On Thu, Apr 26, 2018 at 04:51:49PM +0200, Peter Krempa wrote:
> Since libvirt is currently not able to setup the NBD migration stream
> secured by TLS we should not allow such migration since data would be
> transferred unencrypted.
>
> This will break compatibility of TLS migration if non-shared storage is
> requested but the security implications are more severe.
>
> Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
> ---
> src/qemu/qemu_migration.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
IIUC, this doesn't actually require the 3 previous patches and can be
pushed on its own - we should push for this immediate release.
>
> diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
> index 3b5ba4f0a1..24ef819738 100644
> --- a/src/qemu/qemu_migration.c
> +++ b/src/qemu/qemu_migration.c
> @@ -3352,6 +3352,15 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
> if (migrate_flags & (QEMU_MONITOR_MIGRATE_NON_SHARED_DISK |
> QEMU_MONITOR_MIGRATE_NON_SHARED_INC)) {
> if (mig->nbd) {
> + /* Currently libvirt does not support setting up of the NBD
> + * non-shared storage migration with TLS. As we need to honour the
> + * VIR_MIGRATE_TLS flag, we need to reject such migration. */
> + if (flags & VIR_MIGRATE_TLS) {
> + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
> + _("NBD migration with TLS is not supported"));
> + goto error;
> + }
> +
> /* This will update migrate_flags on success */
> if (qemuMigrationSrcDriveMirror(driver, vm, mig,
> spec->dest.host.name,
> --
> 2.16.2
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
