Re: [Replicant] Security fix causing crash that blocks Replicant 6.0 0004 release

2019-10-19 Thread Joonas Kylmälä 
Hi,

I would go for the option reverting this one security patch since there
has been no solution from anybody yet. This way at least the other
security fixes get to the people and we are not just delaying the 0004
release and thus having all those other security vulnerabilities open to
be exploited.

I will start working on the revert today.

Joonas

Kurtis Hanna:
> Hello all,
> 
> CVE-2017-13154 was announced in Google's security bulletin here:
> https://source.android.com/security/bulletin/pixel/2017-12-01
> 
> Their patch to fix this is here:
> https://android.googlesource.com/platform/frameworks/av/+/271defe729a10db25b45759c8ccfb5abed24c647
> 
> The patch that fixes CVE-2017-13154 was backported to LineageOS 13 on
> Jan 12, 2018 here:
> https://github.com/LineageOS/android_frameworks_av/commit/19d12edc1aad955ecd2e2b1bc786f1e7acb5fe0c#diff-26fac486080a94be3c3dd15b0775665a
> 
> When testing and reviewing the patch on LOS 13, multiple people observed
> that it breaks the camera functionality and causes system crashes.
> https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/198403
> 
> This patch also seemed to break video playback / YouTube on LOS 11:
> https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/211067/11
> 
> Due to this, instead of properly backporting the patch to prevent the
> camera from breaking and system from crashing, a workaround to the patch
> was made. The commit message describes it this way:
> 
> Backport: Wrap into #ifndef/#endif statement to allow skipping this
> patch for specific devices by adding the following directive into the
> BoardConfig.mk or BoardConfigCommon.mk file of the device repo:
> TARGET_RELEASE_CPPFLAGS += -DSKIP_CVE_2017_13154
> 
> On May 7, 2018 it was determined that the method used in the backported
> patch, where a C/C++ flag was used in BoardConfig.mk /
> BoardConfigCommon.mk, was a bad idea and that a Boardflag should be used
> instead, so this patch was applied:
> https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/212842
> 
> Since LineageOS upstream doesn't have a fix for this, I suggest that we
> either revert both of these two patches or add the
> 'BOARD_SKIP_CVE_2017_13154' boardflag for any 6.0 devices that are
> currently experiencing system crashes on our alpha 0004 builds.
> 
> The two patches are on our cgit here:
> https://git.replicant.us/replicant/frameworks_av/commit/?id=19d12edc1aad955ecd2e2b1bc786f1e7acb5fe0c
> https://git.replicant.us/replicant/frameworks_av/commit/?id=a794b89fe00d214c8c1ced6a9519dd48b1ceb4af
> 
> Sure, it'd be great to figure out how to properly backport the upstream
> patch, but we already are missing a number of other upstream patches
> because they never were fixed in LOS 13. When we release this new Rom,
> we can emphasize to everyone that Replicant 6.0 0004 is supposed to just
> be a stop gap between 6.0 0003 and Replicant 9 and that it doesn't have
> all of Google's security patches applied.
> 
> As a side note, it seems as though LineageOS only lets you sign into
> their gerrit instance if you have a Google account. I don't have a
> google account though and don't particularly want one. It might be worth
> asking them to provide a different login option so that we can
> collaborate with them closer.
> 
> Cordially,
> Kurtis
> 
> Joonas Kylmälä:
>> Hi,
>>
>> yeah, this was just linked to #replicant IRC channel:
>> .
>> So the patch was ifdef'd because it broke on one device. I think we
>> might be using software audio/video decoding/encoding and in lineageos
>> it might be hardware so they might use different libraries and not have
>> come across this on other than that 1 device which was then not fixed.
>>
>> Joonas
>>
>> Marcos Marado:
>>> That ifdef is in there because this will happen to some devices but
>>> not others (and we should investigate each replicant device to see
>>> which of them are affected, it might be all as you assume, but it
>>> might be none). Unfortunately, for the devices you see this happen, it
>>> probably means that one of the propriatery files you are copying from
>>> the device was depending on the old behavior.
>>>
>>> On Mon, Oct 14, 2019 at 9:38 PM Joonas Kylmälä  
>>> wrote:

 Hi,

 we investigated today a system server crash:
 . It was bisected to commit
 .
 If anybody has suggestions how to fix this please let us know!

 This is causing most likely the audio issues people have reported
 happening on the dev branch and it causes the boot time to be much much
 longer and most likely other issues. It is blocking the 0004 we were
 planning to do this Sunday.

 Joonas
 ___
 Replicant mailing list

Re: [Replicant] Security fix causing crash that blocks Replicant 6.0 0004 release

2019-10-18 Thread Kurtis Hanna 
Hello all,

CVE-2017-13154 was announced in Google's security bulletin here:
https://source.android.com/security/bulletin/pixel/2017-12-01

Their patch to fix this is here:
https://android.googlesource.com/platform/frameworks/av/+/271defe729a10db25b45759c8ccfb5abed24c647

The patch that fixes CVE-2017-13154 was backported to LineageOS 13 on
Jan 12, 2018 here:
https://github.com/LineageOS/android_frameworks_av/commit/19d12edc1aad955ecd2e2b1bc786f1e7acb5fe0c#diff-26fac486080a94be3c3dd15b0775665a

When testing and reviewing the patch on LOS 13, multiple people observed
that it breaks the camera functionality and causes system crashes.
https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/198403

This patch also seemed to break video playback / YouTube on LOS 11:
https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/211067/11

Due to this, instead of properly backporting the patch to prevent the
camera from breaking and system from crashing, a workaround to the patch
was made. The commit message describes it this way:

Backport: Wrap into #ifndef/#endif statement to allow skipping this
patch for specific devices by adding the following directive into the
BoardConfig.mk or BoardConfigCommon.mk file of the device repo:
TARGET_RELEASE_CPPFLAGS += -DSKIP_CVE_2017_13154

On May 7, 2018 it was determined that the method used in the backported
patch, where a C/C++ flag was used in BoardConfig.mk /
BoardConfigCommon.mk, was a bad idea and that a Boardflag should be used
instead, so this patch was applied:
https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/212842

Since LineageOS upstream doesn't have a fix for this, I suggest that we
either revert both of these two patches or add the
'BOARD_SKIP_CVE_2017_13154' boardflag for any 6.0 devices that are
currently experiencing system crashes on our alpha 0004 builds.

The two patches are on our cgit here:
https://git.replicant.us/replicant/frameworks_av/commit/?id=19d12edc1aad955ecd2e2b1bc786f1e7acb5fe0c
https://git.replicant.us/replicant/frameworks_av/commit/?id=a794b89fe00d214c8c1ced6a9519dd48b1ceb4af

Sure, it'd be great to figure out how to properly backport the upstream
patch, but we already are missing a number of other upstream patches
because they never were fixed in LOS 13. When we release this new Rom,
we can emphasize to everyone that Replicant 6.0 0004 is supposed to just
be a stop gap between 6.0 0003 and Replicant 9 and that it doesn't have
all of Google's security patches applied.

As a side note, it seems as though LineageOS only lets you sign into
their gerrit instance if you have a Google account. I don't have a
google account though and don't particularly want one. It might be worth
asking them to provide a different login option so that we can
collaborate with them closer.

Cordially,
Kurtis

Joonas Kylmälä:
> Hi,
> 
> yeah, this was just linked to #replicant IRC channel:
> .
> So the patch was ifdef'd because it broke on one device. I think we
> might be using software audio/video decoding/encoding and in lineageos
> it might be hardware so they might use different libraries and not have
> come across this on other than that 1 device which was then not fixed.
> 
> Joonas
> 
> Marcos Marado:
>> That ifdef is in there because this will happen to some devices but
>> not others (and we should investigate each replicant device to see
>> which of them are affected, it might be all as you assume, but it
>> might be none). Unfortunately, for the devices you see this happen, it
>> probably means that one of the propriatery files you are copying from
>> the device was depending on the old behavior.
>>
>> On Mon, Oct 14, 2019 at 9:38 PM Joonas Kylmälä  wrote:
>>>
>>> Hi,
>>>
>>> we investigated today a system server crash:
>>> . It was bisected to commit
>>> .
>>> If anybody has suggestions how to fix this please let us know!
>>>
>>> This is causing most likely the audio issues people have reported
>>> happening on the dev branch and it causes the boot time to be much much
>>> longer and most likely other issues. It is blocking the 0004 we were
>>> planning to do this Sunday.
>>>
>>> Joonas
>>> ___
>>> Replicant mailing list
>>> Replicant@osuosl.org
>>> https://lists.osuosl.org/mailman/listinfo/replicant
>>
> ___
> Replicant mailing list
> Replicant@osuosl.org
> https://lists.osuosl.org/mailman/listinfo/replicant
> 
___
Replicant mailing list
Replicant@osuosl.org
https://lists.osuosl.org/mailman/listinfo/replicant

Re: [Replicant] Security fix causing crash that blocks Replicant 6.0 0004 release

2019-10-18 Thread Marcos Marado 
That ifdef is in there because this will happen to some devices but
not others (and we should investigate each replicant device to see
which of them are affected, it might be all as you assume, but it
might be none). Unfortunately, for the devices you see this happen, it
probably means that one of the propriatery files you are copying from
the device was depending on the old behavior.

On Mon, Oct 14, 2019 at 9:38 PM Joonas Kylmälä  wrote:
>
> Hi,
>
> we investigated today a system server crash:
> . It was bisected to commit
> .
> If anybody has suggestions how to fix this please let us know!
>
> This is causing most likely the audio issues people have reported
> happening on the dev branch and it causes the boot time to be much much
> longer and most likely other issues. It is blocking the 0004 we were
> planning to do this Sunday.
>
> Joonas
> ___
> Replicant mailing list
> Replicant@osuosl.org
> https://lists.osuosl.org/mailman/listinfo/replicant
___
Replicant mailing list
Replicant@osuosl.org
https://lists.osuosl.org/mailman/listinfo/replicant

Re: [Replicant] Security fix causing crash that blocks Replicant 6.0 0004 release

2019-10-15 Thread Joonas Kylmälä 
Hi,

yeah, this was just linked to #replicant IRC channel:
.
So the patch was ifdef'd because it broke on one device. I think we
might be using software audio/video decoding/encoding and in lineageos
it might be hardware so they might use different libraries and not have
come across this on other than that 1 device which was then not fixed.

Joonas

Marcos Marado:
> That ifdef is in there because this will happen to some devices but
> not others (and we should investigate each replicant device to see
> which of them are affected, it might be all as you assume, but it
> might be none). Unfortunately, for the devices you see this happen, it
> probably means that one of the propriatery files you are copying from
> the device was depending on the old behavior.
> 
> On Mon, Oct 14, 2019 at 9:38 PM Joonas Kylmälä  wrote:
>>
>> Hi,
>>
>> we investigated today a system server crash:
>> . It was bisected to commit
>> .
>> If anybody has suggestions how to fix this please let us know!
>>
>> This is causing most likely the audio issues people have reported
>> happening on the dev branch and it causes the boot time to be much much
>> longer and most likely other issues. It is blocking the 0004 we were
>> planning to do this Sunday.
>>
>> Joonas
>> ___
>> Replicant mailing list
>> Replicant@osuosl.org
>> https://lists.osuosl.org/mailman/listinfo/replicant
> 
___
Replicant mailing list
Replicant@osuosl.org
https://lists.osuosl.org/mailman/listinfo/replicant