[Pkg-samba-maint] [Git][samba-team/samba][master] 6 commits: use-explicit_bzero-to-zero-memory.diff: use explicit_bzero() to explicitly zero memory everywhere
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Wed Jan 21 13:34:18 GMT 2026
Michael Tokarev pushed to branch master at Debian Samba Team / samba
Commits:
550b96d6 by Michael Tokarev at 2026-01-21T16:25:31+03:00
use-explicit_bzero-to-zero-memory.diff: use explicit_bzero() to explicitly zero memory everywhere
- - - - -
8b148a39 by Michael Tokarev at 2026-01-21T16:25:31+03:00
heimdal-kdc-fix-memset_s-calls-1296.patch
- - - - -
8cfb59fc by Michael Tokarev at 2026-01-21T16:25:31+03:00
d/*.lintian-overrides: remove library-not-linked-against-libc tags (#896012 is now fixed)
- - - - -
981c860a by Michael Tokarev at 2026-01-21T16:25:31+03:00
inline-getprogname.diff
- - - - -
b907d3ce by Michael Tokarev at 2026-01-21T16:25:31+03:00
inline-openat2.diff
- - - - -
eb3f0bd4 by Michael Tokarev at 2026-01-21T16:25:31+03:00
d/patches/series: remove old commented-out entry
- - - - -
11 changed files:
- + debian/patches/heimdal-kdc-fix-memset_s-calls-1296.patch
- + debian/patches/inline-getprogname.diff
- + debian/patches/inline-openat2.diff
- debian/patches/series
- − debian/patches/use-bzero-instead-of-memset_s.diff
- + debian/patches/use-explicit_bzero-to-zero-memory.diff
- debian/python3-samba.lintian-overrides
- debian/python3-talloc.lintian-overrides
- debian/rules
- debian/samba-libs.lintian-overrides
- debian/samba.lintian-overrides
Changes:
=====================================
debian/patches/heimdal-kdc-fix-memset_s-calls-1296.patch
=====================================
@@ -0,0 +1,37 @@
+From: Nicolas Williams <nico at twosigma.com>
+Date: Tue, 20 Jan 2026 16:05:31 -0600
+Subject: kdc: Fix memset_s() calls (fix #1296)
+Origin: upstream, https://github.com/heimdal/heimdal/commit/112a82dd2596e228388c50b4c71b3aa816b86add
+Forwarded: not-needed
+
+---
+ third_party/heimdal/kdc/fast.c | 4 ++--
+ third_party/heimdal/kdc/krb5tgs.c | 2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/third_party/heimdal/kdc/fast.c b/third_party/heimdal/kdc/fast.c
+--- a/third_party/heimdal/kdc/fast.c
++++ b/third_party/heimdal/kdc/fast.c
+@@ -844,8 +844,8 @@ _kdc_free_fast_state(KDCFastState *state)
+ PA_DATA *pa = &state->fast_state.val[i];
+
+ if (pa->padata_value.data)
+- memset_s(pa->padata_value.data, 0,
+- pa->padata_value.length, pa->padata_value.length);
++ memset_s(pa->padata_value.data, pa->padata_value.length,
++ 0, pa->padata_value.length);
+ }
+ free_KDCFastState(state);
+ }
+diff --git a/third_party/heimdal/kdc/krb5tgs.c b/third_party/heimdal/kdc/krb5tgs.c
+--- a/third_party/heimdal/kdc/krb5tgs.c
++++ b/third_party/heimdal/kdc/krb5tgs.c
+@@ -2210,7 +2210,7 @@ _kdc_tgs_rep(astgs_request_t r)
+ }
+ free_LastReq(&r->ek.last_req);
+ if (r->et.key.keyvalue.data) {
+- memset_s(r->et.key.keyvalue.data, 0, r->et.key.keyvalue.length,
++ memset_s(r->et.key.keyvalue.data, r->et.key.keyvalue.length, 0,
+ r->et.key.keyvalue.length);
+ }
+ free_EncryptionKey(&r->et.key);
=====================================
debian/patches/inline-getprogname.diff
=====================================
@@ -0,0 +1,38 @@
+Subject: inline getprogname replacement
+From: Michael Tokarev <mjt at tls.msk.ru>
+Date: Tue, 20 Jan 2026 22:27:54 +0300
+Forwarded: not-needed
+
+Inline getprogname() by using program_invocation_short_name
+when available (like with glibc).
+
+This makes a lot of binaries to avoid linkage to libreplace.
+
+This is a short and dirty version, proper change for upstream
+should clean up #ifdef'fery in replace.c.
+
+diff --git a/lib/replace/replace.c b/lib/replace/replace.c
+--- a/lib/replace/replace.c
++++ b/lib/replace/replace.c
+@@ -1145,5 +1145,5 @@ void *rep_memset_explicit(void *block, int c, size_t size)
+ #endif
+
+-#ifndef HAVE_GETPROGNAME
++#if !defined(HAVE_GETPROGNAME) && !defined(HAVE_PROGRAM_INVOCATION_SHORT_NAME)
+ # ifndef HAVE_PROGRAM_INVOCATION_SHORT_NAME
+ # define PROGNAME_SIZE 32
+diff --git a/lib/replace/replace.h b/lib/replace/replace.h
+--- a/lib/replace/replace.h
++++ b/lib/replace/replace.h
+@@ -997,7 +997,11 @@ void *rep_memset_explicit(void *block, int c, size_t size);
+
+ #ifndef HAVE_GETPROGNAME
++#ifdef HAVE_PROGRAM_INVOCATION_SHORT_NAME
++# define getprogname() (program_invocation_short_name)
++#else
+ #define getprogname rep_getprogname
+ const char *rep_getprogname(void);
+ #endif
++#endif
+
+ #ifndef HAVE_COPY_FILE_RANGE
=====================================
debian/patches/inline-openat2.diff
=====================================
@@ -0,0 +1,32 @@
+Subject: inline openat2 syscall
+From: Michael Tokarev <mjt at tls.msk.ru>
+Date: Wed, 21 Jan 2026 12:20:05 +0300
+Forwarded: not-needed
+
+openat2() is not provided by glibc, so is implemented in
+samba's libreplace. By inlining the implementation,
+we avoid additional linkage to libreplace.
+
+Not forwarding since proper fix needs proper clean-up
+of the #ifdef'fery.
+
+diff --git a/lib/replace/system/filesys.h b/lib/replace/system/filesys.h
+--- a/lib/replace/system/filesys.h
++++ b/lib/replace/system/filesys.h
+@@ -274,6 +274,12 @@ struct __rep_open_how {
+ #ifndef HAVE_OPENAT2
+-long rep_openat2(int dirfd, const char *pathname,
+- struct open_how *how, size_t size);
+-#define openat2(dirfd, pathname, how, size) \
+- rep_openat2(dirfd, pathname, how, size)
++#define HAVE_OPENAT2
++#ifdef __linux__
++#include <sys/syscall.h>
++static inline long openat2(int dirfd, const char *pathname,
++ struct open_how *how, size_t size) {
++ return syscall(SYS_openat2, dirfd, pathname, how, size);
++}
++#else
++#define openat2(dirfd, path, how, size) (errno = -ENOSYS, -1)
++#endif
+ #endif /* !HAVE_OPENAT2 */
=====================================
debian/patches/series
=====================================
@@ -11,7 +11,7 @@ add-so-version-to-private-libraries
ldb-no-replace.diff
fix-nfs-service-name-to-nfs-kernel-server.patch
ctdb-config-enable-syslog-by-default.patch
-use-bzero-instead-of-memset_s.diff
+use-explicit_bzero-to-zero-memory.diff
ctdb_etcd_lock-path.patch
ctdb-create-piddir.patch
silence-waf-uselib_local.diff
@@ -20,7 +20,9 @@ move-msg.sock-from-var-lib-samba-to-run-samba.patch
meaningful-error-if-no-samba-ad-provision.patch
meaningful-error-if-no-python3-markdown.patch
ctdb-use-run-instead-of-var-run.patch
-#revert-ldb-use-hexchars_upper-from-replace.h.patch
replace-xpg-strerror.patch
add-support-for-bind-9.20.patch
libmscat-deps.patch
+heimdal-kdc-fix-memset_s-calls-1296.patch
+inline-getprogname.diff
+inline-openat2.diff
=====================================
debian/patches/use-bzero-instead-of-memset_s.diff deleted
=====================================
@@ -1,24 +0,0 @@
-Subject: use bzero() instead of memset_s()
-
-lib/replace/replace.h header defines ZERO_STRUCT macro
-which uses memset_s() function (which is similar to
-memset() but can not be optimized out by the compiler).
-Glibc has bzero() with similar property, while memset_s()
-have is implemented in lib/replace/replace.c, - this way,
-some binaries needlessly link with libreplace-samba4 just
-to get rep_memset_s() symbol. By using bzero() instead,
-this endless linkage is eliminated, so we can package,
-for example, libldb (which uses ZERO_STRUCT) without it
-linking to libreplace-samba4.
-
-Note: actually using explicit_bzero() so it is not optimized
-out by the compiler - this is the original goal of using
-memset_s().
-
-diff --git a/lib/replace/replace.h b/lib/replace/replace.h
-index 8609d84322c..28db8d425a3 100644
---- a/lib/replace/replace.h
-+++ b/lib/replace/replace.h
-@@ -822 +822 @@
--#define ZERO_STRUCT(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x))
-+#define ZERO_STRUCT(x) explicit_bzero((char *)&(x), sizeof(x))
=====================================
debian/patches/use-explicit_bzero-to-zero-memory.diff
=====================================
@@ -0,0 +1,25 @@
+Subject: use explicit_bzero() to zero memory
+
+Samba uses memset_s() to zero-fill unused sensitive memory
+areas. This interface is difficult to use right, and is not
+implemented in glibc due to this. So many parts of samba
+link to libreplace to get rep_memset_s(). But glibc provides
+explicit_bzero(), so there's no need for this linkage.
+
+Unfortunately there are just insane amount of similar
+but non-standard functions, and upstream don't want
+to stay on something simple and robust in this context.
+
+diff --git a/lib/replace/replace.h b/lib/replace/replace.h
+index 4923e1f301d..f4754499da5 100644
+--- a/lib/replace/replace.h
++++ b/lib/replace/replace.h
+@@ -993,3 +993,7 @@ void rep_setproctitle_init(int argc, char *argv[], char *envp[]);
+ #ifndef HAVE_MEMSET_S
+-#define memset_s rep_memset_s
++#define HAVE_MEMSET_S
++#include <assert.h>
++#define memset_s(ptr, size, ch, len) \
++ do { static_assert((ch)==0, "memset_s is called with ch!=0"); \
++ explicit_bzero((ptr), (len)); } while (0)
+ int rep_memset_s(void *dest, size_t destsz, int ch, size_t count);
=====================================
debian/python3-samba.lintian-overrides
=====================================
@@ -1,3 +1 @@
-# False positives, see #896012
-python3-samba: library-not-linked-against-libc *
python3-samba: shared-library-lacks-prerequisites */samba/*.cpython*.so*
=====================================
debian/python3-talloc.lintian-overrides
=====================================
@@ -1,4 +1,2 @@
python3-talloc: package-name-doesnt-match-sonames libpytalloc-util.cpython-*
-# False positives, see #896012
-python3-talloc: library-not-linked-against-libc [usr/lib/*/libpytalloc-util.cpython-*.so.*]
python3-talloc: no-symbols-control-file usr/lib/*/libpytalloc-util.cpython-*.so.*
=====================================
debian/rules
=====================================
@@ -413,7 +413,7 @@ endif
$(call depcheck, samba-libs, samba|winbind|smbclient|ctdb)
$(call depcheck, smbclient, samba|winbind|ctdb)
$(call depcheck, ctdb, samba|winbind|smbclient)
- $(call depcheck, libldb2, samba|samba-libs|winbind|libwbclient0) # use-bzero-instead-of-memset_s.diff
+ $(call depcheck, libldb2, samba|samba-libs|winbind|libwbclient0)
$(call depcheck, python3-ldb, samba-libs|python3-samba)
$(call depcheck, python3-samba, samba|winbind|ctdb)
$(call depcheck, libwbclient0, samba|samba-libs|winbind|smbclient|ctdb)
=====================================
debian/samba-libs.lintian-overrides
=====================================
@@ -4,8 +4,6 @@
samba-libs: package-name-doesnt-match-sonames *
# Embedded Heimdal is patched
samba-libs: embedded-library *heimdal*
-# False positives, see #896012
-samba-libs: library-not-linked-against-libc *
samba-libs: shared-library-lacks-prerequisites */libdcerpc-samr.so.*
# unofficial APIs
samba-libs: shared-library-symbols-not-tracked *
=====================================
debian/samba.lintian-overrides
=====================================
@@ -1,5 +1,3 @@
-# False positives, see #896012
-samba: library-not-linked-against-libc *
# manpages describing vfs modules (they're named vfs_foo while the module is vfs/foo.so):
samba: spare-manual-page */man/man8/vfs_*
samba: hardening-no-fortify-functions */samba/vfs/expand_msdfs.so*
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/f934dee644ac8573453eba2c06fd9376dd66f3e8...eb3f0bd41c55cc1830c35bf8c9fe327510fd808d
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/f934dee644ac8573453eba2c06fd9376dd66f3e8...eb3f0bd41c55cc1830c35bf8c9fe327510fd808d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20260121/8e591b0b/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list