On 11/15/22 02:16, Dr. David Alan Gilbert wrote:
* zhenwei pi (pizhen...@bytedance.com) wrote:
Example of this command:
# virsh qemu-monitor-command vm --hmp info cryptodev
cryptodev1: service=[akcipher|mac|hash|cipher]
queue 0: type=builtin
cryptodev0: service=[akcipher]
queue 0
14:45, zhenwei pi wrote:
The main changes in this series:
- introduce cryptodev.json to describe the attributes of crypto device, then
drop duplicated type declare, remove some virtio related dependence.
- add statistics: OPS and bandwidth.
- add QMP command: query-cryptodev
- add HMP info co
We have already used qapi to generate crypto device types, this allows
to convert type to a string 'model', so the 'model' field is not
needed.
And the 'name' field is not used by any backend driver, drop it.
Signed-off-by: zhenwei pi
---
backends/cryptodev-b
Introduce cryptodev service type in cryptodev.json, then apply this
to related codes. Now we can remove VIRTIO_CRYPTO_SERVICE_xxx
dependence from QEMU cryptodev.
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c| 8
backends/cryptodev-lkcf.c | 2 +-
backends
ervice": [
"akcipher"
],
"id": "cryptodev0",
"client": [
{
"queue": 0,
"type": "lkcf",
"info": "cryptodev-lkcf0"
}
]
}
Rather than exposing akcipher service/RSA algorithm to virtio crypto
device unconditionally, detect akcipher capability from akcipher
crypto framework. This avoids unsuccessful requests.
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 18 +++---
1 file changed, 15
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 3f698cb0e9..d1814f87ef 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2827,6 +2827,7 @@ T: git https://gitlab.com/ehabkost/qemu.git machine-next
Cryptodev Backends
M
Introduce QCryptodevBackendType in cryptodev.json, also apply this to
related codes. Then we can drop 'enum CryptoDevBackendOptionsType'.
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
backends/cryptodev-builtin.c| 2 +-
backends/cryptodev-lkcf.c
"akcipher"
],
"asym-stat": {
"encrypt-ops": 54,
"verify-bytes": 8704,
"sign-ops": 17,
"verify-ops": 34,
"sign-bytes": 340,
"decrypt-bytes":
Move queue_index, CryptoDevCompletionFunc and opaque into struct
CryptoDevBackendOpInfo, then cryptodev_backend_crypto_operation()
needs an argument CryptoDevBackendOpInfo *op_info only. And remove
VirtIOCryptoReq from cryptodev.
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 9
Example of this command:
# virsh qemu-monitor-command vm --hmp info cryptodev
cryptodev1: service=[akcipher|mac|hash|cipher]
queue 0: type=builtin
cryptodev0: service=[akcipher]
queue 0: type=lkcf
Signed-off-by: zhenwei pi
---
hmp-commands-info.hx | 14 ++
include/monitor
['sym', 'asym']}
Then we can keep 'CRYPTODEV_BACKEND_ALG_SYM' and avoid lots of
changes.
2, changes in this patch(with prefix 'QCRYPTODEV_BACKEND_ALG').
To avoid breaking the rule of QAPI, use 2 here.
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin
qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 100
or cancel limitation:
virsh qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 0
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 140 +
includ
capability instead of exposing akcipher service
unconditionally.
Zhenwei Pi (11):
cryptodev: Introduce cryptodev.json
cryptodev: Remove 'name' & 'model' fields
cryptodev: Introduce cryptodev alg type in QAPI
cryptodev: Introduce server type in QAPI
cryptodev:
PING!
On 7/19/22 15:55, zhenwei pi wrote:
Originally we have to get all the vCPU registers and parse the
specified one. To improve the performance of this usage, allow user
specified vCPU id to query registers.
Run a VM with 16 vCPU, use bcc tool to track the latency of
'hmp_info_regi
v1 -> v2:
- Typo fix in commit message.
- Suggested by Darren, use '[-a|vcpu]' instead of '[-a] [vcpu]',
becase only one of these may be specified at a time.
v1:
- Support specified vCPU registers for monitor command.
Zhenwei Pi (1):
monitor: Support specified vCPU r
ses about 3ms;
'info registers 12' uses about 150us.
Cc: Darren Kenny
Signed-off-by: zhenwei pi
---
hmp-commands-info.hx | 7 ---
monitor/misc.c | 18 ++
2 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/hmp-commands-info.hx b/hmp-commands-info.h
specified vCPU registers for monitor command.
Zhenwei Pi (1):
monitor: Support specified vCPU registers
hmp-commands-info.hx | 8 +---
monitor/misc.c | 10 --
2 files changed, 13 insertions(+), 5 deletions(-)
--
2.20.1
ses about 3ms;
'info registers 12' uses about 150us.
Cc: Darren Kenny
Signed-off-by: zhenwei pi
---
hmp-commands-info.hx | 8 +---
monitor/misc.c | 10 --
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
index
x27;,
becase only one of these may be specified at a time.
v1:
- Support specified vCPU registers for monitor command.
Zhenwei Pi (1):
monitor: Support specified vCPU registers
hmp-commands-info.hx | 8 +---
monitor/misc.c | 10 --
2 files changed, 13 insertions(+), 5 deletions(-)
--
2.20.1
ses about 3ms;
'info registers 12' uses about 150us.
Cc: Darren Kenny
Reviewed-by: Markus Armbruster
Signed-off-by: zhenwei pi
---
hmp-commands-info.hx | 8 +---
monitor/misc.c | 10 --
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/hmp-commands-info.h
Hi,
Could you please give me any hint about this issue & patch?
On 8/4/22 14:59, Eiichi Tsukata wrote:
Hi
We’ve also hit this case.
On May 5, 2022, at 9:32, zhenwei pi wrote:
Hi, Paolo
I would appreciate it if you could review patch.
On 4/20/22 14:45, zhenwei pi wrote:
qemu e
Hi Kevin, Hanna,
Patch 1 -> patch 5 of this series are already reviewed by Alberto(these
affects throttle framework only), the patch 6 affects qemu block layer,
would you please review this(in the further step, merge this series if
this is acceptable)?
On 7/13/23 14:41, zhenwei pi wr
leTimerType instead of timers[0], timer[1]...
- support read-only and write-only for throttle
- adapt related test codes
- cryptodev uses a write-only throttle timer
Zhenwei Pi (9):
throttle: introduce enum ThrottleDirection
test-throttle: use enum ThrottleDirection
throttle: support read-only an
27; tag is no longer needed.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Cc: Gonglei
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index 7d29517843..5cfa25c61c 10
Use enum ThrottleDirection instead of number index.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
include/qemu/throttle.h | 11 ---
util/throttle.c | 16 +---
2 files changed, 17 insertions(+), 10 deletions(-)
diff --git a
Use enum ThrottleDirection instead in the throttle test codes.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
tests/unit/test-throttle.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/unit/test-throttle.c b/tests/unit
enum ThrottleDirection is already there, use ThrottleDirection instead
of 'bool is_write' for throttle API, also modify related codes from
block, fsdev, cryptodev and tests.
Signed-off-by: zhenwei pi
---
backends/cryptodev.c| 9 +
block/throttle-groups.c | 6 +++
into static variables.
Signed-off-by: zhenwei pi
---
util/throttle.c | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/util/throttle.c b/util/throttle.c
index 9a37209bb8..9baa6b8a3a 100644
--- a/util/throttle.c
+++ b/util/throttle.c
@@ -142,7 +142,8 @@ int64_t
command = commands[random.randrange(0, 3)] + str(random.randrange(0,
100))
subprocess.run(command, shell=True, check=True)
This works fine.
Signed-off-by: zhenwei pi
---
block/throttle-groups.c | 105
block/throttle.c| 8 +--
direction in throttle, this reduces memory, and uplayer
does not need a dummy callback any more.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
util/throttle.c | 42 --
1 file changed, 28 insertions(+), 14 deletions
'bool is_write' style is obsolete from throttle framework, adapt
fsdev to the new style.
Cc: Greg Kurz
Signed-off-by: zhenwei pi
---
fsdev/qemu-fsdev-throttle.c | 14 +++---
fsdev/qemu-fsdev-throttle.h | 4 ++--
hw/9pfs/cofile.c| 4 ++--
3 files changed, 11
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
tests/unit/test-throttle.c | 66 ++
1 file changed, 66 insertions(+)
diff --git a/tests/unit/test-throttle.c b/tests/unit/test-throttle.c
index a60b5fe22e..5547837a58
Use enum ThrottleDirection instead of number index.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
include/qemu/throttle.h | 11 ---
util/throttle.c | 16 +---
2 files changed, 17 insertions(+), 10 deletions(-)
diff --git a
enum ThrottleDirection is already there, use ThrottleDirection instead
of 'bool is_write' for throttle API, also modify related codes from
block, fsdev, cryptodev and tests.
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
backends/cryptodev.c| 9 +
bloc
'virsh blkdeviotune jammy vda --read-bytes-sec ', \
'virsh blkdeviotune jammy vda --read-iops-sec ']
for loop in range(1, 1000):
time.sleep(random.randrange(3, 5))
command = commands[random.randrange(0, 3)] + str(random.randrange(0,
100))
subprocess.run(co
On 7/28/23 00:12, Hanna Czenczek wrote:
On 24.07.23 12:09, zhenwei pi wrote:
'bool is_write' style is obsolete from throttle framework, adapt
block throttle groups to the new style.
Use a simple python script to test the new style:
#!/usr/bin/python3
import subprocess
import ran
'bool is_write' style is obsolete from throttle framework, adapt
fsdev to the new style.
Cc: Greg Kurz
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
fsdev/qemu-fsdev-throttle.c | 14 +++---
fsdev/qemu-fsdev-throttle.h | 4 ++--
hw/9pfs/cofile.c|
27; tag is no longer needed.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index 7d29517843..5cfa25c61c 100644
---
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
tests/unit/test-throttle.c | 66 ++
1 file changed, 66 insertions(+)
diff --git a/tests/unit/test-throttle.c b/tests/unit/test-throttle.c
index a60b5fe22e..5547837a58
7; to 'ThrottleType'
- add assertion to throttle_schedule_timer
v1:
- introduce enum ThrottleTimerType instead of timers[0], timer[1]...
- support read-only and write-only for throttle
- adapt related test codes
- cryptodev uses a write-only throttle timer
Zhenwei Pi (9):
throttle: i
into static variables.
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
util/throttle.c | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/util/throttle.c b/util/throttle.c
index 7d3eb6032f..9582899da3 100644
--- a/util/throttle.c
+++ b/util/throttle.c
Use enum ThrottleDirection instead in the throttle test codes.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
tests/unit/test-throttle.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/unit/test-throttle.c b/tests/unit
direction in throttle, this reduces memory, and uplayer
does not need a dummy callback any more.
Reviewed-by: Alberto Garcia
Reviewed-by: Hanna Czenczek
Signed-off-by: zhenwei pi
---
util/throttle.c | 42 --
1 file changed, 28 insertions(+), 14 deletions
changes of error message) in qemu-devel.
Fixes: CVE-2023-3180
Fixes: 04b9b37edda("virtio-crypto: add data queue processing handler")
Cc: Gonglei
Cc: Mauro Matteo Cascella
Cc: Yiming Tao
Signed-off-by: zhenwei pi
---
hw/virtio/virtio-crypto.c | 5 +
1 file changed, 5 insertions(+)
di
Hi Michael, Lei,
Yiming Tao, Yongkang Jia, Xiao Lei(from Zhejiang University) reported
issuses and CVEs in the past days.
This series fixes a CVE and a BUG for virtio-crypto/cryptodev.
Zhenwei Pi (2):
virtio-crypto: verify src&dst buffer length for sym request
cryptodev: Handle unexpe
7;)
Cc: Gonglei
Cc: Mauro Matteo Cascella
Cc: Xiao Lei
Cc: Yongkang Jia
Reported-by: Yiming Tao
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index 7d29517843..4d183f7237 100644
On 8/4/23 12:35, Michael Tokarev wrote:
04.08.2023 01:21, Michael S. Tsirkin wrote:
From: zhenwei pi
Generally guest side should discover which services the device is
able to offer, then do requests on device.
However it's also possible to break this rule in a guest. Handle
unexp
("Cannot find a valid session id: %" PRIu64 "",
session_id);
+return -VIRTIO_CRYPTO_INVSESS;
+}
session = builtin->sessions[session_id];
if (session->cipher) {
--
zhenwei pi
LGTM, thanks!
Reviewed-by: zhenwei pi
On 4/9/24 17:47, Philippe Mathieu-Daudé wrote:
Instead of aborting when a session ID is invalid,
return VIRTIO_CRYPTO_INVSESS ("Invalid session id").
Reproduced using:
$ cat << EOF | qemu-system-i386 -display none \
-machine q3
guest PR out without PTPL will work, but the backend uses PTPL=1
instead.
Will this request succeed?
If the backend driver' supports PTPL capability, it will succeed.
Otherwise it will fail.
--
zhenwei pi
On 12/20/22 23:36, Michael S. Tsirkin wrote:
On Tue, Nov 22, 2022 at 10:07:45PM +0800, zhenwei pi wrote:
v1 -> v2:
- fix coding style and use 'g_strjoin()' instead of 'char services[128]'
(suggested by Dr. David Alan Gilbert)
- wrapper function 'cryptode
On 1/16/23 19:27, Daniel P. Berrangé wrote:
On Mon, Jan 16, 2023 at 05:53:07PM +0800, zhenwei pi wrote:
On 12/20/22 23:36, Michael S. Tsirkin wrote:
On Tue, Nov 22, 2022 at 10:07:45PM +0800, zhenwei pi wrote:
v1 -> v2:
- fix coding style and use 'g_strjoin()' instead of '
: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
backends/cryptodev-builtin.c| 2 +-
backends/cryptodev-lkcf.c | 2 +-
backends/cryptodev-vhost-user.c | 4 ++--
backends/cryptodev-vhost.c | 4 ++--
include/sysemu/cryptodev.h |
We have already used qapi to generate crypto device types, this allows
to convert type to a string 'model', so the 'model' field is not
needed.
And the 'name' field is not used by any backend driver, drop it.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenw
Introduce cryptodev service type in cryptodev.json, then apply this
to related codes. Now we can remove VIRTIO_CRYPTO_SERVICE_xxx
dependence from QEMU cryptodev.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c| 8
backends/cryptodev
.c in the next step. (In theory,
VirtIOCryptoReq is a private structure used by virtio-crypto only)
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 9 +++--
backends/cryptodev-lkcf.c| 9 +++--
backends/cryptodev.c | 18 +-
hw/virtio/virtio-cry
- introduce cryptodev.json to describe the attributes of crypto device, then
drop duplicated type declare, remove some virtio related dependence.
- add statistics: OPS and bandwidth.
- add QMP command: query-cryptodev
- add HMP info command: cryptodev
- misc fix: detect akcipher capability in
qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 100
or cancel limitation:
virsh qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 0
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 138 +
includ
['sym', 'asym']}
Then we can keep 'CRYPTODEV_BACKEND_ALG_SYM' and avoid lots of
changes.
2, changes in this patch(with prefix 'QCRYPTODEV_BACKEND_ALG').
To avoid breaking the rule of QAPI, use 2 here.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei
pto device.
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 68 +++---
include/sysemu/cryptodev.h | 31 +
qapi/cryptodev.json| 54 ++
3 files changed, 148 insertions(+), 5 deletions(-)
diff --git
ot;hash",
"cipher"
],
"id": "cryptodev1",
"client": [
{
"queue": 0,
"type": "builtin"
}
]
},
{
"service": [
"akcipher"
],
&
ts": [
{
"name": "asym-verify-bytes",
"value": 0
},
...
{
"name": "sym-decrypt-bytes",
"value": 5376
},
...
],
"qom-path": "/obje
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 5ec5aebadb..0f8ffe2f64 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2858,6 +2858,7 @@ T: git https://gitlab.com/ehabkost/qemu.git machine-next
Cryptodev Backends
M
Rather than exposing akcipher service/RSA algorithm to virtio crypto
device unconditionally, detect akcipher capability from akcipher
crypto framework. This avoids unsuccessful requests.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 18
Example of this command:
# virsh qemu-monitor-command vm --hmp info cryptodev
cryptodev1: service=[akcipher|mac|hash|cipher]
queue 0: type=builtin
cryptodev0: service=[akcipher]
queue 0: type=lkcf
Signed-off-by: zhenwei pi
---
hmp-commands-info.hx | 14 ++
include/monitor
Looks good to me, thanks!
Acked-by: zhenwei pi
On 4/4/23 19:59, Markus Armbruster wrote:
In the QEMU QMP Reference Manual, subsection "Block core (VM
unrelated)" is empty. Its contents is at the end of subsection
"Background jobs" instead. That's because qapi/job
: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
backends/cryptodev-builtin.c| 2 +-
backends/cryptodev-lkcf.c | 2 +-
backends/cryptodev-vhost-user.c | 4 ++--
backends/cryptodev-vhost.c | 4 ++--
include/sysemu/cryptodev.h |
Introduce cryptodev service type in cryptodev.json, then apply this
to related codes. Now we can remove VIRTIO_CRYPTO_SERVICE_xxx
dependence from QEMU cryptodev.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c| 8
backends/cryptodev
qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 100
or cancel limitation:
virsh qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 0
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 138 +
includ
Example of this command:
# virsh qemu-monitor-command vm --hmp info cryptodev
cryptodev1: service=[akcipher|mac|hash|cipher]
queue 0: type=builtin
cryptodev0: service=[akcipher]
queue 0: type=lkcf
Signed-off-by: zhenwei pi
---
hmp-commands-info.hx | 14 ++
include/monitor
statistics: OPS and bandwidth.
- add QMP command: query-cryptodev
- add HMP info command: cryptodev
- misc fix: detect akcipher capability instead of exposing akcipher service
unconditionally.
Zhenwei Pi (12):
cryptodev: Introduce cryptodev.json
cryptodev: Remove 'name' & 'm
pto device.
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 68 +++---
include/sysemu/cryptodev.h | 31 +
qapi/cryptodev.json| 54 ++
3 files changed, 148 insertions(+), 5 deletions(-)
diff --git
ts": [
{
"name": "asym-verify-bytes",
"value": 0
},
...
{
"name": "sym-decrypt-bytes",
"value": 5376
},
...
],
"qom-path": "/obje
['sym', 'asym']}
Then we can keep 'CRYPTODEV_BACKEND_ALG_SYM' and avoid lots of
changes.
2, changes in this patch(with prefix 'QCRYPTODEV_BACKEND_ALG').
To avoid breaking the rule of QAPI, use 2 here.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei
Rather than exposing akcipher service/RSA algorithm to virtio crypto
device unconditionally, detect akcipher capability from akcipher
crypto framework. This avoids unsuccessful requests.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 18
I developed the akcipher service, QoS setting, QMP/HMP commands and
statistics accounting for crypto device. Making myself as the
maintainer for QEMU's cryptodev.
Cc: Gonglei
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTA
.c in the next step. (In theory,
VirtIOCryptoReq is a private structure used by virtio-crypto only)
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 9 +++--
backends/cryptodev-lkcf.c| 9 +++--
backends/cryptodev.c | 18 +-
hw/virtio/virtio-cry
ot;hash",
"cipher"
],
"id": "cryptodev1",
"client": [
{
"queue": 0,
"type": "builtin"
}
]
},
{
"service": [
"akcipher"
],
&
We have already used qapi to generate crypto device types, this allows
to convert type to a string 'model', so the 'model' field is not
needed.
And the 'name' field is not used by any backend driver, drop it.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenw
On 1/28/23 19:30, Michael S. Tsirkin wrote:
On Sat, Jan 28, 2023 at 11:56:21AM +0800, zhenwei pi wrote:
v3 -> v4:
- a small change in
'0005-cryptodev-Introduce-query-cryptodev-QMP-command.patch':
use 'uint32' instead of 'int' to describe CryptodevB
On 1/28/23 19:30, Michael S. Tsirkin wrote:
On Sat, Jan 28, 2023 at 11:56:26AM +0800, zhenwei pi wrote:
Now we have a QMP command to query crypto devices:
virsh qemu-monitor-command vm '{"execute": "query-cryptodev"}' | jq
{
"return": [
['sym', 'asym']}
Then we can keep 'CRYPTODEV_BACKEND_ALG_SYM' and avoid lots of
changes.
2, changes in this patch(with prefix 'QCRYPTODEV_BACKEND_ALG').
To avoid breaking the rule of QAPI, use 2 here.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei
the maintainer for cryptodev.
v1:
- introduce cryptodev.json to describe the attributes of crypto device, then
drop duplicated type declare, remove some virtio related dependence.
- add statistics: OPS and bandwidth.
- add QMP command: query-cryptodev
- add HMP info command: cryptodev
- misc fix: d
.c in the next step. (In theory,
VirtIOCryptoReq is a private structure used by virtio-crypto only)
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 9 +++--
backends/cryptodev-lkcf.c| 9 +++--
backends/cryptodev.c | 18 +-
hw/virtio/virtio-cry
: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
backends/cryptodev-builtin.c| 2 +-
backends/cryptodev-lkcf.c | 2 +-
backends/cryptodev-vhost-user.c | 4 ++--
backends/cryptodev-vhost.c | 4 ++--
include/sysemu/cryptodev.h |
ot;hash",
"cipher"
],
"id": "cryptodev1",
"client": [
{
"queue": 0,
"type": "builtin"
}
]
},
{
"service": [
"akcipher"
],
&
Example of this command:
# virsh qemu-monitor-command vm --hmp info cryptodev
cryptodev1: service=[akcipher|mac|hash|cipher]
queue 0: type=builtin
cryptodev0: service=[akcipher]
queue 0: type=lkcf
Signed-off-by: zhenwei pi
---
hmp-commands-info.hx | 14 ++
include/monitor
pto device.
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 68 +++---
include/sysemu/cryptodev.h | 31 +
qapi/cryptodev.json| 54 ++
3 files changed, 148 insertions(+), 5 deletions(-)
diff --git
We have already used qapi to generate crypto device types, this allows
to convert type to a string 'model', so the 'model' field is not
needed.
And the 'name' field is not used by any backend driver, drop it.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenw
qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 100
or cancel limitation:
virsh qemu-monitor-command buster --hmp qom-set /objects/cryptodev1 \
throttle-ops 0
Signed-off-by: zhenwei pi
---
backends/cryptodev.c | 138 +
includ
Rather than exposing akcipher service/RSA algorithm to virtio crypto
device unconditionally, detect akcipher capability from akcipher
crypto framework. This avoids unsuccessful requests.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c | 18
Introduce cryptodev service type in cryptodev.json, then apply this
to related codes. Now we can remove VIRTIO_CRYPTO_SERVICE_xxx
dependence from QEMU cryptodev.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: zhenwei pi
---
backends/cryptodev-builtin.c| 8
backends/cryptodev
ts": [
{
"name": "asym-verify-bytes",
"value": 0
},
...
{
"name": "sym-decrypt-bytes",
"value": 5376
},
...
],
"qom-path": "/obje
I developed the akcipher service, QoS setting, QMP/HMP commands and
statistics accounting for crypto device. Making myself as the
maintainer for QEMU's cryptodev.
Cc: Gonglei
Signed-off-by: zhenwei pi
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTA
roduced by commit
0e660a6f90a, which
changed the semantic meaning of request-> flag.
Regards,
-Gonglei
Hi Mauro
Agree with Lei, could you please change the Fixes as Lei suggested?
--
zhenwei pi
LGTM. Thanks!
Reviewed-by: zhenwei pi
On 5/9/23 15:53, Mauro Matteo Cascella wrote:
Ensure op_info is not NULL in case of QCRYPTODEV_BACKEND_ALG_SYM algtype.
Fixes: 0e660a6f90a ("crypto: Introduce RSA algorithm")
Signed-off-by: Mauro Matteo Cascella
Reported-by: Yiming Tao
---
v2:
on.op_code = backend_info->op_code;
+msg.payload.session.session_id = backend_info->session_id;
ret = vhost_user_write(dev, &msg, NULL, 0);
if (ret < 0) {
error_report("vhost_user_write() return %d, create session failed",
--
zhenwei pi
A vCPU thread always reaches 100% utilization when:
- guest uses idle=poll
- disable HLT vm-exit
- enable MWAIT
Add new guest agent command 'guest-get-cpustats' to get guest CPU
statistics, we can know the guest workload and how busy the CPU is.
Signed-off-by: zhenwei pi
---
qg
A vCPU thread always reaches 100% utilization when:
- guest uses idle=poll
- disable HLT vm-exit
- enable MWAIT
Add new guest agent command 'guest-get-cpustats' to get guest CPU
statistics, we can know the guest workload and how busy the CPU is.
Signed-off-by: zhenwei pi
---
qg
1 - 100 of 384 matches
Mail list logo
