From: <changqing.li@windriver.com>
To: <openembedded-devel@lists.openembedded.org>, <martin.jansa@gmail.com>
Subject: [meta-oe][PATCH] nodejs: don't always disable io_uring
Date: Thu, 11 Apr 2024 16:24:16 +0800 [thread overview]
Message-ID: <20240411082416.1732666-1-changqing.li@windriver.com> (raw)
From: Changqing Li <changqing.li@windriver.com>
The original idea was always disable io_uring to avoid follwing failure
even when UV_USE_IO_URING is set to true, refer [1][2]:
0608: try:
*** 0609: update_hash(" %10s" % pwd.getpwuid(s.st_uid).pw_name)
0610: update_hash(" %10s" % grp.getgrgid(s.st_gid).gr_name)
0611: except KeyError as e:
0612: msg = ("KeyError: %s\nPath %s is owned by uid %d, gid %d, which doesn't match "
0613: "any user/group on target. This may be due to host contamination." %
Exception: Exception: KeyError: 'getpwuid(): uid not found: 20561'
But since 20.11.1, for fix CVE-2024-22017, io_uring is disabled by
default, refer [3]. So maybe patch
0001-deps-disable-io_uring-support-in-libuv.patch is not needed.
For case UV_USE_IO_URING is set to true, user can fix above failure
by "chown root:root -R ${D}" in do_install.
[1] https://lists.openembedded.org/g/openembedded-devel/message/105583
[2] https://bugzilla.yoctoproject.org/show_bug.cgi?id=15244
[3] https://github.com/nodejs/node/commit/686da19abbb83b7e01d48be19f832ab081b87084
[4] https://nvd.nist.gov/vuln/detail/CVE-2024-22017
Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
...ps-disable-io_uring-support-in-libuv.patch | 35 -------------------
.../recipes-devtools/nodejs/nodejs_20.11.1.bb | 1 -
2 files changed, 36 deletions(-)
delete mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0001-deps-disable-io_uring-support-in-libuv.patch
diff --git a/meta-oe/recipes-devtools/nodejs/nodejs/0001-deps-disable-io_uring-support-in-libuv.patch b/meta-oe/recipes-devtools/nodejs/nodejs/0001-deps-disable-io_uring-support-in-libuv.patch
deleted file mode 100644
index f11cd08cb..000000000
--- a/meta-oe/recipes-devtools/nodejs/nodejs/0001-deps-disable-io_uring-support-in-libuv.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 9838be9c710ab4249df86726fa390232a3b6a6e7 Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing.li@windriver.com>
-Date: Fri, 1 Mar 2024 15:46:11 +0800
-Subject: [PATCH] deps: disable io_uring support in libuv
-
-Refer [1], Pseudo fails to intercept some of the syscalls when io_uring
-enabled. Refer [2], always disable io_uring support in libuv to fix
-issue in [1].
-
-[1] https://git.openembedded.org/meta-openembedded/commit/?id=d08453978c31ee41d28206c6ff198d7d9d701d88
-[2] https://github.com/nodejs/node/commit/686da19abb
-
-Upstream-Status: Inappropriate [oe specific]
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
----
- deps/uv/src/unix/linux.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/deps/uv/src/unix/linux.c b/deps/uv/src/unix/linux.c
-index 0c997185..7508409d 100644
---- a/deps/uv/src/unix/linux.c
-+++ b/deps/uv/src/unix/linux.c
-@@ -433,7 +433,7 @@ static int uv__use_io_uring(void) {
- if (use == 0) {
- /* Disable io_uring by default due to CVE-2024-22017. */
- val = getenv("UV_USE_IO_URING");
-- use = val != NULL && atoi(val) ? 1 : -1;
-+ use = 0;
- atomic_store_explicit(&use_io_uring, use, memory_order_relaxed);
- }
-
---
-2.25.1
-
diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_20.11.1.bb b/meta-oe/recipes-devtools/nodejs/nodejs_20.11.1.bb
index e2e2f5ae8..9a61cfcf7 100644
--- a/meta-oe/recipes-devtools/nodejs/nodejs_20.11.1.bb
+++ b/meta-oe/recipes-devtools/nodejs/nodejs_20.11.1.bb
@@ -24,7 +24,6 @@ SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \
file://0004-v8-don-t-override-ARM-CFLAGS.patch \
file://system-c-ares.patch \
file://0001-liftoff-Correct-function-signatures.patch \
- file://0001-deps-disable-io_uring-support-in-libuv.patch \
file://run-ptest \
"
--
2.25.1
reply other threads:[~2024-04-11 8:24 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240411082416.1732666-1-changqing.li@windriver.com \
--to=changqing.li@windriver.com \
--cc=martin.jansa@gmail.com \
--cc=openembedded-devel@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).