Apply upstream fixes for TRQ-2885. #524362

(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 4D7043C9)
author: Justin Bronder <jsbronder@gentoo.org> 2014-10-17 03:23:11 +0000
committer: Justin Bronder <jsbronder@gentoo.org> 2014-10-17 03:23:11 +0000
commit: 2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb (patch)
tree: fd9deecea7c8094747fe38dc5d26d0218687faae /sys-cluster
parent: Add blocker on dev-libs/uthash. Note that we should be just depending on it,... (diff)
download: gentoo-2-2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb.tar.gz
gentoo-2-2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb.tar.bz2
gentoo-2-2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb.zip
3 files changed, 146 insertions, 2 deletions
diff --git a/sys-cluster/torque/ChangeLog b/sys-cluster/torque/ChangeLog
index c969dd707933..551a12c7371e 100644
--- a/sys-cluster/torque/ChangeLog
+++ b/sys-cluster/torque/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-cluster/torque
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/torque/ChangeLog,v 1.171 2014/10/17 02:54:02 jsbronder Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/torque/ChangeLog,v 1.172 2014/10/17 03:23:11 jsbronder Exp $
+
+*torque-4.2.9-r1 (17 Oct 2014)
+
+  17 Oct 2014; Justin Bronder <jsbronder@gentoo.org> -torque-4.2.9.ebuild,
+  +torque-4.2.9-r1.ebuild,
+  +files/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch:
+  Apply upstream fixes for TRQ-2885. #524362
 
   17 Oct 2014; Justin Bronder <jsbronder@gentoo.org> torque-4.1.5.1-r1.ebuild,
   torque-4.1.7.ebuild, torque-4.2.9.ebuild:
diff --git a/sys-cluster/torque/files/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch b/sys-cluster/torque/files/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch
new file mode 100644
index 000000000000..63713a0bc16f
--- /dev/null
+++ b/sys-cluster/torque/files/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch
@@ -0,0 +1,134 @@
+From f2f4c950f3d461a249111c8826da3beaafccace9 Mon Sep 17 00:00:00 2001
+From: Chad Vizino <cvizino@adaptivecomputing.com>
+Date: Tue, 23 Sep 2014 17:40:59 -0600
+Subject: [PATCH 1/2] TRQ-2885 - limit tm_adopt() to only adopt a session id
+ that is owned by the calling user.
+
+---
+ src/cmds/pbs_track.c             |  6 ++++++
+ src/include/tm.h                 |  2 +-
+ src/include/tm_.h                |  1 +
+ src/lib/Libifl/tm.c              | 37 ++++++++++++++++++++++++++++++++++---
+ 5 files changed, 56 insertions(+), 4 deletions(-)
+
+diff --git a/src/cmds/pbs_track.c b/src/cmds/pbs_track.c
+index 7a90fda..9383ea5 100644
+--- a/src/cmds/pbs_track.c
++++ b/src/cmds/pbs_track.c
+@@ -164,6 +164,12 @@ int main(
+ 
+         break;
+ 
++      case TM_EPERM:
++
++        fprintf(stderr, "pbs_track: permission denied: %s (%d)\n",
++                pbse_to_txt(rc),
++                rc);
++
+       default:
+ 
+         /* Unexpected error occurred */
+diff --git a/src/include/tm.h b/src/include/tm.h
+index 106d3fb..2288828 100644
+--- a/src/include/tm.h
++++ b/src/include/tm.h
+@@ -125,7 +125,7 @@ int tm_register(tm_whattodo_t *what,
+ /*
+  *  DJH 15 Nov 2001.
+  *  Generic "out-of-band" task adoption call for tasks parented by
+- *  another job management system.  Minor security hole?
++ *  another job management system.
+  *  Cannot be called with any other tm call.
+  *  26 Feb 2002. Allows id to be jobid (adoptCmd = TM_ADOPT_JOBID)
+  *  or some altid (adoptCmd = TM_ADOPT_ALTID)
+diff --git a/src/include/tm_.h b/src/include/tm_.h
+index c9393b9..8cae7b0 100644
+--- a/src/include/tm_.h
++++ b/src/include/tm_.h
+@@ -136,6 +136,7 @@ typedef unsigned int tm_task_id;
+ #define TM_EBADENVIRONMENT 17005
+ #define TM_ENOTFOUND  17006
+ #define TM_BADINIT  17007
++#define TM_EPERM  17008
+ 
+ #define TM_TODO_NOP 5000 /* Do nothing (the nodes value may be new) */
+ #define TM_TODO_CKPT 5001 /* Checkpoint <what> and continue it */
+diff --git a/src/lib/Libifl/iff --git a/src/lib/Libifl/tm.c b/src/lib/Libifl/tm.c
+index edb6273..4f38529 100644
+--- a/src/lib/Libifl/tm.c
++++ b/src/lib/Libifl/tm.c
+@@ -94,6 +94,7 @@
+ #include <errno.h>
+ #include <assert.h>
+ #include <sys/types.h>
++#include <sys/stat.h>
+ #include <sys/socket.h>
+ #include <sys/time.h>
+ #include <netinet/in.h>
+@@ -169,6 +170,31 @@ typedef struct event_info
+ static event_info *event_hash[EVENT_HASH];
+ 
+ /*
++ * check if the owner of this process matches the owner of pid
++ *  returns TRUE if so, FALSE otherwise
++ */
++bool ispidowner(pid_t pid)
++  {
++  char        path[MAXPATHLEN];
++  struct stat sbuf;
++
++  /* build path to pid */
++  snprintf(path, sizeof(path), "/proc/%d", pid);
++
++  /* do the stat */
++  /*   if it fails, assume not owner */
++  if (stat(path, &sbuf) != 0)
++    return(FALSE);
++ 
++  /* see if caller is the owner of pid */
++  if (getuid() != sbuf.st_uid)
++    return(FALSE);
++
++  /* caller is owner */
++  return(TRUE);
++  }
++
++/*
+ ** Find an event number or return a NULL.
+ */
+ event_info *find_event(
+@@ -1800,8 +1826,8 @@ tm_poll_error:
+  *     some mpiruns simply use rsh to start remote processes - no AMS
+  *     tracking or management facilities are available.
+  *
+- *     This function allows any task (session) to be adopted into a PBS
+- *     job. It is used by:
++ *     This function allows any task (session) owned by the owner
++ *     of the job to be adopted into a PBS job. It is used by:
+  *         -  "adopter" (which is in turn used by our pvmrun)
+  *         -  our rmsloader wrapper (a home-brew replacement for RMS'
+  *            rmsloader that does some work and then exec()s the real
+@@ -1835,7 +1861,8 @@ tm_poll_error:
+  *     the mom. Returns TM_ENOTFOUND if the mom couldn't find a job
+  *     with the given RMS resource id. Returns TM_ESYSTEM or
+  *     TM_ENOTCONNECTED if there was some sort of comms error talking
+- *     to the mom
++ *     to the mom. Returns TM_EPERM if an attempt was made to adopt
++ *     a session not owned by the owner of the job.
+  *
+  * Side effects:
+  *     Sets the tm_* globals to fake values if tm_init() has never
+@@ -1860,6 +1887,10 @@ int tm_adopt(
+ 
+   sid = getsid(pid);
+ 
++  /* do not adopt a sid not owned by caller */
++  if (!ispidowner(sid))
++    return(TM_EPERM);
++
+   /* Must be the only call to call to tm and
+      must only be called once */
+ 
+-- 
+1.8.3.2
+
diff --git a/sys-cluster/torque/torque-4.2.9.ebuild b/sys-cluster/torque/torque-4.2.9-r1.ebuild
index bd918661a8e3..15a08dfa2891 100644
--- a/sys-cluster/torque/torque-4.2.9.ebuild
+++ b/sys-cluster/torque/torque-4.2.9-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/torque/torque-4.2.9.ebuild,v 1.2 2014/10/17 02:54:02 jsbronder Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/torque/torque-4.2.9-r1.ebuild,v 1.1 2014/10/17 03:23:11 jsbronder Exp $
 
 EAPI=5
 
@@ -83,6 +83,9 @@ src_prepare() {
 	sed -i '/mk_default_ld_lib_file || return 1/d' buildutils/pbs_mkdirs.in || die
 
 	epatch "${FILESDIR}"/${P}-tcl8.6.patch
+
+	# 524362
+	epatch "${FILESDIR}"/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch
 }
 
 src_configure() {
author	Justin Bronder <jsbronder@gentoo.org>	2014-10-17 03:23:11 +0000
committer	Justin Bronder <jsbronder@gentoo.org>	2014-10-17 03:23:11 +0000
commit	2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb (patch)
tree	fd9deecea7c8094747fe38dc5d26d0218687faae /sys-cluster
parent	Add blocker on dev-libs/uthash. Note that we should be just depending on it,... (diff)
download	gentoo-2-2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb.tar.gz gentoo-2-2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb.tar.bz2 gentoo-2-2a34ddd81f9ba33e1de8f6f5b5f7123bcb507beb.zip