diff --git a/SOURCES/0001-mpstat-incorrect-cpu-usage-iowait.patch b/SOURCES/0001-mpstat-incorrect-cpu-usage-iowait.patch new file mode 100644 index 0000000..0c51ca9 --- /dev/null +++ b/SOURCES/0001-mpstat-incorrect-cpu-usage-iowait.patch @@ -0,0 +1,63 @@ +From 1f5949d4a6fcb33065dbb1d509f356db039998ed Mon Sep 17 00:00:00 2001 +From: Sebastien GODARD +Date: Wed, 2 Sep 2020 19:04:04 +0200 +Subject: [PATCH] Workaround for iowait being decremented + +The iowait value reported by the kernel on NO_HZ systems can decrement +as a result of inaccurate iowait tracking. Waiting on IO can be first +accounted as iowait but then instead as idle. + +Function get_per_cpu_interval() considers iowait going backwards between +two readings as a CPU coming back online and resets the iowait value of +the first reading to 0. If iowait is decremented only because of +inaccurate tracking, this causes that almost all time between the two +readings is incorrectly recognized by sar as being spent in iowait. + +The patch updates the code in get_per_cpu_interval() to recognize this +situation. If the iowait value between two readings decremented but the +idle value did not then the code now considers it as a problem with the +iowait reporting and corrects the first value according to the second +reading. Otherwise, the code remains treating decremented iowait as a +CPU coming back online. + +Fixes #14. + +Signed-off-by: Sebastien GODARD +--- + rd_stats.c | 20 +++++++++++++++++--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +diff --git a/rd_stats.c b/rd_stats.c +index 56d42d00..fb93f23f 100644 +--- a/rd_stats.c ++++ b/rd_stats.c +@@ -440,12 +440,26 @@ unsigned long long get_per_cpu_interval(struct stats_cpu *scc, + * value was greater than ULLONG_MAX - 0x7ffff (the counter probably + * overflew). + */ ++ if ((scc->cpu_iowait < scp->cpu_iowait) && (scp->cpu_iowait < (ULLONG_MAX - 0x7ffff))) { ++ /* ++ * The iowait value reported by the kernel can also decrement as ++ * a result of inaccurate iowait tracking. Waiting on IO can be ++ * first accounted as iowait but then instead as idle. ++ * Therefore if the idle value during the same period did not ++ * decrease then consider this is a problem with the iowait ++ * reporting and correct the previous value according to the new ++ * reading. Otherwise, treat this as CPU coming back online. ++ */ ++ if ((scc->cpu_idle > scp->cpu_idle) || (scp->cpu_idle >= (ULLONG_MAX - 0x7ffff))) { ++ scp->cpu_iowait = scc->cpu_iowait; ++ } ++ else { ++ scp->cpu_iowait = 0; ++ } ++ } + if ((scc->cpu_idle < scp->cpu_idle) && (scp->cpu_idle < (ULLONG_MAX - 0x7ffff))) { + scp->cpu_idle = 0; + } +- if ((scc->cpu_iowait < scp->cpu_iowait) && (scp->cpu_iowait < (ULLONG_MAX - 0x7ffff))) { +- scp->cpu_iowait = 0; +- } + + /* + * Don't take cpu_guest and cpu_guest_nice into account diff --git a/SOURCES/CVE-2023-33204.patch b/SOURCES/CVE-2023-33204.patch new file mode 100644 index 0000000..c5afb4e --- /dev/null +++ b/SOURCES/CVE-2023-33204.patch @@ -0,0 +1,23 @@ +From 954ff2e2673cef48f0ed44668c466eab041db387 Mon Sep 17 00:00:00 2001 +From: Pavel Kopylov +Date: Wed, 17 May 2023 11:33:45 +0200 +Subject: [PATCH] Fix an overflow which is still possible for some values. +diff --git a/common.c b/common.c +index 583a0ca..6d73b1b 100644 +--- a/common.c ++++ b/common.c +@@ -1639,9 +1639,11 @@ int parse_values(char *strargv, unsigned char bitmap[], int max_val, const char + */ + void check_overflow(size_t val1, size_t val2, size_t val3) + { +- if ((unsigned long long) val1 * +- (unsigned long long) val2 * +- (unsigned long long) val3 > UINT_MAX) { ++if ((val1 != 0) && (val2 != 0) && (val3 != 0) && ++ (((unsigned long long)UINT_MAX / (unsigned long long)val1 < ++ (unsigned long long)val2) || ++ ((unsigned long long)UINT_MAX / ((unsigned long long)val1 * ++ (unsigned long long)val2) < (unsigned long long)val3))) { + #ifdef DEBUG + fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", + __FUNCTION__, diff --git a/SPECS/sysstat.spec b/SPECS/sysstat.spec index 5fab4ae..4e470f1 100644 --- a/SPECS/sysstat.spec +++ b/SPECS/sysstat.spec @@ -1,7 +1,7 @@ Summary: Collection of performance monitoring tools for Linux Name: sysstat Version: 11.7.3 -Release: 9%{?dist} +Release: 11%{?dist} License: GPLv2+ Group: Applications/System URL: http://sebastien.godard.pagesperso-orange.fr/ @@ -19,7 +19,8 @@ Patch04: 0001-sadf-Fix-seg-fault-on-empty-data-files.patch Patch05: 0001-sar-Fix-typo-in-manual-page.patch Patch06: CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch Patch07: 0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch - +Patch08: 0001-mpstat-incorrect-cpu-usage-iowait.patch +Patch09: CVE-2023-33204.patch BuildRequires: gettext, lm_sensors-devel, systemd Requires: findutils, xz @@ -54,6 +55,8 @@ The cifsiostat command reports I/O statistics for CIFS file systems. %patch05 -p1 %patch06 -p1 %patch07 -p1 +%patch08 -p1 +%patch09 -p1 %build export CFLAGS="$RPM_OPT_FLAGS -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld" @@ -102,9 +105,15 @@ fi %{_localstatedir}/log/sa %changelog -* Wed Jul 26 2023 MSVSphere Packaging Team - 11.7.3-9 +* Wed Jul 26 2023 MSVSphere Packaging Team - 11.7.3-11 - Rebuilt for MSVSphere 8.8 +* Fri Jul 07 2023 psimovec - 11.7.3-11 +- fix the arithmetic overflow in allocate_structures() that is still possible on some 32 bit systems (CVE-2023-33204) + +* Thu Mar 16 2023 Lukáš Zaoral - 11.7.3-10 +- Fix incorrect CPU usage on ALL CPU field for iowait in mpstat (#2178863) + * Wed Dec 14 2022 Lukáš Zaoral - 11.7.3-9 - add -f flag to force fdatasync() after sa file update (#2153192)