[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 01/20] crypto/luks: Support creating LUKS image on Darwin
|
From: |
Daniel P . Berrangé |
|
Subject: |
[PULL 01/20] crypto/luks: Support creating LUKS image on Darwin |
|
Date: |
Thu, 27 Oct 2022 18:30:44 +0100 |
From: Jungmin Park <pjm0616@gmail.com>
When the user creates a LUKS-encrypted qcow2 image using the qemu-img
program, the passphrase is hashed using PBKDF2 with a dynamic
number of iterations. The number of iterations is determined by
measuring thread cpu time usage, such that it takes approximately
2 seconds to compute the hash.
Because Darwin doesn't implement getrusage(RUSAGE_THREAD), we get an
error message:
> qemu-img: test.qcow2: Unable to calculate thread CPU usage on this platform
for this command:
> qemu-img create --object secret,id=key,data=1234 -f qcow2 -o
> 'encrypt.format=luks,encrypt.key-secret=key' test.qcow2 100M
This patch implements qcrypto_pbkdf2_get_thread_cpu() for Darwin so that
the above command works.
Signed-off-by: Jungmin Park <pjm0616@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/pbkdf.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/crypto/pbkdf.c b/crypto/pbkdf.c
index 3775ddc6c5..8d198c152c 100644
--- a/crypto/pbkdf.c
+++ b/crypto/pbkdf.c
@@ -24,6 +24,11 @@
#ifndef _WIN32
#include <sys/resource.h>
#endif
+#ifdef CONFIG_DARWIN
+#include <mach/mach_init.h>
+#include <mach/thread_act.h>
+#include <mach/mach_port.h>
+#endif
static int qcrypto_pbkdf2_get_thread_cpu(unsigned long long *val_ms,
@@ -45,6 +50,24 @@ static int qcrypto_pbkdf2_get_thread_cpu(unsigned long long
*val_ms,
/* QuadPart is units of 100ns and we want ms as unit */
*val_ms = thread_time.QuadPart / 10000ll;
return 0;
+#elif defined(CONFIG_DARWIN)
+ mach_port_t thread;
+ kern_return_t kr;
+ mach_msg_type_number_t count;
+ thread_basic_info_data_t info;
+
+ thread = mach_thread_self();
+ count = THREAD_BASIC_INFO_COUNT;
+ kr = thread_info(thread, THREAD_BASIC_INFO, (thread_info_t)&info, &count);
+ mach_port_deallocate(mach_task_self(), thread);
+ if (kr != KERN_SUCCESS || (info.flags & TH_FLAGS_IDLE) != 0) {
+ error_setg_errno(errp, errno, "Unable to get thread CPU usage");
+ return -1;
+ }
+
+ *val_ms = ((info.user_time.seconds * 1000ll) +
+ (info.user_time.microseconds / 1000));
+ return 0;
#elif defined(RUSAGE_THREAD)
struct rusage ru;
if (getrusage(RUSAGE_THREAD, &ru) < 0) {
--
2.37.3
- [PULL 00/20] Crypto and I/O patches, Daniel P . Berrangé, 2022/10/27
- [PULL 04/20] io/channel-watch: Drop the unnecessary cast, Daniel P . Berrangé, 2022/10/27
- [PULL 03/20] io/channel-watch: Drop a superfluous '#ifdef WIN32', Daniel P . Berrangé, 2022/10/27
- [PULL 08/20] crypto: check for and report errors setting PSK credentials, Daniel P . Berrangé, 2022/10/27
- [PULL 01/20] crypto/luks: Support creating LUKS image on Darwin,
Daniel P . Berrangé <=
- [PULL 05/20] io/channel-watch: Fix socket watch on Windows, Daniel P . Berrangé, 2022/10/27
- [PULL 02/20] util/qemu-sockets: Use g_get_tmp_dir() to get the directory for temporary files, Daniel P . Berrangé, 2022/10/27
- [PULL 09/20] tests: avoid DOS line endings in PSK file, Daniel P . Berrangé, 2022/10/27
- [PULL 10/20] crypto: sanity check that LUKS header strings are NUL-terminated, Daniel P . Berrangé, 2022/10/27
- [PULL 11/20] crypto: enforce that LUKS stripes is always a fixed value, Daniel P . Berrangé, 2022/10/27
- [PULL 14/20] crypto: strengthen the check for key slots overlapping with LUKS header, Daniel P . Berrangé, 2022/10/27
- [PULL 15/20] crypto: check that LUKS PBKDF2 iterations count is non-zero, Daniel P . Berrangé, 2022/10/27
- [PULL 07/20] scripts: check if .git exists before checking submodule status, Daniel P . Berrangé, 2022/10/27
- [PULL 06/20] seccomp: Get actual errno value from failed seccomp functions, Daniel P . Berrangé, 2022/10/27
- [PULL 13/20] crypto: validate that LUKS payload doesn't overlap with header, Daniel P . Berrangé, 2022/10/27