to main(), argc, can be zero if the
pathname passed to execve(2) is NULL, e.g. via:
execve("/path/to/exe", {NULL}, {NULL});
Also avoid NULL pointer dereferences on the argument value.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
policycoreutils/run_init/open_init_pty.c | 2 +-
policycoreutils/secon/secon.c | 3 +++
policycoreutils/setfiles/setfiles.c | 6 +++++-
3 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/policycoreutils/run_init/open_init_pty.c b/policycoreutils/run_init/open_init_pty.c
index 150cb45ee..19101c506 100644
--- a/policycoreutils/run_init/open_init_pty.c
+++ b/policycoreutils/run_init/open_init_pty.c
@@ -244,7 +244,7 @@ int main(int argc, char *argv[])
rb_init(&inbuf, inbuf_mem, sizeof(inbuf_mem));
rb_init(&outbuf, outbuf_mem, sizeof(outbuf_mem));
- if (argc == 1) {
+ if (argc < 2) {
printf("usage: %s PROGRAM [ARGS]...\n", argv[0]);
exit(1);
}
diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c
index a0957d091..d624fa136 100644
--- a/policycoreutils/secon/secon.c
+++ b/policycoreutils/secon/secon.c
@@ -333,6 +333,9 @@ static void cmd_line(int argc, char *argv[])
opts->from_type = OPTS_FROM_CUR;
if (opts->from_type == OPTS_FROM_ARG) {
+ if (!argv[0])
+ errx(EXIT_FAILURE, "No argument given");
+
opts->f.arg = argv[0];
if (xstreq(argv[0], "-"))
diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c
index 44cab46d0..ab7016aca 100644
--- a/policycoreutils/setfiles/setfiles.c
+++ b/policycoreutils/setfiles/setfiles.c
@@ -163,6 +163,10 @@ int main(int argc, char **argv)
policyfile = NULL;
r_opts.abort_on_error = 0;
+ if (!argv[0]) {
+ fprintf(stderr, "Called without required program name!\n");
+ exit(-1);
+ }
r_opts.progname = strdup(argv[0]);
if (!r_opts.progname) {
fprintf(stderr, "%s: Out of memory!\n", argv[0]);
@@ -423,7 +427,7 @@ int main(int argc, char **argv)
altpath = argv[optind];
optind++;
- } else if (argc == 1)
+ } else if (argc < 2)
usage(argv[0]);
/* Set selabel_open options. */

63
backport-python-Split-semanage-import-into-two-transactions.patch Normal file
View File

@ -0,0 +1,63 @@
From abaf812c3877f6b595eb8643582eacef2dd4df3f Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Mon, 30 May 2022 14:20:21 +0200
Subject: [PATCH] python: Split "semanage import" into two transactions
First transaction applies all deletion operations, so that there are no
collisions when applying the rest of the changes.
Fixes:
# semanage port -a -t http_cache_port_t -r s0 -p tcp 3024
# semanage export | semanage import
ValueError: Port tcp/3024 already defined
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
---
python/semanage/semanage | 21 +++++++++++++++++++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/python/semanage/semanage b/python/semanage/semanage
index 8f4e44a7..1d828128 100644
--- a/python/semanage/semanage
+++ b/python/semanage/semanage
@@ -852,10 +852,29 @@ def handleImport(args):
trans = seobject.semanageRecords(args)
trans.start()
+ deleteCommands = []
+ commands = []
+ # separate commands for deletion from the rest so they can be
+ # applied in a separate transaction
for l in sys.stdin.readlines():
if len(l.strip()) == 0:
continue
+ if "-d" in l or "-D" in l:
+ deleteCommands.append(l)
+ else:
+ commands.append(l)
+
+ if deleteCommands:
+ importHelper(deleteCommands)
+ trans.finish()
+ trans.start()
+
+ importHelper(commands)
+ trans.finish()
+
+def importHelper(commands):
+ for l in commands:
try:
commandParser = createCommandParser()
args = commandParser.parse_args(mkargv(l))
@@ -869,8 +888,6 @@ def handleImport(args):
except KeyboardInterrupt:
sys.exit(0)
- trans.finish()
-
def setupImportParser(subparsers):
importParser = subparsers.add_parser('import', help=_('Import local customizations'))
--
2.23.0

48
backport-python-audit2allow-close-file-stream-on-error.patch Normal file
View File

@ -0,0 +1,48 @@
From c14a86af9a2304175e54897634f808b42345325b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Fri, 20 May 2022 14:51:07 +0200
Subject: [PATCH] python/audit2allow: close file stream on error
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
sepolgen-ifgen-attr-helper.c: In function load_policy:
sepolgen-ifgen-attr-helper.c:196:17: warning: leak of FILE fp [CWE-775] [-Wanalyzer-file-leak]
196 | fprintf(stderr, "Out of memory!\n");
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
---
python/audit2allow/sepolgen-ifgen-attr-helper.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/python/audit2allow/sepolgen-ifgen-attr-helper.c b/python/audit2allow/sepolgen-ifgen-attr-helper.c
index 6f3ba962..5e6cffc1 100644
--- a/python/audit2allow/sepolgen-ifgen-attr-helper.c
+++ b/python/audit2allow/sepolgen-ifgen-attr-helper.c
@@ -194,12 +194,14 @@ static policydb_t *load_policy(const char *filename)
policydb = malloc(sizeof(policydb_t));
if (policydb == NULL) {
fprintf(stderr, "Out of memory!\n");
+ fclose(fp);
return NULL;
}
if (policydb_init(policydb)) {
fprintf(stderr, "Out of memory!\n");
free(policydb);
+ fclose(fp);
return NULL;
}
@@ -208,6 +210,7 @@ static policydb_t *load_policy(const char *filename)
fprintf(stderr,
"error(s) encountered while parsing configuration\n");
free(policydb);
+ fclose(fp);
return NULL;
}
--
2.23.0

24
backport-semodule_package-Close-leaking-fd.patch Normal file
View File

@ -0,0 +1,24 @@
From ac16531b5ab6c40bdf5eae91c8cf7ae25355d61a Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Fri, 1 Apr 2022 15:35:48 +0200
Subject: [PATCH] semodule_package: Close leaking fd
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
---
semodule-utils/semodule_package/semodule_package.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/semodule-utils/semodule_package/semodule_package.c b/semodule-utils/semodule_package/semodule_package.c
index 3515234e..bc8584b5 100644
--- a/semodule-utils/semodule_package/semodule_package.c
+++ b/semodule-utils/semodule_package/semodule_package.c
@@ -73,6 +73,7 @@ static int file_to_data(const char *path, char **data, size_t * len)
goto err;
}
if (!sb.st_size) {
+ close(fd);
*len = 0;
return 0;
}
--
2.23.0

10
policycoreutils.spec
View File

@ -3,7 +3,7 @@
Name: policycoreutils
Version: 3.3
Release: 2
Release: 3
Summary: Policy core utilities of selinux
License: GPLv2
URL: https://github.com/SELinuxProject
@ -16,6 +16,11 @@ Source11: selinux-autorelabel-generator.sh
Patch0: fix-fixfiles-N-date-function.patch
Patch1: fix-fixfiles-N-date-function-two.patch
Patch2: backport-newrole-check-for-crypt-3-failure.patch
Patch3: backport-newrole-ensure-password-memory-erasure.patch
Patch4: backport-semodule_package-Close-leaking-fd.patch
Patch5: backport-python-Split-semanage-import-into-two-transactions.patch
Patch6: backport-python-audit2allow-close-file-stream-on-error.patch
BuildRequires: gcc
BuildRequires: pam-devel libsepol-static >= 3.3 libsemanage-static >= 3.3 libselinux-devel >= 3.3 libcap-devel audit-libs-devel gettext
@ -256,6 +261,9 @@ find %{buildroot}%{python3_sitelib} %{buildroot}%{python3_sitearch} \
%{_mandir}/*
%changelog
* Tue Nov 15 2022 shenxiangwei <shenxiangwei1@huawei.com> - 3.3-3
- backport patches from upstream
* Thu Jun 30 2022 lujie <lujie54@huawei.com> - 3.3-2
- update policycoreutils tar.gz