Backport virtiofsd changes to fix crashes on F36+
Resolves: rhbz#2070066
This commit is contained in:
parent
eef9c627be
commit
9cb11a192e
|
@ -0,0 +1,58 @@
|
||||||
|
From 7b223e38603de3a75602e14914d26f9d4baf52eb Mon Sep 17 00:00:00 2001
|
||||||
|
From: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
||||||
|
Date: Wed, 9 Feb 2022 12:14:56 +0100
|
||||||
|
Subject: [PATCH 1/2] tools/virtiofsd: Add rseq syscall to the seccomp
|
||||||
|
allowlist
|
||||||
|
|
||||||
|
The virtiofsd currently crashes when used with glibc 2.35.
|
||||||
|
That is due to the rseq system call being added to every thread
|
||||||
|
creation [1][2].
|
||||||
|
|
||||||
|
[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/
|
||||||
|
[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html
|
||||||
|
|
||||||
|
This happens not at daemon start, but when a guest connects
|
||||||
|
|
||||||
|
/usr/lib/qemu/virtiofsd -f --socket-path=/tmp/testvfsd -o sandbox=chroot \
|
||||||
|
-o source=/var/guests/j-virtiofs --socket-group=kvm
|
||||||
|
virtio_session_mount: Waiting for vhost-user socket connection...
|
||||||
|
# start ok, now guest will connect
|
||||||
|
virtio_session_mount: Received vhost-user socket connection
|
||||||
|
virtio_loop: Entry
|
||||||
|
fv_queue_set_started: qidx=0 started=1
|
||||||
|
fv_queue_set_started: qidx=1 started=1
|
||||||
|
Bad system call (core dumped)
|
||||||
|
|
||||||
|
We have to put rseq on the seccomp allowlist to avoid that the daemon
|
||||||
|
is crashing in this case.
|
||||||
|
|
||||||
|
Reported-by: Michael Hudson-Doyle <michael.hudson@canonical.com>
|
||||||
|
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
||||||
|
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
Message-id: 20220209111456.3328420-1-christian.ehrhardt@canonical.com
|
||||||
|
|
||||||
|
[Moved rseq to its alphabetically ordered position in the seccomp
|
||||||
|
allowlist.
|
||||||
|
--Stefan]
|
||||||
|
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||||
|
---
|
||||||
|
tools/virtiofsd/passthrough_seccomp.c | 3 +++
|
||||||
|
1 file changed, 3 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
|
||||||
|
index a3ce9f898d..2bc0127b69 100644
|
||||||
|
--- a/tools/virtiofsd/passthrough_seccomp.c
|
||||||
|
+++ b/tools/virtiofsd/passthrough_seccomp.c
|
||||||
|
@@ -91,6 +91,9 @@ static const int syscall_allowlist[] = {
|
||||||
|
SCMP_SYS(renameat2),
|
||||||
|
SCMP_SYS(removexattr),
|
||||||
|
SCMP_SYS(restart_syscall),
|
||||||
|
+#ifdef __NR_rseq
|
||||||
|
+ SCMP_SYS(rseq), /* required since glibc 2.35 */
|
||||||
|
+#endif
|
||||||
|
SCMP_SYS(rt_sigaction),
|
||||||
|
SCMP_SYS(rt_sigprocmask),
|
||||||
|
SCMP_SYS(rt_sigreturn),
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
|
@ -0,0 +1,41 @@
|
||||||
|
From 41af4459ac47e107093c3f54b6875d54723aa613 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
|
||||||
|
Date: Thu, 13 Jan 2022 16:32:49 +0100
|
||||||
|
Subject: [PATCH 2/2] virtiofsd: Do not support blocking flock
|
||||||
|
|
||||||
|
With the current implementation, blocking flock can lead to
|
||||||
|
deadlock. Thus, it's better to return EOPNOTSUPP if a user attempts
|
||||||
|
to perform a blocking flock request.
|
||||||
|
|
||||||
|
Signed-off-by: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
|
||||||
|
Message-Id: <20220113153249.710216-1-sebastian.hasler@stuvus.uni-stuttgart.de>
|
||||||
|
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
Reviewed-by: Vivek Goyal <vgoyal@redhat.com>
|
||||||
|
Reviewed-by: Greg Kurz <groug@kaod.org>
|
||||||
|
---
|
||||||
|
tools/virtiofsd/passthrough_ll.c | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
|
||||||
|
index b3d0674f6d..3e56d1cd95 100644
|
||||||
|
--- a/tools/virtiofsd/passthrough_ll.c
|
||||||
|
+++ b/tools/virtiofsd/passthrough_ll.c
|
||||||
|
@@ -2467,6 +2467,15 @@ static void lo_flock(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
|
||||||
|
int res;
|
||||||
|
(void)ino;
|
||||||
|
|
||||||
|
+ if (!(op & LOCK_NB)) {
|
||||||
|
+ /*
|
||||||
|
+ * Blocking flock can deadlock as there is only one thread
|
||||||
|
+ * serving the queue.
|
||||||
|
+ */
|
||||||
|
+ fuse_reply_err(req, EOPNOTSUPP);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
res = flock(lo_fi_fd(req, fi), op);
|
||||||
|
|
||||||
|
fuse_reply_err(req, res == -1 ? errno : 0);
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
13
qemu.spec
13
qemu.spec
|
@ -301,11 +301,13 @@ Obsoletes: %{name}-system-unicore32-core <= %{epoch}:%{version}-%{release}
|
||||||
%global rcstr -%{rcver}
|
%global rcstr -%{rcver}
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
# To prevent rpmdev-bumpspec breakage
|
||||||
|
%global baserelease 6
|
||||||
|
|
||||||
Summary: QEMU is a FAST! processor emulator
|
Summary: QEMU is a FAST! processor emulator
|
||||||
Name: qemu
|
Name: qemu
|
||||||
Version: 6.2.0
|
Version: 6.2.0
|
||||||
Release: 5%{?rcrel}%{?dist}
|
Release: %{baserelease}%{?rcrel}%{?dist}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
License: GPLv2 and BSD and MIT and CC-BY
|
License: GPLv2 and BSD and MIT and CC-BY
|
||||||
URL: http://www.qemu.org/
|
URL: http://www.qemu.org/
|
||||||
|
@ -329,6 +331,11 @@ Patch0001: 0001-sgx-stub-fix.patch
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2046202
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2046202
|
||||||
Patch0002: 0001-virtiofsd-Drop-membership-of-all-supplementary-groups.patch
|
Patch0002: 0001-virtiofsd-Drop-membership-of-all-supplementary-groups.patch
|
||||||
|
|
||||||
|
# Fix various crashes with virtiofsd on F36+
|
||||||
|
# https://bugzilla.redhat.com/2070066
|
||||||
|
Patch0003: 0001-tools-virtiofsd-Add-rseq-syscall-to-the-seccomp-allo.patch
|
||||||
|
Patch0004: 0002-virtiofsd-Do-not-support-blocking-flock.patch
|
||||||
|
|
||||||
BuildRequires: meson >= %{meson_version}
|
BuildRequires: meson >= %{meson_version}
|
||||||
BuildRequires: zlib-devel
|
BuildRequires: zlib-devel
|
||||||
BuildRequires: glib2-devel
|
BuildRequires: glib2-devel
|
||||||
|
@ -2294,6 +2301,10 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Apr 01 2022 Neal Gompa <ngompa@fedoraproject.org> - 2:6.2.0-6
|
||||||
|
- Backport virtiofsd changes to fix crashes on F36+
|
||||||
|
Resolves: rhbz#2070066
|
||||||
|
|
||||||
* Thu Feb 10 2022 Cole Robinson <crobinso@redhat.com> - 6.2.0-5
|
* Thu Feb 10 2022 Cole Robinson <crobinso@redhat.com> - 6.2.0-5
|
||||||
- Split out qemu-virtiofsd subpackage
|
- Split out qemu-virtiofsd subpackage
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue