diff --git a/Add-digest-list-plugin.patch b/Add-digest-list-plugin.patch index 1b9285f..d40af4f 100644 --- a/Add-digest-list-plugin.patch +++ b/Add-digest-list-plugin.patch @@ -1,23 +1,30 @@ -From d614a279f7045ed7f520e8ee270d1365cff4670e Mon Sep 17 00:00:00 2001 +From 3766516cc1ecf457a4611b9a00ba9058afa6050f Mon Sep 17 00:00:00 2001 From: Roberto Sassu Date: Wed, 26 Feb 2020 15:54:24 +0100 -Subject: [PATCH] add-digest-list-plugin +Subject: [PATCH] Add digest list plugin -Signed-off-by: Anakin Zhang +This patch adds a plugin in rpm to support IMA Digest Lists: +- When installing rpm packages, the plugin will mark xattrs for + digest lists automatically and upload them to kernel. +- When deleting rpm packages, the plugin will remove digest lists + from kernel automatically. + +Signed-off-by: Roberto Sassu +Signed-off-by: Tianxing Zhang --- macros.in | 1 + plugins/Makefile.am | 4 + - plugins/digest_list.c | 566 ++++++++++++++++++++++++++++++++++++++++++ + plugins/digest_list.c | 584 ++++++++++++++++++++++++++++++++++++++++++++++++++ rpmio/digest.h | 1 + rpmio/rpmpgp.c | 3 + - 5 files changed, 575 insertions(+) + 5 files changed, 593 insertions(+) create mode 100644 plugins/digest_list.c diff --git a/macros.in b/macros.in -index 4027493..8619c13 100644 +index dedec4e..5b45d73 100644 --- a/macros.in +++ b/macros.in -@@ -1184,6 +1184,7 @@ package or when debugging this package.\ +@@ -1188,6 +1188,7 @@ package or when debugging this package.\ %__transaction_ima %{__plugindir}/ima.so %__transaction_prioreset %{__plugindir}/prioreset.so %__transaction_audit %{__plugindir}/audit.so @@ -39,10 +46,24 @@ index d4ef039..07aa358 100644 +plugins_LTLIBRARIES += digest_list.la diff --git a/plugins/digest_list.c b/plugins/digest_list.c new file mode 100644 -index 0000000..6bc9415 +index 0000000..992a7e8 --- /dev/null +++ b/plugins/digest_list.c -@@ -0,0 +1,566 @@ +@@ -0,0 +1,584 @@ ++/* ++ * Copyright (C) 2020-2021 Huawei Technologies Duesseldorf GmbH ++ * ++ * Author: Roberto Sassu ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License as ++ * published by the Free Software Foundation, version 2 of the ++ * License. ++ * ++ * File: digest_list.c ++ * Plugin to load digest lists in the Linux kernel. ++ */ ++ +#include "system.h" +#include "errno.h" + @@ -70,9 +91,6 @@ index 0000000..6bc9415 +#define DIGEST_LIST_DEFAULT_PATH "/etc/ima/digest_lists" +#define RPM_PARSER "/usr/libexec/rpm_parser" + -+#define DIGEST_LIST_OP_ADD 0 -+#define DIGEST_LIST_OP_DEL 1 -+ +enum hash_algo { + HASH_ALGO_MD4, + HASH_ALGO_MD5, @@ -176,6 +194,12 @@ index 0000000..6bc9415 + + /* If the digest list is not signed, execute the RPM parser */ + if (!digest_list_signed) { ++ if (stat(RPM_PARSER, &st) == -1) { ++ rpmlog(RPMLOG_DEBUG, "digest_list: %s not found, " ++ "not uploading digest list\n", RPM_PARSER); ++ return 0; ++ } ++ + if ((pid = fork()) == 0) { + execlp(RPM_PARSER, RPM_PARSER, (type == TR_ADDED) ? + "add" : "del", path, NULL); @@ -409,12 +433,13 @@ index 0000000..6bc9415 + return ret; +} + -+static int process_digest_list(rpmte te, int parser) ++static int process_digest_list(rpmte te, int parser, int pre) +{ + char *path = NULL, *path_sig = NULL; + int digest_list_signed = 0; + struct stat st; + ssize_t size; ++ int type = rpmteType(te); + rpmRC ret = RPMRC_OK; + + path = malloc(PATH_MAX); @@ -462,17 +487,9 @@ index 0000000..6bc9415 + DIGEST_LIST_DEFAULT_PATH, rpmteN(te), rpmteV(te), + rpmteR(te), rpmteA(te)); + -+ size = lgetxattr(path, "user.digest_list", NULL, 0); ++ size = lgetxattr(path, XATTR_NAME_IMA, NULL, 0); + -+ /* Don't upload again if digest list was already processed */ -+ if ((rpmteType(te) == TR_ADDED && size > 0) || -+ (rpmteType(te) == TR_REMOVED && size < 0)) { -+ rpmlog(RPMLOG_DEBUG, "digest_list: '%s' already processed, " -+ "nothing to do\n", path); -+ goto out; -+ } -+ -+ if (rpmteType(te) == TR_ADDED) { ++ if (type == TR_ADDED && !pre && size < 0) { + if (!digest_list_signed) { + /* Write RPM header to the disk */ + ret = write_rpm_digest_list(te, path); @@ -491,31 +508,29 @@ index 0000000..6bc9415 + ret = RPMRC_FAIL; + goto out; + } ++ } else if (type == TR_ADDED && pre) { ++ if (size < 0) ++ goto out; + -+ ret = lsetxattr(path, "user.digest_list", "1", 1, 0); -+ if (ret < 0) -+ rpmlog(RPMLOG_ERR, "digest_list: cannot add " -+ "user.digest_list to '%s'\n", path); -+ else -+ rpmlog(RPMLOG_DEBUG, "digest_list: user.digest_list " -+ "successfully added to '%s'\n", path); ++ /* rpm is overwriting the digest list, remove from the kernel */ ++ type = TR_REMOVED; + } + + /* Upload digest list to securityfs */ -+ upload_digest_list(path, rpmteType(te), digest_list_signed); ++ upload_digest_list(path, type, digest_list_signed); + -+ if (rpmteType(te) == TR_REMOVED) { ++ if (type == TR_REMOVED) { + if (!digest_list_signed) { + unlink(path); + goto out; + } + -+ ret = lremovexattr(path, "user.digest_list"); ++ ret = lremovexattr(path, XATTR_NAME_IMA); + if (ret < 0) + rpmlog(RPMLOG_ERR, "digest_list: cannot remove " -+ "user.digest_list from '%s'\n", path); ++ "security.ima from '%s'\n", path); + else -+ rpmlog(RPMLOG_DEBUG, "digest_list: user.digest_list " ++ rpmlog(RPMLOG_DEBUG, "digest_list: security.ima " + "successfully removed from '%s'\n", path); + } +out: @@ -530,8 +545,8 @@ index 0000000..6bc9415 +static rpmRC digest_list_psm_pre(rpmPlugin plugin, rpmte te) +{ + Header rpm = rpmteHeader(te); -+ rpmtd dirnames; -+ int i; ++ rpmtd dirnames, dirindexes; ++ int i = -1; + + digest_list_counter = 0; + @@ -540,13 +555,26 @@ index 0000000..6bc9415 + + while ((i = rpmtdNext(dirnames)) >= 0) { + char *dirname = (char *) rpmtdGetString(dirnames); ++ + if (!strncmp(dirname, DIGEST_LIST_DEFAULT_PATH, -+ sizeof(DIGEST_LIST_DEFAULT_PATH) - 1)) -+ digest_list_counter++; ++ sizeof(DIGEST_LIST_DEFAULT_PATH) - 1) && ++ dirname[sizeof(DIGEST_LIST_DEFAULT_PATH) - 1] == '/') ++ break; + } + + rpmtdFree(dirnames); + ++ if (i == -1) ++ return RPMRC_OK; ++ ++ dirindexes = rpmtdNew(); ++ headerGet(rpm, RPMTAG_DIRINDEXES, dirindexes, 0); ++ while (rpmtdNext(dirindexes) >= 0) ++ if (rpmtdGetNumber(dirindexes) == i) ++ digest_list_counter++; ++ ++ rpmtdFree(dirindexes); ++ + cur_te = te; + return RPMRC_OK; +} @@ -566,26 +594,23 @@ index 0000000..6bc9415 + if (!pre && res != RPMRC_OK) + return res; + -+ if ((pre && action != FA_ERASE) || -+ (!pre && action != FA_CREATE)) ++ if (!pre && rpmteType(cur_te) != TR_ADDED) + return RPMRC_OK; + -+ if (digest_list_counter) { -+ if (!pre) { -+ if (!strncmp(path, DIGEST_LIST_DEFAULT_PATH, -+ sizeof(DIGEST_LIST_DEFAULT_PATH) - 1)) -+ digest_list_counter--; -+ } else { -+ digest_list_counter = 0; -+ } ++ if (pre && action == FA_SKIP) ++ return RPMRC_OK; + -+ if (digest_list_counter) -+ return RPMRC_OK; -+ } ++ if (strncmp(path, DIGEST_LIST_DEFAULT_PATH, ++ sizeof(DIGEST_LIST_DEFAULT_PATH) - 1) || ++ path[sizeof(DIGEST_LIST_DEFAULT_PATH) - 1] != '/') ++ return RPMRC_OK; + -+ process_digest_list(cur_te, 0); ++ if (!pre && --digest_list_counter) ++ return RPMRC_OK; ++ ++ process_digest_list(cur_te, 0, pre); + if (!strcmp(rpmteN(cur_te), "digest-list-tools")) -+ process_digest_list(cur_te, 1); ++ process_digest_list(cur_te, 1, pre); + + return RPMRC_OK; +} @@ -650,5 +675,5 @@ index 46cd0f3..3c6b18b 100644 } } break; -- -2.23.0.windows.1 +1.8.3.1 diff --git a/Generate-digest-lists.patch b/Generate-digest-lists.patch index cc74351..4332042 100644 --- a/Generate-digest-lists.patch +++ b/Generate-digest-lists.patch @@ -1,25 +1,30 @@ -From 4d1801825c754171962050ee9c36c2d69c630ece Mon Sep 17 00:00:00 2001 +From e71679d585d352d13c92b3b12d7ada95cfd6fee4 Mon Sep 17 00:00:00 2001 From: Roberto Sassu Date: Thu, 12 Mar 2020 17:29:55 +0100 -Subject: [PATCH 1/3] Generate digest lists +Subject: [PATCH] Generate digest lists +This patch helps to generate digest lists during rpm building process. + +Signed-off-by: Roberto Sassu +Signed-off-by: Tianxing Zhang --- - build/files.c | 176 ++++++++++++++++++++++++++++++++++++++++++++++++-- - 1 file changed, 169 insertions(+), 7 deletions(-) + build/files.c | 301 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 291 insertions(+), 10 deletions(-) diff --git a/build/files.c b/build/files.c -index 6dfd801c8..ab6938d8c 100644 +index c43deb5..613de67 100644 --- a/build/files.c +++ b/build/files.c -@@ -50,6 +50,7 @@ +@@ -50,6 +50,8 @@ #define DEBUG_LIB_PREFIX "/usr/lib/debug/" #define DEBUG_ID_DIR "/usr/lib/debug/.build-id" #define DEBUG_DWZ_DIR "/usr/lib/debug/.dwz" -+#define DIGEST_LIST_DIR "/.digest_lists" ++#define DIGEST_LIST_DIR "/.digest_lists" ++#define DEST_DIGEST_LIST_DIR "/etc/ima/digest_lists" #undef HASHTYPE #undef HTKEYTYPE -@@ -129,6 +130,8 @@ typedef struct AttrRec_s { +@@ -129,6 +131,8 @@ typedef struct AttrRec_s { /* list of files */ static StringBuf check_fileList = NULL; @@ -28,7 +33,7 @@ index 6dfd801c8..ab6938d8c 100644 typedef struct FileEntry_s { rpmfileAttrs attrFlags; -@@ -193,6 +196,10 @@ typedef struct FileList_s { +@@ -193,6 +197,10 @@ typedef struct FileList_s { struct FileEntry_s cur; } * FileList; @@ -39,48 +44,111 @@ index 6dfd801c8..ab6938d8c 100644 static void nullAttrRec(AttrRec ar) { memset(ar, 0, sizeof(*ar)); -@@ -984,11 +991,13 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) - { - FileListRec flp; - char buf[BUFSIZ]; +@@ -980,6 +988,139 @@ static int seenHardLink(FileRecords files, FileListRec flp, rpm_ino_t *fileid) + * @param pkg (sub) package + * @param isSrc pass 1 for source packages 0 otherwise + */ ++static void genDigestListInput(FileList fl, Package pkg, int isSrc) ++{ ++ FileListRec flp; ++ char buf[BUFSIZ]; + char file_info[BUFSIZ]; + char file_digest[128 * 2 + 1]; - int i, npaths = 0; - uint32_t defaultalgo = PGPHASHALGO_MD5, digestalgo; - rpm_loff_t totalFileSize = 0; - Header h = pkg->header; /* just a shortcut */ -- int override_date = 0; -+ int override_date = 0, processed = 0; - time_t source_date_epoch; - char *srcdate = getenv("SOURCE_DATE_EPOCH"); - -@@ -1058,8 +1067,9 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) - - pkg->dpaths = xmalloc((fl->files.used + 1) * sizeof(*pkg->dpaths)); - -+process_files: - /* Generate the header. */ -- for (i = 0, flp = fl->files.recs; i < fl->files.used; i++, flp++) { -+ for (i = processed, flp = fl->files.recs + processed; i < fl->files.used; i++, flp++) { - rpm_ino_t fileid = flp - fl->files.recs; - - /* Merge duplicate entries. */ -@@ -1190,7 +1200,8 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) - (void) rpmDoDigest(digestalgo, flp->diskPath, 1, - (unsigned char *)buf); - headerPutString(h, RPMTAG_FILEDIGESTS, buf); -- ++ int i, gen_digest_lists = 1; ++ uint32_t defaultalgo = PGPHASHALGO_MD5, digestalgo; ++ Header h = pkg->header; /* just a shortcut */ ++ ++ /* ++ * See if non-md5 file digest algorithm is requested. If not ++ * specified, quietly assume md5. Otherwise check if supported type. ++ */ ++ digestalgo = rpmExpandNumeric(isSrc ? "%{_source_filedigest_algorithm}" : ++ "%{_binary_filedigest_algorithm}"); ++ if (digestalgo == 0) { ++ digestalgo = defaultalgo; ++ } ++ ++ if (rpmDigestLength(digestalgo) == 0) { ++ rpmlog(RPMLOG_WARNING, ++ _("Unknown file digest algorithm %u, falling back to MD5\n"), ++ digestalgo); ++ digestalgo = defaultalgo; ++ } ++ ++ /* Sort the big list */ ++ if (fl->files.recs) { ++ qsort(fl->files.recs, fl->files.used, ++ sizeof(*(fl->files.recs)), compareFileListRecs); ++ } ++ ++ /* Generate the header. */ ++ for (i = 0, flp = fl->files.recs; i < fl->files.used; i++, flp++) { ++ /* Merge duplicate entries. */ ++ while (i < (fl->files.used - 1) && ++ rstreq(flp->cpioPath, flp[1].cpioPath)) { ++ ++ /* Two entries for the same file found, merge the entries. */ ++ /* Note that an %exclude is a duplication of a file reference */ ++ ++ /* file flags */ ++ flp[1].flags |= flp->flags; ++ ++ if (!(flp[1].flags & RPMFILE_EXCLUDE)) ++ rpmlog(RPMLOG_WARNING, _("File listed twice: %s\n"), ++ flp->cpioPath); ++ ++ /* file mode */ ++ if (S_ISDIR(flp->fl_mode)) { ++ if ((flp[1].specdFlags & (SPECD_DIRMODE | SPECD_DEFDIRMODE)) < ++ (flp->specdFlags & (SPECD_DIRMODE | SPECD_DEFDIRMODE))) ++ flp[1].fl_mode = flp->fl_mode; ++ } else { ++ if ((flp[1].specdFlags & (SPECD_FILEMODE | SPECD_DEFFILEMODE)) < ++ (flp->specdFlags & (SPECD_FILEMODE | SPECD_DEFFILEMODE))) ++ flp[1].fl_mode = flp->fl_mode; ++ } ++ ++ /* uid */ ++ if ((flp[1].specdFlags & (SPECD_UID | SPECD_DEFUID)) < ++ (flp->specdFlags & (SPECD_UID | SPECD_DEFUID))) ++ { ++ flp[1].fl_uid = flp->fl_uid; ++ flp[1].uname = flp->uname; ++ } ++ ++ /* gid */ ++ if ((flp[1].specdFlags & (SPECD_GID | SPECD_DEFGID)) < ++ (flp->specdFlags & (SPECD_GID | SPECD_DEFGID))) ++ { ++ flp[1].fl_gid = flp->fl_gid; ++ flp[1].gname = flp->gname; ++ } ++ ++ /* verify flags */ ++ if ((flp[1].specdFlags & (SPECD_VERIFY | SPECD_DEFVERIFY)) < ++ (flp->specdFlags & (SPECD_VERIFY | SPECD_DEFVERIFY))) ++ flp[1].verifyFlags = flp->verifyFlags; ++ ++ /* XXX to-do: language */ ++ ++ flp++; i++; ++ } ++ ++ /* Skip files that were marked with %exclude. */ ++ if (flp->flags & RPMFILE_EXCLUDE) ++ { ++ argvAdd(&pkg->fileExcludeList, flp->cpioPath); ++ continue; ++ } ++ ++ buf[0] = '\0'; ++ if (S_ISREG(flp->fl_mode) && !(flp->flags & RPMFILE_GHOST)) ++ (void) rpmDoDigest(digestalgo, flp->diskPath, 1, ++ (unsigned char *)buf); ++ headerPutString(h, RPMTAG_FILEDIGESTS, buf); + snprintf(file_digest, sizeof(file_digest), "%s", buf); + - buf[0] = '\0'; - if (S_ISLNK(flp->fl_mode)) { - ssize_t llen = readlink(flp->diskPath, buf, BUFSIZ-1); -@@ -1230,7 +1241,33 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) - flp->flags &= PARSEATTR_MASK; - - headerPutUint32(h, RPMTAG_FILEFLAGS, &(flp->flags) ,1); -+ -+ if (!processed && check_fileList_bin_pkg && S_ISREG(flp->fl_mode) && ++ if (check_fileList_bin_pkg && S_ISREG(flp->fl_mode) && + !(flp->flags & RPMFILE_GHOST)) { + appendStringBuf(check_fileList_bin_pkg, "path="); + appendStringBuf(check_fileList_bin_pkg, flp->diskPath); @@ -93,23 +161,75 @@ index 6dfd801c8..ab6938d8c 100644 + strlen(flp->caps) ? flp->caps : ""); + appendStringBuf(check_fileList_bin_pkg, file_info); + } ++ ++ if (S_ISREG(flp->fl_mode) && ++ !strncmp(flp->cpioPath, DEST_DIGEST_LIST_DIR, ++ sizeof(DEST_DIGEST_LIST_DIR) - 1)) ++ gen_digest_lists = 0; + } + -+ if (!processed) { -+ if (genDigestList(pkg->header, fl, check_fileList_bin_pkg) > 0) { -+ fl->processingFailed = 1; -+ } else if (i < fl->files.used) { -+ pkg->dpaths = xrealloc(pkg->dpaths, -+ (fl->files.used + 1) * sizeof(*pkg->dpaths)); -+ processed = i; -+ goto process_files; -+ } - } ++ if (gen_digest_lists && ++ genDigestList(pkg->header, fl, check_fileList_bin_pkg) > 0) ++ fl->processingFailed = 1; ++} + - pkg->dpaths[npaths] = NULL; ++/** ++ * Add file entries to header. ++ * @todo Should directories have %doc/%config attributes? (#14531) ++ * @todo Remove RPMTAG_OLDFILENAMES, add dirname/basename instead. ++ * @param fl package file tree walk data ++ * @param pkg (sub) package ++ * @param isSrc pass 1 for source packages 0 otherwise ++ */ + static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) + { + FileListRec flp; +@@ -991,6 +1132,11 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) + int override_date = 0; + time_t source_date_epoch; + char *srcdate = getenv("SOURCE_DATE_EPOCH"); ++ struct rpmtd_s oldfiledigests; ++ ++ headerGet(h, RPMTAG_FILEDIGESTS, &oldfiledigests, HEADERGET_ALLOC); ++ headerDel(h, RPMTAG_FILEDIGESTS); ++ rpmtdInit(&oldfiledigests); - if (totalFileSize < UINT32_MAX) { -@@ -1343,8 +1380,8 @@ static int validFilename(const char *fn) + /* Limit the maximum date to SOURCE_DATE_EPOCH if defined + * similar to the tar --clamp-mtime option +@@ -1184,13 +1330,18 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) + if (fl->haveCaps) { + headerPutString(h, RPMTAG_FILECAPS, flp->caps); + } +- ++ + buf[0] = '\0'; +- if (S_ISREG(flp->fl_mode) && !(flp->flags & RPMFILE_GHOST)) +- (void) rpmDoDigest(digestalgo, flp->diskPath, 1, +- (unsigned char *)buf); +- headerPutString(h, RPMTAG_FILEDIGESTS, buf); +- ++ if (strstr(flp->diskPath, DIGEST_LIST_DIR) || !oldfiledigests.count) { ++ if (S_ISREG(flp->fl_mode) && !(flp->flags & RPMFILE_GHOST)) ++ (void) rpmDoDigest(digestalgo, flp->diskPath, 1, ++ (unsigned char *)buf); ++ headerPutString(h, RPMTAG_FILEDIGESTS, buf); ++ } else { ++ headerPutString(h, RPMTAG_FILEDIGESTS, ++ rpmtdNextString(&oldfiledigests)); ++ } ++ + buf[0] = '\0'; + if (S_ISLNK(flp->fl_mode)) { + ssize_t llen = readlink(flp->diskPath, buf, BUFSIZ-1); +@@ -1269,6 +1420,7 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc) + /* Binary packages with dirNames cannot be installed by legacy rpm. */ + (void) rpmlibNeedsFeature(pkg, "CompressedFileNames", "3.0.4-1"); + } ++ rpmtdFreeData(&oldfiledigests); + } + + static FileRecords FileRecordsFree(FileRecords files) +@@ -1343,8 +1495,8 @@ static int validFilename(const char *fn) * @param statp file stat (possibly NULL) * @return RPMRC_OK on success */ @@ -120,7 +240,7 @@ index 6dfd801c8..ab6938d8c 100644 { size_t plen = strlen(diskPath); char buf[plen + 1]; -@@ -1355,6 +1392,10 @@ static rpmRC addFile(FileList fl, const char * diskPath, +@@ -1355,6 +1507,10 @@ static rpmRC addFile(FileList fl, const char * diskPath, gid_t fileGid; const char *fileUname; const char *fileGname; @@ -131,7 +251,7 @@ index 6dfd801c8..ab6938d8c 100644 rpmRC rc = RPMRC_FAIL; /* assume failure */ /* Strip trailing slash. The special case of '/' path is handled below. */ -@@ -1390,6 +1431,33 @@ static rpmRC addFile(FileList fl, const char * diskPath, +@@ -1390,6 +1546,33 @@ static rpmRC addFile(FileList fl, const char * diskPath, if (*cpioPath == '\0') cpioPath = "/"; @@ -165,7 +285,7 @@ index 6dfd801c8..ab6938d8c 100644 /* * Unless recursing, we dont have stat() info at hand. Handle the * various cases, preserving historical behavior wrt %dev(): -@@ -1527,6 +1595,8 @@ static rpmRC addFile(FileList fl, const char * diskPath, +@@ -1527,6 +1710,8 @@ static rpmRC addFile(FileList fl, const char * diskPath, } flp->flags = fl->cur.attrFlags; @@ -174,11 +294,10 @@ index 6dfd801c8..ab6938d8c 100644 flp->specdFlags = fl->cur.specdFlags; flp->verifyFlags = fl->cur.verifyFlags; -@@ -1547,6 +1617,32 @@ exit: - return rc; +@@ -1548,6 +1733,32 @@ exit: } -+/** + /** + * Add a file to the package manifest. + * @param fl package file tree walk data + * @param diskPath path to file @@ -204,10 +323,11 @@ index 6dfd801c8..ab6938d8c 100644 + return addFile_common(fl, diskPath, statp, 1); +} + - /** ++/** * Add directory (and all of its files) to the package manifest. * @param fl package file tree walk data -@@ -2556,6 +2652,58 @@ static void addPackageFileList (struct FileList_s *fl, Package pkg, + * @param diskPath path to file +@@ -2556,6 +2767,58 @@ static void addPackageFileList (struct FileList_s *fl, Package pkg, argvFree(fileNames); } @@ -266,7 +386,7 @@ index 6dfd801c8..ab6938d8c 100644 static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags, Package pkg, int didInstall, int test) { -@@ -2569,6 +2717,10 @@ static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags, +@@ -2569,6 +2832,10 @@ static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags, if (readFilesManifest(spec, pkg, *fp)) return RPMRC_FAIL; } @@ -277,7 +397,17 @@ index 6dfd801c8..ab6938d8c 100644 /* Init the file list structure */ memset(&fl, 0, sizeof(fl)); -@@ -2630,6 +2782,7 @@ exit: +@@ -2624,12 +2891,17 @@ static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags, + if (checkHardLinks(&fl.files)) + (void) rpmlibNeedsFeature(pkg, "PartialHardlinkSets", "4.0.4-1"); + ++ genDigestListInput(&fl, pkg, 0); ++ if (fl.processingFailed) ++ goto exit; ++ + genCpioListAndHeader(&fl, pkg, 0); + + exit: FileListFree(&fl); specialDirFree(specialDoc); specialDirFree(specialLic); @@ -285,7 +415,7 @@ index 6dfd801c8..ab6938d8c 100644 return fl.processingFailed ? RPMRC_FAIL : RPMRC_OK; } -@@ -3092,6 +3245,7 @@ static void addPackageDeps(Package from, Package to, enum rpmTag_e tag) +@@ -3093,6 +3365,7 @@ static void addPackageDeps(Package from, Package to, enum rpmTag_e tag) rpmRC processBinaryFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags, int didInstall, int test) { @@ -293,7 +423,7 @@ index 6dfd801c8..ab6938d8c 100644 Package pkg; rpmRC rc = RPMRC_OK; char *buildroot; -@@ -3108,7 +3262,14 @@ rpmRC processBinaryFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags, +@@ -3109,7 +3382,14 @@ rpmRC processBinaryFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags, check_fileList = newStringBuf(); genSourceRpmName(spec); buildroot = rpmGenPath(spec->rootDir, spec->buildRoot, NULL); @@ -309,7 +439,7 @@ index 6dfd801c8..ab6938d8c 100644 if (rpmExpandNumeric("%{?_debuginfo_subpackages}")) { maindbg = findDebuginfoPackage(spec); if (maindbg) { -@@ -3214,6 +3375,7 @@ exit: +@@ -3215,6 +3495,7 @@ exit: check_fileList = freeStringBuf(check_fileList); _free(buildroot); _free(uniquearch); @@ -319,5 +449,5 @@ index 6dfd801c8..ab6938d8c 100644 return rc; } -- -2.27.GIT +1.8.3.1 diff --git a/rpm.spec b/rpm.spec index fbe5024..8ea3587 100644 --- a/rpm.spec +++ b/rpm.spec @@ -1,6 +1,6 @@ Name: rpm Version: 4.15.1 -Release: 21 +Release: 22 Summary: RPM Package Manager License: GPLv2+ URL: http://www.rpm.org/ @@ -78,8 +78,6 @@ Patch66: backport-Always-open-and-initialize-the-entire-database-at-on.patch Patch67: backport-Stop-on-first-failure-when-trying-to-open-a-database.patch Patch68: backport-Only-attempt-loading-the-keyring-once-the-rpmdb-is-o.patch -Patch69: Generate-digest-lists-before-calling-genCpioAndHeader.patch - BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel BuildRequires: zlib-devel libzstd-devel xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel BuildRequires: dbus-devel fakechroot elfutils-devel elfutils-libelf-devel ima-evm-utils @@ -346,6 +344,12 @@ make check || (cat tests/rpmtests.log; exit 0) %{_mandir}/man1/gendiff.1* %changelog +* Thu Mar 25 2021 Anakin Zhang - 4.15.1-22 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:sync with master branch + * Sat Feb 27 2021 Anakin Zhang - 4.15.1-21 - Type:bugfix - ID:NA