From: Clemens Gruber <clemens.gruber@pqgruber.com>
To: ptxdist@pengutronix.de
Cc: Clemens Gruber <clemens.gruber@pqgruber.com>
Subject: [ptxdist] [PATCH 03/19] dbus: add upstream patch to avoid blocking at boot time
Date: Fri, 1 Sep 2017 18:39:13 +0200 [thread overview]
Message-ID: <20170901163929.16585-3-clemens.gruber@pqgruber.com> (raw)
In-Reply-To: <20170901163929.16585-1-clemens.gruber@pqgruber.com>
Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
---
...er-expat-Tell-Expat-not-to-defend-against.patch | 74 ++++++++++++++++++++++
patches/dbus-1.10.22/autogen.sh | 1 +
patches/dbus-1.10.22/series | 5 ++
3 files changed, 80 insertions(+)
create mode 100644 patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
create mode 120000 patches/dbus-1.10.22/autogen.sh
create mode 100644 patches/dbus-1.10.22/series
diff --git a/patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch b/patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
new file mode 100644
index 000000000..5289f720f
--- /dev/null
+++ b/patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
@@ -0,0 +1,74 @@
+From: Simon McVittie <smcv@debian.org>
+Date: Fri, 21 Jul 2017 10:46:39 +0100
+Subject: [PATCH] config-loader-expat: Tell Expat not to defend against hash
+ collisions
+
+By default, Expat uses cryptographic-quality random numbers as a salt for
+its hash algorithm, and since 2.2.1 it gets them from the getrandom
+syscall on Linux. That syscall refuses to return any entropy until the
+kernel's CSPRNG (random pool) has been initialized. Unfortunately, this
+can take as long as 40 seconds on embedded devices with few entropy
+sources, which is too long: if the system dbus-daemon blocks for that
+length of time, important D-Bus clients like systemd and systemd-logind
+time out and fail to connect to it.
+
+We're parsing small configuration files here, and we trust them
+completely, so we don't need to defend against hash collisions: nobody
+is going to be crafting them to cause pathological performance.
+
+Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101858
+Signed-off-by: Simon McVittie <smcv@debian.org>
+Tested-by: Christopher Hewitt <hewitt@ieee.org>
+Reviewed-by: Philip Withnall <withnall@endlessm.com>
+
+Upstream commit 1252dc1d1f465b8ab6b36ff7252e395e66a040cf
+Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com>
+---
+ bus/config-loader-expat.c | 14 ++++++++++++++
+ configure.ac | 8 ++++++++
+ 2 files changed, 22 insertions(+)
+
+diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c
+index b571fda3181f..27cbe2d090a0 100644
+--- a/bus/config-loader-expat.c
++++ b/bus/config-loader-expat.c
+@@ -203,6 +203,20 @@ bus_config_load (const DBusString *file,
+ goto failed;
+ }
+
++ /* We do not need protection against hash collisions (CVE-2012-0876)
++ * because we are only parsing trusted XML; and if we let Expat block
++ * waiting for the CSPRNG to be initialized, as it does by default to
++ * defeat CVE-2012-0876, it can cause timeouts during early boot on
++ * entropy-starved embedded devices.
++ *
++ * TODO: When Expat gets a more explicit API for this than
++ * XML_SetHashSalt, check for that too, and use it preferentially.
++ * https://github.com/libexpat/libexpat/issues/91 */
++#if defined(HAVE_XML_SETHASHSALT)
++ /* Any nonzero number will do. https://xkcd.com/221/ */
++ XML_SetHashSalt (expat, 4);
++#endif
++
+ if (!_dbus_string_get_dirname (file, &dirname))
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+diff --git a/configure.ac b/configure.ac
+index 1fabddd190a4..4e9c1de7bafc 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -938,6 +938,14 @@ XML_CFLAGS=
+ AC_SUBST([XML_CFLAGS])
+ AC_SUBST([XML_LIBS])
+
++save_cflags="$CFLAGS"
++save_libs="$LIBS"
++CFLAGS="$CFLAGS $XML_CFLAGS"
++LIBS="$LIBS $XML_LIBS"
++AC_CHECK_FUNCS([XML_SetHashSalt])
++CFLAGS="$save_cflags"
++LIBS="$save_libs"
++
+ # Thread lib detection
+ AC_ARG_VAR([THREAD_LIBS])
+ save_libs="$LIBS"
diff --git a/patches/dbus-1.10.22/autogen.sh b/patches/dbus-1.10.22/autogen.sh
new file mode 120000
index 000000000..9f8a4cb7d
--- /dev/null
+++ b/patches/dbus-1.10.22/autogen.sh
@@ -0,0 +1 @@
+../autogen.sh
\ No newline at end of file
diff --git a/patches/dbus-1.10.22/series b/patches/dbus-1.10.22/series
new file mode 100644
index 000000000..5883e2956
--- /dev/null
+++ b/patches/dbus-1.10.22/series
@@ -0,0 +1,5 @@
+# generated by git-ptx-patches
+#tag:base --start-number 1
+#tag:upstream --start-number 10
+0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
+# 0ea4df42f11d73dba6bd33a9d510501c - git-ptx-patches magic
--
2.14.1
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
next prev parent reply other threads:[~2017-09-01 16:39 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-01 16:39 [ptxdist] [PATCH 01/19] busybox: version bump 1.26.2 -> 1.27.2 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 02/19] dbus: version bump 1.10.18 -> 1.10.22 Clemens Gruber
2017-09-01 16:39 ` Clemens Gruber [this message]
2017-09-01 16:39 ` [ptxdist] [PATCH 04/19] e2fsprogs: version bump 1.43.4 -> 1.43.6 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 05/19] host-imx-cst: version bump 2.3.1 -> 2.3.2 Clemens Gruber
2017-09-04 6:00 ` Denis OSTERLAND
2017-09-05 6:20 ` Michael Olbrich
2017-09-05 7:13 ` Marc Kleine-Budde
2017-09-05 14:59 ` Clemens Gruber
2017-09-06 12:42 ` Michael Olbrich
2017-09-01 16:39 ` [ptxdist] [PATCH 06/19] keyutils: version bump 1.5.9 -> 1.5.10 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 07/19] libcap-ng: version bump 0.7.7 -> 0.7.8 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 08/19] libgcrypt: version bump 1.7.8 -> 1.8.1 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 09/19] mosh: version bump 1.3.0 -> 1.3.2 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 10/19] mosh: make the crypto library configurable Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 11/19] mpg123: version bump 1.25.2 -> 1.25.6 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 12/19] procps: fix configure flags Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 13/19] postgresql: specify the used license Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 14/19] strace: version bump 4.16 -> 4.18 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 15/19] tcpdump: version bump 4.9.0 -> 4.9.1 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 16/19] trace-cmd: version bump 2.5.2 -> 2.6.1 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 17/19] u-boot-tools: version bump 2017.05.0 -> 2017.07.0 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 18/19] util-linux-ng: version bump 2.30 -> 2.30.1 Clemens Gruber
2017-09-01 16:39 ` [ptxdist] [PATCH 19/19] util-linux-ng: add fsfreeze Clemens Gruber
2017-09-02 5:14 ` [ptxdist] [PATCH 01/19] busybox: version bump 1.26.2 -> 1.27.2 Alexander Dahl
2017-09-02 10:51 ` Clemens Gruber
2017-09-02 19:06 ` Alexander Dahl
2017-09-05 15:11 ` Clemens Gruber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170901163929.16585-3-clemens.gruber@pqgruber.com \
--to=clemens.gruber@pqgruber.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox