libvirt/virnwfilterbindingobj-Fix-virNWFilterBindingObjNew.patch

From cb72ee4b8e09b2a4246fc85235ae2a73cff4cb73 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Tue, 1 Feb 2022 10:21:02 +0100
Subject: [PATCH 05/22] virnwfilterbindingobj: Fix virNWFilterBindingObjNew()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The idea behind virNWFilterBindingObjNew() is to create and
return an object of virNWFilterBindingObjClass class. The class
is virObjectLockable (and the corresponding
_virNWFilterBindingObj structure has virObjectLockable parent).
But for some reason plain virObjectNew() is called. This is wrong
because the mutex in the parent is left uninitialized.

Next, the returned object is not locked. This is wrong because in
some cases the returned object is added onto a list of bindings
and then passed to virNWFilterBindingObjEndAPI() which unlocks it
right away. This is potentially dangerous because we might just
have unlocked the object for another thread.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
 src/conf/virnwfilterbindingobj.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/conf/virnwfilterbindingobj.c b/src/conf/virnwfilterbindingobj.c
index 7cfc2e9efa..656398ed8b 100644
--- a/src/conf/virnwfilterbindingobj.c
+++ b/src/conf/virnwfilterbindingobj.c
@@ -57,10 +57,15 @@ VIR_ONCE_GLOBAL_INIT(virNWFilterBindingObj);
 virNWFilterBindingObjPtr
 virNWFilterBindingObjNew(void)
 {
+    virNWFilterBindingObj *ret;
     if (virNWFilterBindingObjInitialize() < 0)
         return NULL;
 
-    return virObjectNew(virNWFilterBindingObjClass);
+    if (!(ret = virObjectLockableNew(virNWFilterBindingObjClass)))
+        return NULL;
+
+    virObjectLock(ret);
+    return ret;
 }
 
 
-- 
2.33.0
Backport patches from upstream Signed-off-by: jiang jiacheng <jiangjiacheng@huawei.com> 2023-01-04 12:02:07 +08:00			`From cb72ee4b8e09b2a4246fc85235ae2a73cff4cb73 Mon Sep 17 00:00:00 2001`
			`From: Michal Privoznik <mprivozn@redhat.com>`
			`Date: Tue, 1 Feb 2022 10:21:02 +0100`
			`Subject: [PATCH 05/22] virnwfilterbindingobj: Fix virNWFilterBindingObjNew()`
			`MIME-Version: 1.0`
			`Content-Type: text/plain; charset=UTF-8`
			`Content-Transfer-Encoding: 8bit`

			`The idea behind virNWFilterBindingObjNew() is to create and`
			`return an object of virNWFilterBindingObjClass class. The class`
			`is virObjectLockable (and the corresponding`
			`_virNWFilterBindingObj structure has virObjectLockable parent).`
			`But for some reason plain virObjectNew() is called. This is wrong`
			`because the mutex in the parent is left uninitialized.`

			`Next, the returned object is not locked. This is wrong because in`
			`some cases the returned object is added onto a list of bindings`
			`and then passed to virNWFilterBindingObjEndAPI() which unlocks it`
			`right away. This is potentially dangerous because we might just`
			`have unlocked the object for another thread.`

			`Signed-off-by: Michal Privoznik <mprivozn@redhat.com>`
			`Reviewed-by: Ján Tomko <jtomko@redhat.com>`
			`---`
			`src/conf/virnwfilterbindingobj.c \| 7 ++++++-`
			`1 file changed, 6 insertions(+), 1 deletion(-)`

			`diff --git a/src/conf/virnwfilterbindingobj.c b/src/conf/virnwfilterbindingobj.c`
			`index 7cfc2e9efa..656398ed8b 100644`
			`--- a/src/conf/virnwfilterbindingobj.c`
			`+++ b/src/conf/virnwfilterbindingobj.c`
			`@@ -57,10 +57,15 @@ VIR_ONCE_GLOBAL_INIT(virNWFilterBindingObj);`
			`virNWFilterBindingObjPtr`
			`virNWFilterBindingObjNew(void)`
			`{`
			`+ virNWFilterBindingObj *ret;`
			`if (virNWFilterBindingObjInitialize() < 0)`
			`return NULL;`

			`- return virObjectNew(virNWFilterBindingObjClass);`
			`+ if (!(ret = virObjectLockableNew(virNWFilterBindingObjClass)))`
			`+ return NULL;`
			`+`
			`+ virObjectLock(ret);`
			`+ return ret;`
			`}`


			`--`
			`2.33.0`