[libvirt] [RFC PATCH 4/4] qemu: migration: Forbid 'nbd' migration of non-shared storage if TLS is requested

Kashyap Chamarthy kchamart at redhat.com
Fri Apr 27 09:43:31 UTC 2018 

On Thu, Apr 26, 2018 at 04:51:49PM +0200, Peter Krempa wrote:
> Since libvirt is currently not able to setup the NBD migration stream
> secured by TLS we should not allow such migration since data would be
> transferred unencrypted.
> 
> This will break compatibility of TLS migration if non-shared storage is
> requested but the security implications are more severe.
> 
> Signed-off-by: Peter Krempa <pkrempa at redhat.com>
> ---
>  src/qemu/qemu_migration.c | 9 +++++++++
>  1 file changed, 9 insertions(+)
> 
> diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
> index 3b5ba4f0a1..24ef819738 100644
> --- a/src/qemu/qemu_migration.c
> +++ b/src/qemu/qemu_migration.c
> @@ -3352,6 +3352,15 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
>      if (migrate_flags & (QEMU_MONITOR_MIGRATE_NON_SHARED_DISK |
>                           QEMU_MONITOR_MIGRATE_NON_SHARED_INC)) {
>          if (mig->nbd) {
> +            /* Currently libvirt does not support setting up of the NBD
> +             * non-shared storage migration with TLS. As we need to honour the
> +             * VIR_MIGRATE_TLS flag, we need to reject such migration. */

You might want to reword the last sentence to be explicitly clear that:
"... reject such migration until TLS for NBD streams is implemented."

Or something like that.  Your choice.

>From what I understand, what you are saying is -- today if one sets
VIR_MIGRATE_TLS flag, then libvirt will use TLS for the migration stream
but not for the NBD stream via which non-shared disks will be migrated.
You are fixing that inconsistency.

> +            if (flags & VIR_MIGRATE_TLS) {
> +                virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
> +                               _("NBD migration with TLS is not supported"));
> +                goto error;
> +            }
> +
>              /* This will update migrate_flags on success */
>              if (qemuMigrationSrcDriveMirror(driver, vm, mig,
>                                              spec->dest.host.name,
> -- 
> 2.16.2
> 
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list

-- 
/kashyap

More information about the libvir-list mailing list