Accepting request 878655 from home:jfehlig:branches:Virtualization

- virtlockd, virtlogd: Fix exec-restart
  6b8e9613-avoid-use-after-free.patch,
  eab7ae6b-fix-array-access.patch,
  c363f03e-virnetdaemon-intro-virNetDaemonQuitExecRestart.patch,
  ccc6dd8f-fix-exec-restart.patch
  bsc#1183411

OBS-URL: https://build.opensuse.org/request/show/878655
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=883

6b8e9613-avoid-use-after-free.patch

@@ -0,0 +1,27 @@
+commit 6b8e961399549c5c8fdf06875e5981c564829ad6
+Author: Peter Krempa <pkrempa@redhat.com>
+Date:   Fri Mar 12 10:12:51 2021 +0100
+
+    virLockSpacePreExecRestart: Avoid use-after-free
+    
+    Recent refactor marked 'object' which is returned from the function as
+    autofree but forgot to use g_steal_pointer in the return statement to
+    prevent freeing it.
+    
+    Fixes: 9a1651f64d7
+    Signed-off-by: Peter Krempa <pkrempa@redhat.com>
+    Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
+
+Index: libvirt-7.1.0/src/util/virlockspace.c
+===================================================================
+--- libvirt-7.1.0.orig/src/util/virlockspace.c
++++ libvirt-7.1.0/src/util/virlockspace.c
+@@ -472,7 +472,7 @@ virJSONValuePtr virLockSpacePreExecResta
+         goto error;
+ 
+     virMutexUnlock(&lockspace->lock);
+-    return object;
++    return g_steal_pointer(&object);
+ 
+  error:
+     virMutexUnlock(&lockspace->lock);

c363f03e-virnetdaemon-intro-virNetDaemonQuitExecRestart.patch

@@ -0,0 +1,85 @@
+commit c363f03e6d0298416179c7f7b24f00da9d85a14f
+Author: Peter Krempa <pkrempa@redhat.com>
+Date:   Wed Mar 10 17:01:23 2021 +0100
+
+    virnetdaemon: Introduce virNetDaemonQuitExecRestart
+    
+    Recent changes which meant to fix daemon shutdown broke the exec-restart
+    capability of virtlogd and virtlockd, since the code actually closed all
+    the sockets and shut down all the internals.
+    
+    Add virNetDaemonQuitExecRestart, which requests a shutdown of the
+    process, but keeps all the services open and registered since they are
+    preserved across the restart.
+    
+    Signed-off-by: Peter Krempa <pkrempa@redhat.com>
+    Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
+
+Index: libvirt-7.1.0/src/libvirt_remote.syms
+===================================================================
+--- libvirt-7.1.0.orig/src/libvirt_remote.syms
++++ libvirt-7.1.0/src/libvirt_remote.syms
+@@ -85,6 +85,7 @@ virNetDaemonNew;
+ virNetDaemonNewPostExecRestart;
+ virNetDaemonPreExecRestart;
+ virNetDaemonQuit;
++virNetDaemonQuitExecRestart;
+ virNetDaemonRemoveShutdownInhibition;
+ virNetDaemonRun;
+ virNetDaemonSetShutdownCallbacks;
+Index: libvirt-7.1.0/src/rpc/virnetdaemon.c
+===================================================================
+--- libvirt-7.1.0.orig/src/rpc/virnetdaemon.c
++++ libvirt-7.1.0/src/rpc/virnetdaemon.c
+@@ -76,6 +76,7 @@ struct _virNetDaemon {
+     bool quit;
+     bool finished;
+     bool graceful;
++    bool execRestart;
+ 
+     unsigned int autoShutdownTimeout;
+     size_t autoShutdownInhibitions;
+@@ -857,6 +858,10 @@ virNetDaemonRun(virNetDaemonPtr dmn)
+ 
+         virHashForEach(dmn->servers, daemonServerProcessClients, NULL);
+ 
++        /* don't shutdown services when performing an exec-restart */
++        if (dmn->quit && dmn->execRestart)
++            goto cleanup;
++
+         if (dmn->quit && dmn->finishTimer == -1) {
+             virHashForEach(dmn->servers, daemonServerClose, NULL);
+             if (dmn->shutdownPrepareCb && dmn->shutdownPrepareCb() < 0)
+@@ -912,6 +917,20 @@ virNetDaemonQuit(virNetDaemonPtr dmn)
+     virObjectUnlock(dmn);
+ }
+ 
++
++void
++virNetDaemonQuitExecRestart(virNetDaemon *dmn)
++{
++    virObjectLock(dmn);
++
++    VIR_DEBUG("Exec-restart requested %p", dmn);
++    dmn->quit = true;
++    dmn->execRestart = true;
++
++    virObjectUnlock(dmn);
++}
++
++
+ static int
+ daemonServerClose(void *payload,
+                   const char *key G_GNUC_UNUSED,
+Index: libvirt-7.1.0/src/rpc/virnetdaemon.h
+===================================================================
+--- libvirt-7.1.0.orig/src/rpc/virnetdaemon.h
++++ libvirt-7.1.0/src/rpc/virnetdaemon.h
+@@ -75,6 +75,7 @@ void virNetDaemonSetStateStopWorkerThrea
+ void virNetDaemonRun(virNetDaemonPtr dmn);
+ 
+ void virNetDaemonQuit(virNetDaemonPtr dmn);
++void virNetDaemonQuitExecRestart(virNetDaemon *dmn);
+ 
+ bool virNetDaemonHasClients(virNetDaemonPtr dmn);
+ 

ccc6dd8f-fix-exec-restart.patch

@@ -0,0 +1,41 @@
+commit ccc6dd8f11f32f9387fd05de4ad98d61d4e88b69
+Author: Peter Krempa <pkrempa@redhat.com>
+Date:   Wed Mar 10 17:14:18 2021 +0100
+
+    virtlo(g|ck)d: Fix exec-restart
+    
+    Commit 94e45d1042e broke exec-restart of virtlogd and virtlockd as the
+    code waiting for the daemon shutdown closed the daemons before
+    exec-restarting.
+    
+    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1912243
+    Fixes: 94e45d1042e
+    Signed-off-by: Peter Krempa <pkrempa@redhat.com>
+    Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
+
+Index: libvirt-7.1.0/src/locking/lock_daemon.c
+===================================================================
+--- libvirt-7.1.0.orig/src/locking/lock_daemon.c
++++ libvirt-7.1.0/src/locking/lock_daemon.c
+@@ -336,7 +336,7 @@ virLockDaemonExecRestartHandler(virNetDa
+                                 void *opaque G_GNUC_UNUSED)
+ {
+     execRestart = true;
+-    virNetDaemonQuit(dmn);
++    virNetDaemonQuitExecRestart(dmn);
+ }
+ 
+ static int
+Index: libvirt-7.1.0/src/logging/log_daemon.c
+===================================================================
+--- libvirt-7.1.0.orig/src/logging/log_daemon.c
++++ libvirt-7.1.0/src/logging/log_daemon.c
+@@ -283,7 +283,7 @@ virLogDaemonExecRestartHandler(virNetDae
+                                void *opaque G_GNUC_UNUSED)
+ {
+     execRestart = true;
+-    virNetDaemonQuit(dmn);
++    virNetDaemonQuitExecRestart(dmn);
+ }
+ 
+ static int

eab7ae6b-fix-array-access.patch

@@ -0,0 +1,40 @@
+commit eab7ae6bfe13503ea705e70e32edaa60357cbaa1
+Author: Peter Krempa <pkrempa@redhat.com>
+Date:   Fri Mar 12 10:16:11 2021 +0100
+
+    virLockSpaceNewPostExecRestart: Fix out-of-bounds array access
+    
+    'res->owners' is allocated to 'res->nOwners' elements, but unfortunately
+    'res->nOwners' doesn't contain the proper value until after the
+    allocation so 0 elements are allocated. The following loop which assumes
+    that the array has the right number of elements then accesses the
+    pointer out of bounds. The bug was also faithfully converted from
+    VIR_ALLOC_N to g_new0.
+    
+    Fixes: 4a3d6ed5ee0
+    Signed-off-by: Peter Krempa <pkrempa@redhat.com>
+    Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
+
+Index: libvirt-7.1.0/src/util/virlockspace.c
+===================================================================
+--- libvirt-7.1.0.orig/src/util/virlockspace.c
++++ libvirt-7.1.0/src/util/virlockspace.c
+@@ -324,7 +324,6 @@ virLockSpacePtr virLockSpaceNewPostExecR
+         const char *tmp;
+         virJSONValuePtr owners;
+         size_t j;
+-        size_t m;
+ 
+         res = g_new0(virLockSpaceResource, 1);
+         res->fd = -1;
+@@ -384,9 +383,8 @@ virLockSpacePtr virLockSpaceNewPostExecR
+             goto error;
+         }
+ 
+-        m = virJSONValueArraySize(owners);
++        res->nOwners = virJSONValueArraySize(owners);
+         res->owners = g_new0(pid_t, res->nOwners);
+-        res->nOwners = m;
+ 
+         for (j = 0; j < res->nOwners; j++) {
+             unsigned long long int owner;

libvirt.changes

@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Fri Mar 12 21:11:17 UTC 2021 - James Fehlig <jfehlig@suse.com>
+
+- virtlockd, virtlogd: Fix exec-restart
+  6b8e9613-avoid-use-after-free.patch,
+  eab7ae6b-fix-array-access.patch,
+  c363f03e-virnetdaemon-intro-virNetDaemonQuitExecRestart.patch,
+  ccc6dd8f-fix-exec-restart.patch
+  bsc#1183411
+
 -------------------------------------------------------------------
 Wed Mar 10 18:37:38 UTC 2021 - James Fehlig <jfehlig@suse.com>
 

libvirt.spec

@@ -292,6 +292,10 @@ Source99:       baselibs.conf
 Source100:      %{name}-rpmlintrc
 # Upstream patches
 Patch0:         ee3dc2c2-libxl-default-pcistub-name.patch
+Patch1:         6b8e9613-avoid-use-after-free.patch
+Patch2:         eab7ae6b-fix-array-access.patch
+Patch3:         c363f03e-virnetdaemon-intro-virNetDaemonQuitExecRestart.patch
+Patch4:         ccc6dd8f-fix-exec-restart.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch