[Qemu-devel] [PATCH v3 0/2] migration: fixes to handling tls-hostname/tls-creds

[Qemu-devel] [PATCH v3 0/2] migration: fixes to handling tls-hostname/tls-creds

[Daniel P. Berrange]

The need for these two patches was identified during implementation  of
TLS encrypted migration in libvirt.

Changed in v3:

 - Add to qapi-schema.json docs

Daniel P. Berrange (2):
  migration: allow clearing migration string parameters
  migration: always report tls-creds & tls-hostname migrate parameters

 migration/migration.c | 22 ++++++++++++++++------
 qapi-schema.json      |  8 +++++++-
 2 files changed, 23 insertions(+), 7 deletions(-)

-- 
2.9.3

[Qemu-devel] [PATCH v3 1/2] migration: allow clearing migration string parameters

[Daniel P. Berrange]

Some of the migration parameters are strings, which default to NULL,
eg tls-hostname and tls-creds.

The mgmt app will set the tls-creds parameter on both source and target
QEMU instances, in order to trigger use of TLS for migration.

After performing a TLS encrypted migration though, migration might be
used for other reasons - for example, to save the QEMU state to a file.
We need TLS turned off when doing this, but the migrate-set-parameters
QAPI command does not provide any facility to clear/reset parameters
to their default state.

If you simply omit the tls_creds parameter in migrate-set-parameters,
then 'has_tls_creds' will be false and so no action will be taken. JSON
allows a parameter to have a nil value, but the QEMU JSON visitor will
reject that when deserializing into a QObject.

The migration code has no need to distinguish "" vs NULL for the TLS
hostname or TLS credentials object name, since "" is invalid in both
cases. This enables clearing of tls-hostname and tls-creds by
treating "" as equivalent to NULL.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 migration/migration.c | 12 ++++++++++--
 qapi-schema.json      |  4 ++++
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/migration/migration.c b/migration/migration.c
index c6ae69d..a8cb56e 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -872,11 +872,19 @@ void qmp_migrate_set_parameters(MigrationParameters *params, Error **errp)
     }
     if (params->has_tls_creds) {
         g_free(s->parameters.tls_creds);
-        s->parameters.tls_creds = g_strdup(params->tls_creds);
+        if (*params->tls_creds == '\0') {
+            s->parameters.tls_creds = NULL;
+        } else {
+            s->parameters.tls_creds = g_strdup(params->tls_creds);
+        }
     }
     if (params->has_tls_hostname) {
         g_free(s->parameters.tls_hostname);
-        s->parameters.tls_hostname = g_strdup(params->tls_hostname);
+        if (*params->tls_hostname == '\0') {
+            s->parameters.tls_hostname = NULL;
+        } else {
+            s->parameters.tls_hostname = g_strdup(params->tls_hostname);
+        }
     }
     if (params->has_max_bandwidth) {
         s->parameters.max_bandwidth = params->max_bandwidth;
diff --git a/qapi-schema.json b/qapi-schema.json
index 150ee98..d1df9a4 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1036,6 +1036,8 @@
 #             credentials must be for a 'server' endpoint. Setting this
 #             will enable TLS for all migrations. The default is unset,
 #             resulting in unsecured migration at the QEMU level. (Since 2.7)
+#             An empty string means that QEMU will use plain text mode for
+#             migration, rather than TLS (Since 2.9)
 #
 # @tls-hostname: #optional hostname of the target host for the migration. This
 #                is required when using x509 based TLS credentials and the
@@ -1043,6 +1045,8 @@
 #                example if using fd: or exec: based migration, the
 #                hostname must be provided so that the server's x509
 #                certificate identity can be validated. (Since 2.7)
+#                An empty string means that QEMU will use the hostname
+#                associated with the migration URI, if any. (Since 2.9)
 #
 # @max-bandwidth: to set maximum speed for migration. maximum speed in
 #                 bytes per second. (Since 2.8)
-- 
2.9.3

[Qemu-devel] [PATCH v3 2/2] migration: always report tls-creds & tls-hostname migrate parameters

[Daniel P. Berrange]

Currently the query-migrate-parameters command will omit reporting
of the tls-creds & tls-hostname parameters if their value is NULL.
This makes it impossible for an app to detect if these parameters
are supported by QEMU, without trying to actually set them and
catching the error. Since the code is treating "" and NULL as
equivalent, we can simply always report these values and give them
a value of "". This allows apps like libvirt to detect the fact
that these parameters are supported by QEMU.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 migration/migration.c | 10 ++++++----
 qapi-schema.json      |  4 +++-
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/migration/migration.c b/migration/migration.c
index a8cb56e..760f104 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -581,10 +581,12 @@ MigrationParameters *qmp_query_migrate_parameters(Error **errp)
     params->cpu_throttle_initial = s->parameters.cpu_throttle_initial;
     params->has_cpu_throttle_increment = true;
     params->cpu_throttle_increment = s->parameters.cpu_throttle_increment;
-    params->has_tls_creds = !!s->parameters.tls_creds;
-    params->tls_creds = g_strdup(s->parameters.tls_creds);
-    params->has_tls_hostname = !!s->parameters.tls_hostname;
-    params->tls_hostname = g_strdup(s->parameters.tls_hostname);
+    params->has_tls_creds = true;
+    params->tls_creds = g_strdup(s->parameters.tls_creds ?
+                                 s->parameters.tls_creds : "");
+    params->has_tls_hostname = true;
+    params->tls_hostname = g_strdup(s->parameters.tls_hostname ?
+                                    s->parameters.tls_hostname : "");
     params->has_max_bandwidth = true;
     params->max_bandwidth = s->parameters.max_bandwidth;
     params->has_downtime_limit = true;
diff --git a/qapi-schema.json b/qapi-schema.json
index d1df9a4..7d046c3 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1089,7 +1089,9 @@
 #          "compress-level": 1,
 #          "cpu-throttle-initial": 20,
 #          "max-bandwidth": 33554432,
-#          "downtime-limit": 300
+#          "downtime-limit": 300,
+#          "tls-creds": "tls0",
+#          "tls-hostname": ""
 #       }
 #    }
 #
-- 
2.9.3

Re: [Qemu-devel] [PATCH for-2.9 v3 0/2] migration: fixes to handling tls-hostname/tls-creds

[Eric Blake]

[-- Attachment #1: Type: text/plain, Size: 828 bytes --]

On 03/02/2017 10:19 AM, Daniel P. Berrange wrote:
> The need for these two patches was identified during implementation  of
> TLS encrypted migration in libvirt.
> 
> Changed in v3:
> 
>  - Add to qapi-schema.json docs
> 
> Daniel P. Berrange (2):
>   migration: allow clearing migration string parameters
>   migration: always report tls-creds & tls-hostname migrate parameters
> 
>  migration/migration.c | 22 ++++++++++++++++------
>  qapi-schema.json      |  8 +++++++-
>  2 files changed, 23 insertions(+), 7 deletions(-)

The discoverability of whether "" works is not visible in introspection,
but reporting "" on output helps.  For the series:

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]