new file mode 100644
@@ -0,0 +1,49 @@
+From 56abe432b65801f31277fb9a3bca0f9e31502315 Mon Sep 17 00:00:00 2001
+From: Matthias Gerstner <matthias.gerstner@suse.de>
+Date: Thu, 25 Apr 2024 12:43:49 +0200
+Subject: [PATCH] libmisc: __acl_get_uid(): fix memory wasting loop if user
+ does not exist
+
+I noticed that `acl_from_text()` unexpectedly returns ENOMEM for invalid
+user names. The reason for this is a missing break statement in the for
+loop in `__acl_get_uid()`, which causes the loop to act as if ERANGE was
+returned from `getpwnam_r()`, thereby exponentially increasing the
+buffer size to (in my case) multiple gigabytes, until `grow_buffer()`
+reports ENOMEM, which terminates the `__acl_get_uid()` function.
+
+This is a pretty costly "no such user" lookup that can disturb a
+process's heap memory management, but can also cause a process to fail
+e.g. if it is multithreaded and other threads encounter an ENOMEM,
+before `__acl_get_uid()` frees the gigantic heap buffer and returns.
+The allocated memory isn't actually used. Therefore on Linux it should
+not affect other processes by default, due to its overcommit memory
+and lazy memory allocation strategy.
+
+Fix this by properly terminating the for loop on any conditions except
+an ERANGE error being reported. The same break statement correctly
+exists in `__acl_get_gid()` already.
+
+Fixes: 3737f00 ("use thread-safe getpwnam_r and getgrnam_r")
+Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
+
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ libmisc/uid_gid_lookup.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libmisc/uid_gid_lookup.c b/libmisc/uid_gid_lookup.c
+index a4f21f6..74baab4 100644
+--- a/libmisc/uid_gid_lookup.c
++++ b/libmisc/uid_gid_lookup.c
+@@ -91,6 +91,7 @@ __acl_get_uid(const char *token, uid_t *uid_p)
+ if (err == ERANGE)
+ continue;
+ errno = err ? err : EINVAL;
++ break;
+ }
+ free(buffer);
+ return result ? 0 : -1;
+--
+2.43.0
+
deleted file mode 100644
@@ -1,60 +0,0 @@
-From 7dec6fa3b3494a55120402ff1ea3eb96b67138e8 Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex.kanavin@gmail.com>
-Date: Thu, 12 Dec 2019 15:47:49 +0100
-Subject: [PATCH] test: patch out failing bits
-
-I have confirmed on the host distro (Ubuntu 18.04) that they
-fail as well; upstream probably haven't noticed because the
-test is only executed under sudo.
-
-Upstream-Status: Inappropriate [disabling tests instead of fixing them properly]
-Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
----
- test/root/permissions.test | 13 -------------
- 1 file changed, 13 deletions(-)
-
-diff --git a/test/root/permissions.test b/test/root/permissions.test
-index 8f8f825..21e8a95 100644
---- a/test/root/permissions.test
-+++ b/test/root/permissions.test
-@@ -50,10 +50,6 @@ User daemon is a member in the owning group, which has only read access.
- Verify this.
-
- $ su daemon
-- $ cat f
-- > root
-- > bin
--
- $ echo daemon >> f
- >~ .*f: Permission denied$
-
-@@ -146,8 +142,6 @@ the owning group, he should still have no write access.
- $ setfacl -x g:daemon f
-
- $ su daemon
-- $ echo daemon4 >> f
-- >~ .*f: Permission denied$
-
-
- Change the owning group. The other permissions should now grant user
-@@ -158,12 +152,6 @@ daemon write access.
-
- $ su daemon
- $ echo daemon5 >> f
-- $ cat f
-- > root
-- > bin
-- > daemon
-- > daemon2
-- > daemon5
-
-
- Verify that permissions in separate matching ACL entries do not
-@@ -173,7 +161,6 @@ accumulate.
- $ setfacl -m g:bin:r,g:daemon:w f
-
- $ su daemon
-- $ : < f
- $ : > f
- $ : <> f
- >~ .*f: Permission denied$
deleted file mode 100644
@@ -1,24 +0,0 @@
-From 42ae3f8a5e32ba0681ccd1552a203ddad8748a6e Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex.kanavin@gmail.com>
-Date: Thu, 12 Dec 2019 13:45:52 +0100
-Subject: [PATCH] tests: do not hardcode the build path into a helper library
-
-Upstream-Status: Inappropriate [oe-core specific]
-Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
----
- test/Makemodule.am | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/test/Makemodule.am b/test/Makemodule.am
-index e1d715d..cffe732 100644
---- a/test/Makemodule.am
-+++ b/test/Makemodule.am
-@@ -30,7 +30,7 @@ EXTRA_DIST += \
- check_LTLIBRARIES = libtestlookup.la
-
- libtestlookup_la_SOURCES = test/test_passwd.c test/test_group.c
--libtestlookup_la_CFLAGS = -DBASEDIR=\"$(abs_srcdir)\"
-+libtestlookup_la_CFLAGS = -DBASEDIR=\"/tmp/acl-ptest\"
- libtestlookup_la_LDFLAGS = -rpath $(abs_builddir)
-
- # Make sure translations don't break tests when matching output.
@@ -1,16 +1,31 @@
#!/bin/sh
-#
-#This script is used to run acl test suites
-#umask 077
+failed=0
+all=0
-mkdir -p /tmp/acl-ptest/test
-cp test/test.* /tmp/acl-ptest/test
-set +e
-make test-suite.log
-exitcode=$?
-if [ $exitcode -ne 0 -a -e test-suite.log ]; then
- cat test-suite.log
+for f in *.test; do
+ LD_PRELOAD=$(pwd)/libtestlookup.so ./run $f
+ case "$?" in
+ 0)
+ echo "PASS: $f"
+ all=$((all + 1))
+ ;;
+ 77)
+ echo "SKIP: $f"
+ ;;
+ *)
+ echo "FAIL: $f"
+ failed=$((failed + 1))
+ all=$((all + 1))
+ ;;
+ esac
+done
+
+if [ "$failed" -eq 0 ] ; then
+ echo "All $all tests passed"
+ exit 0
+else
+ echo "$failed of $all tests failed"
+ exit 1
fi
-exit $exitcode
new file mode 100644
@@ -0,0 +1,47 @@
+Disable a test which fails under musl as the runner makes assumptions about how
+stdout and stderr are interleaved, and musl doesn't behave the same as glibc.
+
+Underlying issue reported at https://savannah.nongnu.org/bugs/?66944.
+
+Upstream-Status: Inappropriate [musl-specific]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+diff --git i/test/misc.test w/test/misc.test
+index 06b3136..736cfbb 100644
+--- i/test/misc.test
++++ w/test/misc.test
+@@ -427,34 +427,6 @@ Now, chmod should change the group_obj entry
+
+ $ rmdir d
+
+-Dangling symlink test https://savannah.nongnu.org/bugs/?28131
+-
+- $ mkdir d
+- $ ln -s d/a d/b
+- $ getfacl -R d
+- > # file: d
+- > # owner: %TUSER
+- > # group: %TGROUP
+- > user::rwx
+- > group::rwx
+- > other::r-x
+- >
+- $ setfacl -R -m u:bin:rw d
+- $ getfacl -RL d
+- > getfacl: d/b: No such file or directory
+- > # file: d
+- > # owner: %TUSER
+- > # group: %TGROUP
+- > user::rwx
+- > user:bin:rw-
+- > group::rwx
+- > mask::rwx
+- > other::r-x
+- >
+- $ setfacl -RL -m u:bin:rw d
+- > setfacl: d/b: No such file or directory
+- $ rm -R d
+-
+ Handle escaped literal backslash followed by numeric username
+ $ mkdir d
+ $ touch d/f
@@ -16,10 +16,10 @@ LIC_FILES_CHKSUM = "file://doc/COPYING;md5=c781d70ed2b4d48995b790403217a249 \
DEPENDS = "attr"
SRC_URI = "${SAVANNAH_GNU_MIRROR}/acl/${BP}.tar.gz \
+ file://0001-libmisc-__acl_get_uid-fix-memory-wasting-loop-if-use.patch \
file://run-ptest \
- file://0001-tests-do-not-hardcode-the-build-path-into-a-helper-l.patch \
- file://0001-test-patch-out-failing-bits.patch \
"
+SRC_URI:append:libc-musl = " file://tests-not-musl.patch"
SRC_URI[sha256sum] = "5f2bdbad629707aa7d85c623f994aa8a1d2dec55a73de5205bac0bf6058a2f7c"
@@ -31,57 +31,41 @@ PACKAGES =+ "lib${BPN}"
FILES:lib${BPN} = "${libdir}/lib*${SOLIBS}"
-PTEST_BUILD_HOST_FILES = "builddefs"
-PTEST_BUILD_HOST_PATTERN = "^RPM"
-
do_compile_ptest() {
- oe_runmake libtestlookup.la
+ oe_runmake libtestlookup.la libtestlookup_la_CFLAGS=-DBASEDIR=\\\"${PTEST_PATH}\\\"
}
do_install_ptest() {
- cp -rf ${S}/test/ ${D}${PTEST_PATH}
- cp -rf ${S}/build-aux/ ${D}${PTEST_PATH}
- mkdir -p ${D}${PTEST_PATH}/.libs
- cp -rf ${B}/.libs/libtestlookup* ${D}${PTEST_PATH}/.libs
- cp ${B}/Makefile ${D}${PTEST_PATH}
+ install -m755 ${S}/test/run ${S}/test/sort-getfacl-output ${D}${PTEST_PATH}/
+ install -m644 ${S}/test/*.acl ${D}${PTEST_PATH}/
- sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
- -e 's|${DEBUG_PREFIX_MAP}||g' \
- -e 's:${HOSTTOOLS_DIR}/::g' \
- -e 's:${RECIPE_SYSROOT_NATIVE}::g' \
- -e 's:${BASE_WORKDIR}/${MULTIMACH_TARGET_SYS}::g' \
- -i ${D}${PTEST_PATH}/Makefile
+ # Install the tests
+ for t in $(makefile-getvar ${S}/test/Makemodule.am TESTS); do
+ install -m644 ${S}/$t ${D}${PTEST_PATH}/
+ done
+ # Remove the tests that are expected to fail (they need a NFS server configured)
+ for t in $(makefile-getvar ${S}/test/Makemodule.am XFAIL_TESTS); do
+ rm ${D}${PTEST_PATH}/$(basename $t)
+ done
+ # These tests skip if they're not root but fail if they're run as root
+ # (https://savannah.nongnu.org/bugs/index.php?66927)
+ rm -f ${D}${PTEST_PATH}/getfacl.test ${D}${PTEST_PATH}/permissions.test ${D}${PTEST_PATH}/restore.test ${D}${PTEST_PATH}/setfacl.test
- sed -e "s|^srcdir =.*|srcdir = .|" \
- -e "s|^abs_srcdir =.*|abs_srcdir = .|" \
- -e "s|^abs_top_srcdir =.*|abs_top_srcdir = ..|" \
- -e "s|^Makefile:.*|Makefile:|" \
- -e "/^TEST_LOG_DRIVER =/s|(top_srcdir)|(top_builddir)|" \
- -i ${D}${PTEST_PATH}/Makefile
-
- rm ${D}${PTEST_PATH}/.libs/libtestlookup.lai
-}
-
-do_install_ptest:append:libc-musl() {
- sed -i -e '/test\/misc.test/d' ${D}${PTEST_PATH}/Makefile
+ ${B}/libtool --mode=install install ${B}/libtestlookup.la ${D}${PTEST_PATH}/
+ rm -f ${D}${PTEST_PATH}/*.la
+ install -d ${D}${PTEST_PATH}/test
+ install -m644 ${S}/test/test.passwd ${S}/test/test.group ${D}${PTEST_PATH}/test
}
RDEPENDS:${PN}-ptest = "acl \
- bash \
coreutils \
perl \
- perl-module-constant \
- perl-module-filehandle \
- perl-module-getopt-std \
- perl-module-posix \
- shadow \
- make \
- gawk \
- e2fsprogs-mke2fs \
perl-module-cwd \
perl-module-file-basename \
perl-module-file-path \
- perl-module-file-spec \
+ perl-module-filehandle \
+ perl-module-getopt-std \
+ perl-module-posix \
"
BBCLASSEXTEND = "native nativesdk"
As there's a small number of test binaries in acl, instead of installing large chunks of the build tree we can install just those and use a boilerplate test runner. Drop 0001-tests-do-not-hardcode-the-build-path-into-a-helper-l.patch and replace with an explicit -DBASEDIR= flag passed at build time. Drop 0001-test-patch-out-failing-bits.patch and delete the tests that fail entirely, as the lines that were being deleted in the patch were the key parts of the test. Backport a patch from upstream so that some tests don't use excessive amounts of memory. Add a patch to disable a single test which makes assumptions about how stdout and stderr interleave when read, which is dependent on the libc implementation. The tests assume glibc and musl behaves different, so instead of deleting the entire test file just remove the single test. Clean up dependencies now that we're not shipping the build system. Signed-off-by: Ross Burton <ross.burton@arm.com> --- ...t_uid-fix-memory-wasting-loop-if-use.patch | 49 +++++++++++++++ .../0001-test-patch-out-failing-bits.patch | 60 ------------------ ...dcode-the-build-path-into-a-helper-l.patch | 24 ------- meta/recipes-support/attr/acl/run-ptest | 37 +++++++---- .../attr/acl/tests-not-musl.patch | 47 ++++++++++++++ meta/recipes-support/attr/acl_2.3.2.bb | 62 +++++++------------ 6 files changed, 145 insertions(+), 134 deletions(-) create mode 100644 meta/recipes-support/attr/acl/0001-libmisc-__acl_get_uid-fix-memory-wasting-loop-if-use.patch delete mode 100644 meta/recipes-support/attr/acl/0001-test-patch-out-failing-bits.patch delete mode 100644 meta/recipes-support/attr/acl/0001-tests-do-not-hardcode-the-build-path-into-a-helper-l.patch create mode 100644 meta/recipes-support/attr/acl/tests-not-musl.patch