The block layer does not know how many threads will perform I/O. It is possible to exceed the number of threads that is given to qcrypto_block_open() and this can trigger an assertion failure in qcrypto_block_pop_cipher().
This patch series removes the n_threads argument and instead handles an arbitrary number of threads. --- Is it secure to store the key in QCryptoBlock? In this series I assumed the answer is yes since the QCryptoBlock's cipher state is equally sensitive, but I'm not familiar with this code or a crypto expert. Stefan Hajnoczi (2): block/crypto: create ciphers on demand crypto/block: drop qcrypto_block_open() n_threads argument crypto/blockpriv.h | 13 ++-- include/crypto/block.h | 2 - block/crypto.c | 1 - block/qcow.c | 2 +- block/qcow2.c | 5 +- crypto/block-luks.c | 4 +- crypto/block-qcow.c | 8 +-- crypto/block.c | 116 ++++++++++++++++++++------------- tests/unit/test-crypto-block.c | 4 -- 9 files changed, 85 insertions(+), 70 deletions(-) -- 2.45.1
