From 2e981b3de72322304748651acf9426b6e4e0e2d4 Mon Sep 17 00:00:00 2001
From: chengyechun <chengyechun1@huawei.com>
Date: Mon, 6 May 2024 20:18:58 +0800
Subject: [PATCH] sync some patches from upstream

(cherry picked from commit 2f5eacafd0fa15456697f66351c59afa1a02e1cc)
---
 ...entries-in-first-pass-in-prune_cache.patch | 93 +++++++++++++++++++
 ...rval-not-errno-to-guide-cache-update.patch | 49 ++++++++++
 glibc.spec                                    | 11 ++-
 3 files changed, 152 insertions(+), 1 deletion(-)
 create mode 100644 backport-Skip-unusable-entries-in-first-pass-in-prune_cache.patch
 create mode 100644 backport-Use-errval-not-errno-to-guide-cache-update.patch

diff --git a/backport-Skip-unusable-entries-in-first-pass-in-prune_cache.patch b/backport-Skip-unusable-entries-in-first-pass-in-prune_cache.patch
new file mode 100644
index 0000000..dcd3609
--- /dev/null
+++ b/backport-Skip-unusable-entries-in-first-pass-in-prune_cache.patch
@@ -0,0 +1,93 @@
+From c00b984fcd53f679ca2dafcd1aee2c89836e6e73 Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Tue, 29 Aug 2023 08:28:31 +0200
+Subject: [PATCH] nscd: Skip unusable entries in first pass in prune_cache (bug
+ 30800)
+
+Previously, if an entry was marked unusable for any reason, but had
+not timed out yet, the assert would trigger.
+
+One way to get into such state is if a data change is detected during
+re-validation of an entry.  This causes the entry to be marked as not
+usable.  If exits nscd soon after that, then the clock jumps
+backwards, and nscd restarted, the cache re-validation run after
+startup triggers the removed assert.
+
+The change is more complicated than just the removal of the assert
+because entries marked as not usable should be garbage-collected in
+the second pass.  To make this happen, it is necessary to update some
+book-keeping data.
+
+Reviewed-by: DJ Delorie <dj@redhat.com>
+
+Conflict:NA
+Reference:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c00b984fcd53f679ca2dafcd1aee2c89836e6e73
+
+---
+ nscd/cache.c | 25 +++++++++++--------------
+ 1 file changed, 11 insertions(+), 14 deletions(-)
+
+diff --git a/nscd/cache.c b/nscd/cache.c
+index 78b22697..ac5902ae 100644
+--- a/nscd/cache.c
++++ b/nscd/cache.c
+@@ -371,8 +371,11 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
+ 		       serv2str[runp->type], str, dh->timeout);
+ 	    }
+ 
+-	  /* Check whether the entry timed out.  */
+-	  if (dh->timeout < now)
++	  /* Check whether the entry timed out.  Timed out entries
++	     will be revalidated.  For unusable records, it is still
++	     necessary to record that the bucket needs to be scanned
++	     again below.  */
++	  if (dh->timeout < now || !dh->usable)
+ 	    {
+ 	      /* This hash bucket could contain entries which need to
+ 		 be looked at.  */
+@@ -384,7 +387,7 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
+ 	      /* We only have to look at the data of the first entries
+ 		 since the count information is kept in the data part
+ 		 which is shared.  */
+-	      if (runp->first)
++	      if (runp->first && dh->usable)
+ 		{
+ 
+ 		  /* At this point there are two choices: we reload the
+@@ -400,9 +403,6 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
+ 		    {
+ 		      /* Remove the value.  */
+ 		      dh->usable = false;
+-
+-		      /* We definitely have some garbage entries now.  */
+-		      any = true;
+ 		    }
+ 		  else
+ 		    {
+@@ -414,18 +414,15 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
+ 
+ 		      time_t timeout = readdfcts[runp->type] (table, runp, dh);
+ 		      next_timeout = MIN (next_timeout, timeout);
+-
+-		      /* If the entry has been replaced, we might need
+-			 cleanup.  */
+-		      any |= !dh->usable;
+ 		    }
+ 		}
++
++	      /* If the entry has been replaced, we might need cleanup.  */
++	      any |= !dh->usable;
+ 	    }
+ 	  else
+-	    {
+-	      assert (dh->usable);
+-	      next_timeout = MIN (next_timeout, dh->timeout);
+-	    }
++	    /* Entry has not timed out and is usable.  */
++	    next_timeout = MIN (next_timeout, dh->timeout);
+ 
+ 	  run = runp->next;
+ 	}
+-- 
+2.33.0
+
diff --git a/backport-Use-errval-not-errno-to-guide-cache-update.patch b/backport-Use-errval-not-errno-to-guide-cache-update.patch
new file mode 100644
index 0000000..c941b0a
--- /dev/null
+++ b/backport-Use-errval-not-errno-to-guide-cache-update.patch
@@ -0,0 +1,49 @@
+From 2d472b48610f6a298d28035b683ab13e9afac4cb Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Mon, 24 Jul 2023 15:12:26 +0200
+Subject: [PATCH] nscd: Use errval, not errno to guide cache update (bug 30662)
+
+The errno variable is potentially clobbered by the preceding
+send call.  It is not related to the to-be-cached information.
+The parallel code in hstcache.c and servicescache.c already uses
+errval.
+
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+
+Conflict:NA
+Reference:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2d472b48610f6a298d28035b683ab13e9afac4cb
+
+---
+ nscd/grpcache.c | 2 +-
+ nscd/pwdcache.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/nscd/grpcache.c b/nscd/grpcache.c
+index 457ca4d8..d18bcabe 100644
+--- a/nscd/grpcache.c
++++ b/nscd/grpcache.c
+@@ -117,7 +117,7 @@ cache_addgr (struct database_dyn *db, int fd, request_header *req,
+ 
+ 	  /* If we have a transient error or cannot permanently store
+ 	     the result, so be it.  */
+-	  if (errno == EAGAIN || __builtin_expect (db->negtimeout == 0, 0))
++	  if (errval == EAGAIN || __glibc_unlikely (db->negtimeout == 0))
+ 	    {
+ 	      /* Mark the old entry as obsolete.  */
+ 	      if (dh != NULL)
+diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c
+index dfafb526..409c5acd 100644
+--- a/nscd/pwdcache.c
++++ b/nscd/pwdcache.c
+@@ -123,7 +123,7 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
+ 
+ 	  /* If we have a transient error or cannot permanently store
+ 	     the result, so be it.  */
+-	  if (errno == EAGAIN || __builtin_expect (db->negtimeout == 0, 0))
++	  if (errval == EAGAIN || __glibc_unlikely (db->negtimeout == 0))
+ 	    {
+ 	      /* Mark the old entry as obsolete.  */
+ 	      if (dh != NULL)
+-- 
+2.33.0
+
diff --git a/glibc.spec b/glibc.spec
index e667cdf..57553e1 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -66,7 +66,7 @@
 ##############################################################################
 Name: 	 	glibc
 Version: 	2.34
-Release: 	148
+Release: 	149
 Summary: 	The GNU libc libraries
 License:	%{all_license}
 URL: 		http://www.gnu.org/software/glibc/
@@ -290,6 +290,8 @@ Patch203: backport-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-netgroup-c
 Patch204: backport-CVE-2024-33600-nscd-Do-not-send-missing-not-found-response.patch
 Patch205: backport-CVE-2024-33600-nscd-Avoid-null-pointer-crash-after-not-found-response.patch
 Patch206: backport-CVE-2024-33601-CVE-2024-33602-nscd-Use-two-buffer-in-addgetnetgrentX.patch
+Patch207: backport-Use-errval-not-errno-to-guide-cache-update.patch
+Patch208: backport-Skip-unusable-entries-in-first-pass-in-prune_cache.patch
 
 Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch
 Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch 
@@ -1505,6 +1507,13 @@ fi
 %endif
 
 %changelog
+* Mon May 06 2024 chengyechun <chengyechun1@huaiwe.com> - 2.34-149
+- Type:bugfix
+- ID:
+- SUG:NA
+- DESC:nscd: Use errval, not errno to guide cache update
+       nsce :Skip unusable entries in first pass in prune_cache
+
 * Mon Apr 29 2024 chengyechun <chengyechun1@huawei.com> - 2.34-148
 - Type:CVE
 - ID:CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602
-- 
Gitee