Control: tags 897777 + patch Control: tags 897777 + pending Dear maintainer,
I've prepared an NMU for kvmtool (versioned as 0.20170904-1.1) and uploading it to mentors for sponsoring. Please feel free to tell me if I should remove it from mentors. Note: The upstream is almost active for this package, and the latest upstream has all these fixes and also some other fixes and improvements. It will be great if you can update the package please. -- Regards Sudip diff -Nru kvmtool-0.20170904/debian/changelog kvmtool-0.20170904/debian/changelog --- kvmtool-0.20170904/debian/changelog 2017-09-04 07:31:06.000000000 +0100 +++ kvmtool-0.20170904/debian/changelog 2020-03-05 12:28:53.000000000 +0000 @@ -1,3 +1,11 @@ +kvmtool (0.20170904-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix ftbfs. (Closes: #897777) + - Added upstream patches fixing this. + + -- Sudip Mukherjee <[email protected]> Thu, 05 Mar 2020 12:28:53 +0000 + kvmtool (0.20170904-1) sid; urgency=low * CI - kvmtool snapshot: diff -Nru kvmtool-0.20170904/debian/patches/0001-builtin-run-Fix-warning-when-resolving-path.patch kvmtool-0.20170904/debian/patches/0001-builtin-run-Fix-warning-when-resolving-path.patch --- kvmtool-0.20170904/debian/patches/0001-builtin-run-Fix-warning-when-resolving-path.patch 1970-01-01 01:00:00.000000000 +0100 +++ kvmtool-0.20170904/debian/patches/0001-builtin-run-Fix-warning-when-resolving-path.patch 2020-03-05 11:23:35.000000000 +0000 @@ -0,0 +1,47 @@ +From 96eda74100e9ffb1620cc0b9011e7e430b3d6ffb Mon Sep 17 00:00:00 2001 +From: Anisse Astier <[email protected]> +Date: Mon, 4 Feb 2019 10:59:42 +0100 +Subject: [PATCH] builtin-run: Fix warning when resolving path +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC 8.2 gives this warning: + +builtin-run.c: In function ‘kvm_run_write_sandbox_cmd.isra.1’: +builtin-run.c:417:28: error: ‘%s’ directive output may be truncated writing up to 4095 bytes into a region of size 4091 [-Werror=format-truncation=] + snprintf(dst, len, "/host%s", resolved_path); + ^~ ~~~~~~~~~~~~~ + +It's because it understands that len is PATH_MAX, the same as +resolved_path's size. This patch handles the case where the string is +truncated, and fixes the warning. + +Reviewed-by: Andre Przywara <[email protected]> +Signed-off-by: Anisse Astier <[email protected]> +Signed-off-by: Will Deacon <[email protected]> +--- + +upstream commit 96eda74100e9ffb1620cc0b9011e7e430b3d6ffb + + builtin-run.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/builtin-run.c b/builtin-run.c +index 82e2b2e..463a481 100644 +--- a/builtin-run.c ++++ b/builtin-run.c +@@ -414,7 +414,9 @@ static void resolve_program(const char *src, char *dst, size_t len) + if (!realpath(src, resolved_path)) + die("Unable to resolve program %s: %s\n", src, strerror(errno)); + +- snprintf(dst, len, "/host%s", resolved_path); ++ if (snprintf(dst, len, "/host%s", resolved_path) >= (int)len) ++ die("Pathname too long: %s -> %s\n", src, resolved_path); ++ + } else + strncpy(dst, src, len); + } +-- +2.20.1 + diff -Nru kvmtool-0.20170904/debian/patches/0002-builtin-run-Replace-strncpy-calls-with-strlcpy.patch kvmtool-0.20170904/debian/patches/0002-builtin-run-Replace-strncpy-calls-with-strlcpy.patch --- kvmtool-0.20170904/debian/patches/0002-builtin-run-Replace-strncpy-calls-with-strlcpy.patch 1970-01-01 01:00:00.000000000 +0100 +++ kvmtool-0.20170904/debian/patches/0002-builtin-run-Replace-strncpy-calls-with-strlcpy.patch 2020-03-05 11:23:54.000000000 +0000 @@ -0,0 +1,45 @@ +From 266a0ed4c6a50dd80e7586ea020c5e963f4dd37b Mon Sep 17 00:00:00 2001 +From: Andre Przywara <[email protected]> +Date: Mon, 4 Feb 2019 16:34:56 +0000 +Subject: [PATCH] builtin-run: Replace strncpy calls with strlcpy + +There are two uses of strncpy in builtin-run.c, where we don't make +proper use of strncpy, so that GCC 8.x complains and aborts compilation. + +Replace those two calls with strlcpy(), which does the right thing in +our case. + +Signed-off-by: Andre Przywara <[email protected]> +Signed-off-by: Will Deacon <[email protected]> +--- + +upstream commit 266a0ed4c6a50dd80e7586ea020c5e963f4dd37b + + builtin-run.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/builtin-run.c b/builtin-run.c +index 463a481..f8dc6c7 100644 +--- a/builtin-run.c ++++ b/builtin-run.c +@@ -300,7 +300,7 @@ static const char *find_kernel(void) + k++; + continue; + } +- strncpy(kernel, *k, PATH_MAX); ++ strlcpy(kernel, *k, PATH_MAX); + return kernel; + } + +@@ -418,7 +418,7 @@ static void resolve_program(const char *src, char *dst, size_t len) + die("Pathname too long: %s -> %s\n", src, resolved_path); + + } else +- strncpy(dst, src, len); ++ strlcpy(dst, src, len); + } + + static void kvm_run_write_sandbox_cmd(struct kvm *kvm, const char **argv, int argc) +-- +2.20.1 + diff -Nru kvmtool-0.20170904/debian/patches/0003-virtio-use-strlcpy.patch kvmtool-0.20170904/debian/patches/0003-virtio-use-strlcpy.patch --- kvmtool-0.20170904/debian/patches/0003-virtio-use-strlcpy.patch 1970-01-01 01:00:00.000000000 +0100 +++ kvmtool-0.20170904/debian/patches/0003-virtio-use-strlcpy.patch 2020-03-05 11:57:11.000000000 +0000 @@ -0,0 +1,77 @@ +From 05755b29e63a9c73ba29c8b7c632570727d7afe7 Mon Sep 17 00:00:00 2001 +From: Andre Przywara <[email protected]> +Date: Mon, 4 Feb 2019 16:34:57 +0000 +Subject: [PATCH] virtio: use strlcpy + +GCC 8.x complains about improper usage of strncpy in virtio/net.c and +virtio/scsi.c: +In function 'virtio_scsi_init_one', + inlined from 'virtio_scsi_init' at virtio/scsi.c:285:7: +virtio/scsi.c:247:2: error: 'strncpy' specified bound 224 equals destination size [-Werror=stringop-truncation] + strncpy((char *)&sdev->target.vhost_wwpn, disk->wwpn, sizeof(sdev->target.vhost_wwpn)); + ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Fix this and the other occurences in virtio/ by using strlcpy instead +of strncpy. + +Signed-off-by: Andre Przywara <[email protected]> +Signed-off-by: Will Deacon <[email protected]> +--- + +upstream commit 05755b29e63a9c73ba29c8b7c632570727d7afe7 + + virtio/net.c | 5 +++-- + virtio/scsi.c | 3 ++- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/virtio/net.c b/virtio/net.c +index 35ff2e9..0914069 100644 +--- a/virtio/net.c ++++ b/virtio/net.c +@@ -8,6 +8,7 @@ + #include "kvm/uip.h" + #include "kvm/guest_compat.h" + #include "kvm/iovec.h" ++#include "kvm/strbuf.h" + + #include <linux/vhost.h> + #include <linux/virtio_net.h> +@@ -283,12 +284,12 @@ static int virtio_net_request_tap(struct net_dev *ndev, struct ifreq *ifr, + memset(ifr, 0, sizeof(*ifr)); + ifr->ifr_flags = IFF_TAP | IFF_NO_PI | IFF_VNET_HDR; + if (tapname) +- strncpy(ifr->ifr_name, tapname, sizeof(ifr->ifr_name)); ++ strlcpy(ifr->ifr_name, tapname, sizeof(ifr->ifr_name)); + + ret = ioctl(ndev->tap_fd, TUNSETIFF, ifr); + + if (ret >= 0) +- strncpy(ndev->tap_name, ifr->ifr_name, sizeof(ndev->tap_name)); ++ strlcpy(ndev->tap_name, ifr->ifr_name, sizeof(ndev->tap_name)); + return ret; + } + +diff --git a/virtio/scsi.c b/virtio/scsi.c +index c8400b6..a72bb2a 100644 +--- a/virtio/scsi.c ++++ b/virtio/scsi.c +@@ -8,6 +8,7 @@ + #include "kvm/guest_compat.h" + #include "kvm/virtio-pci.h" + #include "kvm/virtio.h" ++#include "kvm/strbuf.h" + + #include <linux/kernel.h> + #include <linux/virtio_scsi.h> +@@ -255,7 +256,7 @@ static int virtio_scsi_init_one(struct kvm *kvm, struct disk_image *disk) + }, + .kvm = kvm, + }; +- strncpy((char *)&sdev->target.vhost_wwpn, disk->wwpn, sizeof(sdev->target.vhost_wwpn)); ++ strlcpy((char *)&sdev->target.vhost_wwpn, disk->wwpn, sizeof(sdev->target.vhost_wwpn)); + sdev->target.vhost_tpgt = strtol(disk->tpgt, NULL, 0); + + virtio_init(kvm, sdev, &sdev->vdev, &scsi_dev_virtio_ops, +-- +2.20.1 + diff -Nru kvmtool-0.20170904/debian/patches/0004-virtio-blk-Avoid-taking-pointer-to-packed-struct.patch kvmtool-0.20170904/debian/patches/0004-virtio-blk-Avoid-taking-pointer-to-packed-struct.patch --- kvmtool-0.20170904/debian/patches/0004-virtio-blk-Avoid-taking-pointer-to-packed-struct.patch 1970-01-01 01:00:00.000000000 +0100 +++ kvmtool-0.20170904/debian/patches/0004-virtio-blk-Avoid-taking-pointer-to-packed-struct.patch 2020-03-05 11:57:42.000000000 +0000 @@ -0,0 +1,52 @@ +From eaeaf60808d6b60fb17adbb8312039f9a7c1abe6 Mon Sep 17 00:00:00 2001 +From: Andre Przywara <[email protected]> +Date: Fri, 3 May 2019 18:15:44 +0100 +Subject: [PATCH] virtio/blk: Avoid taking pointer to packed struct + +clang and GCC9 refuse to compile virtio/blk.c with the following message: +virtio/blk.c:161:37: error: taking address of packed member 'geometry' of class + or structure 'virtio_blk_config' may result in an unaligned pointer value + [-Werror,-Waddress-of-packed-member] + struct virtio_blk_geometry *geo = &conf->geometry; + +Since struct virtio_blk_geometry is in a kernel header, we can't do much +about the packed attribute, but as Peter pointed out, the solution is +rather simple: just get rid of the convenience variable and use the +original struct member directly. + +Reviewed-by: Jean-Philippe Brucker <[email protected]> +Suggested-by: Peter Maydell <[email protected]> +Signed-off-by: Andre Przywara <[email protected]> +Signed-off-by: Will Deacon <[email protected]> +--- + +upstream commit eaeaf60808d6b60fb17adbb8312039f9a7c1abe6 + + virtio/blk.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/virtio/blk.c b/virtio/blk.c +index 50db6f5..f267be1 100644 +--- a/virtio/blk.c ++++ b/virtio/blk.c +@@ -161,7 +161,6 @@ static void set_guest_features(struct kvm *kvm, void *dev, u32 features) + { + struct blk_dev *bdev = dev; + struct virtio_blk_config *conf = &bdev->blk_config; +- struct virtio_blk_geometry *geo = &conf->geometry; + + bdev->features = features; + +@@ -170,7 +169,8 @@ static void set_guest_features(struct kvm *kvm, void *dev, u32 features) + conf->seg_max = virtio_host_to_guest_u32(&bdev->vdev, conf->seg_max); + + /* Geometry */ +- geo->cylinders = virtio_host_to_guest_u16(&bdev->vdev, geo->cylinders); ++ conf->geometry.cylinders = virtio_host_to_guest_u16(&bdev->vdev, ++ conf->geometry.cylinders); + + conf->blk_size = virtio_host_to_guest_u32(&bdev->vdev, conf->blk_size); + conf->min_io_size = virtio_host_to_guest_u16(&bdev->vdev, conf->min_io_size); +-- +2.20.1 + diff -Nru kvmtool-0.20170904/debian/patches/0005-net-dhcp-avoid-misleading-strncpy.patch kvmtool-0.20170904/debian/patches/0005-net-dhcp-avoid-misleading-strncpy.patch --- kvmtool-0.20170904/debian/patches/0005-net-dhcp-avoid-misleading-strncpy.patch 1970-01-01 01:00:00.000000000 +0100 +++ kvmtool-0.20170904/debian/patches/0005-net-dhcp-avoid-misleading-strncpy.patch 2020-03-05 11:57:58.000000000 +0000 @@ -0,0 +1,38 @@ +From 0796825e08da408fba6614d8a135a264d37ef9fe Mon Sep 17 00:00:00 2001 +From: Andre Przywara <[email protected]> +Date: Mon, 4 Feb 2019 16:34:58 +0000 +Subject: [PATCH] net/dhcp: avoid misleading strncpy + +The code for copying an empty IP address into the DHCP opt buffer used +strncpy, however used the source length as the size argument. GCC 8.x +complains about it. + +Since the source string is actually fixed, just revert to the old +strcpy, which gives us actually the same level of security in this case, +but makes the compiler happy. + +Signed-off-by: Andre Przywara <[email protected]> +Signed-off-by: Will Deacon <[email protected]> +--- + +upstream commit 0796825e08da408fba6614d8a135a264d37ef9fe + + net/uip/dhcp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/uip/dhcp.c b/net/uip/dhcp.c +index 8f01300..9de5588 100644 +--- a/net/uip/dhcp.c ++++ b/net/uip/dhcp.c +@@ -131,7 +131,7 @@ static int uip_dhcp_fill_option(struct uip_info *info, struct uip_dhcp *dhcp, in + opt[i++] = UIP_DHCP_TAG_ROOT; + opt[i++] = strlen(EMPTY_ADDR); + addr = (u32 *)&opt[i]; +- strncpy((void *) addr, EMPTY_ADDR, strlen(EMPTY_ADDR)); ++ strcpy((void *) addr, EMPTY_ADDR); + i += strlen(EMPTY_ADDR); + + i = uip_dhcp_fill_option_name_and_server(info, opt, i); +-- +2.20.1 + diff -Nru kvmtool-0.20170904/debian/patches/0006-kvmtool-9p-fix-overapping-snprintf.patch kvmtool-0.20170904/debian/patches/0006-kvmtool-9p-fix-overapping-snprintf.patch --- kvmtool-0.20170904/debian/patches/0006-kvmtool-9p-fix-overapping-snprintf.patch 1970-01-01 01:00:00.000000000 +0100 +++ kvmtool-0.20170904/debian/patches/0006-kvmtool-9p-fix-overapping-snprintf.patch 2020-03-05 11:58:35.000000000 +0000 @@ -0,0 +1,59 @@ +From 04d604b65f1f7061c252d41b65b474aae418d025 Mon Sep 17 00:00:00 2001 +From: Anisse Astier <[email protected]> +Date: Mon, 4 Feb 2019 10:59:44 +0100 +Subject: [PATCH] kvmtool: 9p: fix overapping snprintf +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC 8.2 gives this warning: + +virtio/9p.c: In function ‘virtio_p9_create’: +virtio/9p.c:335:21: error: passing argument 1 to restrict-qualified parameter aliases with argument 4 [-Werror=restrict] + ret = snprintf(dfid->path, size, "%s/%s", dfid->path, name); + ~~~~^~~~~~ ~~~~~~~~~~ + +Fix it by allocating a temporary string with dfid->path content instead +of overwriting it in-place, which is limited in glibc snprintf with the +__restrict qualifier. + +Reviewed-by: Andre Przywara <[email protected]> +Signed-off-by: Anisse Astier <[email protected]> +Signed-off-by: Will Deacon <[email protected]> +--- + +upstream commit 04d604b65f1f7061c252d41b65b474aae418d025 + + virtio/9p.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/virtio/9p.c b/virtio/9p.c +index 6bae403..ac70dbc 100644 +--- a/virtio/9p.c ++++ b/virtio/9p.c +@@ -322,6 +322,7 @@ static void virtio_p9_create(struct p9_dev *p9dev, + struct p9_qid qid; + struct p9_fid *dfid; + char full_path[PATH_MAX]; ++ char *tmp_path; + u32 dfid_val, flags, mode, gid; + + virtio_p9_pdu_readf(pdu, "dsddd", &dfid_val, +@@ -332,7 +333,13 @@ static void virtio_p9_create(struct p9_dev *p9dev, + goto err_out; + + size = sizeof(dfid->abs_path) - (dfid->path - dfid->abs_path); +- ret = snprintf(dfid->path, size, "%s/%s", dfid->path, name); ++ ++ tmp_path = strdup(dfid->path); ++ if (!tmp_path) ++ goto err_out; ++ ++ ret = snprintf(dfid->path, size, "%s/%s", tmp_path, name); ++ free(tmp_path); + if (ret >= (int)size) { + errno = ENAMETOOLONG; + if (size > 0) +-- +2.20.1 + diff -Nru kvmtool-0.20170904/debian/patches/series kvmtool-0.20170904/debian/patches/series --- kvmtool-0.20170904/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ kvmtool-0.20170904/debian/patches/series 2020-03-05 11:56:24.000000000 +0000 @@ -0,0 +1,6 @@ +0001-builtin-run-Fix-warning-when-resolving-path.patch +0002-builtin-run-Replace-strncpy-calls-with-strlcpy.patch +0003-virtio-use-strlcpy.patch +0004-virtio-blk-Avoid-taking-pointer-to-packed-struct.patch +0005-net-dhcp-avoid-misleading-strncpy.patch +0006-kvmtool-9p-fix-overapping-snprintf.patch
