[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] RFC: Universal encryption on QEMU I/O channels

From: Paolo Bonzini
Subject: Re: [Qemu-devel] RFC: Universal encryption on QEMU I/O channels
Date: Wed, 04 Feb 2015 14:42:20 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0

On 04/02/2015 14:00, Daniel P. Berrange wrote:
> On Wed, Feb 04, 2015 at 01:43:12PM +0100, Paolo Bonzini wrote:
>> On 04/02/2015 12:32, Daniel P. Berrange wrote:
>>> So my idea would be that we define a QEMUChannel object and set of APIs to
>>> standardize all interaction with sockets, pipes, RDMA, whatever $channel,
>>> and then convert the QEMU features I've mentioned over to use that. I think
>>> that would be simpler than trying to untangle QEMUFile code from migration
>>> and then extend its features.
>> Could it be GIOChannel simply?
>> 1) Chardev is already mostly a wrapper around GIOChannel
>> 2) NBD and VNC could be converted to GIOChannel with relative ease
>> 3) migration is more complicated because (unlike everything else) it
>> uses a separate thread and blocking sockets, but you could probably
>> write a GIOChannel-based implementation of QEMUFile.
> It might be possible to base it on GIOChannel, but IIRC some of the
> migration code was using iovecs for I/O and GIOChannel API doesn't
> allow for that. So you'd have to sacrifice performance by issuing a
> separate syscall for each iovec element which seems sucky to me.
> If you think that's an acceptable limitation though, I could certainly
> explore use of GIOChannel.

As long as QEMUFile remains there and GIOChannel is used only when
encryption is required, that would be an acceptable limitation.  As I
wrote above, migration is a bit special anyway.

> More broadly speaking GIOChannel has fallen out of favour in the
> glib ecosystem, with most apps/libraries more focused on use of
> the GIO APIs instead, but IIUC QEMU avoids use of the GIO library
> due to need to support older glib versions.

Besides that, QEMU developers are not extremely familiar with all the
glib stuff, and GIOChannel is a thin-enough wrapper that it's pretty
easy to understand what's going on.  But that can change if the
alternative has advantages.  Perhaps we could start by converting
chardevs from GIOChannel to GIO.

GIO has TLS bindings (not SASL I think?) in GIO 2.28.  Currently we
require glib 2.12 (released 2006) on POSIX systems and glib 2.20
(released 2009) on Windows.  That's very conservative indeed, I wouldn't
mind changing to a newer version.

>> I found a GIOChannel wrapper for gnutls at
>> https://github.com/aldebaran/connman/blob/master/gweb/giognutls.c.  It's
>> not the right license for QEMU (GPLv2-only) but it's only 400 lines of
>> code.  If necessary I can help with clean-room reverse engineering.
> It doesn't seem todo any thing related to certificate validation which
> explains why it is so short compared ot the gnutls code we already have
> for VNC in QEMU. So I don't think it's particularly useful in terms of
> saving effort.

Yeah, it was only interesting for the GIOChannel boilerplate.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]