* Fri Mar 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 8.2.0-7

- kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch [RHEL-26049] - kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch [RHEL-24614] - Resolves: RHEL-26049 (When max vcpu is greater than or equal to 246, qemu unable to init event notifier) - Resolves: RHEL-24614 ([RHEL9][chardev][s390x] qemu hit core dump while using TLS server from host to guest)
2024-03-08 01:40:53 -05:00 · 2024-03-08 01:40:53 -05:00 · 5e5dd1da83
commit 5e5dd1da83
parent 0781fd2d16
3 changed files with 253 additions and 1 deletions
--- a/kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch
+++ b/kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch
@ -0,0 +1,105 @@
+From 95b2ffc5f01dc4309c2e747ed883d22cd1d26347 Mon Sep 17 00:00:00 2001
+From: Thomas Huth <thuth@redhat.com>
+Date: Sat, 2 Mar 2024 17:00:23 +0100
+Subject: [PATCH 2/2] chardev/char-socket: Fix TLS io channels sending too much
+ data to the backend
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+RH-Author: Thomas Huth <thuth@redhat.com>
+RH-MergeRequest: 227: Fix TLS io channels sending too much data to the backend
+RH-Jira: RHEL-24614
+RH-Acked-by: Cédric Le Goater <clg@redhat.com>
+RH-Acked-by: Daniel P. Berrangé <berrange@redhat.com>
+RH-Commit: [1/1] fce871914e0ce52e16a6edae0e007513f9fec1ae (thuth/qemu-kvm-cs9)
+
+JIRA: https://issues.redhat.com/browse/RHEL-24614
+
+commit 462945cd22d2bcd233401ed3aa167d83a8e35b05
+Author: Thomas Huth <thuth@redhat.com>
+Date:   Thu Feb 29 11:43:37 2024 +0100
+
+    chardev/char-socket: Fix TLS io channels sending too much data to the backend
+
+    Commit ffda5db65a ("io/channel-tls: fix handling of bigger read buffers")
+    changed the behavior of the TLS io channels to schedule a second reading
+    attempt if there is still incoming data pending. This caused a regression
+    with backends like the sclpconsole that check in their read function that
+    the sender does not try to write more bytes to it than the device can
+    currently handle.
+
+    The problem can be reproduced like this:
+
+     1) In one terminal, do this:
+
+      mkdir qemu-pki
+      cd qemu-pki
+      openssl genrsa 2048 > ca-key.pem
+      openssl req -new -x509 -nodes -days 365000 -key ca-key.pem -out ca-cert.pem
+      # enter some dummy value for the cert
+      openssl genrsa 2048 > server-key.pem
+      openssl req -new -x509 -nodes -days 365000 -key server-key.pem \
+        -out server-cert.pem
+      # enter some other dummy values for the cert
+
+      gnutls-serv --echo --x509cafile ca-cert.pem --x509keyfile server-key.pem \
+                  --x509certfile server-cert.pem -p 8338
+
+     2) In another terminal, do this:
+
+      wget https://download.fedoraproject.org/pub/fedora-secondary/releases/39/Cloud/s390x/images/Fedora-Cloud-Base-39-1.5.s390x.qcow2
+
+      qemu-system-s390x -nographic -nodefaults \
+        -hda Fedora-Cloud-Base-39-1.5.s390x.qcow2 \
+        -object tls-creds-x509,id=tls0,endpoint=client,verify-peer=false,dir=$PWD/qemu-pki \
+        -chardev socket,id=tls_chardev,host=localhost,port=8338,tls-creds=tls0 \
+        -device sclpconsole,chardev=tls_chardev,id=tls_serial
+
+    QEMU then aborts after a second or two with:
+
+      qemu-system-s390x: ../hw/char/sclpconsole.c:73: chr_read: Assertion
+       `size <= SIZE_BUFFER_VT220 - scon->iov_data_len' failed.
+     Aborted (core dumped)
+
+    It looks like the second read does not trigger the chr_can_read() function
+    to be called before the second read, which should normally always be done
+    before sending bytes to a character device to see how much it can handle,
+    so the s->max_size in tcp_chr_read() still contains the old value from the
+    previous read. Let's make sure that we use the up-to-date value by calling
+    tcp_chr_read_poll() again here.
+
+    Fixes: ffda5db65a ("io/channel-tls: fix handling of bigger read buffers")
+    Buglink: https://issues.redhat.com/browse/RHEL-24614
+    Reviewed-by: "Daniel P. Berrangé" <berrange@redhat.com>
+    Message-ID: <20240229104339.42574-1-thuth@redhat.com>
+    Reviewed-by: Antoine Damhet <antoine.damhet@blade-group.com>
+    Tested-by: Antoine Damhet <antoine.damhet@blade-group.com>
+    Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+    Signed-off-by: Thomas Huth <thuth@redhat.com>
+
+Signed-off-by: Thomas Huth <thuth@redhat.com>
+---
+ chardev/char-socket.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/chardev/char-socket.c b/chardev/char-socket.c
+index 73947da188..034840593d 100644
+--- a/chardev/char-socket.c
+++ b/chardev/char-socket.c
+@@ -492,9 +492,9 @@ static gboolean tcp_chr_read(QIOChannel *chan, GIOCondition cond, void *opaque)
+         s->max_size <= 0) {
+         return TRUE;
+     }
+-    len = sizeof(buf);
+-    if (len > s->max_size) {
+-        len = s->max_size;
+    len = tcp_chr_read_poll(opaque);
+    if (len > sizeof(buf)) {
+        len = sizeof(buf);
+     }
+     size = tcp_chr_recv(chr, (void *)buf, len);
+     if (size == 0 || (size == -1 && errno != EAGAIN)) {
+-- 
+2.39.3
+
--- a/kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch
+++ b/kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch
@ -0,0 +1,135 @@
+From f2fe6c7a2def488633cbb67e28ac00279d6e8de4 Mon Sep 17 00:00:00 2001
+From: Cornelia Huck <cohuck@redhat.com>
+Date: Tue, 27 Feb 2024 11:17:39 +0100
+Subject: [PATCH 1/2] qemu_init: increase NOFILE soft limit on POSIX
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+RH-Author: Cornelia Huck <cohuck@redhat.com>
+RH-MergeRequest: 226: qemu_init: increase NOFILE soft limit on POSIX
+RH-Jira: RHEL-26049
+RH-Acked-by: Gavin Shan <gshan@redhat.com>
+RH-Acked-by: Ani Sinha <None>
+RH-Acked-by: Shaoqin Huang <None>
+RH-Commit: [1/1] cee5404aef3f6437d45a1c43bdee73a57a528bee (cohuck/qemu-kvm-c9s)
+
+Jira: https://issues.redhat.com/browse/RHEL-26049
+
+In many configurations, e.g. multiple vNICs with multiple queues or
+with many Ceph OSDs, the default soft limit of 1024 is not enough.
+QEMU is supposed to work fine with file descriptors >= 1024 and does
+not use select() on POSIX. Bump the soft limit to the allowed hard
+limit to avoid issues with the aforementioned configurations.
+
+Of course the limit could be raised from the outside, but the man page
+of systemd.exec states about 'LimitNOFILE=':
+
+> Don't use.
+> [...]
+> Typically applications should increase their soft limit to the hard
+> limit on their own, if they are OK with working with file
+> descriptors above 1023,
+
+If the soft limit is already the same as the hard limit, avoid the
+superfluous setrlimit call. This can avoid a warning with a strict
+seccomp filter blocking setrlimit if NOFILE was already raised before
+executing QEMU.
+
+Buglink: https://bugzilla.proxmox.com/show_bug.cgi?id=4507
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 03e471c41d8b1b6eb16c9714f387449f52fe5c1d)
+Signed-off-by: Cornelia Huck <cohuck@redhat.com>
+---
+ include/sysemu/os-posix.h |  1 +
+ include/sysemu/os-win32.h |  5 +++++
+ os-posix.c                | 22 ++++++++++++++++++++++
+ system/vl.c               |  2 ++
+ 4 files changed, 30 insertions(+)
+
+diff --git a/include/sysemu/os-posix.h b/include/sysemu/os-posix.h
+index dff32ae185..b881ac6c6f 100644
+--- a/include/sysemu/os-posix.h
+++ b/include/sysemu/os-posix.h
+@@ -51,6 +51,7 @@ bool is_daemonized(void);
+ void os_daemonize(void);
+ bool os_set_runas(const char *user_id);
+ void os_set_chroot(const char *path);
+void os_setup_limits(void);
+ void os_setup_post(void);
+ int os_mlock(void);
+ 
+diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
+index 1047d260cb..b82a5d3ad9 100644
+--- a/include/sysemu/os-win32.h
+++ b/include/sysemu/os-win32.h
+@@ -128,6 +128,11 @@ static inline int os_mlock(void)
+     return -ENOSYS;
+ }
+ 
+static inline void os_setup_limits(void)
+{
+    return;
+}
+
+ #define fsync _commit
+ 
+ #if !defined(lseek)
+diff --git a/os-posix.c b/os-posix.c
+index 52ef6990ff..a4284e2c07 100644
+--- a/os-posix.c
+++ b/os-posix.c
+@@ -24,6 +24,7 @@
+  */
+ 
+ #include "qemu/osdep.h"
+#include <sys/resource.h>
+ #include <sys/wait.h>
+ #include <pwd.h>
+ #include <grp.h>
+@@ -256,6 +257,27 @@ void os_daemonize(void)
+     }
+ }
+ 
+void os_setup_limits(void)
+{
+    struct rlimit nofile;
+
+    if (getrlimit(RLIMIT_NOFILE, &nofile) < 0) {
+        warn_report("unable to query NOFILE limit: %s", strerror(errno));
+        return;
+    }
+
+    if (nofile.rlim_cur == nofile.rlim_max) {
+        return;
+    }
+
+    nofile.rlim_cur = nofile.rlim_max;
+
+    if (setrlimit(RLIMIT_NOFILE, &nofile) < 0) {
+        warn_report("unable to set NOFILE limit: %s", strerror(errno));
+        return;
+    }
+}
+
+ void os_setup_post(void)
+ {
+     int fd = 0;
+diff --git a/system/vl.c b/system/vl.c
+index 93635ffc5b..6443b6e469 100644
+--- a/system/vl.c
+++ b/system/vl.c
+@@ -2783,6 +2783,8 @@ void qemu_init(int argc, char **argv)
+     error_init(argv[0]);
+     qemu_init_exec_dir(argv[0]);
+ 
+    os_setup_limits();
+
+     qemu_init_arch_modules();
+ 
+     qemu_init_subsystems();
+-- 
+2.39.3
+
--- a/qemu-kvm.spec
+++ b/qemu-kvm.spec
@ -149,7 +149,7 @@ Obsoletes: %{name}-block-ssh <= %{epoch}:%{version}                    \
 Summary: QEMU is a machine emulator and virtualizer
 Name: qemu-kvm
 Version: 8.2.0
-Release: 6%{?rcrel}%{?dist}%{?cc_suffix}
+Release: 7%{?rcrel}%{?dist}%{?cc_suffix}
 # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
 # Epoch 15 used for RHEL 8
 # Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5)
@ -548,6 +548,10 @@ Patch144: kvm-virtio-blk-avoid-using-ioeventfd-state-in-irqfd-cond.patch
 Patch145: kvm-hw-arm-virt-deprecate-virt-rhel9.-0-2-.0-machine-typ.patch
 # For RHEL-17068 - Check/fix machine type compatibility for qemu-kvm 8.2.0 [x86_64]
 Patch146: kvm-x86-rhel-9.2.0-machine-type-compat-fix.patch
+# For RHEL-26049 - When max vcpu is greater than or equal to 246, qemu unable to init event notifier
+Patch147: kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch
+# For RHEL-24614 - [RHEL9][chardev][s390x] qemu hit core dump while using TLS server from host to guest
+Patch148: kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch

 %if %{have_clang}
 BuildRequires: clang
@ -1609,6 +1613,14 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
 %endif

 %changelog
+* Fri Mar 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 8.2.0-7
+- kvm-qemu_init-increase-NOFILE-soft-limit-on-POSIX.patch [RHEL-26049]
+- kvm-chardev-char-socket-Fix-TLS-io-channels-sending-too-.patch [RHEL-24614]
+- Resolves: RHEL-26049
+  (When max vcpu is greater than or equal to 246, qemu unable to init event notifier)
+- Resolves: RHEL-24614
+  ([RHEL9][chardev][s390x] qemu hit core dump while using TLS server from host to guest)
+
 * Mon Feb 19 2024 Miroslav Rezanina <mrezanin@redhat.com> - 8.2.0-6
 - kvm-virtio-scsi-Attach-event-vq-notifier-with-no_poll.patch [RHEL-3934]
 - kvm-virtio-Re-enable-notifications-after-drain.patch [RHEL-3934]