Merge ~fourdollars/ubuntu/+source/systemd:ubuntu-bionic into ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-bionic

Proposed by Shih-Yuan Lee on 2019-09-05
Status: Merged
Merge reported by: Robert Ancell
Merged at revision: c05e4dba3a3a2c48465bd63abc89f1c132f6ddf0
Proposed branch: ~fourdollars/ubuntu/+source/systemd:ubuntu-bionic
Merge into: ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-bionic
Diff against target: 162 lines (+127/-0)
4 files modified
debian/changelog (+19/-0)
debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch (+31/-0)
debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch (+75/-0)
debian/patches/series (+2/-0)
Reviewer Review Type Date Requested Status
Robert Ancell 2019-09-05 Approve on 2019-09-05
Review via email: mp+372318@code.launchpad.net
To post a comment you must log in.
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index eaf374a..0900cd2 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,22 @@
6+systemd (237-3ubuntu10.29) bionic; urgency=medium
7+
8+ * d/p/d/Revert-udev-network-device-renaming-immediately-give.patch:
9+ - udev: add Revert-udev-network-device-renaming-immediately-give.patch back
10+ Dropping this patch will cause the persistent network regression.
11+ (LP: #1842651)
12+
13+ -- Shih-Yuan Lee (FourDollars) <sylee@canonical.com> Thu, 05 Sep 2019 11:59:51 +0800
14+
15+systemd (237-3ubuntu10.28) bionic-security; urgency=medium
16+
17+ * SECURITY UPDATE: Unprivileged users are granted access to privileged
18+ systemd-resolved D-Bus methods
19+ - d/p/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch:
20+ drop trusted annotation from bus_open_system_watch_bind()
21+ - CVE-2019-15718
22+
23+ -- Chris Coulson <chris.coulson@canonical.com> Thu, 29 Aug 2019 23:30:33 +0100
24+
25 systemd (237-3ubuntu10.26) bionic; urgency=medium
26
27 [ You-Sheng Yang ]
28diff --git a/debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch b/debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch
29new file mode 100644
30index 0000000..8186f70
31--- /dev/null
32+++ b/debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch
33@@ -0,0 +1,31 @@
34+From 35e528018f315798d3bffcb592b32a0d8f5162bd Mon Sep 17 00:00:00 2001
35+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
36+Date: Tue, 27 Aug 2019 19:00:34 +0200
37+Subject: [PATCH] shared/but-util: drop trusted annotation from
38+ bus_open_system_watch_bind_with_description()
39+
40+https://bugzilla.redhat.com/show_bug.cgi?id=1746057
41+
42+This only affects systemd-resolved. bus_open_system_watch_bind_with_description()
43+is also used in timesyncd, but it has no methods, only read-only properties, and
44+in networkd, but it annotates all methods with SD_BUS_VTABLE_UNPRIVILEGED and does
45+polkit checks.
46+---
47+ src/shared/bus-util.c | 4 ----
48+ 1 file changed, 4 deletions(-)
49+
50+diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
51+index 6af115e7aa..821339d4ae 100644
52+--- a/src/shared/bus-util.c
53++++ b/src/shared/bus-util.c
54+@@ -1705,10 +1705,6 @@ int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *descri
55+ if (r < 0)
56+ return r;
57+
58+- r = sd_bus_set_trusted(bus, true);
59+- if (r < 0)
60+- return r;
61+-
62+ r = sd_bus_negotiate_creds(bus, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS);
63+ if (r < 0)
64+ return r;
65diff --git a/debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch b/debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch
66new file mode 100644
67index 0000000..121c7c4
68--- /dev/null
69+++ b/debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch
70@@ -0,0 +1,75 @@
71+From: Michael Biebl <biebl@debian.org>
72+Date: Thu, 18 Jul 2013 01:04:07 +0200
73+Subject: Revert "udev: network device renaming - immediately give up if the
74+ target name isn't available"
75+
76+This reverts commit 97595710b77aa162ca5e20da57d0a1ed7355eaad.
77+
78+We need to keep supporting systems with 75-persistent-net-generator.rules
79+generated names for a while after switching to net.ifnames. Re-apply this old
80+hack to make the renaming less likely to fail.
81+---
82+ src/udev/udev-event.c | 41 ++++++++++++++++++++++++++++++++++++++---
83+ 1 file changed, 38 insertions(+), 3 deletions(-)
84+
85+diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
86+index d0befba..c3ed2da 100644
87+--- a/src/udev/udev-event.c
88++++ b/src/udev/udev-event.c
89+@@ -832,18 +832,53 @@ static int rename_netif(struct udev_event *event) {
90+ char name[IFNAMSIZ];
91+ const char *oldname;
92+ int r;
93++ int loop;
94+
95+ oldname = udev_device_get_sysname(dev);
96+
97+ strscpy(name, IFNAMSIZ, event->name);
98+
99++ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name);
100++ if (r >= 0) {
101++ log_debug("renamed network interface %s to %s\n", oldname, name);
102++ goto out;
103++ }
104++
105++ /* keep trying if the destination interface name already exists */
106++ if (r != -EEXIST)
107++ goto out;
108++
109++ /* free our own name, another process may wait for us */
110++ snprintf(name, IFNAMSIZ, "rename%u", udev_device_get_ifindex(dev));
111+ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name);
112+ if (r < 0)
113+- return log_error_errno(r, "Error changing net interface name '%s' to '%s': %m", oldname, name);
114++ goto out;
115+
116+- log_debug("renamed network interface '%s' to '%s'", oldname, name);
117++ /* log temporary name */
118++ log_debug("renamed network interface %s to %s\n", oldname, name);
119+
120+- return 0;
121++ /* wait a maximum of 90 seconds for our target to become available */
122++ strscpy(name, IFNAMSIZ, event->name);
123++ loop = 90 * 20;
124++ while (loop--) {
125++ const struct timespec duration = { 0, 1000 * 1000 * 1000 / 20 };
126++
127++ nanosleep(&duration, NULL);
128++
129++ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name);
130++ if (r >= 0) {
131++ log_debug("renamed network interface %s to %s\n", oldname, name);
132++ break;
133++ }
134++ if (r != -EEXIST)
135++ break;
136++ }
137++
138++out:
139++ if (r < 0)
140++ log_error("error changing net interface name '%s' to '%s': %s",
141++ oldname, name, strerror(-r));
142++ return r;
143+ }
144+
145+ void udev_event_execute_rules(struct udev_event *event,
146diff --git a/debian/patches/series b/debian/patches/series
147index afe70cd..1ebfb43 100644
148--- a/debian/patches/series
149+++ b/debian/patches/series
150@@ -42,6 +42,7 @@ debian/Add-run-initctl-support-to-SysV-compat-tools.patch
151 debian/Add-note-to-udev.conf-that-changes-to-that-file-requ.patch
152 debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
153 debian/Make-run-lock-tmpfs-an-API-fs.patch
154+debian/Revert-udev-network-device-renaming-immediately-give.patch
155 debian/Add-support-for-TuxOnIce-hibernation.patch
156 debian/Include-additional-directories-in-ProtectSystem.patch
157 debian/Re-enable-journal-forwarding-to-syslog.patch
158@@ -122,3 +123,4 @@ lp1835581-src-network-networkd-dhcp4.c-set-prefsrc-for-classle.patch
159 lp1668771-resolved-switch-cache-option-to-a-tri-state-option-s.patch
160 lp1833671-networkd-keep-bond-slave-up-if-already-attached.patch
161 hwdb-revert-airplane-mode-keys-handling-on-Dell.patch
162+0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch

Subscribers

People subscribed via source and target branches