From 1a957606c55d7cb41fbb87952d4287481754f429 Mon Sep 17 00:00:00 2001
From: "Huawei Technologies Co., Ltd" <alex.chen@huawei.com>
Date: Wed, 2 Dec 2020 11:38:37 +0800
Subject: [PATCH] migration/tls: add support for multifd tls-handshake
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Similar like migration main thread, we need to do handshake
for each multifd thread.

Signed-off-by: Chuan Zheng <zhengchuan@huawei.com>
Signed-off-by: Yan Jin <jinyan12@huawei.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <1600139042-104593-6-git-send-email-zhengchuan@huawei.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
 ...dd-support-for-multifd-tls-handshake.patch | 125 ++++++++++++++++++
 1 file changed, 125 insertions(+)
 create mode 100644 migration-tls-add-support-for-multifd-tls-handshake.patch

diff --git a/migration-tls-add-support-for-multifd-tls-handshake.patch b/migration-tls-add-support-for-multifd-tls-handshake.patch
new file mode 100644
index 0000000..f81bb61
--- /dev/null
+++ b/migration-tls-add-support-for-multifd-tls-handshake.patch
@@ -0,0 +1,125 @@
+From e283c7dab15fed5af2904480230f86cf81b67aed Mon Sep 17 00:00:00 2001
+From: Ying Fang <fangying1@huawei.com>
+Date: Wed, 2 Dec 2020 11:38:37 +0800
+Subject: [PATCH] migration/tls: add support for multifd tls-handshake
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Similar like migration main thread, we need to do handshake
+for each multifd thread.
+
+Signed-off-by: Chuan Zheng <zhengchuan@huawei.com>
+Signed-off-by: Yan Jin <jinyan12@huawei.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+Message-Id: <1600139042-104593-6-git-send-email-zhengchuan@huawei.com>
+Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
+---
+ migration/ram.c | 77 +++++++++++++++++++++++++++++++++++++++++++++++--
+ 1 file changed, 75 insertions(+), 2 deletions(-)
+
+diff --git a/migration/ram.c b/migration/ram.c
+index 2b9d00745c..b82c0e6562 100644
+--- a/migration/ram.c
++++ b/migration/ram.c
+@@ -38,6 +38,7 @@
+ #include "ram.h"
+ #include "migration.h"
+ #include "socket.h"
++#include "tls.h"
+ #include "migration/register.h"
+ #include "migration/misc.h"
+ #include "qemu-file.h"
+@@ -1200,6 +1201,77 @@ out:
+     return NULL;
+ }
+ 
++static bool multifd_channel_connect(MultiFDSendParams *p,
++                                    QIOChannel *ioc,
++                                    Error *error);
++
++static void multifd_tls_outgoing_handshake(QIOTask *task,
++                                           gpointer opaque)
++{
++    MultiFDSendParams *p = opaque;
++    QIOChannel *ioc = QIO_CHANNEL(qio_task_get_source(task));
++    Error *err = NULL;
++
++    qio_task_propagate_error(task, &err);
++    multifd_channel_connect(p, ioc, err);
++}
++
++static void multifd_tls_channel_connect(MultiFDSendParams *p,
++                                        QIOChannel *ioc,
++                                        Error **errp)
++{
++    MigrationState *s = migrate_get_current();
++    const char *hostname = p->tls_hostname;
++    QIOChannelTLS *tioc;
++
++    tioc = migration_tls_client_create(s, ioc, hostname, errp);
++    if (!tioc) {
++        return;
++    }
++
++    qio_channel_set_name(QIO_CHANNEL(tioc), "multifd-tls-outgoing");
++    qio_channel_tls_handshake(tioc,
++                              multifd_tls_outgoing_handshake,
++                              p,
++                              NULL,
++                              NULL);
++
++}
++
++static bool multifd_channel_connect(MultiFDSendParams *p,
++                                    QIOChannel *ioc,
++                                    Error *error)
++{
++    MigrationState *s = migrate_get_current();
++
++    if (!error) {
++        if (s->parameters.tls_creds &&
++            *s->parameters.tls_creds &&
++            !object_dynamic_cast(OBJECT(ioc),
++                                 TYPE_QIO_CHANNEL_TLS)) {
++            multifd_tls_channel_connect(p, ioc, &error);
++            if (!error) {
++                /*
++                 * tls_channel_connect will call back to this
++                 * function after the TLS handshake,
++                 * so we mustn't call multifd_send_thread until then
++                 */
++                return false;
++            } else {
++                return true;
++            }
++        } else {
++            /* update for tls qio channel */
++            p->c = ioc;
++            qemu_thread_create(&p->thread, p->name, multifd_send_thread, p,
++                                   QEMU_THREAD_JOINABLE);
++       }
++       return false;
++    }
++
++    return true;
++}
++
+ static void multifd_new_send_channel_cleanup(MultiFDSendParams *p,
+                                              QIOChannel *ioc, Error *err)
+ {
+@@ -1229,8 +1301,9 @@ static void multifd_new_send_channel_async(QIOTask *task, gpointer opaque)
+         p->c = QIO_CHANNEL(sioc);
+         qio_channel_set_delay(p->c, false);
+         p->running = true;
+-        qemu_thread_create(&p->thread, p->name, multifd_send_thread, p,
+-                           QEMU_THREAD_JOINABLE);
++        if (multifd_channel_connect(p, sioc, local_err)) {
++            goto cleanup;
++        }
+         return;
+     }
+ 
+-- 
+2.27.0
+