Backport virtiofsd changes to fix crashes on F36+

Resolves: rhbz#2070066

0001-tools-virtiofsd-Add-rseq-syscall-to-the-seccomp-allo.patch

@@ -0,0 +1,58 @@
+From 7b223e38603de3a75602e14914d26f9d4baf52eb Mon Sep 17 00:00:00 2001
+From: Christian Ehrhardt <christian.ehrhardt@canonical.com>
+Date: Wed, 9 Feb 2022 12:14:56 +0100
+Subject: [PATCH 1/2] tools/virtiofsd: Add rseq syscall to the seccomp
+ allowlist
+
+The virtiofsd currently crashes when used with glibc 2.35.
+That is due to the rseq system call being added to every thread
+creation [1][2].
+
+[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/
+[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html
+
+This happens not at daemon start, but when a guest connects
+
+    /usr/lib/qemu/virtiofsd -f --socket-path=/tmp/testvfsd -o sandbox=chroot \
+        -o source=/var/guests/j-virtiofs --socket-group=kvm
+    virtio_session_mount: Waiting for vhost-user socket connection...
+    # start ok, now guest will connect
+    virtio_session_mount: Received vhost-user socket connection
+    virtio_loop: Entry
+    fv_queue_set_started: qidx=0 started=1
+    fv_queue_set_started: qidx=1 started=1
+    Bad system call (core dumped)
+
+We have to put rseq on the seccomp allowlist to avoid that the daemon
+is crashing in this case.
+
+Reported-by: Michael Hudson-Doyle <michael.hudson@canonical.com>
+Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
+Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
+Message-id: 20220209111456.3328420-1-christian.ehrhardt@canonical.com
+
+[Moved rseq to its alphabetically ordered position in the seccomp
+allowlist.
+--Stefan]
+Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
+---
+ tools/virtiofsd/passthrough_seccomp.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
+index a3ce9f898d..2bc0127b69 100644
+--- a/tools/virtiofsd/passthrough_seccomp.c
++++ b/tools/virtiofsd/passthrough_seccomp.c
+@@ -91,6 +91,9 @@ static const int syscall_allowlist[] = {
+     SCMP_SYS(renameat2),
+     SCMP_SYS(removexattr),
+     SCMP_SYS(restart_syscall),
++#ifdef __NR_rseq
++    SCMP_SYS(rseq), /* required since glibc 2.35 */
++#endif
+     SCMP_SYS(rt_sigaction),
+     SCMP_SYS(rt_sigprocmask),
+     SCMP_SYS(rt_sigreturn),
+-- 
+2.35.1
+

0002-virtiofsd-Do-not-support-blocking-flock.patch

@@ -0,0 +1,41 @@
+From 41af4459ac47e107093c3f54b6875d54723aa613 Mon Sep 17 00:00:00 2001
+From: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
+Date: Thu, 13 Jan 2022 16:32:49 +0100
+Subject: [PATCH 2/2] virtiofsd: Do not support blocking flock
+
+With the current implementation, blocking flock can lead to
+deadlock. Thus, it's better to return EOPNOTSUPP if a user attempts
+to perform a blocking flock request.
+
+Signed-off-by: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
+Message-Id: <20220113153249.710216-1-sebastian.hasler@stuvus.uni-stuttgart.de>
+Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
+Reviewed-by: Vivek Goyal <vgoyal@redhat.com>
+Reviewed-by: Greg Kurz <groug@kaod.org>
+---
+ tools/virtiofsd/passthrough_ll.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
+index b3d0674f6d..3e56d1cd95 100644
+--- a/tools/virtiofsd/passthrough_ll.c
++++ b/tools/virtiofsd/passthrough_ll.c
+@@ -2467,6 +2467,15 @@ static void lo_flock(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
+     int res;
+     (void)ino;
+ 
++    if (!(op & LOCK_NB)) {
++        /*
++         * Blocking flock can deadlock as there is only one thread
++         * serving the queue.
++         */
++        fuse_reply_err(req, EOPNOTSUPP);
++        return;
++    }
++
+     res = flock(lo_fi_fd(req, fi), op);
+ 
+     fuse_reply_err(req, res == -1 ? errno : 0);
+-- 
+2.35.1
+

qemu.spec

@@ -301,11 +301,13 @@ Obsoletes: %{name}-system-unicore32-core <= %{epoch}:%{version}-%{release}
 %global rcstr -%{rcver}
 %endif
 
+# To prevent rpmdev-bumpspec breakage
+%global baserelease 7
 
 Summary: QEMU is a FAST! processor emulator
 Name: qemu
 Version: 6.2.0
-Release: 6%{?rcrel}%{?dist}
+Release: %{baserelease}%{?rcrel}%{?dist}
 Epoch: 2
 License: GPLv2 and BSD and MIT and CC-BY
 URL: http://www.qemu.org/
@@ -329,6 +331,11 @@ Patch0001: 0001-sgx-stub-fix.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2046202
 Patch0002: 0001-virtiofsd-Drop-membership-of-all-supplementary-groups.patch
 
+# Fix various crashes with virtiofsd on F36+
+# https://bugzilla.redhat.com/2070066
+Patch0003: 0001-tools-virtiofsd-Add-rseq-syscall-to-the-seccomp-allo.patch
+Patch0004: 0002-virtiofsd-Do-not-support-blocking-flock.patch
+
 BuildRequires: meson >= %{meson_version}
 BuildRequires: zlib-devel
 BuildRequires: glib2-devel
@@ -2294,6 +2301,10 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
 
 
 %changelog
+* Fri Apr 01 2022 Neal Gompa <ngompa@fedoraproject.org> - 2:6.2.0-7
+- Backport virtiofsd changes to fix crashes on F36+
+  Resolves: rhbz#2070066
+
 * Fri Apr 01 2022 Richard W.M. Jones <rjones@redhat.com> - 2:6.2.0-6
 - Bump and rebuild for SONAME change in libmpathpersist (RHBZ#2069778)