qemu-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 857343: crypto: Fix some code style problems,


From: Peter Maydell
Subject: [Qemu-commits] [qemu/qemu] 857343: crypto: Fix some code style problems, add spaces a...
Date: Fri, 29 Jan 2021 11:51:58 -0800

  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: 8573431b9c83a18a35d69e74d14f5055a07b23fc
      
https://github.com/qemu/qemu/commit/8573431b9c83a18a35d69e74d14f5055a07b23fc
  Author: shiliyang <shiliyang@huawei.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M crypto/aes.c
    M crypto/desrfb.c
    M crypto/tlscredsx509.c

  Log Message:
  -----------
  crypto: Fix some code style problems, add spaces around operator

This patch fixes error style problems found by checkpatch.pl:
ERROR: spaces required around that '*'
ERROR: space required after that ','
ERROR: spaces required around that '|'

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Liyang Shi <shiliyang@huawei.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 31b6aefdbd9d2fe45c25e5236e1cc363229cb96c
      
https://github.com/qemu/qemu/commit/31b6aefdbd9d2fe45c25e5236e1cc363229cb96c
  Author: Kevin Wolf <kwolf@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M crypto/secret.c
    M crypto/secret_common.c
    M crypto/secret_keyring.c

  Log Message:
  -----------
  crypto: Move USER_CREATABLE to secret_common base class

Instead of duplicating the code for user creatable objects in secret and
secret_keyring, move it to the common base clase secret_common. As the
base class is abstract, it won't become user creatable itself.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 668cb74b2af1129349a6c41763bc88d801161e09
      
https://github.com/qemu/qemu/commit/668cb74b2af1129349a6c41763bc88d801161e09
  Author: Kevin Wolf <kwolf@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M crypto/secret_common.c

  Log Message:
  -----------
  crypto: Forbid broken unloading of secrets

qcrypto_secret_prop_set_loaded() forgets to reset secret->rawdata after
unloading a secret, which will lead to a double free at some point.

Because there is no use case for unloading an already loaded secret
(apart from deleting the whole secret object) and we know that nobody
could use this because it would lead to crashes, let's just forbid the
operation instead of fixing the unloading.

Eventually, we'll want to get rid of 'loaded' in the external interface,
but for the meantime this is more consistent with rng, which has a
similar property 'opened' that also can't be reset to false after it
became true.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: ab366aae78bcac972a0920ffdda3136fc13fa093
      
https://github.com/qemu/qemu/commit/ab366aae78bcac972a0920ffdda3136fc13fa093
  Author: Kevin Wolf <kwolf@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M crypto/tlscredsanon.c
    M crypto/tlscredspsk.c
    M crypto/tlscredsx509.c

  Log Message:
  -----------
  crypto: Fix memory leaks in set_loaded for tls-*

If you set the loaded property to true when it was already true, the
state is overwritten without freeing the old state first. Change the
set_loaded callback so that it always frees the old state (which is a
no-op if nothing was loaded) and only then load if requestsd.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 166310299a1e7824bbff17e1f016659d18b4a559
      
https://github.com/qemu/qemu/commit/166310299a1e7824bbff17e1f016659d18b4a559
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M docs/system/deprecated.rst
    M os-posix.c

  Log Message:
  -----------
  os: deprecate the -enable-fips option and QEMU's FIPS enforcement

The -enable-fips option was added a long time ago to prevent the use of
single DES when VNC when FIPS mode is enabled. It should never have been
added, because apps are supposed to unconditionally honour FIPS mode
based on the '/proc/sys/crypto/fips_enabled' file contents.

In addition there is more to achieving FIPS compliance than merely
blocking use of certain algorithms. Those algorithms which are used
need to perform self-tests at runtime.

QEMU's built-in cryptography provider has no support for self-tests,
and neither does the nettle library.

If QEMU is required to be used in a FIPS enabled host, then it must be
built with the libgcrypt library enabled, which will unconditionally
enforce FIPS compliance in any algorithm usage.

Thus there is no need to keep either the -enable-fips option in QEMU, or
QEMU's internal FIPS checking methods.

Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 4d7beeab38e6d2d242bcf110532ff6a9b03bd53d
      
https://github.com/qemu/qemu/commit/4d7beeab38e6d2d242bcf110532ff6a9b03bd53d
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M docs/system/vnc-security.rst
    M include/authz/listfile.h
    M qemu-options.hx
    M tests/qemu-iotests/233

  Log Message:
  -----------
  Prefer 'on' | 'off' over 'yes' | 'no' for bool options

Update some docs and test cases to use 'on' | 'off' as the preferred
value for bool options.

Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: e6e80fcfd6c478231ac8ef9d2ec647da860252b6
      
https://github.com/qemu/qemu/commit/e6e80fcfd6c478231ac8ef9d2ec647da860252b6
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M docs/system/build-platforms.rst

  Log Message:
  -----------
  docs: simplify and clarify the platform support rules

The distinction between short life and long life Linux distributions
turned out to be redundant. They can both be covered in a simple way
by noting support will target the current release, and the previous
release for a period of two years or until its EOL. This rule can also
apply to the other UNIX based distros, leaving only Windows needing a
different set of rules.

This also clarifies that Debian LTS is out of scope, because the LTS
support is provided by a separate group from the main Debian maintainer
team.

Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: f029f9112257c9a0e669c2955e8ace21a96704c1
      
https://github.com/qemu/qemu/commit/f029f9112257c9a0e669c2955e8ace21a96704c1
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M docs/system/tls.rst

  Log Message:
  -----------
  docs: fix missing backslash in certtool shell example

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 7d7dbf9dc15be6e1465c756c2c5ae7f1ab104fc8
      
https://github.com/qemu/qemu/commit/7d7dbf9dc15be6e1465c756c2c5ae7f1ab104fc8
  Author: Dan Streetman <ddstreet@canonical.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M Makefile
    M configure
    M scripts/git-submodule.sh

  Log Message:
  -----------
  configure: replace --enable/disable-git-update with --with-git-submodules

Replace the --enable-git-update and --disable-git-update configure params
with the param --with-git-submodules=(update|validate|ignore) to
allow 3 options for building from a git repo.

This is needed because downstream packagers, e.g. Debian, Ubuntu, etc,
also keep the source code in git, but do not want to enable the
'git_update' mode; with the current code, that's not possible even
if the downstream package specifies --disable-git-update.

The previous parameters are deprecated but still available; the
--enable-git-update parameter maps to --with-git-submodules=update and
--disable-git-update parameter maps to --with-git-submodules=validate.

The configure script behavior is slightly modified, where previously
the dtc, capstone, and slirp submodules were not validated when
--disable-git-update was specified (but were updated with git-update
enabled), now they are validated when using --with-git-submodules=validate
and are only ignored when using --with-git-submodules=ignore.

Signed-off-by: Dan Streetman <ddstreet@canonical.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: c93c7dc0367a7df78e4eef2239fdc81c09dada3c
      
https://github.com/qemu/qemu/commit/c93c7dc0367a7df78e4eef2239fdc81c09dada3c
  Author: shiliyang <shiliyang@huawei.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M crypto/aes.c
    M crypto/desrfb.c

  Log Message:
  -----------
  crypto: Add spaces around operator

I am reading crypto related code, find some code style problems while
using checkpatch.pl to check crypto folder. Fix the error style
problems.

Signed-off-by: Liyang Shi <shiliyang@huawei.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: f4d87ce47c60935e639c76f8973623fd7616cef4
      
https://github.com/qemu/qemu/commit/f4d87ce47c60935e639c76f8973623fd7616cef4
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M ui/keycodemapdb
    M ui/meson.build

  Log Message:
  -----------
  ui: update keycodemapdb submodule commit

Primarily this is to pull in a fix for Win32 keycodes. The other useful
change is the removal of build timestamp from generated files which is
desirable for reproducable builds.

The make rules need updating due to slightly changed CLI syntax - more
args must now come after the command name.

6119e6e19a050df847418de7babe5166779955e4 Fix scan codes for Korean keys
685684a8404301780714e8a89a871981e7cae988 Fix argument order in output headers
b3774853042c951b200d767697285781cc59a83c Add HTML entries for Korean layout keys
8e54850d800e4697a2798fb82ac740e760f8530b Add macOS entries for Japanese 
keyboards
27acf0ef828bf719b2053ba398b195829413dbdd Fix win32 keycode for VK_OEM_102
317d3eeb963a515e15a63fa356d8ebcda7041a51 Add support for generating RST 
formatted docs pages
7381b9bfadd31c4c9e9a10b5bb5032f9189d4352 Introduce separate args for title & 
subtitle with docs generator
6280c94f306df6a20bbc100ba15a5a81af0366e6 keymap-gen: Name sections in pod output
df4e56f8fab65ba714ec18f4e7338a966a1620ad Add an empty meson project
16e5b0787687d8904dad2c026107409eb9bfcb95 remove buildtime from generated files
044f21dd0d4f62519aae9f1d53a026407a0b664f add header file generators
7779876a6b06755e3bb2c94ee3ded50635bcb0fa c++: add extern declaration to the 
generated file
0e0a317889464397d6f1ae03aad0d2ca593aab04 move CLanguageGenerator closer to 
CLanguageGenerator itself

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: a07e9fdd339e2142572d3da45e2e6869064a3055
      
https://github.com/qemu/qemu/commit/a07e9fdd339e2142572d3da45e2e6869064a3055
  Author: Stefan Weil <sw@weilnetz.de>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M tests/test-authz-pam.c

  Log Message:
  -----------
  tests: Fix runtime error in test-authz-pam

A test with sanitizers on macOS shows this error:

    authz/pamacct.c:50:25: runtime error: null pointer passed as argument 1, 
which is declared to never be null
    
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/security/pam_appl.h:56:2:
 note: nonnull attribute specified here

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: ecb98f5c7589ba8ecd15c8b1baa2ec7192e47c75
      
https://github.com/qemu/qemu/commit/ecb98f5c7589ba8ecd15c8b1baa2ec7192e47c75
  Author: Stefan Weil <sw@weilnetz.de>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M tests/crypto-tls-x509-helpers.c
    M tests/crypto-tls-x509-helpers.h
    M tests/pkix_asn1_tab.c

  Log Message:
  -----------
  tests: Replace deprecated ASN1 code

This fixes several compiler warnings on MacOS with Homebrew. The
git development branch for forthcoming libtasn1 4.17.0 has introduced
deprecation warnings for several macros/types that we use.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 74208cd252c5da9d867270a178799abd802b9338
      
https://github.com/qemu/qemu/commit/74208cd252c5da9d867270a178799abd802b9338
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2021-01-29 (Fri, 29 Jan 2021)

  Changed paths:
    M Makefile
    M configure
    M crypto/aes.c
    M crypto/desrfb.c
    M crypto/secret.c
    M crypto/secret_common.c
    M crypto/secret_keyring.c
    M crypto/tlscredsanon.c
    M crypto/tlscredspsk.c
    M crypto/tlscredsx509.c
    M docs/system/build-platforms.rst
    M docs/system/deprecated.rst
    M docs/system/tls.rst
    M docs/system/vnc-security.rst
    M include/authz/listfile.h
    M os-posix.c
    M qemu-options.hx
    M scripts/git-submodule.sh
    M tests/crypto-tls-x509-helpers.c
    M tests/crypto-tls-x509-helpers.h
    M tests/pkix_asn1_tab.c
    M tests/qemu-iotests/233
    M tests/test-authz-pam.c
    M ui/keycodemapdb
    M ui/meson.build

  Log Message:
  -----------
  Merge remote-tracking branch 
'remotes/berrange-gitlab/tags/misc-fixes-pull-request' into staging

* Replace --enable/disable-git-update with --with-git-submodules
  to allow improved control over use of git submodules
* Deprecate the -enable-fips option
* Ensure docs use prefer format for bool options
* Clarify platform support rules
* Misc fixes to keymap conversions
* Fix misc problems on macOS

# gpg: Signature made Fri 29 Jan 2021 17:10:13 GMT
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange-gitlab/tags/misc-fixes-pull-request:
  tests: Replace deprecated ASN1 code
  tests: Fix runtime error in test-authz-pam
  ui: update keycodemapdb submodule commit
  crypto: Add spaces around operator
  configure: replace --enable/disable-git-update with --with-git-submodules
  docs: fix missing backslash in certtool shell example
  docs: simplify and clarify the platform support rules
  Prefer 'on' | 'off' over 'yes' | 'no' for bool options
  os: deprecate the -enable-fips option and QEMU's FIPS enforcement
  crypto: Fix memory leaks in set_loaded for tls-*
  crypto: Forbid broken unloading of secrets
  crypto: Move USER_CREATABLE to secret_common base class
  crypto: Fix some code style problems, add spaces around operator

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>


Compare: https://github.com/qemu/qemu/compare/9df52f58e76e...74208cd252c5



reply via email to

[Prev in Thread] Current Thread [Next in Thread]