search

Divested-Mobile / DivestOS-Build

Everything needed to build DivestOS, a more private and more secure aftermarket mobile operating system.
https://divestos.org/index.php?page=build
Other
197 stars 27 forks source link

20: 3x CVE patches breaking Pixel 6-7th gen #294

Closed danielk43 closed 4 months ago

danielk43 commented 4 months ago

First, thanks for all of these updates. Seeing multiple issues with the most recent patches, removing all three completes the build

CVE-2023-52524

../../../../../../kernel/google/gs201/private/gs-google/net/nfc/llcp_core.c:1609:13: error: use of undeclared identifier 'llcp_devices_lock'; did you mean 'llcp_devices'?
        spin_lock(&llcp_devices_lock);
                   ^~~~~~~~~~~~~~~~~
                   llcp_devices
../../../../../../kernel/google/gs201/private/gs-google/net/nfc/llcp_core.c:19:18: note: 'llcp_devices' declared here
static LIST_HEAD(llcp_devices);
                 ^
../../../../../../kernel/google/gs201/private/gs-google/net/nfc/llcp_core.c:1611:15: error: use of undeclared identifier 'llcp_devices_lock'; did you mean 'llcp_devices'?
        spin_unlock(&llcp_devices_lock);
                     ^~~~~~~~~~~~~~~~~
                     llcp_devices
../../../../../../kernel/google/gs201/private/gs-google/net/nfc/llcp_core.c:19:18: note: 'llcp_devices' declared here
static LIST_HEAD(llcp_devices);
                 ^
2 errors generated.

CVE-2023-52565

../../../../../../kernel/google/gs201/private/gs-google/drivers/media/usb/uvc/uvc_ctrl.c:1159:38: error: no member named 'menu_mask' in 'struct uvc_control_mapping'
        if (index >= BITS_PER_TYPE(mapping->menu_mask))
                                   ~~~~~~~  ^
../../../../../../kernel/google/gs201/private/gs-google/include/linux/bitops.h:14:37: note: expanded from macro 'BITS_PER_TYPE'
#define BITS_PER_TYPE(type)     (sizeof(type) * BITS_PER_BYTE)
                                        ^~~~
1 error generated.

CVE-2023-52578

../../../../../../kernel/google/gs201/private/gs-google/drivers/media/usb/uvc/uvc_ctrl.c:1159:38: error: no member named 'menu_mask' in 'struct uvc_control_mapping'
        if (index >= BITS_PER_TYPE(mapping->menu_mask))
                                   ~~~~~~~  ^
../../../../../../kernel/google/gs201/private/gs-google/include/linux/bitops.h:14:37: note: expanded from macro 'BITS_PER_TYPE'
#define BITS_PER_TYPE(type)     (sizeof(type) * BITS_PER_BYTE)
                                        ^~~~
1 error generated.
SkewedZeppelin commented 4 months ago

Thank you for these!

I've fixed the first two (not pushed, have to regen).

Your third error is the same as the second, do you have it too? I presume it is like DEV_STATS_INC undeclared.

edit: also the reason for all these new cves is because kernel.org became a CNA and is going through their internal backlog

danielk43 commented 4 months ago

Ah my fault, copy/paste... here it is for 52578, you are correct:

../../../../../../kernel/google/gs201/private/gs-google/net/bridge/br_forward.c:121:3: error: implicit declaration of function 'DEV_STATS_INC' [-Werror,-Wimplicit-functio
n-declaration]
                DEV_STATS_INC(dev, tx_dropped);
                ^
../../../../../../kernel/google/gs201/private/gs-google/net/bridge/br_forward.c:121:22: error: use of undeclared identifier 'tx_dropped'
                DEV_STATS_INC(dev, tx_dropped);
                                   ^
../../../../../../kernel/google/gs201/private/gs-google/net/bridge/br_forward.c:258:3: error: implicit declaration of function 'DEV_STATS_INC' [-Werror,-Wimplicit-functio
n-declaration]
                DEV_STATS_INC(dev, tx_dropped);
                ^
../../../../../../kernel/google/gs201/private/gs-google/net/bridge/br_forward.c:258:22: error: use of undeclared identifier 'tx_dropped'
                DEV_STATS_INC(dev, tx_dropped);
                                   ^
4 errors generated.

Good to know re: backlog!