From f265f17242b04ae036b4dc174fa95401d895dbc5 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 16 Mar 2024 18:48:52 +0000 Subject: gentoo auto-resync : 16:03:2024 - 18:48:51 --- app-emulation/libvirt/Manifest | 2 - .../libvirt-9.4.0-fix-paths-for-apparmor.patch | 91 ---------------------- ...-returning-of-locked-objects-from-virStor.patch | 57 -------------- 3 files changed, 150 deletions(-) delete mode 100644 app-emulation/libvirt/files/libvirt-9.4.0-fix-paths-for-apparmor.patch delete mode 100644 app-emulation/libvirt/files/libvirt-9.6.0-storage-Fix-returning-of-locked-objects-from-virStor.patch (limited to 'app-emulation/libvirt') diff --git a/app-emulation/libvirt/Manifest b/app-emulation/libvirt/Manifest index 343366358c81..cfdb01d6f513 100644 --- a/app-emulation/libvirt/Manifest +++ b/app-emulation/libvirt/Manifest @@ -1,10 +1,8 @@ AUX README.gentoo-r3 2065 BLAKE2B f3677b916121126c431ba32e324bcc9f04b4dfeef1ee54517cae1118c67274592d890d6d919a48af6709e9220379797549277904a02fea740a69b1bf8f2397aa SHA512 77ede8a3e1a380b334595e65ae148acd2e52d594200253dc67d68dd256db5bf72ce7ce222d067c739ce53f84634421e74726f30c0ab7a1c76b86ccdc191c8a69 AUX libvirt-9.10.0-virxml-include-libxml-xmlsave.h-for-xmlIndentTreeOut.patch 1125 BLAKE2B d161698463c56b9fbb8b4c4a5ec1b7d65e87e088d68ea1a2cde316449c80d9ba2a4ad5883962eb3e4d31b0441917f6b02d4c781869083c47c8eeb432f6826e8b SHA512 d1dbcb9f6e1c66a38fa09af84248c8ac68d1f263f07b275e12ae3087a6fbd223eeefe20c7b241d02be9529c14bcf311d850d418bc8cecac4cb4e225d78800a41 AUX libvirt-9.4.0-do-not-use-sysconfig.patch 8195 BLAKE2B b731d57dc86fe725d3cbd47b6e691a414107d3594377bd1c73e19735368937a0983e407ec05700213d2ec5802e90f429fd5c7354cd03fb25d3acced952ab6f38 SHA512 2a2e08a6034ed37cafebde3b0fd27913d972d1e9f8816e10a9af951e99f10bd3b9bc7ada1ac50c5085e3fdd3d02301365d031eb6ce3b71102e4b3072d609f21b -AUX libvirt-9.4.0-fix-paths-for-apparmor.patch 3891 BLAKE2B 2af9198b4dbf1a05fb3d187920f3f47f773f94679bb94cdf318f092ea2ad4e6e6f88c7e2d3432e90510c6cb685de3c91721b8aa77809372dfd0c3b5d4f42ed70 SHA512 d785e5be0042072eeb4cccaf7cdf0cbe4fc195837f7736eae2da7c9d54a3f2538c2a6aac917d6f9621f66b5c05666ef8800bf30869a777bfb033a73b78129880 AUX libvirt-9.4.0-fix_paths_in_libvirt-guests_sh.patch 988 BLAKE2B 5936eafa5c300edad7ed368ec13063d31aea59e3daefeac59cf515ea44667f61aa63b0e2c2a5c88ace24c48cc132789cc5fa1a7c6c04c17e9ac61b114778e46d SHA512 5b80a5ec2898c1c821d0d49b9de67a256f82cb60879215ddde07c2a51f2e8a8b6893fec65617c27edec50cd51a362fb1fcdd21827e8de954f26879adcfa12418 AUX libvirt-9.6.0-fix-paths-for-apparmor.patch 4250 BLAKE2B bf7cc5250575a3b377539aabae316b91a4ff4bc1490f894859e7c066285909b26904fc020cf1c25bed6bae0670db52b2064b55e12a9a8161e2eb4dd0e4bd987e SHA512 abd6472a2a2bd23c0d7232ee807e4c57a799afab13c7bf11538f9b20da584677830691f84816d2cdcec0b7986817c8d469ca169073c2cb0e4b32e8b0ffa05003 -AUX libvirt-9.6.0-storage-Fix-returning-of-locked-objects-from-virStor.patch 2014 BLAKE2B f8ba899f0f7bf7e6a965ede4cd005cb88f45dae89cc45d392ec4771a9b74d87f8f9d46ce96259eacf6688aca38bad59c992c6fa1276441932ef7361787e85b48 SHA512 0ed84dd97965a8c6815173710ee4b157bd003c30bc1cedcafe67f534156d47a234556a2d6014181db204ee8169bfd555fc0de01651156585fdfd08aca9bb1796 AUX libvirt-9.9.0-do-not-use-sysconfig.patch 2910 BLAKE2B 60d9cd53be99377b1f51f01eca85815cbdcb3a97cbcd4131931a975d4ec8073c3a384e9a67267580d30f3ab7117a2fe83ee91c406139ef4bc25ee76e6752d884 SHA512 3ef1c6eb803e0c2425f81a9c90dd0afc466b2474e62fd8189d029bddc679ef1cf9715bf23d98bff6e3ec1ab2515a0a5ede5ffd95f15cef56f3069283ccc8e741 AUX libvirt-guests.confd 2430 BLAKE2B 9d56477c9377e02503782e6d653579c6d149b292c43f37926f4646374e8aae05ca812b6a3a561811482861f8fe67dfdbe63851963326ddbbf2f4644c85411120 SHA512 78f419a89de7aabaad860903c24f1c070786fc1296d987e61dd537705b0e7f71a46c315888028f3826c3417e42861ca8471788be4ec5695e98427c5f18ae63fc AUX libvirt-guests.init-r4 5591 BLAKE2B e745692a7ea706c8367cdb7ee2114565770bda5be5675ba3a541555659d17875f7996ff7028bf415224d095b49b71205a3d77f420464d5579ccc189def5e434d SHA512 ec2bc46d72afa61513983b777e2d49da618a35a4687bc75674b3a49ababd4e2e387661010d342fee86c7a73d259644985a263a6c2976e29a436d88921bb040b0 diff --git a/app-emulation/libvirt/files/libvirt-9.4.0-fix-paths-for-apparmor.patch b/app-emulation/libvirt/files/libvirt-9.4.0-fix-paths-for-apparmor.patch deleted file mode 100644 index b043825bbe08..000000000000 --- a/app-emulation/libvirt/files/libvirt-9.4.0-fix-paths-for-apparmor.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 10152b243dbd7ecfe6c92dd2f831118c0c0bf85d Mon Sep 17 00:00:00 2001 -Message-Id: <10152b243dbd7ecfe6c92dd2f831118c0c0bf85d.1686298837.git.mprivozn@redhat.com> -From: Michal Privoznik -Date: Tue, 15 Mar 2022 05:23:29 +0100 -Subject: [PATCH] libvirt-9.5.0-fix-paths-for-apparmor.patch - -Signed-off-by: Michal Privoznik ---- - src/security/apparmor/libvirt-qemu | 1 + - src/security/apparmor/meson.build | 6 +++--- - src/security/apparmor/usr.lib.libvirt.virt-aa-helper.local | 1 - - ...t-aa-helper.in => usr.libexec.libvirt.virt-aa-helper.in} | 4 ++-- - .../apparmor/usr.libexec.libvirt.virt-aa-helper.local | 1 + - 5 files changed, 7 insertions(+), 6 deletions(-) - delete mode 100644 src/security/apparmor/usr.lib.libvirt.virt-aa-helper.local - rename src/security/apparmor/{usr.lib.libvirt.virt-aa-helper.in => usr.libexec.libvirt.virt-aa-helper.in} (94%) - create mode 100644 src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.local - -diff --git a/src/security/apparmor/libvirt-qemu b/src/security/apparmor/libvirt-qemu -index 44056b5f14..1f0db2cda2 100644 ---- a/src/security/apparmor/libvirt-qemu -+++ b/src/security/apparmor/libvirt-qemu -@@ -96,6 +96,7 @@ - /usr/share/sgabios/** r, - /usr/share/slof/** r, - /usr/share/vgabios/** r, -+ /usr/share/seavgabios/** r, - - # pki for libvirt-vnc and libvirt-spice (LP: #901272, #1690140) - /etc/pki/CA/ r, -diff --git a/src/security/apparmor/meson.build b/src/security/apparmor/meson.build -index 58b4024b85..c77b32665d 100644 ---- a/src/security/apparmor/meson.build -+++ b/src/security/apparmor/meson.build -@@ -1,5 +1,5 @@ - apparmor_gen_profiles = [ -- 'usr.lib.libvirt.virt-aa-helper', -+ 'usr.libexec.libvirt.virt-aa-helper', - 'usr.sbin.libvirtd', - 'usr.sbin.virtqemud', - 'usr.sbin.virtxend', -@@ -35,7 +35,7 @@ install_data( - ) - - install_data( -- 'usr.lib.libvirt.virt-aa-helper.local', -+ 'usr.libexec.libvirt.virt-aa-helper.local', - install_dir: apparmor_dir / 'local', -- rename: 'usr.lib.libvirt.virt-aa-helper', -+ rename: 'usr.libexec.libvirt.virt-aa-helper', - ) -diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.local b/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.local -deleted file mode 100644 -index c0990e51d0..0000000000 ---- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.local -+++ /dev/null -@@ -1 +0,0 @@ --# Site-specific additions and overrides for 'usr.lib.libvirt.virt-aa-helper' -diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in b/src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.in -similarity index 94% -rename from src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in -rename to src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.in -index ff1d46bebe..6beedde1b1 100644 ---- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in -+++ b/src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.in -@@ -41,7 +41,7 @@ profile virt-aa-helper @libexecdir@/virt-aa-helper { - deny /dev/mapper/* r, - - @libexecdir@/virt-aa-helper mr, -- /{usr/,}sbin/apparmor_parser Ux, -+ /{usr/,}{s,}bin/apparmor_parser Ux, - - @sysconfdir@/apparmor.d/libvirt/* r, - @sysconfdir@/apparmor.d/libvirt/libvirt-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]* rw, -@@ -71,5 +71,5 @@ profile virt-aa-helper @libexecdir@/virt-aa-helper { - /**.[iI][sS][oO] r, - /**/disk{,.*} r, - -- #include -+ #include - } -diff --git a/src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.local b/src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.local -new file mode 100644 -index 0000000000..974653d797 ---- /dev/null -+++ b/src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.local -@@ -0,0 +1 @@ -+# Site-specific additions and overrides for 'usr.libexec.libvirt.virt-aa-helper' --- -2.41.0 - diff --git a/app-emulation/libvirt/files/libvirt-9.6.0-storage-Fix-returning-of-locked-objects-from-virStor.patch b/app-emulation/libvirt/files/libvirt-9.6.0-storage-Fix-returning-of-locked-objects-from-virStor.patch deleted file mode 100644 index b2e1b3536227..000000000000 --- a/app-emulation/libvirt/files/libvirt-9.6.0-storage-Fix-returning-of-locked-objects-from-virStor.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 9a47442366fcf8a7b6d7422016d7bbb6764a1098 Mon Sep 17 00:00:00 2001 -Message-ID: <9a47442366fcf8a7b6d7422016d7bbb6764a1098.1698742017.git.mprivozn@redhat.com> -From: Peter Krempa -Date: Thu, 13 Jul 2023 16:16:37 +0200 -Subject: [PATCH] storage: Fix returning of locked objects from - 'virStoragePoolObjListSearch' -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -CVE-2023-3750 - -'virStoragePoolObjListSearch' explicitly documents that it's returning -a pointer to a locked and ref'd pool that maches the lookup function. - -This was not the case as in commit 0c4b391e2a9 (released in -libvirt-8.3.0) the code was accidentally converted to use 'VIR_LOCK_GUARD' -which auto-unlocked it when leaving the scope, even when the code was -originally "leaking" the lock. - -Revert the corresponding conversion and add a comment that this function -is intentionally leaking a locked object. - -Fixes: 0c4b391e2a9 -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2221851 -Signed-off-by: Peter Krempa -Reviewed-by: Ján Tomko -Signed-off-by: Michal Privoznik ---- - src/conf/virstorageobj.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/src/conf/virstorageobj.c b/src/conf/virstorageobj.c -index 7010e97d61..59fa5da372 100644 ---- a/src/conf/virstorageobj.c -+++ b/src/conf/virstorageobj.c -@@ -454,11 +454,16 @@ virStoragePoolObjListSearchCb(const void *payload, - virStoragePoolObj *obj = (virStoragePoolObj *) payload; - struct _virStoragePoolObjListSearchData *data = - (struct _virStoragePoolObjListSearchData *)opaque; -- VIR_LOCK_GUARD lock = virObjectLockGuard(obj); - -+ virObjectLock(obj); -+ -+ /* If we find the matching pool object we must return while the object is -+ * locked as the caller wants to return a locked object. */ - if (data->searcher(obj, data->opaque)) - return 1; - -+ virObjectUnlock(obj); -+ - return 0; - } - --- -2.41.0 - -- cgit v1.2.3