Hello community,
here is the log from the commit of package pacemaker for openSUSE:Factory checked in at 2019-04-15 11:51:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pacemaker (Old)
and /work/SRC/openSUSE:Factory/.pacemaker.new.17052 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pacemaker"
Mon Apr 15 11:51:25 2019 rev:129 rq:693680 version:2.0.1+20190408.1b68da8e8
Changes:
--------
--- /work/SRC/openSUSE:Factory/pacemaker/pacemaker.changes 2019-04-05 11:55:48.146299389 +0200
+++ /work/SRC/openSUSE:Factory/.pacemaker.new.17052/pacemaker.changes 2019-04-15 11:51:32.902521480 +0200
@@ -1,0 +2,21 @@
+Thu Apr 11 15:32:23 UTC 2019 - Yan Gao
From 60c3bcbcebd8b619b2124dfed9585182b97eb385 Mon Sep 17 00:00:00 2001 From: "Gao,Yan"
Date: Thu, 11 Apr 2019 17:08:41 +0200 Subject: [PATCH 1/2] Revert "Fix: service-lib: avoid call-pattern leading to use-after-free"
This reverts commit e5a1d5dd751effe674e57a2f834e75650ad210c1. --- include/crm/services.h | 8 +------- lib/fencing/st_client.c | 18 +++--------------- lib/services/services.c | 13 +------------ lib/services/services_linux.c | 5 ----- lib/services/services_private.h | 1 - 5 files changed, 5 insertions(+), 40 deletions(-) diff --git a/include/crm/services.h b/include/crm/services.h index 4bdd21a34..c13fc0f04 100644 --- a/include/crm/services.h +++ b/include/crm/services.h @@ -305,17 +305,11 @@ gboolean services_action_kick(const char *name, const char *action, * * \param[in] op services action data * \param[in] action_callback callback for when the action completes - * \param[in] action_fork_callback callback for when action forked successfully * * \retval TRUE succesfully started execution * \retval FALSE failed to start execution, no callback will be received */ - gboolean services_action_async_fork_notify(svc_action_t * op, - void (*action_callback) (svc_action_t *), - void (*action_fork_callback) (svc_action_t *)); - - gboolean services_action_async(svc_action_t * op, - void (*action_callback) (svc_action_t *)); + gboolean services_action_async(svc_action_t * op, void (*action_callback) (svc_action_t *)); gboolean services_action_cancel(const char *name, const char *action, guint interval_ms); diff --git a/lib/fencing/st_client.c b/lib/fencing/st_client.c index f4b7addc2..0f2c33012 100644 --- a/lib/fencing/st_client.c +++ b/lib/fencing/st_client.c @@ -720,18 +720,6 @@ stonith_action_async_done(svc_action_t *svc_action) stonith__destroy_action(action); } -static void -stonith_action_async_forked(svc_action_t *svc_action) -{ - stonith_action_t *action = (stonith_action_t *) svc_action->cb_data; - - action->pid = svc_action->pid; - action->svc_action = svc_action; - - crm_trace("Child process %d performing action '%s' successfully forked", - action->pid, action->action); -} - static int internal_stonith_action_execute(stonith_action_t * action) { @@ -778,12 +766,12 @@ internal_stonith_action_execute(stonith_action_t * action) if (action->async) { /* async */ - if(services_action_async_fork_notify(svc_action, - &stonith_action_async_done, - &stonith_action_async_forked) == FALSE) { + if(services_action_async(svc_action, &stonith_action_async_done) == FALSE) { services_action_free(svc_action); svc_action = NULL; } else { + action->pid = svc_action->pid; + action->svc_action = svc_action; rc = 0; } diff --git a/lib/services/services.c b/lib/services/services.c index 313567f58..fa1e0dbe8 100644 --- a/lib/services/services.c +++ b/lib/services/services.c @@ -766,17 +766,12 @@ services_untrack_op(svc_action_t *op) } gboolean -services_action_async_fork_notify(svc_action_t * op, - void (*action_callback) (svc_action_t *), - void (*action_fork_callback) (svc_action_t *)) +services_action_async(svc_action_t * op, void (*action_callback) (svc_action_t *)) { op->synchronous = false; if (action_callback) { op->opaque->callback = action_callback; } - if (action_fork_callback) { - op->opaque->fork_callback = action_fork_callback; - } if (op->interval_ms > 0) { init_recurring_actions(); @@ -796,12 +791,6 @@ services_action_async_fork_notify(svc_action_t * op, return action_exec_helper(op); } -gboolean -services_action_async(svc_action_t * op, - void (*action_callback) (svc_action_t *)) -{ - return services_action_async_fork_notify(op, action_callback, NULL); -} static gboolean processing_blocked_ops = FALSE; diff --git a/lib/services/services_linux.c b/lib/services/services_linux.c index 8686f2947..66f0fbfc7 100644 --- a/lib/services/services_linux.c +++ b/lib/services/services_linux.c @@ -888,11 +888,6 @@ services_os_action_execute(svc_action_t * op) op->opaque->stdin_fd = -1; } - // after fds are setup properly and before we plug anything into mainloop - if (op->opaque->fork_callback) { - op->opaque->fork_callback(op); - } - if (op->synchronous) { action_synced_wait(op, pmask); sigchld_cleanup(); diff --git a/lib/services/services_private.h b/lib/services/services_private.h index 660a35b67..bb4a7b6a3 100644 --- a/lib/services/services_private.h +++ b/lib/services/services_private.h @@ -25,7 +25,6 @@ struct svc_action_private_s { guint repeat_timer; void (*callback) (svc_action_t * op); - void (*fork_callback) (svc_action_t * op); int stderr_fd; mainloop_io_t *stderr_gsource; -- 2.16.4 ++++++ 0002-Revert-use-common-service-interface-for-fence-agents.patch ++++++ ++++ 817 lines (skipped) ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.u8gIxl/_old 2019-04-15 11:51:35.326522763 +0200 +++ /var/tmp/diff_new_pack.u8gIxl/_new 2019-04-15 11:51:35.326522763 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">git://github.com/ClusterLabs/pacemaker.git</param> - <param name="changesrevision">9bf0fcf37d50854b087a28003f2d9f7ca94601e0</param> + <param name="changesrevision">1b68da8e8994330a9034280221357abdb02084f4</param> </service> </servicedata> \ No newline at end of file ++++++ bug-728579_pacemaker-stonith-dev-id.patch ++++++ --- /var/tmp/diff_new_pack.u8gIxl/_old 2019-04-15 11:51:35.330522766 +0200 +++ /var/tmp/diff_new_pack.u8gIxl/_new 2019-04-15 11:51:35.334522767 +0200 @@ -4,11 +4,11 @@ Medium: stonith: Expose IDs of stonith resources to stonith agents through "$CRM_meta_st_device_id" environment variable -Index: pacemaker-2.0.1+20190402.e091f4f0c/daemons/fenced/fenced_commands.c +Index: pacemaker-2.0.0+20180726.3d81c89b8/daemons/fenced/fenced_commands.c =================================================================== ---- pacemaker-2.0.1+20190402.e091f4f0c.orig/daemons/fenced/fenced_commands.c -+++ pacemaker-2.0.1+20190402.e091f4f0c/daemons/fenced/fenced_commands.c -@@ -946,6 +946,7 @@ build_device_from_xml(xmlNode * msg) +--- pacemaker-2.0.0+20180726.3d81c89b8.orig/daemons/fenced/fenced_commands.c ++++ pacemaker-2.0.0+20180726.3d81c89b8/daemons/fenced/fenced_commands.c +@@ -940,6 +940,7 @@ build_device_from_xml(xmlNode * msg) device->id, device->on_target_actions); } @@ -16,27 +16,27 @@ device->work = mainloop_add_trigger(G_PRIORITY_HIGH, stonith_device_dispatch, device); /* TODO: Hook up priority */ -Index: pacemaker-2.0.1+20190402.e091f4f0c/lib/fencing/st_client.c +Index: pacemaker-2.0.0+20180726.3d81c89b8/lib/fencing/st_client.c =================================================================== ---- pacemaker-2.0.1+20190402.e091f4f0c.orig/lib/fencing/st_client.c -+++ pacemaker-2.0.1+20190402.e091f4f0c/lib/fencing/st_client.c -@@ -39,6 +39,7 @@ struct stonith_action_s { +--- pacemaker-2.0.0+20180726.3d81c89b8.orig/lib/fencing/st_client.c ++++ pacemaker-2.0.0+20180726.3d81c89b8/lib/fencing/st_client.c +@@ -38,6 +38,7 @@ struct stonith_action_s { char *action; char *victim; - GHashTable *args; + char *args; + char *dev_id; int timeout; int async; void *userdata; -@@ -559,6 +560,7 @@ stonith__destroy_action(stonith_action_t - } - free(action->output); - free(action->error); +@@ -621,6 +622,7 @@ stonith__destroy_action(stonith_action_t + free(action->args); + free(action->action); + free(action->victim); + free(action->dev_id); free(action); } } -@@ -628,6 +630,8 @@ stonith_action_create(const char *agent, +@@ -690,6 +692,8 @@ stonith_action_create(const char *agent, if (device_args) { char buffer[512]; const char *value = NULL; @@ -45,7 +45,7 @@ snprintf(buffer, sizeof(buffer), "pcmk_%s_retries", _action); value = g_hash_table_lookup(device_args, buffer); -@@ -635,6 +639,11 @@ stonith_action_create(const char *agent, +@@ -697,6 +701,11 @@ stonith_action_create(const char *agent, if (value) { action->max_retries = atoi(value); } @@ -57,43 +57,23 @@ } return action; -@@ -755,6 +764,10 @@ internal_stonith_action_execute(stonith_ - svc_action->params = action->args; - svc_action->cb_data = (void *) action; - -+ if (action->dev_id) { -+ svc_action->rsc = strdup(action->dev_id); -+ } -+ - /* keep retries from executing out of control and free previous results */ - if (is_retry) { - free(action->output); -Index: pacemaker-2.0.1+20190402.e091f4f0c/lib/services/services_linux.c -=================================================================== ---- pacemaker-2.0.1+20190402.e091f4f0c.orig/lib/services/services_linux.c -+++ pacemaker-2.0.1+20190402.e091f4f0c/lib/services/services_linux.c -@@ -30,6 +30,9 @@ - #include "crm/common/mainloop.h" - #include "crm/services.h" - -+#include "crm/stonith-ng.h" -+#include "crm/fencing/internal.h" -+ - #include "services_private.h" +@@ -878,6 +887,8 @@ internal_stonith_action_execute(stonith_ - #if SUPPORT_CIBSECRETS -@@ -169,6 +172,14 @@ set_ocf_env_with_prefix(gpointer key, gp - static void - add_action_env_vars(const svc_action_t *op) - { -+ if (safe_str_eq(op->standard, PCMK_RESOURCE_CLASS_STONITH) -+ && safe_str_eq(op->agent, "fence_legacy") -+ && op->rsc) { + if (!pid) { + /* child */ + const char *st_dev_id_key = CRM_META "_" F_STONITH_DEVICE; + -+ setenv(st_dev_id_key, op->rsc, 1); -+ } + setpgid(0, 0); + + close(1); +@@ -900,6 +911,10 @@ internal_stonith_action_execute(stonith_ + close(p_write_fd); + close(p_stderr_fd); + ++ if (action->dev_id) { ++ setenv(st_dev_id_key, action->dev_id, 1); ++ } + - if (safe_str_eq(op->standard, PCMK_RESOURCE_CLASS_OCF) == FALSE) { - return; - } + /* keep retries from executing out of control */ + if (is_retry) { + sleep(1); ++++++ pacemaker-2.0.1+20190402.e091f4f0c.tar.xz -> pacemaker-2.0.1+20190408.1b68da8e8.tar.xz ++++++ ++++ 54717 lines of diff (skipped)