[gentoo-commits] repo/gentoo:master commit in: sys-apps/rng-tools/, sys-apps/rng-tools/files/ - gentoo-commits

From:	"Michał Górny" <mgorny@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-apps/rng-tools/, sys-apps/rng-tools/files/
Date:	Mon, 05 Oct 2015 17:05:52
Message-Id:	`1443686986.2b90c55c6656d33d8a2dc6a679a85c6f8d29310d.mgorny@gentoo`

1

commit:     2b90c55c6656d33d8a2dc6a679a85c6f8d29310d

2

Author:     Gokturk Yuksek <gokturk <AT> binghamton <DOT> edu>

3

AuthorDate: Thu Oct  1 08:06:35 2015 +0000

4

Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>

5

CommitDate: Thu Oct  1 08:09:46 2015 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2b90c55c

7

8

sys-apps/rng-tools: open entropy src with O_NOCTTY flag #556456

9

10

This revision patches the source file 'rngd_entsource.c', adding 'O_NOCTTY'

11

flag to the open() call that opens the entropy source for rngd.

12

13

Gentoo-Bug: https://bugs.gentoo.org/556456

14

15

Package-Manager: portage-2.2.20.1

16

17

 .../rng-tools/files/rng-tools-5-fix-noctty.patch   | 45 ++++++++++++++++++++++

18

 sys-apps/rng-tools/rng-tools-5-r2.ebuild           |  1 +

19

 2 files changed, 46 insertions(+)

20

21

diff --git a/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch b/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch

22

new file mode 100644

23

index 0000000..a48b235

24

--- /dev/null

25

+++ b/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch

26

@@ -0,0 +1,45 @@

27

+From: Gokturk Yuksek <gokturk@××××××××××.edu>

28

+Subject: [PATCH] Fix rngd to open the entropy source with 'O_NOCTTY' flag

29

+

30

+When start-stop-daemon starts a rngd instance configured to use a tty

31

+device as its entropy source, the application crashes due to not being

32

+able to read from the entropy device. This is caused by

33

+start-stop-daemon calling setsid() before executing rngd, which

34

+disassociates the controlling terminal. When rngd attempts to open a

35

+hardware entropy source that's a tty device, per POSIX rules, the

36

+device becomes the controlling terminal for the process. Then rngd

37

+calls daemon(), which internally calls setsid(), and consequently

38

+disassociates the controlling terminal for the child. Meanwhile the

39

+parent rngd process exits. This results in tty device hanging up. By

40

+looking at the strace logs attached to the bug, it can be observed

41

+that although the parent rngd process is able to read() from the

42

+entropy source successfully, further attempts to read() by the child

43

+rngd process return 0. This complies with the POSIX, which states that

44

+read() calls on a hung up terminal shall return 0.

45

+

46

+Note that when rngd is started without start-stop-daemon, this problem

47

+does not happen because at the time of opening the entropy source rngd

48

+already has a controlling terminal.

49

+

50

+Prevent the entropy source from becoming the controlling terminal by

51

+passing 'O_NOCTTY' flag to open() when opening an entropy source. This

52

+flag prevents a tty device from becoming the controlling terminal for

53

+a process without a controlling terminal at the time of open().

54

+

55

+Thanks to John Bowler <jbowler@×××.org> for debugging the problem and

56

+pinpointing the issue as well as confirming the fix.

57

+

58

+Gentoo-Bug-URL: https://bugs.gentoo.org/556456

59

+Reported-By: John Bowler <jbowler@×××.org>

60

+

61

+--- rngd_entsource.c

62

++++ rngd_entsource.c

63

+@@ -175,7 +175,7 @@

64

+  */

65

+ int init_entropy_source(struct rng *ent_src)

66

+ {

67

+-	ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY);

68

++	ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY | O_NOCTTY);

69

+ 	if (ent_src->rng_fd == -1) {

70

+ 		return 1;

71

+ 	}

72

73

diff --git a/sys-apps/rng-tools/rng-tools-5-r2.ebuild b/sys-apps/rng-tools/rng-tools-5-r2.ebuild

74

index 61e60b0..a104f8b 100644

75

--- a/sys-apps/rng-tools/rng-tools-5-r2.ebuild

76

+++ b/sys-apps/rng-tools/rng-tools-5-r2.ebuild

77

@@ -26,6 +26,7 @@ src_prepare() {

78

 	epatch "${FILESDIR}"/${P}-fix-textrels-on-PIC-x86.patch #469962

79

 	epatch "${FILESDIR}"/${P}-man-fill-watermark.patch #555094

80

 	epatch "${FILESDIR}"/${P}-man-rng-device.patch #555106

81

+	epatch "${FILESDIR}"/${P}-fix-noctty.patch #556456

82

 	eautoreconf

83

84

 	sed -i '/^AR /d' Makefile.in || die

1	commit: 2b90c55c6656d33d8a2dc6a679a85c6f8d29310d
2	Author: Gokturk Yuksek <gokturk <AT> binghamton <DOT> edu>
3	AuthorDate: Thu Oct 1 08:06:35 2015 +0000
4	Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
5	CommitDate: Thu Oct 1 08:09:46 2015 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2b90c55c
7
8	sys-apps/rng-tools: open entropy src with O_NOCTTY flag #556456
9
10	This revision patches the source file 'rngd_entsource.c', adding 'O_NOCTTY'
11	flag to the open() call that opens the entropy source for rngd.
12
13	Gentoo-Bug: https://bugs.gentoo.org/556456
14
15	Package-Manager: portage-2.2.20.1
16
17	.../rng-tools/files/rng-tools-5-fix-noctty.patch \| 45 ++++++++++++++++++++++
18	sys-apps/rng-tools/rng-tools-5-r2.ebuild \| 1 +
19	2 files changed, 46 insertions(+)
20
21	diff --git a/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch b/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch
22	new file mode 100644
23	index 0000000..a48b235
24	--- /dev/null
25	+++ b/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch
26	@@ -0,0 +1,45 @@
27	+From: Gokturk Yuksek <gokturk@××××××××××.edu>
28	+Subject: [PATCH] Fix rngd to open the entropy source with 'O_NOCTTY' flag
29	+
30	+When start-stop-daemon starts a rngd instance configured to use a tty
31	+device as its entropy source, the application crashes due to not being
32	+able to read from the entropy device. This is caused by
33	+start-stop-daemon calling setsid() before executing rngd, which
34	+disassociates the controlling terminal. When rngd attempts to open a
35	+hardware entropy source that's a tty device, per POSIX rules, the
36	+device becomes the controlling terminal for the process. Then rngd
37	+calls daemon(), which internally calls setsid(), and consequently
38	+disassociates the controlling terminal for the child. Meanwhile the
39	+parent rngd process exits. This results in tty device hanging up. By
40	+looking at the strace logs attached to the bug, it can be observed
41	+that although the parent rngd process is able to read() from the
42	+entropy source successfully, further attempts to read() by the child
43	+rngd process return 0. This complies with the POSIX, which states that
44	+read() calls on a hung up terminal shall return 0.
45	+
46	+Note that when rngd is started without start-stop-daemon, this problem
47	+does not happen because at the time of opening the entropy source rngd
48	+already has a controlling terminal.
49	+
50	+Prevent the entropy source from becoming the controlling terminal by
51	+passing 'O_NOCTTY' flag to open() when opening an entropy source. This
52	+flag prevents a tty device from becoming the controlling terminal for
53	+a process without a controlling terminal at the time of open().
54	+
55	+Thanks to John Bowler <jbowler@×××.org> for debugging the problem and
56	+pinpointing the issue as well as confirming the fix.
57	+
58	+Gentoo-Bug-URL: https://bugs.gentoo.org/556456
59	+Reported-By: John Bowler <jbowler@×××.org>
60	+
61	+--- rngd_entsource.c
62	++++ rngd_entsource.c
63	+@@ -175,7 +175,7 @@
64	+ */
65	+ int init_entropy_source(struct rng *ent_src)
66	+ {
67	+- ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY);
68	++ ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY \| O_NOCTTY);
69	+ if (ent_src->rng_fd == -1) {
70	+ return 1;
71	+ }
72
73	diff --git a/sys-apps/rng-tools/rng-tools-5-r2.ebuild b/sys-apps/rng-tools/rng-tools-5-r2.ebuild
74	index 61e60b0..a104f8b 100644
75	--- a/sys-apps/rng-tools/rng-tools-5-r2.ebuild
76	+++ b/sys-apps/rng-tools/rng-tools-5-r2.ebuild
77	@@ -26,6 +26,7 @@ src_prepare() {
78	epatch "${FILESDIR}"/${P}-fix-textrels-on-PIC-x86.patch #469962
79	epatch "${FILESDIR}"/${P}-man-fill-watermark.patch #555094
80	epatch "${FILESDIR}"/${P}-man-rng-device.patch #555106
81	+ epatch "${FILESDIR}"/${P}-fix-noctty.patch #556456
82	eautoreconf
83
84	sed -i '/^AR /d' Makefile.in \|\| die

Gentoo Archives: gentoo-commits