search

Divested-Mobile / DivestOS-Build

Everything needed to build DivestOS, a more private and more secure aftermarket mobile operating system.
https://divestos.org/index.php?page=build
Other
214 stars 30 forks source link

20: Latest CVE patches breaking changes #306

Closed danielk43 closed 4 months ago

danielk43 commented 4 months ago

Thanks for all the continuing work on CVEs, and the 21 bringup.. seeing 4 new errors for redbull. 2021-47455 also applies to gs1|201 but did not break the build

CVE-2021-47268

../../../../../../kernel/google/redbull/drivers/usb/typec/tcpm/tcpm.c:6707:24: error: no member named 'vdm_state_machine_timer' in 'str
uct tcpm_port'; did you mean 'vdm_state_machine'?
        hrtimer_cancel(&port->vdm_state_machine_timer);
                              ^~~~~~~~~~~~~~~~~~~~~~~
                              vdm_state_machine
../../../../../../kernel/google/redbull/drivers/usb/typec/tcpm/tcpm.c:346:22: note: 'vdm_state_machine' declared here
        struct delayed_work vdm_state_machine;
                            ^
../../../../../../kernel/google/redbull/drivers/usb/typec/tcpm/tcpm.c:6708:24: error: no member named 'state_machine_timer' in 'struct 
tcpm_port'; did you mean 'state_machine'?
        hrtimer_cancel(&port->state_machine_timer);
                              ^~~~~~~~~~~~~~~~~~~
                              state_machine
../../../../../../kernel/google/redbull/drivers/usb/typec/tcpm/tcpm.c:345:22: note: 'state_machine' declared here
        struct delayed_work state_machine;
                            ^
2 errors generated.

CVE-2021-47455

../../../../../../kernel/google/redbull/drivers/ptp/ptp_clock.c:284:14: error: no member named 'vclock_index' in 'struct ptp_clock'
                kfree(ptp->vclock_index);
                      ~~~  ^
1 error generated.

CVE-2021-47488

../../../../../../kernel/google/redbull/kernel/cgroup/cgroup.c:2175:3: error: implicit declaration of function 'cgroup_bpf_offline' [-W
error,-Wimplicit-function-declaration]
                cgroup_bpf_offline(&root->cgrp);
                ^
1 error generated.

CVE-2021-47498

../../../../../../kernel/google/redbull/drivers/md/dm-rq.c:755:24: error: use of undeclared identifier 'DMF_BLOCK_IO_FOR_SUSPEND'
        if (unlikely(test_bit(DMF_BLOCK_IO_FOR_SUSPEND, &md->flags)))
                              ^
1 error generated.
SkewedZeppelin commented 4 months ago

thank you!

I've fixed these, regenerating them now. will push after

danielk43 commented 4 months ago

Thank you for the quick fix!

Just looked at the commit - the one patch CVE-2021-47455 still was valid for the gs101 and gs201 builds and did not error out when applied.

NP if intentionally removed but wanted to make sure that detail wasn't missed in case my description wasn't clear.

SkewedZeppelin commented 4 months ago

Yes, I track those too, but I don't have a good way to handle them yet.