On Mon, Dec 26, 2022 at 05:33:25AM +0000, Het Gala wrote:
From: Author Het Gala <het.gala@nutanix.com>
Existing 'migrate' QAPI design enforces transport mechanism, ip address
of destination interface and corresponding port number in the form
of a unified string 'uri' parameter. This scheme does seem to have an issue
in it, i.e. double-level encoding of URIs.
The current patch maps existing QAPI design into a well-defined data
structure - 'MigrateChannel' only from the design perspective. Please note that
the existing 'uri' parameter is kept untouched for backward compatibility.
Suggested-by: Daniel P. Berrange <berrange@redhat.com>
Suggested-by: Manish Mishra <manish.mishra@nutanix.com>
Suggested-by: Aravind Retnakaran <aravind.retnakaran@nutanix.com>
Signed-off-by: Het Gala <het.gala@nutanix.com>
Currently for 'exec:cmdstr' the 'cmdstr' part is a shell command
that is passed
const char *argv[] = { "/bin/sh", "-c", command, NULL };
I have a strong preference for making it possible to avoid use
of shell when spawning commands, since much of thue time it is
not required and has the potential to open up vulnerabilities.
It would be nice to be able to just take the full argv directly
IOW
{ 'struct': 'MigrateExecAddr',
'data' : {'argv': ['str'] } }
If the caller wants to keep life safe and simple now they can
use
["/bin/nc", "-U", "/some/sock"]
but if they still want to send it via shell, they can also do
so
["/bin/sh", "-c", "...arbitrary shell script code...."]
+
+##
+# @MigrateRdmaAddr:
+#
+# Since 8.0
+##
+{ 'struct': 'MigrateRdmaAddr',
+ 'data' : {'rdma-str': 'str' } }
Loooking at the RDMA code it takes the str, and treats it
as an IPv4 address:
addr = g_new(InetSocketAddress, 1);
if (!inet_parse(addr, host_port, NULL)) {
rdma->port = atoi(addr->port);
rdma->host = g_strdup(addr->host);
rdma->host_port = g_strdup(host_port);
}
so we really ought to accept an InetSocketAddress struct
directly
{ 'struct': 'MigrateRdmaAddr',
'data' : {'rdma-str': 'InetSocketAddress' } }