* Wed Jul 24 2024 Miroslav Rezanina <mrezanin@redhat.com> - 9.0.0-5
- kvm-nbd-server-do-not-poll-within-a-coroutine-context.patch [RHEL-40959] - kvm-nbd-server-Mark-negotiation-functions-as-coroutine_f.patch [RHEL-40959] - kvm-qio-Inherit-follow_coroutine_ctx-across-TLS.patch [RHEL-40959] - kvm-iotests-test-NBD-TLS-iothread.patch [RHEL-40959] - Resolves: RHEL-40959 (Qemu hang when quit dst vm after storage migration(nbd+tls))
This commit is contained in:
parent
e6031e7a4e
commit
900580adb4
276
kvm-iotests-test-NBD-TLS-iothread.patch
Normal file
276
kvm-iotests-test-NBD-TLS-iothread.patch
Normal file
@ -0,0 +1,276 @@
|
||||
From 2f12be8abfc90dc383a221441f60bdaae6b617d2 Mon Sep 17 00:00:00 2001
|
||||
From: Eric Blake <eblake@redhat.com>
|
||||
Date: Fri, 17 May 2024 21:50:15 -0500
|
||||
Subject: [PATCH 4/4] iotests: test NBD+TLS+iothread
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
RH-Author: Eric Blake <eblake@redhat.com>
|
||||
RH-MergeRequest: 257: nbd/server: fix TLS negotiation across coroutine context
|
||||
RH-Jira: RHEL-40959
|
||||
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
RH-Commit: [4/4] 39a37bf3ae6e7046577de151ef2f6fd1fd694e62 (ebblake/centos-qemu-kvm)
|
||||
|
||||
Prevent regressions when using NBD with TLS in the presence of
|
||||
iothreads, adding coverage the fix to qio channels made in the
|
||||
previous patch.
|
||||
|
||||
The shell function pick_unused_port() was copied from
|
||||
nbdkit.git/tests/functions.sh.in, where it had all authors from Red
|
||||
Hat, agreeing to the resulting relicensing from 2-clause BSD to GPLv2.
|
||||
|
||||
CC: qemu-stable@nongnu.org
|
||||
CC: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
Message-ID: <20240531180639.1392905-6-eblake@redhat.com>
|
||||
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||
|
||||
(cherry picked from commit a73c99378022ebb785481e84cfe1e81097546268)
|
||||
Jira: https://issues.redhat.com/browse/RHEL-40959
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
---
|
||||
tests/qemu-iotests/tests/nbd-tls-iothread | 168 ++++++++++++++++++
|
||||
tests/qemu-iotests/tests/nbd-tls-iothread.out | 54 ++++++
|
||||
2 files changed, 222 insertions(+)
|
||||
create mode 100755 tests/qemu-iotests/tests/nbd-tls-iothread
|
||||
create mode 100644 tests/qemu-iotests/tests/nbd-tls-iothread.out
|
||||
|
||||
diff --git a/tests/qemu-iotests/tests/nbd-tls-iothread b/tests/qemu-iotests/tests/nbd-tls-iothread
|
||||
new file mode 100755
|
||||
index 0000000000..a2fb07206e
|
||||
--- /dev/null
|
||||
+++ b/tests/qemu-iotests/tests/nbd-tls-iothread
|
||||
@@ -0,0 +1,168 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# group: rw quick
|
||||
+#
|
||||
+# Test of NBD+TLS+iothread
|
||||
+#
|
||||
+# Copyright (C) 2024 Red Hat, Inc.
|
||||
+#
|
||||
+# This program is free software; you can redistribute it and/or modify
|
||||
+# it under the terms of the GNU General Public License as published by
|
||||
+# the Free Software Foundation; either version 2 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+#
|
||||
+# This program is distributed in the hope that it will be useful,
|
||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+# GNU General Public License for more details.
|
||||
+#
|
||||
+# You should have received a copy of the GNU General Public License
|
||||
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
+#
|
||||
+
|
||||
+# creator
|
||||
+owner=eblake@redhat.com
|
||||
+
|
||||
+seq=`basename $0`
|
||||
+echo "QA output created by $seq"
|
||||
+
|
||||
+status=1 # failure is the default!
|
||||
+
|
||||
+_cleanup()
|
||||
+{
|
||||
+ _cleanup_qemu
|
||||
+ _cleanup_test_img
|
||||
+ rm -f "$dst_image"
|
||||
+ tls_x509_cleanup
|
||||
+}
|
||||
+trap "_cleanup; exit \$status" 0 1 2 3 15
|
||||
+
|
||||
+# get standard environment, filters and checks
|
||||
+cd ..
|
||||
+. ./common.rc
|
||||
+. ./common.filter
|
||||
+. ./common.qemu
|
||||
+. ./common.tls
|
||||
+. ./common.nbd
|
||||
+
|
||||
+_supported_fmt qcow2 # Hardcoded to qcow2 command line and QMP below
|
||||
+_supported_proto file
|
||||
+
|
||||
+# pick_unused_port
|
||||
+#
|
||||
+# Picks and returns an "unused" port, setting the global variable
|
||||
+# $port.
|
||||
+#
|
||||
+# This is inherently racy, but we need it because qemu does not currently
|
||||
+# permit NBD+TLS over a Unix domain socket
|
||||
+pick_unused_port ()
|
||||
+{
|
||||
+ if ! (ss --version) >/dev/null 2>&1; then
|
||||
+ _notrun "ss utility required, skipped this test"
|
||||
+ fi
|
||||
+
|
||||
+ # Start at a random port to make it less likely that two parallel
|
||||
+ # tests will conflict.
|
||||
+ port=$(( 50000 + (RANDOM%15000) ))
|
||||
+ while ss -ltn | grep -sqE ":$port\b"; do
|
||||
+ ((port++))
|
||||
+ if [ $port -eq 65000 ]; then port=50000; fi
|
||||
+ done
|
||||
+ echo picked unused port
|
||||
+}
|
||||
+
|
||||
+tls_x509_init
|
||||
+
|
||||
+size=1G
|
||||
+DST_IMG="$TEST_DIR/dst.qcow2"
|
||||
+
|
||||
+echo
|
||||
+echo "== preparing TLS creds and spare port =="
|
||||
+
|
||||
+pick_unused_port
|
||||
+tls_x509_create_root_ca "ca1"
|
||||
+tls_x509_create_server "ca1" "server1"
|
||||
+tls_x509_create_client "ca1" "client1"
|
||||
+tls_obj_base=tls-creds-x509,id=tls0,verify-peer=true,dir="${tls_dir}"
|
||||
+
|
||||
+echo
|
||||
+echo "== preparing image =="
|
||||
+
|
||||
+_make_test_img $size
|
||||
+$QEMU_IMG create -f qcow2 "$DST_IMG" $size | _filter_img_create
|
||||
+
|
||||
+echo
|
||||
+echo === Starting Src QEMU ===
|
||||
+echo
|
||||
+
|
||||
+_launch_qemu -machine q35 \
|
||||
+ -object iothread,id=iothread0 \
|
||||
+ -object "${tls_obj_base}"/client1,endpoint=client \
|
||||
+ -device '{"driver":"pcie-root-port", "id":"root0", "multifunction":true,
|
||||
+ "bus":"pcie.0"}' \
|
||||
+ -device '{"driver":"virtio-scsi-pci", "id":"virtio_scsi_pci0",
|
||||
+ "bus":"root0", "iothread":"iothread0"}' \
|
||||
+ -device '{"driver":"scsi-hd", "id":"image1", "drive":"drive_image1",
|
||||
+ "bus":"virtio_scsi_pci0.0"}' \
|
||||
+ -blockdev '{"driver":"file", "cache":{"direct":true, "no-flush":false},
|
||||
+ "filename":"'"$TEST_IMG"'", "node-name":"drive_sys1"}' \
|
||||
+ -blockdev '{"driver":"qcow2", "node-name":"drive_image1",
|
||||
+ "file":"drive_sys1"}'
|
||||
+h1=$QEMU_HANDLE
|
||||
+_send_qemu_cmd $h1 '{"execute": "qmp_capabilities"}' 'return'
|
||||
+
|
||||
+echo
|
||||
+echo === Starting Dst VM2 ===
|
||||
+echo
|
||||
+
|
||||
+_launch_qemu -machine q35 \
|
||||
+ -object iothread,id=iothread0 \
|
||||
+ -object "${tls_obj_base}"/server1,endpoint=server \
|
||||
+ -device '{"driver":"pcie-root-port", "id":"root0", "multifunction":true,
|
||||
+ "bus":"pcie.0"}' \
|
||||
+ -device '{"driver":"virtio-scsi-pci", "id":"virtio_scsi_pci0",
|
||||
+ "bus":"root0", "iothread":"iothread0"}' \
|
||||
+ -device '{"driver":"scsi-hd", "id":"image1", "drive":"drive_image1",
|
||||
+ "bus":"virtio_scsi_pci0.0"}' \
|
||||
+ -blockdev '{"driver":"file", "cache":{"direct":true, "no-flush":false},
|
||||
+ "filename":"'"$DST_IMG"'", "node-name":"drive_sys1"}' \
|
||||
+ -blockdev '{"driver":"qcow2", "node-name":"drive_image1",
|
||||
+ "file":"drive_sys1"}' \
|
||||
+ -incoming defer
|
||||
+h2=$QEMU_HANDLE
|
||||
+_send_qemu_cmd $h2 '{"execute": "qmp_capabilities"}' 'return'
|
||||
+
|
||||
+echo
|
||||
+echo === Dst VM: Enable NBD server for incoming storage migration ===
|
||||
+echo
|
||||
+
|
||||
+_send_qemu_cmd $h2 '{"execute": "nbd-server-start", "arguments":
|
||||
+ {"addr": {"type": "inet", "data": {"host": "127.0.0.1", "port": "'$port'"}},
|
||||
+ "tls-creds": "tls0"}}' '{"return": {}}' | sed "s/\"$port\"/PORT/g"
|
||||
+_send_qemu_cmd $h2 '{"execute": "block-export-add", "arguments":
|
||||
+ {"node-name": "drive_image1", "type": "nbd", "writable": true,
|
||||
+ "id": "drive_image1"}}' '{"return": {}}'
|
||||
+
|
||||
+echo
|
||||
+echo === Src VM: Mirror to dst NBD for outgoing storage migration ===
|
||||
+echo
|
||||
+
|
||||
+_send_qemu_cmd $h1 '{"execute": "blockdev-add", "arguments":
|
||||
+ {"node-name": "mirror", "driver": "nbd",
|
||||
+ "server": {"type": "inet", "host": "127.0.0.1", "port": "'$port'"},
|
||||
+ "export": "drive_image1", "tls-creds": "tls0",
|
||||
+ "tls-hostname": "127.0.0.1"}}' '{"return": {}}' | sed "s/\"$port\"/PORT/g"
|
||||
+_send_qemu_cmd $h1 '{"execute": "blockdev-mirror", "arguments":
|
||||
+ {"sync": "full", "device": "drive_image1", "target": "mirror",
|
||||
+ "job-id": "drive_image1_53"}}' '{"return": {}}'
|
||||
+_timed_wait_for $h1 '"ready"'
|
||||
+
|
||||
+echo
|
||||
+echo === Cleaning up ===
|
||||
+echo
|
||||
+
|
||||
+_send_qemu_cmd $h1 '{"execute":"quit"}' ''
|
||||
+_send_qemu_cmd $h2 '{"execute":"quit"}' ''
|
||||
+
|
||||
+echo "*** done"
|
||||
+rm -f $seq.full
|
||||
+status=0
|
||||
diff --git a/tests/qemu-iotests/tests/nbd-tls-iothread.out b/tests/qemu-iotests/tests/nbd-tls-iothread.out
|
||||
new file mode 100644
|
||||
index 0000000000..1d83d4f903
|
||||
--- /dev/null
|
||||
+++ b/tests/qemu-iotests/tests/nbd-tls-iothread.out
|
||||
@@ -0,0 +1,54 @@
|
||||
+QA output created by nbd-tls-iothread
|
||||
+
|
||||
+== preparing TLS creds and spare port ==
|
||||
+picked unused port
|
||||
+Generating a self signed certificate...
|
||||
+Generating a signed certificate...
|
||||
+Generating a signed certificate...
|
||||
+
|
||||
+== preparing image ==
|
||||
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824
|
||||
+Formatting 'TEST_DIR/dst.IMGFMT', fmt=IMGFMT size=1073741824
|
||||
+
|
||||
+=== Starting Src QEMU ===
|
||||
+
|
||||
+{"execute": "qmp_capabilities"}
|
||||
+{"return": {}}
|
||||
+
|
||||
+=== Starting Dst VM2 ===
|
||||
+
|
||||
+{"execute": "qmp_capabilities"}
|
||||
+{"return": {}}
|
||||
+
|
||||
+=== Dst VM: Enable NBD server for incoming storage migration ===
|
||||
+
|
||||
+{"execute": "nbd-server-start", "arguments":
|
||||
+ {"addr": {"type": "inet", "data": {"host": "127.0.0.1", "port": PORT}},
|
||||
+ "tls-creds": "tls0"}}
|
||||
+{"return": {}}
|
||||
+{"execute": "block-export-add", "arguments":
|
||||
+ {"node-name": "drive_image1", "type": "nbd", "writable": true,
|
||||
+ "id": "drive_image1"}}
|
||||
+{"return": {}}
|
||||
+
|
||||
+=== Src VM: Mirror to dst NBD for outgoing storage migration ===
|
||||
+
|
||||
+{"execute": "blockdev-add", "arguments":
|
||||
+ {"node-name": "mirror", "driver": "nbd",
|
||||
+ "server": {"type": "inet", "host": "127.0.0.1", "port": PORT},
|
||||
+ "export": "drive_image1", "tls-creds": "tls0",
|
||||
+ "tls-hostname": "127.0.0.1"}}
|
||||
+{"return": {}}
|
||||
+{"execute": "blockdev-mirror", "arguments":
|
||||
+ {"sync": "full", "device": "drive_image1", "target": "mirror",
|
||||
+ "job-id": "drive_image1_53"}}
|
||||
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "JOB_STATUS_CHANGE", "data": {"status": "created", "id": "drive_image1_53"}}
|
||||
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "JOB_STATUS_CHANGE", "data": {"status": "running", "id": "drive_image1_53"}}
|
||||
+{"return": {}}
|
||||
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "JOB_STATUS_CHANGE", "data": {"status": "ready", "id": "drive_image1_53"}}
|
||||
+
|
||||
+=== Cleaning up ===
|
||||
+
|
||||
+{"execute":"quit"}
|
||||
+{"execute":"quit"}
|
||||
+*** done
|
||||
--
|
||||
2.39.3
|
||||
|
330
kvm-nbd-server-Mark-negotiation-functions-as-coroutine_f.patch
Normal file
330
kvm-nbd-server-Mark-negotiation-functions-as-coroutine_f.patch
Normal file
@ -0,0 +1,330 @@
|
||||
From 55e78a14c6a6956a3ac65f36b9b8b8c49eff959b Mon Sep 17 00:00:00 2001
|
||||
From: Eric Blake <eblake@redhat.com>
|
||||
Date: Mon, 8 Apr 2024 11:00:44 -0500
|
||||
Subject: [PATCH 2/4] nbd/server: Mark negotiation functions as coroutine_fn
|
||||
|
||||
RH-Author: Eric Blake <eblake@redhat.com>
|
||||
RH-MergeRequest: 257: nbd/server: fix TLS negotiation across coroutine context
|
||||
RH-Jira: RHEL-40959
|
||||
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
RH-Commit: [2/4] f364e5cd2a9eac2d4f6af2841479f1dfb2f8df58 (ebblake/centos-qemu-kvm)
|
||||
|
||||
nbd_negotiate() is already marked coroutine_fn. And given the fix in
|
||||
the previous patch to have nbd_negotiate_handle_starttls not create
|
||||
and wait on a g_main_loop (as that would violate coroutine
|
||||
constraints), it is worth marking the rest of the related static
|
||||
functions reachable only during option negotiation as also being
|
||||
coroutine_fn.
|
||||
|
||||
Suggested-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
Message-ID: <20240408160214.1200629-6-eblake@redhat.com>
|
||||
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
|
||||
[eblake: drop one spurious coroutine_fn marking]
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
|
||||
Jira: https://issues.redhat.com/browse/RHEL-40959
|
||||
(cherry picked from commit 4fa333e08dd96395a99ea8dd9e4c73a29dd23344)
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
---
|
||||
nbd/server.c | 102 +++++++++++++++++++++++++++++----------------------
|
||||
1 file changed, 59 insertions(+), 43 deletions(-)
|
||||
|
||||
diff --git a/nbd/server.c b/nbd/server.c
|
||||
index 98ae0e1632..892797bb11 100644
|
||||
--- a/nbd/server.c
|
||||
+++ b/nbd/server.c
|
||||
@@ -195,8 +195,9 @@ static inline void set_be_option_rep(NBDOptionReply *rep, uint32_t option,
|
||||
|
||||
/* Send a reply header, including length, but no payload.
|
||||
* Return -errno on error, 0 on success. */
|
||||
-static int nbd_negotiate_send_rep_len(NBDClient *client, uint32_t type,
|
||||
- uint32_t len, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_send_rep_len(NBDClient *client, uint32_t type,
|
||||
+ uint32_t len, Error **errp)
|
||||
{
|
||||
NBDOptionReply rep;
|
||||
|
||||
@@ -211,15 +212,15 @@ static int nbd_negotiate_send_rep_len(NBDClient *client, uint32_t type,
|
||||
|
||||
/* Send a reply header with default 0 length.
|
||||
* Return -errno on error, 0 on success. */
|
||||
-static int nbd_negotiate_send_rep(NBDClient *client, uint32_t type,
|
||||
- Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_send_rep(NBDClient *client, uint32_t type, Error **errp)
|
||||
{
|
||||
return nbd_negotiate_send_rep_len(client, type, 0, errp);
|
||||
}
|
||||
|
||||
/* Send an error reply.
|
||||
* Return -errno on error, 0 on success. */
|
||||
-static int G_GNUC_PRINTF(4, 0)
|
||||
+static coroutine_fn int G_GNUC_PRINTF(4, 0)
|
||||
nbd_negotiate_send_rep_verr(NBDClient *client, uint32_t type,
|
||||
Error **errp, const char *fmt, va_list va)
|
||||
{
|
||||
@@ -259,7 +260,7 @@ nbd_sanitize_name(const char *name)
|
||||
|
||||
/* Send an error reply.
|
||||
* Return -errno on error, 0 on success. */
|
||||
-static int G_GNUC_PRINTF(4, 5)
|
||||
+static coroutine_fn int G_GNUC_PRINTF(4, 5)
|
||||
nbd_negotiate_send_rep_err(NBDClient *client, uint32_t type,
|
||||
Error **errp, const char *fmt, ...)
|
||||
{
|
||||
@@ -275,7 +276,7 @@ nbd_negotiate_send_rep_err(NBDClient *client, uint32_t type,
|
||||
/* Drop remainder of the current option, and send a reply with the
|
||||
* given error type and message. Return -errno on read or write
|
||||
* failure; or 0 if connection is still live. */
|
||||
-static int G_GNUC_PRINTF(4, 0)
|
||||
+static coroutine_fn int G_GNUC_PRINTF(4, 0)
|
||||
nbd_opt_vdrop(NBDClient *client, uint32_t type, Error **errp,
|
||||
const char *fmt, va_list va)
|
||||
{
|
||||
@@ -288,7 +289,7 @@ nbd_opt_vdrop(NBDClient *client, uint32_t type, Error **errp,
|
||||
return ret;
|
||||
}
|
||||
|
||||
-static int G_GNUC_PRINTF(4, 5)
|
||||
+static coroutine_fn int G_GNUC_PRINTF(4, 5)
|
||||
nbd_opt_drop(NBDClient *client, uint32_t type, Error **errp,
|
||||
const char *fmt, ...)
|
||||
{
|
||||
@@ -302,7 +303,7 @@ nbd_opt_drop(NBDClient *client, uint32_t type, Error **errp,
|
||||
return ret;
|
||||
}
|
||||
|
||||
-static int G_GNUC_PRINTF(3, 4)
|
||||
+static coroutine_fn int G_GNUC_PRINTF(3, 4)
|
||||
nbd_opt_invalid(NBDClient *client, Error **errp, const char *fmt, ...)
|
||||
{
|
||||
int ret;
|
||||
@@ -319,8 +320,9 @@ nbd_opt_invalid(NBDClient *client, Error **errp, const char *fmt, ...)
|
||||
* If @check_nul, require that no NUL bytes appear in buffer.
|
||||
* Return -errno on I/O error, 0 if option was completely handled by
|
||||
* sending a reply about inconsistent lengths, or 1 on success. */
|
||||
-static int nbd_opt_read(NBDClient *client, void *buffer, size_t size,
|
||||
- bool check_nul, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_opt_read(NBDClient *client, void *buffer, size_t size,
|
||||
+ bool check_nul, Error **errp)
|
||||
{
|
||||
if (size > client->optlen) {
|
||||
return nbd_opt_invalid(client, errp,
|
||||
@@ -343,7 +345,8 @@ static int nbd_opt_read(NBDClient *client, void *buffer, size_t size,
|
||||
/* Drop size bytes from the unparsed payload of the current option.
|
||||
* Return -errno on I/O error, 0 if option was completely handled by
|
||||
* sending a reply about inconsistent lengths, or 1 on success. */
|
||||
-static int nbd_opt_skip(NBDClient *client, size_t size, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_opt_skip(NBDClient *client, size_t size, Error **errp)
|
||||
{
|
||||
if (size > client->optlen) {
|
||||
return nbd_opt_invalid(client, errp,
|
||||
@@ -366,8 +369,9 @@ static int nbd_opt_skip(NBDClient *client, size_t size, Error **errp)
|
||||
* Return -errno on I/O error, 0 if option was completely handled by
|
||||
* sending a reply about inconsistent lengths, or 1 on success.
|
||||
*/
|
||||
-static int nbd_opt_read_name(NBDClient *client, char **name, uint32_t *length,
|
||||
- Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_opt_read_name(NBDClient *client, char **name, uint32_t *length,
|
||||
+ Error **errp)
|
||||
{
|
||||
int ret;
|
||||
uint32_t len;
|
||||
@@ -402,8 +406,8 @@ static int nbd_opt_read_name(NBDClient *client, char **name, uint32_t *length,
|
||||
|
||||
/* Send a single NBD_REP_SERVER reply to NBD_OPT_LIST, including payload.
|
||||
* Return -errno on error, 0 on success. */
|
||||
-static int nbd_negotiate_send_rep_list(NBDClient *client, NBDExport *exp,
|
||||
- Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_send_rep_list(NBDClient *client, NBDExport *exp, Error **errp)
|
||||
{
|
||||
ERRP_GUARD();
|
||||
size_t name_len, desc_len;
|
||||
@@ -444,7 +448,8 @@ static int nbd_negotiate_send_rep_list(NBDClient *client, NBDExport *exp,
|
||||
|
||||
/* Process the NBD_OPT_LIST command, with a potential series of replies.
|
||||
* Return -errno on error, 0 on success. */
|
||||
-static int nbd_negotiate_handle_list(NBDClient *client, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_handle_list(NBDClient *client, Error **errp)
|
||||
{
|
||||
NBDExport *exp;
|
||||
assert(client->opt == NBD_OPT_LIST);
|
||||
@@ -459,7 +464,8 @@ static int nbd_negotiate_handle_list(NBDClient *client, Error **errp)
|
||||
return nbd_negotiate_send_rep(client, NBD_REP_ACK, errp);
|
||||
}
|
||||
|
||||
-static void nbd_check_meta_export(NBDClient *client, NBDExport *exp)
|
||||
+static coroutine_fn void
|
||||
+nbd_check_meta_export(NBDClient *client, NBDExport *exp)
|
||||
{
|
||||
if (exp != client->contexts.exp) {
|
||||
client->contexts.count = 0;
|
||||
@@ -468,8 +474,9 @@ static void nbd_check_meta_export(NBDClient *client, NBDExport *exp)
|
||||
|
||||
/* Send a reply to NBD_OPT_EXPORT_NAME.
|
||||
* Return -errno on error, 0 on success. */
|
||||
-static int nbd_negotiate_handle_export_name(NBDClient *client, bool no_zeroes,
|
||||
- Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_handle_export_name(NBDClient *client, bool no_zeroes,
|
||||
+ Error **errp)
|
||||
{
|
||||
ERRP_GUARD();
|
||||
g_autofree char *name = NULL;
|
||||
@@ -536,9 +543,9 @@ static int nbd_negotiate_handle_export_name(NBDClient *client, bool no_zeroes,
|
||||
/* Send a single NBD_REP_INFO, with a buffer @buf of @length bytes.
|
||||
* The buffer does NOT include the info type prefix.
|
||||
* Return -errno on error, 0 if ready to send more. */
|
||||
-static int nbd_negotiate_send_info(NBDClient *client,
|
||||
- uint16_t info, uint32_t length, void *buf,
|
||||
- Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_send_info(NBDClient *client, uint16_t info, uint32_t length,
|
||||
+ void *buf, Error **errp)
|
||||
{
|
||||
int rc;
|
||||
|
||||
@@ -565,7 +572,8 @@ static int nbd_negotiate_send_info(NBDClient *client,
|
||||
* -errno transmission error occurred or @fatal was requested, errp is set
|
||||
* 0 error message successfully sent to client, errp is not set
|
||||
*/
|
||||
-static int nbd_reject_length(NBDClient *client, bool fatal, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_reject_length(NBDClient *client, bool fatal, Error **errp)
|
||||
{
|
||||
int ret;
|
||||
|
||||
@@ -583,7 +591,8 @@ static int nbd_reject_length(NBDClient *client, bool fatal, Error **errp)
|
||||
/* Handle NBD_OPT_INFO and NBD_OPT_GO.
|
||||
* Return -errno on error, 0 if ready for next option, and 1 to move
|
||||
* into transmission phase. */
|
||||
-static int nbd_negotiate_handle_info(NBDClient *client, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_handle_info(NBDClient *client, Error **errp)
|
||||
{
|
||||
int rc;
|
||||
g_autofree char *name = NULL;
|
||||
@@ -755,7 +764,8 @@ struct NBDTLSServerHandshakeData {
|
||||
Coroutine *co;
|
||||
};
|
||||
|
||||
-static void nbd_server_tls_handshake(QIOTask *task, void *opaque)
|
||||
+static void
|
||||
+nbd_server_tls_handshake(QIOTask *task, void *opaque)
|
||||
{
|
||||
struct NBDTLSServerHandshakeData *data = opaque;
|
||||
|
||||
@@ -768,8 +778,8 @@ static void nbd_server_tls_handshake(QIOTask *task, void *opaque)
|
||||
|
||||
/* Handle NBD_OPT_STARTTLS. Return NULL to drop connection, or else the
|
||||
* new channel for all further (now-encrypted) communication. */
|
||||
-static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client,
|
||||
- Error **errp)
|
||||
+static coroutine_fn QIOChannel *
|
||||
+nbd_negotiate_handle_starttls(NBDClient *client, Error **errp)
|
||||
{
|
||||
QIOChannel *ioc;
|
||||
QIOChannelTLS *tioc;
|
||||
@@ -821,10 +831,9 @@ static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client,
|
||||
*
|
||||
* For NBD_OPT_LIST_META_CONTEXT @context_id is ignored, 0 is used instead.
|
||||
*/
|
||||
-static int nbd_negotiate_send_meta_context(NBDClient *client,
|
||||
- const char *context,
|
||||
- uint32_t context_id,
|
||||
- Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_send_meta_context(NBDClient *client, const char *context,
|
||||
+ uint32_t context_id, Error **errp)
|
||||
{
|
||||
NBDOptionReplyMetaContext opt;
|
||||
struct iovec iov[] = {
|
||||
@@ -849,8 +858,9 @@ static int nbd_negotiate_send_meta_context(NBDClient *client,
|
||||
* Return true if @query matches @pattern, or if @query is empty when
|
||||
* the @client is performing _LIST_.
|
||||
*/
|
||||
-static bool nbd_meta_empty_or_pattern(NBDClient *client, const char *pattern,
|
||||
- const char *query)
|
||||
+static coroutine_fn bool
|
||||
+nbd_meta_empty_or_pattern(NBDClient *client, const char *pattern,
|
||||
+ const char *query)
|
||||
{
|
||||
if (!*query) {
|
||||
trace_nbd_negotiate_meta_query_parse("empty");
|
||||
@@ -867,7 +877,8 @@ static bool nbd_meta_empty_or_pattern(NBDClient *client, const char *pattern,
|
||||
/*
|
||||
* Return true and adjust @str in place if it begins with @prefix.
|
||||
*/
|
||||
-static bool nbd_strshift(const char **str, const char *prefix)
|
||||
+static coroutine_fn bool
|
||||
+nbd_strshift(const char **str, const char *prefix)
|
||||
{
|
||||
size_t len = strlen(prefix);
|
||||
|
||||
@@ -883,8 +894,9 @@ static bool nbd_strshift(const char **str, const char *prefix)
|
||||
* Handle queries to 'base' namespace. For now, only the base:allocation
|
||||
* context is available. Return true if @query has been handled.
|
||||
*/
|
||||
-static bool nbd_meta_base_query(NBDClient *client, NBDMetaContexts *meta,
|
||||
- const char *query)
|
||||
+static coroutine_fn bool
|
||||
+nbd_meta_base_query(NBDClient *client, NBDMetaContexts *meta,
|
||||
+ const char *query)
|
||||
{
|
||||
if (!nbd_strshift(&query, "base:")) {
|
||||
return false;
|
||||
@@ -903,8 +915,9 @@ static bool nbd_meta_base_query(NBDClient *client, NBDMetaContexts *meta,
|
||||
* and qemu:allocation-depth contexts are available. Return true if @query
|
||||
* has been handled.
|
||||
*/
|
||||
-static bool nbd_meta_qemu_query(NBDClient *client, NBDMetaContexts *meta,
|
||||
- const char *query)
|
||||
+static coroutine_fn bool
|
||||
+nbd_meta_qemu_query(NBDClient *client, NBDMetaContexts *meta,
|
||||
+ const char *query)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
@@ -968,8 +981,9 @@ static bool nbd_meta_qemu_query(NBDClient *client, NBDMetaContexts *meta,
|
||||
*
|
||||
* Return -errno on I/O error, 0 if option was completely handled by
|
||||
* sending a reply about inconsistent lengths, or 1 on success. */
|
||||
-static int nbd_negotiate_meta_query(NBDClient *client,
|
||||
- NBDMetaContexts *meta, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_meta_query(NBDClient *client,
|
||||
+ NBDMetaContexts *meta, Error **errp)
|
||||
{
|
||||
int ret;
|
||||
g_autofree char *query = NULL;
|
||||
@@ -1008,7 +1022,8 @@ static int nbd_negotiate_meta_query(NBDClient *client,
|
||||
* Handle NBD_OPT_LIST_META_CONTEXT and NBD_OPT_SET_META_CONTEXT
|
||||
*
|
||||
* Return -errno on I/O error, or 0 if option was completely handled. */
|
||||
-static int nbd_negotiate_meta_queries(NBDClient *client, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_meta_queries(NBDClient *client, Error **errp)
|
||||
{
|
||||
int ret;
|
||||
g_autofree char *export_name = NULL;
|
||||
@@ -1136,7 +1151,8 @@ static int nbd_negotiate_meta_queries(NBDClient *client, Error **errp)
|
||||
* 1 if client sent NBD_OPT_ABORT, i.e. on valid disconnect,
|
||||
* errp is not set
|
||||
*/
|
||||
-static int nbd_negotiate_options(NBDClient *client, Error **errp)
|
||||
+static coroutine_fn int
|
||||
+nbd_negotiate_options(NBDClient *client, Error **errp)
|
||||
{
|
||||
uint32_t flags;
|
||||
bool fixedNewstyle = false;
|
||||
--
|
||||
2.39.3
|
||||
|
208
kvm-nbd-server-do-not-poll-within-a-coroutine-context.patch
Normal file
208
kvm-nbd-server-do-not-poll-within-a-coroutine-context.patch
Normal file
@ -0,0 +1,208 @@
|
||||
From 484fe3af54a3e421be9e370d47eabe0d8cc5c50d Mon Sep 17 00:00:00 2001
|
||||
From: Zhu Yangyang <zhuyangyang14@huawei.com>
|
||||
Date: Mon, 8 Apr 2024 11:00:43 -0500
|
||||
Subject: [PATCH 1/4] nbd/server: do not poll within a coroutine context
|
||||
|
||||
RH-Author: Eric Blake <eblake@redhat.com>
|
||||
RH-MergeRequest: 257: nbd/server: fix TLS negotiation across coroutine context
|
||||
RH-Jira: RHEL-40959
|
||||
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
RH-Commit: [1/4] 379f38d46d204890e47a5eb744292d728badc7db (ebblake/centos-qemu-kvm)
|
||||
|
||||
Coroutines are not supposed to block. Instead, they should yield.
|
||||
|
||||
The client performs TLS upgrade outside of an AIOContext, during
|
||||
synchronous handshake; this still requires g_main_loop. But the
|
||||
server responds to TLS upgrade inside a coroutine, so a nested
|
||||
g_main_loop is wrong. Since the two callbacks no longer share more
|
||||
than the setting of data.complete and data.error, it's just as easy to
|
||||
use static helpers instead of trying to share a common code path. It
|
||||
is also possible to add assertions that no other code is interfering
|
||||
with the eventual path to qio reaching the callback, whether or not it
|
||||
required a yield or main loop.
|
||||
|
||||
Fixes: f95910f ("nbd: implement TLS support in the protocol negotiation")
|
||||
Signed-off-by: Zhu Yangyang <zhuyangyang14@huawei.com>
|
||||
[eblake: move callbacks to their use point, add assertions]
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
Message-ID: <20240408160214.1200629-5-eblake@redhat.com>
|
||||
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
|
||||
|
||||
Jira: https://issues.redhat.com/browse/RHEL-40959
|
||||
(cherry picked from commit ae6d91a7e9b77abb029ed3fa9fad461422286942)
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
---
|
||||
nbd/client.c | 28 ++++++++++++++++++++++++----
|
||||
nbd/common.c | 11 -----------
|
||||
nbd/nbd-internal.h | 10 ----------
|
||||
nbd/server.c | 28 +++++++++++++++++++++++-----
|
||||
4 files changed, 47 insertions(+), 30 deletions(-)
|
||||
|
||||
diff --git a/nbd/client.c b/nbd/client.c
|
||||
index 29ffc609a4..c89c750467 100644
|
||||
--- a/nbd/client.c
|
||||
+++ b/nbd/client.c
|
||||
@@ -596,13 +596,31 @@ static int nbd_request_simple_option(QIOChannel *ioc, int opt, bool strict,
|
||||
return 1;
|
||||
}
|
||||
|
||||
+/* Callback to learn when QIO TLS upgrade is complete */
|
||||
+struct NBDTLSClientHandshakeData {
|
||||
+ bool complete;
|
||||
+ Error *error;
|
||||
+ GMainLoop *loop;
|
||||
+};
|
||||
+
|
||||
+static void nbd_client_tls_handshake(QIOTask *task, void *opaque)
|
||||
+{
|
||||
+ struct NBDTLSClientHandshakeData *data = opaque;
|
||||
+
|
||||
+ qio_task_propagate_error(task, &data->error);
|
||||
+ data->complete = true;
|
||||
+ if (data->loop) {
|
||||
+ g_main_loop_quit(data->loop);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
static QIOChannel *nbd_receive_starttls(QIOChannel *ioc,
|
||||
QCryptoTLSCreds *tlscreds,
|
||||
const char *hostname, Error **errp)
|
||||
{
|
||||
int ret;
|
||||
QIOChannelTLS *tioc;
|
||||
- struct NBDTLSHandshakeData data = { 0 };
|
||||
+ struct NBDTLSClientHandshakeData data = { 0 };
|
||||
|
||||
ret = nbd_request_simple_option(ioc, NBD_OPT_STARTTLS, true, errp);
|
||||
if (ret <= 0) {
|
||||
@@ -619,18 +637,20 @@ static QIOChannel *nbd_receive_starttls(QIOChannel *ioc,
|
||||
return NULL;
|
||||
}
|
||||
qio_channel_set_name(QIO_CHANNEL(tioc), "nbd-client-tls");
|
||||
- data.loop = g_main_loop_new(g_main_context_default(), FALSE);
|
||||
trace_nbd_receive_starttls_tls_handshake();
|
||||
qio_channel_tls_handshake(tioc,
|
||||
- nbd_tls_handshake,
|
||||
+ nbd_client_tls_handshake,
|
||||
&data,
|
||||
NULL,
|
||||
NULL);
|
||||
|
||||
if (!data.complete) {
|
||||
+ data.loop = g_main_loop_new(g_main_context_default(), FALSE);
|
||||
g_main_loop_run(data.loop);
|
||||
+ assert(data.complete);
|
||||
+ g_main_loop_unref(data.loop);
|
||||
}
|
||||
- g_main_loop_unref(data.loop);
|
||||
+
|
||||
if (data.error) {
|
||||
error_propagate(errp, data.error);
|
||||
object_unref(OBJECT(tioc));
|
||||
diff --git a/nbd/common.c b/nbd/common.c
|
||||
index 3247c1d618..589a748cfe 100644
|
||||
--- a/nbd/common.c
|
||||
+++ b/nbd/common.c
|
||||
@@ -47,17 +47,6 @@ int nbd_drop(QIOChannel *ioc, size_t size, Error **errp)
|
||||
}
|
||||
|
||||
|
||||
-void nbd_tls_handshake(QIOTask *task,
|
||||
- void *opaque)
|
||||
-{
|
||||
- struct NBDTLSHandshakeData *data = opaque;
|
||||
-
|
||||
- qio_task_propagate_error(task, &data->error);
|
||||
- data->complete = true;
|
||||
- g_main_loop_quit(data->loop);
|
||||
-}
|
||||
-
|
||||
-
|
||||
const char *nbd_opt_lookup(uint32_t opt)
|
||||
{
|
||||
switch (opt) {
|
||||
diff --git a/nbd/nbd-internal.h b/nbd/nbd-internal.h
|
||||
index dfa02f77ee..91895106a9 100644
|
||||
--- a/nbd/nbd-internal.h
|
||||
+++ b/nbd/nbd-internal.h
|
||||
@@ -72,16 +72,6 @@ static inline int nbd_write(QIOChannel *ioc, const void *buffer, size_t size,
|
||||
return qio_channel_write_all(ioc, buffer, size, errp) < 0 ? -EIO : 0;
|
||||
}
|
||||
|
||||
-struct NBDTLSHandshakeData {
|
||||
- GMainLoop *loop;
|
||||
- bool complete;
|
||||
- Error *error;
|
||||
-};
|
||||
-
|
||||
-
|
||||
-void nbd_tls_handshake(QIOTask *task,
|
||||
- void *opaque);
|
||||
-
|
||||
int nbd_drop(QIOChannel *ioc, size_t size, Error **errp);
|
||||
|
||||
#endif
|
||||
diff --git a/nbd/server.c b/nbd/server.c
|
||||
index c3484cc1eb..98ae0e1632 100644
|
||||
--- a/nbd/server.c
|
||||
+++ b/nbd/server.c
|
||||
@@ -748,6 +748,23 @@ static int nbd_negotiate_handle_info(NBDClient *client, Error **errp)
|
||||
return rc;
|
||||
}
|
||||
|
||||
+/* Callback to learn when QIO TLS upgrade is complete */
|
||||
+struct NBDTLSServerHandshakeData {
|
||||
+ bool complete;
|
||||
+ Error *error;
|
||||
+ Coroutine *co;
|
||||
+};
|
||||
+
|
||||
+static void nbd_server_tls_handshake(QIOTask *task, void *opaque)
|
||||
+{
|
||||
+ struct NBDTLSServerHandshakeData *data = opaque;
|
||||
+
|
||||
+ qio_task_propagate_error(task, &data->error);
|
||||
+ data->complete = true;
|
||||
+ if (!qemu_coroutine_entered(data->co)) {
|
||||
+ aio_co_wake(data->co);
|
||||
+ }
|
||||
+}
|
||||
|
||||
/* Handle NBD_OPT_STARTTLS. Return NULL to drop connection, or else the
|
||||
* new channel for all further (now-encrypted) communication. */
|
||||
@@ -756,7 +773,7 @@ static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client,
|
||||
{
|
||||
QIOChannel *ioc;
|
||||
QIOChannelTLS *tioc;
|
||||
- struct NBDTLSHandshakeData data = { 0 };
|
||||
+ struct NBDTLSServerHandshakeData data = { 0 };
|
||||
|
||||
assert(client->opt == NBD_OPT_STARTTLS);
|
||||
|
||||
@@ -777,17 +794,18 @@ static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client,
|
||||
|
||||
qio_channel_set_name(QIO_CHANNEL(tioc), "nbd-server-tls");
|
||||
trace_nbd_negotiate_handle_starttls_handshake();
|
||||
- data.loop = g_main_loop_new(g_main_context_default(), FALSE);
|
||||
+ data.co = qemu_coroutine_self();
|
||||
qio_channel_tls_handshake(tioc,
|
||||
- nbd_tls_handshake,
|
||||
+ nbd_server_tls_handshake,
|
||||
&data,
|
||||
NULL,
|
||||
NULL);
|
||||
|
||||
if (!data.complete) {
|
||||
- g_main_loop_run(data.loop);
|
||||
+ qemu_coroutine_yield();
|
||||
+ assert(data.complete);
|
||||
}
|
||||
- g_main_loop_unref(data.loop);
|
||||
+
|
||||
if (data.error) {
|
||||
object_unref(OBJECT(tioc));
|
||||
error_propagate(errp, data.error);
|
||||
--
|
||||
2.39.3
|
||||
|
130
kvm-qio-Inherit-follow_coroutine_ctx-across-TLS.patch
Normal file
130
kvm-qio-Inherit-follow_coroutine_ctx-across-TLS.patch
Normal file
@ -0,0 +1,130 @@
|
||||
From 120a2c8a7d936e24948f8f4ada6b781b6cbc9931 Mon Sep 17 00:00:00 2001
|
||||
From: Eric Blake <eblake@redhat.com>
|
||||
Date: Fri, 17 May 2024 21:50:14 -0500
|
||||
Subject: [PATCH 3/4] qio: Inherit follow_coroutine_ctx across TLS
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
RH-Author: Eric Blake <eblake@redhat.com>
|
||||
RH-MergeRequest: 257: nbd/server: fix TLS negotiation across coroutine context
|
||||
RH-Jira: RHEL-40959
|
||||
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
RH-Commit: [3/4] b7fd03af5985bbc5504b1a8e2f5cd165f6e438e5 (ebblake/centos-qemu-kvm)
|
||||
|
||||
Since qemu 8.2, the combination of NBD + TLS + iothread crashes on an
|
||||
assertion failure:
|
||||
|
||||
qemu-kvm: ../io/channel.c:534: void qio_channel_restart_read(void *): Assertion `qemu_get_current_aio_context() == qemu_coroutine_get_aio_context(co)' failed.
|
||||
|
||||
It turns out that when we removed AioContext locking, we did so by
|
||||
having NBD tell its qio channels that it wanted to opt in to
|
||||
qio_channel_set_follow_coroutine_ctx(); but while we opted in on the
|
||||
main channel, we did not opt in on the TLS wrapper channel.
|
||||
qemu-iotests has coverage of NBD+iothread and NBD+TLS, but apparently
|
||||
no coverage of NBD+TLS+iothread, or we would have noticed this
|
||||
regression sooner. (I'll add that in the next patch)
|
||||
|
||||
But while we could manually opt in to the TLS channel in nbd/server.c
|
||||
(a one-line change), it is more generic if all qio channels that wrap
|
||||
other channels inherit the follow status, in the same way that they
|
||||
inherit feature bits.
|
||||
|
||||
CC: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
CC: Daniel P. Berrangé <berrange@redhat.com>
|
||||
CC: qemu-stable@nongnu.org
|
||||
Fixes: https://issues.redhat.com/browse/RHEL-34786
|
||||
Fixes: 06e0f098 ("io: follow coroutine AioContext in qio_channel_yield()", v8.2.0)
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||
Message-ID: <20240518025246.791593-5-eblake@redhat.com>
|
||||
|
||||
(cherry picked from commit 199e84de1c903ba5aa1f7256310bbc4a20dd930b)
|
||||
Jira: https://issues.redhat.com/browse/RHEL-40959
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
---
|
||||
io/channel-tls.c | 26 +++++++++++++++-----------
|
||||
io/channel-websock.c | 1 +
|
||||
2 files changed, 16 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/io/channel-tls.c b/io/channel-tls.c
|
||||
index 1d9c9c72bf..67b9700006 100644
|
||||
--- a/io/channel-tls.c
|
||||
+++ b/io/channel-tls.c
|
||||
@@ -69,37 +69,40 @@ qio_channel_tls_new_server(QIOChannel *master,
|
||||
const char *aclname,
|
||||
Error **errp)
|
||||
{
|
||||
- QIOChannelTLS *ioc;
|
||||
+ QIOChannelTLS *tioc;
|
||||
+ QIOChannel *ioc;
|
||||
|
||||
- ioc = QIO_CHANNEL_TLS(object_new(TYPE_QIO_CHANNEL_TLS));
|
||||
+ tioc = QIO_CHANNEL_TLS(object_new(TYPE_QIO_CHANNEL_TLS));
|
||||
+ ioc = QIO_CHANNEL(tioc);
|
||||
|
||||
- ioc->master = master;
|
||||
+ tioc->master = master;
|
||||
+ ioc->follow_coroutine_ctx = master->follow_coroutine_ctx;
|
||||
if (qio_channel_has_feature(master, QIO_CHANNEL_FEATURE_SHUTDOWN)) {
|
||||
- qio_channel_set_feature(QIO_CHANNEL(ioc), QIO_CHANNEL_FEATURE_SHUTDOWN);
|
||||
+ qio_channel_set_feature(ioc, QIO_CHANNEL_FEATURE_SHUTDOWN);
|
||||
}
|
||||
object_ref(OBJECT(master));
|
||||
|
||||
- ioc->session = qcrypto_tls_session_new(
|
||||
+ tioc->session = qcrypto_tls_session_new(
|
||||
creds,
|
||||
NULL,
|
||||
aclname,
|
||||
QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
|
||||
errp);
|
||||
- if (!ioc->session) {
|
||||
+ if (!tioc->session) {
|
||||
goto error;
|
||||
}
|
||||
|
||||
qcrypto_tls_session_set_callbacks(
|
||||
- ioc->session,
|
||||
+ tioc->session,
|
||||
qio_channel_tls_write_handler,
|
||||
qio_channel_tls_read_handler,
|
||||
- ioc);
|
||||
+ tioc);
|
||||
|
||||
- trace_qio_channel_tls_new_server(ioc, master, creds, aclname);
|
||||
- return ioc;
|
||||
+ trace_qio_channel_tls_new_server(tioc, master, creds, aclname);
|
||||
+ return tioc;
|
||||
|
||||
error:
|
||||
- object_unref(OBJECT(ioc));
|
||||
+ object_unref(OBJECT(tioc));
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@@ -116,6 +119,7 @@ qio_channel_tls_new_client(QIOChannel *master,
|
||||
ioc = QIO_CHANNEL(tioc);
|
||||
|
||||
tioc->master = master;
|
||||
+ ioc->follow_coroutine_ctx = master->follow_coroutine_ctx;
|
||||
if (qio_channel_has_feature(master, QIO_CHANNEL_FEATURE_SHUTDOWN)) {
|
||||
qio_channel_set_feature(ioc, QIO_CHANNEL_FEATURE_SHUTDOWN);
|
||||
}
|
||||
diff --git a/io/channel-websock.c b/io/channel-websock.c
|
||||
index a12acc27cf..de39f0d182 100644
|
||||
--- a/io/channel-websock.c
|
||||
+++ b/io/channel-websock.c
|
||||
@@ -883,6 +883,7 @@ qio_channel_websock_new_server(QIOChannel *master)
|
||||
ioc = QIO_CHANNEL(wioc);
|
||||
|
||||
wioc->master = master;
|
||||
+ ioc->follow_coroutine_ctx = master->follow_coroutine_ctx;
|
||||
if (qio_channel_has_feature(master, QIO_CHANNEL_FEATURE_SHUTDOWN)) {
|
||||
qio_channel_set_feature(ioc, QIO_CHANNEL_FEATURE_SHUTDOWN);
|
||||
}
|
||||
--
|
||||
2.39.3
|
||||
|
@ -143,7 +143,7 @@ Obsoletes: %{name}-block-ssh <= %{epoch}:%{version} \
|
||||
Summary: QEMU is a machine emulator and virtualizer
|
||||
Name: qemu-kvm
|
||||
Version: 9.0.0
|
||||
Release: 4%{?rcrel}%{?dist}%{?cc_suffix}
|
||||
Release: 5%{?rcrel}%{?dist}%{?cc_suffix}
|
||||
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
|
||||
# Epoch 15 used for RHEL 8
|
||||
# Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5)
|
||||
@ -222,6 +222,14 @@ Patch34: kvm-iotests-244-Don-t-store-data-file-with-protocol-in-i.patch
|
||||
Patch35: kvm-iotests-270-Don-t-store-data-file-with-json-prefix-i.patch
|
||||
# For RHEL-46239 - CVE-2024-4467 qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write [rhel-10.0]
|
||||
Patch36: kvm-block-Parse-filenames-only-when-explicitly-requested.patch
|
||||
# For RHEL-40959 - Qemu hang when quit dst vm after storage migration(nbd+tls)
|
||||
Patch37: kvm-nbd-server-do-not-poll-within-a-coroutine-context.patch
|
||||
# For RHEL-40959 - Qemu hang when quit dst vm after storage migration(nbd+tls)
|
||||
Patch38: kvm-nbd-server-Mark-negotiation-functions-as-coroutine_f.patch
|
||||
# For RHEL-40959 - Qemu hang when quit dst vm after storage migration(nbd+tls)
|
||||
Patch39: kvm-qio-Inherit-follow_coroutine_ctx-across-TLS.patch
|
||||
# For RHEL-40959 - Qemu hang when quit dst vm after storage migration(nbd+tls)
|
||||
Patch40: kvm-iotests-test-NBD-TLS-iothread.patch
|
||||
|
||||
%if %{have_clang}
|
||||
BuildRequires: clang
|
||||
@ -1287,6 +1295,14 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Jul 24 2024 Miroslav Rezanina <mrezanin@redhat.com> - 9.0.0-5
|
||||
- kvm-nbd-server-do-not-poll-within-a-coroutine-context.patch [RHEL-40959]
|
||||
- kvm-nbd-server-Mark-negotiation-functions-as-coroutine_f.patch [RHEL-40959]
|
||||
- kvm-qio-Inherit-follow_coroutine_ctx-across-TLS.patch [RHEL-40959]
|
||||
- kvm-iotests-test-NBD-TLS-iothread.patch [RHEL-40959]
|
||||
- Resolves: RHEL-40959
|
||||
(Qemu hang when quit dst vm after storage migration(nbd+tls))
|
||||
|
||||
* Thu Jul 04 2024 Miroslav Rezanina <mrezanin@redhat.com> - 9.0.0-4
|
||||
- kvm-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch [RHEL-46239]
|
||||
- kvm-iotests-244-Don-t-store-data-file-with-protocol-in-i.patch [RHEL-46239]
|
||||
|
Loading…
Reference in New Issue
Block a user