aboutsummaryrefslogtreecommitdiff
path: root/crypto
AgeCommit message (Collapse)Author
2022-03-07crypto: mandate a hostname when checking x509 creds on a clientDaniel P. Berrangé
Currently the TLS session object assumes that the caller will always provide a hostname when using x509 creds on a client endpoint. This relies on the caller to detect and report an error if the user has configured QEMU with x509 credentials on a UNIX socket. The migration code has such a check, but it is too broad, reporting an error when the user has configured QEMU with PSK credentials on a UNIX socket, where hostnames are irrelevant. Putting the check into the TLS session object credentials validation code ensures we report errors in only the scenario that matters. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-2-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-02-21configure, meson: move some default-disabled options to meson_options.txtPaolo Bonzini
These do not depend on --with-default-features, so they become booleans in meson too. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-02-21configure, meson: move AF_ALG test to mesonPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-07-14crypto: add gnutls pbkdf providerDaniel P. Berrangé
This adds support for using gnutls as a provider of the crypto pbkdf APIs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: add gnutls hmac providerDaniel P. Berrangé
This adds support for using gnutls as a provider of the crypto hmac APIs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: add gnutls hash providerDaniel P. Berrangé
This adds support for using gnutls as a provider of the crypto hash APIs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: add gnutls cipher providerDaniel P. Berrangé
Add an implementation of the QEMU cipher APIs to the gnutls crypto backend. XTS support is only available for gnutls version >= 3.6.8. Since ECB mode is not exposed by gnutls APIs, we can't use the private XTS code for compatibility. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: introduce build system for gnutls crypto backendDaniel P. Berrangé
This introduces the build logic needed to decide whether we can use gnutls as a crypto driver backend. The actual implementations will be introduced in following patches. We only wish to use gnutls if it has version 3.6.14 or newer, because that is what finally brings HW accelerated AES-XTS mode for x86_64. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: replace 'des-rfb' cipher with 'des'Daniel P. Berrangé
Currently the crypto layer exposes support for a 'des-rfb' algorithm which is just normal single-DES, with the bits in each key byte reversed. This special key munging is required by the RFB protocol password authentication mechanism. Since the crypto layer is generic shared code, it makes more sense to do the key byte munging in the VNC server code, and expose normal single-DES support. Replacing cipher 'des-rfb' by 'des' looks like an incompatible interface change, but it doesn't matter. While the QMP schema allows any QCryptoCipherAlgorithm for the 'cipher-alg' field in QCryptoBlockCreateOptionsLUKS, the code restricts what can be used at runtime. Thus the only effect is a change in error message. Original behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-rfb qemu-img: demo.luks: Algorithm 'des-rfb' not supported New behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-fish qemu-img: demo.luks: Invalid parameter 'des-rfb' Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: delete built-in XTS cipher mode supportDaniel P. Berrangé
The built-in AES+XTS implementation is used for the LUKS encryption When building system emulators it is reasonable to expect that an external crypto library is being used instead. The performance of the builtin XTS implementation is terrible as it has no CPU acceleration support. It is thus not worth keeping a home grown XTS implementation for the built-in cipher backend. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: delete built-in DES implementationDaniel P. Berrangé
The built-in DES implementation is used for the VNC server password authentication scheme. When building system emulators it is reasonable to expect that an external crypto library is being used. It is thus not worth keeping a home grown DES implementation in tree. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: drop custom XTS support in gcrypt driverDaniel P. Berrangé
The XTS cipher mode was introduced in gcrypt 1.8.0, which matches QEMU's current minimum version. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-14crypto: drop gcrypt thread initialization codeDaniel P. Berrangé
This is only required on gcrypt < 1.6.0, and is thus obsolete since commit b33a84632a3759c00320fd80923aa963c11207fc Author: Daniel P. Berrangé <berrange@redhat.com> Date: Fri May 14 13:04:08 2021 +0100 crypto: bump min gcrypt to 1.8.0, dropping RHEL-7 support Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-29crypto: Make QCryptoTLSCreds* structures privatePhilippe Mathieu-Daudé
Code consuming the "crypto/tlscreds*.h" APIs doesn't need to access its internals. Move the structure definitions to the "tlscredspriv.h" private header (only accessible by implementations). The public headers (in include/) still forward-declare the structures typedef. Note, tlscreds.c and 3 of the 5 modified source files already include "tlscredspriv.h", so only add it to tls-cipher-suites.c and tlssession.c. Removing the internals from the public header solves a bug introduced by commit 7de2e856533 ("yank: Unregister function when using TLS migration") which made migration/qemu-file-channel.c include "io/channel-tls.h", itself sometime depends on GNUTLS, leading to a build failure on OSX: [2/35] Compiling C object libmigration.fa.p/migration_qemu-file-channel.c.o FAILED: libmigration.fa.p/migration_qemu-file-channel.c.o cc -Ilibmigration.fa.p -I. -I.. -Iqapi [ ... ] -o libmigration.fa.p/migration_qemu-file-channel.c.o -c ../migration/qemu-file-channel.c In file included from ../migration/qemu-file-channel.c:29: In file included from include/io/channel-tls.h:26: In file included from include/crypto/tlssession.h:24: include/crypto/tlscreds.h:28:10: fatal error: 'gnutls/gnutls.h' file not found #include <gnutls/gnutls.h> ^~~~~~~~~~~~~~~~~ 1 error generated. Reported-by: Stefan Weil <sw@weilnetz.de> Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/407 Fixes: 7de2e856533 ("yank: Unregister function when using TLS migration") Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-29crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helperPhilippe Mathieu-Daudé
Introduce the qcrypto_tls_creds_check_endpoint() helper to access QCryptoTLSCreds internal 'endpoint' field. Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-25configure, meson: convert crypto detection to mesonPaolo Bonzini
Reviewed-by: Richard Henderson <richard.henderson@liaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-02crypto: drop used conditional checkDaniel P. Berrangé
The condition being tested has never been set since the day the code was first introduced. Reviewed-by: Willian Rampazzo <willianr@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-8-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-06-02crypto: bump min gcrypt to 1.8.0, dropping RHEL-7 supportDaniel P. Berrangé
It has been over two years since RHEL-8 was released, and thus per the platform build policy, we no longer need to support RHEL-7 as a build target. This lets us increment the minimum required gcrypt version and assume that HMAC is always supported Per repology, current shipping versions are: RHEL-8: 1.8.5 Debian Buster: 1.8.4 openSUSE Leap 15.2: 1.8.2 Ubuntu LTS 18.04: 1.8.1 Ubuntu LTS 20.04: 1.8.5 FreeBSD: 1.9.2 Fedora 33: 1.8.6 Fedora 34: 1.9.3 OpenBSD: 1.9.3 macOS HomeBrew: 1.9.3 Ubuntu LTS 18.04 has the oldest version and so 1.8.0 is the new minimum. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-6-berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> [thuth: rebased to use .gitlab-ci.d/buildtest.yml] Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-06-02crypto: drop back compatibility typedefs for nettleDaniel P. Berrangé
Now that we only support modern nettle, we don't need to have local typedefs to mask the real nettle types. Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-5-berrange@redhat.com> Reviewed-by: Willian Rampazzo <willianr@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-06-02crypto: bump min nettle to 3.4, dropping RHEL-7 supportDaniel P. Berrangé
It has been over two years since RHEL-8 was released, and thus per the platform build policy, we no longer need to support RHEL-7 as a build target. This lets us increment the minimum required nettle version and drop a lot of backwards compatibility code for 2.x series of nettle. Per repology, current shipping versions are: RHEL-8: 3.4.1 Debian Buster: 3.4.1 openSUSE Leap 15.2: 3.4.1 Ubuntu LTS 18.04: 3.4 Ubuntu LTS 20.04: 3.5.1 FreeBSD: 3.7.2 Fedora 33: 3.5.1 Fedora 34: 3.7.2 OpenBSD: 3.7.2 macOS HomeBrew: 3.7.2 Ubuntu LTS 18.04 has the oldest version and so 3.4 is the new minimum. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-4-berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Willian Rampazzo <willianr@redhat.com> [thuth: rebased to use .gitlab-ci.d/buildtest.yml] Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-06-02docs: fix references to docs/devel/tracing.rstStefano Garzarella
Commit e50caf4a5c ("tracing: convert documentation to rST") converted docs/devel/tracing.txt to docs/devel/tracing.rst. We still have several references to the old file, so let's fix them with the following command: sed -i s/tracing.txt/tracing.rst/ $(git grep -l docs/devel/tracing.txt) Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210517151702.109066-2-sgarzare@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-03-23crypto: add reload for QCryptoTLSCredsClassZihao Chang
This patch adds reload interface for QCryptoTLSCredsClass and implements the interface for QCryptoTLSCredsX509. Signed-off-by: Zihao Chang <changzihao1@huawei.com> Acked-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210316075845.1476-2-changzihao1@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-01-29crypto: Add spaces around operatorshiliyang
I am reading crypto related code, find some code style problems while using checkpatch.pl to check crypto folder. Fix the error style problems. Signed-off-by: Liyang Shi <shiliyang@huawei.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-01-29crypto: Fix memory leaks in set_loaded for tls-*Kevin Wolf
If you set the loaded property to true when it was already true, the state is overwritten without freeing the old state first. Change the set_loaded callback so that it always frees the old state (which is a no-op if nothing was loaded) and only then load if requestsd. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-01-29crypto: Forbid broken unloading of secretsKevin Wolf
qcrypto_secret_prop_set_loaded() forgets to reset secret->rawdata after unloading a secret, which will lead to a double free at some point. Because there is no use case for unloading an already loaded secret (apart from deleting the whole secret object) and we know that nobody could use this because it would lead to crashes, let's just forbid the operation instead of fixing the unloading. Eventually, we'll want to get rid of 'loaded' in the external interface, but for the meantime this is more consistent with rng, which has a similar property 'opened' that also can't be reset to false after it became true. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-01-29crypto: Move USER_CREATABLE to secret_common base classKevin Wolf
Instead of duplicating the code for user creatable objects in secret and secret_keyring, move it to the common base clase secret_common. As the base class is abstract, it won't become user creatable itself. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-01-29crypto: Fix some code style problems, add spaces around operatorshiliyang
This patch fixes error style problems found by checkpatch.pl: ERROR: spaces required around that '*' ERROR: space required after that ',' ERROR: spaces required around that '|' Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Liyang Shi <shiliyang@huawei.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-01-28qapi: Use QAPI_LIST_APPEND in trivial casesEric Blake
The easiest spots to use QAPI_LIST_APPEND are where we already have an obvious pointer to the tail of a list. While at it, consistently use the variable name 'tail' for that purpose. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210113221013.390592-5-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2020-10-12crypto: Move the creation of the library to the main meson.buildPhilippe Mathieu-Daudé
Be consistent creating all the libraries in the main meson.build file. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20201006125602.2311423-8-philmd@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-09-18qom: Remove ParentClassType argument from OBJECT_DECLARE_SIMPLE_TYPEEduardo Habkost
The requirement to specify the parent class type makes the macro harder to use and easy to misuse (silent bugs can be introduced if the wrong struct type is specified). Simplify the macro by just not declaring any class struct, allowing us to remove the class_size field from the TypeInfo variables for those types. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200916182519.415636-3-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-09-10crypto/gcrypt: Split QCryptoCipherGcrypt into subclassesRichard Henderson
With gcrypt, most of the dispatch happens in the library, so there aren't many classes to create. However, we can still create separate dispatch for CTR mode, and for CONFIG_QEMU_PRIVATE_XTS, which avoids needing to check for these modes at runtime. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto/nettle: Split QCryptoCipherNettle into subclassesRichard Henderson
Use separate classes for each cipher entry point: des_rfb, des3, aes128, aes192, aes256, cast128, serpent, and twofish. Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS. This eliminates unreachable wrappers for DES_RFB, DES3 and CAST128, which have blocksizes that do not allow XTS mode. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto/builtin: Split QCryptoCipherBuiltin into subclassesRichard Henderson
We had a second set of function pointers in QCryptoCipherBuiltin, which are redundant with QCryptoCipherDriver. Split the AES and DES implementations to avoid one level of indirection. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto/builtin: Split and simplify AES_encrypt_cbcRichard Henderson
Split into encrypt/decrypt functions, dropping the "enc" argument. Now that the function is private to this file, we know that "len" is a multiple of AES_BLOCK_SIZE. So drop the odd block size code. Name the functions do_aes_*crypt_cbc to match the *_ecb functions. Reorder and re-type the arguments to match as well. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto/builtin: Move AES_cbc_encrypt into cipher-builtin.inc.cRichard Henderson
By making the function private, we will be able to make further simplifications. Re-indent the migrated code and fix the missing braces for CODING_STYLE. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto/builtin: Merge qcrypto_cipher_aes_{ecb,xts}_{en,de}cryptRichard Henderson
There's no real reason we need two separate helper functions here. Standardize on the function signature required for xts_encrypt. Rename to do_aes_{en,de}crypt_ecb, since the helper does not itself do anything with respect to xts. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto/builtin: Remove odd-sized AES block handlingRichard Henderson
We verified that the data block is properly sized modulo AES_BLOCK_SIZE within qcrypto_builtin_cipher_{en,de}crypt. Therefore we will never have to handle odd sized blocks. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Constify cipher data tablesRichard Henderson
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Move cipher->driver init to qcrypto_*_cipher_ctx_newRichard Henderson
The class vtable should be set by the class initializer. This will also allow additional subclassing, reducing the amount of indirection in the hierarchy. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Allocate QCryptoCipher with the subclassRichard Henderson
Merge the allocation of "opaque" into the allocation of "cipher". This is step one in reducing the indirection in these classes. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Use the correct const type for driverRichard Henderson
This allows the in memory structures to be read-only. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Move QCryptoCipherDriver typedef to crypto/cipher.hRichard Henderson
Allow the use in QCryptoCipher to be properly typed with the opaque struct pointer. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto/nettle: Fix xts_encrypt argumentsRichard Henderson
The fourth argument to xts_encrypt should be the decrypt callback; we were accidentally passing encrypt twice. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Remove redundant includesRichard Henderson
Both qemu/osdep.h and cipherpriv.h have already been included by the parent cipher.c. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Rename cipher include files to .c.incRichard Henderson
QEMU standard procedure for included c files is to use *.c.inc. E.g. there are a different set of checks that are applied. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-10crypto: Assume blocksize is a power of 2Richard Henderson
The check in the encode/decode path using full division has a noticeable amount of overhead. By asserting the blocksize is a power of 2, we can reduce this check to a mask. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-09-07crypto: fix build with gcrypt enabledDaniel P. Berrangé
If nettle is disabled and gcrypt enabled, the compiler and linker flags needed for gcrypt are not passed. Gnutls was also not added as a dependancy when gcrypt is enabled. Attempting to add the library dependencies at the same time as the source dependencies is error prone, as there are alot of different rules for picking which sources to use, and some of the source files use code level conditionals intead. It is thus clearer to add the library dependencies separately. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20200901133050.381844-2-berrange@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-09-02tls-cipher-suites: Correct instance_sizeEduardo Habkost
We do have a QCryptoTLSCipherSuites struct. It must be used when setting instance_size of the QOM type. Luckily this never caused problems because the QCryptoTLSCipherSuites struct has only a parent_obj field and nothing else. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20200826171005.4055015-5-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-08-21meson: convert crypto directory to MesonMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21libqemuutil, qapi, trace: convert to mesonPaolo Bonzini
This shows how to do some "computations" in meson.build using its array and dictionary data structures, and also a basic usage of the sourceset module for conditional compilation. Notice the new "if have_system" part of util/meson.build, which fixes a bug in the old build system was buggy: util/dbus.c was built even for non-softmmu builds, but the dependency on -lgio was lost when the linking was done through libqemuutil.a. Because all of its users required gio otherwise, the bug was hidden. Meson instead propagates libqemuutil's dependencies down to its users, and shows the problem. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>