From: Eric Blake <eblake@redhat.com>
To: qemu-devel@nongnu.org
Cc: kwolf@redhat.com, hreitz@redhat.com, berrange@redhat.com,
qemu-block@nongnu.org, den@virtuozzo.com,
andrey.drobyshev@virtuozzo.com, alexander.ivanov@virtuozzo.com,
vsementsov@yandex-team.ru
Subject: [PATCH v4 6/7] qemu-nbd: Allow users to adjust handshake limit
Date: Wed, 7 Aug 2024 12:43:32 -0500 [thread overview]
Message-ID: <20240807174943.771624-15-eblake@redhat.com> (raw)
In-Reply-To: <20240807174943.771624-9-eblake@redhat.com>
Although defaulting the handshake limit to 10 seconds was a nice QoI
change to weed out intentionally slow clients, it can interfere with
integration testing done with manual NBD_OPT commands over 'nbdsh
--opt-mode'. Expose a command line option to allow the user to alter
the timeout away from the default. This option is unlikely to be used
in enough scenarios to warrant a short option letter.
Signed-off-by: Eric Blake <eblake@redhat.com>
---
I'm not sure if this is 9.1 material. It is a new feature
(user-visible command line option) implemented after soft freeze; on
the other hand, it allows one to recover the behavior that existed
prior to plugging the CVE which may be useful in integration testing.
---
docs/tools/qemu-nbd.rst | 5 +++++
qemu-nbd.c | 41 ++++++++++++++++++++++++++---------------
2 files changed, 31 insertions(+), 15 deletions(-)
diff --git a/docs/tools/qemu-nbd.rst b/docs/tools/qemu-nbd.rst
index 329f44d9895..f55c10eb39c 100644
--- a/docs/tools/qemu-nbd.rst
+++ b/docs/tools/qemu-nbd.rst
@@ -154,6 +154,11 @@ driver options if :option:`--image-opts` is specified.
Set the NBD volume export description, as a human-readable
string.
+.. option:: --handshake-limit=N
+
+ Set the timeout for a client to successfully complete its handshake
+ to N seconds (default 10), or 0 for no limit.
+
.. option:: -L, --list
Connect as a client and list all details about the exports exposed by
diff --git a/qemu-nbd.c b/qemu-nbd.c
index 7bf86a6566b..4287a595d92 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -57,19 +57,20 @@
#define HAVE_NBD_DEVICE 0
#endif
-#define SOCKET_PATH "/var/lock/qemu-nbd-%s"
-#define QEMU_NBD_OPT_CACHE 256
-#define QEMU_NBD_OPT_AIO 257
-#define QEMU_NBD_OPT_DISCARD 258
-#define QEMU_NBD_OPT_DETECT_ZEROES 259
-#define QEMU_NBD_OPT_OBJECT 260
-#define QEMU_NBD_OPT_TLSCREDS 261
-#define QEMU_NBD_OPT_IMAGE_OPTS 262
-#define QEMU_NBD_OPT_FORK 263
-#define QEMU_NBD_OPT_TLSAUTHZ 264
-#define QEMU_NBD_OPT_PID_FILE 265
-#define QEMU_NBD_OPT_SELINUX_LABEL 266
-#define QEMU_NBD_OPT_TLSHOSTNAME 267
+#define SOCKET_PATH "/var/lock/qemu-nbd-%s"
+#define QEMU_NBD_OPT_CACHE 256
+#define QEMU_NBD_OPT_AIO 257
+#define QEMU_NBD_OPT_DISCARD 258
+#define QEMU_NBD_OPT_DETECT_ZEROES 259
+#define QEMU_NBD_OPT_OBJECT 260
+#define QEMU_NBD_OPT_TLSCREDS 261
+#define QEMU_NBD_OPT_IMAGE_OPTS 262
+#define QEMU_NBD_OPT_FORK 263
+#define QEMU_NBD_OPT_TLSAUTHZ 264
+#define QEMU_NBD_OPT_PID_FILE 265
+#define QEMU_NBD_OPT_SELINUX_LABEL 266
+#define QEMU_NBD_OPT_TLSHOSTNAME 267
+#define QEMU_NBD_OPT_HANDSHAKE_LIMIT 268
#define MBR_SIZE 512
@@ -80,6 +81,7 @@ static int nb_fds;
static QIONetListener *server;
static QCryptoTLSCreds *tlscreds;
static const char *tlsauthz;
+static int handshake_limit = NBD_DEFAULT_HANDSHAKE_LIMIT;
static void usage(const char *name)
{
@@ -101,6 +103,7 @@ static void usage(const char *name)
" -v, --verbose display extra debugging information\n"
" -x, --export-name=NAME expose export by name (default is empty string)\n"
" -D, --description=TEXT export a human-readable description\n"
+" --handshake-limit=N limit client's handshake to N seconds (default 10)\n"
"\n"
"Exposing part of the image:\n"
" -o, --offset=OFFSET offset into the image\n"
@@ -390,8 +393,7 @@ static void nbd_accept(QIONetListener *listener, QIOChannelSocket *cioc,
nb_fds++;
nbd_update_server_watch();
- /* TODO - expose handshake limit as command line option */
- nbd_client_new(cioc, NBD_DEFAULT_HANDSHAKE_LIMIT,
+ nbd_client_new(cioc, handshake_limit,
tlscreds, tlsauthz, nbd_client_closed, NULL);
}
@@ -569,6 +571,8 @@ int main(int argc, char **argv)
{ "object", required_argument, NULL, QEMU_NBD_OPT_OBJECT },
{ "export-name", required_argument, NULL, 'x' },
{ "description", required_argument, NULL, 'D' },
+ { "handshake-limit", required_argument, NULL,
+ QEMU_NBD_OPT_HANDSHAKE_LIMIT },
{ "tls-creds", required_argument, NULL, QEMU_NBD_OPT_TLSCREDS },
{ "tls-hostname", required_argument, NULL, QEMU_NBD_OPT_TLSHOSTNAME },
{ "tls-authz", required_argument, NULL, QEMU_NBD_OPT_TLSAUTHZ },
@@ -815,6 +819,13 @@ int main(int argc, char **argv)
case QEMU_NBD_OPT_SELINUX_LABEL:
selinux_label = optarg;
break;
+ case QEMU_NBD_OPT_HANDSHAKE_LIMIT:
+ if (qemu_strtoi(optarg, NULL, 0, &handshake_limit) < 0 ||
+ handshake_limit < 0) {
+ error_report("Invalid handshake limit '%s'", optarg);
+ exit(EXIT_FAILURE);
+ }
+ break;
}
}
--
2.45.2
next prev parent reply other threads:[~2024-08-07 17:50 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-07 17:43 [PATCH for-9.1 v4 0/7] CVE-2024-7409 Eric Blake
2024-08-07 17:43 ` [PATCH v4 1/7] nbd: Minor style fixes Eric Blake
2024-08-07 17:55 ` Daniel P. Berrangé
2024-08-07 17:43 ` [PATCH v4 2/7] nbd/server: Plumb in new args to nbd_client_add() Eric Blake
2024-08-07 17:58 ` Daniel P. Berrangé
2024-08-07 21:00 ` Eric Blake
2024-08-07 17:43 ` [PATCH v4 3/7] nbd/server: CVE-2024-7409: Change default max-connections to 100 Eric Blake
2024-08-07 18:24 ` Daniel P. Berrangé
2024-08-07 21:23 ` Eric Blake
2024-08-07 17:43 ` [PATCH v4 4/7] nbd/server: CVE-2024-7409: Drop non-negotiating clients Eric Blake
2024-08-07 18:28 ` Daniel P. Berrangé
2024-08-07 17:43 ` [PATCH v4 5/7] nbd/server: CVE-2024-7409: Close stray client sockets at shutdown Eric Blake
2024-08-07 18:29 ` Daniel P. Berrangé
2024-08-07 21:30 ` Eric Blake
2024-08-07 17:43 ` Eric Blake [this message]
2024-08-07 17:43 ` [PATCH v4 7/7] nbd/server: Allow users to adjust handshake limit in QMP Eric Blake
2024-08-22 10:57 ` [PATCH for-9.1 v4 0/7] CVE-2024-7409 Denis V. Lunev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240807174943.771624-15-eblake@redhat.com \
--to=eblake@redhat.com \
--cc=alexander.ivanov@virtuozzo.com \
--cc=andrey.drobyshev@virtuozzo.com \
--cc=berrange@redhat.com \
--cc=den@virtuozzo.com \
--cc=hreitz@redhat.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=vsementsov@yandex-team.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).