From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Jungmin Park" <pjm0616@gmail.com>
Subject: [PULL 01/20] crypto/luks: Support creating LUKS image on Darwin
Date: Thu, 27 Oct 2022 18:30:44 +0100 [thread overview]
Message-ID: <20221027173103.299479-2-berrange@redhat.com> (raw)
In-Reply-To: <20221027173103.299479-1-berrange@redhat.com>
From: Jungmin Park <pjm0616@gmail.com>
When the user creates a LUKS-encrypted qcow2 image using the qemu-img
program, the passphrase is hashed using PBKDF2 with a dynamic
number of iterations. The number of iterations is determined by
measuring thread cpu time usage, such that it takes approximately
2 seconds to compute the hash.
Because Darwin doesn't implement getrusage(RUSAGE_THREAD), we get an
error message:
> qemu-img: test.qcow2: Unable to calculate thread CPU usage on this platform
for this command:
> qemu-img create --object secret,id=key,data=1234 -f qcow2 -o 'encrypt.format=luks,encrypt.key-secret=key' test.qcow2 100M
This patch implements qcrypto_pbkdf2_get_thread_cpu() for Darwin so that
the above command works.
Signed-off-by: Jungmin Park <pjm0616@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/pbkdf.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/crypto/pbkdf.c b/crypto/pbkdf.c
index 3775ddc6c5..8d198c152c 100644
--- a/crypto/pbkdf.c
+++ b/crypto/pbkdf.c
@@ -24,6 +24,11 @@
#ifndef _WIN32
#include <sys/resource.h>
#endif
+#ifdef CONFIG_DARWIN
+#include <mach/mach_init.h>
+#include <mach/thread_act.h>
+#include <mach/mach_port.h>
+#endif
static int qcrypto_pbkdf2_get_thread_cpu(unsigned long long *val_ms,
@@ -45,6 +50,24 @@ static int qcrypto_pbkdf2_get_thread_cpu(unsigned long long *val_ms,
/* QuadPart is units of 100ns and we want ms as unit */
*val_ms = thread_time.QuadPart / 10000ll;
return 0;
+#elif defined(CONFIG_DARWIN)
+ mach_port_t thread;
+ kern_return_t kr;
+ mach_msg_type_number_t count;
+ thread_basic_info_data_t info;
+
+ thread = mach_thread_self();
+ count = THREAD_BASIC_INFO_COUNT;
+ kr = thread_info(thread, THREAD_BASIC_INFO, (thread_info_t)&info, &count);
+ mach_port_deallocate(mach_task_self(), thread);
+ if (kr != KERN_SUCCESS || (info.flags & TH_FLAGS_IDLE) != 0) {
+ error_setg_errno(errp, errno, "Unable to get thread CPU usage");
+ return -1;
+ }
+
+ *val_ms = ((info.user_time.seconds * 1000ll) +
+ (info.user_time.microseconds / 1000));
+ return 0;
#elif defined(RUSAGE_THREAD)
struct rusage ru;
if (getrusage(RUSAGE_THREAD, &ru) < 0) {
--
2.37.3
next prev parent reply other threads:[~2022-10-27 17:36 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-27 17:30 [PULL 00/20] Crypto and I/O patches Daniel P. Berrangé
2022-10-27 17:30 ` Daniel P. Berrangé [this message]
2022-10-27 17:30 ` [PULL 02/20] util/qemu-sockets: Use g_get_tmp_dir() to get the directory for temporary files Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 03/20] io/channel-watch: Drop a superfluous '#ifdef WIN32' Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 04/20] io/channel-watch: Drop the unnecessary cast Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 05/20] io/channel-watch: Fix socket watch on Windows Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 06/20] seccomp: Get actual errno value from failed seccomp functions Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 07/20] scripts: check if .git exists before checking submodule status Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 08/20] crypto: check for and report errors setting PSK credentials Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 09/20] tests: avoid DOS line endings in PSK file Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 10/20] crypto: sanity check that LUKS header strings are NUL-terminated Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 11/20] crypto: enforce that LUKS stripes is always a fixed value Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 12/20] crypto: enforce that key material doesn't overlap with LUKS header Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 13/20] crypto: validate that LUKS payload doesn't overlap with header Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 14/20] crypto: strengthen the check for key slots overlapping with LUKS header Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 15/20] crypto: check that LUKS PBKDF2 iterations count is non-zero Daniel P. Berrangé
2022-10-27 17:30 ` [PULL 16/20] crypto: split LUKS header definitions off into file Daniel P. Berrangé
2022-10-27 17:31 ` [PULL 17/20] crypto: split off helpers for converting LUKS header endianess Daniel P. Berrangé
2022-10-27 17:31 ` [PULL 18/20] crypto: quote algorithm names in error messages Daniel P. Berrangé
2022-10-27 17:31 ` [PULL 19/20] crypto: ensure LUKS tests run with GNUTLS crypto provider Daniel P. Berrangé
2022-10-27 17:31 ` [PULL 20/20] crypto: add test cases for many malformed LUKS header scenarios Daniel P. Berrangé
2022-10-31 10:13 ` [PULL 00/20] Crypto and I/O patches Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221027173103.299479-2-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=pjm0616@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).