diff --git a/SOURCES/0246-elf-util-discard-PT_LOAD-segment-early-based-on-the-.patch b/SOURCES/0246-elf-util-discard-PT_LOAD-segment-early-based-on-the-.patch new file mode 100644 index 0000000..fef3ddf --- /dev/null +++ b/SOURCES/0246-elf-util-discard-PT_LOAD-segment-early-based-on-the-.patch @@ -0,0 +1,69 @@ +From ea011ddb65272c74d6378deae3f3a3365aadd77d Mon Sep 17 00:00:00 2001 +From: Romain Geissler +Date: Tue, 20 Jun 2023 16:06:31 +0000 +Subject: [PATCH] elf-util: discard PT_LOAD segment early based on the start + address. + +Indeed when iterating over all the PT_LOAD segment of the core dump +while trying to look for the elf headers of a given module, we iterate +over them all and try to use the first one for which we can parse a +package metadata, but the start address is never taken into account, +so absolutely nothing guarantees we actually parse the right ELF header +of the right module we are currently iterating on. + +This was tested like this: + - Create a core dump using sleep on a fedora 37 container, with an + explicit LD_PRELOAD of a library having a valid package metadata: + + podman run -t -i --rm -v $(pwd):$(pwd) -w $(pwd) fedora:37 bash -x -c \ + 'LD_PRELOAD=libreadline.so.8 sleep 1000 & SLEEP_PID="$!" && sleep 1 && kill -11 "${SLEEP_PID}" && mv "core.${SLEEP_PID}" the-core' + + - Then from a fedora 38 container with systemd installed, the resulting + core dump has been passed to systemd-coredump with and without this + patch. Without this patch, we get: + + Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64 + Module /usr/lib64/libtinfo.so.6.3 from rpm coreutils-9.1-8.fc37.x86_64 + Module /usr/lib64/libc.so.6 from rpm coreutils-9.1-8.fc37.x86_64 + Module /usr/lib64/libreadline.so.8.2 from rpm coreutils-9.1-8.fc37.x86_64 + Module /usr/lib64/ld-linux-x86-64.so.2 from rpm coreutils-9.1-8.fc37.x86_64 + + While with this patch we get: + + Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64 + Module /usr/lib64/libtinfo.so.6.3 from rpm ncurses-6.3-5.20220501.fc37.x86_64 + Module /usr/lib64/libreadline.so.8.2 from rpm readline-8.2-2.fc37.x86_64 + +So the parsed package metadata reported by systemd-coredump when the module +files are not found on the host (ie the case of crash inside a container) are +now correct. The inconsistency of the first module in the above example +(sleep is indeed not provided by the bash package) can be ignored as it +is a consequence of how this was tested. + +In addition to this, this also fixes the performance issue of +systemd-coredump in case of the crashing process uses a large number of +shared libraries and having no package metadata, as reported in +https://sourceware.org/pipermail/elfutils-devel/2023q2/006225.html. + +(cherry picked from commit 21a2c735e2bfdc3bfdc42f894d6e3d00f4a38dcd) + +Resolves: #2222259 +--- + src/shared/elf-util.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c +index 181735409d..d746f3ab3f 100644 +--- a/src/shared/elf-util.c ++++ b/src/shared/elf-util.c +@@ -538,6 +538,10 @@ static int module_callback(Dwfl_Module *mod, void **userdata, const char *name, + if (!program_header || program_header->p_type != PT_LOAD) + continue; + ++ /* This PT_LOAD segment doesn't contain the start address, so it can't be the module we are looking for. */ ++ if (start < program_header->p_vaddr || start >= program_header->p_vaddr + program_header->p_memsz) ++ continue; ++ + /* Now get a usable Elf reference, and parse the notes from it. */ + data = sym_elf_getdata_rawchunk(elf, + program_header->p_offset, diff --git a/SOURCES/0247-elf-util-check-for-overflow-when-computing-end-of-co.patch b/SOURCES/0247-elf-util-check-for-overflow-when-computing-end-of-co.patch new file mode 100644 index 0000000..d3e2bcf --- /dev/null +++ b/SOURCES/0247-elf-util-check-for-overflow-when-computing-end-of-co.patch @@ -0,0 +1,40 @@ +From 2fcb340ec5faf51a8d9b0cb2ddd8386b4db6a33d Mon Sep 17 00:00:00 2001 +From: Romain Geissler +Date: Thu, 22 Jun 2023 16:05:18 +0000 +Subject: [PATCH] elf-util: check for overflow when computing end of core's + PT_LOAD segments + +(cherry picked from commit 3965f173eae4701a014113cfaf4a28a6bb63bed7) + +Resolves: #2222259 +--- + src/shared/elf-util.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c +index d746f3ab3f..bde5013b92 100644 +--- a/src/shared/elf-util.c ++++ b/src/shared/elf-util.c +@@ -532,14 +532,21 @@ static int module_callback(Dwfl_Module *mod, void **userdata, const char *name, + for (size_t i = 0; i < n_program_headers; ++i) { + GElf_Phdr mem, *program_header; + Elf_Data *data; ++ GElf_Addr end_of_segment; + + /* The core file stores the ELF files in the PT_LOAD segment. */ + program_header = sym_gelf_getphdr(elf, i, &mem); + if (!program_header || program_header->p_type != PT_LOAD) + continue; + ++ /* Check that the end of segment is a valid address. */ ++ if (__builtin_add_overflow(program_header->p_vaddr, program_header->p_memsz, &end_of_segment)) { ++ log_error("Abort due to corrupted core dump, end of segment address %#zx + %#zx overflows", (size_t)program_header->p_vaddr, (size_t)program_header->p_memsz); ++ return DWARF_CB_ABORT; ++ } ++ + /* This PT_LOAD segment doesn't contain the start address, so it can't be the module we are looking for. */ +- if (start < program_header->p_vaddr || start >= program_header->p_vaddr + program_header->p_memsz) ++ if (start < program_header->p_vaddr || start >= end_of_segment) + continue; + + /* Now get a usable Elf reference, and parse the notes from it. */ diff --git a/SOURCES/0248-manager-don-t-taint-the-host-if-cgroups-v1-is-used.patch b/SOURCES/0248-manager-don-t-taint-the-host-if-cgroups-v1-is-used.patch new file mode 100644 index 0000000..8413fcd --- /dev/null +++ b/SOURCES/0248-manager-don-t-taint-the-host-if-cgroups-v1-is-used.patch @@ -0,0 +1,64 @@ +From 6c4090a8bdf54928e43c21d7443d2e6825ed6d1f Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Tue, 9 May 2023 13:15:06 +0200 +Subject: [PATCH] manager: don't taint the host if cgroups v1 is used + +In upstream of systemd, cgroups v1 are not considered as supported. +This is not true for RHEL, don't taint the host when cgroups v1 are enabled. + +rhel-only + +Resolves: #2196479 +--- + man/org.freedesktop.systemd1.xml | 6 ------ + src/core/manager.c | 3 --- + src/test/test-manager.c | 5 ----- + 3 files changed, 14 deletions(-) + +diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml +index 40510c43eb..13a84af747 100644 +--- a/man/org.freedesktop.systemd1.xml ++++ b/man/org.freedesktop.systemd1.xml +@@ -1589,12 +1589,6 @@ node /org/freedesktop/systemd1 { + Support for cgroups is unavailable. + + +- +- cgroupsv1 +- +- The system is using the old cgroup hierarchy. +- +- + + local-hwclock + +diff --git a/src/core/manager.c b/src/core/manager.c +index a59afafb58..657263eb73 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -4491,9 +4491,6 @@ char* manager_taint_string(const Manager *m) { + if (access("/proc/cgroups", F_OK) < 0) + stage[n++] = "cgroups-missing"; + +- if (cg_all_unified() == 0) +- stage[n++] = "cgroupsv1"; +- + if (clock_is_localtime(NULL) > 0) + stage[n++] = "local-hwclock"; + +diff --git a/src/test/test-manager.c b/src/test/test-manager.c +index 89f9277b28..2faf715d76 100644 +--- a/src/test/test-manager.c ++++ b/src/test/test-manager.c +@@ -14,11 +14,6 @@ TEST(manager_taint_string) { + * to test for them. Let's do just one. */ + assert_se(!strstr(a, "split-usr")); + +- if (cg_all_unified() == 0) +- assert_se(strstr(a, "cgroupsv1")); +- else +- assert_se(!strstr(a, "cgroupsv1")); +- + m.taint_usr = true; + _cleanup_free_ char *b = manager_taint_string(&m); + assert_se(b); diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index 72b5af1..24eb9d5 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -21,7 +21,7 @@ Name: systemd Url: https://systemd.io Version: 252 -Release: 14%{?dist}.1 +Release: 14%{?dist}.3 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -323,6 +323,9 @@ Patch0242: 0242-sd-journal-allow-to-specify-compression-algorithm-th.patch Patch0243: 0243-test-add-test-case-that-journal-file-is-created-with.patch Patch0244: 0244-ci-workflow-for-gathering-metadata-for-source-git-au.patch Patch0245: 0245-ci-first-part-of-the-source-git-automation-commit-li.patch +Patch0246: 0246-elf-util-discard-PT_LOAD-segment-early-based-on-the-.patch +Patch0247: 0247-elf-util-check-for-overflow-when-computing-end-of-co.patch +Patch0248: 0248-manager-don-t-taint-the-host-if-cgroups-v1-is-used.patch # Downstream-only patches (9000–9999) @@ -1144,6 +1147,13 @@ getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /s %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Mon Jul 17 2023 systemd maintenance team - 252-14.3 +- manager: don't taint the host if cgroups v1 is used (#2196479) + +* Thu Jul 13 2023 systemd maintenance team - 252-14.2 +- elf-util: discard PT_LOAD segment early based on the start address. (#2222259) +- elf-util: check for overflow when computing end of core's PT_LOAD segments (#2222259) + * Wed May 24 2023 systemd maintenance team - 252-14.1 - Bump version to 252-14.1 to make sure that NEVRA is higher than systemd-252-14.el9.rhaos4.13 (#2184929)