[oe,meta-oe,02/13] networkmanager: Fix build with hardening

Message ID	20170628020819.17047-2-raj.khem@gmail.com
State	Accepted
Commit	9d7a49a58b7dd1004c6095a9bcff04d7e4e4b56f
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of openembedded-devel-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) client-ip=140.211.169.62; From: Khem Raj <raj.khem@gmail.com> To: openembedded-devel@lists.openembedded.org Date: Tue, 27 Jun 2017 19:08:08 -0700 Message-Id: <20170628020819.17047-2-raj.khem@gmail.com> In-Reply-To: <20170628020819.17047-1-raj.khem@gmail.com> References: <20170628020819.17047-1-raj.khem@gmail.com> Subject: [oe] [meta-oe][PATCH 02/13] networkmanager: Fix build with hardening Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: openembedded-devel-bounces@lists.openembedded.org Errors-To: openembedded-devel-bounces@lists.openembedded.org
Series	[oe,meta-oe,01/13] Add stdint.h for 'UINT16_MAX' \| expand [oe,meta-oe,01/13] Add stdint.h for 'UINT16_MAX' [oe,meta-oe,02/13] networkmanager: Fix build with hardening [oe,meta-networking,03/13] strongswan: Include stdint.h for uintptr_t [oe,meta-oe,04/13] umip: Fix buid with hardening [oe,meta-oe,05/13] gtkperf: Fix build with hardening flags [oe,meta-oe,06/13] wmiconfig: Fix build with hardening flags [oe,meta-networking,07/13] netkit-rpc: Fix build with hardening flags [oe,meta-networking,08/13] netkit-telnet: Fix build with hardening [oe,meta-networking,09/13] ncftp: Upgrade to 3.2.6 [oe,meta-oe,10/13] lmbench: Fix build with hardening flags [oe,meta-gnome,11/13] wv: Fix build with hardening flags [oe,meta-networking,12/13] ippool: Fix build errors found with hardening flags [oe,meta-filesystems,13/13] aufs-util: Upgrade to 3.18

Message ID

20170628020819.17047-2-raj.khem@gmail.com

State

Accepted

Commit

9d7a49a58b7dd1004c6095a9bcff04d7e4e4b56f

Headers

Received-SPF: pass (google.com: best guess record for domain of
	openembedded-devel-bounces@lists.openembedded.org designates
	140.211.169.62 as permitted sender) client-ip=140.211.169.62; 
From: Khem Raj <raj.khem@gmail.com>
To: openembedded-devel@lists.openembedded.org
Date: Tue, 27 Jun 2017 19:08:08 -0700
Message-Id: <20170628020819.17047-2-raj.khem@gmail.com>
In-Reply-To: <20170628020819.17047-1-raj.khem@gmail.com>
References: <20170628020819.17047-1-raj.khem@gmail.com>
Subject: [oe] [meta-oe][PATCH 02/13] networkmanager: Fix build with hardening
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: openembedded-devel-bounces@lists.openembedded.org
Errors-To: openembedded-devel-bounces@lists.openembedded.org

Series

[oe,meta-oe,01/13] Add stdint.h for 'UINT16_MAX' | expand

Commit Message

Khem Raj June 28, 2017, 2:08 a.m. UTC

Drop using xlocale.h

Signed-off-by: Khem Raj <raj.khem@gmail.com>

---
 ...stemd-xlocale.h-is-dropped-by-newer-glibc.patch | 29 ++++++++++
 ...-string-in-g_dbus_message_new_method_erro.patch | 67 ++++++++++++++++++++++
 .../networkmanager/networkmanager_1.4.4.bb         |  2 +
 3 files changed, 98 insertions(+)
 create mode 100644 meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch
 create mode 100644 meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch

-- 
2.13.2

-- 
_______________________________________________
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch
new file mode 100644
index 000000000..4234e2be2
--- /dev/null
+++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch
@@ -0,0 +1,29 @@ 
+From a9bfe6f2029d75caf28fcdf3e740843cf6359615 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 27 Jun 2017 07:31:25 -0700
+Subject: [PATCH 1/2] systemd: xlocale.h is dropped by newer glibc
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/systemd/src/basic/parse-util.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/src/systemd/src/basic/parse-util.c b/src/systemd/src/basic/parse-util.c
+index 9c21e5a..dd95d1f 100644
+--- a/src/systemd/src/basic/parse-util.c
++++ b/src/systemd/src/basic/parse-util.c
+@@ -25,11 +25,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#ifdef __GLIBC__
+-#include <xlocale.h>
+-#else
+ #include <locale.h>
+-#endif
+ #include "alloc-util.h"
+ #include "extract-word.h"
+ #include "macro.h"
+-- 
+2.13.2
+
diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch
new file mode 100644
index 000000000..e32b5c00d
--- /dev/null
+++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-user-format-string-in-g_dbus_message_new_method_erro.patch
@@ -0,0 +1,67 @@ 
+From adc0668b854289a11cfc29597b5566ba1869d17e Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 27 Jun 2017 07:32:09 -0700
+Subject: [PATCH 2/2] user format string in g_dbus_message_new_method_error ()
+
+This fixes format errors with -Werror=format-security
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/nm-manager.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/nm-manager.c b/src/nm-manager.c
+index c3d65cd..e814912 100644
+--- a/src/nm-manager.c
++++ b/src/nm-manager.c
+@@ -4871,6 +4871,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+ 	if (error || (result != NM_AUTH_CALL_RESULT_YES)) {
+ 		reply = g_dbus_message_new_method_error (pfd->message,
+ 		                                         NM_PERM_DENIED_ERROR,
++		                                         "%s",
+ 		                                         (error_message = "Not authorized to perform this operation"));
+ 		if (error)
+ 			error_message = error->message;
+@@ -4882,6 +4883,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+ 	if (!object) {
+ 		reply = g_dbus_message_new_method_error (pfd->message,
+ 		                                         "org.freedesktop.DBus.Error.UnknownObject",
++		                                         "%s",
+ 		                                         (error_message = "Object doesn't exist."));
+ 		goto done;
+ 	}
+@@ -4890,6 +4892,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+ 	if (!nm_exported_object_get_interface_by_type (object, pfd->interface_type)) {
+ 		reply = g_dbus_message_new_method_error (pfd->message,
+ 		                                         "org.freedesktop.DBus.Error.InvalidArgs",
++		                                         "%s",
+ 		                                         (error_message = "Object is of unexpected type."));
+ 		goto done;
+ 	}
+@@ -4905,6 +4908,7 @@ prop_set_auth_done_cb (NMAuthChain *chain,
+ 		if (global_dns && !nm_global_dns_config_is_internal (global_dns)) {
+ 			reply = g_dbus_message_new_method_error (pfd->message,
+ 			                                         NM_PERM_DENIED_ERROR,
++			                                         "%s",
+ 			                                         (error_message = "Global DNS configuration already set via configuration file"));
+ 			goto done;
+ 		}
+@@ -4949,6 +4953,7 @@ do_set_property_check (gpointer user_data)
+ 	if (!pfd->subject) {
+ 		reply = g_dbus_message_new_method_error (pfd->message,
+ 		                                         NM_PERM_DENIED_ERROR,
++		                                         "%s",
+ 		                                         (error_message = "Could not determine request UID."));
+ 		goto out;
+ 	}
+@@ -4958,6 +4963,7 @@ do_set_property_check (gpointer user_data)
+ 	if (!chain) {
+ 		reply = g_dbus_message_new_method_error (pfd->message,
+ 		                                         NM_PERM_DENIED_ERROR,
++		                                         "%s",
+ 		                                         (error_message = "Could not authenticate request."));
+ 		goto out;
+ 	}
+-- 
+2.13.2
+
diff --git a/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb b/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb
index 0de4383fb..e7dd4ef31 100644
--- a/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb
+++ b/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.4.4.bb
@@ -34,6 +34,8 @@  SRC_URI = "${GNOME_MIRROR}/NetworkManager/${@gnome_verdir("${PV}")}/NetworkManag
            file://0001-check-for-strndupa-before-using-it.patch \
            file://0001-dns-resolved-add-systemd-resolved-backend.patch \
            file://0001-dns-resolved-also-check-for-etc-resolv-conf.systemd.patch \
+           file://0001-systemd-xlocale.h-is-dropped-by-newer-glibc.patch \
+           file://0002-user-format-string-in-g_dbus_message_new_method_erro.patch \
            "
 SRC_URI[md5sum] = "63f1e0d6d7e9099499d062c84c927a75"
 SRC_URI[sha256sum] = "829378f318cc008d138a23ca6a9191928ce75344e7e47a2f2c35f4ac82133309"

[oe,meta-oe,02/13] networkmanager: Fix build with hardening

Commit Message

Patch