From: "Daniel P. Berrangé" <berrange@redhat.com>
To: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
Cc: "Peter Xu" <peterx@redhat.com>, "Fabiano Rosas" <farosas@suse.de>,
"Alex Williamson" <alex.williamson@redhat.com>,
"Cédric Le Goater" <clg@redhat.com>,
"Eric Blake" <eblake@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Avihai Horon" <avihaih@nvidia.com>,
"Joao Martins" <joao.m.martins@oracle.com>,
qemu-devel@nongnu.org
Subject: Re: [PATCH v4 07/33] io: tls: Allow terminating the TLS session gracefully with EOF
Date: Tue, 4 Feb 2025 16:14:33 +0000 [thread overview]
Message-ID: <Z6I86e-hzJAlxk0r@redhat.com> (raw)
In-Reply-To: <493dd3bc-8a3d-4b3c-8eea-08e674c38f40@maciej.szmigiero.name>
On Tue, Feb 04, 2025 at 05:02:23PM +0100, Maciej S. Szmigiero wrote:
> On 4.02.2025 16:15, Daniel P. Berrangé wrote:
> > On Thu, Jan 30, 2025 at 11:08:28AM +0100, Maciej S. Szmigiero wrote:
> > > From: "Maciej S. Szmigiero" <maciej.szmigiero@oracle.com>
> > >
> > > Currently, hitting EOF on receive without sender terminating the TLS
> > > session properly causes the TLS channel to return an error (unless
> > > the channel was already shut down for read).
> > >
> > > Add an optional setting whether we instead just return EOF in that
> > > case.
> > >
> > > This possibility will be soon used by the migration multifd code.
> > >
> > > Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
> > > ---
> > > include/io/channel-tls.h | 11 +++++++++++
> > > io/channel-tls.c | 6 ++++++
> > > 2 files changed, 17 insertions(+)
> > >
> > > diff --git a/include/io/channel-tls.h b/include/io/channel-tls.h
> > > index 26c67f17e2d3..8552c0d0266e 100644
> > > --- a/include/io/channel-tls.h
> > > +++ b/include/io/channel-tls.h
> > > @@ -49,6 +49,7 @@ struct QIOChannelTLS {
> > > QCryptoTLSSession *session;
> > > QIOChannelShutdown shutdown;
> > > guint hs_ioc_tag;
> > > + bool premature_eof_okay;
> > > };
> > > /**
> > > @@ -143,4 +144,14 @@ void qio_channel_tls_handshake(QIOChannelTLS *ioc,
> > > QCryptoTLSSession *
> > > qio_channel_tls_get_session(QIOChannelTLS *ioc);
> > > +/**
> > > + * qio_channel_tls_set_premature_eof_okay:
> > > + * @ioc: the TLS channel object
> > > + *
> > > + * Sets whether receiving an EOF without terminating the TLS session properly
> > > + * by used the other side is considered okay or an error (the
> > > + * default behaviour).
> > > + */
> > > +void qio_channel_tls_set_premature_eof_okay(QIOChannelTLS *ioc, bool enabled);
> > > +
> > > #endif /* QIO_CHANNEL_TLS_H */
> > > diff --git a/io/channel-tls.c b/io/channel-tls.c
> > > index aab630e5ae32..1079d6d10de1 100644
> > > --- a/io/channel-tls.c
> > > +++ b/io/channel-tls.c
> > > @@ -147,6 +147,11 @@ qio_channel_tls_new_client(QIOChannel *master,
> > > return NULL;
> > > }
> > > +void qio_channel_tls_set_premature_eof_okay(QIOChannelTLS *ioc, bool enabled)
> > > +{
> > > + ioc->premature_eof_okay = enabled;
> > > +}
> > > +
> > > struct QIOChannelTLSData {
> > > QIOTask *task;
> > > GMainContext *context;
> > > @@ -279,6 +284,7 @@ static ssize_t qio_channel_tls_readv(QIOChannel *ioc,
> > > tioc->session,
> > > iov[i].iov_base,
> > > iov[i].iov_len,
> > > + tioc->premature_eof_okay ||
> > > qatomic_load_acquire(&tioc->shutdown) & QIO_CHANNEL_SHUTDOWN_READ,
> > > errp);
> > > if (ret == QCRYPTO_TLS_SESSION_ERR_BLOCK) {
> >
> > IMHO a better way to do this is by defining an new flag for use with
> > the qio_channel_readv_full() method. That makes the ignoring of
> > premature shutdown a contextually scoped behaviour rather than a
> > global behaviour.
>
> Something named like QIO_CHANNEL_READ_FLAG_TLS_EARLY_EOF_OKAY?
Since the flags are defined at the non-TLS layer in the API, I would
pick "QIO_CHANNEL_READ_RELAXED_EOF", as it could conceptually make
sense to other layered channel protocols beyond TLS, even if we only
ever implement it for TLS.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2025-02-04 16:15 UTC|newest]
Thread overview: 137+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-30 10:08 [PATCH v4 00/33] Multifd 🔀 device state transfer support with VFIO consumer Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 01/33] migration: Clarify that {load, save}_cleanup handlers can run without setup Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 02/33] thread-pool: Remove thread_pool_submit() function Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 03/33] thread-pool: Rename AIO pool functions to *_aio() and data types to *Aio Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 04/33] thread-pool: Implement generic (non-AIO) pool support Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 05/33] migration: Add MIG_CMD_SWITCHOVER_START and its load handler Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 06/33] migration: Add qemu_loadvm_load_state_buffer() and its handler Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 07/33] io: tls: Allow terminating the TLS session gracefully with EOF Maciej S. Szmigiero
2025-02-04 15:15 ` Daniel P. Berrangé
2025-02-04 16:02 ` Maciej S. Szmigiero
2025-02-04 16:14 ` Daniel P. Berrangé [this message]
2025-02-04 18:25 ` Maciej S. Szmigiero
2025-02-06 21:53 ` Peter Xu
2025-01-30 10:08 ` [PATCH v4 08/33] migration/multifd: Allow premature EOF on TLS incoming channels Maciej S. Szmigiero
2025-02-03 18:20 ` Peter Xu
2025-02-03 18:53 ` Maciej S. Szmigiero
2025-02-03 20:20 ` Peter Xu
2025-02-03 21:41 ` Maciej S. Szmigiero
2025-02-03 22:56 ` Peter Xu
2025-02-04 13:51 ` Fabiano Rosas
2025-02-04 14:39 ` Maciej S. Szmigiero
2025-02-04 15:00 ` Fabiano Rosas
2025-02-04 15:10 ` Maciej S. Szmigiero
2025-02-04 15:31 ` Peter Xu
2025-02-04 15:39 ` Daniel P. Berrangé
2025-02-05 19:09 ` Fabiano Rosas
2025-02-05 20:42 ` Fabiano Rosas
2025-02-05 20:55 ` Maciej S. Szmigiero
2025-02-06 14:13 ` Fabiano Rosas
2025-02-06 14:53 ` Maciej S. Szmigiero
2025-02-06 15:20 ` Fabiano Rosas
2025-02-06 16:01 ` Maciej S. Szmigiero
2025-02-06 17:32 ` Fabiano Rosas
2025-02-06 17:55 ` Maciej S. Szmigiero
2025-02-06 21:51 ` Peter Xu
2025-02-07 13:17 ` Fabiano Rosas
2025-02-07 14:04 ` Peter Xu
2025-02-07 14:16 ` Fabiano Rosas
2025-02-05 21:13 ` Peter Xu
2025-02-06 14:19 ` Fabiano Rosas
2025-02-04 15:10 ` Daniel P. Berrangé
2025-02-04 15:08 ` Daniel P. Berrangé
2025-02-04 16:02 ` Peter Xu
2025-02-04 16:12 ` Daniel P. Berrangé
2025-02-04 16:29 ` Peter Xu
2025-02-04 18:25 ` Fabiano Rosas
2025-02-04 19:34 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 09/33] migration: postcopy_ram_listen_thread() needs to take BQL for some calls Maciej S. Szmigiero
2025-02-02 2:06 ` Dr. David Alan Gilbert
2025-02-02 11:55 ` Maciej S. Szmigiero
2025-02-02 12:45 ` Dr. David Alan Gilbert
2025-02-03 13:57 ` Maciej S. Szmigiero
2025-02-03 19:58 ` Peter Xu
2025-02-03 20:15 ` Maciej S. Szmigiero
2025-02-03 20:36 ` Peter Xu
2025-02-03 21:41 ` Maciej S. Szmigiero
2025-02-03 23:02 ` Peter Xu
2025-02-04 14:57 ` Maciej S. Szmigiero
2025-02-04 15:39 ` Peter Xu
2025-02-04 19:32 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 10/33] error: define g_autoptr() cleanup function for the Error type Maciej S. Szmigiero
2025-02-03 20:53 ` Peter Xu
2025-02-03 21:13 ` Daniel P. Berrangé
2025-02-03 21:51 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 11/33] migration: Add thread pool of optional load threads Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 12/33] migration/multifd: Split packet into header and RAM data Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 13/33] migration/multifd: Device state transfer support - receive side Maciej S. Szmigiero
2025-02-03 21:27 ` Peter Xu
2025-02-03 22:18 ` Maciej S. Szmigiero
2025-02-03 22:59 ` Peter Xu
2025-02-04 14:40 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 14/33] migration/multifd: Make multifd_send() thread safe Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 15/33] migration/multifd: Add an explicit MultiFDSendData destructor Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 16/33] migration/multifd: Device state transfer support - send side Maciej S. Szmigiero
2025-02-03 21:47 ` Peter Xu
2025-01-30 10:08 ` [PATCH v4 17/33] migration/multifd: Make MultiFDSendData a struct Maciej S. Szmigiero
2025-02-07 14:36 ` Fabiano Rosas
2025-02-07 19:43 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 18/33] migration/multifd: Add multifd_device_state_supported() Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 19/33] migration: Add save_live_complete_precopy_thread handler Maciej S. Szmigiero
2025-02-04 17:54 ` Peter Xu
2025-02-04 19:32 ` Maciej S. Szmigiero
2025-02-04 20:34 ` Peter Xu
2025-02-05 11:53 ` Maciej S. Szmigiero
2025-02-05 15:55 ` Peter Xu
2025-02-06 11:41 ` Maciej S. Szmigiero
2025-02-06 22:16 ` Peter Xu
2025-01-30 10:08 ` [PATCH v4 20/33] vfio/migration: Add x-migration-load-config-after-iter VFIO property Maciej S. Szmigiero
2025-02-10 17:24 ` Cédric Le Goater
2025-02-11 14:37 ` Maciej S. Szmigiero
2025-02-11 15:00 ` Cédric Le Goater
2025-02-11 15:57 ` Maciej S. Szmigiero
2025-02-11 16:28 ` Cédric Le Goater
2025-01-30 10:08 ` [PATCH v4 21/33] vfio/migration: Add load_device_config_state_start trace event Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 22/33] vfio/migration: Convert bytes_transferred counter to atomic Maciej S. Szmigiero
2025-01-30 21:35 ` Cédric Le Goater
2025-01-31 9:47 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 23/33] vfio/migration: Multifd device state transfer support - basic types Maciej S. Szmigiero
2025-02-10 17:17 ` Cédric Le Goater
2025-01-30 10:08 ` [PATCH v4 24/33] vfio/migration: Multifd device state transfer support - VFIOStateBuffer(s) Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 25/33] vfio/migration: Multifd device state transfer - add support checking function Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 26/33] vfio/migration: Multifd device state transfer support - receive init/cleanup Maciej S. Szmigiero
2025-02-12 10:55 ` Cédric Le Goater
2025-02-14 20:55 ` Maciej S. Szmigiero
2025-02-17 9:38 ` Cédric Le Goater
2025-02-17 22:13 ` Maciej S. Szmigiero
2025-02-18 7:54 ` Cédric Le Goater
2025-01-30 10:08 ` [PATCH v4 27/33] vfio/migration: Multifd device state transfer support - received buffers queuing Maciej S. Szmigiero
2025-02-12 13:47 ` Cédric Le Goater
2025-02-14 20:58 ` Maciej S. Szmigiero
2025-02-17 13:48 ` Cédric Le Goater
2025-02-17 22:15 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 28/33] vfio/migration: Multifd device state transfer support - load thread Maciej S. Szmigiero
2025-02-12 15:48 ` Cédric Le Goater
2025-02-12 16:19 ` Cédric Le Goater
2025-02-17 22:09 ` Maciej S. Szmigiero
2025-02-17 22:09 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 29/33] vfio/migration: Multifd device state transfer support - config loading support Maciej S. Szmigiero
2025-02-12 16:21 ` Cédric Le Goater
2025-02-17 22:09 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 30/33] migration/qemu-file: Define g_autoptr() cleanup function for QEMUFile Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 31/33] vfio/migration: Multifd device state transfer support - send side Maciej S. Szmigiero
2025-02-12 17:03 ` Cédric Le Goater
2025-02-17 22:12 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 32/33] vfio/migration: Add x-migration-multifd-transfer VFIO property Maciej S. Szmigiero
2025-02-12 17:10 ` Cédric Le Goater
2025-02-14 20:56 ` Maciej S. Szmigiero
2025-02-17 13:57 ` Cédric Le Goater
2025-02-17 14:16 ` Maciej S. Szmigiero
2025-01-30 10:08 ` [PATCH v4 33/33] hw/core/machine: Add compat for " Maciej S. Szmigiero
2025-01-30 20:19 ` [PATCH v4 00/33] Multifd 🔀 device state transfer support with VFIO consumer Fabiano Rosas
2025-01-30 20:27 ` Maciej S. Szmigiero
2025-01-30 20:46 ` Fabiano Rosas
2025-01-31 18:16 ` Maciej S. Szmigiero
2025-02-03 14:19 ` Cédric Le Goater
2025-02-21 6:57 ` Yanghang Liu
2025-02-22 9:51 ` Maciej S. Szmigiero
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z6I86e-hzJAlxk0r@redhat.com \
--to=berrange@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=armbru@redhat.com \
--cc=avihaih@nvidia.com \
--cc=clg@redhat.com \
--cc=eblake@redhat.com \
--cc=farosas@suse.de \
--cc=joao.m.martins@oracle.com \
--cc=mail@maciej.szmigiero.name \
--cc=peterx@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.