Bug 1185928

Summary: patch fails to apply symbolic link patch
Product: [Fedora] Fedora Reporter: Josh Boyer <jwboyer>
Component: patchAssignee: Tim Waugh <twaugh>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 22CC: aoliva, twaugh
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: patch-2.7.4-1.fc20 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-09 17:05:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josh Boyer 2015-01-26 16:11:13 UTC 
Description of problem:

The 3.19-rc5 and 3.19-rc6 upstream kernel patches contain a hunk that creates a symbolic link from arch/arm64/boot/dts/include/dt-bindings to include/dt-bindings.  The hunk is below:

diff --git a/arch/arm64/boot/dts/include/dt-bindings b/arch/arm64/boot/dts/include/dt-bindings
new file mode 120000
index 000000000000..08c00e4972fa
--- /dev/null
+++ b/arch/arm64/boot/dts/include/dt-bindings
@@ -0,0 +1 @@
+../../../../../include/dt-bindings
\ No newline at end of file

On my local machine running F21 (patch-2.7.1-9.fc21), this applies fine.  In the 3.19-rc5 build in koji, it also applied fine and the kernel built correctly:

http://koji.fedoraproject.org/koji/buildinfo?buildID=604938

When I went to build the 3.19-rc6 build this morning, it built correctly on my local machine however it failed in koji with:

+ '[' '!' -f /builddir/build/SOURCES/patch-3.19-rc6.xz ']'
+ case "$patch" in
+ unxz
+ patch -p1 -F1 -s
symbolic link target '../../../../../include/dt-bindings' is invalid
error: Bad exit status from /var/tmp/rpm-tmp.mWE3ZL (%prep)

http://koji.fedoraproject.org/koji/taskinfo?taskID=8722450

Looking at root.log for each respective koj build I see that patch-2.7.1-9.fc22 was used for the 3.19-rc5 build, and patch-2.7.3-1.fc22 was used for the failing 3.19-rc6 build.  Seems something that worked fine before is now failing with a patch update.

Version-Release number of selected component (if applicable):
patch-2.7.3-1.fc22

How reproducible:
Assuming always, but I've only tried one koji build.  I will kick off a local mockbuild that should bring in the updated patch into the buildroot as well and see if that fails.


Steps to Reproduce:
1. fedpkg clone kernel on a rawhide machine with above patch version installed
2. fedpkg prep
3.

Actual results:
Fails to apply symbolic link hunk in patch-3.19-rc6.xz

Expected results:
Patch applies as before.

Additional info:
Comment 1 Tim Waugh 2015-01-26 16:14:28 UTC 
Preventing ".." components in symbolic links is intentional in order to fix CVE-2015-1196.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901#13
Comment 2 Alexandre Oliva 2015-02-02 02:38:10 UTC 
Maybe WONTFIX was too fast :-)

It looks like this patch regression is, erhm, patched in patch 2.7.4.  See http://www.gossamer-threads.com/lists/linux/kernel/2099059#2099059
Comment 3 Tim Waugh 2015-02-02 10:26:34 UTC 
Yes, it's what I spent last week on. Sorry, I'd forgotten to update this.

Fixed in:
  patch-2.7.4-1.fc20 https://admin.fedoraproject.org/updates/FEDORA-2015-1165
  patch-2.7.4-1.fc21 https://admin.fedoraproject.org/updates/patch-2.7.4-1.fc21
  patch-2.7.4-1.fc22
Comment 4 Jaroslav Reznik 2015-03-03 17:19:56 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22