[libvirt] [PATCH v3 4/7] qemu: Add TLS params to _qemuMonitorMigrationParams
John Ferlan
jferlan at redhat.com
Wed Mar 22 22:46:36 UTC 2017
On 03/22/2017 12:26 PM, Jiri Denemark wrote:
> On Fri, Mar 17, 2017 at 14:38:58 -0400, John Ferlan wrote:
>> Add the fields to support setting tls-creds and tls-hostname during
>> a migration (either source or target). Modify the query migration
>> function to check for the presence and set the field for future
>> consumers to determine which of 3 conditions is being met (not
>> present, present and set to "", or present and sent to something).
>>
>> Modify code paths that either allocate or use stack space in order
>> to call qemuMigrationParamsClear or qemuMigrationParamsFree for cleanup.
>>
>> Signed-off-by: John Ferlan <jferlan at redhat.com>
>> ---
>> src/qemu/qemu_driver.c | 4 +++-
>> src/qemu/qemu_migration.c | 26 +++++++++++++++++++++++++-
>> src/qemu/qemu_migration.h | 6 ++++++
>> src/qemu/qemu_monitor.c | 11 ++++++++---
>> src/qemu/qemu_monitor.h | 3 +++
>> src/qemu/qemu_monitor_json.c | 28 ++++++++++++++++++++++++++++
>> tests/qemumonitorjsontest.c | 25 ++++++++++++++++++++++++-
>> 7 files changed, 97 insertions(+), 6 deletions(-)
> ...
>> diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
>> index f5711bc..66a5062 100644
>> --- a/src/qemu/qemu_migration.c
>> +++ b/src/qemu/qemu_migration.c
>> @@ -3508,6 +3508,28 @@ qemuMigrationSetCompression(virQEMUDriverPtr driver,
>> }
>>
>>
>> +void
>> +qemuMigrationParamsClear(qemuMonitorMigrationParamsPtr migParams)
>> +{
>> + if (!migParams)
>> + return;
>> +
>> + VIR_FREE(migParams->migrateTLSAlias);
>> + VIR_FREE(migParams->migrateTLSHostname);
>> +}
>> +
>> +
>> +void
>> +qemuMigrationParamsFree(qemuMonitorMigrationParamsPtr *migParams)
>
> Our *Free functions don't usually get double pointers.
>
True, but that's not necessarily a correct approach *and* we've been
bitten by use after free before too. Since the VIR_FREE() operates on a
local variable, only this function would see migParams being set to NULL
- the caller though would not see that and thus (as in other cases) we
are forced to place a migParams = NULL; after a vir*Free() call. I
prefer this mechanism and quite frankly would like to see other
vir*Free() functions follow this, but I don't have the time or desire to
write that pile of patches.
>> +{
>> + if (!*migParams)
>> + return;
>> +
>> + qemuMigrationParamsClear(*migParams);
>> + VIR_FREE(*migParams);
>> +}
>> +
>> +
>> qemuMonitorMigrationParamsPtr
>> qemuMigrationParams(virTypedParameterPtr params,
>> int nparams,
> ...
>> diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
>> index 553544a..125cc6a 100644
>> --- a/src/qemu/qemu_monitor_json.c
>> +++ b/src/qemu/qemu_monitor_json.c
> ...
>> @@ -2595,6 +2596,21 @@ qemuMonitorJSONGetMigrationParams(qemuMonitorPtr mon,
>>
>> #undef PARSE
>>
>> + /* NB: First supported in QEMU 2.7; however, there was no way to
>> + * clear, so 2.9 altered the definition to allow using an empty string
>> + * to disable. Additionally, it defined the variable to an empty string
>> + * by default if not defined ever. Use this as our marker to determine
>> + * whether TLS can be supported or not. */
>
> This comment could make some sense in the commit message (unlike
> describing which paths are changed by the patch), but I don't think it's
> any useful here. Describing that NULL means unsupported and "" means
> unset would be enough I think. And even better if this is documented
> inside struct _qemuMonitorMigrationParams.
>
I didn't want to see it lost as it's a really important distinction. I
will move into the struct. I disagree about having stuff like this in a
commit message. When I'm reading code - I'm not reading it as part of a
commit message, I'm reading it literally. The one concern I'd have
about moving it to the struct is someone not reading it...
John
>> + if ((tlsStr = virJSONValueObjectGetString(result, "tls-creds"))) {
>> + if (VIR_STRDUP(params->migrateTLSAlias, tlsStr) < 0)
>> + goto cleanup;
>> + }
>> +
>> + if ((tlsStr = virJSONValueObjectGetString(result, "tls-hostname"))) {
>> + if (VIR_STRDUP(params->migrateTLSHostname, tlsStr) < 0)
>> + goto cleanup;
>> + }
>> +
>> ret = 0;
>> cleanup:
>> virJSONValueFree(cmd);
>> @@ -2637,6 +2653,18 @@ qemuMonitorJSONSetMigrationParams(qemuMonitorPtr mon,
>>
>> #undef APPEND
>>
>> + /* See query, value will be either NULL, "", or something valid.
>> + * NULL will indicate no support, while "" will indicate to disable */
>
> Yeah, this is what I was thinking about (except for the "See query"
> part). And I still think it would make sense to move it to struct
> _qemuMonitorMigrationParams.
>
>> + if (params->migrateTLSAlias &&
>> + virJSONValueObjectAppendString(args, "tls-creds",
>> + params->migrateTLSAlias) < 0)
>> + goto cleanup;
>> +
>> + if (params->migrateTLSHostname &&
>> + virJSONValueObjectAppendString(args, "tls-hostname",
>> + params->migrateTLSHostname) < 0)
>> + goto cleanup;
>> +
>> if (virJSONValueObjectAppend(cmd, "arguments", args) < 0)
>> goto cleanup;
>> args = NULL;
>
> Jirka
>
More information about the libvir-list
mailing list