From eb3618e9e259ef93f5a1a76867fbccae540fcd61 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Fri, 18 Jul 2025 16:05:13 +0100 Subject: [PATCH] migration: activate TLS thread safety workaround MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When either the postcopy or return path capabilities are enabled, the migration code will use the primary channel for bidirectional I/O. If either of those capabilities are enabled, the migration code needs to mark the channel as expecting concurrent I/O in order to activate the thread safety workarounds for GNUTLS bug 1717 Closes: https://gitlab.com/qemu-project/qemu/-/issues/1937 Signed-off-by: Daniel P. Berrangé Reviewed-by: Fabiano Rosas Link: https://lore.kernel.org/qemu-devel/20250718150514.2635338-4-berrange@redhat.com Signed-off-by: Fabiano Rosas --- migration/tls.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/migration/tls.c b/migration/tls.c index 5cbf952383..284a6194b2 100644 --- a/migration/tls.c +++ b/migration/tls.c @@ -90,6 +90,10 @@ void migration_tls_channel_process_incoming(MigrationState *s, trace_migration_tls_incoming_handshake_start(); qio_channel_set_name(QIO_CHANNEL(tioc), "migration-tls-incoming"); + if (migrate_postcopy_ram() || migrate_return_path()) { + qio_channel_set_feature(QIO_CHANNEL(tioc), + QIO_CHANNEL_FEATURE_CONCURRENT_IO); + } qio_channel_tls_handshake(tioc, migration_tls_incoming_handshake, NULL, @@ -149,6 +153,11 @@ void migration_tls_channel_connect(MigrationState *s, s->hostname = g_strdup(hostname); trace_migration_tls_outgoing_handshake_start(hostname); qio_channel_set_name(QIO_CHANNEL(tioc), "migration-tls-outgoing"); + + if (migrate_postcopy_ram() || migrate_return_path()) { + qio_channel_set_feature(QIO_CHANNEL(tioc), + QIO_CHANNEL_FEATURE_CONCURRENT_IO); + } qio_channel_tls_handshake(tioc, migration_tls_outgoing_handshake, s, -- 2.47.2