packages/pcp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:18ce73c55f43c33c35ce600107671bf2f10477db
Branches Tags
packages:main
...
compare: packages:aab2032fcf64ed1302b85b559b6df842ea9b3800
Branches Tags
packages:main

10 Commits
18ce73c55f ... aab2032fcf

Author SHA1 Message Date
openeuler-ci-bot
aab2032fcf
!130 [sync] PR-128: Add requires pcp-zeroconf to pcp-system-tools 
From: @openeuler-sync-bot 
Reviewed-by: @wk333 
Signed-off-by: @wk333
 2024-10-29 11:16:13 +00:00
lyn1001
a9ad35fee8 Add requires pcp-zeroconf to pcp-system-tools 
(cherry picked from commit 28e11e73488bd0c721f8f98a557b07a0a711e59f)
 2024-10-29 19:15:24 +08:00
openeuler-ci-bot
3c6b4a8a95
!125 [sync] PR-123: Fix CVE-2024-45769,CVE-2024-45770 
From: @openeuler-sync-bot 
Reviewed-by: @wk333 
Signed-off-by: @wk333
 2024-10-15 03:02:58 +00:00
wk333
36c05f42da Fix CVE-2024-45769,CVE-2024-45770 
(cherry picked from commit f50a4ec4c2be3ade5c04025df8e5aabfc6a18cef)
 2024-10-14 17:29:32 +08:00
openeuler-ci-bot
a47dd530d6
!120 [sync] PR-118: support building with clang 
From: @openeuler-sync-bot 
Reviewed-by: @wk333 
Signed-off-by: @wk333
 2024-09-03 11:08:40 +00:00
wangqiang
9ab5aaf4b6 Support for specified CC 
(cherry picked from commit b6e518e1a310e63051f4643fdc0a0d0db08cb3ee)
 2024-09-03 19:07:15 +08:00
openeuler-ci-bot
f477bd21cf
!114 [sync] PR-112: fix build error for loongarch64 
From: @openeuler-sync-bot 
Reviewed-by: @wk333 
Signed-off-by: @wk333
 2024-06-06 11:54:11 +00:00
Wenlong Zhang
ab1a5efb64 fix build error for loongarch64 
(cherry picked from commit 6a5b5cd6ff9d66d6c0227d4577d4ffb772b62f2d)
 2024-06-06 19:53:45 +08:00
openeuler-ci-bot
4647b9c37e
!109 [sync] PR-107: Update to 6.2.2 for fix CVE-2023-6917 
From: @openeuler-sync-bot 
Reviewed-by: @wk333 
Signed-off-by: @wk333
 2024-05-30 09:33:26 +00:00
wk333
ebd58e2b93 Update to 6.2.2 for fix CVE-2023-6917 
(cherry picked from commit 9bc7729ec56722c725d5d9978dc0507a68c56113)
 2024-05-30 15:34:25 +08:00
9 changed files with 2174 additions and 95 deletions
Show Stats Expand all files Collapse all files

44
0001-riscv-config-pmdabpf_arch-value.patch
View File

@ -1,44 +0,0 @@
From 63057ef329a5d5450b60f0ca66cb1dc0ab1853b2 Mon Sep 17 00:00:00 2001
From: Kai Zhang <zhangkai@iscas.ac.cn>
Date: Wed, 20 Mar 2024 19:46:30 +0800
Subject: [PATCH] riscv: config pmdabpf_arch value
Configure scripts use pmdabpf_arch to refer to architecture
directory of iovisor/bcc/libbpf-tools, which hold kernel
vmlinux.h. For RISC-V, the unique directory name is 'riscv'.
We need to sed uname's value riscv64 etc. to adapt this.
Signed-off-by: Kai Zhang <zhangkai@iscas.ac.cn>
---
configure | 2 +-
configure.ac | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure b/configure
index 14e8c3cf5..b0f7dae89 100755
--- a/configure
+++ b/configure
@@ -9105,7 +9105,7 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking BPF CO-RE architecture identifier" >&5
printf %s "checking BPF CO-RE architecture identifier... " >&6; }
-pmdabpf_arch=`uname -m | sed 's/x86_64/x86/' | sed 's/aarch64/arm64/' | sed 's/ppc64le/powerpc/' | sed 's/mips.*/mips/'`
+pmdabpf_arch=`uname -m | sed 's/x86_64/x86/' | sed 's/aarch64/arm64/' | sed 's/ppc64le/powerpc/' | sed 's/mips.*/mips/' | sed 's/riscv.*/riscv/'`
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $pmdabpf_arch" >&5
printf "%s\n" "$pmdabpf_arch" >&6; }
diff --git a/configure.ac b/configure.ac
index f8e855019..51887d26c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1172,7 +1172,7 @@
dnl Get BPF CO-RE arch identifier
AC_MSG_CHECKING([BPF CO-RE architecture identifier])
-pmdabpf_arch=`uname -m | sed 's/x86_64/x86/' | sed 's/aarch64/arm64/' | sed 's/ppc64le/powerpc/' | sed 's/mips.*/mips/'`
+pmdabpf_arch=`uname -m | sed 's/x86_64/x86/' | sed 's/aarch64/arm64/' | sed 's/ppc64le/powerpc/' | sed 's/mips.*/mips/' | sed 's/riscv.*/riscv/'`
AC_SUBST(pmdabpf_arch)
AC_MSG_RESULT($pmdabpf_arch)
--
2.43.0

BIN
pcp-6.1.1.src.tar.gz → 6.2.2.tar.gz
View File

Binary file not shown.

31
CVE-2024-3019.patch
View File

@ -1,31 +0,0 @@
From 3bde240a2acc85e63e2f7813330713dd9b59386e Mon Sep 17 00:00:00 2001
From: Nathan Scott <nathans@redhat.com>
Date: Wed, 27 Mar 2024 14:51:28 +1100
Subject: [PATCH] pmproxy: disable Redis protocol proxying by default
origin: https://github.com/performancecopilot/pcp/commit/3bde240a2acc85e63e2f7813330713dd9b59386e
If a redis-server has been locked down in terms of connections,
we want to prevent pmproxy from being allowed to send arbitrary
RESP commands to it.
This protocol proxying doesn't affect PCP functionality at all,
its more of a developer/sysadmin convenience when Redis used in
cluster mode (relatively uncommon compared to localhost mode).
---
src/pmproxy/pmproxy.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/pmproxy/pmproxy.conf b/src/pmproxy/pmproxy.conf
index e54891792e..4cbc1c96af 100644
--- a/src/pmproxy/pmproxy.conf
+++ b/src/pmproxy/pmproxy.conf
@@ -29,7 +29,7 @@ pcp.enabled = true
http.enabled = true
# support Redis protocol proxying
-redis.enabled = true
+redis.enabled = false
# support SSL/TLS protocol wrapping
secure.enabled = true

11
fix-check-static-when-build-by-clang.patch Normal file
View File

@ -0,0 +1,11 @@
diff -Nur a/src/libpcp/src/check-statics b/src/libpcp/src/check-statics
--- a/src/libpcp/src/check-statics 2024-09-03 16:45:00.384830188 +0800
+++ b/src/libpcp/src/check-statics 2024-09-03 16:46:04.184830354 +0800
@@ -254,6 +254,7 @@
?__emutls_v.curcontext # thread private (*BSD, MinGW)
?__emutls_t.curr_ctxp # thread private (*BSD, MinGW)
?__emutls_t.curr_handle # thread private (*BSD, MinGW)
+ __pmDumpContext # llvm
derive_fetch.o
?promote # const

148
pcp.spec
View File

@ -1,15 +1,18 @@
%global vendor %{?_vendor:%{_vendor}}%{!?_vendor:openEuler}
Name: pcp
Version: 6.1.1
Version: 6.2.2
Release: 5
Summary: System-level performance monitoring and performance management
License: GPL-2.0-or-later AND LGPL-2.1-or-later AND CC-BY-3.0
URL: https://pcp.io
Source0: https://github.com/performancecopilot/pcp/releases/pcp-%{version}.src.tar.gz
Patch0: 0001-riscv-config-pmdabpf_arch-value.patch
Patch1: CVE-2024-3019.patch
Source0: https://github.com/performancecopilot/pcp/archive/refs/tags/%{version}.tar.gz
Patch0: fix-check-static-when-build-by-clang.patch
Patch1: redhat-issues-RHEL-57796-pmcd-pmstore-corruption.patch
Patch2: redhat-issues-RHEL-57799-pmpost-symlink-handling.patch
Patch3: redhat-issues-RHEL-34586-pmproxy-pmcd-fd-leak.patch
Patch4: redhat-issues-RHEL-57788-pmdahacluster-update.patch
# The additional linker flags break out-of-tree PMDAs.
# https://bugzilla.redhat.com/show_bug.cgi?id=2043092
@ -47,7 +50,11 @@ Patch1: CVE-2024-3019.patch
%global disable_bcc 0
# support for pmdabpf, check bcc.spec for supported architectures of libbpf-tools
%ifarch loongarch64
%global disable_bpf 1
%else
%global disable_bpf 0
%endif
# support for pmdabpftrace, check bpftrace.spec for supported architectures of bpftrace
%global disable_bpftrace 0
@ -85,6 +92,8 @@ Patch1: CVE-2024-3019.patch
# rpm producing "noarch" packages
%global disable_noarch 0
%global disable_arrow 1
%global disable_xlsx 1
# prevent conflicting binary and man page install for pcp(1)
@ -393,9 +402,11 @@ Requires: pcp-pmda-bpf
Requires: pcp-pmda-bpftrace
%endif
%if !%{disable_python3}
Requires: pcp-geolocate pcp-export-pcp2openmetrics pcp-export-pcp2json
Requires: pcp-export-pcp2spark pcp-export-pcp2xml pcp-export-pcp2zabbix
Requires: pcp-pmda-gluster pcp-pmda-zswap pcp-pmda-unbound pcp-pmda-mic
Requires: pcp-pmda-libvirt pcp-pmda-lio pcp-pmda-openmetrics pcp-pmda-haproxy
Requires: pcp-pmda-lmsensors pcp-pmda-netcheck pcp-pmda-rabbitmq
Requires: pcp-pmda-lmsensors pcp-pmda-netcheck pcp-pmda-rabbitmq pcp-pmda-uwsgi
Requires: pcp-pmda-openvswitch
%endif
%if !%{disable_mongodb}
@ -666,6 +677,22 @@ Requires: python3-pcp = %{version}-%{release}
Performance Co-Pilot (PCP) front-end tools for exporting metric values
in JSON format.
#
# pcp-export-pcp2openmetrics
#
%package export-pcp2openmetrics
License: GPL-2.0-or-later
Summary: Performance Co-Pilot tools for exporting PCP metrics in OpenMetrics format
URL: https://pcp.io
Requires: pcp-libs >= %{version}-%{release}
%if !%{disable_python3}
Requires: python3-pcp = %{version}-%{release}
%endif
%description export-pcp2openmetrics
Performance Co-Pilot (PCP) front-end tools for exporting metric values
in OpenMetrics (https://openmetrics.io/) format.
#
# pcp-export-pcp2spark
#
@ -683,6 +710,26 @@ Performance Co-Pilot (PCP) front-end tools for exporting metric values
in JSON format to Apache Spark. See https://spark.apache.org/ for
further details on Apache Spark.
#
# pcp-export-pcp2arrow
#
%if !%{disable_arrow}
%package export-pcp2arrow
License: GPL-2.0-or-later
Summary: Performance Co-Pilot tools for exporting PCP metrics to Apache Arrow
URL: https://pcp.io
Requires: pcp-libs >= %{version}-%{release}
%if !%{disable_python3}
Requires: python3-pcp = %{version}-%{release}
Requires: python3-pyarrow
BuildRequires: python3-pyarrow
%endif
%description export-pcp2arrow
Performance Co-Pilot (PCP) front-end tool for exporting metric values
to Apache Arrow, which supports the columnar parquet data format.
%endif
#
# pcp-export-pcp2xlsx
#
@ -1492,6 +1539,22 @@ This package contains the PCP Performance Metrics Domain Agent (PMDA) for
collecting metrics about RabbitMQ message queues.
#end pcp-pmda-rabbitmq
#
# pcp-pmda-uwsgi
#
%package pmda-uwsgi
License: GPL-2.0-or-later
Summary: Performance Co-Pilot (PCP) metrics from uWSGI servers
URL: https://pcp.io
Requires: pcp = %{version}-%{release} pcp-libs = %{version}-%{release}
%if !%{disable_python3}
Requires: python3-pcp
%endif
%description pmda-uwsgi
This package contains the PCP Performance Metrics Domain Agent (PMDA) for
collecting metrics from uWSGI servers.
#end pcp-pmda-uwsgi
#
# pcp-pmda-lio
#
@ -1960,6 +2023,7 @@ License: GPL-2.0-or-later
Summary: Performance Co-Pilot (PCP) System and Monitoring Tools
URL: https://pcp.io
Requires: pcp = %{version}-%{release} pcp-libs = %{version}-%{release}
Requires: pcp-zeroconf = %{version}-%{release}
%if !%{disable_python3}
%if !%{disable_python3}
Requires: python3-pcp = %{version}-%{release}
@ -2037,7 +2101,14 @@ updated policy package.
%prep
%autosetup -p1
%setup -q
%if "%{?toolchain}" == "clang"
%patch -P0 -p1
%endif
%patch -P1 -p1
%patch -P2 -p1
%patch -P3 -p1
%patch -P4 -p1
%build
# the buildsubdir macro gets defined in %%setup and is apparently only available in the next step (i.e. the %%build step)
@ -2048,7 +2119,10 @@ _build=`echo %{release} | sed -e 's/\..*$//'`
sed -i "/PACKAGE_BUILD/s/=[0-9]*/=$_build/" VERSION.pcp
export PYTHON=python%{?default_python}
%configure %{?_with_initd} %{?_with_doc} %{?_with_dstat} %{?_with_ib} %{?_with_statsd} %{?_with_perfevent} %{?_with_bcc} %{?_with_bpf} %{?_with_bpftrace} %{?_with_json} %{?_with_mongodb} %{?_with_snmp} %{?_with_nutcracker} %{?_with_python2}
%if "%{?toolchain}" == "clang"
export HOSTCC=clang
%endif
%configure %{?_with_initd} %{?_with_doc} %{?_with_dstat} %{?_with_ib} %{?_with_statsd} %{?_with_perfevent} %{?_with_bcc} %{?_with_bpf} %{?_with_bpftrace} %{?_with_json} %{?_with_mongodb} %{?_with_snmp} %{?_with_nutcracker} %{?_with_python3}
make %{?_smp_mflags} default_pcp
pushd src/pmdas/bpf/modules
@ -2133,7 +2207,7 @@ sed -i '/.a$/d' pcp-devel-files
sed -i '/\/man\//d' pcp-devel-files
sed -i '/\/include\//d' pcp-devel-files
%ifarch x86_64 ppc64 ppc64le aarch64 s390x riscv64
%ifarch x86_64 ppc64 ppc64le aarch64 s390x riscv64 loongarch64
sed -i -e 's/usr\/lib\//usr\/lib64\//' pcp-libs-files
sed -i -e 's/usr\/lib\//usr\/lib64\//' pcp-devel-files
sed -i -e 's/usr\/lib\//usr\/lib64\//' pcp-libs-devel-files
@ -2148,7 +2222,7 @@ sed -i -e 's/usr\/lib\//usr\/lib64\//' pcp-libs-devel-files
# some special cases for devel
awk '{print $NF}' $DIST_MANIFEST |\
grep -E 'pcp\/(examples|demos)|(etc/pcp|pcp/pmdas)\/(sample|simple|trivial|txmon)|bin/(pmdbg|pmclient|pmerr|genpmda)' | grep -E -v tutorials >>pcp-devel-files
grep -E 'pcp/(examples|demos)|(etc/pcp|pcp/pmdas)/(sample|simple|trivial|txmon)|bin/(pmdbg|pmclient|pmerr|genpmda)' | grep -E -v tutorials >>pcp-devel-files
# Patterns for files to be marked %%config(noreplace).
# Note: /etc/pcp.{conf,env,sh} are %%config but not noreplace
@ -2182,11 +2256,11 @@ basic_manifest() {
# Likewise, for the pcp-pmda and pcp-testsuite subpackages.
#
total_manifest | keep 'tutorials|/html/|pcp-help|man.*\.[1-9].*' | cull 'out' >pcp-help-files
total_manifest | keep 'testsuite|pcpqa|etc/systemd/system|libpcp_fault|pcp/fault.h' >pcp-testsuite-files
total_manifest | keep 'testsuite|pcpqa|etc/systemd/system|libpcp_fault|pcp/fault.h|pmcheck/pmda-sample' >pcp-testsuite-files
basic_manifest | keep "$PCP_GUI|pcp-gui|applications|pixmaps|hicolor" | cull 'pmtime.h' >pcp-gui-files
basic_manifest | keep 'selinux' | cull 'tmp|testsuite' >pcp-selinux-files
basic_manifest | keep 'zeroconf|daily[-_]report|/sa$' >pcp-zeroconf-files
basic_manifest | keep 'zeroconf|daily[-_]report|/sa$' | cull 'pmcheck' >pcp-zeroconf-files
basic_manifest | grep -E -e 'pmiostat|pmrep|dstat|htop|pcp2csv' \
-e 'pcp-atop|pcp-dmcache|pcp-dstat|pcp-free' \
-e 'pcp-htop|pcp-ipcs|pcp-iostat|pcp-lvmcache|pcp-mpstat' \
@ -2200,11 +2274,13 @@ basic_manifest | keep 'sheet2pcp' >pcp-import-sheet2pcp-files
basic_manifest | keep 'mrtg2pcp' >pcp-import-mrtg2pcp-files
basic_manifest | keep 'ganglia2pcp' >pcp-import-ganglia2pcp-files
basic_manifest | keep 'collectl2pcp' >pcp-import-collectl2pcp-files
basic_manifest | keep 'pcp2arrow' >pcp-export-pcp2arrow-files
basic_manifest | keep 'pcp2elasticsearch' >pcp-export-pcp2elasticsearch-files
basic_manifest | keep 'pcp2influxdb' >pcp-export-pcp2influxdb-files
basic_manifest | keep 'pcp2xlsx' >pcp-export-pcp2xlsx-files
basic_manifest | keep 'pcp2graphite' >pcp-export-pcp2graphite-files
basic_manifest | keep 'pcp2json' >pcp-export-pcp2json-files
basic_manifest | keep 'pcp2openmetrics' >pcp-export-pcp2openmetrics-files
basic_manifest | keep 'pcp2spark' >pcp-export-pcp2spark-files
basic_manifest | keep 'pcp2xml' >pcp-export-pcp2xml-files
basic_manifest | keep 'pcp2zabbix' >pcp-export-pcp2zabbix-files
@ -2282,6 +2358,7 @@ basic_manifest | keep '(etc/pcp|pmdas)/summary(/|$)' >pcp-pmda-summary-files
basic_manifest | keep '(etc/pcp|pmdas)/systemd(/|$)' >pcp-pmda-systemd-files
basic_manifest | keep '(etc/pcp|pmdas)/trace(/|$)' >pcp-pmda-trace-files
basic_manifest | keep '(etc/pcp|pmdas)/unbound(/|$)' >pcp-pmda-unbound-files
basic_manifest | keep '(etc/pcp|pmdas)/uwsgi(/|$)' >pcp-pmda-uwsgi-files
basic_manifest | keep '(etc/pcp|pmdas)/weblog(/|$)' >pcp-pmda-weblog-files
basic_manifest | keep '(etc/pcp|pmdas)/zimbra(/|$)' >pcp-pmda-zimbra-files
basic_manifest | keep '(etc/pcp|pmdas)/zswap(/|$)' >pcp-pmda-zswap-files
@ -2307,7 +2384,7 @@ for pmda_package in \
rabbitmq redis resctrl roomtemp rpm rsyslog \
samba sendmail shping slurm smart snmp \
sockets statsd summary systemd \
unbound \
unbound uwsgi \
trace \
weblog \
zimbra zswap ; \
@ -2322,8 +2399,8 @@ do \
done
for export_package in \
pcp2elasticsearch pcp2graphite pcp2influxdb pcp2json \
pcp2spark pcp2xlsx pcp2xml pcp2zabbix zabbix-agent ; \
pcp2arrow pcp2elasticsearch pcp2graphite pcp2influxdb pcp2json \
pcp2openmetrics pcp2spark pcp2xlsx pcp2xml pcp2zabbix zabbix-agent ; \
do \
export_packages="$export_packages pcp-export-$export_package"; \
done
@ -2451,8 +2528,8 @@ semodule -r pcpqa >/dev/null 2>&1 || true
%endif
chown -R pcpqa:pcpqa %{_testsdir} 2>/dev/null
%if !%{disable_systemd}
systemctl restart pmcd pmlogger >/dev/null 2>&1
systemctl enable pmcd pmlogger >/dev/null 2>&1
systemctl restart pcp-reboot-init pmcd pmlogger >/dev/null 2>&1
systemctl enable pcp-reboot-init pmcd pmlogger >/dev/null 2>&1
%else
/sbin/chkconfig --add pmcd >/dev/null 2>&1
/sbin/chkconfig --add pmlogger >/dev/null 2>&1
@ -2522,6 +2599,9 @@ exit 0
%preun pmda-rabbitmq
%{pmda_remove "$1" "rabbitmq"}
%preun pmda-uwsgi
%{pmda_remove "$1" "uwsgi"}
%if !%{disable_snmp}
%preun pmda-snmp
%{pmda_remove "$1" "snmp"}
@ -2729,9 +2809,9 @@ if [ "$1" -eq 0 ]
then
# stop daemons before erasing the package
%if !%{disable_systemd}
%systemd_preun pmlogger_check.timer pmlogger_daily.timer pmlogger_farm_check.timer pmlogger_farm_check.service pmlogger_farm.service pmlogger.service pmie_check.timer pmie_daily.timer pmie_farm_check.timer pmie_farm_check.service pmie_farm.service pmie.service pmproxy.service pmfind.service pmcd.service
%systemd_preun pmlogger_check.timer pmlogger_daily.timer pmlogger_farm_check.timer pmlogger_farm_check.service pmlogger_farm.service pmlogger.service pmie_check.timer pmie_daily.timer pmie_farm_check.timer pmie_farm_check.service pmie_farm.service pmie.service pmproxy.service pmfind.service pmcd.service pcp-reboot-init.service
systemctl stop pmlogger.service pmie.service pmproxy.service pmfind.service pmcd.service >/dev/null 2>&1
systemctl stop pmlogger.service pmie.service pmproxy.service pmfind.service pmcd.service pcp-reboot-init.service >/dev/null 2>&1
%else
/sbin/service pmlogger stop >/dev/null 2>&1
/sbin/service pmie stop >/dev/null 2>&1
@ -2764,8 +2844,8 @@ done
# auto-enable these usually optional pmie rules
%{run_pmieconf "$PCP_PMIECONFIG_DIR" dmthin}
%if !%{disable_systemd}
systemctl restart pmcd pmlogger pmie >/dev/null 2>&1
systemctl enable pmcd pmlogger pmie >/dev/null 2>&1
systemctl restart pcp-reboot-init pmcd pmlogger pmie >/dev/null 2>&1
systemctl enable pcp-reboot-init pmcd pmlogger pmie >/dev/null 2>&1
%else
/sbin/chkconfig --add pmcd >/dev/null 2>&1
/sbin/chkconfig --add pmlogger >/dev/null 2>&1
@ -2988,10 +3068,14 @@ fi
%files pmda-rabbitmq -f pcp-pmda-rabbitmq-files.rpm
%files pmda-uwsgi -f pcp-pmda-uwsgi-files.rpm
%files export-pcp2graphite -f pcp-export-pcp2graphite-files.rpm
%files export-pcp2json -f pcp-export-pcp2json-files.rpm
%files export-pcp2openmetrics -f pcp-export-pcp2openmetrics-files.rpm
%files export-pcp2spark -f pcp-export-pcp2spark-files.rpm
%files export-pcp2xml -f pcp-export-pcp2xml-files.rpm
@ -3007,6 +3091,10 @@ fi
%files export-pcp2influxdb -f pcp-export-pcp2influxdb-files.rpm
%endif
%if !%{disable_arrow}
%files export-pcp2arrow -f pcp-export-pcp2arrow-files.rpm
%endif
%if !%{disable_xlsx}
%files export-pcp2xlsx -f pcp-export-pcp2xlsx-files.rpm
%endif
@ -3106,6 +3194,26 @@ fi
%changelog
* Tue Oct 29 2024 liyanan <liyanan61@h-partners.com> - 6.2.2-5
- Add requires pcp-zeroconf to pcp-system-tools
* Mon Oct 14 2024 wangkai <13474090681@163.com> - 6.2.2-4
- Fix CVE-2024-45769,CVE-2024-45770
- Fix buffer sizing checks in pmstore PDU handling (RHEL-57805)
- Guard against symlink attacks in pmpost program (RHEL-57810)
- Fix libpcp_web webgroup slow request refcounting (RHEL-58306)
- Updated pmdahacluster for newer crm_mon versions (RHEL-50693)
* Tue Sep 03 2024 wangqiang <wangqiang1@kylinos.cn> - 6.2.2-3
- Support to build with clang
* Wed Jun 05 2024 Wenlong Zhang <zhangwenlong@loongson.cn> - 6.2.2-2
- fix build error for loongarch64
* Thu May 30 2024 wangkai <13474090681@163.com> - 6.2.2-1
- Update to 6.2.2 for fix CVE-2023-6917
- Add subpackages pcp-export-pcp2openmetrics pcp-pmda-uwsgi
* Mon Apr 22 2024 yueyuankun <yueyuankun@kylinos.cn> - 6.1.1-5
- modify spec, add vendor

113
redhat-issues-RHEL-34586-pmproxy-pmcd-fd-leak.patch Normal file
View File

@ -0,0 +1,113 @@
diff -Naurp pcp-5.3.7.orig/src/libpcp_web/src/load.h pcp-5.3.7/src/libpcp_web/src/load.h
--- pcp-5.3.7.orig/src/libpcp_web/src/load.h 2021-02-17 15:27:41.000000000 +1100
+++ pcp-5.3.7/src/libpcp_web/src/load.h 2024-09-09 13:45:56.531933622 +1000
@@ -42,8 +42,9 @@ typedef struct context {
unsigned int setup : 1; /* context established */
unsigned int cached : 1; /* context/source in cache */
unsigned int garbage : 1; /* context pending removal */
+ unsigned int inactive: 1; /* context removal deferred */
unsigned int updated : 1; /* context labels are updated */
- unsigned int padding : 4; /* zero-filled struct padding */
+ unsigned int padding : 3; /* zero-filled struct padding */
unsigned int refcount : 16; /* currently-referenced counter */
unsigned int timeout; /* context timeout in milliseconds */
uv_timer_t timer;
diff -Naurp pcp-5.3.7.orig/src/libpcp_web/src/webgroup.c pcp-5.3.7/src/libpcp_web/src/webgroup.c
--- pcp-5.3.7.orig/src/libpcp_web/src/webgroup.c 2024-09-09 13:44:34.166748200 +1000
+++ pcp-5.3.7/src/libpcp_web/src/webgroup.c 2024-09-09 13:45:56.531933622 +1000
@@ -134,9 +134,18 @@ webgroup_timeout_context(uv_timer_t *arg
* is returned to zero by the caller, or background cleanup
* finds this context and cleans it.
*/
- if (cp->refcount == 0 && cp->garbage == 0) {
- cp->garbage = 1;
- uv_timer_stop(&cp->timer);
+ if (cp->refcount == 0) {
+ if (cp->garbage == 0) {
+ cp->garbage = 1;
+ uv_timer_stop(&cp->timer);
+ }
+ } else {
+ /*
+ * Context timed out but still referenced, must wait
+ * until the caller releases its reference (shortly)
+ * before beginning garbage collection process.
+ */
+ cp->inactive = 1;
}
}
@@ -298,20 +307,28 @@ webgroup_garbage_collect(struct webgroup
dictIterator *iterator;
dictEntry *entry;
context_t *cp;
- unsigned int count = 0, drops = 0;
+ unsigned int count = 0, drops = 0, garbageset = 0, inactiveset = 0;
if (pmDebugOptions.http || pmDebugOptions.libweb)
- fprintf(stderr, "%s: started\n", "webgroup_garbage_collect");
+ fprintf(stderr, "%s: started for groups %p\n",
+ "webgroup_garbage_collect", groups);
/* do context GC if we get the lock (else don't block here) */
if (uv_mutex_trylock(&groups->mutex) == 0) {
iterator = dictGetSafeIterator(groups->contexts);
for (entry = dictNext(iterator); entry;) {
cp = (context_t *)dictGetVal(entry);
+ if (cp->privdata != groups)
+ continue;
entry = dictNext(iterator);
- if (cp->garbage && cp->privdata == groups) {
+ if (cp->garbage)
+ garbageset++;
+ if (cp->inactive && cp->refcount == 0)
+ inactiveset++;
+ if (cp->garbage || (cp->inactive && cp->refcount == 0)) {
if (pmDebugOptions.http || pmDebugOptions.libweb)
- fprintf(stderr, "GC context %u (%p)\n", cp->randomid, cp);
+ fprintf(stderr, "GC dropping context %u (%p)\n",
+ cp->randomid, cp);
uv_mutex_unlock(&groups->mutex);
webgroup_drop_context(cp, groups);
uv_mutex_lock(&groups->mutex);
@@ -324,7 +341,8 @@ webgroup_garbage_collect(struct webgroup
/* if dropping the last remaining context, do cleanup */
if (groups->active && drops == count) {
if (pmDebugOptions.http || pmDebugOptions.libweb)
- fprintf(stderr, "%s: freezing\n", "webgroup_garbage_collect");
+ fprintf(stderr, "%s: freezing groups %p\n",
+ "webgroup_garbage_collect", groups);
webgroup_timers_stop(groups);
}
uv_mutex_unlock(&groups->mutex);
@@ -334,8 +352,10 @@ webgroup_garbage_collect(struct webgroup
mmv_set(groups->map, groups->metrics[WEBGROUP_GC_COUNT], &count);
if (pmDebugOptions.http || pmDebugOptions.libweb)
- fprintf(stderr, "%s: finished [%u drops from %u entries]\n",
- "webgroup_garbage_collect", drops, count);
+ fprintf(stderr, "%s: finished [%u drops from %u entries,"
+ " %u garbageset, %u inactiveset]\n",
+ "webgroup_garbage_collect", drops, count,
+ garbageset, inactiveset);
}
static void
@@ -354,7 +374,7 @@ webgroup_use_context(struct context *cp,
int sts;
struct webgroups *gp = (struct webgroups *)cp->privdata;
- if (cp->garbage == 0) {
+ if (cp->garbage == 0 && cp->inactive == 0) {
if (cp->setup == 0) {
if ((sts = pmReconnectContext(cp->context)) < 0) {
infofmt(*message, "cannot reconnect context: %s",
@@ -424,7 +444,7 @@ webgroup_lookup_context(pmWebGroupSettin
*status = -ENOTCONN;
return NULL;
}
- if (cp->garbage == 0) {
+ if (cp->garbage == 0 && cp->inactive == 0) {
access.username = cp->username;
access.password = cp->password;
access.realm = cp->realm;

1404
redhat-issues-RHEL-57788-pmdahacluster-update.patch Normal file
View File

File diff suppressed because it is too large Load Diff

419
redhat-issues-RHEL-57796-pmcd-pmstore-corruption.patch Normal file
View File

@ -0,0 +1,419 @@
diff -Naurp pcp-6.2.0.orig/qa/1518 pcp-6.2.0/qa/1518
--- pcp-6.2.0.orig/qa/1518 1970-01-01 10:00:00.000000000 +1000
+++ pcp-6.2.0/qa/1518 2024-09-17 10:11:45.805874610 +1000
@@ -0,0 +1,75 @@
+#!/bin/sh
+# PCP QA Test No. 1518
+# SUSE Issue A)
+# __pmDecodeValueSet() Miscalculates Available Buffer Space
+# Leading to a Possible Heap Corruption
+#
+# Copyright (c) 2024 Ken McDonell. All Rights Reserved.
+# Copyright (c) 2024 Matthias Gerstner. All Rights Reserved.
+#
+
+if [ $# -eq 0 ]
+then
+ seq=`basename $0`
+ echo "QA output created by $seq"
+else
+ # use $seq from caller, unless not set
+ [ -n "$seq" ] || seq=`basename $0`
+ echo "QA output created by `basename $0` $*"
+fi
+
+# get standard environment, filters and checks
+. ./common.product
+. ./common.filter
+. ./common.check
+
+$sudo rm -rf $tmp $tmp.* $seq.full
+
+which nc >/dev/null 2>&1 || _notrun "no nc executable installed"
+_check_valgrind
+
+_cleanup()
+{
+ cat pmcd.log >>$here/$seq.full
+ cd $here
+ $sudo rm -rf $tmp $tmp.*
+}
+
+status=0 # success is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_filter()
+{
+ sed \
+ -e '/^Command: /d' \
+ # end
+}
+
+mkdir $tmp || exit 1
+cd $tmp
+grep sampledso $PCP_PMCDCONF_PATH >pmcd.conf
+cat pmcd.conf >>$here/$seq.full
+port=`_find_free_port`
+echo "port=$port" >>$here/$seq.full
+
+# real QA test starts here
+valgrind $PCP_BINADM_DIR/pmcd -f -Dpdu -c ./pmcd.conf -s ./pmcd.socket -p $port >out 2>err &
+valgrind_pid=$!
+sleep 2
+pmcd_pid=`$PCP_PS_PROG $PCP_PS_ALL_FLAGS | grep '[p]mcd -f -Dpdu' | $PCP_AWK_PROG '{ print $2 }'`
+echo "pmcd_pid=$pmcd_pid" >>$here/$seq.full
+nc -N -U ./pmcd.socket <$here/binary/decode-value-set-out-of-bound-write 2>&1 \
+| od -c >>$here/$seq.full
+sleep 2
+kill -TERM $pmcd_pid
+wait
+
+echo "expect error to be logged ..."
+grep __pmDecodeValueSet pmcd.log
+
+echo
+echo "and no valgrind badness ..."
+cat out err | _filter_valgrind | _filter
+
+# success, all done
+exit
diff -Naurp pcp-6.2.0.orig/qa/1518.out pcp-6.2.0/qa/1518.out
--- pcp-6.2.0.orig/qa/1518.out 1970-01-01 10:00:00.000000000 +1000
+++ pcp-6.2.0/qa/1518.out 2024-09-17 10:11:45.806874611 +1000
@@ -0,0 +1,11 @@
+QA output created by 1518
+expect error to be logged ...
+__pmDecodeValueSet: PM_ERR_IPC: pmid[0] value[0] vindex=1020 (max=255)
+
+and no valgrind badness ...
+Memcheck, a memory error detector
+LEAK SUMMARY:
+definitely lost: 0 bytes in 0 blocks
+indirectly lost: 0 bytes in 0 blocks
+Rerun with --leak-check=full to see details of leaked memory
+ERROR SUMMARY: 0 errors from 0 contexts ...
diff -Naurp pcp-6.2.0.orig/qa/group pcp-6.2.0/qa/group
--- pcp-6.2.0.orig/qa/group 2024-02-11 23:48:09.000000000 +1100
+++ pcp-6.2.0/qa/group 2024-09-17 10:11:45.815874621 +1000
@@ -1984,7 +1984,7 @@ x11
1515 pmda.denki local valgrind
1516:reserved kenj
1517:reserved kenj
-1518:reserved kenj
+1518 pmcd libpcp local
1519:reserved kenj
1530 pmda.zfs local valgrind
1531 pmda.zfs local valgrind
diff -Naurp pcp-6.2.0.orig/src/libpcp/src/endian.c pcp-6.2.0/src/libpcp/src/endian.c
--- pcp-6.2.0.orig/src/libpcp/src/endian.c 2023-11-16 17:51:39.000000000 +1100
+++ pcp-6.2.0/src/libpcp/src/endian.c 2024-09-17 10:11:45.820874627 +1000
@@ -275,13 +275,17 @@ ntohEventArray(pmValueBlock * const vb,
}
void
-__ntohpmValueBlock(pmValueBlock * const vb)
+__ntohpmValueBlock_hdr(pmValueBlock * const vb)
{
unsigned int *ip = (unsigned int *)vb;
/* Swab the first word, which contain vtype and vlen */
*ip = ntohl(*ip);
+}
+void
+__ntohpmValueBlock_buf(pmValueBlock * const vb)
+{
switch (vb->vtype) {
case PM_TYPE_U64:
case PM_TYPE_64:
@@ -305,6 +309,13 @@ __ntohpmValueBlock(pmValueBlock * const
break;
}
}
+
+void
+__ntohpmValueBlock(pmValueBlock * const vb)
+{
+ __ntohpmValueBlock_hdr(vb);
+ __ntohpmValueBlock_buf(vb);
+}
#endif
#ifndef __htonpmPDUInfo
diff -Naurp pcp-6.2.0.orig/src/libpcp/src/internal.h pcp-6.2.0/src/libpcp/src/internal.h
--- pcp-6.2.0.orig/src/libpcp/src/internal.h 2023-11-16 17:51:39.000000000 +1100
+++ pcp-6.2.0/src/libpcp/src/internal.h 2024-09-17 10:11:45.823874630 +1000
@@ -60,6 +60,8 @@ extern int __pmGetDate(struct timespec *
#define __ntohpmLabel(a) /* noop */
#define __htonpmValueBlock(a) /* noop */
#define __ntohpmValueBlock(a) /* noop */
+#define __ntohpmValueBlock_hdr(a) /* noop */
+#define __ntohpmValueBlock_buf(a) /* noop */
#define __htonf(a) /* noop */
#define __ntohf(a) /* noop */
#define __htond(a) /* noop */
@@ -90,6 +92,8 @@ extern void __htonpmLabel(pmLabel * cons
extern void __ntohpmLabel(pmLabel * const) _PCP_HIDDEN;
extern void __htonpmValueBlock(pmValueBlock * const) _PCP_HIDDEN;
extern void __ntohpmValueBlock(pmValueBlock * const) _PCP_HIDDEN;
+extern void __ntohpmValueBlock_hdr(pmValueBlock * const) _PCP_HIDDEN;
+extern void __ntohpmValueBlock_buf(pmValueBlock * const) _PCP_HIDDEN;
extern void __htonf(char *) _PCP_HIDDEN; /* float */
#define __ntohf(v) __htonf(v)
#define __htond(v) __htonll(v) /* double */
diff -Naurp pcp-6.2.0.orig/src/libpcp/src/p_result.c pcp-6.2.0/src/libpcp/src/p_result.c
--- pcp-6.2.0.orig/src/libpcp/src/p_result.c 2023-11-16 17:51:39.000000000 +1100
+++ pcp-6.2.0/src/libpcp/src/p_result.c 2024-09-17 10:18:17.264314112 +1000
@@ -323,6 +323,135 @@ __pmSendHighResResult(int fd, int from,
return __pmSendHighResResult_ctx(NULL, fd, from, result);
}
+/* Check that a network encoded event array is within a given buffer size */
+int
+__pmEventArrayCheck(pmValueBlock * const vb, int highres, int pmid, int value, size_t check)
+{
+ char *base;
+ int r; /* records */
+ int p; /* parameters in a record ... */
+ int nrecords;
+ int nparams;
+
+ if (highres) {
+ pmHighResEventArray *hreap = (pmHighResEventArray *)vb;
+ base = (char *)&hreap->ea_record[0];
+ if (base > (char *)vb + check) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmEventArrayCheck #1: PM_ERR_IPC: pmid[%d] value[%d] highres event records past end of PDU buffer\n",
+ pmid, value);
+ return PM_ERR_IPC;
+ }
+ nrecords = ntohl(hreap->ea_nrecords);
+ }
+ else {
+ pmEventArray *eap = (pmEventArray *)vb;
+ base = (char *)&eap->ea_record[0];
+ if (base > (char *)vb + check) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmEventArrayCheck #2: PM_ERR_IPC: pmid[%d] value[%d] event records past end of PDU buffer\n",
+ pmid, value);
+ return PM_ERR_IPC;
+ }
+ nrecords = ntohl(eap->ea_nrecords);
+ }
+
+ /* walk packed event record array */
+ for (r = 0; r < nrecords; r++) {
+ unsigned int flags, type;
+ size_t size, remaining;
+
+ remaining = check - (base - (char *)vb);
+ if (highres) {
+ pmHighResEventRecord *hrerp = (pmHighResEventRecord *)base;
+ size = sizeof(hrerp->er_timestamp) + sizeof(hrerp->er_flags) +
+ sizeof(hrerp->er_nparams);
+ if (size > remaining) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmEventArrayCheck #3: PM_ERR_IPC: pmid[%d] value[%d] record[%d] highres event record past end of PDU buffer\n",
+ pmid, value, r);
+ return PM_ERR_IPC;
+ }
+ nparams = ntohl(hrerp->er_nparams);
+ flags = ntohl(hrerp->er_flags);
+ }
+ else {
+ pmEventRecord *erp = (pmEventRecord *)base;
+ size = sizeof(erp->er_timestamp) + sizeof(erp->er_flags) +
+ sizeof(erp->er_nparams);
+ if (size > remaining) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmEventArrayCheck #4: PM_ERR_IPC: pmid[%d] value[%d] record[%d] event record past end of PDU buffer\n",
+ pmid, value, r);
+ return PM_ERR_IPC;
+ }
+ nparams = ntohl(erp->er_nparams);
+ flags = ntohl(erp->er_flags);
+ }
+
+ if (flags & PM_EVENT_FLAG_MISSED)
+ nparams = 0;
+
+ base += size;
+ remaining = check - (base - (char *)vb);
+
+ for (p = 0; p < nparams; p++) {
+ __uint32_t *tp; /* points to int holding vtype/vlen */
+ pmEventParameter *epp = (pmEventParameter *)base;
+
+ if (sizeof(pmEventParameter) > remaining) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmEventArrayCheck #5: PM_ERR_IPC: pmid[%d] value[%d] record[%d] param[%d] event record past end of PDU buffer\n",
+ pmid, value, r, p);
+ return PM_ERR_IPC;
+ }
+
+ tp = (__uint32_t *)&epp->ep_pmid;
+ tp++; /* now points to ep_type/ep_len */
+ *tp = ntohl(*tp);
+ type = epp->ep_type;
+ size = epp->ep_len;
+ *tp = htonl(*tp); /* leave the buffer how we found it */
+
+ if (sizeof(pmID) + size > remaining) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmEventArrayCheck #6: PM_ERR_IPC: pmid[%d] value[%d] record[%d] param[%d] event record past end of PDU buffer\n",
+ pmid, value, r, p);
+ return PM_ERR_IPC;
+ }
+
+ base += sizeof(pmID) + PM_PDU_SIZE_BYTES(size);
+
+ /*
+ * final check for the types below, ep_len should be 4 or
+ * 8, but a malformed PDU could have smaller ep_len values
+ * and then unpacking these types risk going past the end
+ * of the PDU buffer
+ */
+ size = 0;
+ switch (type) {
+ case PM_TYPE_32:
+ case PM_TYPE_U32:
+ case PM_TYPE_FLOAT:
+ size = 4; /* 32-bit types */
+ break;
+ case PM_TYPE_64:
+ case PM_TYPE_U64:
+ case PM_TYPE_DOUBLE:
+ size = 8; /* 64-bit types */
+ break;
+ }
+ if (size > 0 && sizeof(pmID) + size > remaining) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmEventArrayCheck #7: PM_ERR_IPC: pmid[%d] value[%d] record[%d] param[%d] event record past end of PDU buffer\n",
+ pmid, value, r, p);
+ return PM_ERR_IPC;
+ }
+ }
+ }
+ return 0;
+}
+
#if defined(HAVE_64BIT_PTR)
int
__pmDecodeValueSet(__pmPDU *pdubuf, int pdulen, __pmPDU *data, char *pduend,
@@ -336,7 +465,7 @@ __pmDecodeValueSet(__pmPDU *pdubuf, int
int i, j;
/*
* Note: all sizes are in units of bytes ... beware that 'data' is in
- * units of __pmPDU
+ * units of __pmPDU (four bytes)
*/
int vsize; /* size of vlist_t's in PDU buffer */
int nvsize; /* size of pmValue's after decode */
@@ -414,11 +543,10 @@ __pmDecodeValueSet(__pmPDU *pdubuf, int
return PM_ERR_IPC;
}
vindex = ntohl(pduvp->value.lval);
- if (vindex < 0 || vindex > pdulen) {
+ if (vindex < 0 || (char *)&pdubuf[vindex] >= pduend) {
if (pmDebugOptions.pdu && pmDebugOptions.desperate)
- fprintf(stderr, "%s: Bad: pmid[%d] value[%d] "
- "vindex=%d\n",
- "__pmDecodeValueSet", i, j, vindex);
+ fprintf(stderr, "__pmDecodeValueSet: PM_ERR_IPC: pmid[%d] value[%d] vindex=%d (max=%ld)\n",
+ i, j, vindex, (long)((pduend-(char *)pdubuf) / sizeof(pdubuf[0])-1));
return PM_ERR_IPC;
}
pduvbp = (pmValueBlock *)&pdubuf[vindex];
@@ -427,29 +555,31 @@ __pmDecodeValueSet(__pmPDU *pdubuf, int
check = (size_t)(pduend - (char *)pduvbp);
if (sizeof(unsigned int) > check) {
if (pmDebugOptions.pdu && pmDebugOptions.desperate)
- fprintf(stderr, "%s: Bad: pmid[%d] value[%d] "
- "second pduvp past end of "
- "PDU buffer\n",
- "__pmDecodeValueSet", i, j);
+ fprintf(stderr, "__pmDecodeValueSet: PM_ERR_IPC: pmid[%d] value[%d] second pduvp past end of PDU buffer\n",
+ i, j);
return PM_ERR_IPC;
}
-
- __ntohpmValueBlock(pduvbp);
+ __ntohpmValueBlock_hdr(pduvbp);
if (pduvbp->vlen < PM_VAL_HDR_SIZE ||
pduvbp->vlen > pdulen) {
- if (pmDebugOptions.pdu && pmDebugOptions.desperate)
- fprintf(stderr, "%s: Bad: pmid[%d] value[%d] "
- "vlen=%d\n", "__pmDecodeValueSet",
- i, j, pduvbp->vlen);
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmDecodeValueSet: PM_ERR_IPC: pmid[%d] value[%d] vlen=%d\n",
+ i, j, pduvbp->vlen);
return PM_ERR_IPC;
}
- if (pduvbp->vlen > (size_t)(pduend - (char *)pduvbp)) {
- if (pmDebugOptions.pdu && pmDebugOptions.desperate)
- fprintf(stderr, "%s: Bad: pmid[%d] value[%d] "
- "pduvp past end of PDU buffer\n",
- "__pmDecodeValueSet", i, j);
+ if (pduvbp->vlen > check) {
+ if (pmDebugOptions.pdu)
+ fprintf(stderr, "__pmDecodeValueSet: PM_ERR_IPC: pmid[%d] value[%d] pduvp past end of PDU buffer\n",
+ i, j);
return PM_ERR_IPC;
}
+ if (pduvbp->vtype == PM_TYPE_HIGHRES_EVENT ||
+ pduvbp->vtype == PM_TYPE_EVENT) {
+ vindex = (pduvbp->vtype == PM_TYPE_HIGHRES_EVENT);
+ if (__pmEventArrayCheck(pduvbp, vindex, i, j, check) < 0)
+ return PM_ERR_IPC;
+ }
+ __ntohpmValueBlock_buf(pduvbp);
vbsize += PM_PDU_SIZE_BYTES(pduvbp->vlen);
if (pmDebugOptions.pdu && pmDebugOptions.desperate) {
fprintf(stderr, " len: %d type: %d",
@@ -682,11 +812,10 @@ __pmDecodeValueSet(__pmPDU *pdubuf, int
} else {
/* salvage pmValueBlocks from end of PDU */
vindex = ntohl(pduvp->value.lval);
- if (vindex < 0 || vindex > pdulen) {
+ if (vindex < 0 || (char *)&pdubuf[vindex] >= pduend) {
if (pmDebugOptions.pdu && pmDebugOptions.desperate)
- fprintf(stderr, "%s: Bad: pmid[%d] value[%d] "
- "vindex=%d\n",
- "__pmDecodeValueSet", i, j, vindex);
+ fprintf(stderr, "__pmDecodeValueSet: PM_ERR_IPC: pmid[%d] value[%d] vindex=%d (max=%ld)\n",
+ i, j, vindex, (long)((pduend-(char *)pdubuf) / sizeof(pdubuf[0])-1));
return PM_ERR_IPC;
}
pduvbp = (pmValueBlock *)&pdubuf[vindex];
@@ -701,7 +830,7 @@ __pmDecodeValueSet(__pmPDU *pdubuf, int
"__pmDecodeValueSet", i, j);
return PM_ERR_IPC;
}
- __ntohpmValueBlock(pduvbp);
+ __ntohpmValueBlock_hdr(pduvbp);
if (pduvbp->vlen < PM_VAL_HDR_SIZE ||
pduvbp->vlen > pdulen) {
if (pmDebugOptions.pdu && pmDebugOptions.desperate)
@@ -710,13 +839,20 @@ __pmDecodeValueSet(__pmPDU *pdubuf, int
i, j, pduvbp->vlen);
return PM_ERR_IPC;
}
- if (pduvbp->vlen > (size_t)(pduend - (char *)pduvbp)) {
+ if (pduvbp->vlen > check) {
if (pmDebugOptions.pdu && pmDebugOptions.desperate)
fprintf(stderr, "%s: Bad: pmid[%d] value[%d] "
"pduvp past end of PDU buffer\n",
"__pmDecodeValueSet", i, j);
return PM_ERR_IPC;
}
+ if (pduvbp->vtype == PM_TYPE_HIGHRES_EVENT ||
+ pduvbp->vtype == PM_TYPE_EVENT) {
+ vindex = (pduvbp->vtype == PM_TYPE_HIGHRES_EVENT);
+ if (__pmEventArrayCheck(pduvbp, vindex, i, j, check) < 0)
+ return PM_ERR_IPC;
+ }
+ __ntohpmValueBlock_buf(pduvbp);
pduvp->value.pval = pduvbp;
}
}

99
redhat-issues-RHEL-57799-pmpost-symlink-handling.patch Normal file
View File

@ -0,0 +1,99 @@
diff -Naurp pcp-5.3.7.orig/qa/640 pcp-5.3.7/qa/640
--- pcp-5.3.7.orig/qa/640 2017-08-17 10:54:57.000000000 +1000
+++ pcp-5.3.7/qa/640 2024-09-09 13:41:12.440235947 +1000
@@ -6,6 +6,10 @@
# years; so we now simply check the right permissions are in place
# and move right along...
#
+# Aug 2024 update
+# SuSE Issue G identifies another possible exploit, so try that
+# as well.
+#
# Copyright (c) 1995-2002 Silicon Graphics, Inc. All Rights Reserved.
#
@@ -17,13 +21,54 @@ echo "QA output created by $seq"
. ./common.filter
. ./common.check
-status=0 # success is the default!
-trap "$sudo rm -f $tmp.*; exit \$status" 0 1 2 3 15
+rm -f $seq.full
+ls -li $PCP_LOG_DIR/NOTICES $tmp/badness >>$seq.full 2>&1
+
+_cleanup()
+{
+ if [ -f $PCP_LOG_DIR/NOTICES.$seq ]
+ then
+ $sudo rm -f $PCP_LOG_DIR/NOTICES
+ $sudo mv $PCP_LOG_DIR/NOTICES.$seq $PCP_LOG_DIR/NOTICES
+ fi
+ ls -li $PCP_LOG_DIR/NOTICES $tmp/badness >>$seq.full 2>&1
+ $sudo rm -rf $tmp $tmp.*
+}
+
+status=1 # failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_filter()
+{
+ sed \
+ -e "s@$PCP_LOG_DIR@PCP_LOG_DIR@g" \
+ -e '/^pmpost:/s/\[.*]/[DATE]/' \
+ # end
+}
# real QA test starts here
pmpost=$PCP_BINADM_DIR/pmpost
-echo "Using pmpost binary: $pmpost" > $seq.full
+echo "Using pmpost binary: $pmpost" >>$seq.full
test -u "$pmpost" && echo "FAIL: pmpost has setuid bit set"
test -g "$pmpost" && echo "FAIL: pmpost has setgid bit set"
+
+$sudo mkdir $tmp || exit
+$sudo chmod 700 $tmp || exit
+$sudo -u $PCP_USER mv $PCP_LOG_DIR/NOTICES $PCP_LOG_DIR/NOTICES.$seq
+
+$sudo -u $PCP_USER ln -s $tmp/badness $PCP_LOG_DIR/NOTICES >>$seq.full
+$pmpost ordinary user 2>&1 | _filter
+$sudo ls -li $PCP_LOG_DIR/NOTICES $tmp/badness >>$seq.full 2>&1
+$sudo -u pcp $pmpost pcp user 2>&1 | _filter
+$sudo ls -li $PCP_LOG_DIR/NOTICES $tmp/badness >>$seq.full 2>&1
+$sudo $pmpost root user 2>&1 | _filter
+$sudo ls -li $PCP_LOG_DIR/NOTICES $tmp/badness >>$seq.full 2>&1
+if $sudo test -f $tmp/badness
+then
+ $sudo cat $tmp/badness
+fi
+
echo "Test complete"
+
+status=0
exit
diff -Naurp pcp-5.3.7.orig/qa/640.out pcp-5.3.7/qa/640.out
--- pcp-5.3.7.orig/qa/640.out 2017-08-17 10:54:57.000000000 +1000
+++ pcp-5.3.7/qa/640.out 2024-09-09 13:41:12.440235947 +1000
@@ -1,2 +1,5 @@
QA output created by 640
+pmpost: unposted message: [DATE] ordinary user
+pmpost: unposted message: [DATE] pcp user
+pmpost: unposted message: [DATE] root user
Test complete
diff -Naurp pcp-5.3.7.orig/src/pmpost/pmpost.c pcp-5.3.7/src/pmpost/pmpost.c
--- pcp-5.3.7.orig/src/pmpost/pmpost.c 2021-02-17 15:27:41.000000000 +1100
+++ pcp-5.3.7/src/pmpost/pmpost.c 2024-09-09 13:41:12.440235947 +1000
@@ -141,8 +141,12 @@ main(int argc, char **argv)
goto oops;
}
- if ((fd = open(notices, O_WRONLY|O_APPEND, 0)) < 0) {
- if ((fd = open(notices, O_WRONLY|O_CREAT|O_APPEND, 0664)) < 0) {
+ if ((fd = open(notices, O_WRONLY|O_APPEND|O_NOFOLLOW, 0)) < 0) {
+ if (oserror() == ELOOP) {
+ /* last component is symlink => attack? ... bail! */
+ goto oops;
+ }
+ if ((fd = open(notices, O_WRONLY|O_CREAT|O_APPEND|O_NOFOLLOW, 0664)) < 0) {
fprintf(stderr, "pmpost: cannot open or create file \"%s\": %s\n",
notices, osstrerror());
goto oops;