Commit 488981a4 authored by Daniel P. Berrangé's avatar Daniel P. Berrangé Committed by Paolo Bonzini
Browse files

block: convert quorum blockdrv to use crypto APIs 



Get rid of direct use of gnutls APIs in quorum blockdrv in
favour of using the crypto APIs. This avoids the need to
do conditional compilation of the quorum driver. It can
simply report an error at file open file instead if the
required hash algorithm isn't supported by QEMU.

Signed-off-by: default avatarDaniel P. Berrange <berrange@redhat.com>
Message-Id: <1435770638-25715-8-git-send-email-berrange@redhat.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent ed754746

block/Makefile.objs

+1 −1
Original line number Diff line number Diff line
@@ -3,7 +3,7 @@ block-obj-y += qcow2.o qcow2-refcount.o qcow2-cluster.o qcow2-snapshot.o qcow2-c 
block-obj-y += qed.o qed-gencb.o qed-l2-cache.o qed-table.o qed-cluster.o

block-obj-y += qed-check.o

block-obj-$(CONFIG_VHDX) += vhdx.o vhdx-endian.o vhdx-log.o

block-obj-$(CONFIG_QUORUM) += quorum.o

block-obj-y += quorum.o

block-obj-y += parallels.o blkdebug.o blkverify.o

block-obj-y += block-backend.o snapshot.o qapi.o

block-obj-$(CONFIG_WIN32) += raw-win32.o win32-aio.o

block/quorum.c

+20 −19
Original line number Diff line number Diff line
@@ -13,8 +13,6 @@ 
 * See the COPYING file in the top-level directory.

 */



#include <gnutls/gnutls.h>

#include <gnutls/crypto.h>

#include "block/block_int.h"

#include "qapi/qmp/qbool.h"

#include "qapi/qmp/qdict.h"
@@ -24,6 +22,7 @@ 
#include "qapi/qmp/qlist.h"

#include "qapi/qmp/qstring.h"

#include "qapi-event.h"

#include "crypto/hash.h"



#define HASH_LENGTH 32
@@ -34,7 +33,7 @@ 


/* This union holds a vote hash value */

typedef union QuorumVoteValue {

    char h[HASH_LENGTH];       /* SHA-256 hash */

    uint8_t h[HASH_LENGTH];    /* SHA-256 hash */

    int64_t l;                 /* simpler 64 bits hash */

} QuorumVoteValue;
@@ -428,25 +427,21 @@ static void quorum_free_vote_list(QuorumVotes *votes) 


static int quorum_compute_hash(QuorumAIOCB *acb, int i, QuorumVoteValue *hash)

{

    int j, ret;

    gnutls_hash_hd_t dig;

    QEMUIOVector *qiov = &acb->qcrs[i].qiov;



    ret = gnutls_hash_init(&dig, GNUTLS_DIG_SHA256);



    if (ret < 0) {

        return ret;

    }



    for (j = 0; j < qiov->niov; j++) {

        ret = gnutls_hash(dig, qiov->iov[j].iov_base, qiov->iov[j].iov_len);

        if (ret < 0) {

            break;

        }

    size_t len = sizeof(hash->h);

    uint8_t *data = hash->h;



    /* XXX - would be nice if we could pass in the Error **

     * and propagate that back, but this quorum code is

     * restricted to just errno values currently */

    if (qcrypto_hash_bytesv(QCRYPTO_HASH_ALG_SHA256,

                            qiov->iov, qiov->niov,

                            &data, &len,

                            NULL) < 0) {

        return -EINVAL;

    }



    gnutls_hash_deinit(dig, (void *) hash);

    return ret;

    return 0;

}



static QuorumVoteVersion *quorum_get_vote_winner(QuorumVotes *votes)
@@ -870,6 +865,12 @@ static int quorum_open(BlockDriverState *bs, QDict *options, int flags, 
    int i;

    int ret = 0;



    if (!qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA256)) {

        error_setg(errp,

                   "SHA256 hash support is required for quorum device");

        return -EINVAL;

    }



    qdict_flatten(options);



    /* count how many different children are present */

configure

+0 −38
Original line number Diff line number Diff line
@@ -336,7 +336,6 @@ vte="" 
tpm="yes"

libssh2=""

vhdx=""

quorum=""

numa=""

tcmalloc="no"
@@ -1146,10 +1145,6 @@ for opt do 
  ;;

  --disable-vhdx) vhdx="no"

  ;;

  --disable-quorum) quorum="no"

  ;;

  --enable-quorum) quorum="yes"

  ;;

  --disable-numa) numa="no"

  ;;

  --enable-numa) numa="yes"
@@ -1382,7 +1377,6 @@ disabled with --disable-FEATURE, default is enabled if available: 
  tpm             TPM support

  libssh2         ssh block device support

  vhdx            support for the Microsoft VHDX image format

  quorum          quorum block filter support

  numa            libnuma support

  tcmalloc        tcmalloc support
@@ -2377,33 +2371,6 @@ EOF 
  fi

fi



##########################################

# Quorum probe (check for gnutls)

if test "$quorum" != "no" ; then

cat > $TMPC <<EOF

#include <gnutls/gnutls.h>

#include <gnutls/crypto.h>

int main(void) {char data[4096], digest[32];

gnutls_hash_fast(GNUTLS_DIG_SHA256, data, 4096, digest);

return 0;

}

EOF

quorum_tls_cflags=`$pkg_config --cflags gnutls 2> /dev/null`

quorum_tls_libs=`$pkg_config --libs gnutls 2> /dev/null`

if compile_prog "$quorum_tls_cflags" "$quorum_tls_libs" ; then

  qcow_tls=yes

  libs_softmmu="$quorum_tls_libs $libs_softmmu"

  libs_tools="$quorum_tls_libs $libs_softmmu"

  QEMU_CFLAGS="$QEMU_CFLAGS $quorum_tls_cflags"

  quorum="yes"

else

  if test "$quorum" = "yes"; then

    feature_not_found "gnutls" "gnutls > 2.10.0 required to compile Quorum"

  fi

  quorum="no"

fi

fi



##########################################

# VNC SASL detection

if test "$vnc" = "yes" -a "$vnc_sasl" != "no" ; then
@@ -4592,7 +4559,6 @@ echo "libssh2 support $libssh2" 
echo "TPM passthrough   $tpm_passthrough"

echo "QOM debugging     $qom_cast_debug"

echo "vhdx              $vhdx"

echo "Quorum            $quorum"

echo "lzo support       $lzo"

echo "snappy support    $snappy"

echo "bzip2 support     $bzip2"
@@ -5074,10 +5040,6 @@ if test "$libssh2" = "yes" ; then 
  echo "LIBSSH2_LIBS=$libssh2_libs" >> $config_host_mak

fi



if test "$quorum" = "yes" ; then

  echo "CONFIG_QUORUM=y" >> $config_host_mak

fi



if test "$vhdx" = "yes" ; then

  echo "CONFIG_VHDX=y" >> $config_host_mak

fi