aboutsummaryrefslogtreecommitdiff
path: root/chardev/char-socket.c
AgeCommit message (Collapse)Author
2019-04-16socket: allow wait=false for client socketMarc-André Lureau
Commit 767abe7 ("chardev: forbid 'wait' option with client sockets") is a bit too strict. Current libvirt always set wait=false, and will thus fail to add client chardev. Make the code more permissive, allowing wait=false with client socket chardevs. Deprecate usage of 'wait' with client sockets. Fixes: 767abe7f49e8be14d29da5db3527817b5d696a52 Cc: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20190415163337.2795-1-marcandre.lureau@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-03-11chardev: add support for authorization for TLS clientsDaniel P. Berrange
Currently any client which can complete the TLS handshake is able to use a chardev server. The server admin can turn on the 'verify-peer' option for the x509 creds to require the client to provide a x509 certificate. This means the client will have to acquire a certificate from the CA before they are permitted to use the chardev server. This is still a fairly low bar. This adds a 'tls-authz=OBJECT-ID' option to the socket chardev backend which takes the ID of a previously added 'QAuthZ' object instance. This will be used to validate the client's x509 distinguished name. Clients failing the check will not be permitted to use the chardev server. For example to setup authorization that only allows connection from a client whose x509 certificate distinguished name contains 'CN=fred', you would use: $QEMU -object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\ endpoint=server,verify-peer=yes \ -object authz-simple,id=authz0,identity=CN=laptop.example.com,,\ O=Example Org,,L=London,,ST=London,,C=GB \ -chardev socket,host=127.0.0.1,port=9000,server,\ tls-creds=tls0,tls-authz=authz0 \ ...other qemu args... Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-03-07chardev-socket: do not blindly reset handlers when switching GMainContextPaolo Bonzini
If the socket is connecting or connected, tcp_chr_update_read_handler will be called but it should not set the NetListener's callbacks again. Otherwise, tcp_chr_accept is invoked while the socket is in connected state and you get an assertion failure. Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-02-12chardev: fix race with client connections in tcp_chr_wait_connectedDaniel P. Berrangé
When the 'reconnect' option is given for a client connection, the qmp_chardev_open_socket_client method will run an asynchronous connection attempt. The QIOChannel socket executes this is a single use background thread, so the connection will succeed immediately (assuming the server is listening). The chardev, however, won't get the result from this background thread until the main loop starts running and processes idle callbacks. Thus when tcp_chr_wait_connected is run s->ioc will be NULL, but the state will be TCP_CHARDEV_STATE_CONNECTING, and there may already be an established connection that will be associated with the chardev by the pending idle callback. tcp_chr_wait_connected doesn't check the state, only s->ioc, so attempts to establish another connection synchronously. If the server allows multiple connections this is unhelpful but not a fatal problem as the duplicate connection will get ignored by the tcp_chr_new_client method when it sees the state is already connected. If the server only supports a single connection, however, the tcp_chr_wait_connected method will hang forever because the server will not accept its synchronous connection attempt until the first connection is closed. To deal with this tcp_chr_wait_connected needs to synchronize with the completion of the background connection task. To do this it needs to create the QIOTask directly and use the qio_task_wait_thread method. This will cancel the pending idle callback and directly dispatch the task completion callback, allowing the connection to be associated with the chardev. If the background connection failed, it can still attempt a new synchronous connection. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-15-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: disallow TLS/telnet/websocket with tcp_chr_wait_connectedDaniel P. Berrangé
In the previous commit commit 1dc8a6695c731abb7461c637b2512c3670d82be4 Author: Marc-André Lureau <marcandre.lureau@redhat.com> Date: Tue Aug 16 12:33:32 2016 +0400 char: fix waiting for TLS and telnet connection the tcp_chr_wait_connected() method was changed to check for a non-NULL 's->ioc' as a sign that there is already a connection present, as opposed to checking the "connected" flag to supposedly fix handling of TLS/telnet connections. The original code would repeatedly call tcp_chr_wait_connected creating many connections as 'connected' would never become true. The changed code would still repeatedly call tcp_chr_wait_connected busy waiting because s->ioc is set but the chardev will never see CHR_EVENT_OPENED. IOW, the code is still broken with TLS/telnet, but in a different way. Checking for a non-NULL 's->ioc' does not mean that a CHR_EVENT_OPENED will be ready for a TLS/telnet connection. These protocols (and the websocket protocol) all require the main loop to be running in order to complete the protocol handshake before emitting CHR_EVENT_OPENED. The tcp_chr_wait_connected() method is only used during early startup before a main loop is running, so TLS/telnet/websock connections can never complete initialization. Making this work would require changing tcp_chr_wait_connected to run a main loop. This is quite complex since we must not allow GSource's that other parts of QEMU have registered to run yet. The current callers of tcp_chr_wait_connected do not require use of the TLS/telnet/websocket protocols, so the simplest option is to just forbid this combination completely for now. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-14-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: honour the reconnect setting in tcp_chr_wait_connectedDaniel P. Berrangé
If establishing a client connection fails, the tcp_chr_wait_connected method should sleep for the reconnect timeout and then retry the attempt. This ensures the callers don't immediately abort with an error when the initial connection fails. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-13-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: use a state machine for socket connection stateDaniel P. Berrangé
The socket connection state is indicated via the 'bool connected' field in the SocketChardev struct. This variable is somewhat misleading though, as it is only set to true once the connection has completed all required handshakes (eg for TLS, telnet or websockets). IOW there is a period of time in which the socket is connected, but the "connected" flag is still false. The socket chardev really has three states that it can be in, disconnected, connecting and connected and those should be tracked explicitly. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-12-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: split up qmp_chardev_open_socket connection codeDaniel P. Berrangé
In qmp_chardev_open_socket the code for connecting client chardevs is split across two conditionals far apart with some server chardev code in the middle. Split up the method so that code for client connection setup is separate from code for server connection setup. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-11-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: split tcp_chr_wait_connected into two methodsDaniel P. Berrangé
The tcp_chr_wait_connected method can deal with either server or client chardevs, but some callers only care about one of these possibilities. The tcp_chr_wait_connected method will also need some refactoring to reliably deal with its primary goal of allowing a device frontend to wait for an established connection, which will interfere with other callers. Split it into two methods, one responsible for server initiated connections, the other responsible for client initiated connections. In doing this split the tcp_char_connect_async() method is renamed to become consistent with naming of the new methods. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-10-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: remove unused 'sioc' variable & cleanup pathsDaniel P. Berrangé
The 'sioc' variable in qmp_chardev_open_socket was unused since commit 3e7d4d20d3a528b1ed10b1dc3d83119bfb0c5f24 Author: Peter Xu <peterx@redhat.com> Date: Tue Mar 6 13:33:17 2018 +0800 chardev: use chardev's gcontext for async connect Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-9-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: remove many local variables in qemu_chr_parse_socketDaniel P. Berrangé
Now that all validation is separated off into a separate method, we can directly populate the ChardevSocket struct from the QemuOpts values, avoiding many local variables. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-7-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: forbid 'wait' option with client socketsDaniel P. Berrangé
The 'wait'/'nowait' parameter is used to tell server sockets whether to block until a client is accepted during initialization. Client chardevs have always silently ignored this option. Various tests were mistakenly passing this option for their client chardevs. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-6-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: forbid 'reconnect' option with server socketsDaniel P. Berrangé
The 'reconnect' option is used to give the sleep time, in seconds, before a client socket attempts to re-establish a connection to the server. It does not make sense to set this for server sockets, as they will always accept a new client connection immediately after the previous one went away. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-5-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-02-12chardev: fix validation of options for QMP created chardevsDaniel P. Berrangé
The TLS creds option is not valid with certain address types. The user config was only checked for errors when parsing legacy QemuOpts, thus the user could pass unsupported values via QMP. Pull all code for validating options out into a new method qmp_chardev_validate_socket, that is called from the main qmp_chardev_open_socket method. This adds a missing check for rejecting TLS creds with the vsock address type. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20190211182442.8542-4-berrange@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2018-11-01chardev: Add websocket supportJulia Suvorova
New option "websocket" added to allow using WebSocket protocol for chardev socket backend. Example: -chardev socket,websocket,server,id=... Signed-off-by: Julia Suvorova <jusual@mail.ru> Message-Id: <20181018223501.21683-3-jusual@mail.ru> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2018-11-01chardev/char-socket: Function headers refactoringJulia Suvorova
Upcoming websocket support requires additional parameters in function headers that are already overloaded. This patch replaces the bunch of parameters with a single structure pointer. Signed-off-by: Julia Suvorova <jusual@mail.ru> Message-Id: <20181018223501.21683-2-jusual@mail.ru> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-11-01char-socket: make 'fd' incompatible with 'reconnect'Marc-André Lureau
A chardev socket created with the 'fd=' argument is not going to handle reconnection properly by recycling the same fd (or not in a supported way). Let's forbid this case. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-11-01char-socket: correctly set has_reconnect when parsing QemuOptsMarc-André Lureau
qemu_chr_parse_socket() fills all ChardevSocket fields, but that doesn't reflect correctly the arguments given with the options / on the command line. "reconnect" takes a number as argument, and the default value is 0, which doesn't help to identify the missing option. The other arguments have default values that are less problematic, leave them set by default for now. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-10-03chardev: avoid crash if no associated addressMarc-André Lureau
A socket chardev may not have associated address (when adding client fd manually for example). But on disconnect, updating socket filename expects an address and may lead to this crash: Thread 1 "qemu-system-x86" received signal SIGSEGV, Segmentation fault. 0x0000555555d8c70c in SocketAddress_to_str (prefix=0x555556043062 "disconnected:", addr=0x0, is_listen=false, is_telnet=false) at /home/elmarco/src/qq/chardev/char-socket.c:388 388 switch (addr->type) { (gdb) bt #0 0x0000555555d8c70c in SocketAddress_to_str (prefix=0x555556043062 "disconnected:", addr=0x0, is_listen=false, is_telnet=false) at /home/elmarco/src/qq/chardev/char-socket.c:388 #1 0x0000555555d8c8aa in update_disconnected_filename (s=0x555556b1ed00) at /home/elmarco/src/qq/chardev/char-socket.c:419 #2 0x0000555555d8c959 in tcp_chr_disconnect (chr=0x555556b1ed00) at /home/elmarco/src/qq/chardev/char-socket.c:438 #3 0x0000555555d8cba1 in tcp_chr_hup (channel=0x555556b75690, cond=G_IO_HUP, opaque=0x555556b1ed00) at /home/elmarco/src/qq/chardev/char-socket.c:482 #4 0x0000555555da596e in qio_channel_fd_source_dispatch (source=0x555556bb68b0, callback=0x555555d8cb58 <tcp_chr_hup>, user_data=0x555556b1ed00) at /home/elmarco/src/qq/io/channel-watch.c:84 Replace filename with a generic "disconnected:socket" in this case. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-10-02char-socket: update all ioc handlers when changing contextMarc-André Lureau
So far, tcp_chr_update_read_handler() only updated the read handler. Let's also update the hup handler. Factorize the code while at it. (note that s->ioc != NULL when s->connected) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20180817135224.22971-4-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02Revert "chardev: tcp: postpone async connection setup"Marc-André Lureau
This reverts commit 25679e5d58e258e9950685ffbd0cae4cd40d9cc2. This commit broke "reconnect socket" chardev that are created after "machine_done": they no longer try to connect. It broke also vhost-user-test that uses chardev while there is no "machine_done" event. The goal of this patch was to move the "connect" source to the frontend context. chr->gcontext is set with qemu_chr_fe_set_handlers(). But there is no guarantee that it will be called, so we can't delay connection until then: the chardev should still attempt to connect during open(). qemu_chr_fe_set_handlers() is eventually called later and will update the context. Unless there is a good reason to not use initially the default context, I think we should revert to the previous state to fix the regressions. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20180817135224.22971-3-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-10-02Revert "chardev: tcp: postpone TLS work until machine done"Marc-André Lureau
This reverts commit 99f2f54174a595e3ada6e4332fcd2b37ebb0d55d. See next commit reverting 25679e5d58e258e9950685ffbd0cae4cd40d9cc2 as well for rationale. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20180817135224.22971-2-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-07-06qemu-char: check errno together with ret < 0xinhua.Cao
In the tcp_chr_write function, we checked errno, but errno was not reset before a read or write operation. Therefore, this check of errno's actions is often incorrect after EAGAIN has occurred. we need check errno together with ret < 0. Signed-off-by: xinhua.Cao <caoxinhua@huawei.com> Message-Id: <20180704033642.15996-1-caoxinhua@huawei.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Fixes: 9fc53a10f81d3a9027b23fa810147d21be29e614 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-06-28socket: don't free msgfds if error equals EAGAINlinzhecheng
If we see EAGAIN, no data was sent over the socket, so we still have to retry sending of msgfds next time. Signed-off-by: linzhecheng <linzhecheng@huawei.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-26chardev-socket: remove useless ifPaolo Bonzini
This trips Coverity, which believes the subsequent qio_channel_create_watch can dereference a NULL pointer. In reality, tcp_chr_connect's callers all have s->ioc properly initialized, since they are all rooted at tcp_chr_new_client. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-19chardev: tcp: postpone TLS work until machine doneDaniel P. Berrange
TLS handshake may create background GSource tasks, while we won't know the correct GMainContext until the whole chardev (including frontend) inited. Let's postpone the initial TLS handshake until machine done. For dynamically created tcp chardev, we don't postpone that by checking the init_machine_done variable. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> [peterx: add missing include line, do unit test] Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180308140714.28906-1-peterx@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2018-03-16Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* Record-replay lockstep execution, log dumper and fixes (Alex, Pavel) * SCSI fix to pass maximum transfer size (Daniel Barboza) * chardev fixes and improved iothread support (Daniel Berrangé, Peter) * checkpatch tweak (Eric) * make help tweak (Marc-André) * make more PCI NICs available with -net or -nic (myself) * change default q35 NIC to e1000e (myself) * SCSI support for NDOB bit (myself) * membarrier system call support (myself) * SuperIO refactoring (Philippe) * miscellaneous cleanups and fixes (Thomas) # gpg: Signature made Mon 12 Mar 2018 16:10:52 GMT # gpg: using RSA key BFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (69 commits) tcg: fix cpu_io_recompile replay: update documentation replay: save vmstate of the asynchronous events replay: don't process async events when warping the clock scripts/replay-dump.py: replay log dumper replay: avoid recursive call of checkpoints replay: check return values of fwrite replay: push replay_mutex_lock up the call tree replay: don't destroy mutex at exit replay: make locking visible outside replay code replay/replay-internal.c: track holding of replay_lock replay/replay.c: bump REPLAY_VERSION again replay: save prior value of the host clock replay: added replay log format description replay: fix save/load vm for non-empty queue replay: fixed replay_enable_events replay: fix processing async events cpu-exec: fix exception_index handling hw/i386/pc: Factor out the superio code hw/alpha/dp264: Use the TYPE_SMC37C669_SUPERIO ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org> # Conflicts: # default-configs/i386-softmmu.mak # default-configs/x86_64-softmmu.mak
2018-03-13char: allow passing pre-opened socket file descriptor at startupDaniel P. Berrange
When starting QEMU management apps will usually setup a monitor socket, and then open it immediately after startup. If not using QEMU's own -daemonize arg, this process can be troublesome to handle correctly. The mgmt app will need to repeatedly call connect() until it succeeds, because it does not know when QEMU has created the listener socket. If can't retry connect() forever though, because an error might have caused QEMU to exit before it even creates the monitor. The obvious way to fix this kind of problem is to just pass in a pre-opened socket file descriptor for the QEMU monitor to listen on. The management app can now immediately call connect() just once. If connect() fails it knows that QEMU has exited with an error. The SocketAddress(Legacy) structs allow for FD passing via the monitor, and now via inherited file descriptors from the process that spawned QEMU. The final missing piece is adding a 'fd' parameter in the socket chardev options. This allows both HMP usage, pass any FD number with SCM_RIGHTS, then running HMP commands: getfd myfd chardev-add socket,fd=myfd Note that numeric FDs cannot be referenced directly in HMP, only named FDs. And also CLI usage, by leak FD 3 from parent by clearing O_CLOEXEC, then spawning QEMU with -chardev socket,fd=3,id=mon -mon chardev=mon,mode=control Note that named FDs cannot be referenced in CLI args, only numeric FDs. We do not wire this up in the legacy chardev syntax, so you cannot use FD passing with '-qmp', you must use the modern '-mon' + '-chardev' pair. When passing pre-opened FDs there is a restriction on use of TLS encryption. It can be used on a server socket chardev, but cannot be used for a client socket chardev. This is because when validating a server's certificate, the client needs to have a hostname available to match against the certificate identity. An illustrative example of usage is: #!/usr/bin/perl use IO::Socket::UNIX; use Fcntl; unlink "/tmp/qmp"; my $srv = IO::Socket::UNIX->new( Type => SOCK_STREAM(), Local => "/tmp/qmp", Listen => 1, ); my $flags = fcntl $srv, F_GETFD, 0; fcntl $srv, F_SETFD, $flags & ~FD_CLOEXEC; my $fd = $srv->fileno(); exec "qemu-system-x86_64", \ "-chardev", "socket,fd=$fd,server,nowait,id=mon", \ "-mon", "chardev=mon,mode=control"; Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-03-13char: refactor parsing of socket address informationDaniel P. Berrange
To prepare for handling more address types, refactor the parsing of socket address information to make it more robust and extensible. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-03-13char: don't silently skip tn3270 protocol init when TLS is enabledDaniel P. Berrange
Even if common tn3270 implementations do not support TLS, it is trivial to have them proxied over a proxy like stunnel which adds TLS at the sockets layer. We should thus not silently skip tn3270 protocol initialization when TLS is enabled. Reviewed-by: Eric Blake <eblake@redhat.com> Acked-by: Cornelia Huck <cohuck@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-03-12chardev: tcp: let TLS run on chardev contextPeter Xu
Now qio_channel_tls_handshake() is ready to receive the context. Let socket chardev use it, then the TLS handshake of chardev will always be with the chardev's context. Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180306053320.15401-9-peterx@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12chardev: tcp: postpone async connection setupPeter Xu
This patch allows the socket chardev async connection be setup with non-default gcontext. We do it by postponing the setup to machine done, since until then we can know which context we should run the async operation on. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180306053320.15401-8-peterx@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12chardev: use chardev's gcontext for async connectPeter Xu
Generalize the function to create the async QIO task connection. Also, fix the context pointer to use the chardev's gcontext. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180306053320.15401-7-peterx@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12chardev: allow telnet gsource to switch gcontextPeter Xu
It was originally created by qio_channel_add_watch() so it's always assigning the task to main context. Now we use the new API called qio_channel_add_watch_source() so that we get the GSource handle rather than the tag ID. Meanwhile, caching the gsource and TCPChardevTelnetInit (which holds the handshake data) in SocketChardev.telnet_source so that we can also do dynamic context switch when update read handlers. Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180306053320.15401-5-peterx@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12chardev: update net listener gcontextPeter Xu
TCP chardevs can be using QIO network listeners working in the background when in listening mode. However the network listeners are always running in main context. This can race with chardevs that are running in non-main contexts. To solve this, we need to re-setup the net listeners in tcp_chr_update_read_handler() with the newly cached gcontext. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180306053320.15401-4-peterx@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-12chardev: fix handling of EAGAIN for TCP chardevDaniel P. Berrangé
When this commit was applied commit 9894dc0cdcc397ee5b26370bc53da6d360a363c2 Author: Daniel P. Berrange <berrange@redhat.com> Date: Tue Jan 19 11:14:29 2016 +0000 char: convert from GIOChannel to QIOChannel The tcp_chr_recv() function was changed to return QIO_CHANNEL_ERR_BLOCK which corresonds to -2. As such the handling for EAGAIN was able to be removed from tcp_chr_read(). Unfortunately in a later commit: commit b6572b4f97a7b126c7b24e165893ed9fe3d72e1f Author: Marc-André Lureau <marcandre.lureau@redhat.com> Date: Fri Mar 11 18:55:24 2016 +0100 char: translate from QIOChannel error to errno The tcp_chr_recv() function was changed back to return -1, with errno set to EAGAIN, without also re-addding support for this to tcp_chr_read() Reported-by: Aleksey Kuleshov <rndfax@yandex.ru> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20180222121351.26191-1-berrange@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-08Merge remote-tracking branch 'remotes/berrange/tags/qio-next-pull-request' ↵Peter Maydell
into staging # gpg: Signature made Wed 07 Mar 2018 11:24:41 GMT # gpg: using RSA key BE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF * remotes/berrange/tags/qio-next-pull-request: qio: non-default context for TLS handshake qio: non-default context for async conn qio: non-default context for threaded qtask qio: store gsources for net listeners qio: introduce qio_channel_add_watch_{full|source} qio: rename qio_task_thread_result Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-06chardev: fix leak in tcp_chr_telnet_init_io()Peter Xu
Need to free TCPChardevTelnetInit when session established. Since at it, switch to use G_SOURCE_* macros. Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180301084438.13594-2-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06qio: non-default context for TLS handshakePeter Xu
A new parameter "context" is added to qio_channel_tls_handshake() is to allow the TLS to be run on a non-default context. Still, no functional change. Signed-off-by: Peter Xu <peterx@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-06qio: non-default context for async connPeter Xu
We have worked on qio_task_run_in_thread() already. Further, let all the qio channel APIs use that context. Signed-off-by: Peter Xu <peterx@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-02Include less of the generated modular QAPI headersMarkus Armbruster
In my "build everything" tree, a change to the types in qapi-schema.json triggers a recompile of about 4800 out of 5100 objects. The previous commit split up qmp-commands.h, qmp-event.h, qmp-visit.h, qapi-types.h. Each of these headers still includes all its shards. Reduce compile time by including just the shards we actually need. To illustrate the benefits: adding a type to qapi/migration.json now recompiles some 2300 instead of 4800 objects. The next commit will improve it further. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180211093607.27351-24-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> [eblake: rebase to master] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-02-09Move include qemu/option.h from qemu-common.h to actual usersMarkus Armbruster
qemu-common.h includes qemu/option.h, but most places that include the former don't actually need the latter. Drop the include, and add it to the places that actually need it. While there, drop superfluous includes of both headers, and separate #include from file comment with a blank line. This cleanup makes the number of objects depending on qemu/option.h drop from 4545 (out of 4743) to 284 in my "build everything" tree. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180201111846.21846-20-armbru@redhat.com> [Semantic conflict with commit bdd6a90a9e in block/nvme.c resolved]
2018-02-07chardev/char-socket: add POLLHUP handlerKlim Kireev
The following behavior was observed for QEMU configured by libvirt to use guest agent as usual for the guests without virtio-serial driver (Windows or the guest remaining in BIOS stage). In QEMU on first connect to listen character device socket the listen socket is removed from poll just after the accept(). virtio_serial_guest_ready() returns 0 and the descriptor of the connected Unix socket is removed from poll and it will not be present in poll() until the guest will initialize the driver and change the state of the serial to "guest connected". In libvirt connect() to guest agent is performed on restart and is run under VM state lock. Connect() is blocking and can wait forever. In this case libvirt can not perform ANY operation on that VM. The bug can be easily reproduced this way: Terminal 1: qemu-system-x86_64 -m 512 -device pci-serial,chardev=serial1 -chardev socket,id=serial1,path=/tmp/console.sock,server,nowait (virtio-serial and isa-serial also fit) Terminal 2: minicom -D unix\#/tmp/console.sock (type something and press enter) C-a x (to exit) Do 3 times: minicom -D unix\#/tmp/console.sock C-a x It needs 4 connections, because the first one is accepted by QEMU, then two are queued by the kernel, and the 4th blocks. The problem is that QEMU doesn't add a read watcher after succesful read until the guest device wants to acquire recieved data, so I propose to install a separate pullhup watcher regardless of whether the device waits for data or not. Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com> Message-Id: <20180125135129.9305-1-klim.kireev@virtuozzo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-01-12chardev: introduce qemu_chr_timeout_add_ms()Peter Xu
It's a replacement of g_timeout_add[_seconds]() for chardevs. Chardevs now can have dedicated gcontext, we should always bind chardev tasks onto those gcontext rather than the default main context. Since there are quite a few of g_timeout_add[_seconds]() callers, a new function qemu_chr_timeout_add_ms() is introduced. One thing to mention is that, terminal3270 is still always running on main gcontext. However let's convert that as well since it's still part of chardev codes and in case one day we'll miss that when we move it out of main gcontext too. Also, convert all the timers from GSource tags into GSource pointers. Gsource tag IDs and g_source_remove()s can only work with default gcontext, while now these GSources can logically be attached to other contexts. So let's use explicit g_source_destroy() plus another g_source_unref() to remove a timer. Note: when in the timer handler, we don't need the g_source_destroy() any more since that'll be done automatically if the timer handler returns false (and that's what all the current handlers do). Yet another note: in pty_chr_rearm_timer() we take special care for ms=1000. This patch merged the two cases into one. Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20180104141835.17987-4-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-12-21chardev: convert the socket server to QIONetListenerDaniel P. Berrange
Instead of creating a QIOChannelSocket directly for the chardev server socket, use a QIONetListener. This provides the ability to listen on multiple sockets at the same time, so enables full support for IPv4/IPv6 dual stack. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <20171218135417.28301-2-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-10-12char: don't skip client cleanup if 'connected' flag is unsetDaniel P. Berrange
The tcp_chr_free_connection & tcp_chr_disconnect methods both skip all of their cleanup work unless the 's->connected' flag is set. This flag is set when the incoming client connection is ready to use. Crucially this is *after* the TLS handshake has been completed. So if the TLS handshake fails and we try to cleanup the failed client, all the cleanup is skipped as 's->connected' is still false. The only important thing that should be skipped in this case is sending of the CHR_EVENT_CLOSED, because we never got as far as sending the corresponding CHR_EVENT_OPENED. Every other bit of cleanup can be robust against being called even when s->connected is false. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <20171005155057.7664-1-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-09-22chardev: remove context in chr_update_read_handlerPeter Xu
We had a per-chardev cache for context, then we don't need this parameter to be passed in every time when chr_update_read_handler() called. As long as we are calling chr_update_read_handler() using qemu_chr_be_update_read_handlers() we'll be fine. Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <1505975754-21555-5-git-send-email-peterx@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-09-22chardev: use per-dev context for io_add_watch_pollPeter Xu
It was only passed in by chr_update_read_handlers(). However when reconnect, we'll lose that context information. So if a chardev was running on another context (rather than the default context, the NULL pointer), it'll switch back to the default context if reconnection happens. But, it should really stick to the old context. Convert all the callers of io_add_watch_poll() to use the internally cached gcontext. Then the context should be able to survive even after reconnections. Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <1505975754-21555-4-git-send-email-peterx@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-07-14Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* gdbstub fixes (Alex) * IOMMU MemoryRegion subclass (Alexey) * Chardev hotswap (Anton) * NBD_OPT_GO support (Eric) * Misc bugfixes * DEFINE_PROP_LINK (minus the ARM patches - Fam) * MAINTAINERS updates (Philippe) # gpg: Signature made Fri 14 Jul 2017 11:06:27 BST # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (55 commits) spapr_rng: Convert to DEFINE_PROP_LINK cpu: Convert to DEFINE_PROP_LINK mips_cmgcr: Convert to DEFINE_PROP_LINK ivshmem: Convert to DEFINE_PROP_LINK dimm: Convert to DEFINE_PROP_LINK virtio-crypto: Convert to DEFINE_PROP_LINK virtio-rng: Convert to DEFINE_PROP_LINK virtio-scsi: Convert to DEFINE_PROP_LINK virtio-blk: Convert to DEFINE_PROP_LINK qdev: Add const qualifier to PropertyInfo definitions qmp: Use ObjectProperty.type if present qdev: Introduce DEFINE_PROP_LINK qdev: Introduce PropertyInfo.create qom: enforce readonly nature of link's check callback translate-all: remove redundant !tcg_enabled check in dump_exec_info vl: fix breakage of -tb-size nbd: Implement NBD_INFO_BLOCK_SIZE on client nbd: Implement NBD_INFO_BLOCK_SIZE on server nbd: Implement NBD_OPT_GO on client nbd: Implement NBD_OPT_GO on server ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-07-14chardev: block during sync readMarc-André Lureau
A sync read should block until all requested data is available (instead of retrying in qemu_chr_fe_read_all). Change the channel to blocking during sync_read. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170706170353.32601-1-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>