From patchwork Thu Aug 10 13:47:03 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?S=C3=A9bastien_Szymanski?=
 <sebastien.szymanski@armadeus.com>
X-Patchwork-Id: 800206
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.136; helo=silver.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3xSqFW27jpz9t2r
	for <incoming@patchwork.ozlabs.org>;
	Thu, 10 Aug 2017 23:47:26 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id A967C2E1EB;
	Thu, 10 Aug 2017 13:47:24 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id lW8e52zdHbzQ; Thu, 10 Aug 2017 13:47:23 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by silver.osuosl.org (Postfix) with ESMTP id 6E0763048E;
	Thu, 10 Aug 2017 13:47:23 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	by ash.osuosl.org (Postfix) with ESMTP id A60CD1BFE90
	for <buildroot@lists.busybox.net>;
	Thu, 10 Aug 2017 13:47:21 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id 9CCA73048E
	for <buildroot@lists.busybox.net>;
	Thu, 10 Aug 2017 13:47:21 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Zc5fgEGdYRmq for <buildroot@lists.busybox.net>;
	Thu, 10 Aug 2017 13:47:19 +0000 (UTC)
X-Greylist: delayed 00:06:49 by SQLgrey-1.7.6
Received: from 4.mo2.mail-out.ovh.net (4.mo2.mail-out.ovh.net [87.98.172.75])
	by silver.osuosl.org (Postfix) with ESMTPS id 3E2B32E1EB
	for <buildroot@buildroot.org>; Thu, 10 Aug 2017 13:47:19 +0000 (UTC)
Received: from player692.ha.ovh.net (b6.ovh.net [213.186.33.56])
	by mo2.mail-out.ovh.net (Postfix) with ESMTP id 30255A4402
	for <buildroot@buildroot.org>; Thu, 10 Aug 2017 15:40:35 +0200 (CEST)
Received: from localhost.localdomain (124.149.193.77.rev.sfr.net
	[77.193.149.124])
	(Authenticated sender: sebastien.szymanski@armadeus.com)
	by player692.ha.ovh.net (Postfix) with ESMTPSA id C0DB9600090;
	Thu, 10 Aug 2017 15:40:29 +0200 (CEST)
From: =?UTF-8?q?S=C3=A9bastien=20Szymanski?=
	<sebastien.szymanski@armadeus.com>
To: buildroot@buildroot.org
Date: Thu, 10 Aug 2017 15:47:03 +0200
Message-Id: 
 <1502372823-31706-2-git-send-email-sebastien.szymanski@armadeus.com>
X-Mailer: git-send-email 2.7.3
In-Reply-To: 
 <1502372823-31706-1-git-send-email-sebastien.szymanski@armadeus.com>
References: 
 <1502372823-31706-1-git-send-email-sebastien.szymanski@armadeus.com>
MIME-Version: 1.0
X-Ovh-Tracer-Id: 7085006641260680350
X-VR-SPAMSTATE: OK
X-VR-SPAMSCORE: -100
X-VR-SPAMCAUSE: 
 gggruggvucftvghtrhhoucdtuddrfeelkedrkeejgdeiiecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
Cc: Marcus Hoffmann <m.hoffmann@cartelsol.com>,
	Julien Boibessot <julien.boibessot@armadeus.com>
Subject: [Buildroot] [PATCH/2017.02.x 2/2] dbus: add upstream patch to fix
	startup hang with with expat >= 2.2.1
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

From: Marcus Hoffmann <m.hoffmann@cartelsol.com>

After c0ad6ded018ffbc33f7f5 expat: security bump to version 2.2.1
the system can hang on startup under certain circumstances.

This happens when:
  * we use systemd as init system
  * the random nonblocking pool takes a while to initialize
    * this apparently doesn't happen on qemu, so this would not have
      been caught by the runtime testing infrastructure
    * it also doesn't seem to happen when network booting

For a more detailed description of the bug see here:
https://bugs.freedesktop.org/show_bug.cgi?id=101858

The patch should be in next dbus version 1.10.24

Set DBUS_AUTORECONF = YES because configure.ac is changed.

Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com>
[Arnout: add upstream commit sha + Marcus's Sob to the patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

(cherry picked from commit 5a5e76381f8b000baa09c902ca89d45725c47f04)
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
---
 ...er-expat-Tell-Expat-not-to-defend-against.patch | 78 ++++++++++++++++++++++
 package/dbus/dbus.mk                               |  3 +
 2 files changed, 81 insertions(+)
 create mode 100644 package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch

diff --git a/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch b/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
new file mode 100644
index 0000000..fd9e01d
--- /dev/null
+++ b/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
@@ -0,0 +1,78 @@
+From 1252dc1d1f465b8ab6b36ff7252e395e66a040cf Mon Sep 17 00:00:00 2001
+From: Simon McVittie <smcv@debian.org>
+Date: Fri, 21 Jul 2017 10:46:39 +0100
+Subject: [PATCH 1/2] config-loader-expat: Tell Expat not to defend against
+ hash collisions
+
+By default, Expat uses cryptographic-quality random numbers as a salt for
+its hash algorithm, and since 2.2.1 it gets them from the getrandom
+syscall on Linux. That syscall refuses to return any entropy until the
+kernel's CSPRNG (random pool) has been initialized. Unfortunately, this
+can take as long as 40 seconds on embedded devices with few entropy
+sources, which is too long: if the system dbus-daemon blocks for that
+length of time, important D-Bus clients like systemd and systemd-logind
+time out and fail to connect to it.
+
+We're parsing small configuration files here, and we trust them
+completely, so we don't need to defend against hash collisions: nobody
+is going to be crafting them to cause pathological performance.
+
+Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101858
+Signed-off-by: Simon McVittie <smcv@debian.org>
+Tested-by: Christopher Hewitt <hewitt@ieee.org>
+Reviewed-by: Philip Withnall <withnall@endlessm.com>
+
+Upstream commit 1252dc1d1f465b8ab6b36ff7252e395e66a040cf
+Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com>
+---
+ bus/config-loader-expat.c | 14 ++++++++++++++
+ configure.ac              |  8 ++++++++
+ 2 files changed, 22 insertions(+)
+
+diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c
+index b571fda3..27cbe2d0 100644
+--- a/bus/config-loader-expat.c
++++ b/bus/config-loader-expat.c
+@@ -203,6 +203,20 @@ bus_config_load (const DBusString      *file,
+       goto failed;
+     }
+ 
++  /* We do not need protection against hash collisions (CVE-2012-0876)
++   * because we are only parsing trusted XML; and if we let Expat block
++   * waiting for the CSPRNG to be initialized, as it does by default to
++   * defeat CVE-2012-0876, it can cause timeouts during early boot on
++   * entropy-starved embedded devices.
++   *
++   * TODO: When Expat gets a more explicit API for this than
++   * XML_SetHashSalt, check for that too, and use it preferentially.
++   * https://github.com/libexpat/libexpat/issues/91 */
++#if defined(HAVE_XML_SETHASHSALT)
++  /* Any nonzero number will do. https://xkcd.com/221/ */
++  XML_SetHashSalt (expat, 4);
++#endif
++
+   if (!_dbus_string_get_dirname (file, &dirname))
+     {
+       dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+diff --git a/configure.ac b/configure.ac
+index 52da11fb..c4022ed7 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -938,6 +938,14 @@ XML_CFLAGS=
+ AC_SUBST([XML_CFLAGS])
+ AC_SUBST([XML_LIBS])
+ 
++save_cflags="$CFLAGS"
++save_libs="$LIBS"
++CFLAGS="$CFLAGS $XML_CFLAGS"
++LIBS="$LIBS $XML_LIBS"
++AC_CHECK_FUNCS([XML_SetHashSalt])
++CFLAGS="$save_cflags"
++LIBS="$save_libs"
++
+ # Thread lib detection
+ AC_ARG_VAR([THREAD_LIBS])
+ save_libs="$LIBS"
+-- 
+2.11.0
+
diff --git a/package/dbus/dbus.mk b/package/dbus/dbus.mk
index e05fbff..f2974f2 100644
--- a/package/dbus/dbus.mk
+++ b/package/dbus/dbus.mk
@@ -6,6 +6,9 @@
 
 DBUS_VERSION = 1.10.22
 DBUS_SITE = https://dbus.freedesktop.org/releases/dbus
+
+# 0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
+DBUS_AUTORECONF = YES
 DBUS_LICENSE = AFLv2.1 or GPLv2+ (library, tools), GPLv2+ (tools)
 DBUS_LICENSE_FILES = COPYING
 DBUS_INSTALL_STAGING = YES