mirror
/
qemu
mirror of https://gitlab.com/qemu-project/qemu
Code Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
staging
staging-7.2
staging-10.0
stable-10.0
stable-9.2
staging-9.2
stable-7.2
staging-8.2
stable-8.2
stable-9.1
staging-9.1
stable-9.0
staging-9.0
stable-8.1
staging-8.1
stable-8.0
staging-8.0
block
stable-6.1
stable-6.0
stable-5.0
stable-4.2
stable-4.1
stable-4.0
stable-3.1
stable-3.0
stable-2.12
stable-2.11
stable-2.10
stable-2.9
stable-2.8
stable-2.7
stable-2.6
stable-2.5
stable-2.4
stable-2.3
stable-2.2
stable-2.1
stable-2.0
stable-1.7
stable-1.6
stable-1.5
stable-1.4
stable-1.3
stable-1.2
stable-1.1
stable-1.0
stable-0.15
stable-0.14
stable-0.13
stable-0.12
stable-0.11
stable-0.10
v10.0.2
v10.0.1
v9.2.4
v7.2.18
v10.0.0
v10.0.0-rc4
v10.0.0-rc3
v10.0.0-rc2
v7.2.17
v8.2.10
v9.2.3
v10.0.0-rc1
v10.0.0-rc0
v9.2.2
v8.2.9
v7.2.16
v9.2.1
v9.1.3
v9.2.0
v9.2.0-rc3
v9.2.0-rc2
v9.1.2
v9.0.4
v8.2.8
v7.2.15
v9.2.0-rc1
v9.2.0-rc0
v9.1.1
v9.0.3
v8.2.7
v7.2.14
v9.1.0
v9.1.0-rc4
v9.1.0-rc3
v9.1.0-rc2
v9.1.0-rc1
v9.1.0-rc0
v9.0.2
v8.2.6
v7.2.13
v9.0.1
v8.2.5
v7.2.12
v8.2.4
v8.2.3
v7.2.11
v9.0.0
v9.0.0-rc4
v9.0.0-rc3
v9.0.0-rc2
v9.0.0-rc1
v9.0.0-rc0
v8.2.2
v7.2.10
v8.2.1
v8.1.5
v7.2.9
v8.1.4
v7.2.8
v8.2.0
v8.2.0-rc4
v8.2.0-rc3
v8.2.0-rc2
v8.2.0-rc1
v7.2.7
v8.1.3
v8.2.0-rc0
v8.1.2
v8.1.1
v7.2.6
v8.0.5
v8.1.0
v8.1.0-rc4
v8.1.0-rc3
v7.2.5
v8.0.4
v8.1.0-rc2
v8.1.0-rc1
v8.1.0-rc0
v8.0.3
v7.2.4
v8.0.2
v8.0.1
v7.2.3
v7.2.2
v8.0.0
v8.0.0-rc4
v8.0.0-rc3
v7.2.1
v8.0.0-rc2
v8.0.0-rc1
v8.0.0-rc0
v7.2.0
v7.2.0-rc4
v7.2.0-rc3
v7.2.0-rc2
v7.2.0-rc1
v7.2.0-rc0
v7.1.0
v7.1.0-rc4
v7.1.0-rc3
v7.1.0-rc2
v7.1.0-rc1
v7.1.0-rc0
v7.0.0
v7.0.0-rc4
v7.0.0-rc3
v7.0.0-rc2
v7.0.0-rc1
v7.0.0-rc0
v6.1.1
v6.2.0
v6.2.0-rc4
v6.2.0-rc3
v6.2.0-rc2
v6.2.0-rc1
v6.2.0-rc0
v6.0.1
v6.1.0
v6.1.0-rc4
v6.1.0-rc3
v6.1.0-rc2
v6.1.0-rc1
v6.1.0-rc0
v6.0.0
v6.0.0-rc5
v6.0.0-rc4
v6.0.0-rc3
v6.0.0-rc2
v6.0.0-rc1
v6.0.0-rc0
v5.2.0
v5.2.0-rc4
v5.2.0-rc3
v5.2.0-rc2
v5.2.0-rc1
v5.2.0-rc0
v5.0.1
v5.1.0
v5.1.0-rc3
v5.1.0-rc2
v5.1.0-rc1
v5.1.0-rc0
v4.2.1
v5.0.0
v5.0.0-rc4
v5.0.0-rc3
v5.0.0-rc2
v5.0.0-rc1
v5.0.0-rc0
v4.2.0
v4.2.0-rc5
v4.2.0-rc4
v4.2.0-rc3
v4.2.0-rc2
v4.1.1
v4.2.0-rc1
v4.2.0-rc0
v4.0.1
v3.1.1.1
v4.1.0
v4.1.0-rc5
v4.1.0-rc4
v3.1.1
v4.1.0-rc3
v4.1.0-rc2
v4.1.0-rc1
v4.1.0-rc0
v4.0.0
v4.0.0-rc4
v3.0.1
v4.0.0-rc3
v4.0.0-rc2
v4.0.0-rc1
v4.0.0-rc0
v3.1.0
v3.1.0-rc5
v3.1.0-rc4
v3.1.0-rc3
v3.1.0-rc2
v3.1.0-rc1
v3.1.0-rc0
v3.0.0
v3.0.0-rc4
v2.12.1
v3.0.0-rc3
v3.0.0-rc2
v3.0.0-rc1
v3.0.0-rc0
v2.11.2
v2.12.0
v2.12.0-rc4
v2.12.0-rc3
v2.12.0-rc2
v2.12.0-rc1
v2.12.0-rc0
v2.11.1
v2.10.2
v2.11.0
v2.11.0-rc5
v2.11.0-rc4
v2.11.0-rc3
v2.11.0-rc2
v2.11.0-rc1
v2.11.0-rc0
v2.10.1
v2.9.1
v2.10.0
v2.10.0-rc4
v2.10.0-rc3
v2.10.0-rc2
v2.10.0-rc1
v2.10.0-rc0
v2.8.1.1
v2.9.0
v2.9.0-rc5
v2.9.0-rc4
v2.9.0-rc3
v2.8.1
v2.9.0-rc2
v2.9.0-rc1
v2.9.0-rc0
v2.7.1
v2.8.0
v2.8.0-rc4
v2.8.0-rc3
v2.8.0-rc2
v2.8.0-rc1
v2.8.0-rc0
v2.6.2
v2.7.0
v2.7.0-rc5
v2.7.0-rc4
v2.6.1
v2.7.0-rc3
v2.7.0-rc2
v2.7.0-rc1
v2.7.0-rc0
v2.6.0
v2.5.1.1
v2.6.0-rc5
v2.6.0-rc4
v2.6.0-rc3
v2.6.0-rc2
v2.6.0-rc1
v2.6.0-rc0
v2.5.1
v2.5.0
v2.5.0-rc4
v2.5.0-rc3
v2.5.0-rc2
v2.5.0-rc1
v2.5.0-rc0
v2.4.1
v2.4.0.1
v2.3.1
v2.4.0
v2.4.0-rc4
v2.4.0-rc3
v2.4.0-rc2
v2.4.0-rc1
v2.4.0-rc0
v2.3.0
v2.3.0-rc4
v2.3.0-rc3
v2.3.0-rc2
v2.3.0-rc1
v2.3.0-rc0
v2.2.1
v2.1.3
v2.2.0
v2.2.0-rc5
v2.2.0-rc4
v2.2.0-rc3
v2.2.0-rc2
v2.2.0-rc1
v2.2.0-rc0
v2.1.2
v2.1.1
v2.1.0
v2.1.0-rc5
v2.1.0-rc4
v2.1.0-rc3
v2.1.0-rc2
v2.1.0-rc1
v2.1.0-rc0
v2.0.0
v2.0.0-rc3
v2.0.0-rc2
v2.0.0-rc1
v2.0.0-rc0
v1.4.0
v1.4.0-rc2
v1.4.0-rc1
v1.4.0-rc0
v1.2.0
v1.2.0-rc3
v1.2.0-rc2
v1.2.0-rc1
v1.0
v1.0-rc4
v0.14.1
initial
release_0_10_0
release_0_10_1
release_0_10_2
release_0_5_1
release_0_6_0
release_0_6_1
release_0_7_0
release_0_7_1
release_0_8_1
release_0_8_2
release_0_9_0
release_0_9_1
v0.1.0
v0.1.1
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.10.6
v0.11.0
v0.11.0-rc0
v0.11.0-rc1
v0.11.0-rc2
v0.11.1
v0.12.0
v0.12.0-rc0
v0.12.0-rc1
v0.12.0-rc2
v0.12.1
v0.12.2
v0.12.3
v0.12.4
v0.12.5
v0.13.0
v0.13.0-rc0
v0.13.0-rc1
v0.13.0-rc2
v0.13.0-rc3
v0.14.0
v0.14.0-rc0
v0.14.0-rc1
v0.14.0-rc2
v0.15.0
v0.15.0-rc0
v0.15.0-rc1
v0.15.0-rc2
v0.15.1
v0.2.0
v0.3.0
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.8.1
v0.8.2
v0.9.0
v0.9.1
v1.0-rc0
v1.0-rc1
v1.0-rc2
v1.0-rc3
v1.0.1
v1.1-rc0
v1.1-rc1
v1.1-rc2
v1.1.0
v1.1.0-rc2
v1.1.0-rc3
v1.1.0-rc4
v1.1.1
v1.1.2
v1.2.0-rc0
v1.2.1
v1.2.2
v1.3.0
v1.3.0-rc0
v1.3.0-rc1
v1.3.0-rc2
v1.3.1
v1.4.1
v1.4.2
v1.5.0
v1.5.0-rc0
v1.5.0-rc1
v1.5.0-rc2
v1.5.0-rc3
v1.5.1
v1.5.2
v1.5.3
v1.6.0
v1.6.0-rc0
v1.6.0-rc1
v1.6.0-rc2
v1.6.0-rc3
v1.6.1
v1.6.2
v1.7.0
v1.7.0-rc0
v1.7.0-rc1
v1.7.0-rc2
v1.7.1
v1.7.2
v2.0.1
v2.0.2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
qemu/crypto
History
Daniel P. Berrangé 5a56f60d7c crypto: fully drop built-in cipher provider 
When originally creating the internal crypto cipher APIs, they were
wired up to use the built-in D3DES and AES implementations, as a way
to gracefully transition to the new APIs without introducing an
immediate hard dep on any external crypto libraries for the VNC
password auth (D3DES) or the qcow2 encryption (AES).

In the 6.1.0 release we dropped the built-in D3DES impl, and also
the XTS mode for the AES impl, leaving only AES with ECB/CBC modes.
The rational was that with the system emulators, it is expected that
3rd party crypto libraries will be available.

The qcow2 LUKS impl is preferred to the legacy raw AES impl, and by
default that requires AES in XTS mode, limiting the usefulness of
the built-in cipher provider.

The built-in AES impl has known timing attacks and is only suitable
for use cases where a security boundary is already not expected to
be provided (TCG).

Providing a built-in cipher impl thus potentially misleads users,
should they configure a QEMU without any crypto library, and try
to use it with the LUKS backend, even if that requires a non-default
configuration choice.

Complete what we started in 6.1.0 and purge the remaining AES
support.

Use of either gnutls, nettle, or libcrypt is now mandatory for any
cipher support, except for TCG impls.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
 		1 month ago
..
aes.c target/riscv: Use existing lookup tables for MixColumns 2 years ago
afalg.c qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 10 months ago
afalgpriv.h qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 10 months ago
afsplit.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 10 months ago
akcipher-gcrypt.c.inc include: Rename sysemu/ -> system/ 6 months ago
akcipher-nettle.c.inc include: Rename sysemu/ -> system/ 6 months ago
akcipher.c qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix 10 months ago
akcipherpriv.h qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix 10 months ago
block-luks-priv.h crypto: Clean up includes 2 years ago
block-luks.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 10 months ago
block-luks.h crypto: Fix LGPL information in the file headers 6 years ago
block-qcow.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 10 months ago
block-qcow.h crypto: Fix LGPL information in the file headers 6 years ago
block.c qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 10 months ago
blockpriv.h qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 10 months ago
cipher-afalg.c qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 10 months ago
cipher-gcrypt.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 10 months ago
cipher-gnutls.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 10 months ago
cipher-nettle.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 10 months ago
cipher-stub.c.inc crypto: fully drop built-in cipher provider 1 month ago
cipher.c crypto: fully drop built-in cipher provider 1 month ago
cipherpriv.h qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 10 months ago
clmul.c crypto: Add generic 64-bit carry-less multiply routine 2 years ago
der.c crypto: Remove unused DER string functions 8 months ago
der.h crypto: Remove unused DER string functions 8 months ago
hash-afalg.c overall: Remove unnecessary g_strdup_printf() calls 4 months ago
hash-gcrypt.c crypto: perform runtime check for hash/hmac support in gcrypt 8 months ago
hash-glib.c crypto/hash: avoid overwriting user supplied result pointer 8 months ago
hash-gnutls.c crypto/hash: avoid overwriting user supplied result pointer 8 months ago
hash-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 8 months ago
hash.c crypto: Introduce SM3 hash hmac pbkdf algorithm 8 months ago
hashpriv.h crypto/hashpriv: Remove old hash API function 9 months ago
hmac-gcrypt.c crypto: perform runtime check for hash/hmac support in gcrypt 8 months ago
hmac-glib.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 10 months ago
hmac-gnutls.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 10 months ago
hmac-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 8 months ago
hmac.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 10 months ago
hmacpriv.h qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 10 months ago
init.c crypto: drop gnutls debug logging support 11 months ago
ivgen-essiv.c crypto: Fix LGPL information in the file headers 6 years ago
ivgen-essiv.h crypto: Fix LGPL information in the file headers 6 years ago
ivgen-plain.c crypto: Fix LGPL information in the file headers 6 years ago
ivgen-plain.h Clean up ill-advised or unusual header guards 3 years ago
ivgen-plain64.c crypto: Fix LGPL information in the file headers 6 years ago
ivgen-plain64.h crypto: Fix LGPL information in the file headers 6 years ago
ivgen.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 10 months ago
ivgenpriv.h qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 10 months ago
meson.build crypto: Introduce x509 utils 10 months ago
pbkdf-gcrypt.c crypto: Introduce SM3 hash hmac pbkdf algorithm 8 months ago
pbkdf-gnutls.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 10 months ago
pbkdf-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 8 months ago
pbkdf-stub.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 10 months ago
pbkdf.c crypto: fix bogus error benchmarking pbkdf on fast machines 5 months ago
random-gcrypt.c crypto: Fix LGPL information in the file headers 6 years ago
random-gnutls.c crypto: Fix LGPL information in the file headers 6 years ago
random-none.c crypto: add "none" random provider 5 years ago
random-platform.c crypto: Fix LGPL information in the file headers 6 years ago
rsakey-builtin.c.inc qapi/crypto: Drop unwanted 'prefix' 10 months ago
rsakey-nettle.c.inc qapi/crypto: Drop unwanted 'prefix' 10 months ago
rsakey.c crypto: Support export akcipher to pkcs8 3 years ago
rsakey.h crypto: Support export akcipher to pkcs8 3 years ago
secret.c qom: Have class_init() take a const data argument 2 months ago
secret_common.c qom: Make InterfaceInfo[] uses const 2 months ago
secret_keyring.c qom: Have class_init() take a const data argument 2 months ago
sm4.c crypto: Add SM4 constant parameter CK 2 years ago
tls-cipher-suites.c qom: Make InterfaceInfo[] uses const 2 months ago
tlscreds.c qom: Have class_init() take a const data argument 2 months ago
tlscredsanon.c qom: Make InterfaceInfo[] uses const 2 months ago
tlscredspriv.h crypto: Make QCryptoTLSCreds* structures private 4 years ago
tlscredspsk.c qom: Make InterfaceInfo[] uses const 2 months ago
tlscredsx509.c qom: Make InterfaceInfo[] uses const 2 months ago
tlssession.c crypto: Remove qcrypto_tls_session_get_handshake_status 4 months ago
trace-events docs: fix references to docs/devel/tracing.rst 4 years ago
trace.h trace: switch position of headers to what Meson requires 5 years ago
x509-utils.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 10 months ago
xts.c crypto: Fix LGPL information in the file headers 6 years ago