From 253304c9305d0dd137247f652aa927211ba3ea7a Mon Sep 17 00:00:00 2001 From: Vanient Date: Thu, 17 Nov 2022 10:39:32 +0800 Subject: [PATCH] kata-runtime:add timeout for all qmp commands reason:If qemu process is blocked for some reasons, qmp command call will block without return, which causes kata command blocked. So we add timeout for all qmp commands. Signed-off-by: Vanient (cherry picked from commit 6cd19b02356a600d022814f5eeee96b599b6c1c8) --- kata-containers.spec | 8 +++- ...ime-add-timeout-for-all-qmp-commands.patch | 48 +++++++++++++++++++ runtime/series.conf | 1 + 3 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 runtime/patches/0097-kata-runtime-add-timeout-for-all-qmp-commands.patch diff --git a/kata-containers.spec b/kata-containers.spec index f2cc1f7..128e29c 100644 --- a/kata-containers.spec +++ b/kata-containers.spec @@ -2,7 +2,7 @@ %global debug_package %{nil} %define VERSION 1.11.1 -%define RELEASE 24 +%define RELEASE 25 Name: kata-containers Version: %{VERSION} @@ -98,6 +98,12 @@ install -p -m 640 -D ./runtime/cli/config/configuration-qemu.toml %{buildroot}/u %doc %changelog +* Thu Nov 17 2022 Vanient - 1.11.1-25 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:add timeout for all qmp commands + * Mon Sep 12 2022 Vanient - 1.11.1-24 - Type:bugfix - CVE:NA diff --git a/runtime/patches/0097-kata-runtime-add-timeout-for-all-qmp-commands.patch b/runtime/patches/0097-kata-runtime-add-timeout-for-all-qmp-commands.patch new file mode 100644 index 0000000..f6c4d86 --- /dev/null +++ b/runtime/patches/0097-kata-runtime-add-timeout-for-all-qmp-commands.patch @@ -0,0 +1,48 @@ +From d28dd8fd6f57a0d42b41f7d12adc248a9911093e Mon Sep 17 00:00:00 2001 +From: Vanient +Date: Wed, 2 Nov 2022 16:32:12 +0800 +Subject: [PATCH] [Huawei]kata-runtime:add timeout for all qmp commands + +If qemu process is blocked for some reasons, qmp command call +will block without return, which causes kata command blocked. +So we add timeout for all qmp commands. + +Signed-off-by: Vanient +--- + vendor/github.com/intel/govmm/qemu/qmp.go | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/vendor/github.com/intel/govmm/qemu/qmp.go b/vendor/github.com/intel/govmm/qemu/qmp.go +index 1d6d9c6..97aff4a 100644 +--- a/vendor/github.com/intel/govmm/qemu/qmp.go ++++ b/vendor/github.com/intel/govmm/qemu/qmp.go +@@ -33,6 +33,8 @@ import ( + "strings" + ) + ++const qmpCommandTimeout = 30 * time.Second ++ + // QMPLog is a logging interface used by the qemu package to log various + // interesting pieces of information. Rather than introduce a dependency + // on a given logging package, qemu presents this interface that allows +@@ -625,8 +627,17 @@ func startQMPLoop(conn io.ReadWriteCloser, cfg QMPConfig, + return q + } + ++func FixMissingTimeout(ctx context.Context) (context.Context, func()) { ++ if _, ok := ctx.Deadline(); ok { ++ return ctx, func() {} ++ } ++ return context.WithTimeout(ctx, qmpCommandTimeout) ++} ++ + func (q *QMP) executeCommandWithResponse(ctx context.Context, name string, args map[string]interface{}, + oob []byte, filter *qmpEventFilter) (interface{}, error) { ++ ctx, cancel := FixMissingTimeout(ctx) ++ defer cancel() + var err error + var response interface{} + resCh := make(chan qmpResult) +-- +2.27.0 + diff --git a/runtime/series.conf b/runtime/series.conf index d3de2f6..fb1cefb 100644 --- a/runtime/series.conf +++ b/runtime/series.conf @@ -94,3 +94,4 @@ 0094-kata-runtime-fix-update-iface-clean-NIC-cause-route-.patch 0095-kata-runtime-fix-qemu-process-resource-resi.patch 0096-kata-containers-Move-from-query-cpus-to-query-cpus-f.patch +0097-kata-runtime-add-timeout-for-all-qmp-commands.patch -- Gitee