This commit is from upstream and is included in the llvm-15 release

commit b379129c4beb3f26223288627a1291739f33af02
Author: Fangrui Song <i@maskray.me>
Date:   Mon Jul 11 11:38:28 2022 -0700

    [sanitizer] Remove #include <linux/fs.h> to resolve fsconfig_command/mount_attr conflict with glibc 2.36
    
    It is generally not a good idea to mix usage of glibc headers and Linux UAPI
    headers (https://sourceware.org/glibc/wiki/Synchronizing_Headers). In glibc
    since 7eae6a91e9b1670330c9f15730082c91c0b1d570 (milestone: 2.36), sys/mount.h
    defines `fsconfig_command` which conflicts with linux/mount.h:
    
        .../usr/include/linux/mount.h:95:6: error: redeclaration of ‘enum fsconfig_command’
    
    Remove #include <linux/fs.h> which pulls in linux/mount.h. Expand its 4 macros manually.
    
    Fix https://github.com/llvm/llvm-project/issues/56421
    
    Reviewed By: #sanitizers, vitalybuka, zatrazz
    
    Differential Revision: https://reviews.llvm.org/D129471

diff --git a/lib/sanitizer_common/sanitizer_platform_limits_posix.cpp b/lib/sanitizer_common/sanitizer_platform_limits_posix.cpp
index 4bd425435d56..81740bf4ab39 100644
--- a/lib/sanitizer_common/sanitizer_platform_limits_posix.cpp
+++ b/lib/sanitizer_common/sanitizer_platform_limits_posix.cpp
@@ -73,7 +73,6 @@
 #include <sys/vt.h>
 #include <linux/cdrom.h>
 #include <linux/fd.h>
-#include <linux/fs.h>
 #include <linux/hdreg.h>
 #include <linux/input.h>
 #include <linux/ioctl.h>
@@ -876,10 +875,10 @@ unsigned struct_ElfW_Phdr_sz = sizeof(Elf_Phdr);
   unsigned IOCTL_EVIOCGPROP = IOCTL_NOT_PRESENT;
   unsigned IOCTL_EVIOCSKEYCODE_V2 = IOCTL_NOT_PRESENT;
 #endif
-  unsigned IOCTL_FS_IOC_GETFLAGS = FS_IOC_GETFLAGS;
-  unsigned IOCTL_FS_IOC_GETVERSION = FS_IOC_GETVERSION;
-  unsigned IOCTL_FS_IOC_SETFLAGS = FS_IOC_SETFLAGS;
-  unsigned IOCTL_FS_IOC_SETVERSION = FS_IOC_SETVERSION;
+  unsigned IOCTL_FS_IOC_GETFLAGS = _IOR('f', 1, long);
+  unsigned IOCTL_FS_IOC_GETVERSION = _IOR('v', 1, long);
+  unsigned IOCTL_FS_IOC_SETFLAGS = _IOW('f', 2, long);
+  unsigned IOCTL_FS_IOC_SETVERSION = _IOW('v', 2, long);
   unsigned IOCTL_GIO_CMAP = GIO_CMAP;
   unsigned IOCTL_GIO_FONT = GIO_FONT;
   unsigned IOCTL_GIO_UNIMAP = GIO_UNIMAP;
a>/<a href='/guix/log/gnu?id=5cad6f721b8884b612178896f06cd69d5839402c&amp;showmsg=1'>gnu</a>/<a href='/guix/log/gnu/packages?id=5cad6f721b8884b612178896f06cd69d5839402c&amp;showmsg=1'>packages</a>/<a href='/guix/log/gnu/packages/crates-io.scm?id=5cad6f721b8884b612178896f06cd69d5839402c&amp;showmsg=1'>crates-io.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/crates-io.scm?id=5cad6f721b8884b612178896f06cd69d5839402c'>Collapse</a>)</th><th class='left'>Author</th></tr>
ad of
throwing upon short write.

Reported-by: Ricardo Wurmus &lt;rekado@elephly.net&gt;
Change-Id: Id7b8a65ea59006c2d91bc23732309a68665b9ca0
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2024-03-12 14:07:28 +0100'>2024-03-12</span></td><td><a href='/guix/commit/nix/libutil?id=ff1251de0bc327ec478fc66a562430fbf35aef42'>daemon: Address shortcoming in previous security fix for CVE-2024-27297.</a><span class='msg-avail'>...<span class='msg-tooltip'>This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143.

Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two
ways: (1) it didn’t have any effet for fixed-output derivations
performed in a chroot, which is the case for all of them except those
using “builtin:download” and “builtin:git-download”, and (2) it did not
preserve ownership when copying, leading to “suspicious ownership or
permission […] rejecting this build output” errors.

* nix/libstore/build.cc (DerivationGoal::buildDone): Account for
‘chrootRootDir’ when copying ‘drv.outputs’.
* nix/libutil/util.cc (copyFileRecursively): Add ‘fchown’ and ‘fchownat’
calls to preserve file ownership; this is necessary for chrooted
fixed-output derivation builds.
* nix/libutil/util.hh: Update comment.

Change-Id: Ib59f040e98fed59d1af81d724b874b592cbef156
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2024-03-11 22:12:34 +0100'>2024-03-11</span></td><td><a href='/guix/commit/nix/libutil?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143'>daemon: Protect against FD escape when building fixed-output derivations (CVE...</a><span class='msg-avail'>...<span class='msg-tooltip'>This fixes a security issue (CVE-2024-27297) whereby a fixed-output
derivation build process could open a writable file descriptor to its
output, send it to some outside process for instance over an abstract
AF_UNIX socket, which would then allow said process to modify the file
in the store after it has been marked as “valid”.

Vulnerability discovered by puck &lt;https://github.com/puckipedia&gt;.

Nix security advisory:
https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37

Nix fix:
https://github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9

* nix/libutil/util.cc (readDirectory): Add variants that take a DIR* and
a file descriptor.  Rewrite the ‘Path’ variant accordingly.
(copyFile, copyFileRecursively): New functions.
* nix/libutil/util.hh (copyFileRecursively): New declaration.
* nix/libstore/build.cc (DerivationGoal::buildDone): When ‘fixedOutput’
is true, call ‘copyFileRecursively’ followed by ‘rename’ on each output.

Change-Id: I7952d41093eed26e123e38c14a4c1424be1ce1c4

Reported-by: Picnoir &lt;picnoir@alternativebit.fr&gt;, Théophane Hufschmitt &lt;theophane.hufschmitt@tweag.io&gt;
Change-Id: Idb5f2757f35af86b032a9851cecb19b70227bd88
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2023-01-09 17:40:54 +0100'>2023-01-09</span></td><td><a href='/guix/commit/nix/libutil?id=407175a1d0e29f45639e7f28a531b3981cd20085'>daemon: Improve error message for wrong hash sizes.</a><span class='msg-avail'>...<span class='msg-tooltip'>* nix/libutil/hash.cc (parseHash): Show the hash algorithm name and
expected size in the error message.
* tests/derivations.scm ("fixed-output derivation, invalid hash size"):
New test.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-12-18 01:16:47 +0100'>2022-12-18</span></td><td><a href='/guix/commit/nix/libutil?id=2d4d26769d6a3be1b21302b0bb2bd099fd55ccf8'>daemon: Make "opening file" error messages distinguishable.</a><span class='msg-avail'>...<span class='msg-tooltip'>* nix/libstore/build.cc (DerivationGoal::openLogFile): Customize
"opening file" error message.
* nix/libutil/hash.cc (hashFile): Likewise.
* nix/libutil/util.cc (readFile, writeFile): Likewise.
</span></span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Collapse)	Author
Ludovic Courtès
2024-03-12	daemon: Address shortcoming in previous security fix for CVE-2024-27297....This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143. Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two ways: (1) it didn’t have any effet for fixed-output derivations performed in a chroot, which is the case for all of them except those using “builtin:download” and “builtin:git-download”, and (2) it did not preserve ownership when copying, leading to “suspicious ownership or permission […] rejecting this build output” errors. * nix/libstore/build.cc (DerivationGoal::buildDone): Account for ‘chrootRootDir’ when copying ‘drv.outputs’. * nix/libutil/util.cc (copyFileRecursively): Add ‘fchown’ and ‘fchownat’ calls to preserve file ownership; this is necessary for chrooted fixed-output derivation builds. * nix/libutil/util.hh: Update comment. Change-Id: Ib59f040e98fed59d1af81d724b874b592cbef156	Ludovic Courtès
2024-03-11	daemon: Protect against FD escape when building fixed-output derivations (CVE......This fixes a security issue (CVE-2024-27297) whereby a fixed-output derivation build process could open a writable file descriptor to its output, send it to some outside process for instance over an abstract AF_UNIX socket, which would then allow said process to modify the file in the store after it has been marked as “valid”. Vulnerability discovered by puck <https://github.com/puckipedia>. Nix security advisory: https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37 Nix fix: https://github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9 * nix/libutil/util.cc (readDirectory): Add variants that take a DIR* and a file descriptor. Rewrite the ‘Path’ variant accordingly. (copyFile, copyFileRecursively): New functions. * nix/libutil/util.hh (copyFileRecursively): New declaration. * nix/libstore/build.cc (DerivationGoal::buildDone): When ‘fixedOutput’ is true, call ‘copyFileRecursively’ followed by ‘rename’ on each output. Change-Id: I7952d41093eed26e123e38c14a4c1424be1ce1c4 Reported-by: Picnoir <picnoir@alternativebit.fr>, Théophane Hufschmitt <theophane.hufschmitt@tweag.io> Change-Id: Idb5f2757f35af86b032a9851cecb19b70227bd88	Ludovic Courtès
2023-01-09	daemon: Improve error message for wrong hash sizes....* nix/libutil/hash.cc (parseHash): Show the hash algorithm name and expected size in the error message. * tests/derivations.scm ("fixed-output derivation, invalid hash size"): New test.	Ludovic Courtès
2022-12-18	daemon: Make "opening file" error messages distinguishable....* nix/libstore/build.cc (DerivationGoal::openLogFile): Customize "opening file" error message. * nix/libutil/hash.cc (hashFile): Likewise. * nix/libutil/util.cc (readFile, writeFile): Likewise.	Ludovic Courtès