[Spice-devel] seamless migration with spice

Hans de Goede hdegoede at redhat.com
Mon Mar 12 01:42:01 PDT 2012 

Hi,

On 03/11/2012 02:16 PM, Yonit Halperin wrote:
> Hi,
>
> We would like to implement seamless migration for Spice, i.e., keeping the currently opened spice client session valid after migration.
> Today, the spice client establishes the connection to the destination before migration starts, and when migration completes, the client's session is moved to the destination, but all the session data is being reset.
>
> We face 2 main challenges when coming to implement seamless migration:
>

<snip (1)>

> (2) In order to restore the source-client spice session in the destination, we need to pass data from the source to the destination.
> Example for such data: in flight copy paste data, in flight usb data
> We want to pass the data from the source spice server to the destination, via Spice client. This introduces a possible race: after migration completes, the source qemu can be killed before the spice-server completes transferring the migration data to the client.

I don't understand why we must transfer this via the client, we should transfer this info using
established qemu migration technologies, and we should transfer it directly from the source
to the dest.

Passing this through the client, means trusting the client which is crazy (from a security pov),
the data passed is not always just data buffers often it contains state info. And transferring
this through the client means opening a whole window of injection vulnerabilities, which can simply
be avoided by sending the data directly.

I know this has been discussed before and I was not involved in that discussion due to -ENOTIME,
sorry about that. But just as the solution for sending the data directly from source to dest proposed
then was nacked by various qemu people, I nack the send the data through the client solution. That
one simply is not acceptable from a security pov. So we must re-think how we can send this data
directly from source to dest, in a way which is acceptable in upstream qemu.

Regards,

Hans

More information about the Spice-devel mailing list