From patchwork Sun Apr 27 21:28:42 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Marko, Peter" X-Patchwork-Id: 61990 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6ADFAC369D5 for ; Sun, 27 Apr 2025 21:30:02 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web11.34309.1745789376621160640 for ; Sun, 27 Apr 2025 14:29:37 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=peter.marko@siemens.com header.s=fm1 header.b=CEnPZppz; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-256628-202504272129334384b9c345012ec12e-hryddw@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 202504272129334384b9c345012ec12e for ; Sun, 27 Apr 2025 23:29:33 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=peter.marko@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc; bh=C3EKcwTqkNunfTSnnMiZrrA5b7ATxX3JhDh9uVv1DqE=; b=CEnPZppzKuNKcICa53YThN1kVd2Jal3yYS4Qhorao9XNeLsR0b+AWWYuUpMG9fNV2kEwD9 nnVCN7fNMG0j+Ck/LJkvgZN5nYAvzLtfXiBdJP18TrEJJHrjabp99AGQk2N55MiPbtRRftiC OuZK8/mZrp4mZsQ7P2jjtP0b3xkVD3i0QqeQ2jrv+OUsngkIfRtHkj/97iYwhwUHz8KjjgXn l8e7K0yZU9hKdlluKPEw7T2EoPeyWfcHLL1qqGAjOzWI9+YNZTwYk64S3awhlLWEHytnA9Gx GoA8e0jQQJbTx6FV35K/Qo9bkCq8WHvYdWhitba6PKgSmF4IVs89gnmg==; From: Peter Marko To: openembedded-devel@lists.openembedded.org Cc: Peter Marko Subject: [meta-networking][PATCH 1/3] corosync: fix upstream version check Date: Sun, 27 Apr 2025 23:28:42 +0200 Message-Id: <20250427212844.1992660-1-peter.marko@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-256628:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sun, 27 Apr 2025 21:30:02 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/117178 From: Peter Marko github-releases is needed that it work at all: ERROR: Automatic discovery of latest version/revision failed - you must provide a version using the --version/-V option, or for recipes that fetch from an SCM such as git, the --srcrev/-S option. UPSTREAM_CHECK_GITTAGREGEX is needed to get correct version, otherwise: $ devtool latest-version corosync ... INFO: Current version: 3.1.6 INFO: Latest version: 414.336.75.75.75 Signed-off-by: Peter Marko --- meta-networking/recipes-extended/corosync/corosync_3.1.6.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta-networking/recipes-extended/corosync/corosync_3.1.6.bb b/meta-networking/recipes-extended/corosync/corosync_3.1.6.bb index cbbbbc70cd..e8e4540a21 100644 --- a/meta-networking/recipes-extended/corosync/corosync_3.1.6.bb +++ b/meta-networking/recipes-extended/corosync/corosync_3.1.6.bb @@ -5,13 +5,13 @@ HOMEPAGE = "http://corosync.github.io/corosync/" SECTION = "base" -inherit autotools pkgconfig systemd +inherit autotools pkgconfig systemd github-releases -SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz \ +SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${BP}.tar.gz \ file://corosync.conf \ " SRC_URI[sha256sum] = "ca6ed32b4d7f33ed614afce8760fe58d0de92c68b575d4969ebacd892f3d1e27" -UPSTREAM_CHECK_REGEX = "(?P\d+\.(?!99)\d+(\.\d+)+)" +UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=a85eb4ce24033adb6088dd1d6ffc5e5d" From patchwork Sun Apr 27 21:28:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Marko, Peter" X-Patchwork-Id: 61991 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4BCF3C369D5 for ; Sun, 27 Apr 2025 21:30:12 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web11.34313.1745789401611435617 for ; Sun, 27 Apr 2025 14:30:01 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=peter.marko@siemens.com header.s=fm1 header.b=gOyqqVqa; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-256628-202504272129592f24da79145585879c-tqw_6d@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 202504272129592f24da79145585879c for ; Sun, 27 Apr 2025 23:29:59 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=peter.marko@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=oJS94UBtmAX0M5jXA/5fjPMiR5Cz1tslNKOjRyjBuOI=; b=gOyqqVqaw+mongnvkzgOrFLec32QQbb/M7yTH5hXbSR25z+0agthgddiXTQFZDDkAqdgga uzghjlqfIZyy/qz+jGm6slZX5hJU4PY9t8HhMVMjh2gVEmJHTZK+XaMVweTx5Fn1UsvLXpLt Qf/PI0F1gJ45eA3u1qgZDeq3n8g3W3g4OBkU3rGvLItOzqUQGeK5DP1MELzXpgLO7TuwOqVH P2tW1m+ei5CtzRjru7pCu36St5+cHLx1E5BWR79Vhui3KXfpmlwc8kxm4T4eHkW8e1TJBP/C C2JTwl674qmhWwSzO4vPprfN3VIwPWHZytus3CXdAEb/k6Ww7bevSjRw==; From: Peter Marko To: openembedded-devel@lists.openembedded.org Cc: Peter Marko Subject: [meta-networking][PATCH 2/3] corosync: upgrade 3.1.6 -> 3.1.9 Date: Sun, 27 Apr 2025 23:28:43 +0200 Message-Id: <20250427212844.1992660-2-peter.marko@siemens.com> In-Reply-To: <20250427212844.1992660-1-peter.marko@siemens.com> References: <20250427212844.1992660-1-peter.marko@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-256628:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sun, 27 Apr 2025 21:30:12 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/117179 From: Peter Marko dbus dir was changed from sysconfdir to datadir drop unused configure code License-Update: copyright years refreshed Signed-off-by: Peter Marko --- .../corosync/{corosync_3.1.6.bb => corosync_3.1.9.bb} | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) rename meta-networking/recipes-extended/corosync/{corosync_3.1.6.bb => corosync_3.1.9.bb} (90%) diff --git a/meta-networking/recipes-extended/corosync/corosync_3.1.6.bb b/meta-networking/recipes-extended/corosync/corosync_3.1.9.bb similarity index 90% rename from meta-networking/recipes-extended/corosync/corosync_3.1.6.bb rename to meta-networking/recipes-extended/corosync/corosync_3.1.9.bb index e8e4540a21..af023307bb 100644 --- a/meta-networking/recipes-extended/corosync/corosync_3.1.6.bb +++ b/meta-networking/recipes-extended/corosync/corosync_3.1.9.bb @@ -10,11 +10,11 @@ inherit autotools pkgconfig systemd github-releases SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${BP}.tar.gz \ file://corosync.conf \ " -SRC_URI[sha256sum] = "ca6ed32b4d7f33ed614afce8760fe58d0de92c68b575d4969ebacd892f3d1e27" +SRC_URI[sha256sum] = "203354bbddee1a97b3c50a076eae89c635f406dd674ccaefc94bb9092acd9535" UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=a85eb4ce24033adb6088dd1d6ffc5e5d" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d9c2cca5d3448c43e52a399ad611658a" DEPENDS = "groff-native nss libqb kronosnet" @@ -34,11 +34,6 @@ PACKAGECONFIG[systemd] = "--enable-systemd --with-systemddir=${systemd_system_un EXTRA_OECONF = "ac_cv_path_BASHPATH=${base_bindir}/bash ap_cv_cc_pie=no" EXTRA_OEMAKE = "tmpfilesdir_DATA=" -#do_configure:prepend() { -# ( cd ${S} -# ${S}/autogen.sh ) -#} - do_install:append() { install -D -m 0644 ${UNPACKDIR}/corosync.conf ${D}${sysconfdir}/corosync/corosync.conf.example install -d ${D}${sysconfdir}/sysconfig/ @@ -59,5 +54,6 @@ do_install:append() { RDEPENDS:${PN} += "bash ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'sysvinit-pidof', 'procps', d)}" +FILES:${PN} += "${datadir}/dbus-1" FILES:${PN}-dbg += "${libexecdir}/lcrso/.debug" FILES:${PN}-doc += "${datadir}/snmp/mibs/COROSYNC-MIB.txt" From patchwork Sun Apr 27 21:28:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Marko, Peter" X-Patchwork-Id: 61992 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 54E7BC369D1 for ; Sun, 27 Apr 2025 21:30:32 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web10.34229.1745789410042816540 for ; Sun, 27 Apr 2025 14:30:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=peter.marko@siemens.com header.s=fm1 header.b=DPI1PSUL; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-256628-20250427213007fe47440a4cf7b8dbc1-2us4t1@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 20250427213007fe47440a4cf7b8dbc1 for ; Sun, 27 Apr 2025 23:30:07 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=peter.marko@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=Fc8uYxZ0t1Xo6PS191iKNZUpmsqUIGB/YReKRtgSoPw=; b=DPI1PSULMHcgdRP120jNah2OPMtqAu72X5XPMwel78zUDS/LpP1+QLN5GqiTnUzbvcDq0R vNR0FF4PRBWP0r7lBe/n72n2q9wPNJ4AL8K3QGTap6CwjSgu3tgRrnNwSbje7EkbfZTb+5L2 M+dFeHKkizBYcNl78VVS4+OMFi6ST7Gs4wWs2VmGvE9JooU9GgZHun+uSRWxhdP54m0A7Y91 CIwmmF3EVKqVUdnKRLD0i8g3BjW85Jb02ZQlYPJaZcB8kHzkvyYjfJigZ7QBKuOGO6Xab18v gWBq83nMQfI6/2EPqN0wcG8LmbiTkY6eNtJEmTVPQo8WzoFW8IbLdfVw==; From: Peter Marko To: openembedded-devel@lists.openembedded.org Cc: Peter Marko Subject: [meta-networking][PATCH 3/3] corosync: patch CVE-2025-30472 Date: Sun, 27 Apr 2025 23:28:44 +0200 Message-Id: <20250427212844.1992660-3-peter.marko@siemens.com> In-Reply-To: <20250427212844.1992660-1-peter.marko@siemens.com> References: <20250427212844.1992660-1-peter.marko@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-256628:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sun, 27 Apr 2025 21:30:32 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/117180 From: Peter Marko Pick commit from [1] mentioned in [2] from [3] [1] https://github.com/corosync/corosync/issues/778 [2] https://github.com/corosync/corosync/pull/779 [3] https://nvd.nist.gov/vuln/detail/CVE-2025-30472 Signed-off-by: Peter Marko --- .../corosync/corosync/CVE-2025-30472.patch | 69 +++++++++++++++++++ .../corosync/corosync_3.1.9.bb | 1 + 2 files changed, 70 insertions(+) create mode 100644 meta-networking/recipes-extended/corosync/corosync/CVE-2025-30472.patch diff --git a/meta-networking/recipes-extended/corosync/corosync/CVE-2025-30472.patch b/meta-networking/recipes-extended/corosync/corosync/CVE-2025-30472.patch new file mode 100644 index 0000000000..9b36dbe3fb --- /dev/null +++ b/meta-networking/recipes-extended/corosync/corosync/CVE-2025-30472.patch @@ -0,0 +1,69 @@ +From 7839990f9cdf34e55435ed90109e82709032466a Mon Sep 17 00:00:00 2001 +From: Jan Friesse +Date: Mon, 24 Mar 2025 12:05:08 +0100 +Subject: [PATCH] totemsrp: Check size of orf_token msg + +orf_token message is stored into preallocated array on endian convert +so carefully crafted malicious message can lead to crash of corosync. + +Solution is to check message size beforehand. + +Signed-off-by: Jan Friesse +Reviewed-by: Christine Caulfield + +CVE: CVE-2025-30472 +Upstream-Status: Backport [https://github.com/corosync/corosync/commits/7839990f9cdf34e55435ed90109e82709032466a] +Signed-off-by: Peter Marko +--- + exec/totemsrp.c | 18 +++++++++++++++++- + 1 file changed, 17 insertions(+), 1 deletion(-) + +diff --git a/exec/totemsrp.c b/exec/totemsrp.c +index 962d0e2a..364528ce 100644 +--- a/exec/totemsrp.c ++++ b/exec/totemsrp.c +@@ -3679,12 +3679,20 @@ static int check_orf_token_sanity( + const struct totemsrp_instance *instance, + const void *msg, + size_t msg_len, ++ size_t max_msg_len, + int endian_conversion_needed) + { + int rtr_entries; + const struct orf_token *token = (const struct orf_token *)msg; + size_t required_len; + ++ if (msg_len > max_msg_len) { ++ log_printf (instance->totemsrp_log_level_security, ++ "Received orf_token message is too long... ignoring."); ++ ++ return (-1); ++ } ++ + if (msg_len < sizeof(struct orf_token)) { + log_printf (instance->totemsrp_log_level_security, + "Received orf_token message is too short... ignoring."); +@@ -3698,6 +3706,13 @@ static int check_orf_token_sanity( + rtr_entries = token->rtr_list_entries; + } + ++ if (rtr_entries > RETRANSMIT_ENTRIES_MAX) { ++ log_printf (instance->totemsrp_log_level_security, ++ "Received orf_token message rtr_entries is corrupted... ignoring."); ++ ++ return (-1); ++ } ++ + required_len = sizeof(struct orf_token) + rtr_entries * sizeof(struct rtr_item); + if (msg_len < required_len) { + log_printf (instance->totemsrp_log_level_security, +@@ -3868,7 +3883,8 @@ static int message_handler_orf_token ( + "Time since last token %0.4f ms", tv_diff / (float)QB_TIME_NS_IN_MSEC); + #endif + +- if (check_orf_token_sanity(instance, msg, msg_len, endian_conversion_needed) == -1) { ++ if (check_orf_token_sanity(instance, msg, msg_len, sizeof(token_storage), ++ endian_conversion_needed) == -1) { + return (0); + } + diff --git a/meta-networking/recipes-extended/corosync/corosync_3.1.9.bb b/meta-networking/recipes-extended/corosync/corosync_3.1.9.bb index af023307bb..1699701c9d 100644 --- a/meta-networking/recipes-extended/corosync/corosync_3.1.9.bb +++ b/meta-networking/recipes-extended/corosync/corosync_3.1.9.bb @@ -9,6 +9,7 @@ inherit autotools pkgconfig systemd github-releases SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${BP}.tar.gz \ file://corosync.conf \ + file://CVE-2025-30472.patch \ " SRC_URI[sha256sum] = "203354bbddee1a97b3c50a076eae89c635f406dd674ccaefc94bb9092acd9535" UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)"