sys-apps/util-linux: Revbump to add various upstream fixes

* Erase names in agetty by pressing CTRL-C (#804972)
* Fixed user mount of davfs2 filesystems (#805218)
* Fixed lscpu segfault on riscv plattform with upstream patch (#802606)
+ Fixed potential buffer overflow in ipcutils (#806070) (CVE-2021-37600)

Bug: https://bugs.gentoo.org/806070
Closes: https://bugs.gentoo.org/804972
Closes: https://bugs.gentoo.org/805218
Closes: https://bugs.gentoo.org/802606
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

5 files changed, 501 insertions, 0 deletions

diff --git a/sys-apps/util-linux/files/util-linux-2.37.1-agetty_ctrl-c_erase.patch b/sys-apps/util-linux/files/util-linux-2.37.1-agetty_ctrl-c_erase.patch
new file mode 100644
index 000000000000..4828fd449f95
--- /dev/null
+++ b/sys-apps/util-linux/files/util-linux-2.37.1-agetty_ctrl-c_erase.patch
@@ -0,0 +1,50 @@
+From 6eb1c01e9dd25a73100f06db37190c63fd57d4d9 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Fri, 30 Jul 2021 11:50:46 +0200
+Subject: [PATCH] agetty: use CTRL+C to erase username
+
+aggety(8) from the beginning ignores ^C (the small exception was
+between 2.32 and 2.34 when this char has been misinterpreted).
+
+This patch forces agetty to interpret ^C like ^U, it means to
+erase the user's input and wait for a completely new username.
+The small difference is that for ^C it does not set 'kill character'.
+
+This change does not affect serial lines where ^C is still ignored like
+in previous decades. I'd like to avoid any regression as I have
+no clue if any serial lines do not send this control char in some
+context ...
+
+Fixes: https://github.com/karelzak/util-linux/issues/1399
+References: https://github.com/karelzak/util-linux/issues/1046
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ term-utils/agetty.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/term-utils/agetty.c b/term-utils/agetty.c
+index 3b3d5101a..d072d64d3 100644
+--- a/term-utils/agetty.c
++++ b/term-utils/agetty.c
+@@ -2267,6 +2267,11 @@ static char *get_logname(struct issue *ie, struct options *op, struct termios *t
+ 				break;
+ 			case CTL('U'):
+ 				cp->kill = ascval;		/* set kill character */
++				/* fallthrough */
++			case CTL('C'):
++				if (key == CTL('C') && !(op->flags & F_VCONSOLE))
++					/* Ignore CTRL+C on serial line */
++					break;
+ 				while (bp > logname) {
+ 					if ((tp->c_lflag & ECHO) == 0)
+ 						write_all(1, erase[cp->parity], 3);
+@@ -2275,9 +2280,6 @@ static char *get_logname(struct issue *ie, struct options *op, struct termios *t
+ 				break;
+ 			case CTL('D'):
+ 				exit(EXIT_SUCCESS);
+-			case CTL('C'):
+-				/* Ignore */
+-				break;
+ 			default:
+ 				if ((size_t)(bp - logname) >= sizeof(logname) - 1)
+ 					log_err(_("%s: input overrun"), op->tty);
diff --git a/sys-apps/util-linux/files/util-linux-2.37.1-ipcutils_calloc_check.patch b/sys-apps/util-linux/files/util-linux-2.37.1-ipcutils_calloc_check.patch
new file mode 100644
index 000000000000..44490ce1bd06
--- /dev/null
+++ b/sys-apps/util-linux/files/util-linux-2.37.1-ipcutils_calloc_check.patch
@@ -0,0 +1,25 @@
+From 86d5de52d43501711586054e7b601fbc57403085 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 27 Jul 2021 11:58:31 +0200
+Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64
+ nmembs
+
+Fix: https://github.com/karelzak/util-linux/issues/1395
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ sys-utils/ipcutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
+index e784c4dcb9..18868cfd38 100644
+--- a/sys-utils/ipcutils.c
++++ b/sys-utils/ipcutils.c
+@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p)
+ {
+ 	size_t i;
+ 
+-	if (!p || !p->sem_nsems || p->sem_perm.id < 0)
++	if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0)
+ 		return;
+ 
+ 	p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));
diff --git a/sys-apps/util-linux/files/util-linux-2.37.1-libmount_setgroups_fix.patch b/sys-apps/util-linux/files/util-linux-2.37.1-libmount_setgroups_fix.patch
new file mode 100644
index 000000000000..ebde207986b9
--- /dev/null
+++ b/sys-apps/util-linux/files/util-linux-2.37.1-libmount_setgroups_fix.patch
@@ -0,0 +1,38 @@
+From 420e914c4cc4c2ba34fd75790ea194d7f4a47d2c Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Thu, 29 Jul 2021 11:50:48 +0200
+Subject: [PATCH] libmount: fix setgroups() use
+
+* keep process in single supplementary group, which is the real group ID for the process
+
+* make sure we have rights to call setgroups(), requires group permissions
+
+Fixes: https://github.com/karelzak/util-linux/issues/1398
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ include/c.h | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/include/c.h b/include/c.h
+index c1e4c5ffc..a4504e3ba 100644
+--- a/include/c.h
++++ b/include/c.h
+@@ -340,14 +340,16 @@ static inline size_t get_hostname_max(void)
+ 
+ static inline int drop_permissions(void)
+ {
++	gid_t newgid = getgid();
++
+ 	errno = 0;
+ 
+ 	/* drop supplementary groups */
+-	if (setgroups(0, NULL) != 0)
++	if (geteuid() == 0 && setgroups(1, &newgid) != 0)
+ 		goto fail;
+ 
+ 	/* drop GID */
+-	if (setgid(getgid()) < 0)
++	if (setgid(newgid) < 0)
+ 		goto fail;
+ 
+ 	/* drop UID */
diff --git a/sys-apps/util-linux/files/util-linux-2.37.1-lscpu_NULL_dereference_fix.patch b/sys-apps/util-linux/files/util-linux-2.37.1-lscpu_NULL_dereference_fix.patch
new file mode 100644
index 000000000000..50322e63a8ec
--- /dev/null
+++ b/sys-apps/util-linux/files/util-linux-2.37.1-lscpu_NULL_dereference_fix.patch
@@ -0,0 +1,50 @@
+From 0d7cef3ddbd2aacbea8c11e8524a3de68dfb8ff6 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Fri, 30 Jul 2021 14:35:25 +0200
+Subject: [PATCH] lscpu: fix NULL dereference
+
+Fixes: https://github.com/karelzak/util-linux/issues/1401
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ sys-utils/lscpu-cputype.c | 2 +-
+ sys-utils/lscpu.c         | 6 +++---
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/sys-utils/lscpu-cputype.c b/sys-utils/lscpu-cputype.c
+index 795a4acf5..be16199e0 100644
+--- a/sys-utils/lscpu-cputype.c
++++ b/sys-utils/lscpu-cputype.c
+@@ -569,7 +569,7 @@ int lscpu_read_cpuinfo(struct lscpu_cxt *cxt)
+ 	/* Set the default type to CPUs which are missing (or not parsed)
+ 	 * in cpuinfo */
+ 	ct = lscpu_cputype_get_default(cxt);
+-	for (i = 0; i < cxt->npossibles; i++) {
++	for (i = 0; ct && i < cxt->npossibles; i++) {
+ 		struct lscpu_cpu *cpu = cxt->cpus[i];
+ 
+ 		if (cpu && !cpu->type)
+diff --git a/sys-utils/lscpu.c b/sys-utils/lscpu.c
+index 827e84a6d..e11b2f42f 100644
+--- a/sys-utils/lscpu.c
++++ b/sys-utils/lscpu.c
+@@ -991,7 +991,7 @@ static void print_summary(struct lscpu_cxt *cxt)
+ 		*(p - 2) = '\0';
+ 		add_summary_s(tb, sec, _("CPU op-mode(s):"), buf);
+ 	}
+-	if (ct->addrsz)
++	if (ct && ct->addrsz)
+ 		add_summary_s(tb, sec, _("Address sizes:"), ct->addrsz);
+ #if !defined(WORDS_BIGENDIAN)
+ 	add_summary_s(tb, sec, _("Byte Order:"), "Little Endian");
+@@ -1033,9 +1033,9 @@ static void print_summary(struct lscpu_cxt *cxt)
+ 	sec = NULL;
+ 
+ 	/* Section: cpu type description */
+-	if (ct->vendor)
++	if (ct && ct->vendor)
+ 		sec = add_summary_s(tb, NULL, _("Vendor ID:"), ct->vendor);
+-	if (ct->bios_vendor)
++	if (ct && ct->bios_vendor)
+ 		add_summary_s(tb, sec, _("BIOS Vendor ID:"), ct->bios_vendor);
+ 
+ 	for (i = 0; i < cxt->ncputypes; i++)
diff --git a/sys-apps/util-linux/util-linux-2.37.1-r1.ebuild b/sys-apps/util-linux/util-linux-2.37.1-r1.ebuild
new file mode 100644
index 000000000000..74d874455d9c
--- /dev/null
+++ b/sys-apps/util-linux/util-linux-2.37.1-r1.ebuild
@@ -0,0 +1,338 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{7..9} )
+
+inherit toolchain-funcs libtool flag-o-matic bash-completion-r1 usr-ldscript \
+	pam python-r1 multilib-minimal multiprocessing systemd
+
+MY_PV="${PV/_/-}"
+MY_P="${PN}-${MY_PV}"
+
+if [[ ${PV} == 9999 ]] ; then
+	inherit git-r3 autotools
+	EGIT_REPO_URI="https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git"
+else
+	[[ "${PV}" = *_rc* ]] || \
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+	SRC_URI="https://www.kernel.org/pub/linux/utils/util-linux/v${PV:0:4}/${MY_P}.tar.xz"
+fi
+
+DESCRIPTION="Various useful Linux utilities"
+HOMEPAGE="https://www.kernel.org/pub/linux/utils/util-linux/ https://github.com/karelzak/util-linux"
+
+LICENSE="GPL-2 GPL-3 LGPL-2.1 BSD-4 MIT public-domain"
+SLOT="0"
+IUSE="audit build caps +cramfs cryptsetup fdformat hardlink kill +logger magic ncurses nls pam python +readline selinux slang static-libs su +suid systemd test tty-helpers udev unicode userland_GNU"
+
+# Most lib deps here are related to programs rather than our libs,
+# so we rarely need to specify ${MULTILIB_USEDEP}.
+RDEPEND="
+	virtual/libcrypt:=
+	audit? ( >=sys-process/audit-2.6:= )
+	caps? ( sys-libs/libcap-ng )
+	cramfs? ( sys-libs/zlib:= )
+	cryptsetup? ( >=sys-fs/cryptsetup-2.1.0 )
+	hardlink? ( dev-libs/libpcre2:= )
+	ncurses? (
+		sys-libs/ncurses:=[unicode(+)?]
+		magic? ( sys-apps/file:0= )
+	)
+	nls? ( virtual/libintl[${MULTILIB_USEDEP}] )
+	pam? ( sys-libs/pam )
+	ppc? ( sys-libs/librtas )
+	ppc64? ( sys-libs/librtas )
+	python? ( ${PYTHON_DEPS} )
+	readline? ( sys-libs/readline:0= )
+	selinux? ( >=sys-libs/libselinux-2.2.2-r4[${MULTILIB_USEDEP}] )
+	slang? ( sys-libs/slang )
+	!build? ( systemd? ( sys-apps/systemd ) )
+	udev? ( virtual/libudev:= )"
+BDEPEND="
+	virtual/pkgconfig
+	nls? ( sys-devel/gettext )
+	test? ( sys-devel/bc )
+"
+DEPEND="
+	${RDEPEND}
+	virtual/os-headers
+"
+RDEPEND+="
+	hardlink? ( !app-arch/hardlink )
+	logger? ( !>=app-admin/sysklogd-2.0[logger] )
+	kill? (
+		!sys-apps/coreutils[kill]
+		!sys-process/procps[kill]
+	)
+	su? (
+		!<sys-apps/shadow-4.7-r2
+		!>=sys-apps/shadow-4.7-r2[su]
+	)
+	!net-wireless/rfkill
+	!<app-shells/bash-completion-2.7-r1
+"
+
+# Required for man-page generation
+if [[ "${PV}" == 9999 ]] ; then
+	BDEPEND+="
+		dev-ruby/asciidoctor
+	"
+fi
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+RESTRICT="!test? ( test )"
+
+S="${WORKDIR}/${MY_P}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2.37.1-ipcutils_calloc_check.patch #806070
+	"${FILESDIR}"/${PN}-2.37.1-libmount_setgroups_fix.patch #805218
+	"${FILESDIR}"/${PN}-2.37.1-agetty_ctrl-c_erase.patch #804972
+	"${FILESDIR}"/${PN}-2.37.1-lscpu_NULL_dereference_fix.patch #802606
+)
+
+src_prepare() {
+	default
+
+	# Prevent uuidd test failure due to socket path limit. #593304
+	sed -i \
+		-e "s|UUIDD_SOCKET=\"\$(mktemp -u \"\${TS_OUTDIR}/uuiddXXXXXXXXXXXXX\")\"|UUIDD_SOCKET=\"\$(mktemp -u \"${T}/uuiddXXXXXXXXXXXXX.sock\")\"|g" \
+		tests/ts/uuid/uuidd || die "Failed to fix uuidd test"
+
+	if ! use userland_GNU ; then
+		# test runner is using GNU-specific xargs call
+		sed -i -e 's:xargs:gxargs:' tests/run.sh || die
+		# test requires util-linux uuidgen (which we don't build)
+		rm tests/ts/uuid/oids || die
+	fi
+
+	if [[ ${PV} == 9999 ]] ; then
+		po/update-potfiles
+		eautoreconf
+	fi
+
+	elibtoolize
+}
+
+lfs_fallocate_test() {
+	# Make sure we can use fallocate with LFS #300307
+	cat <<-EOF > "${T}"/fallocate.${ABI}.c
+		#define _GNU_SOURCE
+		#include <fcntl.h>
+		main() { return fallocate(0, 0, 0, 0); }
+	EOF
+	append-lfs-flags
+	$(tc-getCC) ${CFLAGS} ${CPPFLAGS} ${LDFLAGS} "${T}"/fallocate.${ABI}.c -o /dev/null >/dev/null 2>&1 \
+		|| export ac_cv_func_fallocate=no
+	rm -f "${T}"/fallocate.${ABI}.c
+}
+
+python_configure() {
+	local myeconfargs=(
+		"${commonargs[@]}"
+		--disable-all-programs
+		--disable-bash-completion
+		--without-systemdsystemunitdir
+		--with-python
+	)
+	if use userland_GNU ; then
+		myeconfargs+=(
+			--enable-libblkid
+			--enable-libmount
+			--enable-pylibmount
+		)
+	fi
+	mkdir "${BUILD_DIR}" || die
+	pushd "${BUILD_DIR}" >/dev/null || die
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+	popd >/dev/null || die
+}
+
+multilib_src_configure() {
+	lfs_fallocate_test
+	# The scanf test in a run-time test which fails while cross-compiling.
+	# Blindly assume a POSIX setup since we require libmount, and libmount
+	# itself fails when the scanf test fails. #531856
+	tc-is-cross-compiler && export scanf_cv_alloc_modifier=ms
+	export ac_cv_header_security_pam_misc_h=$(multilib_native_usex pam) #485486
+	export ac_cv_header_security_pam_appl_h=$(multilib_native_usex pam) #545042
+
+	# Undo bad ncurses handling by upstream. Fall back to pkg-config. #601530
+	export NCURSES6_CONFIG=false NCURSES5_CONFIG=false
+	export NCURSESW6_CONFIG=false NCURSESW5_CONFIG=false
+
+	# configure args shared by python and non-python builds
+	local commonargs=(
+		--enable-fs-paths-extra="${EPREFIX}/usr/sbin:${EPREFIX}/bin:${EPREFIX}/usr/bin"
+	)
+
+	local myeconfargs=(
+		"${commonargs[@]}"
+		--with-bashcompletiondir="$(get_bashcompdir)"
+		--without-python
+		$(multilib_native_use_enable suid makeinstall-chown)
+		$(multilib_native_use_enable suid makeinstall-setuid)
+		$(multilib_native_use_with readline)
+		$(multilib_native_use_with slang)
+		$(multilib_native_use_with systemd)
+		$(multilib_native_use_with udev)
+		$(multilib_native_usex ncurses "$(use_with magic libmagic)" '--without-libmagic')
+		$(multilib_native_usex ncurses "$(use_with unicode ncursesw)" '--without-ncursesw')
+		$(multilib_native_usex ncurses "$(use_with !unicode ncurses)" '--without-ncurses')
+		$(multilib_native_use_with audit)
+		$(tc-has-tls || echo --disable-tls)
+		$(use_enable nls)
+		$(use_enable unicode widechar)
+		$(use_enable static-libs static)
+		$(use_with ncurses tinfo)
+		$(use_with selinux)
+	)
+	# build programs only on GNU, on *BSD we want libraries only
+	if multilib_is_native_abi && use userland_GNU ; then
+		myeconfargs+=(
+			--disable-chfn-chsh
+			--disable-login
+			--disable-newgrp
+			--disable-nologin
+			--disable-pylibmount
+			--disable-vipw
+			--enable-agetty
+			--enable-bash-completion
+			--enable-line
+			--enable-partx
+			--enable-raw
+			--enable-rename
+			--enable-rfkill
+			--enable-schedutils
+			--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+			$(use_enable caps setpriv)
+			$(use_enable cramfs)
+			$(use_enable fdformat)
+			$(use_enable hardlink)
+			$(use_enable kill)
+			$(use_enable logger)
+			$(use_enable ncurses pg)
+			$(use_enable su)
+			$(use_enable tty-helpers mesg)
+			$(use_enable tty-helpers wall)
+			$(use_enable tty-helpers write)
+			$(use_with cryptsetup)
+		)
+		if [[ ${PV} == *9999 ]] ; then
+			myeconfargs+=( --enable-asciidoc )
+		else
+			# We ship pre-generated man-pages for releases
+			myeconfargs+=( --disable-asciidoc )
+		fi
+	else
+		myeconfargs+=(
+			--disable-all-programs
+			--disable-asciidoc
+			--disable-bash-completion
+			--without-systemdsystemunitdir
+			# build libraries
+			--enable-libuuid
+			--enable-libblkid
+			--enable-libsmartcols
+			--enable-libfdisk
+		)
+		if use userland_GNU ; then
+			# those libraries don't work on *BSD
+			myeconfargs+=(
+				--enable-libmount
+			)
+		fi
+	fi
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+
+	if multilib_is_native_abi && use python ; then
+		python_foreach_impl python_configure
+	fi
+}
+
+python_compile() {
+	pushd "${BUILD_DIR}" >/dev/null || die
+	emake all
+	popd >/dev/null || die
+}
+
+multilib_src_compile() {
+	emake all
+
+	if multilib_is_native_abi && use python ; then
+		python_foreach_impl python_compile
+	fi
+}
+
+python_test() {
+	pushd "${BUILD_DIR}" >/dev/null || die
+	emake check TS_OPTS="--parallel=$(makeopts_jobs) --nonroot"
+	popd >/dev/null || die
+}
+
+multilib_src_test() {
+	emake check TS_OPTS="--parallel=$(makeopts_jobs) --nonroot"
+	if multilib_is_native_abi && use python ; then
+		python_foreach_impl python_test
+	fi
+}
+
+python_install() {
+	pushd "${BUILD_DIR}" >/dev/null || die
+	emake DESTDIR="${D}" install
+	python_optimize
+	popd >/dev/null || die
+}
+
+multilib_src_install() {
+	if multilib_is_native_abi && use python ; then
+		python_foreach_impl python_install
+	fi
+
+	# This needs to be called AFTER python_install call (#689190)
+	emake DESTDIR="${D}" install
+
+	if multilib_is_native_abi && use userland_GNU ; then
+		# need the libs in /
+		gen_usr_ldscript -a blkid fdisk mount smartcols uuid
+	fi
+}
+
+multilib_src_install_all() {
+	dodoc AUTHORS NEWS README* Documentation/{TODO,*.txt,releases/*}
+
+	# e2fsprogs-libs didnt install .la files, and .pc work fine
+	find "${ED}" -name "*.la" -delete || die
+
+	if ! use userland_GNU ; then
+		# manpage collisions
+		# TODO: figure out a good way to keep them
+		rm "${ED}"/usr/share/man/man3/uuid* || die
+	fi
+
+	if use pam ; then
+		newpamd "${FILESDIR}/runuser.pamd" runuser
+		newpamd "${FILESDIR}/runuser-l.pamd" runuser-l
+	fi
+
+	# Note:
+	# Bash completion for "runuser" command is provided by same file which
+	# would also provide bash completion for "su" command. However, we don't
+	# use "su" command from this package.
+	# This triggers a known QA warning which we ignore for now to magically
+	# keep bash completion for "su" command which shadow package does not
+	# provide.
+}
+
+pkg_postinst() {
+	if ! use tty-helpers ; then
+		elog "The mesg/wall/write tools have been disabled due to USE=-tty-helpers."
+	fi
+
+	if [[ -z ${REPLACING_VERSIONS} ]] ; then
+		elog "The agetty util now clears the terminal by default. You"
+		elog "might want to add --noclear to your /etc/inittab lines."
+	fi
+}