From: Fabiano Rosas <farosas@suse.de>
To: qemu-devel@nongnu.org
Cc: "Peter Xu" <peterx@redhat.com>,
"Maciej S . Szmigiero" <mail@maciej.szmigiero.name>,
"Daniel P . Berrangé" <berrange@redhat.com>
Subject: [RFC PATCH 1/4] crypto: Allow gracefully ending the TLS session
Date: Thu, 6 Feb 2025 14:58:21 -0300 [thread overview]
Message-ID: <20250206175824.22664-2-farosas@suse.de> (raw)
In-Reply-To: <20250206175824.22664-1-farosas@suse.de>
QEMU's TLS session code provides no way to call gnutls_bye() to
terminate a TLS session. Callers of qcrypto_tls_session_read() can
choose to ignore a GNUTLS_E_PREMATURE_TERMINATION error by setting the
gracefulTermination argument.
The QIOChannelTLS ignores the premature termination error whenever
shutdown() has already been issued. This is not enough anymore for the
migration code due to changes [1] in the synchronization between
migration source and destination.
Add support for calling gnutls_bye() in the tlssession layer so users
of QIOChannelTLS can clearly identify the end of a TLS session.
1- 1d457daf86 ("migration/multifd: Further remove the SYNC on complete")
Signed-off-by: Fabiano Rosas <farosas@suse.de>
---
crypto/tlssession.c | 40 +++++++++++++++++++++++++++++++++++++
include/crypto/tlssession.h | 22 ++++++++++++++++++++
2 files changed, 62 insertions(+)
diff --git a/crypto/tlssession.c b/crypto/tlssession.c
index 77286e23f4..d52714a3f3 100644
--- a/crypto/tlssession.c
+++ b/crypto/tlssession.c
@@ -585,6 +585,40 @@ qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *session)
}
}
+int
+qcrypto_tls_session_bye(QCryptoTLSSession *session, Error **errp)
+{
+ int ret;
+
+ if (!session->handshakeComplete) {
+ return 0;
+ }
+
+ ret = gnutls_bye(session->handle, GNUTLS_SHUT_WR);
+
+ if (!ret) {
+ return QCRYPTO_TLS_BYE_COMPLETE;
+ }
+
+ if (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) {
+ int direction = gnutls_record_get_direction(session->handle);
+ return direction ? QCRYPTO_TLS_BYE_SENDING : QCRYPTO_TLS_BYE_RECVING;
+ }
+
+ if (session->rerr || session->werr) {
+ error_setg(errp, "TLS termination failed: %s: %s", gnutls_strerror(ret),
+ error_get_pretty(session->rerr ?
+ session->rerr : session->werr));
+ } else {
+ error_setg(errp, "TLS termination failed: %s", gnutls_strerror(ret));
+ }
+
+ error_free(session->rerr);
+ error_free(session->werr);
+ session->rerr = session->werr = NULL;
+
+ return -1;
+}
int
qcrypto_tls_session_get_key_size(QCryptoTLSSession *session,
@@ -699,6 +733,12 @@ qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *sess)
}
+int
+qcrypto_tls_session_bye(QCryptoTLSSession *session, Error **errp)
+{
+ return QCRYPTO_TLS_BYE_COMPLETE;
+}
+
int
qcrypto_tls_session_get_key_size(QCryptoTLSSession *sess,
Error **errp)
diff --git a/include/crypto/tlssession.h b/include/crypto/tlssession.h
index f694a5c3c5..c0f64ce989 100644
--- a/include/crypto/tlssession.h
+++ b/include/crypto/tlssession.h
@@ -323,6 +323,28 @@ typedef enum {
QCryptoTLSSessionHandshakeStatus
qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *sess);
+typedef enum {
+ QCRYPTO_TLS_BYE_COMPLETE,
+ QCRYPTO_TLS_BYE_SENDING,
+ QCRYPTO_TLS_BYE_RECVING,
+} QCryptoTLSSessionByeStatus;
+
+/**
+ * qcrypto_tls_session_bye:
+ * @session: the TLS session object
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Start, or continue, a TLS termination sequence. If the underlying
+ * data channel is non-blocking, then this method may return control
+ * before the termination is complete. The return value will indicate
+ * whether the termination has completed, or is waiting to send or
+ * receive data. In the latter cases, the caller should setup an event
+ * loop watch and call this method again once the underlying data
+ * channel is ready to read or write again.
+ */
+int
+qcrypto_tls_session_bye(QCryptoTLSSession *session, Error **errp);
+
/**
* qcrypto_tls_session_get_key_size:
* @sess: the TLS session object
--
2.35.3
next prev parent reply other threads:[~2025-02-06 17:59 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-06 17:58 [RFC PATCH 0/4] crypto,io,migration: Add support to gnutls_bye() Fabiano Rosas
2025-02-06 17:58 ` Fabiano Rosas [this message]
2025-02-06 18:15 ` [RFC PATCH 1/4] crypto: Allow gracefully ending the TLS session Daniel P. Berrangé
2025-02-06 17:58 ` [RFC PATCH 2/4] io: tls: Add qio_channel_tls_bye Fabiano Rosas
2025-02-06 17:58 ` [RFC PATCH 3/4] migration/multifd: Terminate the TLS connection Fabiano Rosas
2025-02-06 17:58 ` [RFC PATCH 4/4] migration: Check migration error after loadvm Fabiano Rosas
2025-02-06 21:08 ` [RFC PATCH 0/4] crypto,io,migration: Add support to gnutls_bye() Maciej S. Szmigiero
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250206175824.22664-2-farosas@suse.de \
--to=farosas@suse.de \
--cc=berrange@redhat.com \
--cc=mail@maciej.szmigiero.name \
--cc=peterx@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).