mirror
/
qemu
mirror of https://gitlab.com/qemu-project/qemu
Code Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
staging
stable-10.0
staging-10.0
stable-10.1
staging-10.1
stable-7.2
staging-7.2
tracing
stable-9.2
staging-9.2
staging-8.2
stable-8.2
stable-9.1
staging-9.1
stable-9.0
staging-9.0
stable-8.1
staging-8.1
stable-8.0
staging-8.0
block
stable-6.1
stable-6.0
stable-5.0
stable-4.2
stable-4.1
stable-4.0
stable-3.1
stable-3.0
stable-2.12
stable-2.11
stable-2.10
stable-2.9
stable-2.8
stable-2.7
stable-2.6
stable-2.5
stable-2.4
stable-2.3
stable-2.2
stable-2.1
stable-2.0
stable-1.7
stable-1.6
stable-1.5
stable-1.4
stable-1.3
stable-1.2
stable-1.1
stable-1.0
stable-0.15
stable-0.14
stable-0.13
stable-0.12
stable-0.11
stable-0.10
v10.0.6
v10.1.2
v7.2.21
v10.1.1
v10.0.5
v7.2.20
v10.0.4
v10.1.0
v10.1.0-rc4
v10.1.0-rc3
v10.1.0-rc2
v10.1.0-rc1
v10.1.0-rc0
v7.2.19
v10.0.3
v10.0.2
v10.0.1
v9.2.4
v7.2.18
v10.0.0
v10.0.0-rc4
v10.0.0-rc3
v10.0.0-rc2
v7.2.17
v8.2.10
v9.2.3
v10.0.0-rc1
v10.0.0-rc0
v9.2.2
v8.2.9
v7.2.16
v9.2.1
v9.1.3
v9.2.0
v9.2.0-rc3
v9.2.0-rc2
v9.1.2
v9.0.4
v8.2.8
v7.2.15
v9.2.0-rc1
v9.2.0-rc0
v9.1.1
v9.0.3
v8.2.7
v7.2.14
v9.1.0
v9.1.0-rc4
v9.1.0-rc3
v9.1.0-rc2
v9.1.0-rc1
v9.1.0-rc0
v9.0.2
v8.2.6
v7.2.13
v9.0.1
v8.2.5
v7.2.12
v8.2.4
v8.2.3
v7.2.11
v9.0.0
v9.0.0-rc4
v9.0.0-rc3
v9.0.0-rc2
v9.0.0-rc1
v9.0.0-rc0
v8.2.2
v7.2.10
v8.2.1
v8.1.5
v7.2.9
v8.1.4
v7.2.8
v8.2.0
v8.2.0-rc4
v8.2.0-rc3
v8.2.0-rc2
v8.2.0-rc1
v7.2.7
v8.1.3
v8.2.0-rc0
v8.1.2
v8.1.1
v7.2.6
v8.0.5
v8.1.0
v8.1.0-rc4
v8.1.0-rc3
v7.2.5
v8.0.4
v8.1.0-rc2
v8.1.0-rc1
v8.1.0-rc0
v8.0.3
v7.2.4
v8.0.2
v8.0.1
v7.2.3
v7.2.2
v8.0.0
v8.0.0-rc4
v8.0.0-rc3
v7.2.1
v8.0.0-rc2
v8.0.0-rc1
v8.0.0-rc0
v7.2.0
v7.2.0-rc4
v7.2.0-rc3
v7.2.0-rc2
v7.2.0-rc1
v7.2.0-rc0
v7.1.0
v7.1.0-rc4
v7.1.0-rc3
v7.1.0-rc2
v7.1.0-rc1
v7.1.0-rc0
v7.0.0
v7.0.0-rc4
v7.0.0-rc3
v7.0.0-rc2
v7.0.0-rc1
v7.0.0-rc0
v6.1.1
v6.2.0
v6.2.0-rc4
v6.2.0-rc3
v6.2.0-rc2
v6.2.0-rc1
v6.2.0-rc0
v6.0.1
v6.1.0
v6.1.0-rc4
v6.1.0-rc3
v6.1.0-rc2
v6.1.0-rc1
v6.1.0-rc0
v6.0.0
v6.0.0-rc5
v6.0.0-rc4
v6.0.0-rc3
v6.0.0-rc2
v6.0.0-rc1
v6.0.0-rc0
v5.2.0
v5.2.0-rc4
v5.2.0-rc3
v5.2.0-rc2
v5.2.0-rc1
v5.2.0-rc0
v5.0.1
v5.1.0
v5.1.0-rc3
v5.1.0-rc2
v5.1.0-rc1
v5.1.0-rc0
v4.2.1
v5.0.0
v5.0.0-rc4
v5.0.0-rc3
v5.0.0-rc2
v5.0.0-rc1
v5.0.0-rc0
v4.2.0
v4.2.0-rc5
v4.2.0-rc4
v4.2.0-rc3
v4.2.0-rc2
v4.1.1
v4.2.0-rc1
v4.2.0-rc0
v4.0.1
v3.1.1.1
v4.1.0
v4.1.0-rc5
v4.1.0-rc4
v3.1.1
v4.1.0-rc3
v4.1.0-rc2
v4.1.0-rc1
v4.1.0-rc0
v4.0.0
v4.0.0-rc4
v3.0.1
v4.0.0-rc3
v4.0.0-rc2
v4.0.0-rc1
v4.0.0-rc0
v3.1.0
v3.1.0-rc5
v3.1.0-rc4
v3.1.0-rc3
v3.1.0-rc2
v3.1.0-rc1
v3.1.0-rc0
v3.0.0
v3.0.0-rc4
v2.12.1
v3.0.0-rc3
v3.0.0-rc2
v3.0.0-rc1
v3.0.0-rc0
v2.11.2
v2.12.0
v2.12.0-rc4
v2.12.0-rc3
v2.12.0-rc2
v2.12.0-rc1
v2.12.0-rc0
v2.11.1
v2.10.2
v2.11.0
v2.11.0-rc5
v2.11.0-rc4
v2.11.0-rc3
v2.11.0-rc2
v2.11.0-rc1
v2.11.0-rc0
v2.10.1
v2.9.1
v2.10.0
v2.10.0-rc4
v2.10.0-rc3
v2.10.0-rc2
v2.10.0-rc1
v2.10.0-rc0
v2.8.1.1
v2.9.0
v2.9.0-rc5
v2.9.0-rc4
v2.9.0-rc3
v2.8.1
v2.9.0-rc2
v2.9.0-rc1
v2.9.0-rc0
v2.7.1
v2.8.0
v2.8.0-rc4
v2.8.0-rc3
v2.8.0-rc2
v2.8.0-rc1
v2.8.0-rc0
v2.6.2
v2.7.0
v2.7.0-rc5
v2.7.0-rc4
v2.6.1
v2.7.0-rc3
v2.7.0-rc2
v2.7.0-rc1
v2.7.0-rc0
v2.6.0
v2.5.1.1
v2.6.0-rc5
v2.6.0-rc4
v2.6.0-rc3
v2.6.0-rc2
v2.6.0-rc1
v2.6.0-rc0
v2.5.1
v2.5.0
v2.5.0-rc4
v2.5.0-rc3
v2.5.0-rc2
v2.5.0-rc1
v2.5.0-rc0
v2.4.1
v2.4.0.1
v2.3.1
v2.4.0
v2.4.0-rc4
v2.4.0-rc3
v2.4.0-rc2
v2.4.0-rc1
v2.4.0-rc0
v2.3.0
v2.3.0-rc4
v2.3.0-rc3
v2.3.0-rc2
v2.3.0-rc1
v2.3.0-rc0
v2.2.1
v2.1.3
v2.2.0
v2.2.0-rc5
v2.2.0-rc4
v2.2.0-rc3
v2.2.0-rc2
v2.2.0-rc1
v2.2.0-rc0
v2.1.2
v2.1.1
v2.1.0
v2.1.0-rc5
v2.1.0-rc4
v2.1.0-rc3
v2.1.0-rc2
v2.1.0-rc1
v2.1.0-rc0
v2.0.0
v2.0.0-rc3
v2.0.0-rc2
v2.0.0-rc1
v2.0.0-rc0
v1.4.0
v1.4.0-rc2
v1.4.0-rc1
v1.4.0-rc0
v1.2.0
v1.2.0-rc3
v1.2.0-rc2
v1.2.0-rc1
v1.0
v1.0-rc4
v0.14.1
initial
release_0_10_0
release_0_10_1
release_0_10_2
release_0_5_1
release_0_6_0
release_0_6_1
release_0_7_0
release_0_7_1
release_0_8_1
release_0_8_2
release_0_9_0
release_0_9_1
v0.1.0
v0.1.1
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.10.6
v0.11.0
v0.11.0-rc0
v0.11.0-rc1
v0.11.0-rc2
v0.11.1
v0.12.0
v0.12.0-rc0
v0.12.0-rc1
v0.12.0-rc2
v0.12.1
v0.12.2
v0.12.3
v0.12.4
v0.12.5
v0.13.0
v0.13.0-rc0
v0.13.0-rc1
v0.13.0-rc2
v0.13.0-rc3
v0.14.0
v0.14.0-rc0
v0.14.0-rc1
v0.14.0-rc2
v0.15.0
v0.15.0-rc0
v0.15.0-rc1
v0.15.0-rc2
v0.15.1
v0.2.0
v0.3.0
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.8.1
v0.8.2
v0.9.0
v0.9.1
v1.0-rc0
v1.0-rc1
v1.0-rc2
v1.0-rc3
v1.0.1
v1.1-rc0
v1.1-rc1
v1.1-rc2
v1.1.0
v1.1.0-rc2
v1.1.0-rc3
v1.1.0-rc4
v1.1.1
v1.1.2
v1.2.0-rc0
v1.2.1
v1.2.2
v1.3.0
v1.3.0-rc0
v1.3.0-rc1
v1.3.0-rc2
v1.3.1
v1.4.1
v1.4.2
v1.5.0
v1.5.0-rc0
v1.5.0-rc1
v1.5.0-rc2
v1.5.0-rc3
v1.5.1
v1.5.2
v1.5.3
v1.6.0
v1.6.0-rc0
v1.6.0-rc1
v1.6.0-rc2
v1.6.0-rc3
v1.6.1
v1.6.2
v1.7.0
v1.7.0-rc0
v1.7.0-rc1
v1.7.0-rc2
v1.7.1
v1.7.2
v2.0.1
v2.0.2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
qemu/crypto
History
Peter Xu 7e0c22d585 io/crypto: Move tls premature termination handling into QIO layer 
QCryptoTLSSession allows TLS premature termination in two cases, one of the
case is when the channel shutdown() is invoked on READ side.

It's possible the shutdown() happened after the read thread blocked at
gnutls_record_recv().  In this case, we should allow the premature
termination to happen.

The problem is by the time qcrypto_tls_session_read() was invoked,
tioc->shutdown may not have been set, so this may instead be treated as an
error if there is concurrent shutdown() calls.

To allow the flag to reflect the latest status of tioc->shutdown, move the
check upper into the QIOChannel level, so as to read the flag only after
QEMU gets an GNUTLS_E_PREMATURE_TERMINATION.

When at it, introduce qio_channel_tls_allow_premature_termination() helper
to make the condition checks easier to read.  When doing so, change the
qatomic_load_acquire() to qatomic_read(): here we don't need any ordering
of memory accesses, but reading a flag.  qatomic_read() would suffice
because it guarantees fetching from memory.  Nothing else we should need to
order on memory access.

This patch will fix a qemu qtest warning when running the preempt tls test,
reporting premature termination:

QTEST_QEMU_BINARY=./qemu-system-x86_64 ./tests/qtest/migration-test --full -r /x86_64/migration/postcopy/preempt/tls/psk
...
qemu-kvm: Cannot read from TLS channel: The TLS connection was non-properly terminated.
...

In this specific case, the error was set by postcopy_preempt_thread, which
normally will be concurrently shutdown()ed by the main thread.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Juraj Marcin <jmarcin@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Link: https://lore.kernel.org/r/20250918203937.200833-2-peterx@redhat.com
Signed-off-by: Peter Xu <peterx@redhat.com>
 		3 weeks ago
..
aes.c target/riscv: Use existing lookup tables for MixColumns 2 years ago
afalg.c qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 1 year ago
afalgpriv.h qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 1 year ago
afsplit.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 1 year ago
akcipher-gcrypt.c.inc include: Rename sysemu/ -> system/ 10 months ago
akcipher-nettle.c.inc include: Rename sysemu/ -> system/ 10 months ago
akcipher.c qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix 1 year ago
akcipherpriv.h qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix 1 year ago
block-luks-priv.h crypto: Clean up includes 3 years ago
block-luks.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 1 year ago
block-luks.h crypto: Fix LGPL information in the file headers 6 years ago
block-qcow.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 1 year ago
block-qcow.h crypto: Fix LGPL information in the file headers 6 years ago
block.c qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 1 year ago
blockpriv.h qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 1 year ago
cipher-afalg.c qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 1 year ago
cipher-gcrypt.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 1 year ago
cipher-gnutls.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 1 year ago
cipher-nettle.c.inc qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 1 year ago
cipher-stub.c.inc crypto: fully drop built-in cipher provider 5 months ago
cipher.c crypto: fully drop built-in cipher provider 5 months ago
cipherpriv.h qapi/crypto: Rename QCryptoCipherAlgorithm to *Algo, and drop prefix 1 year ago
clmul.c crypto: Add generic 64-bit carry-less multiply routine 2 years ago
der.c crypto: Remove unused DER string functions 1 year ago
der.h crypto: Remove unused DER string functions 1 year ago
hash-afalg.c overall: Remove unnecessary g_strdup_printf() calls 8 months ago
hash-gcrypt.c crypto: perform runtime check for hash/hmac support in gcrypt 12 months ago
hash-glib.c crypto/hash: avoid overwriting user supplied result pointer 1 year ago
hash-gnutls.c crypto/hash: avoid overwriting user supplied result pointer 1 year ago
hash-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 12 months ago
hash.c crypto: Introduce SM3 hash hmac pbkdf algorithm 12 months ago
hashpriv.h crypto/hashpriv: Remove old hash API function 1 year ago
hmac-gcrypt.c crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls 2 months ago
hmac-glib.c crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls 2 months ago
hmac-gnutls.c crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls 2 months ago
hmac-nettle.c crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls 2 months ago
hmac.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 1 year ago
hmacpriv.h qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo 1 year ago
init.c crypto: drop gnutls debug logging support 1 year ago
ivgen-essiv.c crypto: Fix LGPL information in the file headers 6 years ago
ivgen-essiv.h crypto: Fix LGPL information in the file headers 6 years ago
ivgen-plain.c crypto: Fix LGPL information in the file headers 6 years ago
ivgen-plain.h Clean up ill-advised or unusual header guards 4 years ago
ivgen-plain64.c crypto: Fix LGPL information in the file headers 6 years ago
ivgen-plain64.h crypto: Fix LGPL information in the file headers 6 years ago
ivgen.c qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 1 year ago
ivgenpriv.h qapi/crypto: Rename QCryptoIVGenAlgorithm to *Algo, and drop prefix 1 year ago
meson.build crypto: Introduce x509 utils 1 year ago
pbkdf-gcrypt.c crypto: Introduce SM3 hash hmac pbkdf algorithm 12 months ago
pbkdf-gnutls.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 1 year ago
pbkdf-nettle.c crypto: Introduce SM3 hash hmac pbkdf algorithm 12 months ago
pbkdf-stub.c qapi/crypto: Rename QCryptoHashAlgorithm to *Algo, and drop prefix 1 year ago
pbkdf.c crypto: fix bogus error benchmarking pbkdf on fast machines 9 months ago
random-gcrypt.c crypto: Fix LGPL information in the file headers 6 years ago
random-gnutls.c crypto: Fix LGPL information in the file headers 6 years ago
random-none.c crypto: add "none" random provider 5 years ago
random-platform.c crypto: Fix LGPL information in the file headers 6 years ago
rsakey-builtin.c.inc qapi/crypto: Drop unwanted 'prefix' 1 year ago
rsakey-nettle.c.inc qapi/crypto: Drop unwanted 'prefix' 1 year ago
rsakey.c crypto: Support export akcipher to pkcs8 3 years ago
rsakey.h crypto: Support export akcipher to pkcs8 3 years ago
secret.c qom: Have class_init() take a const data argument 6 months ago
secret_common.c qom: Make InterfaceInfo[] uses const 6 months ago
secret_keyring.c qom: Have class_init() take a const data argument 6 months ago
sm4.c crypto: Add SM4 constant parameter CK 2 years ago
tls-cipher-suites.c qom: Make InterfaceInfo[] uses const 6 months ago
tlscreds.c qom: Have class_init() take a const data argument 6 months ago
tlscredsanon.c qom: Make InterfaceInfo[] uses const 6 months ago
tlscredspriv.h crypto: Make QCryptoTLSCreds* structures private 4 years ago
tlscredspsk.c qom: Make InterfaceInfo[] uses const 6 months ago
tlscredsx509.c crypto: load all certificates in X509 CA file 3 months ago
tlssession.c io/crypto: Move tls premature termination handling into QIO layer 3 weeks ago
trace-events crypto: add tracing & warning about GNUTLS countermeasures 3 months ago
trace.h trace: switch position of headers to what Meson requires 5 years ago
x509-utils.c crypto/x509-utils: Check for error from gnutls_x509_crt_init() 3 months ago
xts.c crypto: Fix LGPL information in the file headers 6 years ago