From: Paolo Bonzini <pbonzini@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] RFC: Universal encryption on QEMU I/O channels
Date: Wed, 04 Feb 2015 15:23:22 +0100 [thread overview]
Message-ID: <54D22B5A.5020904@redhat.com> (raw)
In-Reply-To: <20150204140820.GS3032@redhat.com>
On 04/02/2015 15:08, Daniel P. Berrange wrote:
>> > As long as QEMUFile remains there and GIOChannel is used only when
>> > encryption is required, that would be an acceptable limitation. As I
>> > wrote above, migration is a bit special anyway.
> I'm not sure I'd like the idea of having different codepaths for
> the encrypted vs non-encrypted impl. it seems like a recipe for
> increased maintainence work and inconsistent behaviour over the
> long term. My thought was that QEMUFile would basically go
> away entirely by the end of the conversion, or at most be dealing
> with the data rate throttling if that didn't fit nicely into the
> generic IO layer.
QEMUFile has a bunch of hooks for RDMA (they were also used by the
never-upstreamed patches to speed up AF_UNIX migration with vmsplice),
so it cannot go away:
typedef struct QEMUFileOps {
QEMUFilePutBufferFunc *put_buffer;
QEMUFileGetBufferFunc *get_buffer;
QEMUFileCloseFunc *close;
QEMUFileGetFD *get_fd;
QEMUFileWritevBufferFunc *writev_buffer;
QEMURamHookFunc *before_ram_iterate;
QEMURamHookFunc *after_ram_iterate;
QEMURamHookFunc *hook_ram_load;
QEMURamSaveFunc *save_page;
QEMUFileShutdownFunc *shut_down;
} QEMUFileOps;
GIO doesn't provide writev either, so it's not a good match for
non-encrypted migration, which really tries hard to do no copies in
userspace.
> > GIO has TLS bindings (not SASL I think?) in GIO 2.28. Currently we
> > require glib 2.12 (released 2006) on POSIX systems and glib 2.20
> > (released 2009) on Windows. That's very conservative indeed, I wouldn't
> > mind changing to a newer version.
>
> Yeah, it has some level of functionality for TLS, but I'm not sure about
> the full extent of it and whether it'd be sufficient for what we need
> in VNC for example.
Okay... I don't know much about this.
> The main difference between GIO's APIs and GIOChannel is that the new
> GIO stuff is really designed around the idea of asynchronous callbacks
> for completion of IO.
>
> eg
>
> g_input_stream_read_async(stream, buffer, size, read_done_callback);
>
> and then when read_done_callback gets triggered you have to call
>
> g_input_stream_read_finish(stream)
>
> in order to get the success/failure status of the read, and the byte
> count. While it is quite nice for new code IME, this is probably quite
> alot harder to refit into existing QEMU codebase.
It also supports GIOChannel's GSource model via
GPollableInputStream/GPollableOutputStream. The GNUTLS bindings support
that interface too.
It also supports blocking operation, which is what migration wants.
So I think we could take a look at GIO if its TLS support is advanced
enough for your purposes.
Paolo
next prev parent reply other threads:[~2015-02-04 14:23 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-04 11:32 [Qemu-devel] RFC: Universal encryption on QEMU I/O channels Daniel P. Berrange
2015-02-04 12:43 ` Paolo Bonzini
2015-02-04 13:00 ` Daniel P. Berrange
2015-02-04 13:42 ` Paolo Bonzini
2015-02-04 14:08 ` Daniel P. Berrange
2015-02-04 14:23 ` Paolo Bonzini [this message]
2015-02-04 14:34 ` Daniel P. Berrange
2015-02-04 15:04 ` Paolo Bonzini
2015-02-04 15:11 ` Daniel P. Berrange
2015-02-04 15:22 ` Paolo Bonzini
2015-02-04 15:26 ` Daniel P. Berrange
2015-02-04 16:46 ` Paolo Bonzini
2015-02-05 14:38 ` Stefan Hajnoczi
2015-02-05 14:44 ` Cornelia Huck
2015-02-05 14:45 ` Peter Maydell
2015-02-04 13:49 ` Markus Armbruster
2015-02-04 13:55 ` Peter Maydell
2015-02-04 16:33 ` Markus Armbruster
2015-02-04 16:41 ` Daniel P. Berrange
2015-02-04 20:41 ` Peter Maydell
2015-02-04 21:06 ` Paolo Bonzini
2015-02-05 7:57 ` Markus Armbruster
2015-02-04 13:08 ` Dr. David Alan Gilbert
2015-02-04 14:02 ` Daniel P. Berrange
2015-02-04 14:28 ` Paolo Bonzini
2015-02-04 14:48 ` Marcel Apfelbaum
2015-02-04 14:50 ` Daniel P. Berrange
2015-02-04 18:34 ` Eric Blake
2015-02-05 9:11 ` Dr. David Alan Gilbert
2015-02-04 14:27 ` Paolo Bonzini
2015-02-04 14:37 ` Dr. David Alan Gilbert
2015-03-06 17:18 ` Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54D22B5A.5020904@redhat.com \
--to=pbonzini@redhat.com \
--cc=berrange@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).