[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] qemu-nbd: Ignore SIGPIPE
From: |
Eric Blake |
Subject: |
Re: [Qemu-devel] [PATCH] qemu-nbd: Ignore SIGPIPE |
Date: |
Tue, 27 Jun 2017 12:09:24 -0500 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 |
On 06/11/2017 07:37 AM, Max Reitz wrote:
> qemu proper has done so for 13 years
> (8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have
> done so for four years (526eda14a68d5b3596be715505289b541288ef2a).
> Ignoring this signal is especially important in qemu-nbd because
> otherwise a client can easily take down the qemu-nbd server by dropping
> the connection when the server wants to send something, for example:
>
> $ qemu-nbd -x foo -f raw -t null-co:// &
> [1] 12726
> $ qemu-io -c quit nbd://localhost/bar
> can't open device nbd://localhost/bar: No export with name 'bar' available
> [1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co://
>
> In this case, the client sends an NBD_OPT_ABORT and closes the
> connection (because it is not required to wait for a reply), but the
> server replies with an NBD_REP_ACK (because it is required to reply).
>
> Signed-off-by: Max Reitz <address@hidden>
> ---
As mentioned in another thread, I'm trying to figure out if this patch
belongs as a third patch to fix CVE-2017-9524, or whether we want to
open a second CVE by considering this a slightly different
denial-of-service attack than what my patches fixed.
At any rate, this is already merged, so it's too late for me to add my
R-b, although your analysis was spot-on correct ;)
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature