Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/gnome-base
diff options
context:
space:
mode:
authorMart Raudsepp <leio@gentoo.org>2018-08-15 18:30:45 +0300
committerMart Raudsepp <leio@gentoo.org>2018-08-15 18:52:05 +0300
commitfa688468a75b6463a9265e4f85077a60eceddcf2 (patch)
tree6d65c059de25052d387de336c28491be1fa50d57 /gnome-base
parentwww-plugins/adobe-flash: Old. (diff)
downloadgentoo-fa688468a75b6463a9265e4f85077a60eceddcf2.tar.gz
gentoo-fa688468a75b6463a9265e4f85077a60eceddcf2.tar.bz2
gentoo-fa688468a75b6463a9265e4f85077a60eceddcf2.zip
gnome-base/gdm: CVE-2018-14424 and related patches
While here, remove an ancient fixup for a supposedly temporary gdm-3.5 bug that had resulted in wrong /var/lib/gdm permissions, and remove unused versionator inherit. Bug: https://bugs.gentoo.org/662782 Package-Manager: Portage-2.3.44, Repoman-2.3.10
Diffstat (limited to 'gnome-base')
-rw-r--r--gnome-base/gdm/files/3.24.3-CVE-2018-14424.patch163
-rw-r--r--gnome-base/gdm/files/3.24.3-display-object-lifetime-fix.patch61
-rw-r--r--gnome-base/gdm/gdm-3.24.3-r1.ebuild202
3 files changed, 426 insertions, 0 deletions
diff --git a/gnome-base/gdm/files/3.24.3-CVE-2018-14424.patch b/gnome-base/gdm/files/3.24.3-CVE-2018-14424.patch
new file mode 100644
index 000000000000..4edb0670958f
--- /dev/null
+++ b/gnome-base/gdm/files/3.24.3-CVE-2018-14424.patch
@@ -0,0 +1,163 @@
+From 6060db704a19b0db68f2e9e6a2d020c0c78b6bba Mon Sep 17 00:00:00 2001
+From: Chris Coulson <chris.coulson@canonical.com>
+Date: Thu, 19 Jul 2018 18:26:05 +0100
+Subject: [PATCH] display-store: Pass the display object rather than the id in
+ the removed signal
+
+By the time GdmDisplayStore emits the "display-removed" signal, the display
+is no longer in the store and gdm_display_store_lookup will not work in
+signal handlers.
+
+Change the "display-removed" parameter from the display id to the GdmDisplay
+object, so that signal handers can perform any cleanup they need to do
+
+CVE-2018-14424
+
+Closes: https://gitlab.gnome.org/GNOME/gdm/issues/401
+---
+ daemon/gdm-display-store.c | 11 +++--------
+ daemon/gdm-display-store.h | 2 +-
+ daemon/gdm-local-display-factory.c | 13 +++----------
+ daemon/gdm-manager.c | 19 +++++++++----------
+ daemon/gdm-manager.h | 3 ++-
+ 5 files changed, 18 insertions(+), 30 deletions(-)
+
+diff --git a/daemon/gdm-display-store.c b/daemon/gdm-display-store.c
+index af76f519..fd24334e 100644
+--- a/daemon/gdm-display-store.c
++++ b/daemon/gdm-display-store.c
+@@ -76,15 +76,10 @@ stored_display_new (GdmDisplayStore *store,
+ static void
+ stored_display_free (StoredDisplay *stored_display)
+ {
+- char *id;
+-
+- gdm_display_get_id (stored_display->display, &id, NULL);
+-
+ g_signal_emit (G_OBJECT (stored_display->store),
+ signals[DISPLAY_REMOVED],
+ 0,
+- id);
+- g_free (id);
++ stored_display->display);
+
+ g_debug ("GdmDisplayStore: Unreffing display: %p",
+ stored_display->display);
+@@ -281,9 +276,9 @@ gdm_display_store_class_init (GdmDisplayStoreClass *klass)
+ G_STRUCT_OFFSET (GdmDisplayStoreClass, display_removed),
+ NULL,
+ NULL,
+- g_cclosure_marshal_VOID__STRING,
++ g_cclosure_marshal_VOID__OBJECT,
+ G_TYPE_NONE,
+- 1, G_TYPE_STRING);
++ 1, G_TYPE_OBJECT);
+
+ g_type_class_add_private (klass, sizeof (GdmDisplayStorePrivate));
+ }
+diff --git a/daemon/gdm-display-store.h b/daemon/gdm-display-store.h
+index 28359933..0aff8ee2 100644
+--- a/daemon/gdm-display-store.h
++++ b/daemon/gdm-display-store.h
+@@ -49,7 +49,7 @@ typedef struct
+ void (* display_added) (GdmDisplayStore *display_store,
+ const char *id);
+ void (* display_removed) (GdmDisplayStore *display_store,
+- const char *id);
++ GdmDisplay *display);
+ } GdmDisplayStoreClass;
+
+ typedef enum
+diff --git a/daemon/gdm-local-display-factory.c b/daemon/gdm-local-display-factory.c
+index b29f5ac5..403921d3 100644
+--- a/daemon/gdm-local-display-factory.c
++++ b/daemon/gdm-local-display-factory.c
+@@ -558,18 +558,11 @@ on_display_added (GdmDisplayStore *display_store,
+
+ static void
+ on_display_removed (GdmDisplayStore *display_store,
+- const char *id,
++ GdmDisplay *display,
+ GdmLocalDisplayFactory *factory)
+ {
+- GdmDisplay *display;
+-
+- display = gdm_display_store_lookup (display_store, id);
+-
+- if (display != NULL) {
+- g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory);
+- g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory);
+-
+- }
++ g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory);
++ g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory);
+ }
+
+ static gboolean
+diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
+index 7539acf1..1943d89e 100644
+--- a/daemon/gdm-manager.c
++++ b/daemon/gdm-manager.c
+@@ -1700,19 +1700,18 @@ on_display_status_changed (GdmDisplay *display,
+
+ static void
+ on_display_removed (GdmDisplayStore *display_store,
+- const char *id,
++ GdmDisplay *display,
+ GdmManager *manager)
+ {
+- GdmDisplay *display;
++ char *id;
+
+- display = gdm_display_store_lookup (display_store, id);
+- if (display != NULL) {
+- g_dbus_object_manager_server_unexport (manager->priv->object_manager, id);
++ gdm_display_get_id (display, &id, NULL);
++ g_dbus_object_manager_server_unexport (manager->priv->object_manager, id);
++ g_free (id);
+
+- g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager);
++ g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager);
+
+- g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, id);
+- }
++ g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, display);
+ }
+
+ static void
+@@ -2694,9 +2693,9 @@ gdm_manager_class_init (GdmManagerClass *klass)
+ G_STRUCT_OFFSET (GdmManagerClass, display_removed),
+ NULL,
+ NULL,
+- g_cclosure_marshal_VOID__STRING,
++ g_cclosure_marshal_VOID__OBJECT,
+ G_TYPE_NONE,
+- 1, G_TYPE_STRING);
++ 1, G_TYPE_OBJECT);
+
+ g_object_class_install_property (object_class,
+ PROP_XDMCP_ENABLED,
+diff --git a/daemon/gdm-manager.h b/daemon/gdm-manager.h
+index 41c68a7a..c8fb3f22 100644
+--- a/daemon/gdm-manager.h
++++ b/daemon/gdm-manager.h
+@@ -24,6 +24,7 @@
+
+ #include <glib-object.h>
+
++#include "gdm-display.h"
+ #include "gdm-manager-glue.h"
+
+ G_BEGIN_DECLS
+@@ -50,7 +51,7 @@ typedef struct
+ void (* display_added) (GdmManager *manager,
+ const char *id);
+ void (* display_removed) (GdmManager *manager,
+- const char *id);
++ GdmDisplay *display);
+ } GdmManagerClass;
+
+ typedef enum
+--
+2.17.1
+
diff --git a/gnome-base/gdm/files/3.24.3-display-object-lifetime-fix.patch b/gnome-base/gdm/files/3.24.3-display-object-lifetime-fix.patch
new file mode 100644
index 000000000000..47366ed686cb
--- /dev/null
+++ b/gnome-base/gdm/files/3.24.3-display-object-lifetime-fix.patch
@@ -0,0 +1,61 @@
+From 765b306c364885dd89d47fe9fe8618ce6a467bc1 Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Thu, 19 Jul 2018 16:01:23 -0400
+Subject: [PATCH] display: tie skeleton handlers to object lifetime
+
+Right now we assume a display skeleton object won't
+outlive its associated display object.
+
+In theory that should be true, but if we accidentally
+leak the skeleton it could erroneously happen.
+
+If that does happen then we'll end accessing free'd
+memory, so the leak will turn into a crasher.
+
+This commit addresses this problem by ensuring
+the skeleton signal handlers are disconnected when the
+associated display object goes away.
+
+CVE-2018-14424
+---
+ daemon/gdm-display.c | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/daemon/gdm-display.c b/daemon/gdm-display.c
+index 1b58781d..5e193f2f 100644
+--- a/daemon/gdm-display.c
++++ b/daemon/gdm-display.c
+@@ -1109,18 +1109,18 @@ register_display (GdmDisplay *self)
+ self->priv->object_skeleton = g_dbus_object_skeleton_new (self->priv->id);
+ self->priv->display_skeleton = GDM_DBUS_DISPLAY (gdm_dbus_display_skeleton_new ());
+
+- g_signal_connect (self->priv->display_skeleton, "handle-get-id",
+- G_CALLBACK (handle_get_id), self);
+- g_signal_connect (self->priv->display_skeleton, "handle-get-remote-hostname",
+- G_CALLBACK (handle_get_remote_hostname), self);
+- g_signal_connect (self->priv->display_skeleton, "handle-get-seat-id",
+- G_CALLBACK (handle_get_seat_id), self);
+- g_signal_connect (self->priv->display_skeleton, "handle-get-x11-display-name",
+- G_CALLBACK (handle_get_x11_display_name), self);
+- g_signal_connect (self->priv->display_skeleton, "handle-is-local",
+- G_CALLBACK (handle_is_local), self);
+- g_signal_connect (self->priv->display_skeleton, "handle-is-initial",
+- G_CALLBACK (handle_is_initial), self);
++ g_signal_connect_object (self->priv->display_skeleton, "handle-get-id",
++ G_CALLBACK (handle_get_id), self, 0);
++ g_signal_connect_object (self->priv->display_skeleton, "handle-get-remote-hostname",
++ G_CALLBACK (handle_get_remote_hostname), self, 0);
++ g_signal_connect_object (self->priv->display_skeleton, "handle-get-seat-id",
++ G_CALLBACK (handle_get_seat_id), self, 0);
++ g_signal_connect_object (self->priv->display_skeleton, "handle-get-x11-display-name",
++ G_CALLBACK (handle_get_x11_display_name), self, 0);
++ g_signal_connect_object (self->priv->display_skeleton, "handle-is-local",
++ G_CALLBACK (handle_is_local), self, 0);
++ g_signal_connect_object (self->priv->display_skeleton, "handle-is-initial",
++ G_CALLBACK (handle_is_initial), self, 0);
+
+ g_dbus_object_skeleton_add_interface (self->priv->object_skeleton,
+ G_DBUS_INTERFACE_SKELETON (self->priv->display_skeleton));
+--
+2.17.1
+
diff --git a/gnome-base/gdm/gdm-3.24.3-r1.ebuild b/gnome-base/gdm/gdm-3.24.3-r1.ebuild
new file mode 100644
index 000000000000..a2cb1b8cc7a8
--- /dev/null
+++ b/gnome-base/gdm/gdm-3.24.3-r1.ebuild
@@ -0,0 +1,202 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+GNOME2_LA_PUNT="yes"
+
+inherit eutils gnome2 pam readme.gentoo-r1 systemd user
+
+DESCRIPTION="GNOME Display Manager for managing graphical display servers and user logins"
+HOMEPAGE="https://wiki.gnome.org/Projects/GDM"
+
+SRC_URI="${SRC_URI}
+ branding? ( https://www.mail-archive.com/tango-artists@lists.freedesktop.org/msg00043/tango-gentoo-v1.1.tar.gz )
+"
+
+LICENSE="
+ GPL-2+
+ branding? ( CC-BY-SA-4.0 )
+"
+
+SLOT="0"
+
+IUSE="accessibility audit branding fprint +introspection ipv6 plymouth selinux smartcard tcpd test wayland xinerama"
+
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sh ~x86"
+
+# NOTE: x11-base/xorg-server dep is for X_SERVER_PATH etc, bug #295686
+# nspr used by smartcard extension
+# dconf, dbus and g-s-d are needed at install time for dconf update
+# We need either systemd or >=openrc-0.12 to restart gdm properly, bug #463784
+COMMON_DEPEND="
+ app-text/iso-codes
+ >=dev-libs/glib-2.36:2[dbus]
+ >=x11-libs/gtk+-2.91.1:3
+ >=gnome-base/dconf-0.20
+ >=gnome-base/gnome-settings-daemon-3.1.4
+ gnome-base/gsettings-desktop-schemas
+ >=media-libs/fontconfig-2.5.0:1.0
+ >=media-libs/libcanberra-0.4[gtk3]
+ sys-apps/dbus
+ >=sys-apps/accountsservice-0.6.35
+
+ x11-apps/sessreg
+ x11-base/xorg-server
+ x11-libs/libXi
+ x11-libs/libXau
+ x11-libs/libX11
+ x11-libs/libXdmcp
+ x11-libs/libXext
+ x11-libs/libXft
+ x11-libs/libxcb
+ >=x11-misc/xdg-utils-1.0.2-r3
+
+ virtual/pam
+ >=sys-apps/systemd-186:0=[pam]
+
+ sys-auth/pambase[systemd]
+
+ audit? ( sys-process/audit )
+ introspection? ( >=dev-libs/gobject-introspection-0.9.12:= )
+ plymouth? ( sys-boot/plymouth )
+ selinux? ( sys-libs/libselinux )
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
+ xinerama? ( x11-libs/libXinerama )
+"
+# XXX: These deps are from session and desktop files in data/ directory
+# fprintd is used via dbus by gdm-fingerprint-extension
+# gnome-session-3.6 needed to avoid freezing with orca
+RDEPEND="${COMMON_DEPEND}
+ >=gnome-base/gnome-session-3.6
+ >=gnome-base/gnome-shell-3.1.90
+ x11-apps/xhost
+
+ accessibility? (
+ >=app-accessibility/orca-3.10
+ gnome-extra/mousetweaks )
+ fprint? (
+ sys-auth/fprintd
+ sys-auth/pam_fprint )
+
+ !gnome-extra/fast-user-switch-applet
+"
+DEPEND="${COMMON_DEPEND}
+ app-text/docbook-xml-dtd:4.1.2
+ dev-util/gdbus-codegen
+ >=dev-util/intltool-0.40.0
+ dev-util/itstool
+ virtual/pkgconfig
+ x11-base/xorg-proto
+ test? ( >=dev-libs/check-0.9.4 )
+"
+
+DOC_CONTENTS="
+ To make GDM start at boot, run:\n
+ # systemctl enable gdm.service\n
+ \n
+ For passwordless login to unlock your keyring, you need to install
+ sys-auth/pambase with USE=gnome-keyring and set an empty password
+ on your keyring. Use app-crypt/seahorse for that.\n
+ \n
+ You may need to install app-crypt/coolkey and sys-auth/pam_pkcs11
+ for smartcard support
+"
+
+pkg_setup() {
+ enewgroup gdm
+ enewgroup video # Just in case it hasn't been created yet
+ enewuser gdm -1 -1 /var/lib/gdm gdm,video
+
+ # For compatibility with certain versions of nvidia-drivers, etc., need to
+ # ensure that gdm user is in the video group
+ if ! egetent group video | grep -q gdm; then
+ # FIXME XXX: is this at all portable, ldap-safe, etc.?
+ # XXX: egetent does not have a 1-argument form, so we can't use it to
+ # get the list of gdm's groups
+ local g=$(groups gdm)
+ elog "Adding user gdm to video group"
+ usermod -G video,${g// /,} gdm || die "Adding user gdm to video group failed"
+ fi
+}
+
+src_prepare() {
+ # ssh-agent handling must be done at xinitrc.d, bug #220603
+ eapply "${FILESDIR}/${PN}-2.32.0-xinitrc-ssh-agent.patch"
+
+ # Gentoo does not have a fingerprint-auth pam stack
+ eapply "${FILESDIR}/${PN}-3.8.4-fingerprint-auth.patch"
+
+ # CVE-2018-14424, bug #662782
+ eapply "${FILESDIR}/${PV}-CVE-2018-14424.patch"
+ eapply "${FILESDIR}/${PV}-display-object-lifetime-fix.patch"
+
+ # Show logo when branding is enabled
+ use branding && eapply "${FILESDIR}/${PN}-3.8.4-logo.patch"
+
+ gnome2_src_prepare
+}
+
+src_configure() {
+ local myconf
+ # PAM is the only auth scheme supported
+ # even though configure lists shadow and crypt
+ # they don't have any corresponding code.
+ # --with-at-spi-registryd-directory= needs to be passed explicitly because
+ # of https://bugzilla.gnome.org/show_bug.cgi?id=607643#c4
+ # Xevie is obsolete, bug #482304
+ # --with-initial-vt=7 conflicts with plymouth, bug #453392
+ ! use plymouth && myconf="${myconf} --with-initial-vt=7"
+
+ gnome2_src_configure \
+ --enable-gdm-xsession \
+ --enable-user-display-server \
+ --with-run-dir=/run/gdm \
+ --localstatedir="${EPREFIX}"/var \
+ --disable-static \
+ --with-xdmcp=yes \
+ --enable-authentication-scheme=pam \
+ --with-default-pam-config=exherbo \
+ --with-pam-mod-dir=$(getpam_mod_dir) \
+ --with-at-spi-registryd-directory="${EPREFIX}"/usr/libexec \
+ --without-xevie \
+ --enable-systemd-journal \
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
+ $(use_with audit libaudit) \
+ $(use_enable ipv6) \
+ $(use_with plymouth) \
+ $(use_with selinux) \
+ $(use_with tcpd tcp-wrappers) \
+ $(use_enable wayland wayland-support) \
+ $(use_with xinerama) \
+ ${myconf}
+}
+
+src_install() {
+ gnome2_src_install
+
+ if ! use accessibility ; then
+ rm "${ED}"/usr/share/gdm/greeter/autostart/orca-autostart.desktop || die
+ fi
+
+ exeinto /etc/X11/xinit/xinitrc.d
+ newexe "${FILESDIR}/49-keychain-r1" 49-keychain
+ newexe "${FILESDIR}/50-ssh-agent-r1" 50-ssh-agent
+
+ # gdm user's home directory
+ keepdir /var/lib/gdm
+ fowners gdm:gdm /var/lib/gdm
+
+ # install XDG_DATA_DIRS gdm changes
+ echo 'XDG_DATA_DIRS="/usr/share/gdm"' > 99xdg-gdm
+ doenvd 99xdg-gdm
+
+ use branding && newicon "${WORKDIR}/tango-gentoo-v1.1/scalable/gentoo.svg" gentoo-gdm.svg
+
+ readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ gnome2_pkg_postinst
+ systemd_reenable gdm.service
+ readme.gentoo_print_elog
+}