add patch series

4 files changed, 257 insertions, 0 deletions

diff --git a/debian/patches/0001-trans-mtab-use-setnullauth-to-drop-privileges.patch b/debian/patches/0001-trans-mtab-use-setnullauth-to-drop-privileges.patch
new file mode 100644
index 00000000..eed98135
--- /dev/null
+++ b/debian/patches/0001-trans-mtab-use-setnullauth-to-drop-privileges.patch
@@ -0,0 +1,46 @@
+From 6fd075df8f71c95cff04d58643e5da0d58dbbada Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Sun, 31 Aug 2014 12:46:25 +0200
+Subject: [PATCH 1/3] trans/mtab: use setnullauth to drop privileges
+
+* trans/mtab.c (main): Use setnullauth to drop privileges.
+---
+ trans/mtab.c | 15 ++-------------
+ 1 file changed, 2 insertions(+), 13 deletions(-)
+
+diff --git a/trans/mtab.c b/trans/mtab.c
+index df03b1d..5207c1e 100644
+--- a/trans/mtab.c
++++ b/trans/mtab.c
+@@ -27,6 +27,7 @@
+ #include <hurd/trivfs.h>
+ #include <inttypes.h>
+ #include <mntent.h>
++#include <nullauth.h>
+ #include <pthread.h>
+ #include <stdlib.h>
+ #include <stdio.h>
+@@ -221,19 +222,7 @@ main (int argc, char *argv[])
+   if (bootstrap != MACH_PORT_NULL)
+     {
+       /* Started as a translator.  */
+-
+-      auth_t nullauth;
+-      err = auth_makeauth (getauth (),
+-			   NULL, MACH_MSG_TYPE_COPY_SEND, 0,
+-			   NULL, 0,
+-			   NULL, 0,
+-			   NULL, 0,
+-			   NULL, 0,
+-			   &nullauth);
+-      if (err)
+-        error (3, err, "dropping credentials");
+-
+-      err = setauth (nullauth);
++      err = setnullauth ();
+       if (err)
+         error (3, err, "dropping credentials");
+ 
+-- 
+2.1.0
+
diff --git a/debian/patches/0002-libihash-fix-comparison-between-signed-and-unsigned-.patch b/debian/patches/0002-libihash-fix-comparison-between-signed-and-unsigned-.patch
new file mode 100644
index 00000000..2279ca12
--- /dev/null
+++ b/debian/patches/0002-libihash-fix-comparison-between-signed-and-unsigned-.patch
@@ -0,0 +1,29 @@
+From c5f866e17c72302d826b885f098b1c07d7abdbc7 Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Sun, 31 Aug 2014 14:36:50 +0200
+Subject: [PATCH 2/3] libihash: fix comparison between signed and unsigned
+ integer
+
+* libihash/ihash.h (HURD_IHASH_ITERATE): Fix comparison between signed
+and unsigned integer expressions.
+---
+ libihash/ihash.h | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libihash/ihash.h b/libihash/ihash.h
+index 345630d..849a55a 100644
+--- a/libihash/ihash.h
++++ b/libihash/ihash.h
+@@ -241,7 +241,8 @@ hurd_ihash_value_t hurd_ihash_find (hurd_ihash_t ht, hurd_ihash_key_t key);
+   for (hurd_ihash_value_t val,						\
+          *_hurd_ihash_valuep = (ht)->size ? &(ht)->items[0].value : 0;	\
+        (ht)->size							\
+-         && ((_hurd_ihash_item_t) _hurd_ihash_valuep) - &(ht)->items[0]	\
++	 && (size_t) ((_hurd_ihash_item_t) _hurd_ihash_valuep		\
++		      - &(ht)->items[0])				\
+             < (ht)->size						\
+          && (val = *_hurd_ihash_valuep, 1);				\
+        _hurd_ihash_valuep = (hurd_ihash_value_t *)			\
+-- 
+2.1.0
+
diff --git a/debian/patches/0003-hurd-fix-semantic-of-file_get_children.patch b/debian/patches/0003-hurd-fix-semantic-of-file_get_children.patch
new file mode 100644
index 00000000..318f2839
--- /dev/null
+++ b/debian/patches/0003-hurd-fix-semantic-of-file_get_children.patch
@@ -0,0 +1,179 @@
+From 19329e159a440398fbf2f342951b83855c0ddffb Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Sun, 31 Aug 2014 14:47:42 +0200
+Subject: [PATCH 3/3] hurd: fix semantic of file_get_children
+
+When first introduced as fsys_get_children, it made sense to return
+the list of children using paths relative to the root of the
+filesystem that was queried.  Making the get_children method part of
+the fsys protocol was a mistake that has since been corrected in
+9366d6b2.
+
+Instead of returning paths relative to the root of the translator,
+return paths relative to the path of the receiving node.
+
+This fixes a problem with the mtab translator.  Previously, the mtab
+translator invoked on a target that was not the root directory of a
+translator would compute invalid paths, e.g.:
+
+/hurd/mtab: /any/path/servers/socket/26 No such file or directory
+
+* hurd/fs.defs (file_get_children): Update comment.
+* libfshelp/translator-list.c (fshelp_get_active_translators): Add
+argument PREFIX.  Filter entries not beginning with PREFIX if
+non-NULL, and omit PREFIX from the returned paths.
+* libfshelp/fshelp.h (fshelp_get_active_translators): Update comment
+accordingly.  Also clarify that both FILTER and PREFIX can be NULL.
+* libdiskfs/file-get-children.c (diskfs_S_file_get_children): Update
+comment, pass prefix to fshelp_get_active_translators.
+* libnetfs/file-get-children.c (netfs_S_file_get_children): Likewise.
+---
+ hurd/fs.defs                  |  4 ++--
+ libdiskfs/file-get-children.c |  9 +++++----
+ libfshelp/fshelp.h            |  9 ++++++---
+ libfshelp/translator-list.c   | 19 +++++++++++++++----
+ libnetfs/file-get-children.c  |  9 +++++----
+ 5 files changed, 33 insertions(+), 17 deletions(-)
+
+diff --git a/hurd/fs.defs b/hurd/fs.defs
+index 2452682..a4a48cc 100644
+--- a/hurd/fs.defs
++++ b/hurd/fs.defs
+@@ -354,8 +354,8 @@ routine file_reparent (
+ 	out new_file: mach_port_send_t);
+ 
+ /* Return any active translators bound to nodes below FILE.  CHILDREN
+-   is an argz vector containing file names relative to the root of the
+-   receiving translator.  */
++   is an argz vector containing file names relative to the path of
++   FILE.  */
+ routine file_get_children (
+ 	file: file_t;
+ 	RPT
+diff --git a/libdiskfs/file-get-children.c b/libdiskfs/file-get-children.c
+index 4581e4e..98d5d60 100644
+--- a/libdiskfs/file-get-children.c
++++ b/libdiskfs/file-get-children.c
+@@ -24,9 +24,9 @@
+ 
+ #include <argz.h>
+ 
+-/* Return any active translators bound to nodes of the receiving
+-   filesystem.  CHILDREN is an argz vector containing file names
+-   relative to the root of the receiving translator.  */
++/* Return any active translators bound to nodes below CRED.  CHILDREN
++   is an argz vector containing file names relative to the path of
++   CRED.  */
+ error_t
+ diskfs_S_file_get_children (struct protid *cred,
+ 			    char **children,
+@@ -79,7 +79,8 @@ diskfs_S_file_get_children (struct protid *cred,
+   char *c = NULL;
+   size_t c_len = 0;
+ 
+-  err = fshelp_get_active_translators (&c, &c_len, check_access);
++  err = fshelp_get_active_translators (&c, &c_len, check_access,
++				       cred->po->path);
+   if (err)
+     goto errout;
+ 
+diff --git a/libfshelp/fshelp.h b/libfshelp/fshelp.h
+index 5d3a0ce..1c6f04a 100644
+--- a/libfshelp/fshelp.h
++++ b/libfshelp/fshelp.h
+@@ -61,12 +61,15 @@ fshelp_remove_active_translator (mach_port_t active);
+    included in the list.  */
+ typedef error_t (*fshelp_filter) (const char *path);
+ 
+-/* Records the list of active translators into the argz vector
+-   specified by TRANSLATORS filtered by FILTER.  */
++/* Records the list of active translators below PREFIX into the argz
++   vector specified by TRANSLATORS filtered by FILTER.  If PREFIX is
++   NULL, entries with any prefix are considered.  If FILTER is NULL,
++   no filter is applied.  */
+ error_t
+ fshelp_get_active_translators (char **translators,
+ 			       size_t *translators_len,
+-			       fshelp_filter filter);
++			       fshelp_filter filter,
++			       const char *prefix);
+ 
+ 
+ /* Passive translator linkage */
+diff --git a/libfshelp/translator-list.c b/libfshelp/translator-list.c
+index 3ece711..c3aba0b 100644
+--- a/libfshelp/translator-list.c
++++ b/libfshelp/translator-list.c
+@@ -160,19 +160,30 @@ fshelp_remove_active_translator (mach_port_t active)
+   return err;
+ }
+ 
+-/* Records the list of active translators into the argz vector
+-   specified by TRANSLATORS filtered by FILTER.  */
++/* Records the list of active translators below PREFIX into the argz
++   vector specified by TRANSLATORS filtered by FILTER.  */
+ error_t
+ fshelp_get_active_translators (char **translators,
+ 			       size_t *translators_len,
+-			       fshelp_filter filter)
++			       fshelp_filter filter,
++			       const char *prefix)
+ {
+   error_t err = 0;
+   pthread_mutex_lock (&translator_ihash_lock);
+ 
++  if (prefix && strlen (prefix) == 0)
++    prefix = NULL;
++
+   HURD_IHASH_ITERATE (&translator_ihash, value)
+     {
+       struct translator *t = value;
++
++      if (prefix != NULL
++	  && (strncmp (t->name, prefix, strlen (prefix)) != 0
++	      || t->name[strlen (prefix)] != '/'))
++	/* Skip this entry, as it is not below PREFIX.  */
++	continue;
++
+       if (filter)
+ 	{
+ 	  char *dir = strdup (t->name);
+@@ -192,7 +203,7 @@ fshelp_get_active_translators (char **translators,
+ 	}
+ 
+       err = argz_add (translators, translators_len,
+-		      t->name);
++		      &t->name[prefix? strlen (prefix) + 1: 0]);
+       if (err)
+ 	break;
+     }
+diff --git a/libnetfs/file-get-children.c b/libnetfs/file-get-children.c
+index bd7e8fc..e8ceddf 100644
+--- a/libnetfs/file-get-children.c
++++ b/libnetfs/file-get-children.c
+@@ -24,9 +24,9 @@
+ 
+ #include <argz.h>
+ 
+-/* Return any active translators bound to nodes of the receiving
+-   filesystem.  CHILDREN is an argz vector containing file names
+-   relative to the root of the receiving translator.  */
++/* Return any active translators bound to nodes below CRED.  CHILDREN
++   is an argz vector containing file names relative to the path of
++   CRED.  */
+ error_t
+ netfs_S_file_get_children (struct protid *cred,
+ 			   char **children,
+@@ -93,7 +93,8 @@ netfs_S_file_get_children (struct protid *cred,
+   char *c = NULL;
+   size_t c_len = 0;
+ 
+-  err = fshelp_get_active_translators (&c, &c_len, check_access);
++  err = fshelp_get_active_translators (&c, &c_len, check_access,
++				       cred->po->path);
+   if (err)
+     goto errout;
+ 
+-- 
+2.1.0
+
diff --git a/debian/patches/series b/debian/patches/series
index b69b0416..0b12271b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -55,3 +55,6 @@ fix-net_rcv_msg.patch
 #pp-random.patch
 
 #refcount-use-after-free.patch
+0001-trans-mtab-use-setnullauth-to-drop-privileges.patch
+0002-libihash-fix-comparison-between-signed-and-unsigned-.patch
+0003-hurd-fix-semantic-of-file_get_children.patch