sync community patches

(cherry picked from commit fd616c53b6f17623b16b47c3f7feebd1e9649ceb)

backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch

@@ -0,0 +1,28 @@
+From 72f801dbcd99bc1dcbfdb0bf8e1f5d2f1ad753c6 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Mon, 24 Jun 2024 09:46:37 +0200
+Subject: [PATCH] cfdisk: fix possible integer overflow [coverity scan]
+
+Signed-off-by: Karel Zak <kzak@redhat.com>
+Reference:https://github.com/util-linux/util-linux/commit/72f801dbcd99bc1dcbfdb0bf8e1f5d2f1ad753c6
+Conflict:NA
+---
+ disk-utils/cfdisk.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/disk-utils/cfdisk.c b/disk-utils/cfdisk.c
+index 7b619296..2e0aada4 100644
+--- a/disk-utils/cfdisk.c
++++ b/disk-utils/cfdisk.c
+@@ -1733,6 +1733,8 @@ static int ui_table_goto(struct cfdisk *cf, int where)
+ 
+ 	if (where < 0)
+ 		where = 0;
++	if (!nparts)
++		where = 0;
+ 	else if ((size_t) where > nparts - 1)
+ 		where = nparts - 1;
+ 
+-- 
+2.33.0
+

backport-libblkid-apfs-validate-checksums.patch

@@ -0,0 +1,75 @@
+From 2011a616aa533c336f9242f25017ce7043557e4c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
+Date: Tue, 6 Aug 2024 19:07:48 +0200
+Subject: [PATCH] libblkid: apfs: validate checksums
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The apfs superblock contains a checksum based on Fletcher-64.
+Validate the checksum to make the probing more robust.
+
+Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
+Reference:https://github.com/util-linux/util-linux/commit/2011a616aa533c336f9242f25017ce7043557e4c
+Conflict:NA
+---
+ libblkid/src/superblocks/apfs.c | 36 ++++++++++++++++++++++++++++++++-
+ 1 file changed, 35 insertions(+), 1 deletion(-)
+
+diff --git a/libblkid/src/superblocks/apfs.c b/libblkid/src/superblocks/apfs.c
+index b7f09f33..4557abcb 100644
+--- a/libblkid/src/superblocks/apfs.c
++++ b/libblkid/src/superblocks/apfs.c
+@@ -35,7 +35,38 @@ struct apfs_super_block {
+ 	uint64_t read_only_features;
+ 	uint64_t incompatible_features;
+ 	uint8_t uuid[16];
+-};
++
++	uint8_t padding[4008]; // Pad to 4096 bytes for checksum
++} __attribute__((packed));
++
++static uint64_t apfs_fletcher64(const uint8_t *buf, size_t size)
++{
++	uint64_t lo32 = 0, hi32 = 0, csum_hi;
++	uint32_t csum_low;
++	size_t i;
++
++	for (i = 0; i < size / 4; i++) {
++		lo32 += le32_to_cpu(((uint32_t *)buf)[i]);
++		hi32 += lo32;
++	}
++
++	csum_low = ~((lo32 + hi32) % UINT32_MAX);
++	csum_hi = ~((lo32 + csum_low) % UINT32_MAX);
++
++	return csum_hi << 32 | csum_low;
++}
++
++static int apfs_verify_checksum(blkid_probe pr,
++				const struct apfs_super_block *sb)
++{
++	const size_t csummed_start_offset = offsetof(__typeof__(*sb), oid);
++	uint64_t csum;
++
++	csum = apfs_fletcher64(((const uint8_t *)sb) + csummed_start_offset,
++			       sizeof(*sb) - csummed_start_offset);
++
++	return blkid_probe_verify_csum(pr, csum, le64_to_cpu(sb->checksum));
++}
+ 
+ static int probe_apfs(blkid_probe pr, const struct blkid_idmag *mag)
+ {
+@@ -45,6 +76,9 @@ static int probe_apfs(blkid_probe pr, const struct blkid_idmag *mag)
+ 	if (!sb)
+ 		return errno ? -errno : BLKID_PROBE_NONE;
+ 
++	if (!apfs_verify_checksum(pr, sb))
++		return BLKID_PROBE_NONE;
++
+ 	if (le16_to_cpu(sb->type) != APFS_CONTAINER_SUPERBLOCK_TYPE)
+ 		return BLKID_PROBE_NONE;
+ 
+-- 
+2.33.0
+

backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch

@@ -0,0 +1,44 @@
+From 57714290bdc99cab533edbc4a021d6ee3a7cc211 Mon Sep 17 00:00:00 2001
+From: zhangyao <zhangyao108@huawei.com>
+Date: Thu, 4 Jul 2024 16:28:51 +0800
+Subject: [PATCH] lsmem: make lsmem to check for the nodes more robust
+
+See #3110.
+Reference:https://github.com/util-linux/util-linux/commit/57714290bdc99cab533edbc4a021d6ee3a7cc211
+Conflict:NA
+---
+ sys-utils/lsmem.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/sys-utils/lsmem.c b/sys-utils/lsmem.c
+index 3b5ca19a0..7c1be8e83 100644
+--- a/sys-utils/lsmem.c
++++ b/sys-utils/lsmem.c
+@@ -485,6 +485,7 @@ static int memory_block_filter(const struct dirent *de)
+ static void read_basic_info(struct lsmem *lsmem)
+ {
+ 	char dir[PATH_MAX];
++	int i = 0;
+ 
+ 	if (ul_path_access(lsmem->sysmem, F_OK, "block_size_bytes") != 0)
+ 		errx(EXIT_FAILURE, _("This system does not support memory blocks"));
+@@ -495,8 +496,14 @@ static void read_basic_info(struct lsmem *lsmem)
+ 	if (lsmem->ndirs <= 0)
+ 		err(EXIT_FAILURE, _("Failed to read %s"), dir);
+ 
+-	if (memory_block_get_node(lsmem, lsmem->dirs[0]->d_name) != -1)
+-		lsmem->have_nodes = 1;
++	for (i = 0; i < lsmem->ndirs; i++)
++	{
++		if (memory_block_get_node(lsmem, lsmem->dirs[i]->d_name) != -1)
++		{
++			lsmem->have_nodes = 1;
++			break;
++		}
++	}
+ 
+ 	/* The valid_zones sysmem attribute was introduced with kernel 3.18 */
+ 	if (ul_path_access(lsmem->sysmem, F_OK, "memory0/valid_zones") == 0)
+-- 
+2.33.0
+

backport-more-make-sure-we-have-data-on-stderr.patch

@@ -0,0 +1,97 @@
+From 640b9480bd3efc0f4bc7f38a785d02cda70ec5c3 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Thu, 22 Aug 2024 08:56:52 +0200
+Subject: [PATCH] more: make sure we have data on stderr
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+more(1) uses more_poll() to monitor data on stdin, stderr, and
+signals. It is used before read_command(), but this function only
+reads from stderr. Therefore, if any other non-stderr event occurs,
+this function will wait on read(). In this case, more(1) will not
+react to signals anymore. We need to ensure that more(1) only waits in
+more_poll().
+
+Try
+
+ for x in {1..1000}; do echo "line $x"; done | more
+
+to reproduce.
+
+Reported-by: Radka Skvarilova <rskvaril@redhat.com>
+Signed-off-by: Karel Zak <kzak@redhat.com>
+Reference:https://github.com/util-linux/util-linux/commit/640b9480bd3efc0f4bc7f38a785d02cda70ec5c3
+Conflict:NA
+---
+ text-utils/more.c | 18 +++++++++++++-----
+ 1 file changed, 13 insertions(+), 5 deletions(-)
+
+diff --git a/text-utils/more.c b/text-utils/more.c
+index 4c225331..953e94db 100644
+--- a/text-utils/more.c
++++ b/text-utils/more.c
+@@ -1350,7 +1350,7 @@ static void read_line(struct more_control *ctl)
+ }
+ 
+ /* returns: 0 timeout or nothing; <0 error, >0 success */
+-static int more_poll(struct more_control *ctl, int timeout)
++static int more_poll(struct more_control *ctl, int timeout, int *stderr_active)
+ {
+ 	enum {
+ 		POLLFD_SIGNAL = 0,
+@@ -1364,6 +1364,9 @@ static int more_poll(struct more_control *ctl, int timeout)
+ 	};
+ 	int has_data = 0;
+ 
++	if (stderr_active)
++		*stderr_active = 0;
++
+ 	while (!has_data) {
+ 		int rc;
+ 
+@@ -1430,8 +1433,11 @@ static int more_poll(struct more_control *ctl, int timeout)
+ 		}
+ 
+ 		/* event on stderr (we reads user commands from stderr!) */
+-		if (pfd[POLLFD_STDERR].revents)
++		if (pfd[POLLFD_STDERR].revents) {
+ 			has_data++;
++			if (stderr_active)
++				*stderr_active = 1;
++		}
+ 	}
+ 
+ 	return has_data;
+@@ -1502,7 +1508,7 @@ static void search(struct more_control *ctl, char buf[], int n)
+ 			}
+ 			break;
+ 		}
+-		more_poll(ctl, 0);
++		more_poll(ctl, 0, NULL);
+ 	}
+ 	/* Move ctrl+c signal handling back to more_key_command(). */
+ 	signal(SIGINT, SIG_DFL);
+@@ -1656,7 +1662,7 @@ static int skip_forwards(struct more_control *ctl, int nlines, cc_t comchar)
+ static int more_key_command(struct more_control *ctl, char *filename)
+ {
+ 	int retval = 0;
+-	int done = 0, search_again = 0;
++	int done = 0, search_again = 0, stderr_active = 0;
+ 	char cmdbuf[INIT_BUF];
+ 	struct number_command cmd;
+ 
+@@ -1666,7 +1672,9 @@ static int more_key_command(struct more_control *ctl, char *filename)
+ 		ctl->report_errors = 0;
+ 	ctl->search_called = 0;
+ 	for (;;) {
+-		if (more_poll(ctl, -1) <= 0)
++		if (more_poll(ctl, -1, &stderr_active) <= 0)
++			continue;
++		if (stderr_active == 0)
+ 			continue;
+ 		cmd = read_command(ctl);
+ 		if (cmd.key == more_kc_unknown_command)
+-- 
+2.33.0
+

util-linux.spec

@@ -3,7 +3,7 @@
 
 Name:           util-linux
 Version:        2.37.2
-Release:        37
+Release:        38
 Summary:        A random collection of Linux utilities
 License:        GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
 URL:            https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git
@@ -155,6 +155,10 @@ Patch6133:      backport-wall-fix-possible-memory-leak.patch
 Patch6134:      backport-wall-make-sure-unsigned-variable-not-underflow.patch
 Patch6135:      backport-Fix-ul_path_read_buffer.patch
 Patch6136:	backport-login-su-pam_end-compliance.patch
+Patch6137:      backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch
+Patch6138:      backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch
+Patch6139:      backport-more-make-sure-we-have-data-on-stderr.patch
+Patch6140:      backport-libblkid-apfs-validate-checksums.patch
 
 Patch9000:      Add-check-to-resolve-uname26-version-test-failed.patch
 Patch9001:      SKIPPED-no-root-permissions-test.patch
@@ -533,6 +537,16 @@ fi
 %{_mandir}/man8/{swapoff.8*,swapon.8*,switch_root.8*,umount.8*,wdctl.8.gz,wipefs.8*,zramctl.8*}
 
 %changelog
+* Mon Nov 04 2024 zhangyao <zhangyao108@huawei.com> - 2.37.2-38
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:sync community patches
+       [add]backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch
+       backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch
+       backport-more-make-sure-we-have-data-on-stderr.patch
+       backport-libblkid-apfs-validate-checksums.patch
+
 * Mon Aug 5 2024 liyuzhe <liyuzhe@cqsoftware.com.cn> -  2.37.2-37
 - Fixed incorrect macro usage in summary fields of devel and help subpackages