Displaying 20 results from an estimated 7000 matches similar to: "Interesting libnbd/nbdkit bug"
2019 May 25
1
Re: [PATCH libnbd] states: connect_command: Don't set O_NONBLOCK on socket passed to child.
On 5/25/19 3:22 PM, Eric Blake wrote:
> On 5/25/19 1:33 PM, Richard W.M. Jones wrote:
>> I also made the code a bit more robust about closing the socket along
>> error paths.
>> ---
>> generator/states-connect.c | 21 ++++++++++++++++++---
>> 1 file changed, 18 insertions(+), 3 deletions(-)
>>
>
>> assert (!h->sock);
>> assert
2019 May 25
2
[PATCH libnbd] states: connect_command: Don't set O_NONBLOCK on socket passed to child.
I also made the code a bit more robust about closing the socket along
error paths.
---
generator/states-connect.c | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/generator/states-connect.c b/generator/states-connect.c
index ba8b240..a69b70f 100644
--- a/generator/states-connect.c
+++ b/generator/states-connect.c
@@ -27,6 +27,7 @@
#include
2019 Oct 18
5
[PATCH libnbd 0/2] api: Add support for AF_VSOCK.
This is a series of patches to libnbd and nbdkit adding AF_VSOCK
support.
On the host side it allows you to start an nbdkit instance which
listens on a virtio-vsock socket:
$ ./nbdkit -fv --vsock memory 1G
...
nbdkit: debug: bound to vsock 2:10809
On the guest side you can then use libnbd to connect to the server:
$ ./run nbdsh -c 'h.connect_vsock(2, 10809)' -c
2019 Sep 16
2
[LIBNBD SECURITY PATCH 0/1] NBD Protocol Downgrade Attack in libnbd
We discovered a possible Downgrade Attack in libnbd.
Lifecycle
---------
Reported: 2019-09-14 Fixed: 2019-09-16 Published: 2019-09-16
There is no CVE number assigned for this issue yet, but the bug is
being categorized and processed by Red Hat's security team which may
result in a CVE being published later.
Description
-----------
Libnbd includes the method nbd_set_tls(h,
2019 May 25
0
Re: [PATCH libnbd] states: connect_command: Don't set O_NONBLOCK on socket passed to child.
On 5/25/19 1:33 PM, Richard W.M. Jones wrote:
> I also made the code a bit more robust about closing the socket along
> error paths.
> ---
> generator/states-connect.c | 21 ++++++++++++++++++---
> 1 file changed, 18 insertions(+), 3 deletions(-)
>
> assert (!h->sock);
> assert (h->argv);
> assert (h->argv[0]);
> - if (socketpair (AF_UNIX,
2020 Sep 22
3
[libnbd PATCH v2] nbdsh: Catch nbd.Error from -c arguments
When using nbdsh for scripting, it is convenient to let nbdsh fail
with status 1 when encountering an API failure. However, doing so by
letting the nbd.Error exception leak all the way causes ABRT (at least
on Fedora 32 with abrt-python3-handler installed) to assume the
program crashed from a programming error, and needlessly complicates
clients to have to add try: blocks. Better is if nbdsh
2019 Sep 12
2
[libnbd PATCH] nbdsh: Start adding unit tests
Ultimately, I'd like to add a unit test covering our recent fix for
handling globals from consecutive -c, but let's start with a simple
test that --help output is sane. Sanity includes a mention of the man
page for more details (similar to nbdkit --help, although I couldn't
figure out how to make python's argparse output that sentence last).
---
python/nbdsh.py | 3 ++-
2019 Sep 12
1
[libnbd PATCH] nbdsh: Support -u as synonym for --connect
Typing nbdsh --con (the minimum to get an unambiguous prefix for
--connect, different from --command) is annoying compared to having a
short option. Since it takes a URI as an argument, using -u seems
like a reasonable mnemonic.
---
sh/nbdsh.pod | 6 ++++--
python/nbdsh.py | 2 +-
sh/test-context.sh | 8 ++++----
sh/test-pattern.sh | 2 +-
4 files changed, 10 insertions(+), 8
2020 Sep 18
1
[libnbd PATCH] nbdsh: Hide nbd.Error from abrt-python3-handler
When using nbdsh for scripting, it is convenient to let nbdsh fail
with status 1 when encountering an API failure. However, doing so by
letting the nbd.Error exception leak all the way causes ABRT (on
Fedora 32 at least) to assume the program crashed from a programming
error, and needlessly complicates clients to have to add try: blocks.
Better is if nbdsh itself prints the same stack trace that
2019 Aug 27
2
[PATCH nbdkit] sh: Remove assert and replace with smarter file descriptor duplication. (was: Re: [nbdkit PATCH v2 14/17] sh: Use pipe2 with CLOEXEC when possible)
On Fri, Aug 02, 2019 at 02:26:15PM -0500, Eric Blake wrote:
> + /* Ensure that stdin/out/err of the current process were not empty
> + * before we started creating pipes (otherwise, the close and dup2
> + * calls below become more complex to juggle fds around correctly).
> + */
> + assert (in_fd[0] > STDERR_FILENO && in_fd[1] > STDERR_FILENO &&
> +
2019 Jul 25
2
[PATCH libnbd] lib: Kill subprocess in nbd_close.
This is a simple patch which stops nbd_close from waiting too long for
a server subprocess to shut down.
I wanted to send SIGHUP because the server will be able to catch it
and do a clean shutdown if that is required. Is another signal
better?
Is it right to send a signal here?
Rich.
2023 Jan 31
1
[libnbd PATCH v2 3/3] nbdsh: Improve --help and initial banner contents.
On Tue, Jan 31, 2023 at 01:33:25PM +0200, Nir Soffer wrote:
> On Tue, Jan 31, 2023 at 12:34 AM Richard W.M. Jones <rjones at redhat.com> wrote:
> >
> > On Fri, Nov 04, 2022 at 04:18:31PM -0500, Eric Blake wrote:
> > > Document all options in --help output. If -n is not in use, then
> > > enhance the banner to print the current state of h, and further tailor
2019 Oct 01
1
[libnbd PATCH] docs: Add libnbd-security(1) man page
Copies heavily after a similar addition recently made in nbdkit.
---
I'm not sure if .1 or .3 fits better for the man page. With nbdkit,
.1 made sense because 'nbdkit' is a standalone program; but with
libnbd, our only standalone is nbdsh, yet naming it nbdsh-security
seems off.
docs/Makefile.am | 7 +++++++
docs/libnbd-security.pod | 32 ++++++++++++++++++++++++++++++++
2019 Jun 28
2
Re: [PATCH libnbd v3] python: Raise a custom exception containing error string and errno.
On 6/28/19 1:27 PM, Richard W.M. Jones wrote:
> Previously errors caused a RuntimeException to be raised. This commit
> defines a custom exception (nbd.Error) which has two parameters, the
> required error string, and the optional errno (which may be 0 if
> unavailable).
>
> For example:
>
> $ ./run nbdsh -c 'h.pread(0, 0)'
> Traceback (most recent call last):
2023 Jan 31
1
[libnbd PATCH v2 3/3] nbdsh: Improve --help and initial banner contents.
On Tue, Jan 31, 2023 at 11:52:27AM +0000, Richard W.M. Jones wrote:
> On Tue, Jan 31, 2023 at 01:33:25PM +0200, Nir Soffer wrote:
> > On Tue, Jan 31, 2023 at 12:34 AM Richard W.M. Jones <rjones at redhat.com> wrote:
> > >
> > > On Fri, Nov 04, 2022 at 04:18:31PM -0500, Eric Blake wrote:
> > > > Document all options in --help output. If -n is not in
2022 Nov 04
3
[libnbd PATCH v2 0/3] Improve nbdsh -u handling
v1 was here:
https://listman.redhat.com/archives/libguestfs/2022-October/030216.html
Since then, I've incorporated changes based on Rich's feedback:
swap order of patches 2 and 3
less change in patch 1 (including no unsafe eval(%s) for --uri)
in patch 2, include -c in list of snippets to store, and use dict of
lambdas to map back to the desired action
Eric Blake (3):
nbdsh:
2019 Nov 14
1
ANNOUNCE: libnbd 1.2 & nbdkit 1.16 - high performance NBD client and server
I'm pleased to announce the releases of libnbd 1.2 and nbdkit 1.16.
These are a high performance Network Block Device (NBD) client library
and server.
Key features of libnbd:
* Synchronous API for ease of use.
* Asynchronous API for writing non-blocking, multithreaded clients.
You can mix both APIs freely.
* High performance.
* Minimal dependencies for the basic library.
*
2023 Mar 23
1
[libnbd PATCH v3 14/19] CONNECT_COMMAND.START: plug child process leak on error
A prior patch highlighted the following leak: when any construction step
fails in the parent after fork(), the child process is leaked.
We could plug the leak by inserting a new error handling section for
killing the child process and reaping it with waitpid(). However, it would
raise some new questions (what signal to send, ensure the child not ignore
that signal, hope that whatever process
2023 Jul 16
1
[libnbd PATCH] api: Fix block status assertion under set_strict bypass
A compliant server should not send NBD_REPLY_TYPE_BLOCK_STATUS unless
we successfully negotiated a meta context. And our default strictness
settings refuse to let us send NBD_CMD_BLOCK_STATUS unless we
negotiated a meta context. But when you mix non-default settings
(using nbd_set_strict to disable STRICT_COMMANDS) to send a block
status without having negotiated it, coupled with a non-compliant
2019 Sep 12
2
[libnbd PATCH] nbdsh: Add -b option to simplify h.block_status
We decided to not request the "base:allocation" context by default (if
a client wants to use block_status on a different context, then they'd
have to get any default request out of the way); however, block status
is useless without at least one meta context. This adds a convenience
knob for requesting that, and has the nice benefit of working with the
--connect command line option