Re: [PATCH 3/3] qemu: Emit NIC_MAC_CHANGE event

On Mon, Mar 17, 2025 at 12:28:50PM +0100, Michal Privoznik via Devel wrote: > So far, we only process NIC_RX_FILTER_CHANGED event when the > corresponding device has 'trustGuestRxFilters' enabled. And the > event is emitted only for virtio model. IOW, this is fairly > limited situation and other scenarios don't emit any event (e.g. > change of MAC address on a PCI passthrough device). > > Resolves: https://issues.redhat.com/browse/RHEL-7035 > Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt; > --- > src/qemu/qemu_domain.c  | 16 +++++++++++++++- > src/qemu/qemu_domain.h  |  3 ++- > src/qemu/qemu_driver.c  |  9 ++++++--- > src/qemu/qemu_process.c |  2 +- > 4 files changed, 24 insertions(+), 6 deletions(-) > > diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c > index 47ae59d408..9dc0a03849 100644 > --- a/src/qemu/qemu_domain.c > +++ b/src/qemu/qemu_domain.c > @@ -11018,7 +11018,8 @@ syncNicRxFilterMulticast(char *ifname, > int > qemuDomainSyncRxFilter(virDomainObj *vm, >                        virDomainNetDef *def, > -                       virDomainAsyncJob asyncJob) > +                       virDomainAsyncJob asyncJob, > +                       virObjectEvent **event) > { >     qemuDomainObjPrivate *priv = vm->privateData; >     g_autoptr(virNetDevRxFilter) guestFilter = NULL; > @@ -11085,6 +11086,19 @@ qemuDomainSyncRxFilter(virDomainObj *vm, >         } else { >             VIR_FREE(def->guestAddress); If the mac address changed *to* the same one that is configured this is free'd, but oldMAC still points to it. >         } > + > +        if (event) { > +            char oldMAC[VIR_MAC_STRING_BUFLEN] = { 0 }; > +            char newMAC[VIR_MAC_STRING_BUFLEN] = { 0 }; > + > +            virMacAddrFormat(&def->mac, oldMAC); And then in such case this is use after free.