[poky,dunfell] systemd: udev SECLABEL{selinux} crash fix

Submitted by akash hadke on Nov. 10, 2020, 6:43 a.m. | Patch ID: 177900

Details

Message ID 1604990635-15289-1-git-send-email-akash.hadke@kpit.com
State New
Headers show

Commit Message

akash hadke Nov. 10, 2020, 6:43 a.m.
Adding SECLABEL{selinux}="some value" causes systemd-udev
to crash.
So applied below available patch to fix the issue.

systemd-udev-seclabel-options-crash-fix.patch

Link: https://github.com/systemd/systemd/commit/0335d110afc08baf47d76b7011ce02510dfdd524.patch
Signed-off-by: akash hadke <akash.hadke@kpit.com>

---
 .../systemd-udev-seclabel-options-crash-fix.patch  | 30 ++++++++++++++++++++++
 meta/recipes-core/systemd/systemd_244.3.bb         |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch

-- 
2.7.4
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#144436): https://lists.openembedded.org/g/openembedded-core/message/144436
Mute This Topic: https://lists.openembedded.org/mt/78154804/1003190
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [mhalstead@linuxfoundation.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patch hide | download patch | download mbox

diff --git a/meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch b/meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch
new file mode 100644
index 0000000..27b2b60
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch
@@ -0,0 +1,30 @@ 
+From 0335d110afc08baf47d76b7011ce02510dfdd524 Mon Sep 17 00:00:00 2001
+From: Valery0xff <valery.chernous@gmail.com>
+Date: Wed, 11 Mar 2020 02:20:36 +0200
+Subject: [PATCH] udev: fix SECLABEL{selinux} issue (#15064)
+
+Add SECLABEL{selinux}="some value" cause udevadm crash
+systemd-udevd[x]: Worker [x] terminated by signal 11 (SEGV)
+ 
+It happens since 25de7aa7b90 (Yu Watanabe 2019-04-25 01:21:11 +0200)
+when udev rules processing changed to token model. Yu forgot store
+attr to SECLABEL token so fix it.
+---
+ src/udev/udev-rules.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Upstream-Status: Backport [https://github.com/systemd/systemd/commit/0335d110afc08baf47d76b7011ce02510dfdd524.patch]
+---
+diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
+index b9b350d1ef..b990f68e93 100644
+--- a/src/udev/udev-rules.c
++++ b/src/udev/udev-rules.c
+@@ -921,7 +921,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
+                         op = OP_ASSIGN;
+                 }
+ 
+-                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, NULL);
++                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
+         } else if (streq(key, "RUN")) {
+                 if (is_match || op == OP_REMOVE)
+                         return log_token_invalid_op(rules, key);
diff --git a/meta/recipes-core/systemd/systemd_244.3.bb b/meta/recipes-core/systemd/systemd_244.3.bb
index 850d64e..64e3b18 100644
--- a/meta/recipes-core/systemd/systemd_244.3.bb
+++ b/meta/recipes-core/systemd/systemd_244.3.bb
@@ -21,6 +21,7 @@  SRC_URI += "file://touchscreen.rules \
            file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \
            file://0003-implment-systemd-sysv-install-for-OE.patch \
            file://CVE-2020-13776.patch \
+           file://systemd-udev-seclabel-options-crash-fix.patch \
            "
 
 # patches needed by musl