From a4f6926468c44fae4f0277274c5a17f035aff9d0 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Aug 02 2021 15:11:57 +0000 Subject: update to 3.1.1 (#1979954 CVE-2021-3570 CVE-2021-3571) Resolves: #1979954 CVE-2021-3570 CVE-2021-3571 --- diff --git a/.gitignore b/.gitignore index e08077c..bbf93d3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/linuxptp-3.1.tgz -/linuxptp-testsuite-ff37e2.tar.gz -/clknetsim-c4ccc2.tar.gz +/linuxptp-3.1.1.tgz +/linuxptp-testsuite-c66922.tar.gz +/clknetsim-ce3c4a.tar.gz diff --git a/linuxptp-fclose.patch b/linuxptp-fclose.patch new file mode 100644 index 0000000..bde2872 --- /dev/null +++ b/linuxptp-fclose.patch @@ -0,0 +1,22 @@ +commit e8a82d1b5be2d5bf9450a9acfe44e957b4867870 +Author: Miroslav Lichvar +Date: Tue Jul 20 11:41:35 2021 +0200 + + lstab: Close file after reading. + + The lstab_read() function opens a file, but doesn't close it after use. + + Signed-off-by: Miroslav Lichvar + +diff --git a/lstab.c b/lstab.c +index e6e7ad2..0d6a427 100644 +--- a/lstab.c ++++ b/lstab.c +@@ -144,6 +144,7 @@ static int lstab_read(struct lstab *lstab, const char *name) + index++; + } + } ++ fclose(fp); + if (!lstab->expiration_utc) { + fprintf(stderr, "missing expiration date in '%s'\n", name); + return -1; diff --git a/linuxptp-manfix.patch b/linuxptp-manfix.patch new file mode 100644 index 0000000..05edfc9 --- /dev/null +++ b/linuxptp-manfix.patch @@ -0,0 +1,28 @@ +commit 0b80e32829ca7430be851fc64c4812896ad97c88 +Author: Miroslav Lichvar +Date: Mon Jul 19 17:09:01 2021 +0200 + + Fix quoting in ptp4l man page. + + In the groff syntax lines starting with a dot or quote are requests. A + line in the servo_offset_threshold description starts with a quote, + which breaks the output. Move a word to the beginning of the line to fix + it. + + Signed-off-by: Miroslav Lichvar + +diff --git a/ptp4l.8 b/ptp4l.8 +index 7ca3474..a0779ef 100644 +--- a/ptp4l.8 ++++ b/ptp4l.8 +@@ -788,8 +788,8 @@ The default value is 10. + .TP + .B servo_offset_threshold + The offset threshold used in order to transition from the SERVO_LOCKED +-to the SERVO_LOCKED_STABLE state. The transition occurs once the last +-'servo_num_offset_values' offsets are all below the threshold value. ++to the SERVO_LOCKED_STABLE state. The transition occurs once the ++last 'servo_num_offset_values' offsets are all below the threshold value. + The default value of offset_threshold is 0 (disabled). + .TP + .B slave_event_monitor diff --git a/linuxptp-packalign.patch b/linuxptp-packalign.patch new file mode 100644 index 0000000..c5ed8a6 --- /dev/null +++ b/linuxptp-packalign.patch @@ -0,0 +1,100 @@ +commit 25dcf01e340d85bcdbe7b3c24eac7fe1ce7ea0c2 +Author: Miroslav Lichvar +Date: Wed Mar 10 17:05:55 2021 +0100 + + Avoid unaligned pointers to packed members. + + This fixes "taking address of packed member ... may result in an + unaligned pointer value [-Waddress-of-packed-member]" warnings from gcc. + + Signed-off-by: Miroslav Lichvar + +diff --git a/clock.c b/clock.c +index 7005636..f88df58 100644 +--- a/clock.c ++++ b/clock.c +@@ -350,6 +350,7 @@ static int clock_management_fill_response(struct clock *c, struct port *p, + struct time_status_np *tsn; + struct tlv_extra *extra; + struct PTPText *text; ++ uint16_t duration; + int datalen = 0; + + extra = tlv_extra_alloc(); +@@ -452,7 +453,8 @@ static int clock_management_fill_response(struct clock *c, struct port *p, + break; + } + sen = (struct subscribe_events_np *)tlv->data; +- clock_get_subscription(c, req, sen->bitmask, &sen->duration); ++ clock_get_subscription(c, req, sen->bitmask, &duration); ++ memcpy(&sen->duration, &duration, sizeof(sen->duration)); + datalen = sizeof(*sen); + break; + case TLV_SYNCHRONIZATION_UNCERTAIN_NP: +diff --git a/msg.c b/msg.c +index c4516ad..dcb397c 100644 +--- a/msg.c ++++ b/msg.c +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -36,8 +37,8 @@ int assume_two_step = 0; + + struct message_storage { + unsigned char reserved[MSG_HEADROOM]; +- struct ptp_message msg; +-} PACKED; ++ struct ptp_message msg __attribute__((aligned (8))); ++}; + + static TAILQ_HEAD(msg_pool, ptp_message) msg_pool = TAILQ_HEAD_INITIALIZER(msg_pool); + +diff --git a/tlv.c b/tlv.c +index 879bb7e..98ef6e1 100644 +--- a/tlv.c ++++ b/tlv.c +@@ -67,7 +67,7 @@ static void timestamp_net2host(struct Timestamp *t) + NTOHL(t->nanoseconds); + } + +-static uint16_t flip16(uint16_t *p) ++static uint16_t flip16(void *p) + { + uint16_t v; + memcpy(&v, p, sizeof(v)); +@@ -76,7 +76,7 @@ static uint16_t flip16(uint16_t *p) + return v; + } + +-static int64_t host2net64_unaligned(int64_t *p) ++static int64_t host2net64_unaligned(void *p) + { + int64_t v; + memcpy(&v, p, sizeof(v)); +@@ -85,7 +85,7 @@ static int64_t host2net64_unaligned(int64_t *p) + return v; + } + +-static int64_t net2host64_unaligned(int64_t *p) ++static int64_t net2host64_unaligned(void *p) + { + int64_t v; + memcpy(&v, p, sizeof(v)); +diff --git a/util.h b/util.h +index 41e33d4..739c8fd 100644 +--- a/util.h ++++ b/util.h +@@ -57,7 +57,7 @@ const char *ts_str(enum timestamp_type ts); + */ + int addreq(enum transport_type type, struct address *a, struct address *b); + +-static inline uint16_t align16(uint16_t *p) ++static inline uint16_t align16(void *p) + { + uint16_t v; + memcpy(&v, p, sizeof(v)); diff --git a/linuxptp.spec b/linuxptp.spec index 7ec636c..8a6e5c5 100644 --- a/linuxptp.spec +++ b/linuxptp.spec @@ -1,9 +1,9 @@ %global _hardened_build 1 -%global testsuite_ver ff37e2 -%global clknetsim_ver c4ccc2 +%global testsuite_ver c66922 +%global clknetsim_ver ce3c4a Name: linuxptp -Version: 3.1 +Version: 3.1.1 Release: 5%{?dist} Summary: PTP implementation for Linux @@ -21,8 +21,14 @@ Source10: https://github.com/mlichvar/linuxptp-testsuite/archive/%{testsuite_ver # simulator for test suite Source11: https://github.com/mlichvar/clknetsim/archive/%{clknetsim_ver}/clknetsim-%{clknetsim_ver}.tar.gz +# fix quoting in ptp4l man page +Patch7: linuxptp-manfix.patch +# close lstab file after use +Patch8: linuxptp-fclose.patch # fix handling of zero-length messages -Patch1: linuxptp-zerolength.patch +Patch9: linuxptp-zerolength.patch +# avoid unaligned pointers to packed members +Patch10: linuxptp-packalign.patch BuildRequires: gcc gcc-c++ make systemd @@ -37,7 +43,10 @@ Supporting legacy APIs and other platforms is not a goal. %prep %setup -q -a 10 -a 11 -n %{name}-%{!?gitfullver:%{version}}%{?gitfullver} -%patch1 -p1 -b .zerolength +%patch7 -p1 -b .manfix +%patch8 -p1 -b .fclose +%patch9 -p1 -b .zerolength +%patch10 -p1 -b .packalign mv linuxptp-testsuite-%{testsuite_ver}* testsuite mv clknetsim-%{clknetsim_ver}* testsuite/clknetsim @@ -60,6 +69,8 @@ echo 'OPTIONS="-a -r"' > $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/phc2sys echo '.so man8/ptp4l.8' > $RPM_BUILD_ROOT%{_mandir}/man5/ptp4l.conf.5 echo '.so man8/timemaster.8' > $RPM_BUILD_ROOT%{_mandir}/man5/timemaster.conf.5 +rm -f configs/snmpd.conf + %check cd testsuite # set random seed to get deterministic results diff --git a/sources b/sources index 477959c..28fe63e 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linuxptp-3.1.tgz) = 681a31d988f926ead0a7a1ae57457ef11577ca9f57bc8d344d1b6846b55ec4e69bd642b0d8ecc9bdcb438871d1687b02eabb03bc977d396bb6ae1c4140d5018a -SHA512 (linuxptp-testsuite-ff37e2.tar.gz) = 5d5c4ec2a8ff7955b3c5eb75d5cc03fb1d4ef0e973fbf4f988cd3487d3723bfdaf8908c3c6063f9b7ad12fad8b5c117d2fd88df496d31d3e44d8f6a8fdb53d27 -SHA512 (clknetsim-c4ccc2.tar.gz) = d2f71b2036e33ee92cd3590079dac04bc57bf2e9909f11e9ba66cd61c9946e92d2ebbdfd03c359cf39c6c8c07b28557d35fee3cb57eec75f5b1201858aa1d701 +SHA512 (linuxptp-3.1.1.tgz) = c3c40987fe68480a8473097ebc3c506fb4f8f3b6456bbe637b2b3cb0b3e0182f1513b511fdc04b3607d5f7d8bd1bd22502bb86eb13f9fa4fa63a3331846b33ec +SHA512 (linuxptp-testsuite-c66922.tar.gz) = 1cf30348bb72768e4de59c363f57b56257b01e5306e27b3d243418572ebfbf324c4cc9cb4f74cac04f8408223b501105aeec70a509cf76ae8e0945a01bc70dd6 +SHA512 (clknetsim-ce3c4a.tar.gz) = 2cc17cbb0a45ffc17cd79027e433afb727e712d9ea77c5f87b71fe170df1f7c99a25fca16619d34f3627b588427077ffbdc566ac45eb789eae86293aca573c56