rpms/qemu-kvm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Mon Feb 03 2025 Miroslav Rezanina <mrezanin@redhat.com> - 9.1.0-13

Browse Source 
- kvm-nbd-server-Silence-server-warnings-on-port-probes.patch [RHEL-76908]
- Resolves: RHEL-76908
  (Ensure qemu as NBD server does not flood logs [rhel-10])
This commit is contained in:
Miroslav Rezanina 2025-02-03 02:44:57 -05:00
parent b7456aa7c8
commit cf6a8b8400
2 changed files with 113 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
kvm-nbd-server-Silence-server-warnings-on-port-probes.patch Normal file
View File

@ -0,0 +1,105 @@
From 4364ac20ae74ae2fa4cc2dfa4e982411d9902b59 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Fri, 15 Nov 2024 13:55:53 -0600
Subject: [PATCH] nbd-server: Silence server warnings on port probes
RH-Author: Eric Blake <eblake@redhat.com>
RH-MergeRequest: 334: nbd-server: Silence server warnings on port probes
RH-Jira: RHEL-76908
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [1/1] a66ea3900e0a8515871b6342dfbc0d2c108b4911 (ebblake/centos-qemu-kvm)
While testing the use of qemu-nbd in a Pod of a Kubernetes cluster, I
got LOTS of log messages of the forms:
qemu-nbd: option negotiation failed: Failed to read flags: Unexpected end-of-file before all data were read
qemu-nbd: option negotiation failed: Failed to read flags: Unable to read from socket: Connection reset by peer
While it is nice to warn about clients that aren't following protocol
(in case it helps diagnosing bugs in those clients), a mere port probe
(where the client never write()s any bytes, and where we might even
hit EPIPE in trying to send our greeting to the client) is NOT
abnormal, but merely serves to pollute the log. And Kubernetes
_really_ likes to do port probes to determine whether a given Pod is
up and running.
Easy ways to demonstrate the above port probes:
$ qemu-nbd -r -f raw path/to/file &
$ nc localhost 10809 </dev/null
$ bash -c 'exec </dev/tcp/localhost/10809'
$ kill $!
Silence the noise by not capturing errors until after our first
successful read() from a client.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-ID: <20241115195638.1132007-2-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
(cherry picked from commit efd3dda312129b91986f85976afbda58d40f757f)
Signed-off-by: Eric Blake <eblake@redhat.com>
---
nbd/server.c | 26 +++++++++++++++++---------
1 file changed, 17 insertions(+), 9 deletions(-)
diff --git a/nbd/server.c b/nbd/server.c
index c30e687fc8..f64e47270c 100644
--- a/nbd/server.c
+++ b/nbd/server.c
@@ -1150,8 +1150,8 @@ nbd_negotiate_meta_queries(NBDClient *client, Error **errp)
* Return:
* -errno on error, errp is set
* 0 on successful negotiation, errp is not set
- * 1 if client sent NBD_OPT_ABORT, i.e. on valid disconnect,
- * errp is not set
+ * 1 if client sent NBD_OPT_ABORT (i.e. on valid disconnect) or never
+ * wrote anything (i.e. port probe); errp is not set
*/
static coroutine_fn int
nbd_negotiate_options(NBDClient *client, Error **errp)
@@ -1175,8 +1175,13 @@ nbd_negotiate_options(NBDClient *client, Error **errp)
... Rest of request
*/
- if (nbd_read32(client->ioc, &flags, "flags", errp) < 0) {
- return -EIO;
+ /*
+ * Intentionally ignore errors on this first read - we do not want
+ * to be noisy about a mere port probe, but only for clients that
+ * start talking the protocol and then quit abruptly.
+ */
+ if (nbd_read32(client->ioc, &flags, "flags", NULL) < 0) {
+ return 1;
}
client->mode = NBD_MODE_EXPORT_NAME;
trace_nbd_negotiate_options_flags(flags);
@@ -1383,8 +1388,8 @@ nbd_negotiate_options(NBDClient *client, Error **errp)
* Return:
* -errno on error, errp is set
* 0 on successful negotiation, errp is not set
- * 1 if client sent NBD_OPT_ABORT, i.e. on valid disconnect,
- * errp is not set
+ * 1 if client sent NBD_OPT_ABORT (i.e. on valid disconnect) or never
+ * wrote anything (i.e. port probe); errp is not set
*/
static coroutine_fn int nbd_negotiate(NBDClient *client, Error **errp)
{
@@ -1415,9 +1420,12 @@ static coroutine_fn int nbd_negotiate(NBDClient *client, Error **errp)
stq_be_p(buf + 8, NBD_OPTS_MAGIC);
stw_be_p(buf + 16, NBD_FLAG_FIXED_NEWSTYLE | NBD_FLAG_NO_ZEROES);
- if (nbd_write(client->ioc, buf, 18, errp) < 0) {
- error_prepend(errp, "write failed: ");
- return -EINVAL;
+ /*
+ * Be silent about failure to write our greeting: there is nothing
+ * wrong with a client testing if our port is alive.
+ */
+ if (nbd_write(client->ioc, buf, 18, NULL) < 0) {
+ return 1;
}
ret = nbd_negotiate_options(client, errp);
if (ret != 0) {
--
2.39.3

9
qemu-kvm.spec
View File

@ -143,7 +143,7 @@ Obsoletes: %{name}-block-ssh <= %{epoch}:%{version} \
Summary: QEMU is a machine emulator and virtualizer Summary: QEMU is a machine emulator and virtualizer
Name: qemu-kvm Name: qemu-kvm
Version: 9.1.0 Version: 9.1.0
Release: 12%{?rcrel}%{?dist}%{?cc_suffix} Release: 13%{?rcrel}%{?dist}%{?cc_suffix}
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
# Epoch 15 used for RHEL 8 # Epoch 15 used for RHEL 8
# Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5) # Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5)
@ -430,6 +430,8 @@ Patch126: kvm-pc-bios-s390-ccw-Fix-boot-problem-with-virtio-net-de.patch
Patch127: kvm-pc-bios-s390-ccw-netmain-Fix-error-messages-with-reg.patch Patch127: kvm-pc-bios-s390-ccw-netmain-Fix-error-messages-with-reg.patch
# For RHEL-71761 - [Nvidia "Grace"] Lack of "PAuth" CPU feature results in live migration failure from RHEL 9.6 to 10 # For RHEL-71761 - [Nvidia "Grace"] Lack of "PAuth" CPU feature results in live migration failure from RHEL 9.6 to 10
Patch128: kvm-arm-disable-pauth-for-virt-rhel9-in-RHEL10.patch Patch128: kvm-arm-disable-pauth-for-virt-rhel9-in-RHEL10.patch
# For RHEL-76908 - Ensure qemu as NBD server does not flood logs [rhel-10]
Patch129: kvm-nbd-server-Silence-server-warnings-on-port-probes.patch
%if %{have_clang} %if %{have_clang}
BuildRequires: clang BuildRequires: clang
@ -1496,6 +1498,11 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
%endif %endif
%changelog %changelog
* Mon Feb 03 2025 Miroslav Rezanina <mrezanin@redhat.com> - 9.1.0-13
- kvm-nbd-server-Silence-server-warnings-on-port-probes.patch [RHEL-76908]
- Resolves: RHEL-76908
(Ensure qemu as NBD server does not flood logs [rhel-10])
* Mon Jan 27 2025 Miroslav Rezanina <mrezanin@redhat.com> - 9.1.0-12 * Mon Jan 27 2025 Miroslav Rezanina <mrezanin@redhat.com> - 9.1.0-12
- kvm-pci-ensure-valid-link-status-bits-for-downstream-por.patch [RHEL-65618] - kvm-pci-ensure-valid-link-status-bits-for-downstream-por.patch [RHEL-65618]
- kvm-pc-bios-s390-ccw-Abort-IPL-on-invalid-loadparm.patch [RHEL-72717] - kvm-pc-bios-s390-ccw-Abort-IPL-on-invalid-loadparm.patch [RHEL-72717]