summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* block: pass option prefix down to crypto layerDaniel P. Berrange2017-07-114-6/+18
| | | | | | | | | | | | | | | While the crypto layer uses a fixed option name "key-secret", the upper block layer may have a prefix on the options. e.g. "encrypt.key-secret", in order to avoid clashes between crypto option names & other block option names. To ensure the crypto layer can report accurate error messages, we must tell it what option name prefix was used. Reviewed-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-19-berrange@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* fix mingw build failureGerd Hoffmann2017-05-161-1/+1
| | | | | | | | Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170516052439.16214-1-kraxel@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* crypto: qcrypto_random_bytes() now works on windows w/o any other crypto libsGeert Martin Ijewski2017-05-094-8/+48
| | | | | | | | | | | | | | | | | | | | | If no crypto library is included in the build, QEMU uses qcrypto_random_bytes() to generate random data. That function tried to open /dev/urandom or /dev/random and if opening both files failed it errored out. Those files obviously do not exist on windows, so there the code uses CryptGenRandom(). Furthermore there was some refactoring and a new function qcrypto_random_init() was introduced. If a proper crypto library (gnutls or libgcrypt) is included in the build, this function does nothing. If neither is included it initializes the (platform specific) handles that are used by qcrypto_random_bytes(). Either: * a handle to /dev/urandom | /dev/random on unix like systems * a handle to a cryptographic service provider on windows Signed-off-by: Geert Martin Ijewski <gm.ijewski@web.de> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: move 'opaque' parameter to (nearly) the end of parameter listDaniel P. Berrange2017-05-091-5/+8
| | | | | | | | | | | | | | | | | | | Previous commit moved 'opaque' to be the 2nd parameter in the list: commit 375092332eeaa6e47561ce47fd36144cdaf964d0 Author: Fam Zheng <famz@redhat.com> Date: Fri Apr 21 20:27:02 2017 +0800 crypto: Make errp the last parameter of functions Move opaque to 2nd instead of the 2nd to last, so that compilers help check with the conversion. this puts it back to the 2nd to last position. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: Make errp the last parameter of functionsFam Zheng2017-04-241-12/+9Star
| | | | | | | | | | | | Move opaque to 2nd instead of the 2nd to last, so that compilers help check with the conversion. Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <20170421122710.15373-7-famz@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> [Commit message typo corrected] Signed-off-by: Markus Armbruster <armbru@redhat.com>
* crypto: assert cipher algorithm is always validPrasad J Pandit2017-02-271-6/+2Star
| | | | | | | | | | | Crypto routines 'qcrypto_cipher_get_block_len' and 'qcrypto_cipher_get_key_len' return non-zero cipher block and key lengths from static arrays 'alg_block_len[]' and 'alg_key_len[]' respectively. Returning 'zero(0)' value from either of them would likely lead to an error condition. Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: fix leak in ivgen essiv initLi Qiang2017-02-271-0/+1
| | | | | | | | On error path, the 'salt' doesn't been freed thus leading a memory leak. This patch avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: support HMAC algorithms based on nettleLongpeng(Mike)2016-12-221-3/+133
| | | | | | | This patch add nettle-backed HMAC algorithms support Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: support HMAC algorithms based on glibLongpeng(Mike)2016-12-221-0/+122
| | | | | | | This patch add glib-backed HMAC algorithms support Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: support HMAC algorithms based on libgcryptLongpeng(Mike)2016-12-221-2/+109
| | | | | | | This patch add HMAC algorithms based on libgcrypt support Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: add HMAC algorithms frameworkLongpeng(Mike)2016-12-226-0/+376
| | | | | | | This patch introduce HMAC algorithms framework. Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: add 3des-ede support when using libgcrypt/nettleLongpeng(Mike)2016-12-213-2/+48
| | | | | | | | | Libgcrypt and nettle support 3des-ede, so this patch add 3des-ede support when using libgcrypt or nettle. Reviewed-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* cipher: fix leak on initialization errorMarc-André Lureau2016-12-211-3/+2Star
| | | | | | | | | | On error path, ctx may be leaked. Assign ctx earlier, and call qcrypto_cipher_free() on error. Spotted thanks to ASAN. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: fix initialization of gcrypt threadingDaniel P. Berrange2016-10-201-3/+4
| | | | | | | | | | | | | | | | | | | The gcrypt threads implementation must be set before calling any other gcrypt APIs, especially gcry_check_version(), since that triggers initialization of the random pool. After that is initialized, changes to the threads impl won't be honoured by the random pool code. This means that gcrypt will think thread locking is needed and so try to acquire the random pool mutex, but this is NULL as no threads impl was set originally. This results in a crash in the random pool code. For the same reasons, we must set the gcrypt threads impl before calling gnutls_init, since that will also trigger gcry_check_version Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: add mode check in qcrypto_cipher_new() for cipher-builtinGonglei2016-10-191-0/+11
| | | | | Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: add CTR mode supportGonglei2016-10-193-7/+34
| | | | | | | | | | | | | | Introduce CTR mode support for the cipher APIs. CTR mode uses a counter rather than a traditional IV. The counter has additional properties, including a nonce and initial counter block. We reuse the ctx->iv as the counter for conveniences. Both libgcrypt and nettle are support CTR mode, the cipher-builtin doesn't support yet. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: extend mode as a parameter in qcrypto_cipher_supports()Gonglei2016-10-193-3/+37
| | | | | | | | | | It can't guarantee all cipher modes are supported if one cipher algorithm is supported by a backend. Let's extend qcrypto_cipher_supports() to take both the algorithm and mode as parameters. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: Switch to QEMU UUID APIFam Zheng2016-09-231-19/+7Star
| | | | | | | | | | | The uuid generation doesn't return error, so update the function signature and calling code accordingly. Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Message-Id: <1474432046-325-7-git-send-email-famz@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: add trace points for TLS cert verificationDaniel P. Berrange2016-09-192-2/+9
| | | | | | | It is very useful to know about TLS cert verification status when debugging, so add a trace point for it. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: support more hash algorithms for pbkdfDaniel P. Berrange2016-09-192-10/+65
| | | | | | | | Currently pbkdf is only supported with SHA1 and SHA256. Expand this to support all algorithms known to QEMU. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: increase default pbkdf2 time for luks to 2 secondsDaniel P. Berrange2016-09-191-1/+1
| | | | | | | | | | cryptsetup recently increased the default pbkdf2 time to 2 seconds to partially mitigate improvements in hardware performance wrt brute-forcing the pbkdf algorithm. This updates QEMU defaults to match. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: remove bogus /= 2 for pbkdf iterationsDaniel P. Berrange2016-09-191-4/+0Star
| | | | | | | | | | | When calculating iterations for pbkdf of the key slot data, we had a /= 2, which was copied from identical code in cryptsetup. It was always unclear & undocumented why cryptsetup had this division and it was recently removed there, too. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: use correct derived key size when timing pbkdfDaniel P. Berrange2016-09-192-3/+9
| | | | | | | | | | | | | | | | Currently when timing the pbkdf algorithm a fixed key size of 32 bytes is used. This results in inaccurate timings for certain hashes depending on their digest size. For example when using sha1 with aes-256, this causes us to measure time for the master key digest doing 2 sha1 operations per iteration, instead of 1. Instead we should pass in the desired key size to the timing routine that matches the key size that will be used for real later. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: clear out buffer after timing pbkdf algorithmDaniel P. Berrange2016-09-191-4/+9
| | | | | | | | | | | | | The 'out' buffer will hold a key derived from master password, so it is best practice to clear this buffer when no longer required. At this time, the code isn't worrying about locking buffers into RAM to prevent swapping sensitive data to disk. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: make PBKDF iterations configurable for LUKS formatDaniel P. Berrange2016-09-191-0/+24
| | | | | | | | | | | | | | As protection against bruteforcing passphrases, the PBKDF algorithm is tuned by counting the number of iterations needed to produce 1 second of running time. If the machine that the image will be used on is much faster than the machine where the image is created, it can be desirable to raise the number of iterations. This change adds a new 'iter-time' property that allows the user to choose the iteration wallclock time. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: use uint64_t for pbkdf iteration count parametersDaniel P. Berrange2016-09-195-35/+52
| | | | | | | | | | | | | | | | | The qcrypto_pbkdf_count_iters method uses a 64 bit int but then checks its value against INT32_MAX before returning it. This bounds check is premature, because the calling code may well scale the iteration count by some value. It is thus better to return a 64-bit integer and let the caller do range checking. For consistency the qcrypto_pbkdf method is also changed to accept a 64bit int, though this is somewhat academic since nettle is limited to taking an 'int' while gcrypt is limited to taking a 'long int'. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: report enum strings instead of values in errorsDaniel P. Berrange2016-09-124-13/+22
| | | | | | | | | | | | | | Several error messages print out the raw enum value, which is less than helpful to users, as these values are not documented, nor stable across QEMU releases. Switch to use the enum string instead. The nettle impl also had two typos where it mistakenly said "algorithm" instead of "mode", and actually reported the algorithm value too. Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: fix building complaintGonglei2016-09-122-5/+4Star
| | | | | | | | | | | | | gnutls commit 846753877d renamed LIBGNUTLS_VERSION_NUMBER to GNUTLS_VERSION_NUMBER. If using gnutls before that verion, we'll get the below warning: crypto/tlscredsx509.c:618:5: warning: "GNUTLS_VERSION_NUMBER" is not defined Because gnutls 3.x still defines LIBGNUTLS_VERSION_NUMBER for back compat, Let's use LIBGNUTLS_VERSION_NUMBER instead of GNUTLS_VERSION_NUMBER to fix building complaint. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: ensure XTS is only used with ciphers with 16 byte blocksDaniel P. Berrange2016-09-122-5/+13
| | | | | | | | | | | | | | | | The XTS cipher mode needs to be used with a cipher which has a block size of 16 bytes. If a mis-matching block size is used, the code will either corrupt memory beyond the IV array, or not fully encrypt/decrypt the IV. This fixes a memory corruption crash when attempting to use cast5-128 with xts, since the former has an 8 byte block size. A test case is added to ensure the cipher creation fails with such an invalid combination. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* trace-events: fix first line comment in trace-eventsLaurent Vivier2016-08-121-1/+1
| | | | | | | | | | | | Documentation is docs/tracing.txt instead of docs/trace-events.txt. find . -name trace-events -exec \ sed -i "s?See docs/trace-events.txt for syntax documentation.?See docs/tracing.txt for syntax documentation.?" \ {} \; Signed-off-by: Laurent Vivier <lvivier@redhat.com> Message-id: 1470669081-17860-1-git-send-email-lvivier@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* crypto: add support for querying parameters for block encryptionDaniel P. Berrange2016-07-263-0/+88
| | | | | | | | | | | | | When creating new block encryption volumes, we accept a list of parameters to control the formatting process. It is useful to be able to query what those parameters were for existing block devices. Add a qcrypto_block_get_info() method which returns a QCryptoBlockInfo instance to report this data. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1469192015-16487-2-git-send-email-berrange@redhat.com Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
* crypto: don't open-code qcrypto_hash_supportsDaniel P. Berrange2016-07-213-6/+3Star
| | | | | | | Call the existing qcrypto_hash_supports method from qcrypto_hash_bytesv instead of open-coding it again. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: use glib as fallback for hash algorithmDaniel P. Berrange2016-07-213-42/+99
| | | | | | | | | | | | | GLib >= 2.16 provides GChecksum API which is good enough for md5, sha1, sha256 and sha512. Use this as a final fallback if neither nettle or gcrypt are available. This lets us remove the stub hash impl, and so callers can be sure those 4 algs are always available at compile time. They may still be disabled at runtime, so a check for qcrypto_hash_supports() is still best practice to report good error messages. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: use /dev/[u]random as a final fallback random sourceDaniel P. Berrange2016-07-212-3/+36
| | | | | | | | If neither gcrypt or gnutls are available to provide a cryptographic random number generator, fallback to consuming bytes directly from /dev/[u]random. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* Clean up ill-advised or unusual header guardsMarkus Armbruster2016-07-122-6/+6
| | | | | | | Cleaned up with scripts/clean-header-guards.pl. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
* Clean up header guards that don't match their file nameMarkus Armbruster2016-07-123-10/+9Star
| | | | | | | | | | | | Header guard symbols should match their file name to make guard collisions less likely. Offenders found with scripts/clean-header-guards.pl -vn. Cleaned up with scripts/clean-header-guards.pl, followed by some renaming of new guard symbols picked by the script to better ones. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
* Use #include "..." for our own headers, <...> for othersMarkus Armbruster2016-07-123-3/+3
| | | | | | | | | | | | Tracked down with an ugly, brittle and probably buggy Perl script. Also move includes converted to <...> up so they get included before ours where that's obviously okay. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
* crypto: allow default TLS priority to be chosen at build timeDaniel P. Berrange2016-07-041-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Modern gnutls can use a global config file to control the crypto priority settings for TLS connections. For example the priority string "@SYSTEM" instructs gnutls to find the priority setting named "SYSTEM" in the global config file. Latest gnutls GIT codebase gained the ability to reference multiple priority strings in the config file, with the first one that is found to existing winning. This means it is now possible to configure QEMU out of the box with a default priority of "@QEMU,SYSTEM", which says to look for the settings "QEMU" first, and if not found, use the "SYSTEM" settings. To make use of this facility, we introduce the ability to set the QEMU default priority at build time via a new configure argument. It is anticipated that distro vendors will set this when building QEMU to a suitable value for use with distro crypto policy setup. eg current Fedora would run ./configure --tls-priority=@SYSTEM while future Fedora would run ./configure --tls-priority=@QEMU,SYSTEM Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: add support for TLS priority string overrideDaniel P. Berrange2016-07-042-7/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The gnutls default priority is either "NORMAL" (most historical versions of gnutls) which is a built-in label in gnutls code, or "@SYSTEM" (latest gnutls on Fedora at least) which refers to an admin customizable entry in a gnutls config file. Regardless of which default is used by a distro, they are both global defaults applying to all applications using gnutls. If a single application on the system needs to use a weaker set of crypto priorities, this potentially forces the weakness onto all applications. Or conversely if a single application wants a strong default than all others, it can't do this via the global config file. This adds an extra parameter to the tls credential object which allows the mgmt app / user to explicitly provide a priority string to QEMU when configuring TLS. For example, to use the "NORMAL" priority, but disable SSL 3.0 one can now configure QEMU thus: $QEMU -object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\ priority="NORMAL:-VERS-SSL3.0" \ ..other args... If creating tls-creds-anon, whatever priority the user specifies will always have "+ANON-DH" appended to it, since that's mandatory to make the anonymous credentials work. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: implement sha224, sha384, sha512 and ripemd160 hashesDaniel P. Berrange2016-07-043-0/+37
| | | | | | | Wire up the nettle and gcrypt hash backends so that they can support the sha224, sha384, sha512 and ripemd160 hash algorithms. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: switch hash code to use nettle/gcrypt directlyDaniel P. Berrange2016-07-045-105/+276
| | | | | | | | | | | | | | | | | Currently the internal hash code is using the gnutls hash APIs. GNUTLS in turn is wrapping either nettle or gcrypt. Not only were the GNUTLS hash APIs not added until GNUTLS 2.9.10, but they don't expose support for all the algorithms QEMU needs to use with LUKS. Address this by directly wrapping nettle/gcrypt in QEMU and avoiding GNUTLS's extra layer of indirection. This gives us support for hash functions on a much wider range of platforms and opens up ability to support more hash functions. It also avoids a GNUTLS bug which would not correctly handle hashing of large data blocks if int != size_t. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: fix handling of iv generator hash defaultsDaniel P. Berrange2016-07-041-0/+21
| | | | | | | | | | | | | | | | | When opening an existing LUKS volume, if the iv generator is essiv, then the iv hash algorithm is mandatory to provide. We must report an error if it is omitted in the cipher mode spec, not silently default to hash 0 (md5). If the iv generator is not essiv, then we explicitly ignore any iv hash algorithm, rather than report an error, for compatibility with dm-crypt. When creating a new LUKS volume, if the iv generator is essiv and no iv hsah algorithm is provided, we should default to using the sha256 hash. Reported-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* trace: split out trace events for crypto/ directoryDaniel P. Berrange2016-06-201-0/+19
| | | | | | | | | Move all trace-events for files in the crypto/ directory to their own file. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1466066426-16657-4-git-send-email-berrange@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* crypto: assert that qcrypto_hash_digest_len is in rangePaolo Bonzini2016-06-131-3/+1Star
| | | | | | | | | | | Otherwise unintended results could happen. For example, Coverity reports a division by zero in qcrypto_afsplit_hash. While this cannot really happen, it shows that the contract of qcrypto_hash_digest_len can be improved. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* TLS: provide slightly more information when TLS certificate loading failsAlex Bligh2016-06-131-6/+11
| | | | | | | | | Give slightly more information when certification loading fails. Rather than have no information, you now get gnutls's only slightly less unhelpful error messages. Signed-off-by: Alex Bligh <alex@alex.org.uk> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* crypto: Use DIV_ROUND_UPLaurent Vivier2016-06-071-4/+2Star
| | | | | | | | | | | | Replace (((n) + (d) - 1) /(d)) by DIV_ROUND_UP(n,d). This patch is the result of coccinelle script scripts/coccinelle/round.cocci CC: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* qemu-common: stop including qemu/bswap.h from qemu-common.hPaolo Bonzini2016-05-192-0/+2
| | | | | | | Move it to the actual users. There are still a few includes of qemu/bswap.h in headers; removing them is left for future work. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* crypto: do an explicit check for nettle pbkdf functionsDaniel P. Berrange2016-03-301-2/+2
| | | | | | | | | | | | Support for the PBKDF functions in nettle was not introduced until version 2.6. Some distros QEMU targets have older versions and thus lack PBKDF support. Address this by doing a check in configure for the desired function and then skipping compilation of the nettle-pbkdf.o module Reported-by: Wen Congyang <wency@cn.fujitsu.com> Tested-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell2016-03-2419-0/+23
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Log filtering from Alex and Peter * Chardev fix from Marc-André * config.status tweak from David * Header file tweaks from Markus, myself and Veronia (Outreachy candidate) * get_ticks_per_sec() removal from Rutuja (Outreachy candidate) * Coverity fix from myself * PKE implementation from myself, based on rth's XSAVE support # gpg: Signature made Thu 24 Mar 2016 20:15:11 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" * remotes/bonzini/tags/for-upstream: (28 commits) target-i386: implement PKE for TCG config.status: Pass extra parameters char: translate from QIOChannel error to errno exec: fix error handling in file_ram_alloc cputlb: modernise the debug support qemu-log: support simple pid substitution for logs target-arm: dfilter support for in_asm qemu-log: dfilter-ise exec, out_asm, op and opt_op qemu-log: new option -dfilter to limit output qemu-log: Improve the "exec" TB execution logging qemu-log: Avoid function call for disabled qemu_log_mask logging qemu-log: correct help text for -d cpu tcg: pass down TranslationBlock to tcg_code_gen util: move declarations out of qemu-common.h Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND hw: explicitly include qemu-common.h and cpu.h include/crypto: Include qapi-types.h or qemu/bswap.h instead of qemu-common.h isa: Move DMA_transfer_handler from qemu-common.h to hw/isa/isa.h Move ParallelIOArg from qemu-common.h to sysemu/char.h Move QEMU_ALIGN_*() from qemu-common.h to qemu/osdep.h ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Conflicts: scripts/clean-includes
| * include/crypto: Include qapi-types.h or qemu/bswap.h instead of qemu-common.hMarkus Armbruster2016-03-223-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu-common.h should only be included by .c files. Its file comment explains why: "No header file should depend on qemu-common.h, as this would easily lead to circular header dependencies." Several include/crypto/ headers include qemu-common.h, but either need just qapi-types.h from it, or qemu/bswap.h, or nothing at all. Replace or drop the include accordingly. tests/test-crypto-secret.c now misses qemu/module.h, so include it there. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>