summaryrefslogtreecommitdiffstats
path: root/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd
diff options
context:
space:
mode:
Diffstat (limited to 'external/meta-openembedded/meta-networking/recipes-daemons/vsftpd')
-rw-r--r--external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-syscalls-in-the-seccomp-sandbox.patch46
-rw-r--r--external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-sysinfo-in-the-seccomp-sandbox.patch43
-rw-r--r--external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.3.bb2
3 files changed, 47 insertions, 44 deletions
diff --git a/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-syscalls-in-the-seccomp-sandbox.patch b/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-syscalls-in-the-seccomp-sandbox.patch
new file mode 100644
index 00000000..7573c967
--- /dev/null
+++ b/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-syscalls-in-the-seccomp-sandbox.patch
@@ -0,0 +1,46 @@
+From dd353303f62d1dfe32cb000e482616b021708fbe Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@windriver.com>
+Date: Thu, 29 Nov 2018 00:47:34 -0800
+Subject: [PATCH] vsftpd: allow syscalls in the seccomp sandbox
+
+* Allow sysinfo() and getdents64 in the seccomp
+ sandbox otherwise comes below OOPS: priv_sock_get_cmd
+ as the syscall sysinfo() and getdents64 not allowed
+
+root@qemux86-64:~# tnftp 192.168.1.1
+Connected to 192.168.1.1.
+220 (vsFTPd 3.0.3)
+Name (192.168.1.1:root): anonymous
+331 Please specify the password.
+Password:
+230 Login successful.
+Remote system type is UNIX.
+Using binary mode to transfer files.
+ftp> prompt
+Interactive mode off.
+ftp> mget small*
+OOPS: priv_sock_get_cmd
+
+Upstream-Status: Pending
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ seccompsandbox.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/seccompsandbox.c b/seccompsandbox.c
+index 2c350a9..377c50e 100644
+--- a/seccompsandbox.c
++++ b/seccompsandbox.c
+@@ -409,6 +409,8 @@ seccomp_sandbox_setup_postlogin(const struct vsf_session* p_sess)
+ allow_nr(__NR_getcwd);
+ allow_nr(__NR_chdir);
+ allow_nr(__NR_getdents);
++ allow_nr(__NR_getdents64);
++ allow_nr(__NR_sysinfo);
+ /* Misc */
+ allow_nr(__NR_umask);
+
+--
+2.17.1
+
diff --git a/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-sysinfo-in-the-seccomp-sandbox.patch b/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-sysinfo-in-the-seccomp-sandbox.patch
deleted file mode 100644
index c6c0f80a..00000000
--- a/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/0001-vsftpd-allow-sysinfo-in-the-seccomp-sandbox.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 9c4826c19f04da533886209361a2caddf582d65c Mon Sep 17 00:00:00 2001
-From: Mingli Yu <Mingli.Yu@windriver.com>
-Date: Tue, 6 Sep 2016 17:17:44 +0800
-Subject: [PATCH] vsftpd: allow sysinfo() in the seccomp sandbox
-
-Upstream-Status: Pending
-
-* Allow sysinfo() in the seccomp sandbox otherwise
- comes below OOPS: priv_sock_get_cmd as the syscall
- sysinfo() not allowed
-
-tnftp 192.168.1.1
-Connected to 192.168.1.1.
-220 (vsFTPd 3.0.3)
-Name (192.168.1.1:root): anonymous
-331 Please specify the password.
-Password:
-230 Login successful.
-Remote system type is UNIX.
-Using binary mode to transfer files.
-ftp> prompt
-Interactive mode off.
-ftp> mget small*
-OOPS: priv_sock_get_cmd
-
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
-
----
- seccompsandbox.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/seccompsandbox.c b/seccompsandbox.c
-index 2c350a9..67d9ca5 100644
---- a/seccompsandbox.c
-+++ b/seccompsandbox.c
-@@ -409,6 +409,7 @@ seccomp_sandbox_setup_postlogin(const struct vsf_session* p_sess)
- allow_nr(__NR_getcwd);
- allow_nr(__NR_chdir);
- allow_nr(__NR_getdents);
-+ allow_nr(__NR_sysinfo);
- /* Misc */
- allow_nr(__NR_umask);
-
diff --git a/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.3.bb b/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.3.bb
index 2e3e0e88..df0d7f45 100644
--- a/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.3.bb
+++ b/external/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.3.bb
@@ -18,7 +18,7 @@ SRC_URI = "https://security.appspot.com/downloads/vsftpd-${PV}.tar.gz \
file://volatiles.99_vsftpd \
file://vsftpd.service \
file://vsftpd-2.1.0-filter.patch \
- file://0001-vsftpd-allow-sysinfo-in-the-seccomp-sandbox.patch \
+ file://0001-vsftpd-allow-syscalls-in-the-seccomp-sandbox.patch \
${@bb.utils.contains('PACKAGECONFIG', 'tcp-wrappers', 'file://vsftpd-tcp_wrappers-support.patch', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '${NOPAM_SRC}', d)} \
file://0001-sysdeputil.c-Fix-with-musl-which-does-not-have-utmpx.patch \