Revision tags: v9.2.0, v9.1.2, v9.1.1, v9.1.0 |
|
#
0f397dcf |
| 08-Aug-2024 |
Richard Henderson <richard.henderson@linaro.org> |
Merge tag 'pull-nbd-2024-08-08' of https://repo.or.cz/qemu/ericb into staging
NBD patches for 2024-08-08
- plug CVE-2024-7409, a DoS attack exploiting nbd-server-stop
# -----BEGIN PGP SIGNATURE---
Merge tag 'pull-nbd-2024-08-08' of https://repo.or.cz/qemu/ericb into staging
NBD patches for 2024-08-08
- plug CVE-2024-7409, a DoS attack exploiting nbd-server-stop
# -----BEGIN PGP SIGNATURE----- # # iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAma1PVEACgkQp6FrSiUn # Q2qdHQf/dMydqNcPYnwEI238APyljpNvHNq6p9TYb0l5aVWisXHRlhFWM117hH7T # Aq2KUgS5ppiEpw8mxa6/OaDa74VpMGyEPgn9w6o7T1xjVBVzpMxOKp5wFa8uICLj # mFMYXtj9i0Rb+z0iZ+X+CqIV2Wy/FyV00Wr9T4HW94IV/9EK1sWvZvfyGWyxYyBZ # XKTQV1Co3HYX8gfq7E88SgS064DnHjtRy2no4lwNFkBbVQCSbqwbK63TRPi7kEyC # DmSLdHCdsD7Ev9kMZ6uNJS5T/9t7hjO5mWJckLt/cXOjHgL7GkoisLH8/nGjVkyc # 3SUGjMn4TlzqMU99STRP+a48TLCVhA== # =kDut # -----END PGP SIGNATURE----- # gpg: Signature made Fri 09 Aug 2024 07:49:05 AM AEST # gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full]
* tag 'pull-nbd-2024-08-08' of https://repo.or.cz/qemu/ericb: nbd/server: CVE-2024-7409: Close stray clients at server-stop nbd/server: CVE-2024-7409: Drop non-negotiating clients nbd/server: CVE-2024-7409: Cap default max-connections to 100 nbd/server: Plumb in new args to nbd_client_add() nbd: Minor style and typo fixes
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
show more ...
|
#
b9b72cb3 |
| 08-Aug-2024 |
Eric Blake <eblake@redhat.com> |
nbd/server: CVE-2024-7409: Drop non-negotiating clients
A client that opens a socket but does not negotiate is merely hogging qemu's resources (an open fd and a small amount of memory); and a malici
nbd/server: CVE-2024-7409: Drop non-negotiating clients
A client that opens a socket but does not negotiate is merely hogging qemu's resources (an open fd and a small amount of memory); and a malicious client that can access the port where NBD is listening can attempt a denial of service attack by intentionally opening and abandoning lots of unfinished connections. The previous patch put a default bound on the number of such ongoing connections, but once that limit is hit, no more clients can connect (including legitimate ones). The solution is to insist that clients complete handshake within a reasonable time limit, defaulting to 10 seconds. A client that has not successfully completed NBD_OPT_GO by then (including the case of where the client didn't know TLS credentials to even reach the point of NBD_OPT_GO) is wasting our time and does not deserve to stay connected. Later patches will allow fine-tuning the limit away from the default value (including disabling it for doing integration testing of the handshake process itself).
Note that this patch in isolation actually makes it more likely to see qemu SEGV after nbd-server-stop, as any client socket still connected when the server shuts down will now be closed after 10 seconds rather than at the client's whims. That will be addressed in the next patch.
For a demo of this patch in action: $ qemu-nbd -f raw -r -t -e 10 file & $ nbdsh --opt-mode -c ' H = list() for i in range(20): print(i) H.insert(i, nbd.NBD()) H[i].set_opt_mode(True) H[i].connect_uri("nbd://localhost") ' $ kill $!
where later connections get to start progressing once earlier ones are forcefully dropped for taking too long, rather than hanging.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20240807174943.771624-13-eblake@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> [eblake: rebase to changes earlier in series, reduce scope of timer] Signed-off-by: Eric Blake <eblake@redhat.com>
show more ...
|
#
e068c0b9 |
| 09-Oct-2023 |
Stefan Hajnoczi <stefanha@redhat.com> |
Merge tag 'pull-nbd-2023-10-05' of https://repo.or.cz/qemu/ericb into staging
NBD patches for 2023-10-05
- various: mailmap cleanups - Eric Blake: enable use of NBD 64-bit extended headers
# -----
Merge tag 'pull-nbd-2023-10-05' of https://repo.or.cz/qemu/ericb into staging
NBD patches for 2023-10-05
- various: mailmap cleanups - Eric Blake: enable use of NBD 64-bit extended headers
# -----BEGIN PGP SIGNATURE----- # # iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAmUfA94ACgkQp6FrSiUn # Q2o2hAf/Q4q6RoEG9WoOIa6WB1nk9tZN6GRfW4jS+09hJTFVbYUhJOcvQwwZjPT6 # 6oIwde8w7uE+AxBOA3XPbgTOBnTnpt2RH2AYVctNYB2vonuSrx3/KE3XSi4nrJRo # +XiPbOsDzQu+vYsI7XJ+5e13BE4iZVmzbyke0U6hO88uR6tQstDJV1Mhem4jIbCG # uLzkVDs3yY5sUFoUe77lFGWgKqfh87eJXV18T76df97ZZ5O2/w9G8MknG/CTSsR0 # fmzzC1Q4a2UEFtX8M3etRQ/b5WbFYhM+XwFevm2YBpod89ejGEA0ohhpn+GpZDU9 # SU66lXL/5jM9N7RkiSFwvupaot9hvw== # =UieX # -----END PGP SIGNATURE----- # gpg: Signature made Thu 05 Oct 2023 14:43:42 EDT # gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full] # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* tag 'pull-nbd-2023-10-05' of https://repo.or.cz/qemu/ericb: nbd/server: Add FLAG_PAYLOAD support to CMD_BLOCK_STATUS nbd/server: Prepare for per-request filtering of BLOCK_STATUS nbd/server: Refactor list of negotiated meta contexts nbd/client: Request extended headers during negotiation nbd/client: Accept 64-bit block status chunks nbd/client: Initial support for extended headers nbd/client: Plumb errp through nbd_receive_replies nbd/server: Enable initial support for extended headers nbd/server: Support 64-bit block status nbd/server: Prepare to send extended header replies nbd/server: Prepare to receive extended header requests nbd/server: Support a request payload mailmap: Fix BALATON Zoltan author email maint: Tweak comments in mailmap regarding SPF mailmap: Fix Andrey Drobyshev author email
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
show more ...
|
#
2dcbb11b |
| 25-Sep-2023 |
Eric Blake <eblake@redhat.com> |
nbd/server: Add FLAG_PAYLOAD support to CMD_BLOCK_STATUS
Allow a client to request a subset of negotiated meta contexts. For example, a client may ask to use a single connection to learn about both
nbd/server: Add FLAG_PAYLOAD support to CMD_BLOCK_STATUS
Allow a client to request a subset of negotiated meta contexts. For example, a client may ask to use a single connection to learn about both block status and dirty bitmaps, but where the dirty bitmap queries only need to be performed on a subset of the disk; forcing the server to compute that information on block status queries in the rest of the disk is wasted effort (both at the server, and on the amount of traffic sent over the wire to be parsed and ignored by the client).
Qemu as an NBD client never requests to use more than one meta context, so it has no need to use block status payloads. Testing this instead requires support from libnbd, which CAN access multiple meta contexts in parallel from a single NBD connection; an interop test submitted to the libnbd project at the same time as this patch demonstrates the feature working, as well as testing some corner cases (for example, when the payload length is longer than the export length), although other corner cases (like passing the same id duplicated) requires a protocol fuzzer because libnbd is not wired up to break the protocol that badly.
This also includes tweaks to 'qemu-nbd --list' to show when a server is advertising the capability, and to the testsuite to reflect the addition to that output.
Of note: qemu will always advertise the new feature bit during NBD_OPT_INFO if extended headers have alreay been negotiated (regardless of whether any NBD_OPT_SET_META_CONTEXT negotiation has occurred); but for NBD_OPT_GO, qemu only advertises the feature if block status is also enabled (that is, if the client does not negotiate any contexts, then NBD_CMD_BLOCK_STATUS cannot be used, so the feature is not advertised).
Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20230925192229.3186470-26-eblake@redhat.com> [eblake: fix logic to reject unnegotiated contexts] Signed-off-by: Eric Blake <eblake@redhat.com>
show more ...
|
#
4fc55bf3 |
| 25-Sep-2023 |
Eric Blake <eblake@redhat.com> |
nbd/client: Initial support for extended headers
Update the client code to be able to send an extended request, and parse an extended header from the server. Note that since we reject any structure
nbd/client: Initial support for extended headers
Update the client code to be able to send an extended request, and parse an extended header from the server. Note that since we reject any structured reply with a too-large payload, we can always normalize a valid header back into the compact form, so that the caller need not deal with two branches of a union. Still, until a later patch lets the client negotiate extended headers, the code added here should not be reached. Note that because of the different magic numbers, it is just as easy to trace and then tolerate a non-compliant server sending the wrong header reply as it would be to insist that the server is compliant.
Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20230925192229.3186470-21-eblake@redhat.com> [eblake: fix trace format] Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
show more ...
|
#
009cd866 |
| 25-Sep-2023 |
Eric Blake <eblake@redhat.com> |
nbd/server: Support a request payload
Upcoming additions to support NBD 64-bit effect lengths allow for the possibility to distinguish between payload length (capped at 32M) and effect length (64 bi
nbd/server: Support a request payload
Upcoming additions to support NBD 64-bit effect lengths allow for the possibility to distinguish between payload length (capped at 32M) and effect length (64 bits, although we generally assume 63 bits because of off_t limitations). Without that extension, only the NBD_CMD_WRITE request has a payload; but with the extension, it makes sense to allow at least NBD_CMD_BLOCK_STATUS to have both a payload and effect length in a future patch (where the payload is a limited-size struct that in turn gives the real effect length as well as a subset of known ids for which status is requested). Other future NBD commands may also have a request payload, so the 64-bit extension introduces a new NBD_CMD_FLAG_PAYLOAD_LEN that distinguishes between whether the header length is a payload length or an effect length, rather than hard-coding the decision based on the command.
According to the spec, a client should never send a command with a payload without the negotiation phase proving such extension is available. So in the unlikely event the bit is set or cleared incorrectly, the client is already at fault; if the client then provides the payload, we can gracefully consume it off the wire and fail the command with NBD_EINVAL (subsequent checks for magic numbers ensure we are still in sync), while if the client fails to send payload we block waiting for it (basically deadlocking our connection to the bad client, but not negatively impacting our ability to service other clients, so not a security risk). Note that we do not support the payload version of BLOCK_STATUS yet.
This patch also fixes a latent bug introduced in b2578459: once request->len can be 64 bits, assigning it to a 32-bit payload_len can cause wraparound to 0 which then sets req->complete prematurely; thankfully, the bug was not possible back then (it takes this and later patches to even allow request->len larger than 32 bits; and since previously the only 'payload_len = request->len' assignment was in NBD_CMD_WRITE which also sets check_length, which in turn rejects lengths larger than 32M before relying on any possibly-truncated value stored in payload_len).
Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20230925192229.3186470-15-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> [eblake: enhance comment on handling client error, fix type bug] Signed-off-by: Eric Blake <eblake@redhat.com>
show more ...
|
#
11a629d2 |
| 26-Sep-2023 |
Stefan Hajnoczi <stefanha@redhat.com> |
Merge tag 'pull-nbd-2023-09-25' of https://repo.or.cz/qemu/ericb into staging
NBD patches through 2023-09-25
- Denis V. Lunev: iotest improvements - Eric Blake: further work towards 64-bit NBD exte
Merge tag 'pull-nbd-2023-09-25' of https://repo.or.cz/qemu/ericb into staging
NBD patches through 2023-09-25
- Denis V. Lunev: iotest improvements - Eric Blake: further work towards 64-bit NBD extensions
# -----BEGIN PGP SIGNATURE----- # # iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAmUR2MUACgkQp6FrSiUn # Q2q6jAf+PT65XzMAhgKvu1vIeMSQqyCocNB2MCOzNp+46uB9bNbPPLQSH2EX+t6p # kQfHyHUl4YMi0EqgCfodiewlaUKeMxP3cPWMGYaYZ16uNMOIYL1boreDAcM25rb5 # P3TV3DAWTWSclUxrkTC2DxAIBPgsPsGG/2daqOMDEdinxlIywCMJDEIHc9gwwd/t # 7laz9V1cOW9NbQXrM7eTofJKPKIeqZ+w0kvqrf9HBvZl9CqwHADi7xoz9xP+fN+f # 713ED/hwt0FIlixtIm2/8vu7nn09cu6m9NaKsMOomsYg9Z6wU3ctivViG5NLq3MD # OOUu51dV8gRRAXAFU5vKb0d93D27zQ== # =Ik02 # -----END PGP SIGNATURE----- # gpg: Signature made Mon 25 Sep 2023 15:00:21 EDT # gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full] # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* tag 'pull-nbd-2023-09-25' of https://repo.or.cz/qemu/ericb: nbd/server: Refactor handling of command sanity checks nbd: Prepare for 64-bit request effect lengths nbd: Add types for extended headers nbd/client: Pass mode through to nbd_send_request nbd: Replace bool structured_reply with mode enum iotests: improve 'not run' message for nbd-multiconn test iotests: use TEST_IMG_FILE instead of TEST_IMG in _require_large_file
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
show more ...
|
#
b2578459 |
| 29-Aug-2023 |
Eric Blake <eblake@redhat.com> |
nbd: Prepare for 64-bit request effect lengths
Widen the length field of NBDRequest to 64-bits, although we can assert that all current uses are still under 32 bits: either because of NBD_MAX_BUFFER
nbd: Prepare for 64-bit request effect lengths
Widen the length field of NBDRequest to 64-bits, although we can assert that all current uses are still under 32 bits: either because of NBD_MAX_BUFFER_SIZE which is even smaller (and where size_t can still be appropriate, even on 32-bit platforms), or because nothing ever puts us into NBD_MODE_EXTENDED yet (and while future patches will allow larger transactions, the lengths in play here are still capped at 32-bit). There are no semantic changes, other than a typo fix in a couple of error messages.
Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20230829175826.377251-23-eblake@redhat.com> [eblake: fix assertion bug in nbd_co_send_simple_reply] Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
show more ...
|
#
d1181d29 |
| 20-Jul-2023 |
Peter Maydell <peter.maydell@linaro.org> |
Merge tag 'pull-nbd-2023-07-19' of https://repo.or.cz/qemu/ericb into staging
NBD patches through 2023-07-19
- Denis V. Lunev: fix hang with 'ssh ... "qemu-nbd -c"' - Eric Blake: preliminary work t
Merge tag 'pull-nbd-2023-07-19' of https://repo.or.cz/qemu/ericb into staging
NBD patches through 2023-07-19
- Denis V. Lunev: fix hang with 'ssh ... "qemu-nbd -c"' - Eric Blake: preliminary work towards NBD 64-bit extensions
# -----BEGIN PGP SIGNATURE----- # # iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAmS4RwcACgkQp6FrSiUn # Q2pXfQf/clnttPdw9BW2cJltFRKeMeZrgn8mut0S7jhC0DWIy6zanzp07MylryHP # EyJ++dCbLEg8mueThL/n5mKsTS/OECtfZO9Ot11WmZqDZVtLKorfmy7YVI3VwMjI # yQqrUIwiYxzZOkPban/MXofY6vJmuia5aGkEmYUyKiHvsLF3Hk2gHPB/qa2S+U6I # QDmC032/L+/LgVkK5r/1vamwJNP29QI4DNp3RiTtcMK5sEZJfMsAZSxFDDdH2pqi # 5gyVqw0zNl3vz6znoVy0XZ/8OUVloPKHswyf7xLlBukY1GL5D+aiXz2ilwBvk9aM # SoZzYvaOOBDyJhSjapOvseTqXTNeqQ== # =TB9t # -----END PGP SIGNATURE----- # gpg: Signature made Wed 19 Jul 2023 21:26:47 BST # gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full] # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* tag 'pull-nbd-2023-07-19' of https://repo.or.cz/qemu/ericb: nbd: Use enum for various negotiation modes nbd/client: Add safety check on chunk payload length nbd/client: Simplify cookie vs. index computation nbd: s/handle/cookie/ to match NBD spec nbd/server: Refactor to pass full request around nbd/server: Prepare for alternate-size headers nbd: Consistent typedef usage in header nbd/client: Use smarter assert qemu-nbd: make verbose bool and local variable in main() qemu-nbd: handle dup2() error when qemu-nbd finished setup process qemu-nbd: properly report error on error in dup2() after qemu_daemon() qemu-nbd: properly report error if qemu_daemon() is failed qemu-nbd: fix regression with qemu-nbd --fork run over ssh qemu-nbd: pass structure into nbd_client_thread instead of plain char*
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
22efd811 |
| 08-Jun-2023 |
Eric Blake <eblake@redhat.com> |
nbd: s/handle/cookie/ to match NBD spec
Externally, libnbd exposed the 64-bit opaque marker for each client NBD packet as the "cookie", because it was less confusing when contrasted with 'struct nbd
nbd: s/handle/cookie/ to match NBD spec
Externally, libnbd exposed the 64-bit opaque marker for each client NBD packet as the "cookie", because it was less confusing when contrasted with 'struct nbd_handle *' holding all libnbd state. It also avoids confusion between the noun 'handle' as a way to identify a packet and the verb 'handle' for reacting to things like signals. Upstream NBD changed their spec to favor the name "cookie" based on libnbd's recommendations[1], so we can do likewise.
[1] https://github.com/NetworkBlockDevice/nbd/commit/ca4392eb2b
Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20230608135653.2918540-6-eblake@redhat.com> [eblake: typo fix] Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
show more ...
|
#
a7c8ed36 |
| 08-Jun-2023 |
Eric Blake <eblake@redhat.com> |
nbd/server: Prepare for alternate-size headers
Upstream NBD now documents[1] an extension that supports 64-bit effect lengths in requests. As part of that extension, the size of the reply headers w
nbd/server: Prepare for alternate-size headers
Upstream NBD now documents[1] an extension that supports 64-bit effect lengths in requests. As part of that extension, the size of the reply headers will change in order to permit a 64-bit length in the reply for symmetry[2]. Additionally, where the reply header is currently 16 bytes for simple reply, and 20 bytes for structured reply; with the extension enabled, there will only be one extended reply header, of 32 bytes, with both structured and extended modes sending identical payloads for chunked replies.
Since we are already wired up to use iovecs, it is easiest to allow for this change in header size by splitting each structured reply across multiple iovecs, one for the header (which will become wider in a future patch according to client negotiation), and the other(s) for the chunk payload, and removing the header from the payload struct definitions. Rename the affected functions with s/structured/chunk/ to make it obvious that the code will be reused in extended mode.
Interestingly, the client side code never utilized the packed types, so only the server code needs to be updated.
[1] https://github.com/NetworkBlockDevice/nbd/blob/extension-ext-header/doc/proto.md as of NBD commit e6f3b94a934
[2] Note that on the surface, this is because some future server might permit a 4G+ NBD_CMD_READ and need to reply with that much data in one transaction. But even though the extended reply length is widened to 64 bits, for now the NBD spec is clear that servers will not reply with more than a maximum payload bounded by the 32-bit NBD_INFO_BLOCK_SIZE field; allowing a client and server to mutually agree to transactions larger than 4G would require yet another extension.
Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20230608135653.2918540-4-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
show more ...
|
Revision tags: v8.0.0, v7.2.0 |
|
#
f96d4e0f |
| 29-Jun-2022 |
Richard Henderson <richard.henderson@linaro.org> |
Merge tag 'pull-block-2022-06-14-v2' of https://gitlab.com/vsementsov/qemu into staging
Block jobs & NBD patches
v2: - add arguments to QEMUMachine constructor in test, to make it work on arm
Merge tag 'pull-block-2022-06-14-v2' of https://gitlab.com/vsementsov/qemu into staging
Block jobs & NBD patches
v2: - add arguments to QEMUMachine constructor in test, to make it work on arm in gitlab pipeline - use bdrv_inc_in_flight() / bdrv_dec_in_flight() instead of direct manipulation with bs->in_flight
- add new options for copy-before-write filter - new trace points for NBD - prefer unsigned type for some 'in_flight' fields
# -----BEGIN PGP SIGNATURE----- # # iQIzBAABCgAdFiEEi5wmzbL9FHyIDoahVh8kwfGfefsFAmK8BqkACgkQVh8kwfGf # efuiMw/+P9FFLfGFSjVP+LYeT0Ah6kN1ypCMQzIk3Qq/J6qgMZhtRqpQoZOfIFQL # U9fGmEtQZ7gvEMD/nJToL6uOYlnQfPxDcA6GrRwWWE3rcFiPK4J0q2LlnPLn4QaU # W/qag5l/QnZfLlj/iV6neWOEvqdnvY1L8IS+T8xV6N0iBYlwgMC/6FGshQwehzcV # T5F1qPGB0vjFDjf92LFPEsvsFFHjHIVPwOyJMvF64QtSk57utikq/la9PI/yA9AH # Ll4mNQuZKx6rSI5wE6b21jc8iOUvaoHdPSEDQZfNILSdgGdiKvFwE51y+baGnIAD # TpjxfG59q0jyGxMjQVxMRSFaxAC4+Mqi82diSPv4xbiUdsE4byJH0oENn4z7+wAv # EvjuU9yx4FfHHltoUNwfn2pv00o/ELdZIoBNmW36rPxSGZMvfVfRtuBL7XWNUFbW # Fr4BwsjC4KfIxb16QTBGhXVv6grxdlwoU9N23npdi0YpW1ftZzXGDa85+gINQ807 # eK/gP/OtYPwIql0bgmLiuaRNzC9psmQOO6vQbdvd/e4BEVWkxiez37+e+zFMStmL # OAL8rS6jckUoxVZjCYFEWg97XOobLUIhQxt9Fwh2omMDGKTwv861ghUAivxSWs93 # IRNxfwqNPxnpDDXjnK1ayZgU08IL98AUYVKcPN1y8JvEhB4Hr1k= # =ndKk # -----END PGP SIGNATURE----- # gpg: Signature made Wed 29 Jun 2022 01:30:41 PM +0530 # gpg: using RSA key 8B9C26CDB2FD147C880E86A1561F24C1F19F79FB # gpg: Good signature from "Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>" [unknown] # gpg: aka "Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8B9C 26CD B2FD 147C 880E 86A1 561F 24C1 F19F 79FB
* tag 'pull-block-2022-06-14-v2' of https://gitlab.com/vsementsov/qemu: block: use 'unsigned' for in_flight field on driver state nbd: trace long NBD operations iotests: copy-before-write: add cases for cbw-timeout option block/copy-before-write: implement cbw-timeout option block/block-copy: block_copy(): add timeout_ns parameter util: add qemu-co-timeout iotests: add copy-before-write: on-cbw-error tests block/copy-before-write: add on-cbw-error open parameter block/copy-before-write: refactor option parsing
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
show more ...
|
#
8bb100c9 |
| 30-May-2022 |
Denis V. Lunev <den@openvz.org> |
nbd: trace long NBD operations
At the moment there are 2 sources of lengthy operations if configured: * open connection, which could retry inside and * reconnect of already opened connection These o
nbd: trace long NBD operations
At the moment there are 2 sources of lengthy operations if configured: * open connection, which could retry inside and * reconnect of already opened connection These operations could be quite lengthy and cumbersome to catch thus it would be quite natural to add trace points for them.
This patch is based on the original downstream work made by Vladimir.
Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Eric Blake <eblake@redhat.com> CC: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> CC: Kevin Wolf <kwolf@redhat.com> CC: Hanna Reitz <hreitz@redhat.com> CC: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
show more ...
|
Revision tags: v7.0.0, v6.2.0, v6.1.0 |
|
#
8c345b3e |
| 02-Jun-2021 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/thuth-gitlab/tags/pull-request-2021-06-02' into staging
* Update the references to some doc files (use *.rst instead of *.txt) * Bump minimum versions of some r
Merge remote-tracking branch 'remotes/thuth-gitlab/tags/pull-request-2021-06-02' into staging
* Update the references to some doc files (use *.rst instead of *.txt) * Bump minimum versions of some requirements after removing CentOS 7 support
# gpg: Signature made Wed 02 Jun 2021 08:12:18 BST # gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5 # gpg: issuer "thuth@redhat.com" # gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full] # gpg: aka "Thomas Huth <thuth@redhat.com>" [full] # gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full] # gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown] # Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* remotes/thuth-gitlab/tags/pull-request-2021-06-02: configure: bump min required CLang to 6.0 / XCode 10.0 configure: bump min required GCC to 7.5.0 configure: bump min required glib version to 2.56 tests/docker: drop CentOS 7 container tests/vm: convert centos VM recipe to CentOS 8 crypto: drop used conditional check crypto: bump min gnutls to 3.5.18, dropping RHEL-7 support crypto: bump min gcrypt to 1.8.0, dropping RHEL-7 support crypto: drop back compatibility typedefs for nettle crypto: bump min nettle to 3.4, dropping RHEL-7 support patchew: move quick build job from CentOS 7 to CentOS 8 container block/ssh: Bump minimum libssh version to 0.8.7 docs: fix references to docs/devel/s390-dasd-ipl.rst docs: fix references to docs/specs/tpm.rst docs: fix references to docs/devel/build-system.rst docs: fix references to docs/devel/atomics.rst docs: fix references to docs/devel/tracing.rst
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
d0fb9657 |
| 17-May-2021 |
Stefano Garzarella <sgarzare@redhat.com> |
docs: fix references to docs/devel/tracing.rst
Commit e50caf4a5c ("tracing: convert documentation to rST") converted docs/devel/tracing.txt to docs/devel/tracing.rst.
We still have several referenc
docs: fix references to docs/devel/tracing.rst
Commit e50caf4a5c ("tracing: convert documentation to rST") converted docs/devel/tracing.txt to docs/devel/tracing.rst.
We still have several references to the old file, so let's fix them with the following command:
sed -i s/tracing.txt/tracing.rst/ $(git grep -l docs/devel/tracing.txt)
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210517151702.109066-2-sgarzare@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
show more ...
|
Revision tags: v5.2.0, v5.0.0, v4.2.0 |
|
#
590c0ac9 |
| 19-Sep-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Pull request
# gpg: Signature made Wed 18 Sep 2019 14:17:59 BST # gpg: using RSA key 8695A8BFD3
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Pull request
# gpg: Signature made Wed 18 Sep 2019 14:17:59 BST # gpg: using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full] # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" [full] # Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/tracing-pull-request: trace: Forbid event format ending with newline character trace: Remove trailing newline in events loader: Trace loaded images
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
794dcb54 |
| 16-Sep-2019 |
Philippe Mathieu-Daudé <philmd@redhat.com> |
trace: Remove trailing newline in events
While the tracing framework does not forbid trailing newline in events format string, using them lead to confuse output. It is the responsibility of the back
trace: Remove trailing newline in events
While the tracing framework does not forbid trailing newline in events format string, using them lead to confuse output. It is the responsibility of the backend to properly end an event line.
Some of our formats have trailing newlines, remove them.
[Fixed typo in commit description reported by Eric Blake <eblake@redhat.com> --Stefan]
Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20190916095121.29506-2-philmd@redhat.com Message-Id: <20190916095121.29506-2-philmd@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
show more ...
|
#
019217c3 |
| 06-Sep-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-09-05-v2' into staging
nbd patches for 2019-09-05
- Advertise NBD_FLAG_CAN_MULTI_CONN on readonly images - Tolerate larger set of serv
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-09-05-v2' into staging
nbd patches for 2019-09-05
- Advertise NBD_FLAG_CAN_MULTI_CONN on readonly images - Tolerate larger set of server error responses during handshake - More precision on handling fallocate() failures due to alignment - Better documentation of NBD connection URIs - Implement new extension NBD_CMD_FLAG_FAST_ZERO to benefit qemu-img convert
# gpg: Signature made Thu 05 Sep 2019 22:08:17 BST # gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full] # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* remotes/ericb/tags/pull-nbd-2019-09-05-v2: nbd: Implement server use of NBD FAST_ZERO nbd: Implement client use of NBD FAST_ZERO nbd: Prepare for NBD_CMD_FLAG_FAST_ZERO nbd: Improve per-export flag handling in server docs: Update preferred NBD device syntax block: workaround for unaligned byte range in fallocate() nbd: Tolerate more errors to structured reply request nbd: Use g_autofree in a few places nbd: Advertise multi-conn for shared read-only connections
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
5de47735 |
| 24-Aug-2019 |
Eric Blake <eblake@redhat.com> |
nbd: Tolerate more errors to structured reply request
A server may have a reason to reject a request for structured replies, beyond just not recognizing them as a valid request; similarly, it may ha
nbd: Tolerate more errors to structured reply request
A server may have a reason to reject a request for structured replies, beyond just not recognizing them as a valid request; similarly, it may have a reason for rejecting a request for a meta context. It doesn't hurt us to continue talking to such a server; otherwise 'qemu-nbd --list' of such a server fails to display all available details about the export.
Encountered when temporarily tweaking nbdkit to reply with NBD_REP_ERR_POLICY. Present since structured reply support was first added (commit d795299b reused starttls handling, but starttls is different in that we can't fall back to other behavior on any error).
Note that for an unencrypted client trying to connect to a server that requires encryption, this defers the point of failure to when we finally execute a strict command (such as NBD_OPT_GO or NBD_OPT_LIST), now that the intermediate NBD_OPT_STRUCTURED_REPLY does not diagnose NBD_REP_ERR_TLS_REQD as fatal; but as the protocol eventually gets us to a command where we can't continue onwards, the changed error message doesn't cause any security concerns.
Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20190824172813.29720-3-eblake@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> [eblake: fix iotest 233]
show more ...
|
Revision tags: v4.0.0 |
|
#
7fe1427b |
| 08-Apr-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-04-08' into staging
nbd patches for 2019-04-08
- Fix minor issues in recent alignment patches
# gpg: Signature made Mon 08 Apr 2019 1
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-04-08' into staging
nbd patches for 2019-04-08
- Fix minor issues in recent alignment patches
# gpg: Signature made Mon 08 Apr 2019 19:53:48 BST # gpg: using RSA key A7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full] # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* remotes/ericb/tags/pull-nbd-2019-04-08: nbd/client: Fix error message for server with unusable sizing nbd/server: Don't fail NBD_OPT_INFO for byte-aligned sources nbd/server: Trace client noncompliance on unaligned requests nbd/server: Fix blockstatus trace
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
6e280648 |
| 02-Apr-2019 |
Eric Blake <eblake@redhat.com> |
nbd/server: Trace client noncompliance on unaligned requests
We've recently added traces for clients to flag server non-compliance; let's do the same for servers to flag client non-compliance. Accor
nbd/server: Trace client noncompliance on unaligned requests
We've recently added traces for clients to flag server non-compliance; let's do the same for servers to flag client non-compliance. According to the spec, if the client requests NBD_INFO_BLOCK_SIZE, it is promising to send all requests aligned to those boundaries. Of course, if the client does not request NBD_INFO_BLOCK_SIZE, then it made no promises so we shouldn't flag anything; and because we are willing to handle clients that made no promises (the spec allows us to use NBD_REP_ERR_BLOCK_SIZE_REQD if we had been unwilling), we already have to handle unaligned requests (which the block layer already does on our behalf). So even though the spec allows us to return EINVAL for clients that promised to behave, it's easier to always answer unaligned requests. Still, flagging non-compliance can be useful in debugging a client that is trying to be maximally portable.
Qemu as client used to have one spot where it sent non-compliant requests: if the server sends an unaligned reply to NBD_CMD_BLOCK_STATUS, and the client was iterating over the entire disk, the next request would start at that unaligned point; this was fixed in commit a39286dd when the client was taught to work around server non-compliance; but is equally fixed if the server is patched to not send unaligned replies in the first place (yes, qemu 4.0 as server still has few such bugs, although they will be patched in 4.1). Fortunately, I did not find any more spots where qemu as client was non-compliant. I was able to test the patch by using the following hack to convince qemu-io to run various unaligned commands, coupled with serving 512-byte alignment by intentionally omitting '-f raw' on the server while viewing server traces.
| diff --git i/nbd/client.c w/nbd/client.c | index 427980bdd22..1858b2aac35 100644 | --- i/nbd/client.c | +++ w/nbd/client.c | @@ -449,6 +449,7 @@ static int nbd_opt_info_or_go(QIOChannel *ioc, uint32_t opt, | nbd_send_opt_abort(ioc); | return -1; | } | + info->min_block = 1;//hack | if (!is_power_of_2(info->min_block)) { | error_setg(errp, "server minimum block size %" PRIu32 | " is not a power of two", info->min_block);
Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20190403030526.12258-3-eblake@redhat.com> [eblake: address minor review nits] Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
show more ...
|
Revision tags: v4.0.0-rc1 |
|
#
d132baa0 |
| 25-Mar-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Pull request
Compilation fixes and cleanups for QEMU 4.0.0.
# gpg: Signature made Mon 25 Mar 2019 15:58:28 GM
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Pull request
Compilation fixes and cleanups for QEMU 4.0.0.
# gpg: Signature made Mon 25 Mar 2019 15:58:28 GMT # gpg: using RSA key 9CA4ABB381AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full] # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" [full] # Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/tracing-pull-request: trace-events: Fix attribution of trace points to source trace-events: Delete unused trace points scripts/cleanup-trace-events: Update for current practice trace-events: Shorten file names in comments trace-events: Consistently point to docs/devel/tracing.txt trace: avoid SystemTap dtrace(1) warnings on empty files trace: handle tracefs path truncation
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
Revision tags: v4.0.0-rc0 |
|
#
a9779a3a |
| 14-Mar-2019 |
Markus Armbruster <armbru@redhat.com> |
trace-events: Delete unused trace points
Tracked down with cleanup-trace-events.pl. Funnies requiring manual post-processing:
* block.c and blockdev.c trace points are in block/trace-events.
* hw
trace-events: Delete unused trace points
Tracked down with cleanup-trace-events.pl. Funnies requiring manual post-processing:
* block.c and blockdev.c trace points are in block/trace-events.
* hw/block/nvme.c uses the preprocessor to hide its trace point use from cleanup-trace-events.pl.
* include/hw/xen/xen_common.h trace points are in hw/xen/trace-events.
* net/colo-compare and net/filter-rewriter.c use pseudo trace points colo_compare_udp_miscompare and colo_filter_rewriter_debug to guard debug code.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 20190314180929.27722-5-armbru@redhat.com Message-Id: <20190314180929.27722-5-armbru@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
show more ...
|
#
500016e5 |
| 14-Mar-2019 |
Markus Armbruster <armbru@redhat.com> |
trace-events: Shorten file names in comments
We spell out sub/dir/ in sub/dir/trace-events' comments pointing to source files. That's because when trace-events got split up, the comments were moved
trace-events: Shorten file names in comments
We spell out sub/dir/ in sub/dir/trace-events' comments pointing to source files. That's because when trace-events got split up, the comments were moved verbatim.
Delete the sub/dir/ part from these comments. Gets rid of several misspellings.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20190314180929.27722-3-armbru@redhat.com Message-Id: <20190314180929.27722-3-armbru@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
show more ...
|
#
e68b3baa |
| 14-Mar-2019 |
Markus Armbruster <armbru@redhat.com> |
trace-events: Consistently point to docs/devel/tracing.txt
Almost all trace-events point to docs/devel/tracing.txt in a comment right at the beginning. Touch up the ones that don't.
[Updated with
trace-events: Consistently point to docs/devel/tracing.txt
Almost all trace-events point to docs/devel/tracing.txt in a comment right at the beginning. Touch up the ones that don't.
[Updated with Markus' new commit description wording. --Stefan]
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20190314180929.27722-2-armbru@redhat.com Message-Id: <20190314180929.27722-2-armbru@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
show more ...
|