All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Peter Xu <peterx@redhat.com>
Cc: Juan Quintela <quintela@redhat.com>,
	qemu-devel@nongnu.org,
	Leonardo Bras Soares Passos <lsoaresp@redhat.com>,
	"Dr . David Alan Gilbert" <dgilbert@redhat.com>
Subject: Re: [PATCH v4 14/19] migration: Add helpers to detect TLS capability
Date: Wed, 20 Apr 2022 12:10:14 +0100	[thread overview]
Message-ID: <Yl/qFmt09kIBmBM8@redhat.com> (raw)
In-Reply-To: <20220331150857.74406-15-peterx@redhat.com>

On Thu, Mar 31, 2022 at 11:08:52AM -0400, Peter Xu wrote:
> Add migrate_tls_enabled() to detect whether TLS is configured.
> 
> Add migrate_channel_requires_tls() to detect whether the specific channel
> requires TLS.
> 
> No functional change intended.
> 
> Signed-off-by: Peter Xu <peterx@redhat.com>
> ---
>  migration/channel.c   | 10 ++--------
>  migration/migration.c | 17 +++++++++++++++++
>  migration/migration.h |  4 ++++
>  migration/multifd.c   |  7 +------
>  4 files changed, 24 insertions(+), 14 deletions(-)
> 
> diff --git a/migration/channel.c b/migration/channel.c
> index c6a8dcf1d7..36e59eaeec 100644
> --- a/migration/channel.c
> +++ b/migration/channel.c
> @@ -38,10 +38,7 @@ void migration_channel_process_incoming(QIOChannel *ioc)
>      trace_migration_set_incoming_channel(
>          ioc, object_get_typename(OBJECT(ioc)));
>  
> -    if (s->parameters.tls_creds &&
> -        *s->parameters.tls_creds &&
> -        !object_dynamic_cast(OBJECT(ioc),
> -                             TYPE_QIO_CHANNEL_TLS)) {
> +    if (migrate_channel_requires_tls(ioc)) {
>          migration_tls_channel_process_incoming(s, ioc, &local_err);
>      } else {
>          migration_ioc_register_yank(ioc);
> @@ -71,10 +68,7 @@ void migration_channel_connect(MigrationState *s,
>          ioc, object_get_typename(OBJECT(ioc)), hostname, error);
>  
>      if (!error) {
> -        if (s->parameters.tls_creds &&
> -            *s->parameters.tls_creds &&
> -            !object_dynamic_cast(OBJECT(ioc),
> -                                 TYPE_QIO_CHANNEL_TLS)) {
> +        if (migrate_channel_requires_tls(ioc)) {
>              migration_tls_channel_connect(s, ioc, hostname, &error);
>  
>              if (!error) {
> diff --git a/migration/migration.c b/migration/migration.c
> index ee3df9e229..899084f993 100644
> --- a/migration/migration.c
> +++ b/migration/migration.c
> @@ -49,6 +49,7 @@
>  #include "trace.h"
>  #include "exec/target_page.h"
>  #include "io/channel-buffer.h"
> +#include "io/channel-tls.h"
>  #include "migration/colo.h"
>  #include "hw/boards.h"
>  #include "hw/qdev-properties.h"
> @@ -4251,6 +4252,22 @@ void migration_global_dump(Monitor *mon)
>                     ms->clear_bitmap_shift);
>  }
>  
> +bool migrate_tls_enabled(void)
> +{
> +    MigrationState *s = migrate_get_current();
> +
> +    return s->parameters.tls_creds && *s->parameters.tls_creds;
> +}
> +
> +bool migrate_channel_requires_tls(QIOChannel *ioc)
> +{
> +    if (!migrate_tls_enabled()) {

This is the only place migrate_tls_enabled is called. Does it
really need to exist as an exported method, as opposed to
inlining it here ?

> +        return false;
> +    }
> +
> +    return !object_dynamic_cast(OBJECT(ioc), TYPE_QIO_CHANNEL_TLS);
> +}
> +
>  #define DEFINE_PROP_MIG_CAP(name, x)             \
>      DEFINE_PROP_BOOL(name, MigrationState, enabled_capabilities[x], false)
>  
> diff --git a/migration/migration.h b/migration/migration.h
> index 6ee520642f..8b9ad7fe31 100644
> --- a/migration/migration.h
> +++ b/migration/migration.h
> @@ -436,6 +436,10 @@ bool migrate_use_events(void);
>  bool migrate_postcopy_blocktime(void);
>  bool migrate_background_snapshot(void);
>  bool migrate_postcopy_preempt(void);
> +/* Whether TLS is enabled for migration? */
> +bool migrate_tls_enabled(void);
> +/* Whether the QIO channel requires further TLS handshake? */
> +bool migrate_channel_requires_tls(QIOChannel *ioc);

How about having it in tls.{c,h} as  'migration_tls_channel_enabled()' ?

>  
>  /* Sending on the return path - generic and then for each message type */
>  void migrate_send_rp_shut(MigrationIncomingState *mis,
> diff --git a/migration/multifd.c b/migration/multifd.c
> index 9ea4f581e2..19e3c44491 100644
> --- a/migration/multifd.c
> +++ b/migration/multifd.c
> @@ -782,17 +782,12 @@ static bool multifd_channel_connect(MultiFDSendParams *p,
>                                      QIOChannel *ioc,
>                                      Error *error)
>  {
> -    MigrationState *s = migrate_get_current();
> -
>      trace_multifd_set_outgoing_channel(
>          ioc, object_get_typename(OBJECT(ioc)),
>          migrate_get_current()->hostname, error);
>  
>      if (!error) {
> -        if (s->parameters.tls_creds &&
> -            *s->parameters.tls_creds &&
> -            !object_dynamic_cast(OBJECT(ioc),
> -                                 TYPE_QIO_CHANNEL_TLS)) {
> +        if (migrate_channel_requires_tls(ioc)) {
>              multifd_tls_channel_connect(p, ioc, &error);
>              if (!error) {
>                  /*
> -- 
> 2.32.0
> 

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|



  reply	other threads:[~2022-04-20 11:27 UTC|newest]

Thread overview: 54+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-31 15:08 [PATCH v4 00/19] migration: Postcopy Preemption Peter Xu
2022-03-31 15:08 ` [PATCH v4 01/19] migration: Postpone releasing MigrationState.hostname Peter Xu
2022-04-07 17:21   ` Dr. David Alan Gilbert
2022-04-20 10:34   ` Daniel P. Berrangé
2022-04-20 18:19     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 02/19] migration: Drop multifd tls_hostname cache Peter Xu
2022-04-07 17:42   ` Dr. David Alan Gilbert
2022-04-20 10:35   ` Daniel P. Berrangé
2022-03-31 15:08 ` [PATCH v4 03/19] migration: Add pss.postcopy_requested status Peter Xu
2022-04-20 10:36   ` Daniel P. Berrangé
2022-03-31 15:08 ` [PATCH v4 04/19] migration: Move migrate_allow_multifd and helpers into migration.c Peter Xu
2022-04-20 10:41   ` Daniel P. Berrangé
2022-04-20 19:30     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 05/19] migration: Export ram_load_postcopy() Peter Xu
2022-04-20 10:42   ` Daniel P. Berrangé
2022-03-31 15:08 ` [PATCH v4 06/19] migration: Move channel setup out of postcopy_try_recover() Peter Xu
2022-04-20 10:43   ` Daniel P. Berrangé
2022-03-31 15:08 ` [PATCH v4 07/19] migration: Allow migrate-recover to run multiple times Peter Xu
2022-04-20 10:44   ` Daniel P. Berrangé
2022-03-31 15:08 ` [PATCH v4 08/19] migration: Add postcopy-preempt capability Peter Xu
2022-04-20 10:51   ` Daniel P. Berrangé
2022-04-20 19:31     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 09/19] migration: Postcopy preemption preparation on channel creation Peter Xu
2022-04-20 10:59   ` Daniel P. Berrangé
2022-03-31 15:08 ` [PATCH v4 10/19] migration: Postcopy preemption enablement Peter Xu
2022-04-20 11:05   ` Daniel P. Berrangé
2022-04-20 19:39     ` Peter Xu
2022-05-11 15:54   ` manish.mishra
2022-05-12 16:22     ` Peter Xu
2022-05-13 18:53       ` manish.mishra
2022-05-13 19:31         ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 11/19] migration: Postcopy recover with preempt enabled Peter Xu
2022-03-31 15:08 ` [PATCH v4 12/19] migration: Create the postcopy preempt channel asynchronously Peter Xu
2022-03-31 15:08 ` [PATCH v4 13/19] migration: Parameter x-postcopy-preempt-break-huge Peter Xu
2022-03-31 15:08 ` [PATCH v4 14/19] migration: Add helpers to detect TLS capability Peter Xu
2022-04-20 11:10   ` Daniel P. Berrangé [this message]
2022-04-20 19:52     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 15/19] migration: Export tls-[creds|hostname|authz] params to cmdline too Peter Xu
2022-04-20 11:13   ` Daniel P. Berrangé
2022-04-20 20:01     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 16/19] migration: Enable TLS for preempt channel Peter Xu
2022-04-20 11:35   ` Daniel P. Berrangé
2022-04-20 20:10     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 17/19] tests: Add postcopy tls migration test Peter Xu
2022-04-20 11:39   ` Daniel P. Berrangé
2022-04-20 20:15     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 18/19] tests: Add postcopy tls recovery " Peter Xu
2022-04-20 11:42   ` Daniel P. Berrangé
2022-04-20 20:38     ` Peter Xu
2022-03-31 15:08 ` [PATCH v4 19/19] tests: Add postcopy preempt tests Peter Xu
2022-03-31 15:25   ` Peter Xu
2022-04-20 11:43   ` Daniel P. Berrangé
2022-04-20 20:51     ` Peter Xu
2022-04-21 13:57 ` [PATCH v4 00/19] migration: Postcopy Preemption Dr. David Alan Gilbert

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Yl/qFmt09kIBmBM8@redhat.com \
    --to=berrange@redhat.com \
    --cc=dgilbert@redhat.com \
    --cc=lsoaresp@redhat.com \
    --cc=peterx@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=quintela@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.