From fb144c5745ffa98a8460b388a2d7ee65776b0f9e Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Sep 29 2020 06:55:24 +0000 Subject: import fence-virt-0.3.2-16.el7 --- diff --git a/SOURCES/bz1766995-fence_virtd-1-fix-segfault-no-domains.patch b/SOURCES/bz1766995-fence_virtd-1-fix-segfault-no-domains.patch new file mode 100644 index 0000000..a746ba4 --- /dev/null +++ b/SOURCES/bz1766995-fence_virtd-1-fix-segfault-no-domains.patch @@ -0,0 +1,29 @@ +From 36367a99eb803a7941f6cbfd6086e7a71bf91e21 Mon Sep 17 00:00:00 2001 +From: Andrew Price +Date: Tue, 29 Oct 2019 11:27:06 +0000 +Subject: [PATCH] fence_virtd: Fix segfault in vl_get when no domains are found + +If virConnectListAllDomains() returns 0 on every iteration, the loop +will end with a vl == NULL and the pointer dereference in the qsort() +call will result in a segfault. Check for NULL on completion of the loop +to guard against that. + +Signed-off-by: Andrew Price +--- + server/virt.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/server/virt.c b/server/virt.c +index 9710791..ed08e0c 100644 +--- a/server/virt.c ++++ b/server/virt.c +@@ -128,6 +128,9 @@ virt_list_t *vl_get(virConnectPtr *vp, int vp_count, int my_id) + + _free_dom_list(dom_list, ret); + } ++ /* No domains found */ ++ if (!vl) ++ return NULL; + + /* We have all the locally running domains & states now */ + /* Sort */ diff --git a/SOURCES/bz1766995-fence_virtd-2-fix-select-logic.patch b/SOURCES/bz1766995-fence_virtd-2-fix-select-logic.patch new file mode 100644 index 0000000..12da16c --- /dev/null +++ b/SOURCES/bz1766995-fence_virtd-2-fix-select-logic.patch @@ -0,0 +1,87 @@ +From 2c909b78d8226d4d76f53df1091af40ec5fc54a1 Mon Sep 17 00:00:00 2001 +From: Ryan McCabe +Date: Thu, 25 May 2017 13:34:05 -0400 +Subject: [PATCH] fence_virtd: Fix select logic in listener plugins + +Don't fail causing the daemon to exit when select() fails with errors +that indicate we should retry. + +Signed-off-by: Ryan McCabe +--- + common/fdops.c | 8 +++++--- + server/mcast.c | 10 ++-------- + server/serial.c | 4 +--- + server/tcp.c | 2 +- + 4 files changed, 9 insertions(+), 15 deletions(-) + +diff --git a/common/fdops.c b/common/fdops.c +index bff8bec..3d89ba1 100644 +--- a/common/fdops.c ++++ b/common/fdops.c +@@ -41,9 +41,11 @@ _select_retry(int fdmax, fd_set * rfds, fd_set * wfds, fd_set * xfds, + + while (1) { + rv = select(fdmax, rfds, wfds, xfds, timeout); +- if ((rv == -1) && (errno == EINTR)) +- /* return on EBADF/EINVAL/ENOMEM; continue on EINTR */ +- continue; ++ if (rv == -1) { ++ /* return on EBADF/EINVAL/ENOMEM; continue on EINTR/EAGAIN/ENOMEM */ ++ if (errno == EINTR || errno == EAGAIN || errno == ENOMEM) ++ continue; ++ } + return rv; + } + } +diff --git a/server/mcast.c b/server/mcast.c +index f6181aa..8f58fa6 100644 +--- a/server/mcast.c ++++ b/server/mcast.c +@@ -350,16 +350,10 @@ mcast_dispatch(listener_context_t c, struct timeval *timeout) + FD_ZERO(&rfds); + FD_SET(info->mc_sock, &rfds); + +- n = select((info->mc_sock)+1, &rfds, NULL, NULL, timeout); +- if (n < 0) ++ n = _select_retry((info->mc_sock)+1, &rfds, NULL, NULL, timeout); ++ if (n <= 0) + return n; + +- /* +- * If no requests, we're done +- */ +- if (n == 0) +- return 0; +- + slen = sizeof(sin); + len = recvfrom(info->mc_sock, &data, sizeof(data), 0, + (struct sockaddr *)&sin, &slen); +diff --git a/server/serial.c b/server/serial.c +index 558292a..70eb22b 100644 +--- a/server/serial.c ++++ b/server/serial.c +@@ -272,10 +272,8 @@ serial_dispatch(listener_context_t c, struct timeval *timeout) + if (info->wake_fd > max) + max = info->wake_fd; + +- n = select(max+1, &rfds, NULL, NULL, timeout); ++ n = _select_retry(max+1, &rfds, NULL, NULL, timeout); + if (n < 0) { +- if (errno == ETIMEDOUT || errno == EINTR || errno == EAGAIN) +- return 0; + dbg_printf(2, "select: %s\n", strerror(errno)); + return n; + } +diff --git a/server/tcp.c b/server/tcp.c +index fc9caca..0002e8f 100644 +--- a/server/tcp.c ++++ b/server/tcp.c +@@ -276,7 +276,7 @@ tcp_dispatch(listener_context_t c, struct timeval *timeout) + FD_ZERO(&rfds); + FD_SET(info->listen_sock, &rfds); + +- n = select(info->listen_sock + 1, &rfds, NULL, NULL, timeout); ++ n = _select_retry(info->listen_sock + 1, &rfds, NULL, NULL, timeout); + if (n <= 0) + return n; + diff --git a/SOURCES/bz1766995-fence_virtd-3-return-mainloop-on-interrupt.patch b/SOURCES/bz1766995-fence_virtd-3-return-mainloop-on-interrupt.patch new file mode 100644 index 0000000..152d8f3 --- /dev/null +++ b/SOURCES/bz1766995-fence_virtd-3-return-mainloop-on-interrupt.patch @@ -0,0 +1,81 @@ +From 958c0035aa6a69149c1a0fa218863c26e755d9e6 Mon Sep 17 00:00:00 2001 +From: Ryan McCabe +Date: Fri, 19 Jan 2018 11:04:22 -0500 +Subject: [PATCH] fence_virtd: Return control to main loop on select + interruption + +Return control to the dispatch loop if select is interrupted by a +signal. The code that retried the select without breaking out of the +dispatch loop caused the daemon to not be able to be killed cleanly. + +Resolves: https://github.com/ClusterLabs/fence-virt/issues/10 + +Signed-off-by: Ryan McCabe +--- + server/mcast.c | 9 +++++++-- + server/serial.c | 9 ++++++--- + server/tcp.c | 9 +++++++-- + 4 files changed, 28 insertions(+), 9 deletions(-) + +diff --git a/server/mcast.c b/server/mcast.c +index 0336823..e103675 100644 +--- a/server/mcast.c ++++ b/server/mcast.c +@@ -350,9 +350,14 @@ mcast_dispatch(listener_context_t c, struct timeval *timeout) + FD_ZERO(&rfds); + FD_SET(info->mc_sock, &rfds); + +- n = _select_retry((info->mc_sock)+1, &rfds, NULL, NULL, timeout); +- if (n <= 0) ++ n = select((info->mc_sock)+1, &rfds, NULL, NULL, timeout); ++ if (n <= 0) { ++ if (errno == EINTR || errno == EAGAIN) ++ n = 0; ++ else ++ dbg_printf(2, "select: %s\n", strerror(errno)); + return n; ++ } + + slen = sizeof(sin); + len = recvfrom(info->mc_sock, &data, sizeof(data), 0, +diff --git a/server/serial.c b/server/serial.c +index 70eb22b..23d143d 100644 +--- a/server/serial.c ++++ b/server/serial.c +@@ -272,9 +272,12 @@ serial_dispatch(listener_context_t c, struct timeval *timeout) + if (info->wake_fd > max) + max = info->wake_fd; + +- n = _select_retry(max+1, &rfds, NULL, NULL, timeout); +- if (n < 0) { +- dbg_printf(2, "select: %s\n", strerror(errno)); ++ n = select(max+1, &rfds, NULL, NULL, timeout); ++ if (n <= 0) { ++ if (errno == EINTR || errno == EAGAIN) ++ n = 0; ++ else ++ dbg_printf(2, "select: %s\n", strerror(errno)); + return n; + } + +diff --git a/server/tcp.c b/server/tcp.c +index 09366b7..bbd347e 100644 +--- a/server/tcp.c ++++ b/server/tcp.c +@@ -278,9 +278,14 @@ tcp_dispatch(listener_context_t c, struct timeval *timeout) + FD_ZERO(&rfds); + FD_SET(info->listen_sock, &rfds); + +- n = _select_retry(info->listen_sock + 1, &rfds, NULL, NULL, timeout); +- if (n <= 0) ++ n = select(info->listen_sock + 1, &rfds, NULL, NULL, timeout); ++ if (n <= 0) { ++ if (errno == EINTR || errno == EAGAIN) ++ n = 0; ++ else ++ dbg_printf(2, "select: %s\n", strerror(errno)); + return n; ++ } + + client_fd = accept(info->listen_sock, NULL, NULL); + if (client_fd < 0) { diff --git a/SPECS/fence-virt.spec b/SPECS/fence-virt.spec index f56445c..ce0d153 100644 --- a/SPECS/fence-virt.spec +++ b/SPECS/fence-virt.spec @@ -1,6 +1,6 @@ Name: fence-virt Version: 0.3.2 -Release: 14%{?dist} +Release: 16%{?dist} Summary: A pluggable fencing framework for virtual machines Group: System Environment/Base License: GPLv2+ @@ -26,6 +26,9 @@ Patch10: bz1092531-enable_hardening.patch Patch11: bz1447700-virt_add_support_for_the_validate_all_status.patch Patch12: bz1384181-make_the_libvirt_backend_survive_libvirtd.patch Patch13: bz1600566-fence_virt-dont-report-success-incorrect-parameter.patch +Patch14: bz1766995-fence_virtd-1-fix-segfault-no-domains.patch +Patch15: bz1766995-fence_virtd-2-fix-select-logic.patch +Patch16: bz1766995-fence_virtd-3-return-mainloop-on-interrupt.patch BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) @@ -76,8 +79,8 @@ Requires: fence-virtd Provides serial VMChannel listener capability for fence-virtd. %package -n fence-virtd-tcp -Summary: Tcp listener for fence-virtd -Group: System Environment/Base +Summary: TCP listener for fence-virtd +Group: System Environment/Base Requires: fence-virtd %description -n fence-virtd-tcp @@ -112,6 +115,9 @@ machines on a desktop. %patch11 -p1 -b .bz1447700.1 %patch12 -p1 -b .bz1384181.1 %patch13 -p1 -F1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 %build %ifarch s390 s390x sparcv9 sparc64 @@ -215,6 +221,10 @@ fi %{_libdir}/%{name}/libvirt.so %changelog +* Thu Jan 30 2020 Oyvind Albrigtsen - 0.3.2-16 +- fence_virtd: fix segfault when no domains are found + Resolves: rhbz#1766995 + * Tue Jan 22 2019 Oyvind Albrigtsen - 0.3.2-14 - fence_xvm/fence_virt: dont report success incorrect parameter Resolves: rhbz#1600566