From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879789; cv=none; d=zohomail.com; s=zohoarc; b=cEh/9bGwFcbg03UD94bmZdkWLphrpg7+J0slpmcEsAX3YQMJwhiYW8otGz623/JLUOGABCjuyBIyMTNOr2ojREdO4wNJBJ8epX8957DYTxEBAx5dVoyhJvxaPD0j9VqXBBWGeWr7fX+nijBH3kamHc7t6lih39Bl4B0yyD3G5b0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879789; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=aq6T9UXAVyqK1byg+KwEREIyiGaZqbP7rHjz9BdyE+s=; b=fHWkOYcaUGQNl5JeGfvmvx5dx0zLJcUXi2mGks+uVeYS+7wnVeTKG9E2gIp9ANdJ2HWOrlqn8g0Ow0KVzujN6GoNdTqE2MdQ+ibSW4pM3mGHRtIARLl0dx3haHrBlkxq34cq7/IZczLfBViX9Zxl/gP7Tk5is3TjVyQZ1RlhBPg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1710879789929340.6802353679402; Tue, 19 Mar 2024 13:23:09 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxn-00013d-UJ; Tue, 19 Mar 2024 16:21:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxl-000131-OQ for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:33 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxk-0007WU-3J for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:33 -0400 Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-561-aphAvmg4O6GuAbdIlQyPUQ-1; Tue, 19 Mar 2024 16:21:29 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E4C02800262 for ; Tue, 19 Mar 2024 20:21:28 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7574B10E47; Tue, 19 Mar 2024 20:21:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879691; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aq6T9UXAVyqK1byg+KwEREIyiGaZqbP7rHjz9BdyE+s=; b=Au3JM+xTOpZH2j0TRwVtjvHW0Ph0JTANRoczJ8eQsHYYzUkxpwtgzU8SizfSvLImlV+6DV GkVZqTq6VNasG7TNQY/ZyVvE5aNUheWIptvSczUunuA1JYWTiqCxTe8dMg/oyNBXQ3cd3B uXvw8bpUBIaTUBkH3q/4AoE7aL+ck+0= X-MC-Unique: aphAvmg4O6GuAbdIlQyPUQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini Subject: [PULL 1/8] seccomp: report EPERM instead of killing process for spawn set Date: Tue, 19 Mar 2024 20:21:14 +0000 Message-ID: <20240319202121.233130-2-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879792029100007 When something tries to run one of the spawn syscalls (eg clone), our seccomp deny filter is set to cause a fatal trap which kills the process. This is found to be unhelpful when QEMU has loaded the nvidia GL library. This tries to spawn a process to modprobe the nvidia kmod. This is a dubious thing to do, but at the same time, the code will gracefully continue if this fails. Our seccomp filter rightly blocks the spawning, but prevent the graceful continue. Switching to reporting EPERM will make QEMU behave more gracefully without impacting the level of protect we have. https://gitlab.com/qemu-project/qemu/-/issues/2116 Signed-off-by: Daniel P. Berrang=C3=A9 --- system/qemu-seccomp.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/system/qemu-seccomp.c b/system/qemu-seccomp.c index 4d7439e7f7..98ffce075c 100644 --- a/system/qemu-seccomp.c +++ b/system/qemu-seccomp.c @@ -74,7 +74,7 @@ const struct scmp_arg_cmp sched_setscheduler_arg[] =3D { =20 #define RULE_CLONE_FLAG(flag) \ { SCMP_SYS(clone), QEMU_SECCOMP_SET_SPAWN, \ - ARRAY_SIZE(clone_arg ## flag), clone_arg ## flag, SCMP_ACT_TRAP } + ARRAY_SIZE(clone_arg ## flag), clone_arg ## flag, SCMP_ACT_ERRNO(EPE= RM) } =20 /* If no CLONE_* flags are set, except CSIGNAL, deny */ const struct scmp_arg_cmp clone_arg_none[] =3D { @@ -214,13 +214,13 @@ static const struct QemuSeccompSyscall denylist[] =3D= { 0, NULL, SCMP_ACT_TRAP }, /* spawn */ { SCMP_SYS(fork), QEMU_SECCOMP_SET_SPAWN, - 0, NULL, SCMP_ACT_TRAP }, + 0, NULL, SCMP_ACT_ERRNO(EPERM) }, { SCMP_SYS(vfork), QEMU_SECCOMP_SET_SPAWN, - 0, NULL, SCMP_ACT_TRAP }, + 0, NULL, SCMP_ACT_ERRNO(EPERM) }, { SCMP_SYS(execve), QEMU_SECCOMP_SET_SPAWN, - 0, NULL, SCMP_ACT_TRAP }, + 0, NULL, SCMP_ACT_ERRNO(EPERM) }, { SCMP_SYS(clone), QEMU_SECCOMP_SET_SPAWN, - ARRAY_SIZE(clone_arg_none), clone_arg_none, SCMP_ACT_TRAP }, + ARRAY_SIZE(clone_arg_none), clone_arg_none, SCMP_ACT_ERRNO(EPERM) }, RULE_CLONE_FLAG(CLONE_VM), RULE_CLONE_FLAG(CLONE_FS), RULE_CLONE_FLAG(CLONE_FILES), --=20 2.43.0 From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879808; cv=none; d=zohomail.com; s=zohoarc; b=ISeYyELZY8eNAyXnzf3C2gSek1E5nab2oLOeFs8XVpgN3YOAopqk0I0lWeIlZ8d58hIDN8UHG+zro7qH5ThrY5fPCqIka3Ps5+NwQ2wNcdWk11kMpI4VY8YSzrAjTeGuBd7XfcN+RyKEEO7IImiZRubI0DKv/rUOwzfUd+t5ub0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879808; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=ud0feqBC6UjeQxFr8Hj0ISK+kvbqM4WmXlTEpmkz7O4=; b=KeCIGXQmq8q90I9Xb+Q67ap+LCNZUPaxeygvKQsWp6oM8yETHuN3EnZRsbDA2QeSbbqZHfYTbu4QJ18qdFofgjtngwJC150h08/rpyjVNE9YFn4FRZpkk/nTTToyF6eCCzKYfRMsDak5UODB1R2mcZYoEvWWfw8/Le/WC+8eww8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 171087980801970.12839970249502; Tue, 19 Mar 2024 13:23:28 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxn-00013H-Cr; Tue, 19 Mar 2024 16:21:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxl-000130-O3 for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:33 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxk-0007We-9e for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:33 -0400 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-474-nGT_Vjm9OKyu_cfXNtwuKg-1; Tue, 19 Mar 2024 16:21:30 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 31275380350D for ; Tue, 19 Mar 2024 20:21:30 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id 371CB111E5; Tue, 19 Mar 2024 20:21:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879691; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ud0feqBC6UjeQxFr8Hj0ISK+kvbqM4WmXlTEpmkz7O4=; b=AbAXgpESsMwgkLEiW5UBMElPSU0y1swTCx9ZXv/B/863/kGo27HHTP7kqN3tVil64wMaVE JNEszWctt6e14NMAiOUXFbEc6YyXkzFvi8pyirJFCDVaFOHDSn4mak1xUPTy98ys8QKL0G niHb0nuOBtcfVDA1FrSjRTxbdUfKfJ0= X-MC-Unique: nGT_Vjm9OKyu_cfXNtwuKg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini , Thomas Huth Subject: [PULL 2/8] chardev: lower priority of the HUP GSource in socket chardev Date: Tue, 19 Mar 2024 20:21:15 +0000 Message-ID: <20240319202121.233130-3-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879810077100003 The socket chardev often has 2 GSource object registered against the same FD. One is registered all the time and is just intended to handle POLLHUP events, while the other gets registered & unregistered on the fly as the frontend is ready to receive more data or not. It is very common for poll() to signal a POLLHUP event at the same time as there is pending incoming data from the disconnected client. It is therefore essential to process incoming data prior to processing HUP. The problem with having 2 GSource on the same FD is that there is no guaranteed ordering of execution between them, so the chardev code may process HUP first and thus discard data. This failure scenario is non-deterministic but can be seen fairly reliably by reverting a7077b8e354d90fec26c2921aa2dea85b90dff90, and then running 'tests/unit/test-char', which will sometimes fail with missing data. Ideally QEMU would only have 1 GSource, but that's a complex code refactoring job. The next best solution is to try to ensure ordering between the 2 GSource objects. This can be achieved by lowering the priority of the HUP GSource, so that it is never dispatched if the main GSource is also ready to dispatch. Counter-intuitively, lowering the priority of a GSource is done by raising its priority number. Reviewed-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Thomas Huth Signed-off-by: Daniel P. Berrang=C3=A9 --- chardev/char-socket.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/chardev/char-socket.c b/chardev/char-socket.c index 8a0406cc1e..2c4dffc0e6 100644 --- a/chardev/char-socket.c +++ b/chardev/char-socket.c @@ -601,6 +601,22 @@ static void update_ioc_handlers(SocketChardev *s) =20 remove_hup_source(s); s->hup_source =3D qio_channel_create_watch(s->ioc, G_IO_HUP); + /* + * poll() is liable to return POLLHUP even when there is + * still incoming data available to read on the FD. If + * we have the hup_source at the same priority as the + * main io_add_watch_poll GSource, then we might end up + * processing the POLLHUP event first, closing the FD, + * and as a result silently discard data we should have + * read. + * + * By setting the hup_source to G_PRIORITY_DEFAULT + 1, + * we ensure that io_add_watch_poll GSource will always + * be dispatched first, thus guaranteeing we will be + * able to process all incoming data before closing the + * FD + */ + g_source_set_priority(s->hup_source, G_PRIORITY_DEFAULT + 1); g_source_set_callback(s->hup_source, (GSourceFunc)tcp_chr_hup, chr, NULL); g_source_attach(s->hup_source, chr->gcontext); --=20 2.43.0 From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879735; cv=none; d=zohomail.com; s=zohoarc; b=BRTaID4ZH8UPbpCXyue4ZCBHhzarn+MVxDZ5Ai3WtXFOPH82Lq2laMK7ntgCWkl2Hwjp+8W4VZfbvWSHw9tVHqLOR0bKeEx+RyYPLd4lx9QWlUpXhOY3s1Qti+/oHUyie0f5ckZUbRMVdmnY5J8DOR2TpBEughl9zlFwlL/dpjQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879735; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=EfjufpNx+Y+8+5GtcHEkQkTzbcmUP74wXFDJyQBNVkk=; b=TvNqQuVk7BP3lIJKghfnywkyc5T2GS9Y48gQNMcJ82JZW4trvvlm6isxCIGYmKIc5VDqnrRq4+1kF8XhmNr9eq7l4Qw4YxFNVMFRqMySVR5VwTaIv6ghn9QTOc0uH5ZYyON5l5z3edGfUIoCdK2E8fZL1rZhAy5EO8W+thjI9xo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1710879735133992.8961498532587; Tue, 19 Mar 2024 13:22:15 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxq-00014T-IM; Tue, 19 Mar 2024 16:21:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxo-00013y-Uy for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:36 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxn-0007X3-Fx for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:36 -0400 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-1-A4cRPEddPCedCuvRqOQNQQ-1; Tue, 19 Mar 2024 16:21:33 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B6A801C05EB6 for ; Tue, 19 Mar 2024 20:21:32 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5F9DA10F53; Tue, 19 Mar 2024 20:21:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879694; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EfjufpNx+Y+8+5GtcHEkQkTzbcmUP74wXFDJyQBNVkk=; b=jWeNvSW0QBrd9vDgezbPPFIYmxyTlF431Ht9qUzAcsyXhCZAX0Leqi+kp516iurIDFKer8 g41si3ZV99TAKRnckRkzVA2upSIzkYf6TR8FscCoy0PJLffluyFUe1xivZGuogucWghhJ6 2//WluwaK7HTrRJ/2SWmB0VLr0FR8Mc= X-MC-Unique: A4cRPEddPCedCuvRqOQNQQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini , Thomas Huth Subject: [PULL 3/8] Revert "chardev/char-socket: Fix TLS io channels sending too much data to the backend" Date: Tue, 19 Mar 2024 20:21:16 +0000 Message-ID: <20240319202121.233130-4-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879736008100002 This commit results in unexpected termination of the TLS connection. When 'fd_can_read' returns 0, the code goes on to pass a zero length buffer to qio_channel_read. The TLS impl calls into gnutls_recv() with this zero length buffer, at which point GNUTLS returns an error GNUTLS_E_INVALID_REQUEST. This is treated as fatal by QEMU's TLS code resulting in the connection being torn down by the chardev. Simply skipping the qio_channel_read when the buffer length is zero is also not satisfactory, as it results in a high CPU burn busy loop massively slowing QEMU's functionality. The proper solution is to avoid tcp_chr_read being called at all unless the frontend is able to accept more data. This will be done in a followup commit. This reverts commit 462945cd22d2bcd233401ed3aa167d83a8e35b05 Reviewed-by: Thomas Huth Signed-off-by: Daniel P. Berrang=C3=A9 --- chardev/char-socket.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/chardev/char-socket.c b/chardev/char-socket.c index 2c4dffc0e6..812d7aa38a 100644 --- a/chardev/char-socket.c +++ b/chardev/char-socket.c @@ -496,9 +496,9 @@ static gboolean tcp_chr_read(QIOChannel *chan, GIOCondi= tion cond, void *opaque) s->max_size <=3D 0) { return TRUE; } - len =3D tcp_chr_read_poll(opaque); - if (len > sizeof(buf)) { - len =3D sizeof(buf); + len =3D sizeof(buf); + if (len > s->max_size) { + len =3D s->max_size; } size =3D tcp_chr_recv(chr, (void *)buf, len); if (size =3D=3D 0 || (size =3D=3D -1 && errno !=3D EAGAIN)) { --=20 2.43.0 From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879788; cv=none; d=zohomail.com; s=zohoarc; b=liA1j+T65M4QC9oUxk3zgl+a7DD0Om27gnfLH+T67JKrWmkrXov53VF/SkixPdsbt8eE1CVm6EOfYG0nKOUaxLraW5TmNNVMAfozY1xgSEu/sPCDaiaNU7BvGcjhdSosrUKwKC+//IFgt7HrOUlz6GDWlVuhJuOY4hQbq5s9kEY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879788; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=gwhuhopU6Owv4BRvoghyf3BdPZYUiV632VPHRz7qJqI=; b=BT0kS9aiB7t86BjNORsP85/YLp1VmeyvfhVBAc5osujb/tMbtlobpMiV2lB3RZtXpyNlyDT5vBXMQ3C8RDpAtqnxP/8tgmJ0pppdrDU2cC6SsBfwNma7rJv6d7cFtKGLTJ1aK++PXWln/9LMIH4V4XaeNRIAmN8MLQ2cOsUM4/g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1710879788401586.6632296990134; Tue, 19 Mar 2024 13:23:08 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxr-00014Z-G2; Tue, 19 Mar 2024 16:21:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxq-00014C-5y for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:38 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxo-0007X9-EB for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:37 -0400 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-195-33fwykhrMQKwcVrwXGiguQ-1; Tue, 19 Mar 2024 16:21:34 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DDCB91C05EB8 for ; Tue, 19 Mar 2024 20:21:33 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id E4AFA10E47; Tue, 19 Mar 2024 20:21:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879695; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=gwhuhopU6Owv4BRvoghyf3BdPZYUiV632VPHRz7qJqI=; b=F2vL3Gv2d6aagG4ZC9PCbDTmMEl04qZnEtve/iRR+Y2id4GRsgLvhnHBJg4XnSRs+pZxww /oid+WUAmjsZD7Ykc9ZcpZ7euEiwBMbFS8oFHROxWa2WZ8v3u4IWNe0vsJe2a8Tx+rN4Us hGWTO6cWm/sN0nkjiv+jnwn97Hb6iE8= X-MC-Unique: 33fwykhrMQKwcVrwXGiguQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini , Thomas Huth Subject: [PULL 4/8] Revert "chardev: use a child source for qio input source" Date: Tue, 19 Mar 2024 20:21:17 +0000 Message-ID: <20240319202121.233130-5-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879790063100003 This reverts commit a7077b8e354d90fec26c2921aa2dea85b90dff90, and add comments to explain why child sources cannot be used. When a GSource is added as a child of another GSource, if its 'prepare' function indicates readiness, then the parent's 'prepare' function will never be run. The io_watch_poll_prepare absolutely *must* be run on every iteration of the main loop, to ensure that the chardev backend doesn't feed data to the frontend that it is unable to consume. At the time a7077b8e354d90fec26c2921aa2dea85b90dff90 was made, all the child GSource impls were relying on poll'ing an FD, so their 'prepare' functions would never indicate readiness ahead of poll() being invoked. So the buggy behaviour was not noticed and lay dormant. Relatively recently the QIOChannelTLS impl introduced a level 2 child GSource, which checks with GNUTLS whether it has cached any data that was decoded but not yet consumed: commit ffda5db65aef42266a5053a4be34515106c4c7ee Author: Antoine Damhet Date: Tue Nov 15 15:23:29 2022 +0100 io/channel-tls: fix handling of bigger read buffers Since the TLS backend can read more data from the underlying QIOChannel we introduce a minimal child GSource to notify if we still have more data available to be read. Signed-off-by: Antoine Damhet Signed-off-by: Charles Frey Signed-off-by: Daniel P. Berrang=C3=A9 With this, it is now quite common for the 'prepare' function on a QIOChannelTLS GSource to indicate immediate readiness, bypassing the parent GSource 'prepare' function. IOW, the critical 'io_watch_poll_prepare' is being skipped on some iterations of the main loop. As a result chardev frontend asserts are now being triggered as they are fed data they are not ready to consume. A reproducer is as follows: * In terminal 1 run a GNUTLS *echo* server $ gnutls-serv --echo \ --x509cafile ca-cert.pem \ --x509keyfile server-key.pem \ --x509certfile server-cert.pem \ -p 9000 * In terminal 2 run a QEMU guest $ qemu-system-s390x \ -nodefaults \ -display none \ -object tls-creds-x509,id=3Dtls0,dir=3D$PWD,endpoint=3Dclient \ -chardev socket,id=3Dcon0,host=3Dlocalhost,port=3D9000,tls-creds=3Dt= ls0 \ -device sclpconsole,chardev=3Dcon0 \ -hda Fedora-Cloud-Base-39-1.5.s390x.qcow2 After the previous patch revert, but before this patch revert, this scenario will crash: qemu-system-s390x: ../hw/char/sclpconsole.c:73: chr_read: Assertion `size <=3D SIZE_BUFFER_VT220 - scon->iov_data_len' failed. This assert indicates that 'tcp_chr_read' was called without 'tcp_chr_read_poll' having first been checked for ability to receive more data QEMU's use of a 'prepare' function to create/delete another GSource is rather a hack and not normally the kind of thing that is expected to be done by a GSource. There is no mechanism to force GLib to always run the 'prepare' function of a parent GSource. The best option is to simply not use the child source concept, and go back to the functional approach previously relied on. Reviewed-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Thomas Huth Tested-by: Thomas Huth Signed-off-by: Daniel P. Berrang=C3=A9 --- chardev/char-io.c | 56 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 51 insertions(+), 5 deletions(-) diff --git a/chardev/char-io.c b/chardev/char-io.c index 4451128cba..dab77b112e 100644 --- a/chardev/char-io.c +++ b/chardev/char-io.c @@ -33,6 +33,7 @@ typedef struct IOWatchPoll { IOCanReadHandler *fd_can_read; GSourceFunc fd_read; void *opaque; + GMainContext *context; } IOWatchPoll; =20 static IOWatchPoll *io_watch_poll_from_source(GSource *source) @@ -50,28 +51,59 @@ static gboolean io_watch_poll_prepare(GSource *source, return FALSE; } =20 + /* + * We do not register the QIOChannel watch as a child GSource. + * The 'prepare' function on the parent GSource will be + * skipped if a child GSource's 'prepare' function indicates + * readiness. We need this prepare function be guaranteed + * to run on *every* iteration of the main loop, because + * it is critical to ensure we remove the QIOChannel watch + * if 'fd_can_read' indicates the frontend cannot receive + * more data. + */ if (now_active) { iwp->src =3D qio_channel_create_watch( iwp->ioc, G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL); g_source_set_callback(iwp->src, iwp->fd_read, iwp->opaque, NULL); - g_source_add_child_source(source, iwp->src); - g_source_unref(iwp->src); + g_source_attach(iwp->src, iwp->context); } else { - g_source_remove_child_source(source, iwp->src); + g_source_destroy(iwp->src); + g_source_unref(iwp->src); iwp->src =3D NULL; } return FALSE; } =20 +static gboolean io_watch_poll_check(GSource *source) +{ + return FALSE; +} + static gboolean io_watch_poll_dispatch(GSource *source, GSourceFunc callba= ck, gpointer user_data) { - return G_SOURCE_CONTINUE; + abort(); +} + +static void io_watch_poll_finalize(GSource *source) +{ + /* + * Due to a glib bug, removing the last reference to a source + * inside a finalize callback causes recursive locking (and a + * deadlock). This is not a problem inside other callbacks, + * including dispatch callbacks, so we call io_remove_watch_poll + * to remove this source. At this point, iwp->src must + * be NULL, or we would leak it. + */ + IOWatchPoll *iwp =3D io_watch_poll_from_source(source); + assert(iwp->src =3D=3D NULL); } =20 static GSourceFuncs io_watch_poll_funcs =3D { .prepare =3D io_watch_poll_prepare, + .check =3D io_watch_poll_check, .dispatch =3D io_watch_poll_dispatch, + .finalize =3D io_watch_poll_finalize, }; =20 GSource *io_add_watch_poll(Chardev *chr, @@ -91,6 +123,7 @@ GSource *io_add_watch_poll(Chardev *chr, iwp->ioc =3D ioc; iwp->fd_read =3D (GSourceFunc) fd_read; iwp->src =3D NULL; + iwp->context =3D context; =20 name =3D g_strdup_printf("chardev-iowatch-%s", chr->label); g_source_set_name((GSource *)iwp, name); @@ -101,10 +134,23 @@ GSource *io_add_watch_poll(Chardev *chr, return (GSource *)iwp; } =20 +static void io_remove_watch_poll(GSource *source) +{ + IOWatchPoll *iwp; + + iwp =3D io_watch_poll_from_source(source); + if (iwp->src) { + g_source_destroy(iwp->src); + g_source_unref(iwp->src); + iwp->src =3D NULL; + } + g_source_destroy(&iwp->parent); +} + void remove_fd_in_watch(Chardev *chr) { if (chr->gsource) { - g_source_destroy(chr->gsource); + io_remove_watch_poll(chr->gsource); chr->gsource =3D NULL; } } --=20 2.43.0 From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879810; cv=none; d=zohomail.com; s=zohoarc; b=dxFTlJIlxSFyPBIVDZ80ILYXM+CIeofuCHZM0qHwg40Ey8d/hL/bAhdGJEv+vU054/ygGjPaePElQ+PDukGvQxVEdz+lur2hZOrxYvu5vRGXacA/MxFhDDUcMxWxdvzxaL3uBMNcUTSCZUJb5G7bMQZw2nfYYAI+ZbIlzJ9a50Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879810; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=XE65SHTCSjX/6PUssNQyJdtzyuYvVPxmICNjPygwG3g=; b=WgVzavriwFZ/EVnIZQRbRV71yaYG7906gUKHR8rO4udpK+LTARaZdrYnfn1mAjY8xRpBaPC6lFehwjv/p3sEkv1kjq7HvSA68KmT7AoFEZXeQns81JLde5eN5rNNEc4JWnALv7E4qEUbm0nXlabq+688k7K15DGi2e98TZ0Fbv4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 171087981000622.571576114226787; Tue, 19 Mar 2024 13:23:30 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxu-0001Cv-EY; Tue, 19 Mar 2024 16:21:42 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxs-00019Z-MU for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:40 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxr-0007XO-3j for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:40 -0400 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-145-jBZmHOowPcyzOrAQqtMFbQ-1; Tue, 19 Mar 2024 16:21:35 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 647BA28043DF; Tue, 19 Mar 2024 20:21:35 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id 182EA10F53; Tue, 19 Mar 2024 20:21:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879697; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XE65SHTCSjX/6PUssNQyJdtzyuYvVPxmICNjPygwG3g=; b=Drpf03Hlg8nXQoVNg8FJWjfpRBDRxYFV8RS3YwmygNCcI+DjLO2XehY2SlNNO+Dlvq+EZo fBQwRPSHMYoAy0LALVjQy9X+OSz7phF2PVHyHw1X0ve9KMlJuCYAsa2tRjNwSHPIbaPr4C xR7FV1rJjUrQj6KeKvwSXCSBLxy5IYg= X-MC-Unique: jBZmHOowPcyzOrAQqtMFbQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Thomas Huth Subject: [PULL 5/8] crypto: factor out conversion of QAPI to gcrypt constants Date: Tue, 19 Mar 2024 20:21:18 +0000 Message-ID: <20240319202121.233130-6-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879812130100007 The conversion of cipher mode will shortly be required in more than one place. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Thomas Huth Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-gcrypt.c.inc | 116 +++++++++++++++++++------------------ 1 file changed, 60 insertions(+), 56 deletions(-) diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 1377cbaf14..6b82280f90 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -20,6 +20,56 @@ =20 #include =20 +static int qcrypto_cipher_alg_to_gcry_alg(QCryptoCipherAlgorithm alg) +{ + switch (alg) { + case QCRYPTO_CIPHER_ALG_DES: + return GCRY_CIPHER_DES; + case QCRYPTO_CIPHER_ALG_3DES: + return GCRY_CIPHER_3DES; + case QCRYPTO_CIPHER_ALG_AES_128: + return GCRY_CIPHER_AES128; + case QCRYPTO_CIPHER_ALG_AES_192: + return GCRY_CIPHER_AES192; + case QCRYPTO_CIPHER_ALG_AES_256: + return GCRY_CIPHER_AES256; + case QCRYPTO_CIPHER_ALG_CAST5_128: + return GCRY_CIPHER_CAST5; + case QCRYPTO_CIPHER_ALG_SERPENT_128: + return GCRY_CIPHER_SERPENT128; + case QCRYPTO_CIPHER_ALG_SERPENT_192: + return GCRY_CIPHER_SERPENT192; + case QCRYPTO_CIPHER_ALG_SERPENT_256: + return GCRY_CIPHER_SERPENT256; + case QCRYPTO_CIPHER_ALG_TWOFISH_128: + return GCRY_CIPHER_TWOFISH128; + case QCRYPTO_CIPHER_ALG_TWOFISH_256: + return GCRY_CIPHER_TWOFISH; +#ifdef CONFIG_CRYPTO_SM4 + case QCRYPTO_CIPHER_ALG_SM4: + return GCRY_CIPHER_SM4; +#endif + default: + return GCRY_CIPHER_NONE; + } +} + +static int qcrypto_cipher_mode_to_gcry_mode(QCryptoCipherMode mode) +{ + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + return GCRY_CIPHER_MODE_ECB; + case QCRYPTO_CIPHER_MODE_XTS: + return GCRY_CIPHER_MODE_XTS; + case QCRYPTO_CIPHER_MODE_CBC: + return GCRY_CIPHER_MODE_CBC; + case QCRYPTO_CIPHER_MODE_CTR: + return GCRY_CIPHER_MODE_CTR; + default: + return GCRY_CIPHER_MODE_NONE; + } +} + bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) { @@ -188,72 +238,26 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoC= ipherAlgorithm alg, return NULL; } =20 - switch (alg) { - case QCRYPTO_CIPHER_ALG_DES: - gcryalg =3D GCRY_CIPHER_DES; - break; - case QCRYPTO_CIPHER_ALG_3DES: - gcryalg =3D GCRY_CIPHER_3DES; - break; - case QCRYPTO_CIPHER_ALG_AES_128: - gcryalg =3D GCRY_CIPHER_AES128; - break; - case QCRYPTO_CIPHER_ALG_AES_192: - gcryalg =3D GCRY_CIPHER_AES192; - break; - case QCRYPTO_CIPHER_ALG_AES_256: - gcryalg =3D GCRY_CIPHER_AES256; - break; - case QCRYPTO_CIPHER_ALG_CAST5_128: - gcryalg =3D GCRY_CIPHER_CAST5; - break; - case QCRYPTO_CIPHER_ALG_SERPENT_128: - gcryalg =3D GCRY_CIPHER_SERPENT128; - break; - case QCRYPTO_CIPHER_ALG_SERPENT_192: - gcryalg =3D GCRY_CIPHER_SERPENT192; - break; - case QCRYPTO_CIPHER_ALG_SERPENT_256: - gcryalg =3D GCRY_CIPHER_SERPENT256; - break; - case QCRYPTO_CIPHER_ALG_TWOFISH_128: - gcryalg =3D GCRY_CIPHER_TWOFISH128; - break; - case QCRYPTO_CIPHER_ALG_TWOFISH_256: - gcryalg =3D GCRY_CIPHER_TWOFISH; - break; -#ifdef CONFIG_CRYPTO_SM4 - case QCRYPTO_CIPHER_ALG_SM4: - gcryalg =3D GCRY_CIPHER_SM4; - break; -#endif - default: + gcryalg =3D qcrypto_cipher_alg_to_gcry_alg(alg); + if (gcryalg =3D=3D GCRY_CIPHER_NONE) { error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } =20 - drv =3D &qcrypto_gcrypt_driver; - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - gcrymode =3D GCRY_CIPHER_MODE_ECB; - break; - case QCRYPTO_CIPHER_MODE_XTS: - gcrymode =3D GCRY_CIPHER_MODE_XTS; - break; - case QCRYPTO_CIPHER_MODE_CBC: - gcrymode =3D GCRY_CIPHER_MODE_CBC; - break; - case QCRYPTO_CIPHER_MODE_CTR: - drv =3D &qcrypto_gcrypt_ctr_driver; - gcrymode =3D GCRY_CIPHER_MODE_CTR; - break; - default: + gcrymode =3D qcrypto_cipher_mode_to_gcry_mode(mode); + if (gcrymode =3D=3D GCRY_CIPHER_MODE_NONE) { error_setg(errp, "Unsupported cipher mode %s", QCryptoCipherMode_str(mode)); return NULL; } =20 + if (mode =3D=3D QCRYPTO_CIPHER_MODE_CTR) { + drv =3D &qcrypto_gcrypt_ctr_driver; + } else { + drv =3D &qcrypto_gcrypt_driver; + } + ctx =3D g_new0(QCryptoCipherGcrypt, 1); ctx->base.driver =3D drv; =20 --=20 2.43.0 From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879741; cv=none; d=zohomail.com; s=zohoarc; b=TbmXzvY0bB2+2dLHLHBYdhwDjhmhJbbUwMgAwpCJD5QU4aPTbJgt6HMqxbHaKVNLVa7YgI/eb6KPpQMKBxN0EvpAa+6ecqcZaBGaoJBLTRdgGXFE8rwY9RKsvyhQqNYBRYdPXOEw6MbICmKg9Oh8yepWcoxpxZAOSW32cr/OfeQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879741; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=GmyzAPxjTgeKDjVJ0AWjCjntKl9QWcHfcWNyKOLGQb8=; b=MgkOAHJUGLXfcHSEp61LS9vb3BylxaHTFeflu7oC5uITZl6tG8/vDENrbyALWXxHTE/B+VAb6pKHSVNne/pTjq3x4nuOR6ntaWA061FI8VhkJPXysUt3gdHaEofew+lb4Yvj0rjJyhhIOvOvLp8wHYEtakehAMWXsNWWf5S3RA0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1710879741029533.4953220369714; Tue, 19 Mar 2024 13:22:21 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxu-0001CY-8F; Tue, 19 Mar 2024 16:21:42 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxt-0001AF-0N for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:41 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxr-0007Xa-JJ for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:40 -0400 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-62-pHaeTyxDOwm7T4-xieEC-Q-1; Tue, 19 Mar 2024 16:21:37 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 21A833C0252B; Tue, 19 Mar 2024 20:21:37 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id 928C017A91; Tue, 19 Mar 2024 20:21:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879699; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GmyzAPxjTgeKDjVJ0AWjCjntKl9QWcHfcWNyKOLGQb8=; b=gTKm+JNsHVdc2SADBmvngtiMmMuMR707XaXueYJL8blabq/D9tWyyBAF765trq4YKazI3V reaDiWOqRNwB3P9Ooue3xUOpTlIxe6IJ0i1qlFgwZ67JREfNLLM+bJicifEF0wtN/sTy4B dSgfflM1uHMD4GlGif1Udf/ftF5oFrU= X-MC-Unique: pHaeTyxDOwm7T4-xieEC-Q-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Thomas Huth Subject: [PULL 6/8] crypto: query gcrypt for cipher availability Date: Tue, 19 Mar 2024 20:21:19 +0000 Message-ID: <20240319202121.233130-7-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879741902100001 Just because a cipher is defined in the gcrypt header file, does not imply that it can be used. Distros can filter the list of ciphers when building gcrypt. For example, RHEL-9 disables the SM4 cipher. It is also possible that running in FIPS mode might dynamically change what ciphers are available at runtime. qcrypto_cipher_supports must therefore query gcrypt directly to check for cipher availability. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Thomas Huth Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-gcrypt.c.inc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 6b82280f90..4a8314746d 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -93,6 +93,11 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, return false; } =20 + if (gcry_cipher_algo_info(qcrypto_cipher_alg_to_gcry_alg(alg), + GCRYCTL_TEST_ALGO, NULL, NULL) !=3D 0) { + return false; + } + switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: --=20 2.43.0 From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879770; cv=none; d=zohomail.com; s=zohoarc; b=TY+KuU0o2f2lXtcvDW9JvqU5GmSQP0by3eUyfq+wqkagPNiwdu6yZXj43Em8qTZCdOW/rLhOduEhmE+UGW28NZnr6FYIJR4Wc340SWWDKeMzjOb3uFOVSxpfZlxOQcrjGwYK1HkI1Q4u6oddqWuIm7BRJ5dxccP5IoFUiL81ZAY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879770; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=rAe8uvlkz7XpDmQJy4XUSJsfk1Xu+IZacqAncnrJWk4=; b=PdakF9VGUGamYHwweqcHt4vT937u6oHBHwDHehNv6Qz36s1IivkOKdQTGALdMrAg5VUl1xVGo6/iOHgnmTPdQ52mIw1vbKln0w4VJogCLjotFs7AIoc9ZeURnaBpdP9O9etejC/1h/5d+M2uM1CSmYZTmXtH36nV9Hr8FOmSLAg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1710879770779534.5680501893636; Tue, 19 Mar 2024 13:22:50 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxx-0001EG-Ct; Tue, 19 Mar 2024 16:21:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxu-0001DN-Kg for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:42 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxt-0007Xo-7j for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:42 -0400 Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-275-6TE2O_e2PxSPmQXaT-fGUQ-1; Tue, 19 Mar 2024 16:21:38 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 74AAF85A58C; Tue, 19 Mar 2024 20:21:38 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6581810E47; Tue, 19 Mar 2024 20:21:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879700; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rAe8uvlkz7XpDmQJy4XUSJsfk1Xu+IZacqAncnrJWk4=; b=PnFUvAzHhYyy/+r2CT70sjq5wBIjgWzZ1Z/W4KWBQ6CENgohQzkgO9EiZqYgni0bE+DdG6 j1AzzGEO97eCe2C5NNwO5ULAbQTjoK7KgdOE6Pk3FWEGpGoajd9WyLFbV8FGuu/0bWguqc Ml/xTij0livjPfCuWbZ1qxBgkjrKUy4= X-MC-Unique: 6TE2O_e2PxSPmQXaT-fGUQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Thomas Huth Subject: [PULL 7/8] crypto: use error_abort for unexpected failures Date: Tue, 19 Mar 2024 20:21:20 +0000 Message-ID: <20240319202121.233130-8-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879772158100003 This improves the error diagnosis from the unit test when a cipher is unexpected not available from ERROR:../tests/unit/test-crypto-cipher.c:683:test_cipher: assertion failed:= (err =3D=3D NULL) Bail out! ERROR:../tests/unit/test-crypto-cipher.c:683:test_cipher: asserti= on failed: (err =3D=3D NULL) Aborted (core dumped) to Unexpected error in qcrypto_cipher_ctx_new() at ../crypto/cipher-gcrypt.c.i= nc:262: ./build//tests/unit/test-crypto-cipher: Cannot initialize cipher: Invalid c= ipher algorithm Aborted (core dumped) Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Thomas Huth Signed-off-by: Daniel P. Berrang=C3=A9 --- tests/unit/test-crypto-cipher.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/unit/test-crypto-cipher.c b/tests/unit/test-crypto-ciphe= r.c index 11ab1a54fc..d0ea7b4d8e 100644 --- a/tests/unit/test-crypto-cipher.c +++ b/tests/unit/test-crypto-cipher.c @@ -676,9 +676,8 @@ static void test_cipher(const void *opaque) cipher =3D qcrypto_cipher_new( data->alg, data->mode, key, nkey, - &err); + data->plaintext ? &error_abort : &err); if (data->plaintext) { - g_assert(err =3D=3D NULL); g_assert(cipher !=3D NULL); } else { error_free_or_abort(&err); --=20 2.43.0 From nobody Sat May 11 14:13:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1710879742; cv=none; d=zohomail.com; s=zohoarc; b=MVfySM1vrbCM8X4KwZDIzqsOW3ExADvXyntDUDxRYn1oGf/K3lvKSDz1QlDqJRDvtpolwlYe9t/yPp4iI4lYcIefMkejd6L8SkKA0Qx18TWHi5BYRgQuj/mid1FdB56rPITeiXy/7sBl7GwgLUyBX2/1QuKI/bM6PYHzYmvP5xA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1710879742; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=pGBnPqKCjFa5l3db9bgQvwKq16jpqFeC4+FKApoxYp0=; b=SI9mdMfxgI+xK2SWcgFT+qAupyKc8LhSuwJJSEk4GOas/bau70WTlW+GKDDqt0/3F5OSxKe+UqWn/PlrzHsTwSR7VtLSoi2YlgdXvvZCmwf+qKZ8a3PGM/X4cuHUQwRz4mNG1dhHejReJzsYyFXU0H9HcocdLgl/m/2hKlvg+6A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1710879742154953.214153410486; Tue, 19 Mar 2024 13:22:22 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmfxy-0001Ec-0R; Tue, 19 Mar 2024 16:21:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxx-0001EO-CF for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:45 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmfxv-0007YB-TG for qemu-devel@nongnu.org; Tue, 19 Mar 2024 16:21:45 -0400 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-418-EU1XFChRN4Gz-uWV2n-xTQ-1; Tue, 19 Mar 2024 16:21:40 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C192F3C02524; Tue, 19 Mar 2024 20:21:39 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.88]) by smtp.corp.redhat.com (Postfix) with ESMTP id A415217A93; Tue, 19 Mar 2024 20:21:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710879703; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=pGBnPqKCjFa5l3db9bgQvwKq16jpqFeC4+FKApoxYp0=; b=Mxlg5xH0uZcQqeHPxcGEj9oU+GnnzR94cVUEjhWyandeSnABnSiqCh6DsZCm1BcpXHI8Mf FVE4LVrJI7fn5goLVEFD3qmGjygZVet397vraWr4zAz8TNygZaeJTvLUtmcjr8GNTGK8ke /EE6UiEILOB0BJbhY5d6vFt8OyPxT/c= X-MC-Unique: EU1XFChRN4Gz-uWV2n-xTQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Thomas Huth Subject: [PULL 8/8] crypto: report which ciphers are being skipped during tests Date: Tue, 19 Mar 2024 20:21:21 +0000 Message-ID: <20240319202121.233130-9-berrange@redhat.com> In-Reply-To: <20240319202121.233130-1-berrange@redhat.com> References: <20240319202121.233130-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1710879744082100007 Since the ciphers can be dynamically disabled at runtime, when running unit tests it is helpful to report which ciphers we can skipped for testing. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Thomas Huth Signed-off-by: Daniel P. Berrang=C3=A9 --- tests/unit/test-crypto-cipher.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/unit/test-crypto-cipher.c b/tests/unit/test-crypto-ciphe= r.c index d0ea7b4d8e..f5152e569d 100644 --- a/tests/unit/test-crypto-cipher.c +++ b/tests/unit/test-crypto-cipher.c @@ -821,6 +821,10 @@ int main(int argc, char **argv) for (i =3D 0; i < G_N_ELEMENTS(test_data); i++) { if (qcrypto_cipher_supports(test_data[i].alg, test_data[i].mode)) { g_test_add_data_func(test_data[i].path, &test_data[i], test_ci= pher); + } else { + g_printerr("# skip unsupported %s:%s\n", + QCryptoCipherAlgorithm_str(test_data[i].alg), + QCryptoCipherMode_str(test_data[i].mode)); } } =20 --=20 2.43.0