From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Mon, 04 Apr 2022 13:03:50 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nbKUx-005Zc0-Al for lore@lore.pengutronix.de; Mon, 04 Apr 2022 13:03:50 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1nbKUv-0005bX-6s; Mon, 04 Apr 2022 13:03:49 +0200 Received: from mail-eopbgr70081.outbound.protection.outlook.com ([40.107.7.81] helo=EUR04-HE1-obe.outbound.protection.outlook.com) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nbKUh-0005bG-99; Mon, 04 Apr 2022 13:03:36 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=j8rliBMuZnVNmDSDtCsdlVAyVsbjCDyMK0gcOKWovam8uGo46F6sUmDcOXS0op7oje+Pbc3GCLdTwrLazbJ/vEkVJ6ARgMPFRbOuj8YGsH+OqezVV1wt0d/eGr1CwCG087/xHZADo7JOXgVT0BNf1Z4Sj7Jp5eiqeRjllLCYTnJGv5f6YgSMP+l8Tf2APtByAgAYHtkk3lrzP1tRjt/tgMOkNKTZsZKdfucBf9f2eqVjMjBAt3dgj/bs2/2BVrLcuLjsCbJRIIPXIMqmvMX1Q6dTirTsXqAAT7U4JmIfB944hHDIT7YjvFaLJwHjGUn4evX+6ZyPBeawVtpwbK43gQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=k6ViYgBM04wf/74HXRDMvjyGUgpHM45ZYqqevzrWwfU=; b=X1Hgr551n8EExEz9IAcyyOC7ib0s0EU/rHVRQOgDyLm7qsgPxcZHxX4tj4zyxkfPb7tmEHafGzwrAiCECSYcFqsHLhQdMvohvnmCVnR+FEGm/l/BAv8h0vwY6K7aBPXXuQQRenggmrgnxhtQtDtU6NX2Z3u7JxeAFmVjU73X3MaOaHRv4KKe1ptJfNz9zTRp3wSOEEikQeuVzIiTNtz0wgAqB8Aorwzgi2deLxKvtD14yj3LnYTmrRHMaQfISMk69dcSFYOO9WVaRmdvE8hJgApQs6WLidYcPyAjC0X6aGQNRq3yhEJnc3m4bWMjC4jEzRe4VC0iGY4ba4/a0Bv9Hg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com; dkim=pass header.d=t2data.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=k6ViYgBM04wf/74HXRDMvjyGUgpHM45ZYqqevzrWwfU=; b=IwX5ofWQyZwERA8t+hW1aUbxwh+84QSzGeVYa6y6lD/qL4KjVxhR3Vi0BgPWxJ2LN3scJBetp6x6m/Pn9SaS7JWIy3rwvIVW648WEGNpAYJWbXE4FCflehfJ6AbrBr39Y1/iItaa8WGB1NnAvBpKnsfebJ1i8Zby0XDC8TTqOtI= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by AS8P251MB0310.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:401::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.31; Mon, 4 Apr 2022 11:03:33 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::3ded:58a4:e21d:33db]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::3ded:58a4:e21d:33db%4]) with mapi id 15.20.5123.031; Mon, 4 Apr 2022 11:03:33 +0000 Message-ID: Date: Mon, 4 Apr 2022 13:01:26 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 Content-Language: en-US To: Roland Hieber References: <20220330201706.1065700-1-christian.melki@t2data.com> <20220404104552.3rh5cv6ho7ywzidi@pengutronix.de> From: Christian Melki In-Reply-To: <20220404104552.3rh5cv6ho7ywzidi@pengutronix.de> X-ClientProxiedBy: GV3P280CA0119.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:8::20) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 56fe1fd2-5372-472c-8e68-08da162ac242 X-MS-TrafficTypeDiagnostic: AS8P251MB0310:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LbsykB/F5KaMwzB7aaJWF67Nuy49sckOU+KYUl8LOqTbMb7q65YP1vi1P0h5X3oiheKuQ/2acOmDcaKNfH0srsoaSv1L7HiLFlD8lvLs7VepwLkS7wkPoCKwx2GLA8R6pYmkrcLiS/o8FiCCfsu8PHVCcofshvn9hic1rKYcXwm+Tl7UFEcW8jiIEUvAIyTjk51kWXkbItGk0WTSEn+te6eCsLMESBQj1Lr1bjJ3Ye46o2l7yHX7B77DC+jyCK7t2s2WHQ9ChCskzre+dV2B5PsrfgZCqyAesgIUksVcUiAgO4lYNBlK+P4mjaRvlDwD6y1/uDj5ReZ8eS66Dk6Xtuyb1cXQk7ldBwhO9VqSVUlT4JVx8vZUY3Fuct4s9B6iNVDsd+W5ioxwYB0vJ+R7wnLDjmiPQK0Puts3G/qlzkVnzHBNRSe/c9xq/MpAl0In3NCcpn/lEk2upbUCSSOZGORgKMMwB0aRVTgVXWUVxlFWm6eFBGd7H5UtLEKJMJe7p49NZ6/8ztvzJTQuuy7USkAWYJh43A8/Ap/5VTTr/AKbiQDSZquHjV8s2iFqCnAGp5TGccIQ2W7cSM9Enpt7QmJAz2zVgePWDJzOh1UVdTf3bHdtaueBoIYvAeVwWyCssFUilUeqJneQOmEaoYIDu7eCE+nOeykyBP1QxQJEGHsJBlaPIy94/N1qZMw928A5OM3/0N8qSdYzsj4fiymOtZp8JX6PykMW9NADn6CVdnIo1jM8vyidkEaz7GZmoFSc8tPis0Q4fxwDd78TMHVUEQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(136003)(396003)(376002)(346002)(39830400003)(366004)(5660300002)(6512007)(6486002)(2616005)(86362001)(8936002)(38350700002)(38100700002)(6506007)(53546011)(44832011)(31696002)(52116002)(6666004)(2906002)(508600001)(66476007)(66556008)(26005)(186003)(83380400001)(316002)(6916009)(31686004)(450100002)(36756003)(8676002)(66946007)(4326008)(45980500001)(43740500002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?ekJ6NHViUWVpeUhDRFc5Wm1Dc0gwalM2aTVJRTQyZTdUcWxKVTk4ZUUyVUdF?= =?utf-8?B?TGcvZnlXZ0ZtdWlBV0t2NXkwVlVPL0J6RlZOcUtwMTYvNk9iQXdiMzRCK29t?= =?utf-8?B?M29DMkVDcmVQQVVBMjdEeUtYRENiVkpvd0dLWVhEbUZOVHZOenFKYnpDTlE5?= =?utf-8?B?Yno5MXVhYlBHZ0VRY3hjc1I2YVB1NEE4bjVybFhqYmd1U291VEY1cElrRkd6?= =?utf-8?B?RzBCeEpKT3JnMnlieDV3eTNMakhpRHAxK1ZsRk5RMVE3YVR6UnRkMWRmZEVK?= =?utf-8?B?Sms0WnV5VGhIby9CSm9sczlxRmVmbTdSK3FFaDJYNFE1d280RXVYdWhYZjVq?= =?utf-8?B?NDRKM3JPTXBJeDJXQXRIOTFDaHZUcGdpSDkyVFFkcW5RRzAyNUNlcm1ZUERP?= =?utf-8?B?MUVSUFNqcUVVeHlhUXpQazIrQUtPV21RWmp2aVJtZlZzTXZLOXVoWlREM3NF?= =?utf-8?B?UVBsRTVjcE5uckNkOHkzdGUrTnc1YzBRNDBTQXVGM2Erck1vbTgzVUwvV3FH?= =?utf-8?B?dC82ZUl5Y1BXTTF5dllsV0ZiM2c4RWlGL0xCSjFOdk1YSWJyNmNuYXZQdHcz?= =?utf-8?B?bE91cm1VY3lpTUxXcjc1blB1MjljejlXTVJqczJmWHBaYmRBdVlZNGdvZlJu?= =?utf-8?B?M3dsR1YxMGNZbHpTZ0hiTC9kT2RCM0h6b3lqeUpPR3dHZVFPb3NWSmZoMVBa?= =?utf-8?B?ZFNmM0creDNGSFcrZWJ1eW9qTkFUaDdCNy9ZNGl2di9sclo0VzJUZHgweGoy?= =?utf-8?B?amttTVpUbTVNdzFPbjZkZU42czBLS2dDTEo5MjB5OWVLQ0VwbVBOcHJwVmpx?= =?utf-8?B?N0ZpTjdIb2l4dGdHcndHSFlBUG91Uitxck94U1o4ZWZPOVpHUkFKQlpuOWY1?= =?utf-8?B?TEh2cVVYenhYV3Q4ZEcyVW1qNVc2WkQyQnI1SWR2alU3ZXpOaFRQSFpCTTB4?= =?utf-8?B?bjNNRzl1a3l6NVAya0NRTXdCaVorOEtOQSt0QVpMMitFeGU0UTRJOU56c0p6?= =?utf-8?B?ZzRRV0xpaTliUjFxRW9rdWM4ZisrMURBT0Noa1FhVXA1TmM2N0VTSjFPb2Qx?= =?utf-8?B?dkY2OEcxdjZTSEZXa2pnNHFyaXo1UHduMitnOVkxekpvNWUrYjZtc2tvVGZr?= =?utf-8?B?bDhjSTJqUG5zU2lnOWF2bnVVdFVZbmNacWlSRi8xdDhBTU9JaWRwWXQzNVR1?= =?utf-8?B?NWlWSzlGN29GNHI4Z1ptUEluLy9Lb0FjUUZyVWVpT25NbjU5bU9nSldPSHll?= =?utf-8?B?NEtjRFFzcnlzdDNRTFRHanhvNStWc0RXMEM0VWJYTWdZMHJJVVJlaXBPY0tT?= =?utf-8?B?OGxQSTZGUmJuaGRvUUNXeGRtb1lrNVJhaHl0aWlpY2ZSNVpIclFZbVVOSEVo?= =?utf-8?B?R0ZSWDhwNmVMTFU3UkZlR05BRXI3VHVSMGhZczNDb1RyT0JBbzRXaDd5Rmkz?= =?utf-8?B?MUVMNWJmWmtrRFp6bGtQVS92K2lZVUxZenhHUTFSajFwck5zNjBkZUNybmYw?= =?utf-8?B?Rm9zOHVHSmM0Q3lIUGhxS2E1NmRMTFFQRE9pYno5QnNJSDlxelUxVFRqeDVY?= =?utf-8?B?cHh0Nkt5Sk1XeS9qZnVabnp3b0pwRGJaazNDS2IyQWNHU0dueExYQ2NnZ1lZ?= =?utf-8?B?Y2xOemRIeDRaUFdPdERnb2dVMS9RZnJXU2tYNi9IWUJ6R0d6K2pWN0pjZ3ox?= =?utf-8?B?eDJXWGNnN1JieklWUjFIazlaN0pHSlptVkdxY1FZVXFmT2NsbnVDN2JMK2lQ?= =?utf-8?B?WUtEU0gxUGVRVWxUcitUbFZpRzdOUVBFRnNNU3dQNi9ZbDByQmJyQmdwMDlY?= =?utf-8?B?bVNzZkNYL2IrMVVUMGxrOFpvWXgyVC9RY2Z6YUFRR0pTMUtEVUFSb2lIN09h?= =?utf-8?B?V1ZDV3Nqd0FvWG5qNEhlM2FPYjFYQjVhVGhQRXl1L2pDWm9ZZGxuUm1RNWxv?= =?utf-8?B?ajVnbzdQc1A1T1A3QXp1dW55TnpoR3U2QTdSS1J5NzlCTVJnWS94YmZ2WHBG?= =?utf-8?B?Y0RxemE4V253cnFtcytDMGFtamhBNWxjSmFmdm9HaVkxREUySlBvSEthOVpF?= =?utf-8?B?MXpRTG0xTEZxWlBIRGN4Nk5hMm44L3U4MUpHbHYyN214eFROMVQreDFKeGZo?= =?utf-8?B?dXRVQWdUWDRzUjd2WHNZUDhUQkVPWDVBdkNjNUd1U1hOSU9zY0VZd2FzQ2ZR?= =?utf-8?B?SDJxeXZGaTFYV1h1QnZpeGlJQTJZQWZhck9jREJXNXA2R3BIaVlvbHNaSS8z?= =?utf-8?B?MVA4b3JBVERRREVRY3dKNEs2SEFIVWN1K1VrZEMwcDdZR29ycHRLYVZ6d2t4?= =?utf-8?B?UWxjSi94MjZzMGlDcDV0bllLeTFBNmhTc1g4YkFMbDVnbVhvNDZmTzM2b0dS?= =?utf-8?Q?pemMdmRC6m7I6M8Q=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: 56fe1fd2-5372-472c-8e68-08da162ac242 X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Apr 2022 11:03:33.1811 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: hAfXNPyibsCd05Tm0uifXzK492WpMiYX07WZWYJvgg9HK6htcU/QB6N53f3CSfHdFdxorxLNMAiqj5/1Sbs/bTwRxw75qPwhWWynGGskm8k= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P251MB0310 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.4 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,NICE_REPLY_A,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Subject: Re: [ptxdist] [PATCH v3] openssh: Version bump. v8.8p1 -> v8.9p1 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: ptxdist@pengutronix.de Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false On 4/4/22 12:45 PM, Roland Hieber wrote: > On Wed, Mar 30, 2022 at 10:17:06PM +0200, Christian Melki wrote: >> Security miss, integer overflow in the user auth path. >> Not exploitable due to privsep. >> >> * Update license. md5crypt removed, bcrypt relicensed. >> 4-Clause license removed. >> * Minor spelling fixes in the license file. >> * Remove configure option due to the removal of md5crypt. >> * Add patch to improve detection of -fzero-call-used-regs=all on arm. >> * Add rerun of autotools since patch touces m4 files. >> >> Signed-off-by: Christian Melki >> --- >> ...n-of-fzero-call-used-regs-all-suppor.patch | 31 +++++++++++++++++++ >> patches/openssh-8.9p1/autogen.sh | 1 + >> patches/openssh-8.9p1/series | 4 +++ > > I guess rules/openssh.make is the same as in v2? > > - Roland > Yes, the only addition in v3 being the regeneration of autoconf stuff due to touching m4 files. Hence the last comment. I missed that one in v2 after I added the patch. I haven't been able to reproduce the actual error Mol triggered, but the fix seems to target precisely that issue, so I was hoping it fixed his build errors on ARM. >> 3 files changed, 36 insertions(+) >> create mode 100644 patches/openssh-8.9p1/0001-Improve-detection-of-fzero-call-used-regs-all-suppor.patch >> create mode 120000 patches/openssh-8.9p1/autogen.sh >> create mode 100644 patches/openssh-8.9p1/series >> >> diff --git a/patches/openssh-8.9p1/0001-Improve-detection-of-fzero-call-used-regs-all-suppor.patch b/patches/openssh-8.9p1/0001-Improve-detection-of-fzero-call-used-regs-all-suppor.patch >> new file mode 100644 >> index 000000000..70b075ae7 >> --- /dev/null >> +++ b/patches/openssh-8.9p1/0001-Improve-detection-of-fzero-call-used-regs-all-suppor.patch >> @@ -0,0 +1,31 @@ >> +From: Colin Watson >> +Date: Thu, 24 Feb 2022 16:04:18 +0000 >> +Subject: [PATCH] Improve detection of -fzero-call-used-regs=all support >> + >> +GCC doesn't tell us whether this option is supported unless it runs into >> +the situation where it would need to emit corresponding code. >> +--- >> + m4/openssh.m4 | 3 +++ >> + 1 file changed, 3 insertions(+) >> + >> +diff --git a/m4/openssh.m4 b/m4/openssh.m4 >> +index 4f9c3792dc17..8c33c701b8b4 100644 >> +--- a/m4/openssh.m4 >> ++++ b/m4/openssh.m4 >> +@@ -14,6 +14,8 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ >> + AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ >> + #include >> + #include >> ++/* Trivial function to help test for -fzero-call-used-regs */ >> ++void f(int n) {} >> + int main(int argc, char **argv) { >> + (void)argv; >> + /* Some math to catch -ftrapv problems in the toolchain */ >> +@@ -21,6 +23,7 @@ int main(int argc, char **argv) { >> + float l = i * 2.1; >> + double m = l / 0.5; >> + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; >> ++ f(0); >> + printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); >> + /* >> + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does >> diff --git a/patches/openssh-8.9p1/autogen.sh b/patches/openssh-8.9p1/autogen.sh >> new file mode 120000 >> index 000000000..9f8a4cb7d >> --- /dev/null >> +++ b/patches/openssh-8.9p1/autogen.sh >> @@ -0,0 +1 @@ >> +../autogen.sh >> \ No newline at end of file >> diff --git a/patches/openssh-8.9p1/series b/patches/openssh-8.9p1/series >> new file mode 100644 >> index 000000000..eb319a82b >> --- /dev/null >> +++ b/patches/openssh-8.9p1/series >> @@ -0,0 +1,4 @@ >> +# generated by git-ptx-patches >> +#tag:base --start-number 1 >> +0001-Improve-detection-of-fzero-call-used-regs-all-suppor.patch >> +# 35e561a03b8e1fd58ce4b40b565cdd3f - git-ptx-patches magic >> -- >> 2.32.0 >> >> >> _______________________________________________ >> ptxdist mailing list >> ptxdist@pengutronix.de >> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de >> > _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de