QEMU provides the ability to encrypt the migration data stream using two transport layer security (TLS) authentication schemes: X.509 certificates and pre-shared keys (PSK). Currently, Libvirt only supports the X.509-based TLS authentication scheme. In TLS X.509 certificates, a set of live migrations utilize a fixed set of static certificates for encrypted migration. In this authentication scheme, users require to deploy a certificate authority and monitor the certificate expiration window. In case certificates are compromised all the future live migrations are vulnerable.
To resolve this, the patch series introduce the alternative pre-shared key-based authentication scheme. This mechanism relies on symmetric pre-shared keys (a secret key that is known to both sender and receiver prior to secure communication) for providing secure transfer of data. During a migration, the parties negotiate which unique key to utilize for encrypting the migration data. To improve the security further, we utilize different key files for each migration session. Abhisek Panda (7): conf: Add configuration params for TLS-PSK include: define VIR_MIGRATE_TLS_PSK flag qemu: Add support to build the tls-creds-psk object qemu: rename tls-creds-x509 obj related functions qemu: Manage tls-creds-psk object lifecycle qemu: Set up the migrate TLS-PSK objects include: define VIR_MIGRATE_PARAM_TLS_PSK_DIRECTORY include/libvirt/libvirt-domain.h | 31 ++- src/qemu/libvirtd_qemu.aug | 2 + src/qemu/qemu.conf.in | 27 ++- src/qemu/qemu_alias.c | 19 +- src/qemu/qemu_alias.h | 5 +- src/qemu/qemu_backup.c | 2 +- src/qemu/qemu_command.c | 31 ++- src/qemu/qemu_command.h | 8 + src/qemu/qemu_conf.c | 55 ++++- src/qemu/qemu_conf.h | 3 + src/qemu/qemu_domain.c | 2 +- src/qemu/qemu_driver.c | 24 ++- src/qemu/qemu_hotplug.c | 125 +++++++---- src/qemu/qemu_hotplug.h | 43 ++-- src/qemu/qemu_migration.c | 194 ++++++++++++------ src/qemu/qemu_migration.h | 3 + src/qemu/qemu_migration_params.c | 138 ++++++++++--- src/qemu/qemu_migration_params.h | 28 ++- src/qemu/qemu_postparse.c | 2 +- src/qemu/test_libvirtd_qemu.aug.in | 2 + tests/qemumigparamsdata/tls-enabled.json | 2 +- tests/qemumigparamsdata/tls-enabled.reply | 2 +- tests/qemumigparamsdata/tls-enabled.xml | 2 +- tests/qemumigparamsdata/tls-hostname.json | 2 +- tests/qemumigparamsdata/tls-hostname.reply | 2 +- tests/qemumigparamsdata/tls-hostname.xml | 2 +- tests/qemumonitorjsontest.c | 4 +- tests/qemustatusxml2xmldata/upgrade-out.xml | 2 +- .../chardev-backends-json.x86_64-9.1.0.args | 8 +- .../chardev-backends-json.x86_64-latest.args | 8 +- .../chardev-backends.x86_64-9.1.0.args | 8 +- .../chardev-backends.x86_64-latest.args | 8 +- ...rk-tlsx509-nbd-hostname.x86_64-latest.args | 6 +- ...isk-network-tlsx509-nbd.x86_64-latest.args | 6 +- ...-tlsx509-chardev-verify.x86_64-latest.args | 4 +- ...ial-tcp-tlsx509-chardev.x86_64-latest.args | 4 +- ...-tlsx509-secret-chardev.x86_64-latest.args | 4 +- tests/testutilsqemu.c | 2 + tools/virsh-domain.c | 12 ++ 39 files changed, 623 insertions(+), 209 deletions(-) -- 2.39.3
