Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package smc-tools for openSUSE:Factory checked in at 2026-02-18 17:10:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/smc-tools (Old) and /work/SRC/openSUSE:Factory/.smc-tools.new.1977 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "smc-tools" Wed Feb 18 17:10:55 2026 rev:19 rq:1333741 version:1.8.7 Changes: -------- --- /work/SRC/openSUSE:Factory/smc-tools/smc-tools.changes 2025-12-11 18:43:54.755955024 +0100 +++ /work/SRC/openSUSE:Factory/.smc-tools.new.1977/smc-tools.changes 2026-02-18 17:11:52.781833986 +0100 @@ -1,0 +2,17 @@ +Wed Feb 18 12:35:00 UTC 2026 - Nikolay Gueorguiev <[email protected]> + +- Upgrade smc-tools to version 1.8.7 (jsc#PED-14601) +- Bug fixes: + * smc_rnics: fix regression when PFT not available + * smcd/smcr: prevent DoS on statistics workfile present in /tmp/ +- Removed obsolete patch (the fix is included in this version) + * smc-tools-smcd-smcr-prevent-DoS-on-statistics-workfile-present-in-tmp-dir.patch + +------------------------------------------------------------------- +Wed Feb 18 08:11:30 UTC 2026 - Nikolay Gueorguiev <[email protected]> + +- Applied a patch (bsc#1230052) for VUL-1: smc-tools: + predictable /tmp file allows for local denial of service + * smc-tools-smcd-smcr-prevent-DoS-on-statistics-workfile-present-in-tmp-dir.patch + +------------------------------------------------------------------- Old: ---- smc-tools-1.8.6.tar.gz New: ---- smc-tools-1.8.7.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ smc-tools.spec ++++++ --- /var/tmp/diff_new_pack.AHG99j/_old 2026-02-18 17:11:53.893880343 +0100 +++ /var/tmp/diff_new_pack.AHG99j/_new 2026-02-18 17:11:53.893880343 +0100 @@ -1,7 +1,7 @@ # # spec file for package smc-tools # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2026 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: smc-tools -Version: 1.8.6 +Version: 1.8.7 Release: 0 Summary: Shared Memory Communication via RDMA License: EPL-1.0 ++++++ smc-tools-1.8.6.tar.gz -> smc-tools-1.8.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/Makefile new/smc-tools-1.8.7/Makefile --- old/smc-tools-1.8.6/Makefile 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/Makefile 2026-02-18 09:01:02.000000000 +0100 @@ -9,7 +9,7 @@ # http://www.eclipse.org/legal/epl-v10.html # -SMC_TOOLS_RELEASE = 1.8.6 +SMC_TOOLS_RELEASE = 1.8.7 VER_MAJOR = $(shell echo $(SMC_TOOLS_RELEASE) | cut -d '.' -f 1) ARCHTYPE = $(shell uname -m) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/README.md new/smc-tools-1.8.7/README.md --- old/smc-tools-1.8.6/README.md 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/README.md 2026-02-18 09:01:02.000000000 +0100 @@ -39,6 +39,12 @@ Release History: ================ +* __v1.8.7 (2026-02-18)__ + + Bug fixes: + - `smc_rnics`: fix regression when PFT not available + - `smcd/smcr`: prevent DoS on statistics workfile present in /tmp/ + * __v1.8.6 (2025-12-05)__ Bug fixes: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/smc_chk new/smc-tools-1.8.7/smc_chk --- old/smc-tools-1.8.6/smc_chk 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/smc_chk 2026-02-18 09:01:02.000000000 +0100 @@ -2,7 +2,7 @@ # Copyright IBM Corp. 2021 -VERSION="1.8.6"; +VERSION="1.8.7"; function usage() { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/smc_dbg new/smc-tools-1.8.7/smc_dbg --- old/smc-tools-1.8.6/smc_dbg 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/smc_dbg 2026-02-18 09:01:02.000000000 +0100 @@ -2,7 +2,7 @@ # Copyright IBM Corp. 2019 -VERSION="1.8.6"; +VERSION="1.8.7"; function usage() { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/smc_rnics new/smc-tools-1.8.7/smc_rnics --- old/smc-tools-1.8.6/smc_rnics 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/smc_rnics 2026-02-18 09:01:02.000000000 +0100 @@ -2,7 +2,7 @@ # Copyright IBM Corp. 2018, 2022 -VERSION="1.8.6"; +VERSION="1.8.7"; function usage() { @@ -148,6 +148,26 @@ set_RoCE_dev_and_port $name; } +function set_by_pciid(){ + + case "$vend" in + "0x1014" ) # IBM + case "$id" in + "0x04ed") dev_type="ISM"; + int="n/a";; + esac;; + "0x15b3" ) # Mellanox + case "$id" in + "0x1003" | \ + "0x1004") dev_type="RoCE_Express"; + multiport_f=1;; + "0x1016") set_RoCE_dev_and_port "RoCE_Express2";; + "0x101e") set_by_firmware_lvl;; + *) set_RoCE_dev_and_port "Mlx_$id";; + esac;; + esac +} + function print_rnics() { # iterate over slots, as powered-off devices won't show elsewhere for fid in `ls -1 /sys/bus/pci/slots`; do @@ -192,12 +212,15 @@ dev_type="${vend#0x}:${id#0x}"; pft=`cat pft`; vfn=`cat vfn`; + multiport_f=0; if [ $rawIDs -eq 0 ]; then + # prefer PFT for disamgibuating devices case "$pft" in "0x05") dev_type="ISM"; int="n/a"; set_RoCE_pft_and_vfn "$pft" "$vfn";; "0x02") dev_type="RoCE_Express"; + multiport_f=1; set_RoCE_pft_and_vfn "$pft" "$vfn";; "0x0a") set_by_firmware_lvl; set_RoCE_pft_and_vfn "$pft" "$vfn";; @@ -205,15 +228,20 @@ "0x0f") set_RoCE_dev_and_port "Network_Express"; set_RoCE_pft_and_vfn "$pft" "$vfn";; *) + # but if that fails go via the pci IDs + set_by_pciid # For unknown PCI vendors, determine VF flag based on VFN value. # This ensures consistent handling even for unrecognized vendor devices - [ $all -eq 0 ] && continue + [ "$dev_type" = "${vend#0x}:${id#0x}" ] && [ $all -eq 0 ] && continue if (( 16#${vfn#0x} != 0 )); then vfn="y"; else vfn="n"; fi;; - esac + esac + else + set_RoCE_dev_and_port "$dev_type"; + [ "0x15b3" = "$vend" ] && [ "0x1004" = "$id" ] && multiport_f=1; fi pchid="`cat pchid | sed 's/^0x//'`"; pnetids="`cat util_string | sed 's/\x0/\x40/g' | iconv -f IBM-1047 -t ASCII`"; @@ -225,11 +253,10 @@ print_rnic; continue; fi - # one device can have multiple interfaces (one per port) for int in $interfaces; do - set_RoCE_dev_and_port "$dev_type"; + # one device can have multiple interfaces (one per port) cd /sys/bus/pci/devices/$addr/net/$int; - if [ "$((pft))" -eq 2 ] && [ -e dev_port ]; then + if [ $multiport_f -eq 1 ] && [ -e dev_port ]; then port=`cat dev_port`; fi print_rnic; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/smc_run new/smc-tools-1.8.7/smc_run --- old/smc-tools-1.8.6/smc_run 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/smc_run 2026-02-18 09:01:02.000000000 +0100 @@ -10,7 +10,7 @@ # http://www.eclipse.org/legal/epl-v10.html # LIB_NAME="libsmc-preload.so" -VERSION="1.8.6"; +VERSION="1.8.7"; function usage() { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/smctools_common.h new/smc-tools-1.8.7/smctools_common.h --- old/smc-tools-1.8.6/smctools_common.h 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/smctools_common.h 2026-02-18 09:01:02.000000000 +0100 @@ -19,7 +19,7 @@ #define STRINGIFY_1(x) #x #define STRINGIFY(x) STRINGIFY_1(x) -#define RELEASE_STRING "1.8.6" +#define RELEASE_STRING "1.8.7" #define PF_SMC 43 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/smc-tools-1.8.6/stats.c new/smc-tools-1.8.7/stats.c --- old/smc-tools-1.8.6/stats.c 2025-12-05 12:21:32.000000000 +0100 +++ new/smc-tools-1.8.7/stats.c 2026-02-18 09:01:02.000000000 +0100 @@ -19,12 +19,15 @@ #include <string.h> #include <unistd.h> #include <sys/file.h> +#include <sys/stat.h> #include "smctools_common.h" #include "util.h" #include "libnetlink.h" #include "stats.h" +#define BUF_SIZE 8192 + #if defined(SMCD) static int is_smcd = 1; #else @@ -972,12 +975,62 @@ smc_rsn.clnt_fback_cnt -= smc_rsn_c.clnt_fback_cnt; } +#define SMCSTATS_FILENAME ".smcstats" +void ensure_smcstats_file() +{ + char *xdg; + char *home; + size_t cfp_size = 0; + int n; + + xdg = getenv("XDG_DATA_HOME"); + + if (xdg && xdg[0] != '\0') { + cfp_size = strlen(xdg) + strlen("/smc-tools/" SMCSTATS_FILENAME) + 1; + cache_file_path = malloc(cfp_size); + n = snprintf(cache_file_path, cfp_size, "%s/smc-tools/" SMCSTATS_FILENAME, xdg); + } else { + home = getenv("HOME"); + if (!home || home[0] == '\0') { + fprintf(stderr, "$HOME is not set\n"); + exit(-1); + } + cfp_size = strlen(home) + strlen("/.local/share/smc-tools/" SMCSTATS_FILENAME) + 1; + cache_file_path = malloc(cfp_size); + n = snprintf(cache_file_path, cfp_size, "%s/.local/share/smc-tools/" SMCSTATS_FILENAME, home); + } + + if (n < 0) { + perror("could not construct cache file path"); + goto errout; + } + + if (access(cache_file_path, F_OK) == 0) + return; + + /* Try to create the directory (mkdir -p style) */ + for (char *p = cache_file_path + 1; *p; p++) { + if (*p == '/') { + *p = '\0'; + if ((mkdir(cache_file_path, 0700)) && errno != EEXIST) { + perror("mkdir"); + goto errout; + } + *p = '/'; + } + } + return; +errout: + free(cache_file_path); + exit(-1); +} + static void open_cache_file() { int fd; - cache_file_path = malloc(128); - sprintf(cache_file_path, "/tmp/.smcstats.u%d", getuid()); + /* Create cache file in $XDG_DATA_HOME directory */ + ensure_smcstats_file(); fd = open(cache_file_path, O_RDWR|O_CREAT|O_NOFOLLOW, 0600); @@ -1031,6 +1084,92 @@ fprintf(cache_fp, "%16llu\n", smc_rsn_org.clnt_fback_cnt); } +static void copy_cache_file(const char *src_path) +{ + FILE *cache_fp_old; + static char buffer[BUF_SIZE]; + size_t bytes_read; + + cache_fp_old = fopen(src_path, "r"); + if (cache_fp_old == NULL) { + perror("fopen"); + goto errout; + } + + while ((bytes_read = fread(buffer, 1, BUF_SIZE, cache_fp_old)) > 0) { + if (fwrite(buffer, 1, bytes_read, cache_fp) != bytes_read) { + perror("fwrite"); + fclose(cache_fp_old); + goto errout; + } + } + if (ferror(cache_fp_old)) { + perror("fread"); + goto errout; + } + + fclose(cache_fp_old); + return; +errout: + fprintf(stderr, "Copying of %s to %s failed\n", src_path, cache_file_path); +} + +/* For backward compatibility with older smc-tools version(1.8.6) or older */ +void handle_legacy_cache(void) +{ + char cache_file_path_old[128] = {0}; + struct stat file_stat; + mode_t perm; + uid_t uid; + + snprintf(cache_file_path_old, sizeof(cache_file_path_old), + "/tmp/.smcstats.u%d", getuid()); + if (stat(cache_file_path_old, &file_stat) || !(file_stat.st_size)) + return; + /* + * Using geteuid here as st_uid will be set to the effective UID of the + * process that created the file + */ + uid = geteuid(); + if (file_stat.st_uid != uid) { + fprintf(stderr, + "Legacy cache file %s with inappropriate ownership found: %d" + "(expected owner=%d).\n", + cache_file_path_old, file_stat.st_uid, uid); + goto out_untrusted; + } + + perm = file_stat.st_mode & 0777; + if (perm != 0600) { + fprintf(stderr, + "Legacy cache file %s with inappropriate permissions found: " + "%04o(expected permissions=0600).\n", + cache_file_path_old, perm); + goto out_untrusted; + } + copy_cache_file(cache_file_path_old); + rewind(cache_fp); + read_cache_file(cache_fp); + goto out_remove; + +out_untrusted: + fprintf(stderr, "Disregarding legacy cache file!\n" + "Warning: Emitting absolute statistics!\n"); +out_remove: + if (remove(cache_file_path_old)) { + fprintf(stderr, + "\nCannot remove legacy cache file %s: %s. You will keep " + "seeing this warning message on subsequent 'smcd/r stats' " + "invocations unless the " + "legacy cache file ceases to exist(for example with the " + "next reboot if /tmp is not persistent)\nor is manually " + "recovered (not recommended) or 'smcd/r stats' is invoked " + "in absolute mode\nor a new populated cache file exists " + "(created by invoking smcd/r stats reset)\n", + cache_file_path_old, strerror(errno)); + } +} + int invoke_stats(int argc, char **argv, int option_details) { if (option_details == SMC_DETAIL_LEVEL_V || option_details == SMC_DETAIL_LEVEL_VV) { @@ -1052,6 +1191,9 @@ memcpy(&smc_stat_org, &smc_stat, sizeof(smc_stat_org)); memcpy(&smc_rsn_org, &smc_rsn, sizeof(smc_rsn_org)); + if (!is_abs && !cache_file_exists) + handle_legacy_cache(); + if (!is_abs && cache_file_exists) merge_cache(); if (!json_cmd)
