[Qemu-commits] [qemu/qemu] 76df2b: nbd/server: Silence clang sanitizer w

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 76df2b: nbd/server: Silence clang sanitizer w

From:	Richard Henderson
Subject:	[Qemu-commits] [qemu/qemu] 76df2b: nbd/server: Silence clang sanitizer warning
Date:	Tue, 16 Nov 2021 10:01:28 -0800

  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: 76df2b8d695b07d85cce7db753a51cdbfe42b445
      
https://github.com/qemu/qemu/commit/76df2b8d695b07d85cce7db753a51cdbfe42b445
  Author: Eric Blake <eblake@redhat.com>
  Date:   2021-11-16 (Tue, 16 Nov 2021)

  Changed paths:
    M nbd/server.c

  Log Message:
  -----------
  nbd/server: Silence clang sanitizer warning

clang's sanitizer is picky: memset(NULL, x, 0) is technically
undefined behavior, even though no sane implementation of memset()
deferences the NULL.  Caught by the nbd-qemu-allocation iotest.

The alternative to checking before each memset is to instead force an
allocation of 1 element instead of g_new0(type, 0)'s behavior of
returning NULL for a 0-length array.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Fixes: 3b1f244c59 (nbd: Allow export of multiple bitmaps for one device)
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20211115223943.626416-1-eblake@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>


  Commit: 3d212b41e9ccb3f37d04f22c59a960bac099c1d4
      
https://github.com/qemu/qemu/commit/3d212b41e9ccb3f37d04f22c59a960bac099c1d4
  Author: Richard W.M. Jones <rjones@redhat.com>
  Date:   2021-11-16 (Tue, 16 Nov 2021)

  Changed paths:
    M meson.build
    M meson_options.txt
    M qemu-nbd.c
    M scripts/meson-buildoptions.sh
    M tests/docker/dockerfiles/centos8.docker
    M tests/docker/dockerfiles/fedora-i386-cross.docker
    M tests/docker/dockerfiles/fedora.docker
    M tests/docker/dockerfiles/opensuse-leap.docker
    M tests/docker/dockerfiles/ubuntu1804.docker
    M tests/docker/dockerfiles/ubuntu2004.docker

  Log Message:
  -----------
  nbd/server: Add --selinux-label option

Under SELinux, Unix domain sockets have two labels.  One is on the
disk and can be set with commands such as chcon(1).  There is a
different label stored in memory (called the process label).  This can
only be set by the process creating the socket.  When using SELinux +
SVirt and wanting qemu to be able to connect to a qemu-nbd instance,
you must set both labels correctly first.

For qemu-nbd the options to set the second label are awkward.  You can
create the socket in a wrapper program and then exec into qemu-nbd.
Or you could try something with LD_PRELOAD.

This commit adds the ability to set the label straightforwardly on the
command line, via the new --selinux-label flag.  (The name of the flag
is the same as the equivalent nbdkit option.)

A worked example showing how to use the new option can be found in
this bug: https://bugzilla.redhat.com/show_bug.cgi?id=1984938

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1984938
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

[eblake: rebase to configure changes, reject --selinux-label if it is
not compiled in or not used on a Unix socket]
Note that we may relax some of these restrictions at a later date,
such as making it possible to label a TCP socket, although it may be
smarter to do so as a generic QMP action rather than more one-off
command lines in qemu-nbd.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20211115202944.615966-1-eblake@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
[eblake: adjust meson output as suggested by thuth]
Signed-off-by: Eric Blake <eblake@redhat.com>


  Commit: 56f4f41e0206f451d1d214e763d49259e410f971
      
https://github.com/qemu/qemu/commit/56f4f41e0206f451d1d214e763d49259e410f971
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2021-11-16 (Tue, 16 Nov 2021)

  Changed paths:
    M meson.build
    M meson_options.txt
    M nbd/server.c
    M qemu-nbd.c
    M scripts/meson-buildoptions.sh
    M tests/docker/dockerfiles/centos8.docker
    M tests/docker/dockerfiles/fedora-i386-cross.docker
    M tests/docker/dockerfiles/fedora.docker
    M tests/docker/dockerfiles/opensuse-leap.docker
    M tests/docker/dockerfiles/ubuntu1804.docker
    M tests/docker/dockerfiles/ubuntu2004.docker

  Log Message:
  -----------
  Merge tag 'pull-nbd-2021-11-16' of https://repo.or.cz/qemu/ericb into staging

nbd patches for 2021-11-16

- Rich Jones: Add 'qemu-nbd --selinux-label' option for running Unix
  socket with appropriate SELinux labeling
- Eric Blake: Address clang sanitizer warning

# gpg: Signature made Tue 16 Nov 2021 05:32:26 PM CET
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) 
<ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]

* tag 'pull-nbd-2021-11-16' of https://repo.or.cz/qemu/ericb:
  nbd/server: Add --selinux-label option
  nbd/server: Silence clang sanitizer warning

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>


Compare: https://github.com/qemu/qemu/compare/9104bd89dadd...56f4f41e0206

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] 76df2b: nbd/server: Silence clang sanitizer warning, Richard Henderson <=
- [Qemu-commits] [qemu/qemu] 76df2b: nbd/server: Silence clang sanitizer warning, Richard Henderson, 2021/11/16

Prev by Date: [Qemu-commits] [qemu/qemu] d47e37: tests/docker: force NOUSER=1 for base images
Next by Date: [Qemu-commits] [qemu/qemu] 76df2b: nbd/server: Silence clang sanitizer warning
Previous by thread: [Qemu-commits] [qemu/qemu] d47e37: tests/docker: force NOUSER=1 for base images
Next by thread: [Qemu-commits] [qemu/qemu] 76df2b: nbd/server: Silence clang sanitizer warning
Index(es):
- Date
- Thread