[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] io: return 0 for EOF in TLS session read after
From: |
Eric Blake |
Subject: |
Re: [Qemu-devel] [PATCH] io: return 0 for EOF in TLS session read after shutdown |
Date: |
Mon, 19 Nov 2018 08:31:08 -0600 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.0 |
On 11/19/18 7:42 AM, Daniel P. Berrangé wrote:
GNUTLS takes a paranoid approach when seeing 0 bytes returned by the
underlying OS read() function. It will consider this an error and
return GNUTLS_E_PREMATURE_TERMINATION instead of propagating the 0
return value. It expects apps to arrange for clean termination at
the protocol level and not rely on seeing EOF from a read call to
detect shutdown. This is to harden apps against a malicious 3rd party
causing termination of the sockets layer.
This is unhelpful for the QEMU NBD code which does have a clean
protocol level shutdown, but still relies on seeing 0 from the I/O
channel read in the coroutine handling incoming replies.
The upshot is that when using a plain NBD connection shutdown is
silent, but when using TLS, the client spams the console with
Cannot read from TLS channel: Broken pipe
The NBD connection has, however, called qio_channel_shutdown()
at this point to indicate that it is done with I/O. This gives
the opportunity to optimize the code such that when the channel
has been shutdown in the read direction, the error code
GNUTLS_E_PREMATURE_TERMINATION gets turned into a '0' return
instead of an error.
Detecting premature termination when the client has NOT requested
orderly shutdown is still important, and this patch preserves that
aspect. You are only changing the case where the client has informed
the qio code "yes, an early termination is now okay".
Signed-off-by: Daniel P. Berrangé <address@hidden>
---
+++ b/include/io/channel.h
@@ -51,9 +51,9 @@ enum QIOChannelFeature {
typedef enum QIOChannelShutdown QIOChannelShutdown;
enum QIOChannelShutdown {
- QIO_CHANNEL_SHUTDOWN_BOTH,
- QIO_CHANNEL_SHUTDOWN_READ,
- QIO_CHANNEL_SHUTDOWN_WRITE,
+ QIO_CHANNEL_SHUTDOWN_READ = 1,
+ QIO_CHANNEL_SHUTDOWN_WRITE = 2,
+ QIO_CHANNEL_SHUTDOWN_BOTH = 3,
Nice use of bit operations :)
+++ b/io/channel-tls.c
@@ -275,6 +275,9 @@ static ssize_t qio_channel_tls_readv(QIOChannel *ioc,
} else {
return QIO_CHANNEL_ERR_BLOCK;
}
+ } else if (errno == ECONNABORTED &&
+ (tioc->shutdown & QIO_CHANNEL_SHUTDOWN_READ)) {
+ return 0;
}
Reviewed-by: Eric Blake <address@hidden>
I like this patch better than my proposed hack to ignore read errors
after requesting quit; testing it now.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org