fridtjof/qemu-cr16
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
qemu-cr16/crypto
History
Daniel P. Berrangé 24ad5e1995 crypto: implement workaround for GNUTLS thread safety problems 
When TLS 1.3 is negotiated on a TLS session, GNUTLS will perform
automatic rekeying of the session after 16 million records. This
is done for all algorithms except CHACHA20_POLY1305 which does
not require rekeying.

Unfortunately the rekeying breaks GNUTLS' promise that it is safe
to use a gnutls_session_t object concurrently from multiple threads
if they are exclusively calling gnutls_record_send/recv.

This patch implements a workaround for QEMU that adds a mutex lock
around any gnutls_record_send/recv call to serialize execution
within GNUTLS code. When GNUTLS calls into the push/pull functions
we can release the lock so the OS level I/O calls can at least
have some parallelism.

The big downside of this is that the actual encryption/decryption
code is fully serialized, which will halve performance of that
cipher operations if two threads are contending.

The workaround is not enabled by default, since most use of GNUTLS
in QEMU does not tickle the problem, only non-multifd migration
with a return path open is affected. Fortunately the migration
code also won't trigger the halving of performance, since only
the outbound channel diretion needs to sustain high data rates,
the inbound direction is low volume.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Link: https://lore.kernel.org/qemu-devel/20250718150514.2635338-2-berrange@redhat.com
[add stub for qcrypto_tls_session_require_thread_safety; fix unused var]
Signed-off-by: Fabiano Rosas <farosas@suse.de>
2025-07-22 19:39:29 -03:00
..
aes.c target/riscv: Use existing lookup tables for MixColumns 2023-09-11 11:45:54 +10:00
afalg.c qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 2024-09-10 14:03:30 +02:00
afalgpriv.h qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 2024-09-10 14:03:30 +02:00
afsplit.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 2024-09-10 14:02:16 +02:00
akcipher-gcrypt.c.inc include: Rename sysemu/ -> system/ 2024-12-20 17:44:56 +01:00
akcipher-nettle.c.inc include: Rename sysemu/ -> system/ 2024-12-20 17:44:56 +01:00
akcipher.c qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
akcipherpriv.h qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
block-luks-priv.h crypto: Clean up includes 2023-02-08 07:16:23 +01:00
block-luks.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
block-luks.h crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
block-qcow.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
block-qcow.h crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
block.c qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
blockpriv.h qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
cipher-afalg.c qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 2024-09-10 14:03:30 +02:00
cipher-gcrypt.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
cipher-gnutls.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
cipher-nettle.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
cipher-stub.c.inc crypto: fully drop built-in cipher provider 2025-05-22 11:24:25 +01:00
cipher.c crypto: fully drop built-in cipher provider 2025-05-22 11:24:25 +01:00
cipherpriv.h qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
clmul.c crypto: Add generic 64-bit carry-less multiply routine 2023-09-15 13:57:00 +00:00
der.c crypto: Remove unused DER string functions 2024-10-22 11:44:23 +01:00
der.h crypto: Remove unused DER string functions 2024-10-22 11:44:23 +01:00
hash-afalg.c overall: Remove unnecessary g_strdup_printf() calls 2025-02-14 08:49:06 +03:00
hash-gcrypt.c crypto: perform runtime check for hash/hmac support in gcrypt 2024-11-05 18:37:18 +00:00
hash-glib.c crypto/hash: avoid overwriting user supplied result pointer 2024-10-22 11:44:23 +01:00
hash-gnutls.c crypto/hash: avoid overwriting user supplied result pointer 2024-10-22 11:44:23 +01:00
hash-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 2024-11-05 18:37:18 +00:00
hash.c crypto: Introduce SM3 hash hmac pbkdf algorithm 2024-11-05 18:37:18 +00:00
hashpriv.h crypto/hashpriv: Remove old hash API function 2024-10-10 12:34:11 +01:00
hmac-gcrypt.c crypto: perform runtime check for hash/hmac support in gcrypt 2024-11-05 18:37:18 +00:00
hmac-glib.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 2024-09-10 14:02:16 +02:00
hmac-gnutls.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 2024-09-10 14:02:16 +02:00
hmac-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 2024-11-05 18:37:18 +00:00
hmac.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 2024-09-10 14:02:16 +02:00
hmacpriv.h qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 2024-09-10 14:03:30 +02:00
init.c crypto: drop gnutls debug logging support 2024-07-24 10:39:10 +01:00
ivgen-essiv.c crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
ivgen-essiv.h crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
ivgen-plain.c crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
ivgen-plain.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
ivgen-plain64.c crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
ivgen-plain64.h crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
ivgen.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
ivgenpriv.h qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 2024-09-10 14:03:30 +02:00
meson.build crypto: Introduce x509 utils 2024-09-09 15:13:38 +01:00
pbkdf-gcrypt.c crypto: Introduce SM3 hash hmac pbkdf algorithm 2024-11-05 18:37:18 +00:00
pbkdf-gnutls.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 2024-09-10 14:02:16 +02:00
pbkdf-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 2024-11-05 18:37:18 +00:00
pbkdf-stub.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 2024-09-10 14:02:16 +02:00
pbkdf.c crypto: fix bogus error benchmarking pbkdf on fast machines 2025-01-22 08:28:49 +01:00
random-gcrypt.c crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
random-gnutls.c crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
random-none.c crypto: add "none" random provider 2020-06-15 11:33:50 +01:00
random-platform.c crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00
rsakey-builtin.c.inc qapi/crypto: Drop unwanted 'prefix' 2024-09-10 13:22:47 +02:00
rsakey-nettle.c.inc qapi/crypto: Drop unwanted 'prefix' 2024-09-10 13:22:47 +02:00
rsakey.c crypto: Support export akcipher to pkcs8 2022-11-02 06:56:32 -04:00
rsakey.h crypto: Support export akcipher to pkcs8 2022-11-02 06:56:32 -04:00
secret.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
secret_common.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
secret_keyring.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
sm4.c crypto: Add SM4 constant parameter CK 2023-09-11 11:45:55 +10:00
tls-cipher-suites.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
tlscreds.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
tlscredsanon.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
tlscredspriv.h crypto: Make QCryptoTLSCreds* structures private 2021-06-29 18:30:24 +01:00
tlscredspsk.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
tlscredsx509.c crypto: load all certificates in X509 CA file 2025-07-21 11:30:07 +01:00
tlssession.c crypto: implement workaround for GNUTLS thread safety problems 2025-07-22 19:39:29 -03:00
trace-events docs: fix references to docs/devel/tracing.rst 2021-06-02 06:51:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
x509-utils.c crypto/x509-utils: Check for error from gnutls_x509_crt_init() 2025-07-16 11:27:30 +01:00
xts.c crypto: Fix LGPL information in the file headers 2019-07-19 14:21:25 +01:00