[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/, sys-apps/systemd/files/ - gentoo-commits

From:	Mike Gilbert <floppym@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/, sys-apps/systemd/files/
Date:	Wed, 08 Sep 2021 18:29:58
Message-Id:	`1631125765.b4f43b6837d616fef3678a80562b0d483d0ce7cb.floppym@gentoo`

1

commit:     b4f43b6837d616fef3678a80562b0d483d0ce7cb

2

Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>

3

AuthorDate: Wed Sep  8 18:23:16 2021 +0000

4

Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>

5

CommitDate: Wed Sep  8 18:29:25 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4f43b68

7

8

sys-apps/systemd: backport FIDO2 fix

9

10

Closes: https://bugs.gentoo.org/811864

11

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

12

13

 sys-apps/systemd/files/249-fido2.patch             | 58 ++++++++++++++++++++++

14

 ...emd-249.4-r1.ebuild => systemd-249.4-r2.ebuild} |  1 +

15

 2 files changed, 59 insertions(+)

16

17

diff --git a/sys-apps/systemd/files/249-fido2.patch b/sys-apps/systemd/files/249-fido2.patch

18

new file mode 100644

19

index 00000000000..bbfa4afb540

20

--- /dev/null

21

+++ b/sys-apps/systemd/files/249-fido2.patch

22

@@ -0,0 +1,58 @@

23

+From b6aa89b0a399992c8ea762e6ec4f30cff90618f2 Mon Sep 17 00:00:00 2001

24

+From: pedro martelletto <pedro@××××××.com>

25

+Date: Wed, 8 Sep 2021 10:42:56 +0200

26

+Subject: [PATCH] explicitly close FIDO2 devices

27

+

28

+FIDO2 device access is serialised by libfido2 using flock().

29

+Therefore, make sure to close a FIDO2 device once we are done

30

+with it, or we risk opening it again at a later point and

31

+deadlocking. Fixes #20664.

32

+---

33

+ src/shared/libfido2-util.c | 2 ++

34

+ src/shared/libfido2-util.h | 5 ++++-

35

+ 2 files changed, 6 insertions(+), 1 deletion(-)

36

+

37

+diff --git a/src/shared/libfido2-util.c b/src/shared/libfido2-util.c

38

+index 12c644dcfcce..6d18178b68c9 100644

39

+--- a/src/shared/libfido2-util.c

40

++++ b/src/shared/libfido2-util.c

41

+@@ -58,6 +58,7 @@ bool (*sym_fido_dev_is_fido2)(const fido_dev_t *) = NULL;

42

+ int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *) = NULL;

43

+ fido_dev_t* (*sym_fido_dev_new)(void) = NULL;

44

+ int (*sym_fido_dev_open)(fido_dev_t *, const char *) = NULL;

45

++int (*sym_fido_dev_close)(fido_dev_t *) = NULL;

46

+ const char* (*sym_fido_strerr)(int) = NULL;

47

+

48

+ int dlopen_libfido2(void) {

49

+@@ -106,6 +107,7 @@ int dlopen_libfido2(void) {

50

+                         DLSYM_ARG(fido_dev_make_cred),

51

+                         DLSYM_ARG(fido_dev_new),

52

+                         DLSYM_ARG(fido_dev_open),

53

++                        DLSYM_ARG(fido_dev_close),

54

+                         DLSYM_ARG(fido_strerr));

55

+ }

56

+

57

+diff --git a/src/shared/libfido2-util.h b/src/shared/libfido2-util.h

58

+index 5640cca5e39b..4ebf8ab77509 100644

59

+--- a/src/shared/libfido2-util.h

60

++++ b/src/shared/libfido2-util.h

61

+@@ -60,6 +60,7 @@ extern bool (*sym_fido_dev_is_fido2)(const fido_dev_t *);

62

+ extern int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *);

63

+ extern fido_dev_t* (*sym_fido_dev_new)(void);

64

+ extern int (*sym_fido_dev_open)(fido_dev_t *, const char *);

65

++extern int (*sym_fido_dev_close)(fido_dev_t *);

66

+ extern const char* (*sym_fido_strerr)(int);

67

+

68

+ int dlopen_libfido2(void);

69

+@@ -75,8 +76,10 @@ static inline void fido_assert_free_wrapper(fido_assert_t **p) {

70

+ }

71

+

72

+ static inline void fido_dev_free_wrapper(fido_dev_t **p) {

73

+-        if (*p)

74

++        if (*p) {

75

++                sym_fido_dev_close(*p);

76

+                 sym_fido_dev_free(p);

77

++        }

78

+ }

79

+

80

+ static inline void fido_cred_free_wrapper(fido_cred_t **p) {

81

82

diff --git a/sys-apps/systemd/systemd-249.4-r1.ebuild b/sys-apps/systemd/systemd-249.4-r2.ebuild

83

similarity index 99%

84

rename from sys-apps/systemd/systemd-249.4-r1.ebuild

85

rename to sys-apps/systemd/systemd-249.4-r2.ebuild

86

index 6c7937f4e0e..95d20177016 100644

87

--- a/sys-apps/systemd/systemd-249.4-r1.ebuild

88

+++ b/sys-apps/systemd/systemd-249.4-r2.ebuild

89

@@ -226,6 +226,7 @@ src_prepare() {

90

 	# Add local patches here

91

 	PATCHES+=(

92

 		"${FILESDIR}/249-libudev-static.patch"

93

+		"${FILESDIR}/249-fido2.patch"

94

)

95

96

 	if ! use vanilla; then

1	commit: b4f43b6837d616fef3678a80562b0d483d0ce7cb
2	Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
3	AuthorDate: Wed Sep 8 18:23:16 2021 +0000
4	Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
5	CommitDate: Wed Sep 8 18:29:25 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4f43b68
7
8	sys-apps/systemd: backport FIDO2 fix
9
10	Closes: https://bugs.gentoo.org/811864
11	Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
12
13	sys-apps/systemd/files/249-fido2.patch \| 58 ++++++++++++++++++++++
14	...emd-249.4-r1.ebuild => systemd-249.4-r2.ebuild} \| 1 +
15	2 files changed, 59 insertions(+)
16
17	diff --git a/sys-apps/systemd/files/249-fido2.patch b/sys-apps/systemd/files/249-fido2.patch
18	new file mode 100644
19	index 00000000000..bbfa4afb540
20	--- /dev/null
21	+++ b/sys-apps/systemd/files/249-fido2.patch
22	@@ -0,0 +1,58 @@
23	+From b6aa89b0a399992c8ea762e6ec4f30cff90618f2 Mon Sep 17 00:00:00 2001
24	+From: pedro martelletto <pedro@××××××.com>
25	+Date: Wed, 8 Sep 2021 10:42:56 +0200
26	+Subject: [PATCH] explicitly close FIDO2 devices
27	+
28	+FIDO2 device access is serialised by libfido2 using flock().
29	+Therefore, make sure to close a FIDO2 device once we are done
30	+with it, or we risk opening it again at a later point and
31	+deadlocking. Fixes #20664.
32	+---
33	+ src/shared/libfido2-util.c \| 2 ++
34	+ src/shared/libfido2-util.h \| 5 ++++-
35	+ 2 files changed, 6 insertions(+), 1 deletion(-)
36	+
37	+diff --git a/src/shared/libfido2-util.c b/src/shared/libfido2-util.c
38	+index 12c644dcfcce..6d18178b68c9 100644
39	+--- a/src/shared/libfido2-util.c
40	++++ b/src/shared/libfido2-util.c
41	+@@ -58,6 +58,7 @@ bool (sym_fido_dev_is_fido2)(const fido_dev_t ) = NULL;
42	+ int (sym_fido_dev_make_cred)(fido_dev_t , fido_cred_t , const char ) = NULL;
43	+ fido_dev_t* (*sym_fido_dev_new)(void) = NULL;
44	+ int (sym_fido_dev_open)(fido_dev_t , const char *) = NULL;
45	++int (sym_fido_dev_close)(fido_dev_t ) = NULL;
46	+ const char* (*sym_fido_strerr)(int) = NULL;
47	+
48	+ int dlopen_libfido2(void) {
49	+@@ -106,6 +107,7 @@ int dlopen_libfido2(void) {
50	+ DLSYM_ARG(fido_dev_make_cred),
51	+ DLSYM_ARG(fido_dev_new),
52	+ DLSYM_ARG(fido_dev_open),
53	++ DLSYM_ARG(fido_dev_close),
54	+ DLSYM_ARG(fido_strerr));
55	+ }
56	+
57	+diff --git a/src/shared/libfido2-util.h b/src/shared/libfido2-util.h
58	+index 5640cca5e39b..4ebf8ab77509 100644
59	+--- a/src/shared/libfido2-util.h
60	++++ b/src/shared/libfido2-util.h
61	+@@ -60,6 +60,7 @@ extern bool (sym_fido_dev_is_fido2)(const fido_dev_t );
62	+ extern int (sym_fido_dev_make_cred)(fido_dev_t , fido_cred_t , const char );
63	+ extern fido_dev_t* (*sym_fido_dev_new)(void);
64	+ extern int (sym_fido_dev_open)(fido_dev_t , const char *);
65	++extern int (sym_fido_dev_close)(fido_dev_t );
66	+ extern const char* (*sym_fido_strerr)(int);
67	+
68	+ int dlopen_libfido2(void);
69	+@@ -75,8 +76,10 @@ static inline void fido_assert_free_wrapper(fido_assert_t **p) {
70	+ }
71	+
72	+ static inline void fido_dev_free_wrapper(fido_dev_t **p) {
73	+- if (*p)
74	++ if (*p) {
75	++ sym_fido_dev_close(*p);
76	+ sym_fido_dev_free(p);
77	++ }
78	+ }
79	+
80	+ static inline void fido_cred_free_wrapper(fido_cred_t **p) {
81
82	diff --git a/sys-apps/systemd/systemd-249.4-r1.ebuild b/sys-apps/systemd/systemd-249.4-r2.ebuild
83	similarity index 99%
84	rename from sys-apps/systemd/systemd-249.4-r1.ebuild
85	rename to sys-apps/systemd/systemd-249.4-r2.ebuild
86	index 6c7937f4e0e..95d20177016 100644
87	--- a/sys-apps/systemd/systemd-249.4-r1.ebuild
88	+++ b/sys-apps/systemd/systemd-249.4-r2.ebuild
89	@@ -226,6 +226,7 @@ src_prepare() {
90	# Add local patches here
91	PATCHES+=(
92	"${FILESDIR}/249-libudev-static.patch"
93	+ "${FILESDIR}/249-fido2.patch"
94	)
95
96	if ! use vanilla; then

Gentoo Archives: gentoo-commits