diff options
author | Daniel P. Berrangé <berrange@redhat.com> | 2019-10-14 17:28:27 +0100 |
---|---|---|
committer | Daniel P. Berrangé <berrange@redhat.com> | 2019-10-28 16:45:07 +0100 |
commit | dc2207af2de162005f7e9e534850d07232290cee (patch) | |
tree | d9c6191ac7fa37c5d22417ed0bff40b7ec927840 /configure | |
parent | e0576942e005de0f9226913cb0750cf445a33565 (diff) |
crypto: add support for nettle's native XTS impl
Nettle 3.5.0 will add support for the XTS mode. Use this because long
term we wish to delete QEMU's XTS impl to avoid carrying private crypto
algorithm impls.
Unfortunately this degrades nettle performance from 612 MB/s to 568 MB/s
as nettle's XTS impl isn't so well optimized yet.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Diffstat (limited to 'configure')
-rwxr-xr-x | configure | 18 |
1 files changed, 18 insertions, 0 deletions
@@ -472,6 +472,7 @@ gtk_gl="no" tls_priority="NORMAL" gnutls="" nettle="" +nettle_xts="no" gcrypt="" gcrypt_hmac="no" gcrypt_xts="no" @@ -2871,6 +2872,19 @@ if test "$nettle" != "no"; then pass="yes" fi fi + if test "$pass" = "yes" + then + cat > $TMPC << EOF +#include <nettle/xts.h> +int main(void) { + return 0; +} +EOF + if compile_prog "$nettle_cflags" "$nettle_libs" ; then + nettle_xts=yes + qemu_private_xts=no + fi + fi if test "$pass" = "no" && test "$nettle" = "yes"; then feature_not_found "nettle" "Install nettle devel >= 2.7.1" else @@ -6346,6 +6360,10 @@ then echo " XTS $gcrypt_xts" fi echo "nettle $nettle $(echo_version $nettle $nettle_version)" +if test "$nettle" = "yes" +then + echo " XTS $nettle_xts" +fi echo "libtasn1 $tasn1" echo "PAM $auth_pam" echo "iconv support $iconv" |