Since you just sent an update to master for ceph, I'll assume this isn't for master ? Is it for kirkstone ?
Bruce On Tue, Sep 6, 2022 at 6:07 PM <[email protected]> wrote: > > Backport required patches to fix CVE-2022-0670. > > Signed-off-by: Sakib Sajal <[email protected]> > --- > .../ceph/ceph/CVE-2022-0670_1.patch | 114 ++++++++++++++++++ > .../ceph/ceph/CVE-2022-0670_2.patch | 67 ++++++++++ > recipes-extended/ceph/ceph_15.2.15.bb | 2 + > 3 files changed, 183 insertions(+) > create mode 100644 recipes-extended/ceph/ceph/CVE-2022-0670_1.patch > create mode 100644 recipes-extended/ceph/ceph/CVE-2022-0670_2.patch > > diff --git a/recipes-extended/ceph/ceph/CVE-2022-0670_1.patch > b/recipes-extended/ceph/ceph/CVE-2022-0670_1.patch > new file mode 100644 > index 0000000..ea790d3 > --- /dev/null > +++ b/recipes-extended/ceph/ceph/CVE-2022-0670_1.patch > @@ -0,0 +1,114 @@ > +From 0cd1d8aa5ac935f738365ba38b397cae0fc9179c Mon Sep 17 00:00:00 2001 > +From: Kotresh HR <[email protected]> > +Date: Fri, 4 Feb 2022 14:55:03 +0530 > +Subject: [PATCH] mgr/volumes: Fix subvolume discover during upgrade > + > +Fixes the subvolume discover to use the correct > +metadata file after an upgrade from legacy subvolume > +to v1. The fix makes sure, it doesn't use the > +handcrafted metadata file placed in the subvolume > +root of legacy subvolume. > + > +Co-authored-by: Arthur Outhenin-Chalandre <[email protected]> > +Co-authored-by: Dan van der Ster <[email protected]> > +Co-authored-by: Ramana Raja <[email protected]> > +Signed-off-by: Kotresh HR <[email protected]> > +(cherry picked from commit 7eba9cab6cfb9a13a84062177d7a0fa228311e13) > + > +Upstream-Status: Backport [0cd1d8aa5ac935f738365ba38b397cae0fc9179c] > +CVE: CVE-2022-0670 > + > +Signed-off-by: Sakib Sajal <[email protected]> > +--- > + .../fs/operations/versions/metadata_manager.py | 17 ++++++++++++++--- > + .../fs/operations/versions/subvolume_base.py | 17 ++++++++++++++++- > + 2 files changed, 30 insertions(+), 4 deletions(-) > + > +diff --git > a/src/pybind/mgr/volumes/fs/operations/versions/metadata_manager.py > b/src/pybind/mgr/volumes/fs/operations/versions/metadata_manager.py > +index 1b6c4327837..cb3059e5653 100644 > +--- a/src/pybind/mgr/volumes/fs/operations/versions/metadata_manager.py > ++++ b/src/pybind/mgr/volumes/fs/operations/versions/metadata_manager.py > +@@ -40,16 +40,17 @@ class MetadataManager(object): > + def refresh(self): > + fd = None > + conf_data = StringIO() > ++ log.debug("opening config {0}".format(self.config_path)) > + try: > +- log.debug("opening config {0}".format(self.config_path)) > + fd = self.fs.open(self.config_path, os.O_RDONLY) > + while True: > + data = self.fs.read(fd, -1, MetadataManager.MAX_IO_BYTES) > + if not len(data): > + break > + conf_data.write(data.decode('utf-8')) > +- conf_data.seek(0) > +- self.config.readfp(conf_data) > ++ except UnicodeDecodeError: > ++ raise MetadataMgrException(-errno.EINVAL, > ++ "failed to decode, erroneous metadata config > '{0}'".format(self.config_path)) > + except cephfs.ObjectNotFound: > + raise MetadataMgrException(-errno.ENOENT, "metadata config > '{0}' not found".format(self.config_path)) > + except cephfs.Error as e: > +@@ -58,6 +59,16 @@ class MetadataManager(object): > + if fd is not None: > + self.fs.close(fd) > + > ++ conf_data.seek(0) > ++ try: > ++ if sys.version_info >= (3, 2): > ++ self.config.read_file(conf_data) > ++ else: > ++ self.config.readfp(conf_data) > ++ except configparser.Error: > ++ raise MetadataMgrException(-errno.EINVAL, "failed to parse, > erroneous metadata config " > ++ "'{0}'".format(self.config_path)) > ++ > + def flush(self): > + # cull empty sections > + for section in list(self.config.sections()): > +diff --git a/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > b/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > +index 2840a9f2ea3..b499d242e3b 100644 > +--- a/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > ++++ b/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > +@@ -5,6 +5,7 @@ import errno > + import logging > + from hashlib import md5 > + from typing import Dict, Union > ++from pathlib import Path > + > + import cephfs > + > +@@ -123,6 +124,15 @@ class SubvolumeBase(object): > + raise NotImplementedError > + > + def load_config(self): > ++ try: > ++ self.fs.stat(self.legacy_config_path) > ++ self.legacy_mode = True > ++ except cephfs.Error as e: > ++ pass > ++ > ++ log.debug("loading config " > ++ "'{0}' [mode: {1}]".format(self.subvolname, "legacy" > ++ if self.legacy_mode else > "new")) > + if self.legacy_mode: > + self.metadata_mgr = MetadataManager(self.fs, > self.legacy_config_path, 0o640) > + else: > +@@ -271,8 +281,13 @@ class SubvolumeBase(object): > + self.fs.stat(self.base_path) > + self.metadata_mgr.refresh() > + log.debug("loaded subvolume '{0}'".format(self.subvolname)) > ++ subvolpath = > self.metadata_mgr.get_global_option(MetadataManager.GLOBAL_META_KEY_PATH) > ++ if not self.legacy_mode and self.base_path.decode('utf-8') != > str(Path(subvolpath).parent): > ++ raise MetadataMgrException(-errno.ENOENT, 'fabricated > .meta') > + except MetadataMgrException as me: > +- if me.errno == -errno.ENOENT and not self.legacy_mode: > ++ if me.errno in (-errno.ENOENT, -errno.EINVAL) and not > self.legacy_mode: > ++ log.warn("subvolume '{0}', {1}, " > ++ "assuming legacy_mode".format(self.subvolname, > me.error_str)) > + self.legacy_mode = True > + self.load_config() > + self.discover() > +-- > +2.25.1 > + > diff --git a/recipes-extended/ceph/ceph/CVE-2022-0670_2.patch > b/recipes-extended/ceph/ceph/CVE-2022-0670_2.patch > new file mode 100644 > index 0000000..dad466b > --- /dev/null > +++ b/recipes-extended/ceph/ceph/CVE-2022-0670_2.patch > @@ -0,0 +1,67 @@ > +From c774e03c29955f0fb668af6190a9750d03bb09b8 Mon Sep 17 00:00:00 2001 > +From: Kotresh HR <[email protected]> > +Date: Thu, 9 Jun 2022 13:30:59 +0530 > +Subject: [PATCH] mgr/volumes: V2 Fix for > + test_subvolume_retain_snapshot_invalid_recreate > + > +Signed-off-by: Kotresh HR <[email protected]> > + > +Upstream-Status: Backport [c774e03c29955f0fb668af6190a9750d03bb09b8] > +CVE: CVE-2022-0670 > + > +Signed-off-by: Sakib Sajal <[email protected]> > + > +--- > + .../mgr/volumes/fs/operations/versions/subvolume_base.py | 8 ++++++-- > + .../mgr/volumes/fs/operations/versions/subvolume_v1.py | 2 +- > + 2 files changed, 7 insertions(+), 3 deletions(-) > + > +diff --git a/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > b/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > +index b499d242e3b..aba8c90cf67 100644 > +--- a/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > ++++ b/src/pybind/mgr/volumes/fs/operations/versions/subvolume_base.py > +@@ -17,6 +17,7 @@ from ...fs_util import get_ancestor_xattr > + from ...exception import MetadataMgrException, VolumeException > + from .op_sm import SubvolumeOpSm > + from .auth_metadata import AuthMetadataManager > ++from .subvolume_attrs import SubvolumeStates > + > + log = logging.getLogger(__name__) > + > +@@ -112,7 +113,7 @@ class SubvolumeBase(object): > + @property > + def state(self): > + """ Subvolume state, one of SubvolumeStates """ > +- raise NotImplementedError > ++ return > SubvolumeStates.from_value(self.metadata_mgr.get_global_option(MetadataManager.GLOBAL_META_KEY_STATE)) > + > + @property > + def subvol_type(self): > +@@ -282,7 +283,10 @@ class SubvolumeBase(object): > + self.metadata_mgr.refresh() > + log.debug("loaded subvolume '{0}'".format(self.subvolname)) > + subvolpath = > self.metadata_mgr.get_global_option(MetadataManager.GLOBAL_META_KEY_PATH) > +- if not self.legacy_mode and self.base_path.decode('utf-8') != > str(Path(subvolpath).parent): > ++ # subvolume with retained snapshots has empty path, don't > mistake it for > ++ # fabricated metadata. > ++ if (not self.legacy_mode and self.state != > SubvolumeStates.STATE_RETAINED and > ++ self.base_path.decode('utf-8') != > str(Path(subvolpath).parent)): > + raise MetadataMgrException(-errno.ENOENT, 'fabricated > .meta') > + except MetadataMgrException as me: > + if me.errno in (-errno.ENOENT, -errno.EINVAL) and not > self.legacy_mode: > +diff --git a/src/pybind/mgr/volumes/fs/operations/versions/subvolume_v1.py > b/src/pybind/mgr/volumes/fs/operations/versions/subvolume_v1.py > +index f7b13f17c77..9e772653ba5 100644 > +--- a/src/pybind/mgr/volumes/fs/operations/versions/subvolume_v1.py > ++++ b/src/pybind/mgr/volumes/fs/operations/versions/subvolume_v1.py > +@@ -673,7 +673,7 @@ class SubvolumeV1(SubvolumeBase, SubvolumeTemplate): > + > + @property > + def state(self): > +- return > SubvolumeStates.from_value(self.metadata_mgr.get_global_option(MetadataManager.GLOBAL_META_KEY_STATE)) > ++ return super(SubvolumeV1, self).state > + > + @state.setter > + def state(self, val): > +-- > +2.25.1 > + > diff --git a/recipes-extended/ceph/ceph_15.2.15.bb > b/recipes-extended/ceph/ceph_15.2.15.bb > index f2ece8c..d63051c 100644 > --- a/recipes-extended/ceph/ceph_15.2.15.bb > +++ b/recipes-extended/ceph/ceph_15.2.15.bb > @@ -17,6 +17,8 @@ SRC_URI = > "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \ > > file://0001-buffer.h-add-missing-header-file-due-to-gcc-upgrade.patch \ > > file://0002-common-fix-FTBFS-due-to-dout-need_dynamic-on-GCC-12.patch \ > file://CVE-2021-3979.patch \ > + file://CVE-2022-0670_1.patch \ > + file://CVE-2022-0670_2.patch \ > " > > SRC_URI[sha256sum] = > "5dccdaff2ebe18d435b32bfc06f8b5f474bf6ac0432a6a07d144b7c56700d0bf" > -- > 2.33.0 > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#7602): https://lists.yoctoproject.org/g/meta-virtualization/message/7602 Mute This Topic: https://lists.yoctoproject.org/mt/93512577/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
