[libvirt] [Qemu-devel] NBD TLS support in QEMU
Stefan Hajnoczi
stefanha at gmail.com
Fri Sep 5 12:21:52 UTC 2014
On Fri, Sep 05, 2014 at 12:02:18AM +0200, Wouter Verhelst wrote:
> [Cc: to nbd-general list added]
>
> On Wed, Sep 03, 2014 at 05:44:17PM +0100, Stefan Hajnoczi wrote:
> > Besides QEMU, the userspace NBD tools (http://nbd.sf.net/) can also be
> > extended to support TLS. In this case the kernel needs a localhost
> > socket and userspace handles TLS.
>
> That introduces a possibility for a deadlock, since now your network
> socket isn't on the PF_MEMALLOC-protected socket anymore, which will
> cause the kernel to throw away packets which are needed for your nbd
> connection, in hopes of clearing some memory.
Understood but there are plenty of use cases where this doesn't matter.
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140905/4846c76a/attachment-0001.sig>
More information about the libvir-list
mailing list