diff --git a/kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch b/kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch new file mode 100644 index 0000000..34c4e8f --- /dev/null +++ b/kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch @@ -0,0 +1,105 @@ +From 95b2ffc5f01dc4309c2e747ed883d22cd1d26347 Mon Sep 17 00:00:00 2001 +From: Thomas Huth +Date: Sat, 2 Mar 2024 17:00:23 +0100 +Subject: [PATCH 2/2] chardev/char-socket: Fix TLS io channels sending too much + data to the backend +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Thomas Huth +RH-MergeRequest: 227: Fix TLS io channels sending too much data to the backend +RH-Jira: RHEL-24614 +RH-Acked-by: Cédric Le Goater +RH-Acked-by: Daniel P. Berrangé +RH-Commit: [1/1] fce871914e0ce52e16a6edae0e007513f9fec1ae (thuth/qemu-kvm-cs9) + +JIRA: https://issues.redhat.com/browse/RHEL-24614 + +commit 462945cd22d2bcd233401ed3aa167d83a8e35b05 +Author: Thomas Huth +Date: Thu Feb 29 11:43:37 2024 +0100 + + chardev/char-socket: Fix TLS io channels sending too much data to the backend + + Commit ffda5db65a ("io/channel-tls: fix handling of bigger read buffers") + changed the behavior of the TLS io channels to schedule a second reading + attempt if there is still incoming data pending. This caused a regression + with backends like the sclpconsole that check in their read function that + the sender does not try to write more bytes to it than the device can + currently handle. + + The problem can be reproduced like this: + + 1) In one terminal, do this: + + mkdir qemu-pki + cd qemu-pki + openssl genrsa 2048 > ca-key.pem + openssl req -new -x509 -nodes -days 365000 -key ca-key.pem -out ca-cert.pem + # enter some dummy value for the cert + openssl genrsa 2048 > server-key.pem + openssl req -new -x509 -nodes -days 365000 -key server-key.pem \ + -out server-cert.pem + # enter some other dummy values for the cert + + gnutls-serv --echo --x509cafile ca-cert.pem --x509keyfile server-key.pem \ + --x509certfile server-cert.pem -p 8338 + + 2) In another terminal, do this: + + wget https://download.fedoraproject.org/pub/fedora-secondary/releases/39/Cloud/s390x/images/Fedora-Cloud-Base-39-1.5.s390x.qcow2 + + qemu-system-s390x -nographic -nodefaults \ + -hda Fedora-Cloud-Base-39-1.5.s390x.qcow2 \ + -object tls-creds-x509,id=tls0,endpoint=client,verify-peer=false,dir=$PWD/qemu-pki \ + -chardev socket,id=tls_chardev,host=localhost,port=8338,tls-creds=tls0 \ + -device sclpconsole,chardev=tls_chardev,id=tls_serial + + QEMU then aborts after a second or two with: + + qemu-system-s390x: ../hw/char/sclpconsole.c:73: chr_read: Assertion + `size <= SIZE_BUFFER_VT220 - scon->iov_data_len' failed. + Aborted (core dumped) + + It looks like the second read does not trigger the chr_can_read() function + to be called before the second read, which should normally always be done + before sending bytes to a character device to see how much it can handle, + so the s->max_size in tcp_chr_read() still contains the old value from the + previous read. Let's make sure that we use the up-to-date value by calling + tcp_chr_read_poll() again here. + + Fixes: ffda5db65a ("io/channel-tls: fix handling of bigger read buffers") + Buglink: https://issues.redhat.com/browse/RHEL-24614 + Reviewed-by: "Daniel P. Berrangé" + Message-ID: <20240229104339.42574-1-thuth@redhat.com> + Reviewed-by: Antoine Damhet + Tested-by: Antoine Damhet + Reviewed-by: Marc-André Lureau + Signed-off-by: Thomas Huth + +Signed-off-by: Thomas Huth +--- + chardev/char-socket.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/chardev/char-socket.c b/chardev/char-socket.c +index 73947da188..034840593d 100644 +--- a/chardev/char-socket.c ++++ b/chardev/char-socket.c +@@ -492,9 +492,9 @@ static gboolean tcp_chr_read(QIOChannel *chan, GIOCondition cond, void *opaque) + s->max_size <= 0) { + return TRUE; + } +- len = sizeof(buf); +- if (len > s->max_size) { +- len = s->max_size; ++ len = tcp_chr_read_poll(opaque); ++ if (len > sizeof(buf)) { ++ len = sizeof(buf); + } + size = tcp_chr_recv(chr, (void *)buf, len); + if (size == 0 || (size == -1 && errno != EAGAIN)) { +-- +2.39.3 + diff --git a/kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch b/kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch new file mode 100644 index 0000000..7dc550c --- /dev/null +++ b/kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch @@ -0,0 +1,135 @@ +From f2fe6c7a2def488633cbb67e28ac00279d6e8de4 Mon Sep 17 00:00:00 2001 +From: Cornelia Huck +Date: Tue, 27 Feb 2024 11:17:39 +0100 +Subject: [PATCH 1/2] qemu_init: increase NOFILE soft limit on POSIX +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Cornelia Huck +RH-MergeRequest: 226: qemu_init: increase NOFILE soft limit on POSIX +RH-Jira: RHEL-26049 +RH-Acked-by: Gavin Shan +RH-Acked-by: Ani Sinha +RH-Acked-by: Shaoqin Huang +RH-Commit: [1/1] cee5404aef3f6437d45a1c43bdee73a57a528bee (cohuck/qemu-kvm-c9s) + +Jira: https://issues.redhat.com/browse/RHEL-26049 + +In many configurations, e.g. multiple vNICs with multiple queues or +with many Ceph OSDs, the default soft limit of 1024 is not enough. +QEMU is supposed to work fine with file descriptors >= 1024 and does +not use select() on POSIX. Bump the soft limit to the allowed hard +limit to avoid issues with the aforementioned configurations. + +Of course the limit could be raised from the outside, but the man page +of systemd.exec states about 'LimitNOFILE=': + +> Don't use. +> [...] +> Typically applications should increase their soft limit to the hard +> limit on their own, if they are OK with working with file +> descriptors above 1023, + +If the soft limit is already the same as the hard limit, avoid the +superfluous setrlimit call. This can avoid a warning with a strict +seccomp filter blocking setrlimit if NOFILE was already raised before +executing QEMU. + +Buglink: https://bugzilla.proxmox.com/show_bug.cgi?id=4507 +Reviewed-by: Daniel P. Berrangé +Signed-off-by: Fiona Ebner +Signed-off-by: Daniel P. Berrangé +(cherry picked from commit 03e471c41d8b1b6eb16c9714f387449f52fe5c1d) +Signed-off-by: Cornelia Huck +--- + include/sysemu/os-posix.h | 1 + + include/sysemu/os-win32.h | 5 +++++ + os-posix.c | 22 ++++++++++++++++++++++ + system/vl.c | 2 ++ + 4 files changed, 30 insertions(+) + +diff --git a/include/sysemu/os-posix.h b/include/sysemu/os-posix.h +index dff32ae185..b881ac6c6f 100644 +--- a/include/sysemu/os-posix.h ++++ b/include/sysemu/os-posix.h +@@ -51,6 +51,7 @@ bool is_daemonized(void); + void os_daemonize(void); + bool os_set_runas(const char *user_id); + void os_set_chroot(const char *path); ++void os_setup_limits(void); + void os_setup_post(void); + int os_mlock(void); + +diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h +index 1047d260cb..b82a5d3ad9 100644 +--- a/include/sysemu/os-win32.h ++++ b/include/sysemu/os-win32.h +@@ -128,6 +128,11 @@ static inline int os_mlock(void) + return -ENOSYS; + } + ++static inline void os_setup_limits(void) ++{ ++ return; ++} ++ + #define fsync _commit + + #if !defined(lseek) +diff --git a/os-posix.c b/os-posix.c +index 52ef6990ff..a4284e2c07 100644 +--- a/os-posix.c ++++ b/os-posix.c +@@ -24,6 +24,7 @@ + */ + + #include "qemu/osdep.h" ++#include + #include + #include + #include +@@ -256,6 +257,27 @@ void os_daemonize(void) + } + } + ++void os_setup_limits(void) ++{ ++ struct rlimit nofile; ++ ++ if (getrlimit(RLIMIT_NOFILE, &nofile) < 0) { ++ warn_report("unable to query NOFILE limit: %s", strerror(errno)); ++ return; ++ } ++ ++ if (nofile.rlim_cur == nofile.rlim_max) { ++ return; ++ } ++ ++ nofile.rlim_cur = nofile.rlim_max; ++ ++ if (setrlimit(RLIMIT_NOFILE, &nofile) < 0) { ++ warn_report("unable to set NOFILE limit: %s", strerror(errno)); ++ return; ++ } ++} ++ + void os_setup_post(void) + { + int fd = 0; +diff --git a/system/vl.c b/system/vl.c +index 93635ffc5b..6443b6e469 100644 +--- a/system/vl.c ++++ b/system/vl.c +@@ -2783,6 +2783,8 @@ void qemu_init(int argc, char **argv) + error_init(argv[0]); + qemu_init_exec_dir(argv[0]); + ++ os_setup_limits(); ++ + qemu_init_arch_modules(); + + qemu_init_subsystems(); +-- +2.39.3 + diff --git a/qemu-kvm.spec b/qemu-kvm.spec index d58cd84..6d0c797 100644 --- a/qemu-kvm.spec +++ b/qemu-kvm.spec @@ -149,7 +149,7 @@ Obsoletes: %{name}-block-ssh <= %{epoch}:%{version} \ Summary: QEMU is a machine emulator and virtualizer Name: qemu-kvm Version: 8.2.0 -Release: 6%{?rcrel}%{?dist}%{?cc_suffix} +Release: 7%{?rcrel}%{?dist}%{?cc_suffix} # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped # Epoch 15 used for RHEL 8 # Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5) @@ -548,6 +548,10 @@ Patch144: kvm-virtio-blk-avoid-using-ioeventfd-state-in-irqfd-cond.patch Patch145: kvm-hw-arm-virt-deprecate-virt-rhel9.-0-2-.0-machine-typ.patch # For RHEL-17068 - Check/fix machine type compatibility for qemu-kvm 8.2.0 [x86_64] Patch146: kvm-x86-rhel-9.2.0-machine-type-compat-fix.patch +# For RHEL-26049 - When max vcpu is greater than or equal to 246, qemu unable to init event notifier +Patch147: kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch +# For RHEL-24614 - [RHEL9][chardev][s390x] qemu hit core dump while using TLS server from host to guest +Patch148: kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch %if %{have_clang} BuildRequires: clang @@ -1609,6 +1613,14 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \ %endif %changelog +* Fri Mar 08 2024 Miroslav Rezanina - 8.2.0-7 +- kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch [RHEL-26049] +- kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch [RHEL-24614] +- Resolves: RHEL-26049 + (When max vcpu is greater than or equal to 246, qemu unable to init event notifier) +- Resolves: RHEL-24614 + ([RHEL9][chardev][s390x] qemu hit core dump while using TLS server from host to guest) + * Mon Feb 19 2024 Miroslav Rezanina - 8.2.0-6 - kvm-virtio-scsi-Attach-event-vq-notifier-with-no_poll.patch [RHEL-3934] - kvm-virtio-Re-enable-notifications-after-drain.patch [RHEL-3934]