basebuilder_pel7ppc64bebuilder0
7 years ago
4 changed files with 1590 additions and 0 deletions
@ -0,0 +1,217 @@ |
|||||||
|
From 8af39f66e56e319b6b93804c0400e6e29737a90f Mon Sep 17 00:00:00 2001 |
||||||
|
From: Jan Friesse <jfriesse@redhat.com> |
||||||
|
Date: Mon, 22 Jan 2018 10:42:25 +0100 |
||||||
|
Subject: [PATCH] logging: Make blackbox configurable |
||||||
|
|
||||||
|
Signed-off-by: Jan Friesse <jfriesse@redhat.com> |
||||||
|
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com> |
||||||
|
(cherry picked from commit 79dba9c51f60c603673f97afd07fa506fd9ae9a7) |
||||||
|
--- |
||||||
|
exec/logconfig.c | 40 +++++++++++++++++++++++++++++++++++++++- |
||||||
|
exec/logsys.c | 44 ++++++++++++++++++++++++++++++++++---------- |
||||||
|
exec/main.c | 1 + |
||||||
|
include/corosync/logsys.h | 2 ++ |
||||||
|
man/corosync.conf.5 | 6 ++++++ |
||||||
|
5 files changed, 82 insertions(+), 11 deletions(-) |
||||||
|
|
||||||
|
diff --git a/exec/logconfig.c b/exec/logconfig.c |
||||||
|
index 6d0bed6..ccbffae 100644 |
||||||
|
--- a/exec/logconfig.c |
||||||
|
+++ b/exec/logconfig.c |
||||||
|
@@ -127,7 +127,7 @@ static int insert_into_buffer( |
||||||
|
} |
||||||
|
|
||||||
|
/* |
||||||
|
- * format set is the only global specific option that |
||||||
|
+ * format set is global specific option that |
||||||
|
* doesn't apply at system/subsystem level. |
||||||
|
*/ |
||||||
|
static int corosync_main_config_format_set ( |
||||||
|
@@ -228,6 +228,40 @@ parse_error: |
||||||
|
return (-1); |
||||||
|
} |
||||||
|
|
||||||
|
+/* |
||||||
|
+ * blackbox is another global specific option that |
||||||
|
+ * doesn't apply at system/subsystem level. |
||||||
|
+ */ |
||||||
|
+static int corosync_main_config_blackbox_set ( |
||||||
|
+ const char **error_string) |
||||||
|
+{ |
||||||
|
+ const char *error_reason; |
||||||
|
+ char *value = NULL; |
||||||
|
+ |
||||||
|
+ if (map_get_string("logging.blackbox", &value) == CS_OK) { |
||||||
|
+ if (strcmp (value, "on") == 0) { |
||||||
|
+ (void)logsys_blackbox_set(QB_TRUE); |
||||||
|
+ } else if (strcmp (value, "off") == 0) { |
||||||
|
+ (void)logsys_blackbox_set(QB_FALSE); |
||||||
|
+ } else { |
||||||
|
+ error_reason = "unknown value for blackbox"; |
||||||
|
+ free(value); |
||||||
|
+ goto parse_error; |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ free(value); |
||||||
|
+ } else { |
||||||
|
+ (void)logsys_blackbox_set(QB_TRUE); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ return (0); |
||||||
|
+ |
||||||
|
+parse_error: |
||||||
|
+ *error_string = error_reason; |
||||||
|
+ |
||||||
|
+ return (-1); |
||||||
|
+} |
||||||
|
+ |
||||||
|
static int corosync_main_config_log_destination_set ( |
||||||
|
const char *path, |
||||||
|
const char *key, |
||||||
|
@@ -522,6 +556,10 @@ static int corosync_main_config_read_logging ( |
||||||
|
goto parse_error; |
||||||
|
} |
||||||
|
|
||||||
|
+ if (corosync_main_config_blackbox_set(&error_reason) < 0) { |
||||||
|
+ goto parse_error; |
||||||
|
+ } |
||||||
|
+ |
||||||
|
if (corosync_main_config_set ("logging", NULL, &error_reason) < 0) { |
||||||
|
goto parse_error; |
||||||
|
} |
||||||
|
diff --git a/exec/logsys.c b/exec/logsys.c |
||||||
|
index 6b4995d..a38cc5e 100644 |
||||||
|
--- a/exec/logsys.c |
||||||
|
+++ b/exec/logsys.c |
||||||
|
@@ -119,6 +119,8 @@ static char *format_buffer=NULL; |
||||||
|
|
||||||
|
static int logsys_thread_started = 0; |
||||||
|
|
||||||
|
+static int logsys_blackbox_enabled = 1; |
||||||
|
+ |
||||||
|
static int _logsys_config_subsys_get_unlocked (const char *subsys) |
||||||
|
{ |
||||||
|
unsigned int i; |
||||||
|
@@ -309,7 +311,6 @@ int _logsys_system_setup( |
||||||
|
int i; |
||||||
|
int32_t fidx; |
||||||
|
char tempsubsys[LOGSYS_MAX_SUBSYS_NAMELEN]; |
||||||
|
- int blackbox_enable_res; |
||||||
|
|
||||||
|
if ((mainsystem == NULL) || |
||||||
|
(strlen(mainsystem) >= LOGSYS_MAX_SUBSYS_NAMELEN)) { |
||||||
|
@@ -371,7 +372,12 @@ int _logsys_system_setup( |
||||||
|
QB_LOG_FILTER_FILE, "*", LOG_TRACE); |
||||||
|
qb_log_ctl(QB_LOG_BLACKBOX, QB_LOG_CONF_SIZE, IPC_LOGSYS_SIZE); |
||||||
|
qb_log_ctl(QB_LOG_BLACKBOX, QB_LOG_CONF_THREADED, QB_FALSE); |
||||||
|
- blackbox_enable_res = qb_log_ctl(QB_LOG_BLACKBOX, QB_LOG_CONF_ENABLED, QB_TRUE); |
||||||
|
+ |
||||||
|
+ /* |
||||||
|
+ * Blackbox is disabled at the init and enabled later based |
||||||
|
+ * on config (logging.blackbox) value. |
||||||
|
+ */ |
||||||
|
+ qb_log_ctl(QB_LOG_BLACKBOX, QB_LOG_CONF_ENABLED, QB_FALSE); |
||||||
|
|
||||||
|
if (logsys_format_set(NULL) == -1) { |
||||||
|
return -1; |
||||||
|
@@ -397,14 +403,6 @@ int _logsys_system_setup( |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
- if (blackbox_enable_res < 0) { |
||||||
|
- LOGSYS_PERROR (-blackbox_enable_res, LOGSYS_LEVEL_WARNING, |
||||||
|
- "Unable to initialize log flight recorder. "\ |
||||||
|
- "The most common cause of this error is " \ |
||||||
|
- "not enough space on /dev/shm. Corosync will continue work, " \ |
||||||
|
- "but blackbox will not be available"); |
||||||
|
- } |
||||||
|
- |
||||||
|
pthread_mutex_unlock (&logsys_config_mutex); |
||||||
|
|
||||||
|
return (0); |
||||||
|
@@ -767,10 +765,26 @@ static void _logsys_config_apply_per_subsys(int32_t s) |
||||||
|
logsys_loggers[s].dirty = QB_FALSE; |
||||||
|
} |
||||||
|
|
||||||
|
+static void _logsys_config_apply_blackbox(void) { |
||||||
|
+ int blackbox_enable_res; |
||||||
|
+ |
||||||
|
+ blackbox_enable_res = qb_log_ctl(QB_LOG_BLACKBOX, QB_LOG_CONF_ENABLED, logsys_blackbox_enabled); |
||||||
|
+ |
||||||
|
+ if (blackbox_enable_res < 0) { |
||||||
|
+ LOGSYS_PERROR (-blackbox_enable_res, LOGSYS_LEVEL_WARNING, |
||||||
|
+ "Unable to initialize log flight recorder. "\ |
||||||
|
+ "The most common cause of this error is " \ |
||||||
|
+ "not enough space on /dev/shm. Corosync will continue work, " \ |
||||||
|
+ "but blackbox will not be available"); |
||||||
|
+ } |
||||||
|
+} |
||||||
|
+ |
||||||
|
void logsys_config_apply(void) |
||||||
|
{ |
||||||
|
int32_t s; |
||||||
|
|
||||||
|
+ _logsys_config_apply_blackbox(); |
||||||
|
+ |
||||||
|
for (s = 0; s <= LOGSYS_MAX_SUBSYS_COUNT; s++) { |
||||||
|
if (strcmp(logsys_loggers[s].subsys, "") == 0) { |
||||||
|
continue; |
||||||
|
@@ -838,3 +852,13 @@ int logsys_thread_start (void) |
||||||
|
|
||||||
|
return (0); |
||||||
|
} |
||||||
|
+ |
||||||
|
+void logsys_blackbox_set(int enable) |
||||||
|
+{ |
||||||
|
+ |
||||||
|
+ pthread_mutex_lock (&logsys_config_mutex); |
||||||
|
+ |
||||||
|
+ logsys_blackbox_enabled = enable; |
||||||
|
+ |
||||||
|
+ pthread_mutex_unlock (&logsys_config_mutex); |
||||||
|
+} |
||||||
|
diff --git a/exec/main.c b/exec/main.c |
||||||
|
index 7fe24e2..cd587dc 100644 |
||||||
|
--- a/exec/main.c |
||||||
|
+++ b/exec/main.c |
||||||
|
@@ -220,6 +220,7 @@ static void corosync_blackbox_write_to_file (void) |
||||||
|
|
||||||
|
if ((res = qb_log_blackbox_write_to_file(fname)) < 0) { |
||||||
|
LOGSYS_PERROR(-res, LOGSYS_LEVEL_ERROR, "Can't store blackbox file"); |
||||||
|
+ return ; |
||||||
|
} |
||||||
|
snprintf(fdata_fname, sizeof(fdata_fname), "%s/fdata", get_run_dir()); |
||||||
|
unlink(fdata_fname); |
||||||
|
diff --git a/include/corosync/logsys.h b/include/corosync/logsys.h |
||||||
|
index 0b2fbff..ec38d2c 100644 |
||||||
|
--- a/include/corosync/logsys.h |
||||||
|
+++ b/include/corosync/logsys.h |
||||||
|
@@ -256,6 +256,8 @@ extern int _logsys_subsys_create (const char *subsys, const char *filename); |
||||||
|
*/ |
||||||
|
extern int logsys_thread_start (void); |
||||||
|
|
||||||
|
+extern void logsys_blackbox_set(int enable); |
||||||
|
+ |
||||||
|
/** |
||||||
|
* @brief logsys_subsys_id |
||||||
|
*/ |
||||||
|
diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 |
||||||
|
index 0639028..68103d0 100644 |
||||||
|
--- a/man/corosync.conf.5 |
||||||
|
+++ b/man/corosync.conf.5 |
||||||
|
@@ -539,6 +539,12 @@ This specifies that the code function name should be printed. |
||||||
|
|
||||||
|
The default is off. |
||||||
|
|
||||||
|
+.TP |
||||||
|
+blackbox |
||||||
|
+This specifies that blackbox functionality should be enabled. |
||||||
|
+ |
||||||
|
+The defualt is on. |
||||||
|
+ |
||||||
|
.PP |
||||||
|
The following options are valid both for top level logging directive |
||||||
|
and they can be overridden in logger_subsys entries. |
||||||
|
-- |
||||||
|
1.7.1 |
||||||
|
|
@ -0,0 +1,75 @@ |
|||||||
|
From 995ed0bd814ff3eacf6c09534841e6ce39ab6614 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Jan Friesse <jfriesse@redhat.com> |
||||||
|
Date: Mon, 22 Jan 2018 11:17:52 +0100 |
||||||
|
Subject: [PATCH] logging: Close before and open blackbox after fork |
||||||
|
|
||||||
|
Signed-off-by: Jan Friesse <jfriesse@redhat.com> |
||||||
|
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com> |
||||||
|
(cherry picked from commit 11fa527ed4960488d275867c28b1bff773e9cf7f) |
||||||
|
--- |
||||||
|
exec/logsys.c | 16 ++++++++++++++++ |
||||||
|
exec/main.c | 6 ++++++ |
||||||
|
include/corosync/logsys.h | 5 +++++ |
||||||
|
3 files changed, 27 insertions(+), 0 deletions(-) |
||||||
|
|
||||||
|
diff --git a/exec/logsys.c b/exec/logsys.c |
||||||
|
index a38cc5e..8c9c222 100644 |
||||||
|
--- a/exec/logsys.c |
||||||
|
+++ b/exec/logsys.c |
||||||
|
@@ -862,3 +862,19 @@ void logsys_blackbox_set(int enable) |
||||||
|
|
||||||
|
pthread_mutex_unlock (&logsys_config_mutex); |
||||||
|
} |
||||||
|
+ |
||||||
|
+/* |
||||||
|
+ * To set correct pid to qb blackbox filename after tty dettach (fork) we have to |
||||||
|
+ * close (this function) and (if needed) reopen blackbox (logsys_blackbox_postfork function). |
||||||
|
+ */ |
||||||
|
+void logsys_blackbox_prefork(void) |
||||||
|
+{ |
||||||
|
+ |
||||||
|
+ (void)qb_log_ctl(QB_LOG_BLACKBOX, QB_LOG_CONF_ENABLED, QB_FALSE); |
||||||
|
+} |
||||||
|
+ |
||||||
|
+void logsys_blackbox_postfork(void) |
||||||
|
+{ |
||||||
|
+ |
||||||
|
+ _logsys_config_apply_blackbox(); |
||||||
|
+} |
||||||
|
diff --git a/exec/main.c b/exec/main.c |
||||||
|
index cd587dc..426e56d 100644 |
||||||
|
--- a/exec/main.c |
||||||
|
+++ b/exec/main.c |
||||||
|
@@ -1460,7 +1460,13 @@ int main (int argc, char **argv, char **envp) |
||||||
|
* Now we are fully initialized. |
||||||
|
*/ |
||||||
|
if (background) { |
||||||
|
+ logsys_blackbox_prefork(); |
||||||
|
+ |
||||||
|
corosync_tty_detach (); |
||||||
|
+ |
||||||
|
+ logsys_blackbox_postfork(); |
||||||
|
+ |
||||||
|
+ log_printf (LOGSYS_LEVEL_DEBUG, "Corosync TTY detached"); |
||||||
|
} |
||||||
|
|
||||||
|
/* |
||||||
|
diff --git a/include/corosync/logsys.h b/include/corosync/logsys.h |
||||||
|
index ec38d2c..a4aad69 100644 |
||||||
|
--- a/include/corosync/logsys.h |
||||||
|
+++ b/include/corosync/logsys.h |
||||||
|
@@ -258,6 +258,11 @@ extern int logsys_thread_start (void); |
||||||
|
|
||||||
|
extern void logsys_blackbox_set(int enable); |
||||||
|
|
||||||
|
+extern void logsys_blackbox_prefork(void); |
||||||
|
+ |
||||||
|
+extern void logsys_blackbox_postfork(void); |
||||||
|
+ |
||||||
|
+ |
||||||
|
/** |
||||||
|
* @brief logsys_subsys_id |
||||||
|
*/ |
||||||
|
-- |
||||||
|
1.7.1 |
||||||
|
|
@ -0,0 +1,48 @@ |
|||||||
|
From 3923de59d71ca6f5affa63a32c6eb688efed6356 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Jan Friesse <jfriesse@redhat.com> |
||||||
|
Date: Fri, 6 Apr 2018 14:43:02 +0200 |
||||||
|
Subject: [PATCH] totemcrypto: Check length of the packet |
||||||
|
|
||||||
|
Packet has to be longer than crypto_config_header and hash_len, |
||||||
|
otherwise unallocated memory is passed into calculate_nss_hash function, |
||||||
|
what may result in crash. |
||||||
|
|
||||||
|
Signed-off-by: Jan Friesse <jfriesse@redhat.com> |
||||||
|
Reviewed-by: Raphael Sanchez Prudencio <rasanche@redhat.com> |
||||||
|
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com> |
||||||
|
--- |
||||||
|
exec/totemcrypto.c | 11 +++++++++++ |
||||||
|
1 files changed, 11 insertions(+), 0 deletions(-) |
||||||
|
|
||||||
|
diff --git a/exec/totemcrypto.c b/exec/totemcrypto.c |
||||||
|
index 64246c9..88c68d1 100644 |
||||||
|
--- a/exec/totemcrypto.c |
||||||
|
+++ b/exec/totemcrypto.c |
||||||
|
@@ -736,6 +736,11 @@ static int authenticate_nss_2_3 ( |
||||||
|
unsigned char tmp_hash[hash_len[instance->crypto_hash_type]]; |
||||||
|
int datalen = *buf_len - hash_len[instance->crypto_hash_type]; |
||||||
|
|
||||||
|
+ if (*buf_len <= hash_len[instance->crypto_hash_type]) { |
||||||
|
+ log_printf(instance->log_level_security, "Received message is too short... ignoring"); |
||||||
|
+ return -1; |
||||||
|
+ } |
||||||
|
+ |
||||||
|
if (calculate_nss_hash(instance, buf, datalen, tmp_hash) < 0) { |
||||||
|
return -1; |
||||||
|
} |
||||||
|
@@ -845,6 +850,12 @@ int crypto_authenticate_and_decrypt (struct crypto_instance *instance, |
||||||
|
{ |
||||||
|
struct crypto_config_header *cch = (struct crypto_config_header *)buf; |
||||||
|
|
||||||
|
+ if (*buf_len <= sizeof(struct crypto_config_header)) { |
||||||
|
+ log_printf(instance->log_level_security, "Received message is too short... ignoring"); |
||||||
|
+ |
||||||
|
+ return (-1); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
if (cch->crypto_cipher_type != CRYPTO_CIPHER_TYPE_2_3) { |
||||||
|
log_printf(instance->log_level_security, |
||||||
|
"Incoming packet has different crypto type. Rejecting"); |
||||||
|
-- |
||||||
|
1.7.1 |
||||||
|
|
Loading…
Reference in new issue