From 227f956a0e8942531766164890e42c56b01dc691 Mon Sep 17 00:00:00 2001 From: Liwei Ge Date: Tue, 17 Nov 2020 02:26:29 -0500 Subject: [PATCH 1/2] [build][gcc10] use correct backendType gcc report a build issue: ../../../src/internal.h:75:22: error: 'strcmp' of a string of length 21 and an array of size 21 evaluates to nonzero [-Werror=string-compare] ../../../src/qemu/qemu_command.c:3525:20: note: in expansion of macro 'STREQ' 3525 | } else if (STREQ(backendType, "memory-backend-memory") && | ^~~~~ The backend name is memory-backend-memfd but we've been checking for memory-backend-memory. reference: upstream commit 8400b6c1983dd1e4504fe19d3421fff0e5866091 Signed-off-by: Liwei Ge Signed-off-by: weitao zhou --- ...dType-when-checking-memfd-capability.patch | 38 +++++++++++++++++++ libvirt.spec | 8 +++- 2 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 1001-use-correct-backendType-when-checking-memfd-capability.patch diff --git a/1001-use-correct-backendType-when-checking-memfd-capability.patch b/1001-use-correct-backendType-when-checking-memfd-capability.patch new file mode 100644 index 0000000..ecc497a --- /dev/null +++ b/1001-use-correct-backendType-when-checking-memfd-capability.patch @@ -0,0 +1,38 @@ +From 8400b6c1983dd1e4504fe19d3421fff0e5866091 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=A1n=20Tomko?= +Date: Mon, 24 Feb 2020 13:32:30 +0100 +Subject: [PATCH] qemu: use correct backendType when checking memfd capability +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The backend name is memory-backend-memfd but we've been checking +for memory-backend-memory. + +Reported by GCC on rawhide: +../../../src/internal.h:75:22: error: 'strcmp' of a string of length 21 and +an array of size 21 evaluates to nonzero [-Werror=string-compare] +../../../src/qemu/qemu_command.c:3525:20: note: in expansion of macro 'STREQ' + 3525 | } else if (STREQ(backendType, "memory-backend-memory") && + | ^~~~~ + +Signed-off-by: Ján Tomko +Fixes: 24b74d187cab48a9dc9f409ea78900154c709579 +Reviewed-by: Daniel P. Berrangé +--- + src/qemu/qemu_command.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c +index f69a9e651c..6d5b53d30a 100644 +--- a/src/qemu/qemu_command.c ++++ b/src/qemu/qemu_command.c +@@ -3522,7 +3522,7 @@ qemuBuildMemoryBackendProps(virJSONValuePtr *backendProps, + _("this qemu doesn't support the " + "memory-backend-ram object")); + return -1; +- } else if (STREQ(backendType, "memory-backend-memory") && ++ } else if (STREQ(backendType, "memory-backend-memfd") && + !virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_MEMORY_MEMFD)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("this qemu doesn't support the " diff --git a/libvirt.spec b/libvirt.spec index 5eb9cd0..e65b608 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -1,5 +1,5 @@ # -*- rpm-spec -*- -%define anolis_release .0.1 +%define anolis_release .0.2 # This spec file assumes you are building on a Fedora or RHEL version # that's still supported by the vendor. It may work on other distros # or versions, but no effort will be made to ensure that going forward. @@ -773,7 +773,10 @@ Patch541: libvirt-conf-remove-duplicated-firmware-type-attribute.patch Patch542: libvirt-security-fix-SELinux-label-generation-logic.patch Patch543: libvirt-storage_driver-Unlock-object-on-ACL-fail-in-storagePoolLookupByTargetPath.patch +# Begin: Anolis customized patches Patch1000: 1000-Do-not-remove-temp-dtrace-probe-files.patch +Patch1001: 1001-use-correct-backendType-when-checking-memfd-capability.patch +# End: Anolis customized patches Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -2550,6 +2553,9 @@ exit 0 %changelog +* Thu Jan 20 2022 Weitao Zhou 6.0.0-37.0.2 +- Use correct backendType when checking memfd capability + * Fri Dec 17 2021 Liwei Ge - 6.0.0-37.0.1 - Do not remove dtrace temp files -- Gitee From 45eabc809efc410bc949bca85a02a424193fdb8e Mon Sep 17 00:00:00 2001 From: Liwei Ge Date: Tue, 17 Nov 2020 02:33:54 -0500 Subject: [PATCH 2/2] Fix use after free of var file this change has given better compatible with both gcc8 and gcc10 toolchain, should be maintained util upstream fixes gcc report a compile issue: In file included from ../../src/conf/virnetworkobj.c:30: In function 'virNetworkObjLoadAllPorts', inlined from 'virNetworkObjLoadAllState' at ../../src/conf/virnetworkobj.c:1098:13: ../../src/util/virlog.h:107:5: error: '%s' directive argument is null [-Werror=format-overflow=] 107 | virLogMessage(src, VIR_LOG_WARN, filename, linenr, funcname, NULL, __VA_ARGS__) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ../../src/util/virlog.h:116:5: note: in expansion of macro 'VIR_WARN_INT' 116 | VIR_WARN_INT(&virLogSelf, __FILE__, __LINE__, __func__, __VA_ARGS__) | ^~~~~~~~~~~~ ../../src/conf/virnetworkobj.c:1901:13: note: in expansion of macro 'VIR_WARN' 1901 | VIR_WARN("Cannot parse port %s", file); this is caused by use var file after pass NULL to it. reference: upstream commit 679fcfe96923231d065d3e98e0251f1c3282a971 Signed-off-by: Liwei Ge Signed-off-by: weitao zhou --- 1002-fix-use-after-free.patch | 37 +++++++++++++++++++++++++++++++++++ libvirt.spec | 2 ++ 2 files changed, 39 insertions(+) create mode 100644 1002-fix-use-after-free.patch diff --git a/1002-fix-use-after-free.patch b/1002-fix-use-after-free.patch new file mode 100644 index 0000000..dbaf3b7 --- /dev/null +++ b/1002-fix-use-after-free.patch @@ -0,0 +1,37 @@ +From 679fcfe96923231d065d3e98e0251f1c3282a971 Mon Sep 17 00:00:00 2001 +From: Ryan Moeller +Date: Mon, 24 Feb 2020 01:46:14 -0500 +Subject: [PATCH] conf: fix use after free +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Reviewed-by: Daniel P. Berrangé +Signed-off-by: Ryan Moeller +--- + src/conf/virnetworkobj.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/src/conf/virnetworkobj.c b/src/conf/virnetworkobj.c +index 299cdba52d..b2affaacd3 100644 +--- a/src/conf/virnetworkobj.c ++++ b/src/conf/virnetworkobj.c +@@ -1886,7 +1886,7 @@ virNetworkObjLoadAllPorts(virNetworkObjPtr net, + } + + while ((rc = virDirRead(dh, &de, dir)) > 0) { +- char *file = NULL; ++ g_autofree char *file = NULL; + + if (!virStringStripSuffix(de->d_name, ".xml")) + continue; +@@ -1894,9 +1894,6 @@ virNetworkObjLoadAllPorts(virNetworkObjPtr net, + file = g_strdup_printf("%s/%s.xml", dir, de->d_name); + + portdef = virNetworkPortDefParseFile(file); +- VIR_FREE(file); +- file = NULL; +- + if (!portdef) { + VIR_WARN("Cannot parse port %s", file); + continue; diff --git a/libvirt.spec b/libvirt.spec index e65b608..5c7f9da 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -776,6 +776,7 @@ Patch543: libvirt-storage_driver-Unlock-object-on-ACL-fail-in-storagePoolLookupB # Begin: Anolis customized patches Patch1000: 1000-Do-not-remove-temp-dtrace-probe-files.patch Patch1001: 1001-use-correct-backendType-when-checking-memfd-capability.patch +Patch1002: 1002-fix-use-after-free.patch # End: Anolis customized patches Requires: libvirt-daemon = %{version}-%{release} @@ -2555,6 +2556,7 @@ exit 0 %changelog * Thu Jan 20 2022 Weitao Zhou 6.0.0-37.0.2 - Use correct backendType when checking memfd capability +- Fix use after free of var file * Fri Dec 17 2021 Liwei Ge - 6.0.0-37.0.1 - Do not remove dtrace temp files -- Gitee