Merge ~fourdollars/ubuntu/+source/systemd:ubuntu-disco into ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-disco

Proposed by Shih-Yuan Lee on 2019-09-05
Status: Merged
Merged at revision: ff3f611956d9483bf5f8e780e9d5b67ab996b17c
Proposed branch: ~fourdollars/ubuntu/+source/systemd:ubuntu-disco
Merge into: ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-disco
Diff against target: 176 lines (+141/-0)
4 files modified
debian/changelog (+19/-0)
debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch (+31/-0)
debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch (+89/-0)
debian/patches/series (+2/-0)
Reviewer Review Type Date Requested Status
Robert Ancell 2019-09-05 Approve on 2019-09-06
Review via email: mp+372334@code.launchpad.net
To post a comment you must log in.
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 26816f5..0b600be 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,22 @@
6+systemd (240-6ubuntu5.7) disco; urgency=medium
7+
8+ * d/p/d/Revert-udev-network-device-renaming-immediately-give.patch:
9+ - udev: add Revert-udev-network-device-renaming-immediately-give.patch back
10+ Dropping this patch will cause the persistent network regression.
11+ (LP: #1842651)
12+
13+ -- Shih-Yuan Lee (FourDollars) <sylee@canonical.com> Thu, 05 Sep 2019 19:01:29 +0800
14+
15+systemd (240-6ubuntu5.6) disco-security; urgency=medium
16+
17+ * SECURITY UPDATE: Unprivileged users are granted access to privileged
18+ systemd-resolved D-Bus methods
19+ - d/p/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch:
20+ drop trusted annotation from bus_open_system_watch_bind_with_description()
21+ - CVE-2019-15718
22+
23+ -- Chris Coulson <chris.coulson@canonical.com> Thu, 29 Aug 2019 23:29:13 +0100
24+
25 systemd (240-6ubuntu5.4) disco; urgency=medium
26
27 [ You-Sheng Yang ]
28diff --git a/debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch b/debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch
29new file mode 100644
30index 0000000..8186f70
31--- /dev/null
32+++ b/debian/patches/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch
33@@ -0,0 +1,31 @@
34+From 35e528018f315798d3bffcb592b32a0d8f5162bd Mon Sep 17 00:00:00 2001
35+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
36+Date: Tue, 27 Aug 2019 19:00:34 +0200
37+Subject: [PATCH] shared/but-util: drop trusted annotation from
38+ bus_open_system_watch_bind_with_description()
39+
40+https://bugzilla.redhat.com/show_bug.cgi?id=1746057
41+
42+This only affects systemd-resolved. bus_open_system_watch_bind_with_description()
43+is also used in timesyncd, but it has no methods, only read-only properties, and
44+in networkd, but it annotates all methods with SD_BUS_VTABLE_UNPRIVILEGED and does
45+polkit checks.
46+---
47+ src/shared/bus-util.c | 4 ----
48+ 1 file changed, 4 deletions(-)
49+
50+diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
51+index 6af115e7aa..821339d4ae 100644
52+--- a/src/shared/bus-util.c
53++++ b/src/shared/bus-util.c
54+@@ -1705,10 +1705,6 @@ int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *descri
55+ if (r < 0)
56+ return r;
57+
58+- r = sd_bus_set_trusted(bus, true);
59+- if (r < 0)
60+- return r;
61+-
62+ r = sd_bus_negotiate_creds(bus, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS);
63+ if (r < 0)
64+ return r;
65diff --git a/debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch b/debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch
66new file mode 100644
67index 0000000..e8bf17b
68--- /dev/null
69+++ b/debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch
70@@ -0,0 +1,89 @@
71+From: Michael Biebl <biebl@debian.org>
72+Date: Thu, 18 Jul 2013 01:04:07 +0200
73+Subject: Revert "udev: network device renaming - immediately give up if the
74+ target name isn't available"
75+
76+This reverts commit 97595710b77aa162ca5e20da57d0a1ed7355eaad.
77+
78+We need to keep supporting systems with 75-persistent-net-generator.rules
79+generated names for a while after switching to net.ifnames. Re-apply this old
80+hack to make the renaming less likely to fail.
81+---
82+ src/udev/udev-event.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++-----
83+ 1 file changed, 46 insertions(+), 5 deletions(-)
84+
85+diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
86+index 07b7365..f67b295 100644
87+--- a/src/udev/udev-event.c
88++++ b/src/udev/udev-event.c
89+@@ -680,6 +680,7 @@ static int rename_netif(UdevEvent *event) {
90+ const char *action, *oldname;
91+ char name[IFNAMSIZ];
92+ int ifindex, r;
93++ int loop;
94+
95+ if (!event->name)
96+ return 0; /* No new name is requested. */
97+@@ -705,17 +706,57 @@ static int rename_netif(UdevEvent *event) {
98+ return log_device_error_errno(dev, r, "Failed to get ifindex: %m");
99+
100+ strscpy(name, IFNAMSIZ, event->name);
101++
102+ r = rtnl_set_link_name(&event->rtnl, ifindex, name);
103+- if (r < 0)
104+- return log_device_error_errno(dev, r, "Failed to rename network interface %i from '%s' to '%s': %m", ifindex, oldname, name);
105++ if (r >= 0) {
106++ r = device_rename(dev, event->name);
107++ if (r < 0)
108++ return log_warning_errno(r, "Network interface %i is renamed from '%s' to '%s', but could not update sd_device object: %m", ifindex, oldname, name);
109++
110++ log_device_debug(dev, "Network interface %i is renamed from '%s' to '%s'", ifindex, oldname, name);
111++
112++ return 1;
113++ }
114++
115++ /* keep trying if the destination interface name already exists */
116++ if (r != -EEXIST)
117++ goto out;
118+
119+- r = device_rename(dev, event->name);
120++ /* free our own name, another process may wait for us */
121++ snprintf(name, IFNAMSIZ, "rename%u", ifindex);
122++ r = rtnl_set_link_name(&event->rtnl, ifindex, name);
123+ if (r < 0)
124+- return log_warning_errno(r, "Network interface %i is renamed from '%s' to '%s', but could not update sd_device object: %m", ifindex, oldname, name);
125++ goto out;
126+
127++ /* log temporary name */
128+ log_device_debug(dev, "Network interface %i is renamed from '%s' to '%s'", ifindex, oldname, name);
129+
130+- return 1;
131++ /* wait a maximum of 90 seconds for our target to become available */
132++ strscpy(name, IFNAMSIZ, event->name);
133++ loop = 90 * 20;
134++ while (loop--) {
135++ const struct timespec duration = { 0, 1000 * 1000 * 1000 / 20 };
136++
137++ nanosleep(&duration, NULL);
138++
139++ r = rtnl_set_link_name(&event->rtnl, ifindex, name);
140++ if (r >= 0) {
141++ r = device_rename(dev, event->name);
142++ if (r < 0)
143++ return log_warning_errno(r, "Network interface %i is renamed from '%s' to '%s', but could not update sd_device object: %m", ifindex, oldname, name);
144++
145++ log_device_debug(dev, "Network interface %i is renamed from '%s' to '%s'", ifindex, oldname, name);
146++
147++ return 1;
148++ }
149++ if (r != -EEXIST)
150++ goto out;
151++ }
152++
153++out:
154++ if (r < 0)
155++ return log_device_error_errno(dev, r, "Failed to rename network interface %i from '%s' to '%s': %m", ifindex, oldname, name);
156++ return r;
157+ }
158+
159+ static int update_devnode(UdevEvent *event) {
160diff --git a/debian/patches/series b/debian/patches/series
161index 3a69a3a..eaf2648 100644
162--- a/debian/patches/series
163+++ b/debian/patches/series
164@@ -54,6 +54,7 @@ core-when-we-uninstall-a-job-add-unit-to-dbus-queue.patch
165 debian/Use-Debian-specific-config-files.patch
166 debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
167 debian/Make-run-lock-tmpfs-an-API-fs.patch
168+debian/Revert-udev-network-device-renaming-immediately-give.patch
169 debian/Add-support-for-TuxOnIce-hibernation.patch
170 debian/Re-enable-journal-forwarding-to-syslog.patch
171 debian/Don-t-enable-audit-by-default.patch
172@@ -149,3 +150,4 @@ ask-password-prevent-buffer-overrow-when-reading-fro.patch
173 rdrand-workaround-on-amd.patch
174 lp1835581-src-network-networkd-dhcp4.c-set-prefsrc-for-classle.patch
175 lp1668771-resolved-switch-cache-option-to-a-tri-state-option-s.patch
176+0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch

Subscribers

People subscribed via source and target branches