Bug 2239612

Summary: libkrun: FTBFS in Fedora Rawhide
Product: [Fedora] Fedora Reporter: Fabio Valentini <decathorpe>
Component: libkrunAssignee: Sergio Lopez <slopezpa>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: crobinso, slopezpa, tfanelli
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
URL: https://koschei.fedoraproject.org/package/libkrun
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-01-08 14:40:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Fabio Valentini 2023-09-19 11:53:37 UTC
Description of problem:
Package libkrun fails to build from source in Fedora Rawhide.

Version-Release number of selected component (if applicable):
1.5.0-5.fc39

Steps to Reproduce:
koji build --scratch f40 libkrun-1.5.0-5.fc39.src.rpm

Additional info:
This package is tracked by Koschei. See:
https://koschei.fedoraproject.org/package/libkrun

===

This is happening be cause the v1.2.0 release of the "sev" crate unintentionally pushed breaking changes. I have reported this upstream, since it affects at least two packages in Fedora (rust-sevctl and libkrun): https://github.com/virtee/sev/issues/93

I included options for how to resolve this issue, but upstream has, so far, been unresponsive. If you know a better way to reach out to the upstream developers, please notify them that this is causing problems for us:

I wanted to rebuild libkrun to address CVE-2023-41051 in the vm-memory crate, but this issue is preventing builds.

c.f. https://bugzilla.redhat.com/show_bug.cgi?id=2236894


Reproducible: Always

Comment 1 Tyler Fanelli 2023-10-17 03:42:57 UTC
Apologies for the delay. I've submitted a fix upstream. We could then package it and (re-)release for f39.

https://github.com/containers/libkrun/pull/148

Comment 2 Fabio Valentini 2023-12-01 21:49:59 UTC
This issue has now also prevented me from rebuilding libkrun to address the RUSTSEC-2023-0044 and RUSTSEC-2023-0072 advisories.

Comment 3 Sergio Lopez 2023-12-11 15:55:21 UTC
Upstream has de-vendorized kbs-types, so we need to package it first. Working on it now.

Comment 4 Sergio Lopez 2024-01-08 14:40:48 UTC
With the packages updated to 1.7.2-1, this has been fixed in rawhide, f39 and f38.