From: Stefan Hajnoczi <stefanha@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Hanna Reitz" <hreitz@redhat.com>,
qemu-block@nongnu.org, "Kevin Wolf" <kwolf@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Stefan Hajnoczi" <stefanha@redhat.com>
Subject: [PATCH 0/2] block/crypto: do not require number of threads upfront
Date: Mon, 27 May 2024 11:58:49 -0400 [thread overview]
Message-ID: <20240527155851.892885-1-stefanha@redhat.com> (raw)
The block layer does not know how many threads will perform I/O. It is possible
to exceed the number of threads that is given to qcrypto_block_open() and this
can trigger an assertion failure in qcrypto_block_pop_cipher().
This patch series removes the n_threads argument and instead handles an
arbitrary number of threads.
---
Is it secure to store the key in QCryptoBlock? In this series I assumed the
answer is yes since the QCryptoBlock's cipher state is equally sensitive, but
I'm not familiar with this code or a crypto expert.
Stefan Hajnoczi (2):
block/crypto: create ciphers on demand
crypto/block: drop qcrypto_block_open() n_threads argument
crypto/blockpriv.h | 13 ++--
include/crypto/block.h | 2 -
block/crypto.c | 1 -
block/qcow.c | 2 +-
block/qcow2.c | 5 +-
crypto/block-luks.c | 4 +-
crypto/block-qcow.c | 8 +--
crypto/block.c | 116 ++++++++++++++++++++-------------
tests/unit/test-crypto-block.c | 4 --
9 files changed, 85 insertions(+), 70 deletions(-)
--
2.45.1
next reply other threads:[~2024-05-27 15:59 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-27 15:58 Stefan Hajnoczi [this message]
2024-05-27 15:58 ` [PATCH 1/2] block/crypto: create ciphers on demand Stefan Hajnoczi
2024-05-27 15:58 ` [PATCH 2/2] crypto/block: drop qcrypto_block_open() n_threads argument Stefan Hajnoczi
2024-05-29 16:50 ` [PATCH 0/2] block/crypto: do not require number of threads upfront Kevin Wolf
2024-05-29 18:10 ` Stefan Hajnoczi
2024-06-03 12:37 ` Daniel P. Berrangé
2024-06-03 16:04 ` Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240527155851.892885-1-stefanha@redhat.com \
--to=stefanha@redhat.com \
--cc=berrange@redhat.com \
--cc=hreitz@redhat.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).