From nobody Wed May 14 10:14:19 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1524754725776893.5398820865374;
 Thu, 26 Apr 2018 07:58:45 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com
 [10.5.11.24])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id A9AC85F742;
	Thu, 26 Apr 2018 14:58:43 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 6FE10314EE62;
	Thu, 26 Apr 2018 14:58:43 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id EC7B8180596E;
	Thu, 26 Apr 2018 14:58:42 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
	[10.11.54.4])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w3QEq3kL007760 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 26 Apr 2018 10:52:03 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id E9296202323D; Thu, 26 Apr 2018 14:52:02 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 520ED202323B;
	Thu, 26 Apr 2018 14:52:02 +0000 (UTC)
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 26 Apr 2018 16:51:49 +0200
Message-Id: 
 <98830abb94db16c215a2aa9f7da02a422bbcc324.1524754194.git.pkrempa@redhat.com>
In-Reply-To: <cover.1524754194.git.pkrempa@redhat.com>
References: <cover.1524754194.git.pkrempa@redhat.com>
In-Reply-To: <cover.1524754194.git.pkrempa@redhat.com>
References: <cover.1524754194.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [RFC PATCH 4/4] qemu: migration: Forbid 'nbd' migration
	of non-shared storage if TLS is requested
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]);
 Thu, 26 Apr 2018 14:58:44 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Since libvirt is currently not able to setup the NBD migration stream
secured by TLS we should not allow such migration since data would be
transferred unencrypted.

This will break compatibility of TLS migration if non-shared storage is
requested but the security implications are more severe.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/qemu/qemu_migration.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 3b5ba4f0a1..24ef819738 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -3352,6 +3352,15 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
     if (migrate_flags & (QEMU_MONITOR_MIGRATE_NON_SHARED_DISK |
                          QEMU_MONITOR_MIGRATE_NON_SHARED_INC)) {
         if (mig->nbd) {
+            /* Currently libvirt does not support setting up of the NBD
+             * non-shared storage migration with TLS. As we need to honour=
 the
+             * VIR_MIGRATE_TLS flag, we need to reject such migration. */
+            if (flags & VIR_MIGRATE_TLS) {
+                virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+                               _("NBD migration with TLS is not supported"=
));
+                goto error;
+            }
+
             /* This will update migrate_flags on success */
             if (qemuMigrationSrcDriveMirror(driver, vm, mig,
                                             spec->dest.host.name,
--=20
2.16.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list