import fence-virt-0.4.0-9.el8

2020-04-28 04:52:06 -04:00 · 2020-04-28 04:52:06 -04:00 · 08f550d16f
parent 8718be934c
commit 08f550d16f
3 changed files with 119 additions and 1 deletions
--- a/SOURCES/bz1766993-fence_virtd-1-fix-segfault-no-domains.patch
+++ b/SOURCES/bz1766993-fence_virtd-1-fix-segfault-no-domains.patch
@ -0,0 +1,29 @@
+From 36367a99eb803a7941f6cbfd6086e7a71bf91e21 Mon Sep 17 00:00:00 2001
+From: Andrew Price <anprice@redhat.com>
+Date: Tue, 29 Oct 2019 11:27:06 +0000
+Subject: [PATCH] fence_virtd: Fix segfault in vl_get when no domains are found
+
+If virConnectListAllDomains() returns 0 on every iteration, the loop
+will end with a vl == NULL and the pointer dereference in the qsort()
+call will result in a segfault. Check for NULL on completion of the loop
+to guard against that.
+
+Signed-off-by: Andrew Price <anprice@redhat.com>
+---
+ server/virt.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/server/virt.c b/server/virt.c
+index 9710791..ed08e0c 100644
+--- a/server/virt.c
+++ b/server/virt.c
+@@ -128,6 +128,9 @@ virt_list_t *vl_get(virConnectPtr *vp, int vp_count, int my_id)
+ 
+ 		_free_dom_list(dom_list, ret);
+ 	}
+	/* No domains found */
+	if (!vl)
+		return NULL;
+ 
+ 	/* We have all the locally running domains & states now */
+ 	/* Sort */
--- a/SOURCES/bz1766993-fence_virtd-2-return-mainloop-on-interrupt.patch
+++ b/SOURCES/bz1766993-fence_virtd-2-return-mainloop-on-interrupt.patch
@ -0,0 +1,81 @@
+From 958c0035aa6a69149c1a0fa218863c26e755d9e6 Mon Sep 17 00:00:00 2001
+From: Ryan McCabe <rmccabe@redhat.com>
+Date: Fri, 19 Jan 2018 11:04:22 -0500
+Subject: [PATCH] fence_virtd: Return control to main loop on select
+ interruption
+
+Return control to the dispatch loop if select is interrupted by a
+signal. The code that retried the select without breaking out of the
+dispatch loop caused the daemon to not be able to be killed cleanly.
+
+Resolves: https://github.com/ClusterLabs/fence-virt/issues/10
+
+Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
+---
+ server/mcast.c  |  9 +++++++--
+ server/serial.c |  9 ++++++---
+ server/tcp.c    |  9 +++++++--
+ 4 files changed, 28 insertions(+), 9 deletions(-)
+
+diff --git a/server/mcast.c b/server/mcast.c
+index 0336823..e103675 100644
+--- a/server/mcast.c
+++ b/server/mcast.c
+@@ -350,9 +350,14 @@ mcast_dispatch(listener_context_t c, struct timeval *timeout)
+ 	FD_ZERO(&rfds);
+ 	FD_SET(info->mc_sock, &rfds);
+ 
+-	n = _select_retry((info->mc_sock)+1, &rfds, NULL, NULL, timeout);
+-	if (n <= 0)
+	n = select((info->mc_sock)+1, &rfds, NULL, NULL, timeout);
+	if (n <= 0) {
+		if (errno == EINTR || errno == EAGAIN)
+			n = 0;
+		else
+			dbg_printf(2, "select: %s\n", strerror(errno));
+ 		return n;
+	}
+ 	
+ 	slen = sizeof(sin);
+ 	len = recvfrom(info->mc_sock, &data, sizeof(data), 0,
+diff --git a/server/serial.c b/server/serial.c
+index 70eb22b..23d143d 100644
+--- a/server/serial.c
+++ b/server/serial.c
+@@ -272,9 +272,12 @@ serial_dispatch(listener_context_t c, struct timeval *timeout)
+ 	if (info->wake_fd > max)
+ 		max = info->wake_fd;
+ 
+-	n = _select_retry(max+1, &rfds, NULL, NULL, timeout);
+-	if (n < 0) {
+-		dbg_printf(2, "select: %s\n", strerror(errno));
+	n = select(max+1, &rfds, NULL, NULL, timeout);
+	if (n <= 0) {
+		if (errno == EINTR || errno == EAGAIN)
+			n = 0;
+		else
+			dbg_printf(2, "select: %s\n", strerror(errno));
+ 		return n;
+ 	}
+ 
+diff --git a/server/tcp.c b/server/tcp.c
+index 09366b7..bbd347e 100644
+--- a/server/tcp.c
+++ b/server/tcp.c
+@@ -278,9 +278,14 @@ tcp_dispatch(listener_context_t c, struct timeval *timeout)
+ 	FD_ZERO(&rfds);
+ 	FD_SET(info->listen_sock, &rfds);
+ 
+-	n = _select_retry(info->listen_sock + 1, &rfds, NULL, NULL, timeout);
+-	if (n <= 0)
+	n = select(info->listen_sock + 1, &rfds, NULL, NULL, timeout);
+	if (n <= 0) {
+		if (errno == EINTR || errno == EAGAIN)
+			n = 0;
+		else
+			dbg_printf(2, "select: %s\n", strerror(errno));
+ 		return n;
+	}
+ 	
+ 	client_fd = accept(info->listen_sock, NULL, NULL);
+ 	if (client_fd < 0) {
--- a/SPECS/fence-virt.spec
+++ b/SPECS/fence-virt.spec
@ -1,6 +1,6 @@
 Name:		fence-virt
 Version:	0.4.0
-Release:	7%{?dist}
+Release:	9%{?dist}
 Summary:	A pluggable fencing framework for virtual machines
 Group:		System Environment/Base
 License:	GPLv2+
@ -14,6 +14,8 @@ Source0:	http://people.redhat.com/rmccabe/fence-virt/%{name}-%{version}.tar.bz2
 Patch0:		bz1624110-1-harden-fPIE.patch
 Patch1:		bz1624110-2-fence_virt-fix-coredump.patch
 Patch2:		bz1668357-fence_virt-dont-report-success-incorrect-parameter.patch
+Patch3:		bz1766993-fence_virtd-1-fix-segfault-no-domains.patch
+Patch4:		bz1766993-fence_virtd-2-return-mainloop-on-interrupt.patch

 BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)

@ -101,6 +103,8 @@ are located on corosync cluster nodes.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1 -F1
+%patch3 -p1
+%patch4 -p1

 %build
 ./autogen.sh
@ -192,6 +196,10 @@ fi
 %{_libdir}/%{name}/cpg.so

 %changelog
+* Thu Jan 30 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 0.4.0-9
+- fence_virtd: fix segfault when no domains are found
+  Resolves: rhbz#1766993
+
 * Tue Jul 23 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 0.4.0-7
 - fence_xvm/fence_virt: dont report success for incorrect parameter
  Resolves: rhbz#1668357