diff options
author | Roy Marples <uberlord@gentoo.org> | 2005-12-20 13:43:40 +0000 |
---|---|---|
committer | Roy Marples <uberlord@gentoo.org> | 2005-12-20 13:43:40 +0000 |
commit | ec6e0435ffe56beb3fe85534acaefed970ddda68 (patch) | |
tree | 90828db5b407cc101aecec90d339ef8f8353f471 /sys-apps/netplug/files | |
parent | Stable on sparc wrt security #116006 (diff) | |
download | gentoo-2-ec6e0435ffe56beb3fe85534acaefed970ddda68.tar.gz gentoo-2-ec6e0435ffe56beb3fe85534acaefed970ddda68.tar.bz2 gentoo-2-ec6e0435ffe56beb3fe85534acaefed970ddda68.zip |
Added patch to remove nested functions so we don't require an executable
stack, #116140. Thanks to Diego Pettenò (flameeyes@gentoo.org).
(Portage version: 2.1_pre1)
Diffstat (limited to 'sys-apps/netplug/files')
-rw-r--r-- | sys-apps/netplug/files/digest-netplug-1.2.9-r2 | 1 | ||||
-rw-r--r-- | sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch | 187 |
2 files changed, 188 insertions, 0 deletions
diff --git a/sys-apps/netplug/files/digest-netplug-1.2.9-r2 b/sys-apps/netplug/files/digest-netplug-1.2.9-r2 new file mode 100644 index 000000000000..b895ad93b788 --- /dev/null +++ b/sys-apps/netplug/files/digest-netplug-1.2.9-r2 @@ -0,0 +1 @@ +MD5 3bc8062d8033e3f897b015f2889ce5a9 netplug-1.2.9.tar.bz2 21786 diff --git a/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch b/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch new file mode 100644 index 000000000000..0a3b991a82bf --- /dev/null +++ b/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch @@ -0,0 +1,187 @@ +This patch replaces the for_each_iface nested funtion with a macro so that we +don't have an executable stack and work correctly on NX capable hardware. +See http://www.gentoo.org/proj/en/hardened/gnu-stack.xml for more information. + +Patch by Diego Pettenò (flameeyes@gentoo.org) + +Index: netplug-1.2.9/if_info.c +=================================================================== +--- netplug-1.2.9.orig/if_info.c ++++ netplug-1.2.9/if_info.c +@@ -29,8 +29,7 @@ + + #include "netplug.h" + +-#define INFOHASHSZ 16 /* must be a power of 2 */ +-static struct if_info *if_info[INFOHASHSZ]; ++struct if_info *if_info[INFOHASHSZ]; + + static const char * + statename(enum ifstate s) +@@ -95,17 +94,6 @@ flags_str(char *buf, unsigned int fl) + return buf; + } + +-void +-for_each_iface(int (*func)(struct if_info *)) +-{ +- for(int i = 0; i < INFOHASHSZ; i++) { +- for(struct if_info *info = if_info[i]; info != NULL; info = info->next) { +- if ((*func)(info)) +- return; +- } +- } +-} +- + /* Reevaluate the state machine based on the current state and flag settings */ + void + ifsm_flagpoll(struct if_info *info) +@@ -284,6 +272,14 @@ ifsm_flagchange(struct if_info *info, un + info->lastchange = time(0); + } + ++int find_pid(struct if_info *i, pid_t pid, struct if_info **info) { ++ if (i->worker == pid) { ++ *info = i; ++ return 1; ++ } ++ return 0; ++} ++ + /* handle a script termination and update the state accordingly */ + void ifsm_scriptdone(pid_t pid, int exitstatus) + { +@@ -291,16 +287,8 @@ void ifsm_scriptdone(pid_t pid, int exit + struct if_info *info; + assert(WIFEXITED(exitstatus) || WIFSIGNALED(exitstatus)); + +- int find_pid(struct if_info *i) { +- if (i->worker == pid) { +- info = i; +- return 1; +- } +- return 0; +- } +- + info = NULL; +- for_each_iface(find_pid); ++ for_each_iface(find_pid, pid, &info); + + if (info == NULL) { + do_log(LOG_INFO, "Unexpected child %d exited with status %d", +Index: netplug-1.2.9/main.c +=================================================================== +--- netplug-1.2.9.orig/main.c ++++ netplug-1.2.9/main.c +@@ -164,6 +164,23 @@ child_handler(int sig, siginfo_t *info, + write(child_handler_pipe[1], &ce, sizeof(ce)); + } + ++int pollflags_state(struct if_info *info, int sockfd) { ++ struct ifreq ifr; ++ ++ if (!if_match(info->name)) ++ return 0; ++ ++ memcpy(ifr.ifr_name, info->name, sizeof(ifr.ifr_name)); ++ if (ioctl(sockfd, SIOCGIFFLAGS, &ifr) < 0) ++ do_log(LOG_ERR, "%s: can't get flags: %m", info->name); ++ else { ++ ifsm_flagchange(info, ifr.ifr_flags); ++ ifsm_flagpoll(info); ++ } ++ ++ return 0; ++} ++ + /* Poll the existing interface state, so we can catch any state + changes for which we may not have neen a netlink message. */ + static void +@@ -180,28 +197,20 @@ poll_interfaces(void) + close_on_exec(sockfd); + } + +- int pollflags(struct if_info *info) { +- struct ifreq ifr; +- +- if (!if_match(info->name)) +- return 0; +- +- memcpy(ifr.ifr_name, info->name, sizeof(ifr.ifr_name)); +- if (ioctl(sockfd, SIOCGIFFLAGS, &ifr) < 0) +- do_log(LOG_ERR, "%s: can't get flags: %m", info->name); +- else { +- ifsm_flagchange(info, ifr.ifr_flags); +- ifsm_flagpoll(info); +- } +- +- return 0; +- } +- +- for_each_iface(pollflags); ++ for_each_iface(pollflags_state, sockfd); + } + + int debug = 0; + ++/* Run over each of the interfaces we know and care about, and ++ make sure the state machine has done the appropriate thing ++ for their current state. */ ++int poll_flags_check(struct if_info *i) { ++ if (if_match(i->name)) ++ ifsm_flagpoll(i); ++ return 0; ++} ++ + int + main(int argc, char *argv[]) + { +@@ -331,17 +340,7 @@ main(int argc, char *argv[]) + { child_handler_pipe[0], POLLIN, 0 }, + }; + +- { +- /* Run over each of the interfaces we know and care about, and +- make sure the state machine has done the appropriate thing +- for their current state. */ +- int poll_flags(struct if_info *i) { +- if (if_match(i->name)) +- ifsm_flagpoll(i); +- return 0; +- } +- for_each_iface(poll_flags); +- } ++ for_each_iface(poll_flags_check); + + for(;;) { + int ret; +Index: netplug-1.2.9/netplug.h +=================================================================== +--- netplug-1.2.9.orig/netplug.h ++++ netplug-1.2.9/netplug.h +@@ -28,6 +28,9 @@ + + #define NP_SCRIPT NP_SCRIPT_DIR "/netplug" + ++#define INFOHASHSZ 16 /* must be a power of 2 */ ++extern struct if_info *if_info[INFOHASHSZ]; ++ + /* configuration */ + + void read_config(char *filename); +@@ -83,7 +86,14 @@ struct if_info *if_info_update_interface + struct rtattr *attrs[]); + int if_info_save_interface(struct nlmsghdr *hdr, void *arg); + void parse_rtattrs(struct rtattr *tb[], int max, struct rtattr *rta, int len); +-void for_each_iface(int (*func)(struct if_info *)); ++ ++#define for_each_iface(func, ...) \ ++ for(int i = 0; i < INFOHASHSZ; i++) { \ ++ for(struct if_info *each_iface = if_info[i]; each_iface != NULL; each_iface = each_iface->next) { \ ++ if (func (each_iface, ##__VA_ARGS__)) \ ++ break; \ ++ } \ ++ } + + void ifsm_flagpoll(struct if_info *info); + void ifsm_flagchange(struct if_info *info, unsigned int newflags); |