diff --git a/libvirt-cgroup-cleanup-eventParams-when-virTypedParamsAddULL.patch b/libvirt-cgroup-cleanup-eventParams-when-virTypedParamsAddULL.patch new file mode 100644 index 0000000..c9f2a2e --- /dev/null +++ b/libvirt-cgroup-cleanup-eventParams-when-virTypedParamsAddULL.patch @@ -0,0 +1,34 @@ +From 432afe3f14418ea5d2d69e62d678ef5bb08caaa1 Mon Sep 17 00:00:00 2001 +From: Xu Yandong +Date: Wed, 15 Apr 2020 11:55:43 +0800 +Subject: cgroup: cleanup eventParams when virTypedParamsAddULLong failed + +Function virTypedParamsAddULLong use realloc to gain memory, +and doesn't free it when failed. so we need free eventParams to +prevent a memory leak. + +Signed-off-by: Xu Yandong +--- + src/qemu/qemu_cgroup.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c +index c0e30f6..057f871 100644 +--- a/src/qemu/qemu_cgroup.c ++++ b/src/qemu/qemu_cgroup.c +@@ -904,8 +904,11 @@ qemuSetupCpuCgroup(virDomainObjPtr vm) + if (virTypedParamsAddULLong(&eventParams, &eventNparams, + &eventMaxparams, + VIR_DOMAIN_TUNABLE_CPU_CPU_SHARES, +- val) < 0) ++ val) < 0) { ++ if (eventParams) ++ virTypedParamsFree(eventParams, eventNparams); + return -1; ++ } + + event = virDomainEventTunableNewFromObj(vm, eventParams, eventNparams); + } +-- +2.23.0 + diff --git a/libvirt-nodedev-fix-potential-heap-use-after-free.patch b/libvirt-nodedev-fix-potential-heap-use-after-free.patch new file mode 100644 index 0000000..827d260 --- /dev/null +++ b/libvirt-nodedev-fix-potential-heap-use-after-free.patch @@ -0,0 +1,48 @@ +From cdf8379fbddb8c51f35af2934908e80524a3fd6a Mon Sep 17 00:00:00 2001 +From: Xu Yandong +Date: Wed, 15 Apr 2020 14:03:07 +0800 +Subject: nodedev: fix potential heap use after free + +After move device enumumeration into a thread(commit 9f0ae0b18e3), +flag driversInitialized no longer represent stateInitialized finished +complete, so reference driver->devs before use it to prevent devs freed +by virStateCleanup. + +Signed-off-by: Xu Yandong +--- + src/node_device/node_device_udev.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c +index 8451903..a1391fb 100644 +--- a/src/node_device/node_device_udev.c ++++ b/src/node_device/node_device_udev.c +@@ -1261,8 +1261,8 @@ udevSetParent(struct udev_device *device, + virNodeDeviceDefPtr objdef; + + parent_device = device; ++ virObjectRef(driver->devs); + do { +- + parent_device = udev_device_get_parent(parent_device); + if (parent_device == NULL) + break; +@@ -1272,6 +1272,7 @@ udevSetParent(struct udev_device *device, + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Could not get syspath for parent of '%s'"), + udev_device_get_syspath(parent_device)); ++ virObjectUnref(driver->devs); + return -1; + } + +@@ -1289,6 +1290,7 @@ udevSetParent(struct udev_device *device, + if (!def->parent) + def->parent = g_strdup("computer"); + ++ virObjectUnref(driver->devs); + return 0; + } + +-- +2.23.0 + diff --git a/libvirt-po-Refresh-translation-for-running-state.patch b/libvirt-po-Refresh-translation-for-running-state.patch new file mode 100644 index 0000000..146ef47 --- /dev/null +++ b/libvirt-po-Refresh-translation-for-running-state.patch @@ -0,0 +1,26 @@ +From 26c64d58383d391add464b7f640fd6111f0d82d3 Mon Sep 17 00:00:00 2001 +From: Xu Yandong +Date: Wed, 15 Apr 2020 14:17:32 +0800 +Subject: po: Refresh translation for running state + +Signed-off-by: Xu Yandong +--- + po/zh_CN.mini.po | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/po/zh_CN.mini.po b/po/zh_CN.mini.po +index 94920d1..3d588ab 100644 +--- a/po/zh_CN.mini.po ++++ b/po/zh_CN.mini.po +@@ -19075,7 +19075,7 @@ msgid "rule node requires direction attribute" + msgstr "rule 节点需要 direction 属性" + + msgid "running" +-msgstr "running" ++msgstr "运行中" + + msgid "sanlock is too old to support lock failure action" + msgstr "sanlock 太旧不支持锁失败动作" +-- +2.23.0 + diff --git a/libvirt-qemu-add-pointer-check-in-qemuMonitorLastError.patch b/libvirt-qemu-add-pointer-check-in-qemuMonitorLastError.patch new file mode 100644 index 0000000..d844230 --- /dev/null +++ b/libvirt-qemu-add-pointer-check-in-qemuMonitorLastError.patch @@ -0,0 +1,32 @@ +From 2d72ad8dfbd8987379a58fd9b280cdaf4d191542 Mon Sep 17 00:00:00 2001 +From: Feng Ni +Date: Wed, 15 Apr 2020 11:14:35 +0800 +Subject: qemu: add pointer check in qemuMonitorLastError + +We found a exception when libvirt occurrs segmentation fault. +thread 1 is waiting object lock in qemuConnectMonitor, +qemu process exits and sends EOF event as well, so thread 2 invokes +qemuMonitorLastError but pointer mon is NULL. + +Signed-off-by: Feng Ni +Signed-off-by: Xu Yandong +--- + src/qemu/qemu_monitor.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c +index a62fed8..cc62948 100644 +--- a/src/qemu/qemu_monitor.c ++++ b/src/qemu/qemu_monitor.c +@@ -966,7 +966,7 @@ qemuMonitorSend(qemuMonitorPtr mon, + virErrorPtr + qemuMonitorLastError(qemuMonitorPtr mon) + { +- if (mon->lastError.code == VIR_ERR_OK) ++ if (!mon || mon->lastError.code == VIR_ERR_OK) + return NULL; + + return virErrorCopyNew(&mon->lastError); +-- +2.23.0 + diff --git a/libvirt-qemu-fix-a-concurrent-operation-situation.patch b/libvirt-qemu-fix-a-concurrent-operation-situation.patch new file mode 100644 index 0000000..4d6531b --- /dev/null +++ b/libvirt-qemu-fix-a-concurrent-operation-situation.patch @@ -0,0 +1,34 @@ +From d6cf1204db14d2ba76b640268f253d2ea6f0c131 Mon Sep 17 00:00:00 2001 +From: Feng Ni +Date: Wed, 15 Apr 2020 11:28:41 +0800 +Subject: qemu: fix a concurrent operation situation + +Migrate vm and shutdown in guestos, interface do not return occasionally. +In function qemuMigrationSrcNBDStorageCopy, it may be alays in while loop +if qemu exits. + +Signed-off-by: Feng Ni +Signed-off-by: Xu Yandong +--- + src/qemu/qemu_migration.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c +index 8a1801d..65b47ec 100644 +--- a/src/qemu/qemu_migration.c ++++ b/src/qemu/qemu_migration.c +@@ -1048,6 +1048,11 @@ qemuMigrationSrcNBDStorageCopy(virQEMUDriverPtr driver, + if (rv < 0) + return -1; + ++ if (!virDomainObjIsActive(vm)) { ++ VIR_ERROR(_("domain is no longer running, migrate will end")); ++ return -1; ++ } ++ + if (priv->job.abortJob) { + priv->job.current->status = QEMU_DOMAIN_JOB_STATUS_CANCELED; + virReportError(VIR_ERR_OPERATION_ABORTED, _("%s: %s"), +-- +2.23.0 + diff --git a/libvirt-qemu-fix-potential-memory-leak.patch b/libvirt-qemu-fix-potential-memory-leak.patch new file mode 100644 index 0000000..40d03c5 --- /dev/null +++ b/libvirt-qemu-fix-potential-memory-leak.patch @@ -0,0 +1,75 @@ +From 4f4ebf64009e402db79bf53db1226966bf5c0a99 Mon Sep 17 00:00:00 2001 +From: Feng Ni +Date: Wed, 15 Apr 2020 11:11:16 +0800 +Subject: qemu: fix potential memory leak + +function virTypedParamsAddString may return -1 but alloc params, +so invoker should free it. + +Signed-off-by: Feng Ni +Signed-off-by: Xu Yandong +--- + src/qemu/qemu_driver.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c +index ff97f10..8bc5368 100644 +--- a/src/qemu/qemu_driver.c ++++ b/src/qemu/qemu_driver.c +@@ -5175,6 +5175,8 @@ qemuDomainPinVcpuLive(virDomainObjPtr vm, + goto cleanup; + + event = virDomainEventTunableNewFromObj(vm, eventParams, eventNparams); ++ eventParams = NULL; ++ eventNparams = 0; + + ret = 0; + +@@ -5182,6 +5184,8 @@ qemuDomainPinVcpuLive(virDomainObjPtr vm, + virBitmapFree(tmpmap); + virCgroupFree(&cgroup_vcpu); + virObjectEventStateQueue(driver->domainEventState, event); ++ if (eventParams) ++ virTypedParamsFree(eventParams, eventNparams); + return ret; + } + +@@ -5388,6 +5392,8 @@ qemuDomainPinEmulator(virDomainPtr dom, + goto endjob; + + event = virDomainEventTunableNewFromDom(dom, eventParams, eventNparams); ++ eventParams = NULL; ++ eventNparams = 0; + } + + if (persistentDef) { +@@ -5409,6 +5415,8 @@ qemuDomainPinEmulator(virDomainPtr dom, + cleanup: + if (cgroup_emulator) + virCgroupFree(&cgroup_emulator); ++ if (eventParams) ++ virTypedParamsFree(eventParams, eventNparams); + virObjectEventStateQueue(driver->domainEventState, event); + virBitmapFree(pcpumap); + virDomainObjEndAPI(&vm); +@@ -5871,6 +5879,8 @@ qemuDomainPinIOThread(virDomainPtr dom, + goto endjob; + + event = virDomainEventTunableNewFromDom(dom, eventParams, eventNparams); ++ eventParams = NULL; ++ eventNparams = 0; + } + + if (persistentDef) { +@@ -5902,6 +5912,8 @@ qemuDomainPinIOThread(virDomainPtr dom, + cleanup: + if (cgroup_iothread) + virCgroupFree(&cgroup_iothread); ++ if (eventParams) ++ virTypedParamsFree(eventParams, eventNparams); + virObjectEventStateQueue(driver->domainEventState, event); + virBitmapFree(pcpumap); + virDomainObjEndAPI(&vm); +-- +2.23.0 + diff --git a/libvirt.spec b/libvirt.spec index f13ba8b..577007f 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -99,7 +99,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 6.2.0 -Release: 1 +Release: 2 License: LGPLv2+ URL: https://libvirt.org/ @@ -107,6 +107,13 @@ URL: https://libvirt.org/ %define mainturl stable_updates/ %endif Source: https://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.xz +Patch0000: libvirt-qemu-fix-potential-memory-leak.patch +Patch0001: libvirt-qemu-add-pointer-check-in-qemuMonitorLastError.patch +Patch0002: libvirt-qemu-fix-a-concurrent-operation-situation.patch +Patch0003: libvirt-cgroup-cleanup-eventParams-when-virTypedParamsAddULL.patch +Patch0004: libvirt-nodedev-fix-potential-heap-use-after-free.patch +Patch0005: libvirt-po-Refresh-translation-for-running-state.patch + Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -1839,6 +1846,8 @@ exit 0 %changelog +* Mon Apr 20 2020 Xu Yandong - 6.2.0-2 +- Checkout bugfixs from 5.5.0 release. * Tue Apr 14 2020 Xu Yandong - 6.2.0-1 - Rebase to version 6.2.0. * Fri Jul 19 2019 openEuler Buildteam - 5.5.0-1