Ubuntu
systemd package

Merge ~enr0n/ubuntu/+source/systemd:ubuntu-kinetic-sru into ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-kinetic

  1. Git
  2. lp:~enr0n/ubuntu/+source/systemd
  3. ubuntu-kinetic-sru
  4. Merge into ubuntu-kinetic
Proposed by Nick Rosbrook
Status: Merged
Merged at revision: 74ae8a98d5e803a6513ad3bd0ccad4e91b235397
Proposed branch: ~enr0n/ubuntu/+source/systemd:ubuntu-kinetic-sru
Merge into: ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-kinetic
Diff against target: 983 lines (+913/-0)
11 files modified
debian/changelog (+31/-0)
debian/patches/CVE-2022-4415.patch (+380/-0)
debian/patches/CVE-2022-45873.patch (+115/-0)
debian/patches/backport-for-CVE-2022-45873.patch (+45/-0)
debian/patches/lp2002445/sd-netlink-add-a-test-for-rtnl_set_link_name.patch (+66/-0)
debian/patches/lp2002445/sd-netlink-do-not-swap-old-name-and-alternative-name.patch (+54/-0)
debian/patches/lp2002445/sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch (+64/-0)
debian/patches/lp2002445/udev-attempt-device-rename-even-if-interface-is-up.patch (+61/-0)
debian/patches/lp2002445/udev-net-allow-new-link-name-as-an-altname-before-renamin.patch (+34/-0)
debian/patches/lp2004478-network-dhcp4-accept-local-subnet-routes-from-DHCP.patch (+54/-0)
debian/patches/series (+9/-0)
Reviewer Review Type Date Requested Status
Lukas Märdian Approve
Review via email: mp+438555@code.launchpad.net

Description of the change

PPA: https://launchpad.net/~enr0n/+archive/ubuntu/systemd-251/+packages?field.name_filter=systemd&field.status_filter=published

These autopkgtest results are from a previous build, i.e. before rebasing on the security update. The networkd-test.py failure is already present and will not be considered a regression. The unit-tests failure in armhf is fixed in my latest build, though I did not re-trigger the autopkgtest because it was a known issue, and I just forgot to include the fix in the tested build.

systemd 251.4-1ubuntu7.1~ppa3 (arm64) -- Fail: https://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-enr0n-systemd-251/kinetic/arm64/s/systemd/20230302_125651_41ba8@/log.gz
systemd 251.4-1ubuntu7.1~ppa3 (armhf) -- Fail: https://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-enr0n-systemd-251/kinetic/armhf/s/systemd/20230302_052203_41ba8@/log.gz
systemd 251.4-1ubuntu7.1~ppa3 (ppc64el) -- Fail: https://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-enr0n-systemd-251/kinetic/ppc64el/s/systemd/20230301_230404_11ba2@/log.gz
systemd 251.4-1ubuntu7.1~ppa3 (s390x) -- Fail: https://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-enr0n-systemd-251/kinetic/s390x/s/systemd/20230302_003917_11ba2@/log.gz
systemd 251.4-1ubuntu7.1~ppa4 (amd64) -- Fail: https://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-enr0n-systemd-251/kinetic/amd64/s/systemd/20230303_021808_57da3@/log.gz

To post a comment you must log in.
Revision history for this message
Lukas Märdian (slyon) wrote :

Thanks for the explanation about the test failures. Apparently networkd-test.py regressed in release, which is bad but seems unrelated to the systemd package:

"There is an autopkgtest failure currently in kinetic (not considered a regression) that seems to be caused by a kernel change. I am not exactly sure what change broke the test, but if I run the test in a fresh kinetic install (nothing from -updates installed yet), the test passes. But if I install just the new kernel from -updates, the test fails." -- enr0n

Do we already have a tracking bug report about that ^ issue? Could you please reference it here and escalate it to the corresponding (Kernel?) team? Having systemd autopkgtests failing in a stable series is not a good position to be in and we should try to get it fixed soon (by the corresponding team).

Your changes/patches to systemd packaging itself LGTM!

review: Approve
Revision history for this message
Lukas Märdian (slyon) wrote :

https://launchpad.net/ubuntu/kinetic/+queue?queue_state=1&queue_text=systemd

Revision history for this message
Nick Rosbrook (enr0n) wrote :

I have opened bug 2009859 to track the issue.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index c7ddcfc..2fe2841 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,34 @@
1systemd (251.4-1ubuntu7.2) kinetic; urgency=medium
2
3 * network/dhcp4: accept local subnet routes from DHCP (LP: #2004478)
4 File: debian/patches/lp2004478-network-dhcp4-accept-local-subnet-routes-from-DHCP.patch
5 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=751bac59b405025964d76c4ef8e0603457a605af
6 * udev: avoid NIC renaming race with kernel (LP: #2002445)
7 Files:
8 - debian/patches/lp2002445/sd-netlink-add-a-test-for-rtnl_set_link_name.patch
9 - debian/patches/lp2002445/sd-netlink-do-not-swap-old-name-and-alternative-name.patch
10 - debian/patches/lp2002445/sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
11 - debian/patches/lp2002445/udev-attempt-device-rename-even-if-interface-is-up.patch
12 - debian/patches/lp2002445/udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
13 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ffb1e85fdd3f0fe9b158b28a95cfa6d241fcbe70
14
15 -- Nick Rosbrook <nick.rosbrook@canonical.com> Wed, 08 Mar 2023 12:07:55 -0500
16
17systemd (251.4-1ubuntu7.1) kinetic-security; urgency=medium
18
19 * SECURITY UPDATE: information leak vulnerability in systemd-coredump
20 - debian/patches/CVE-2022-4415.patch: do not allow user to access
21 coredumps with changed uid/gid/capabilities
22 - CVE-2022-4415
23 * SECURITY UPDATE: DoS vulnerability in systemd-coredump
24 - debian/patches/backport-for-CVE-2022-45873.patch: allow
25 json_variant_dump() to return an error
26 - debian/patches/CVE-2022-45873.patch: avoid deadlock when passing
27 processed backtrace data
28 - CVE-2022-45873
29
30 -- Nishit Majithia <nishit.majithia@canonical.com> Thu, 02 Mar 2023 18:28:02 +0530
31
1systemd (251.4-1ubuntu7) kinetic; urgency=medium32systemd (251.4-1ubuntu7) kinetic; urgency=medium
233
3 [ Nick Rosbrook ]34 [ Nick Rosbrook ]
diff --git a/debian/patches/CVE-2022-4415.patch b/debian/patches/CVE-2022-4415.patch
4new file mode 10064435new file mode 100644
index 0000000..cc12be9
--- /dev/null
+++ b/debian/patches/CVE-2022-4415.patch
@@ -0,0 +1,380 @@
1 Origin: backport, https://github.com/systemd/systemd-stable/commit/efca5283dc791a07171f80eef84e14fdb58fad57
2
3From efca5283dc791a07171f80eef84e14fdb58fad57 Mon Sep 17 00:00:00 2001
4From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
5Date: Mon, 28 Nov 2022 12:12:55 +0100
6Subject: [PATCH] coredump: do not allow user to access coredumps with changed
7 uid/gid/capabilities
8
9When the user starts a program which elevates its permissions via setuid,
10setgid, or capabilities set on the file, it may access additional information
11which would then be visible in the coredump. We shouldn't make the the coredump
12visible to the user in such cases.
13
14Reported-by: Matthias Gerstner <mgerstner@suse.de>
15
16This reads the /proc/<pid>/auxv file and attaches it to the process metadata as
17PROC_AUXV. Before the coredump is submitted, it is parsed and if either
18at_secure was set (which the kernel will do for processes that are setuid,
19setgid, or setcap), or if the effective uid/gid don't match uid/gid, the file
20is not made accessible to the user. If we can't access this data, we assume the
21file should not be made accessible either. In principle we could also access
22the auxv data from a note in the core file, but that is much more complex and
23it seems better to use the stand-alone file that is provided by the kernel.
24
25Attaching auxv is both convient for this patch (because this way it's passed
26between the stages along with other fields), but I think it makes sense to save
27it in general.
28
29We use the information early in the core file to figure out if the program was
3032-bit or 64-bit and its endianness. This way we don't need heuristics to guess
31whether the format of the auxv structure. This test might reject some cases on
32fringe architecutes. But the impact would be limited: we just won't grant the
33user permissions to view the coredump file. If people report that we're missing
34some cases, we can always enhance this to support more architectures.
35
36I tested auxv parsing on amd64, 32-bit program on amd64, arm64, arm32, and
37ppc64el, but not the whole coredump handling.
38
39(cherry picked from commit 3e4d0f6cf99f8677edd6a237382a65bfe758de03)
40(cherry picked from commit 9b75a3d0502d6741c8ecb7175794345f8eb3827c)
41---
42 src/basic/io-util.h | 9 ++
43 src/coredump/coredump.c | 196 +++++++++++++++++++++++++++++++++++++---
44 2 files changed, 192 insertions(+), 13 deletions(-)
45
46--- systemd-251.4.orig/src/basic/io-util.h
47+++ systemd-251.4/src/basic/io-util.h
48@@ -91,7 +91,16 @@ struct iovec_wrapper *iovw_new(void);
49 struct iovec_wrapper *iovw_free(struct iovec_wrapper *iovw);
50 struct iovec_wrapper *iovw_free_free(struct iovec_wrapper *iovw);
51 void iovw_free_contents(struct iovec_wrapper *iovw, bool free_vectors);
52+
53 int iovw_put(struct iovec_wrapper *iovw, void *data, size_t len);
54+static inline int iovw_consume(struct iovec_wrapper *iovw, void *data, size_t len) {
55+ /* Move data into iovw or free on error */
56+ int r = iovw_put(iovw, data, len);
57+ if (r < 0)
58+ free(data);
59+ return r;
60+}
61+
62 int iovw_put_string_field(struct iovec_wrapper *iovw, const char *field, const char *value);
63 int iovw_put_string_field_free(struct iovec_wrapper *iovw, const char *field, char *value);
64 void iovw_rebase(struct iovec_wrapper *iovw, char *old, char *new);
65--- systemd-251.4.orig/src/coredump/coredump.c
66+++ systemd-251.4/src/coredump/coredump.c
67@@ -4,6 +4,7 @@
68 #include <stdio.h>
69 #include <sys/prctl.h>
70 #include <sys/statvfs.h>
71+#include <sys/auxv.h>
72 #include <sys/xattr.h>
73 #include <unistd.h>
74
75@@ -105,6 +106,7 @@ enum {
76
77 META_EXE = _META_MANDATORY_MAX,
78 META_UNIT,
79+ META_PROC_AUXV,
80 _META_MAX
81 };
82
83@@ -119,10 +121,12 @@ static const char * const meta_field_nam
84 [META_COMM] = "COREDUMP_COMM=",
85 [META_EXE] = "COREDUMP_EXE=",
86 [META_UNIT] = "COREDUMP_UNIT=",
87+ [META_PROC_AUXV] = "COREDUMP_PROC_AUXV=",
88 };
89
90 typedef struct Context {
91 const char *meta[_META_MAX];
92+ size_t meta_size[_META_MAX];
93 pid_t pid;
94 bool is_pid1;
95 bool is_journald;
96@@ -184,13 +188,16 @@ static uint64_t storage_size_max(void) {
97 return 0;
98 }
99
100-static int fix_acl(int fd, uid_t uid) {
101+static int fix_acl(int fd, uid_t uid, bool allow_user) {
102+ assert(fd >= 0);
103+ assert(uid_is_valid(uid));
104
105 #if HAVE_ACL
106 int r;
107
108- assert(fd >= 0);
109- assert(uid_is_valid(uid));
110+ /* We don't allow users to read coredumps if the uid or capabilities were changed. */
111+ if (!allow_user)
112+ return 0;
113
114 if (uid_is_system(uid) || uid_is_dynamic(uid) || uid == UID_NOBODY)
115 return 0;
116@@ -250,7 +257,8 @@ static int fix_permissions(
117 const char *filename,
118 const char *target,
119 const Context *context,
120- uid_t uid) {
121+ uid_t uid,
122+ bool allow_user) {
123
124 int r;
125
126@@ -260,7 +268,7 @@ static int fix_permissions(
127
128 /* Ignore errors on these */
129 (void) fchmod(fd, 0640);
130- (void) fix_acl(fd, uid);
131+ (void) fix_acl(fd, uid, allow_user);
132 (void) fix_xattr(fd, context);
133
134 r = fsync_full(fd);
135@@ -330,6 +338,153 @@ static int make_filename(const Context *
136 return 0;
137 }
138
139+static int parse_auxv64(
140+ const uint64_t *auxv,
141+ size_t size_bytes,
142+ int *at_secure,
143+ uid_t *uid,
144+ uid_t *euid,
145+ gid_t *gid,
146+ gid_t *egid) {
147+
148+ assert(auxv || size_bytes == 0);
149+
150+ if (size_bytes % (2 * sizeof(uint64_t)) != 0)
151+ return log_warning_errno(SYNTHETIC_ERRNO(EIO), "Incomplete auxv structure (%zu bytes).", size_bytes);
152+
153+ size_t words = size_bytes / sizeof(uint64_t);
154+
155+ /* Note that we set output variables even on error. */
156+
157+ for (size_t i = 0; i + 1 < words; i += 2)
158+ switch (auxv[i]) {
159+ case AT_SECURE:
160+ *at_secure = auxv[i + 1] != 0;
161+ break;
162+ case AT_UID:
163+ *uid = auxv[i + 1];
164+ break;
165+ case AT_EUID:
166+ *euid = auxv[i + 1];
167+ break;
168+ case AT_GID:
169+ *gid = auxv[i + 1];
170+ break;
171+ case AT_EGID:
172+ *egid = auxv[i + 1];
173+ break;
174+ case AT_NULL:
175+ if (auxv[i + 1] != 0)
176+ goto error;
177+ return 0;
178+ }
179+ error:
180+ return log_warning_errno(SYNTHETIC_ERRNO(ENODATA),
181+ "AT_NULL terminator not found, cannot parse auxv structure.");
182+}
183+
184+static int parse_auxv32(
185+ const uint32_t *auxv,
186+ size_t size_bytes,
187+ int *at_secure,
188+ uid_t *uid,
189+ uid_t *euid,
190+ gid_t *gid,
191+ gid_t *egid) {
192+
193+ assert(auxv || size_bytes == 0);
194+
195+ size_t words = size_bytes / sizeof(uint32_t);
196+
197+ if (size_bytes % (2 * sizeof(uint32_t)) != 0)
198+ return log_warning_errno(SYNTHETIC_ERRNO(EIO), "Incomplete auxv structure (%zu bytes).", size_bytes);
199+
200+ /* Note that we set output variables even on error. */
201+
202+ for (size_t i = 0; i + 1 < words; i += 2)
203+ switch (auxv[i]) {
204+ case AT_SECURE:
205+ *at_secure = auxv[i + 1] != 0;
206+ break;
207+ case AT_UID:
208+ *uid = auxv[i + 1];
209+ break;
210+ case AT_EUID:
211+ *euid = auxv[i + 1];
212+ break;
213+ case AT_GID:
214+ *gid = auxv[i + 1];
215+ break;
216+ case AT_EGID:
217+ *egid = auxv[i + 1];
218+ break;
219+ case AT_NULL:
220+ if (auxv[i + 1] != 0)
221+ goto error;
222+ return 0;
223+ }
224+ error:
225+ return log_warning_errno(SYNTHETIC_ERRNO(ENODATA),
226+ "AT_NULL terminator not found, cannot parse auxv structure.");
227+}
228+
229+static int grant_user_access(int core_fd, const Context *context) {
230+ int at_secure = -1;
231+ uid_t uid = UID_INVALID, euid = UID_INVALID;
232+ uid_t gid = GID_INVALID, egid = GID_INVALID;
233+ int r;
234+
235+ assert(core_fd >= 0);
236+ assert(context);
237+
238+ if (!context->meta[META_PROC_AUXV])
239+ return log_warning_errno(SYNTHETIC_ERRNO(ENODATA), "No auxv data, not adjusting permissions.");
240+
241+ uint8_t elf[EI_NIDENT];
242+ errno = 0;
243+ if (pread(core_fd, &elf, sizeof(elf), 0) != sizeof(elf))
244+ return log_warning_errno(errno_or_else(EIO),
245+ "Failed to pread from coredump fd: %s", errno != 0 ? strerror_safe(errno) : "Unexpected EOF");
246+
247+ if (elf[EI_MAG0] != ELFMAG0 ||
248+ elf[EI_MAG1] != ELFMAG1 ||
249+ elf[EI_MAG2] != ELFMAG2 ||
250+ elf[EI_MAG3] != ELFMAG3 ||
251+ elf[EI_VERSION] != EV_CURRENT)
252+ return log_info_errno(SYNTHETIC_ERRNO(EUCLEAN),
253+ "Core file does not have ELF header, not adjusting permissions.");
254+ if (!IN_SET(elf[EI_CLASS], ELFCLASS32, ELFCLASS64) ||
255+ !IN_SET(elf[EI_DATA], ELFDATA2LSB, ELFDATA2MSB))
256+ return log_info_errno(SYNTHETIC_ERRNO(EUCLEAN),
257+ "Core file has strange ELF class, not adjusting permissions.");
258+
259+ if ((elf[EI_DATA] == ELFDATA2LSB) != (__BYTE_ORDER == __LITTLE_ENDIAN))
260+ return log_info_errno(SYNTHETIC_ERRNO(EUCLEAN),
261+ "Core file has non-native endianness, not adjusting permissions.");
262+
263+ if (elf[EI_CLASS] == ELFCLASS64)
264+ r = parse_auxv64((const uint64_t*) context->meta[META_PROC_AUXV],
265+ context->meta_size[META_PROC_AUXV],
266+ &at_secure, &uid, &euid, &gid, &egid);
267+ else
268+ r = parse_auxv32((const uint32_t*) context->meta[META_PROC_AUXV],
269+ context->meta_size[META_PROC_AUXV],
270+ &at_secure, &uid, &euid, &gid, &egid);
271+ if (r < 0)
272+ return r;
273+
274+ /* We allow access if we got all the data and at_secure is not set and
275+ * the uid/gid matches euid/egid. */
276+ bool ret =
277+ at_secure == 0 &&
278+ uid != UID_INVALID && euid != UID_INVALID && uid == euid &&
279+ gid != GID_INVALID && egid != GID_INVALID && gid == egid;
280+ log_debug("Will %s access (uid="UID_FMT " euid="UID_FMT " gid="GID_FMT " egid="GID_FMT " at_secure=%s)",
281+ ret ? "permit" : "restrict",
282+ uid, euid, gid, egid, yes_no(at_secure));
283+ return ret;
284+}
285+
286 static int save_external_coredump(
287 const Context *context,
288 int input_fd,
289@@ -452,6 +607,8 @@ static int save_external_coredump(
290 context->meta[META_ARGV_PID], context->meta[META_COMM]);
291 truncated = r == 1;
292
293+ bool allow_user = grant_user_access(fd, context) > 0;
294+
295 #if HAVE_COMPRESSION
296 if (arg_compress) {
297 _cleanup_(unlink_and_freep) char *tmp_compressed = NULL;
298@@ -489,7 +646,7 @@ static int save_external_coredump(
299 uncompressed_size += partial_uncompressed_size;
300 }
301
302- r = fix_permissions(fd_compressed, tmp_compressed, fn_compressed, context, uid);
303+ r = fix_permissions(fd_compressed, tmp_compressed, fn_compressed, context, uid, allow_user);
304 if (r < 0)
305 return r;
306
307@@ -516,7 +673,7 @@ static int save_external_coredump(
308 "SIZE_LIMIT=%"PRIu64, max_size,
309 "MESSAGE_ID=" SD_MESSAGE_TRUNCATED_CORE_STR);
310
311- r = fix_permissions(fd, tmp, fn, context, uid);
312+ r = fix_permissions(fd, tmp, fn, context, uid, allow_user);
313 if (r < 0)
314 return log_error_errno(r, "Failed to fix permissions and finalize coredump %s into %s: %m", coredump_tmpfile_name(tmp), fn);
315
316@@ -764,7 +921,7 @@ static int change_uid_gid(const Context
317 }
318
319 static int submit_coredump(
320- Context *context,
321+ const Context *context,
322 struct iovec_wrapper *iovw,
323 int input_fd) {
324
325@@ -925,16 +1082,15 @@ static int save_context(Context *context
326 struct iovec *iovec = iovw->iovec + n;
327
328 for (size_t i = 0; i < ELEMENTSOF(meta_field_names); i++) {
329- char *p;
330-
331 /* Note that these strings are NUL terminated, because we made sure that a
332 * trailing NUL byte is in the buffer, though not included in the iov_len
333 * count (see process_socket() and gather_pid_metadata_*()) */
334 assert(((char*) iovec->iov_base)[iovec->iov_len] == 0);
335
336- p = startswith(iovec->iov_base, meta_field_names[i]);
337+ const char *p = startswith(iovec->iov_base, meta_field_names[i]);
338 if (p) {
339 context->meta[i] = p;
340+ context->meta_size[i] = iovec->iov_len - strlen(meta_field_names[i]);
341 count++;
342 break;
343 }
344@@ -1176,6 +1332,7 @@ static int gather_pid_metadata(struct io
345 uid_t owner_uid;
346 pid_t pid;
347 char *t;
348+ size_t size;
349 const char *p;
350 int r;
351
352@@ -1240,13 +1397,26 @@ static int gather_pid_metadata(struct io
353 (void) iovw_put_string_field_free(iovw, "COREDUMP_PROC_LIMITS=", t);
354
355 p = procfs_file_alloca(pid, "cgroup");
356- if (read_full_virtual_file(p, &t, NULL) >=0)
357+ if (read_full_virtual_file(p, &t, NULL) >= 0)
358 (void) iovw_put_string_field_free(iovw, "COREDUMP_PROC_CGROUP=", t);
359
360 p = procfs_file_alloca(pid, "mountinfo");
361- if (read_full_virtual_file(p, &t, NULL) >=0)
362+ if (read_full_virtual_file(p, &t, NULL) >= 0)
363 (void) iovw_put_string_field_free(iovw, "COREDUMP_PROC_MOUNTINFO=", t);
364
365+ /* We attach /proc/auxv here. ELF coredumps also contain a note for this (NT_AUXV), see elf(5). */
366+ p = procfs_file_alloca(pid, "auxv");
367+ if (read_full_virtual_file(p, &t, &size) >= 0) {
368+ char *buf = malloc(strlen("COREDUMP_PROC_AUXV=") + size + 1);
369+ if (buf) {
370+ /* Add a dummy terminator to make save_context() happy. */
371+ *((uint8_t*) mempcpy(stpcpy(buf, "COREDUMP_PROC_AUXV="), t, size)) = '\0';
372+ (void) iovw_consume(iovw, buf, size + strlen("COREDUMP_PROC_AUXV="));
373+ }
374+
375+ free(t);
376+ }
377+
378 if (get_process_cwd(pid, &t) >= 0)
379 (void) iovw_put_string_field_free(iovw, "COREDUMP_CWD=", t);
380
diff --git a/debian/patches/CVE-2022-45873.patch b/debian/patches/CVE-2022-45873.patch
0new file mode 100644381new file mode 100644
index 0000000..2badbcb
--- /dev/null
+++ b/debian/patches/CVE-2022-45873.patch
@@ -0,0 +1,115 @@
1From 076b807be472630692c5348c60d0c2b7b28ad437 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
3Date: Tue, 18 Oct 2022 18:23:53 +0200
4Subject: [PATCH] coredump: avoid deadlock when passing processed backtrace
5 data
6
7We would deadlock when passing the data back from the forked-off process that
8was doing backtrace generation back to the coredump parent. This is because we
9fork the child and wait for it to exit. The child tries to write too much data
10to the output pipe, and and after the first 64k blocks on the parent because
11the pipe is full. The bug surfaced in Fedora because of a combination of four
12factors:
13- 87707784c70dc9894ec613df0a6e75e732a362a3 was backported to v251.5, which
14 allowed coredump processing to be successful.
15- 1a0281a3ebf4f8c16d40aa9e63103f16cd23bb2a was NOT backported, so the output
16 was very verbose.
17- Fedora has the ELF package metadata available, so a lot of output can be
18 generated. Most other distros just don't have the information.
19- gnome-calendar crashes and has a bazillion modules and 69596 bytes of output
20 are generated for it.
21
22Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2135778.
23
24The code is changed to try to write data opportunistically. If we get partial
25information, that is still logged. In is generally better to log partial
26backtrace information than nothing at all.
27---
28 src/shared/elf-util.c | 37 +++++++++++++++++++++++++++++++------
29 1 file changed, 31 insertions(+), 6 deletions(-)
30
31--- systemd-251.4.orig/src/shared/elf-util.c
32+++ systemd-251.4/src/shared/elf-util.c
33@@ -30,6 +30,9 @@
34 #define THREADS_MAX 64
35 #define ELF_PACKAGE_METADATA_ID 0xcafe1a7e
36
37+/* The amount of data we're willing to write to each of the output pipes. */
38+#define COREDUMP_PIPE_MAX (1024*1024U)
39+
40 static void *dw_dl = NULL;
41 static void *elf_dl = NULL;
42
43@@ -704,13 +707,13 @@ int parse_elf_object(int fd, const char
44 return r;
45
46 if (ret) {
47- r = RET_NERRNO(pipe2(return_pipe, O_CLOEXEC));
48+ r = RET_NERRNO(pipe2(return_pipe, O_CLOEXEC|O_NONBLOCK));
49 if (r < 0)
50 return r;
51 }
52
53 if (ret_package_metadata) {
54- r = RET_NERRNO(pipe2(json_pipe, O_CLOEXEC));
55+ r = RET_NERRNO(pipe2(json_pipe, O_CLOEXEC|O_NONBLOCK));
56 if (r < 0)
57 return r;
58 }
59@@ -754,8 +757,24 @@ int parse_elf_object(int fd, const char
60 goto child_fail;
61
62 if (buf) {
63- r = loop_write(return_pipe[1], buf, strlen(buf), false);
64- if (r < 0)
65+ size_t len = strlen(buf);
66+
67+ if (len > COREDUMP_PIPE_MAX) {
68+ /* This is iffy. A backtrace can be a few hundred kilobytes, but too much is
69+ * too much. Let's log a warning and ignore the rest. */
70+ log_warning("Generated backtrace is %zu bytes (more than the limit of %u bytes), backtrace will be truncated.",
71+ len, COREDUMP_PIPE_MAX);
72+ len = COREDUMP_PIPE_MAX;
73+ }
74+
75+ /* Bump the space for the returned string.
76+ * Failure is ignored, because partial output is still useful. */
77+ (void) fcntl(return_pipe[1], F_SETPIPE_SZ, len);
78+
79+ r = loop_write(return_pipe[1], buf, len, false);
80+ if (r == -EAGAIN)
81+ log_warning("Write failed, backtrace will be truncated.");
82+ else if (r < 0)
83 goto child_fail;
84
85 return_pipe[1] = safe_close(return_pipe[1]);
86@@ -764,13 +783,19 @@ int parse_elf_object(int fd, const char
87 if (package_metadata) {
88 _cleanup_fclose_ FILE *json_out = NULL;
89
90+ /* Bump the space for the returned string. We don't know how much space we'll need in
91+ * advance, so we'll just try to write as much as possible and maybe fail later. */
92+ (void) fcntl(json_pipe[1], F_SETPIPE_SZ, COREDUMP_PIPE_MAX);
93+
94 json_out = take_fdopen(&json_pipe[1], "w");
95 if (!json_out) {
96 r = -errno;
97 goto child_fail;
98 }
99
100- json_variant_dump(package_metadata, JSON_FORMAT_FLUSH, json_out, NULL);
101+ r = json_variant_dump(package_metadata, JSON_FORMAT_FLUSH, json_out, NULL);
102+ if (r < 0)
103+ log_warning_errno(r, "Failed to write JSON package metadata, ignoring: %m");
104 }
105
106 _exit(EXIT_SUCCESS);
107@@ -805,7 +830,7 @@ int parse_elf_object(int fd, const char
108
109 r = json_parse_file(json_in, NULL, 0, &package_metadata, NULL, NULL);
110 if (r < 0 && r != -EINVAL) /* EINVAL: json was empty, so we got nothing, but that's ok */
111- return r;
112+ log_warning_errno(r, "Failed to read or parse json metadata, ignoring: %m");
113 }
114
115 if (ret)
diff --git a/debian/patches/backport-for-CVE-2022-45873.patch b/debian/patches/backport-for-CVE-2022-45873.patch
0new file mode 100644116new file mode 100644
index 0000000..857fd1d
--- /dev/null
+++ b/debian/patches/backport-for-CVE-2022-45873.patch
@@ -0,0 +1,45 @@
1From 7922ead507e0d83e4ec72a8cbd2b67194766e58c Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
3Date: Tue, 18 Oct 2022 18:09:06 +0200
4Subject: [PATCH] shared/json: allow json_variant_dump() to return an error
5
6---
7 src/shared/json.c | 7 ++++---
8 src/shared/json.h | 2 +-
9 2 files changed, 5 insertions(+), 4 deletions(-)
10
11--- systemd-251.4.orig/src/shared/json.c
12+++ systemd-251.4/src/shared/json.c
13@@ -1770,9 +1770,9 @@ int json_variant_format(JsonVariant *v,
14 return (int) sz - 1;
15 }
16
17-void json_variant_dump(JsonVariant *v, JsonFormatFlags flags, FILE *f, const char *prefix) {
18+int json_variant_dump(JsonVariant *v, JsonFormatFlags flags, FILE *f, const char *prefix) {
19 if (!v)
20- return;
21+ return 0;
22
23 if (!f)
24 f = stdout;
25@@ -1798,7 +1798,8 @@ void json_variant_dump(JsonVariant *v, J
26 fputc('\n', f); /* In case of SSE add a second newline */
27
28 if (flags & JSON_FORMAT_FLUSH)
29- fflush(f);
30+ return fflush_and_check(f);
31+ return 0;
32 }
33
34 int json_variant_filter(JsonVariant **v, char **to_remove) {
35--- systemd-251.4.orig/src/shared/json.h
36+++ systemd-251.4/src/shared/json.h
37@@ -195,7 +195,7 @@ typedef enum JsonFormatFlags {
38 } JsonFormatFlags;
39
40 int json_variant_format(JsonVariant *v, JsonFormatFlags flags, char **ret);
41-void json_variant_dump(JsonVariant *v, JsonFormatFlags flags, FILE *f, const char *prefix);
42+int json_variant_dump(JsonVariant *v, JsonFormatFlags flags, FILE *f, const char *prefix);
43
44 int json_variant_filter(JsonVariant **v, char **to_remove);
45
diff --git a/debian/patches/lp2002445/sd-netlink-add-a-test-for-rtnl_set_link_name.patch b/debian/patches/lp2002445/sd-netlink-add-a-test-for-rtnl_set_link_name.patch
0new file mode 10064446new file mode 100644
index 0000000..382f6ea
--- /dev/null
+++ b/debian/patches/lp2002445/sd-netlink-add-a-test-for-rtnl_set_link_name.patch
@@ -0,0 +1,66 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Tue, 22 Nov 2022 17:01:47 -0500
3Subject: sd-netlink: add a test for rtnl_set_link_name()
4
5Origin: upstream, https://github.com/systemd/systemd/commit/b338a8bb40
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8Add a test that verifies a deleted alternative name is restored on error
9in rtnl_set_link_name().
10---
11 src/libsystemd/sd-netlink/test-netlink.c | 28 ++++++++++++++++++++++++++++
12 1 file changed, 28 insertions(+)
13
14diff --git a/src/libsystemd/sd-netlink/test-netlink.c b/src/libsystemd/sd-netlink/test-netlink.c
15index fbc3ef0..440e9ce 100644
16--- a/src/libsystemd/sd-netlink/test-netlink.c
17+++ b/src/libsystemd/sd-netlink/test-netlink.c
18@@ -8,6 +8,7 @@
19 #include <linux/if_macsec.h>
20 #include <linux/l2tp.h>
21 #include <linux/nl80211.h>
22+#include <unistd.h>
23
24 #include "sd-netlink.h"
25
26@@ -666,6 +667,32 @@ static void test_genl(void) {
27 }
28 }
29
30+static void test_rtnl_set_link_name(sd_netlink *rtnl, int ifindex) {
31+ _cleanup_strv_free_ char **alternative_names = NULL;
32+ int r;
33+
34+ log_debug("/* %s */", __func__);
35+
36+ if (geteuid() != 0)
37+ return (void) log_tests_skipped("not root");
38+
39+ /* Test that the new name (which is currently an alternative name) is
40+ * restored as an alternative name on error. Create an error by using
41+ * an invalid device name, namely one that exceeds IFNAMSIZ
42+ * (alternative names can exceed IFNAMSIZ, but not regular names). */
43+ r = rtnl_set_link_alternative_names(&rtnl, ifindex, STRV_MAKE("testlongalternativename"));
44+ if (r == -EPERM)
45+ return (void) log_tests_skipped("missing required capabilities");
46+ if (r == -EOPNOTSUPP)
47+ return (void) log_tests_skipped("alternative name is not supported");
48+
49+ assert_se(r >= 0);
50+ assert_se(rtnl_set_link_name(&rtnl, ifindex, "testlongalternativename") == -EINVAL);
51+ assert_se(rtnl_get_link_alternative_names(&rtnl, ifindex, &alternative_names) >= 0);
52+ assert_se(strv_contains(alternative_names, "testlongalternativename"));
53+ assert_se(rtnl_delete_link_alternative_names(&rtnl, ifindex, STRV_MAKE("testlongalternativename")) >= 0);
54+}
55+
56 int main(void) {
57 sd_netlink *rtnl;
58 sd_netlink_message *m;
59@@ -697,6 +724,7 @@ int main(void) {
60 test_pipe(if_loopback);
61 test_event_loop(if_loopback);
62 test_link_configure(rtnl, if_loopback);
63+ test_rtnl_set_link_name(rtnl, if_loopback);
64
65 test_get_addresses(rtnl);
66 test_message_link_bridge(rtnl);
diff --git a/debian/patches/lp2002445/sd-netlink-do-not-swap-old-name-and-alternative-name.patch b/debian/patches/lp2002445/sd-netlink-do-not-swap-old-name-and-alternative-name.patch
0new file mode 10064467new file mode 100644
index 0000000..2cf4997
--- /dev/null
+++ b/debian/patches/lp2002445/sd-netlink-do-not-swap-old-name-and-alternative-name.patch
@@ -0,0 +1,54 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Fri, 2 Dec 2022 15:26:18 -0500
3Subject: sd-netlink: do not swap old name and alternative name
4
5Origin: upstream, https://github.com/systemd/systemd/commit/080afbb57c
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8Commit 434a348380 ("netlink: do not fail when new interface name is
9already used as an alternative name") added logic to set the old
10interface name as an alternative name, but only when the new name is
11currently an alternative name. This is not the desired outcome in most
12cases, and the important part of this commit was to delete the new name
13from the list of alternative names if necessary.
14---
15 src/libsystemd/sd-netlink/netlink-util.c | 12 ------------
16 1 file changed, 12 deletions(-)
17
18diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c
19index ce2c4f3..f88169e 100644
20--- a/src/libsystemd/sd-netlink/netlink-util.c
21+++ b/src/libsystemd/sd-netlink/netlink-util.c
22@@ -12,7 +12,6 @@
23 int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
24 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL;
25 _cleanup_strv_free_ char **alternative_names = NULL;
26- char old_name[IF_NAMESIZE] = {};
27 int r;
28
29 assert(rtnl);
30@@ -32,10 +31,6 @@ int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
31 if (r < 0)
32 return log_debug_errno(r, "Failed to remove '%s' from alternative names on network interface %i: %m",
33 name, ifindex);
34-
35- r = format_ifname(ifindex, old_name);
36- if (r < 0)
37- return log_debug_errno(r, "Failed to get current name of network interface %i: %m", ifindex);
38 }
39
40 r = sd_rtnl_message_new_link(*rtnl, &message, RTM_SETLINK, ifindex);
41@@ -50,13 +45,6 @@ int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
42 if (r < 0)
43 return r;
44
45- if (!isempty(old_name)) {
46- r = rtnl_set_link_alternative_names(rtnl, ifindex, STRV_MAKE(old_name));
47- if (r < 0)
48- log_debug_errno(r, "Failed to set '%s' as an alternative name on network interface %i, ignoring: %m",
49- old_name, ifindex);
50- }
51-
52 return 0;
53 }
54
diff --git a/debian/patches/lp2002445/sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch b/debian/patches/lp2002445/sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
0new file mode 10064455new file mode 100644
index 0000000..a5e2e24
--- /dev/null
+++ b/debian/patches/lp2002445/sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
@@ -0,0 +1,64 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Wed, 2 Nov 2022 05:36:14 -0400
3Subject: sd-netlink: restore altname on error in rtnl_set_link_name
4
5Origin: upstream, https://github.com/systemd/systemd/commit/4d600667f8
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8If a current alternative name is to be used to rename a network
9interface, the alternative name must be removed first. If interface
10renaming fails, restore the alternative name that was deleted if
11necessary.
12---
13 src/libsystemd/sd-netlink/netlink-util.c | 19 ++++++++++++++++---
14 1 file changed, 16 insertions(+), 3 deletions(-)
15
16diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c
17index 7f2596d..c4ead31 100644
18--- a/src/libsystemd/sd-netlink/netlink-util.c
19+++ b/src/libsystemd/sd-netlink/netlink-util.c
20@@ -11,6 +11,7 @@
21 int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
22 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL;
23 _cleanup_strv_free_ char **alternative_names = NULL;
24+ bool altname_deleted = false;
25 int r;
26
27 assert(rtnl);
28@@ -30,21 +31,33 @@ int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
29 if (r < 0)
30 return log_debug_errno(r, "Failed to remove '%s' from alternative names on network interface %i: %m",
31 name, ifindex);
32+
33+ altname_deleted = true;
34 }
35
36 r = sd_rtnl_message_new_link(*rtnl, &message, RTM_SETLINK, ifindex);
37 if (r < 0)
38- return r;
39+ goto fail;
40
41 r = sd_netlink_message_append_string(message, IFLA_IFNAME, name);
42 if (r < 0)
43- return r;
44+ goto fail;
45
46 r = sd_netlink_call(*rtnl, message, 0, NULL);
47 if (r < 0)
48- return r;
49+ goto fail;
50
51 return 0;
52+
53+fail:
54+ if (altname_deleted) {
55+ int q = rtnl_set_link_alternative_names(rtnl, ifindex, STRV_MAKE(name));
56+ if (q < 0)
57+ log_debug_errno(q, "Failed to restore '%s' as an alternative name on network interface %i, ignoring: %m",
58+ name, ifindex);
59+ }
60+
61+ return r;
62 }
63
64 int rtnl_set_link_properties(
diff --git a/debian/patches/lp2002445/udev-attempt-device-rename-even-if-interface-is-up.patch b/debian/patches/lp2002445/udev-attempt-device-rename-even-if-interface-is-up.patch
0new file mode 10064465new file mode 100644
index 0000000..5ffc818
--- /dev/null
+++ b/debian/patches/lp2002445/udev-attempt-device-rename-even-if-interface-is-up.patch
@@ -0,0 +1,61 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Fri, 2 Dec 2022 15:35:25 -0500
3Subject: udev: attempt device rename even if interface is up
4
5Origin: upstream, https://github.com/systemd/systemd/commit/53584e7b61
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8Currently rename_netif() will not attempt to rename a device if it is
9already up, because the kernel will return -EBUSY unless live renaming
10is allowed on the device. This restriction will be removed in a future
11kernel version [1].
12
13To cover both cases, always attempt to rename the interface and return 0
14if we get -EBUSY.
15
16[1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=bd039b5ea2a9
17---
18 src/udev/udev-event.c | 16 +++++-----------
19 1 file changed, 5 insertions(+), 11 deletions(-)
20
21diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
22index 9b53105..681aa87 100644
23--- a/src/udev/udev-event.c
24+++ b/src/udev/udev-event.c
25@@ -871,7 +871,6 @@ int udev_event_spawn(
26 static int rename_netif(UdevEvent *event) {
27 const char *oldname;
28 sd_device *dev;
29- unsigned flags;
30 int ifindex, r;
31
32 assert(event);
33@@ -905,16 +904,6 @@ static int rename_netif(UdevEvent *event) {
34 return 0;
35 }
36
37- r = rtnl_get_link_info(&event->rtnl, ifindex, NULL, &flags, NULL, NULL, NULL);
38- if (r < 0)
39- return log_device_warning_errno(dev, r, "Failed to get link flags: %m");
40-
41- if (FLAGS_SET(flags, IFF_UP)) {
42- log_device_info(dev, "Network interface '%s' is already up, refusing to rename to '%s'.",
43- oldname, event->name);
44- return 0;
45- }
46-
47 /* Set ID_RENAMING boolean property here, and drop it in the corresponding move uevent later. */
48 r = device_add_property(dev, "ID_RENAMING", "1");
49 if (r < 0)
50@@ -936,6 +925,11 @@ static int rename_netif(UdevEvent *event) {
51 return log_device_debug_errno(event->dev_db_clone, r, "Failed to update database under /run/udev/data/: %m");
52
53 r = rtnl_set_link_name(&event->rtnl, ifindex, event->name);
54+ if (r == -EBUSY) {
55+ log_device_info(dev, "Network interface '%s' is already up, cannot rename to '%s'.",
56+ oldname, event->name);
57+ return 0;
58+ }
59 if (r < 0)
60 return log_device_error_errno(dev, r, "Failed to rename network interface %i from '%s' to '%s': %m",
61 ifindex, oldname, event->name);
diff --git a/debian/patches/lp2002445/udev-net-allow-new-link-name-as-an-altname-before-renamin.patch b/debian/patches/lp2002445/udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
0new file mode 10064462new file mode 100644
index 0000000..0d651a2
--- /dev/null
+++ b/debian/patches/lp2002445/udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
@@ -0,0 +1,34 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Wed, 2 Nov 2022 11:05:01 -0400
3Subject: udev/net: allow new link name as an altname before renaming happens
4
5Origin: upstream, https://github.com/systemd/systemd/commit/d0b31efc1a
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8When configuring a link's alternative names, the link's new name to-be
9is not allowed to be included because interface renaming will fail if
10the new name is already present as an alternative name. However,
11rtnl_set_link_name will delete the conflicting alternative name before
12renaming the device, if necessary.
13
14Allow the new link name to be set as an alternative name before the
15device is renamed. This means that if the rename is later skipped (i.e.
16because the link is already up), then the name can at least still be
17present as an alternative name.
18---
19 src/udev/net/link-config.c | 2 --
20 1 file changed, 2 deletions(-)
21
22diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c
23index 28c0e63..cdad078 100644
24--- a/src/udev/net/link-config.c
25+++ b/src/udev/net/link-config.c
26@@ -844,8 +844,6 @@ static int link_apply_alternative_names(Link *link, sd_netlink **rtnl) {
27 }
28 }
29
30- if (link->new_name)
31- strv_remove(altnames, link->new_name);
32 strv_remove(altnames, link->ifname);
33
34 r = rtnl_get_link_alternative_names(rtnl, link->ifindex, &current_altnames);
diff --git a/debian/patches/lp2004478-network-dhcp4-accept-local-subnet-routes-from-DHCP.patch b/debian/patches/lp2004478-network-dhcp4-accept-local-subnet-routes-from-DHCP.patch
0new file mode 10064435new file mode 100644
index 0000000..6bc3b3c
--- /dev/null
+++ b/debian/patches/lp2004478-network-dhcp4-accept-local-subnet-routes-from-DHCP.patch
@@ -0,0 +1,54 @@
1From: Tuetuopay <tuetuopay@me.com>
2Date: Fri, 27 Jan 2023 15:10:49 +0100
3Subject: network/dhcp4: accept local subnet routes from DHCP
4
5Origin: upstream, https://github.com/systemd/systemd/commit/1d84a3c7792a8910b05904937c703307ca19740f
6Bug-Ubuntu: https://launchpad.net/bugs/2004478
7
8RFC3442 specifies option 121 (Classless Static Routes) that allow a DHCP
9server to push arbitrary routes to a client. It has a Local Subnet
10Routes section expliciting the behavior of routes with a null (0.0.0.0)
11gateway.
12
13Such routes are to be installed on the interface with a Link scope, to
14mark them as directly available on the link without any gateway.
15
16Networkd currently drops those routes, which is against the RFC, as
17Linux has proper support for such routes.
18
19Fixes: 7f20627 ("network: dhcp4: ignore gateway in static routes if destination is link-local or in the same network")
20---
21 src/network/networkd-dhcp4.c | 19 +++++++++++--------
22 1 file changed, 11 insertions(+), 8 deletions(-)
23
24diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
25index 0941ad0..7b1133e 100644
26--- a/src/network/networkd-dhcp4.c
27+++ b/src/network/networkd-dhcp4.c
28@@ -376,15 +376,18 @@ static int dhcp4_request_route_auto(
29 route->gw = IN_ADDR_NULL;
30 route->prefsrc.in = address;
31
32- } else {
33- if (in4_addr_is_null(gw)) {
34- log_link_debug(link, "DHCP: requested route destination "IPV4_ADDRESS_FMT_STR"/%u is not in the assigned network "
35- IPV4_ADDRESS_FMT_STR"/%u, but no gateway is specified, ignoring.",
36- IPV4_ADDRESS_FMT_VAL(route->dst.in), route->dst_prefixlen,
37- IPV4_ADDRESS_FMT_VAL(prefix), prefixlen);
38- return 0;
39- }
40+ } else if (in4_addr_is_null(gw)) {
41+ log_link_debug(link, "DHCP: requested route destination "IPV4_ADDRESS_FMT_STR"/%u is not in the assigned network "
42+ IPV4_ADDRESS_FMT_STR"/%u, but no gateway is specified, using 'link' scope.",
43+ IPV4_ADDRESS_FMT_VAL(route->dst.in), route->dst_prefixlen,
44+ IPV4_ADDRESS_FMT_VAL(prefix), prefixlen);
45
46+ route->scope = RT_SCOPE_LINK;
47+ route->gw_family = AF_UNSPEC;
48+ route->gw = IN_ADDR_NULL;
49+ route->prefsrc.in = address;
50+
51+ } else {
52 r = dhcp4_request_route_to_gateway(link, gw);
53 if (r < 0)
54 return r;
diff --git a/debian/patches/series b/debian/patches/series
index 5b33e52..24359ad 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -52,3 +52,12 @@ lp1981042-core-firstboot-workaround-timezone-issues-caused-by-Ubunt.patch
52test-denylist-TEST-29-PORTABLE-again.patch52test-denylist-TEST-29-PORTABLE-again.patch
53lp1989969-test-deny-list-TEST-36-NUMAPOLICY-on-ppc64el.patch53lp1989969-test-deny-list-TEST-36-NUMAPOLICY-on-ppc64el.patch
54lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch54lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch
55CVE-2022-4415.patch
56backport-for-CVE-2022-45873.patch
57CVE-2022-45873.patch
58lp2004478-network-dhcp4-accept-local-subnet-routes-from-DHCP.patch
59lp2002445/udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
60lp2002445/sd-netlink-do-not-swap-old-name-and-alternative-name.patch
61lp2002445/sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
62lp2002445/udev-attempt-device-rename-even-if-interface-is-up.patch
63lp2002445/sd-netlink-add-a-test-for-rtnl_set_link_name.patch

Subscribers

People subscribed via source and target branches