[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 13/18] crypto: introduce build system for gnutls crypto backe
From: |
Eric Blake |
Subject: |
Re: [PATCH 13/18] crypto: introduce build system for gnutls crypto backend |
Date: |
Thu, 8 Jul 2021 14:03:44 -0500 |
User-agent: |
NeoMutt/20210205-556-f84451-dirty |
On Tue, Jul 06, 2021 at 10:59:19AM +0100, Daniel P. Berrangé wrote:
> This introduces the build logic needed to decide whether we can
> use gnutls as a crypto driver backend. The actual implementations
> will be introduced in following patches. We only wish to use
> gnutls if it has version 3.6.14 or newer, because that is what
> finally brings HW accelerated AES-XTS mode for x86_64.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
> meson.build | 36 ++++++++++++++++++++++++++++++++----
> 1 file changed, 32 insertions(+), 4 deletions(-)
Again, take this with a grain of salt, since my meson skills are near
zero. But the comments do a good job, and it looks sane.
> diff --git a/meson.build b/meson.build
> index 51b8f4ab75..6031f4f0b1 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -811,11 +811,34 @@ if 'CONFIG_OPENGL' in config_host
> endif
>
> gnutls = not_found
> +gnutls_crypto = not_found
> if not get_option('gnutls').auto() or have_system
> - gnutls = dependency('gnutls', version: '>=3.5.18',
> - method: 'pkg-config',
> - required: get_option('gnutls'),
> - kwargs: static_kwargs)
> + # For general TLS support our min gnutls matches
> + # that implied by our platform support matrix
> + #
> + # For the crypto backends, we look for a newer
> + # gnutls:
> + #
> + # Version 3.6.8 is needed to get XTS
> + # Version 3.6.13 is needed to get PBKDF
> + # Version 3.6.14 is needed to get HW accelerated XTS
> + #
> + # If newer enough gnutls isn't available, we can
> + # still use a different crypto backend to satisfy
> + # the platform support requirements
> + gnutls_crypto = dependency('gnutls', version: '>=3.6.14',
> + method: 'pkg-config',
> + required: get_option('gnutls'),
> + kwargs: static_kwargs)
> + if gnutls_crypto.found()
> + gnutls = gnutls_crypto
> + else
> + # Our min version if all we need is TLS
> + gnutls = dependency('gnutls', version: '>=3.5.18',
> + method: 'pkg-config',
> + required: get_option('gnutls'),
> + kwargs: static_kwargs)
TAB damage.
With that fixed,
Reviewed-by: Eric Blake <eblake@redhat.com>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
- Re: [PATCH 08/18] crypto: add crypto tests for single block DES-ECB and DES-CBC, (continued)
- [PATCH 07/18] crypto: drop custom XTS support in gcrypt driver, Daniel P . Berrangé, 2021/07/06
- [PATCH 04/18] crypto: use &error_fatal in crypto tests, Daniel P . Berrangé, 2021/07/06
- [PATCH 10/18] crypto: delete built-in XTS cipher mode support, Daniel P . Berrangé, 2021/07/06
- [PATCH 12/18] crypto: flip priority of backends to prefer gcrypt, Daniel P . Berrangé, 2021/07/06
- [PATCH 13/18] crypto: introduce build system for gnutls crypto backend, Daniel P . Berrangé, 2021/07/06
- Re: [PATCH 13/18] crypto: introduce build system for gnutls crypto backend,
Eric Blake <=
- [PATCH 11/18] crypto: rename des-rfb cipher to just des, Daniel P . Berrangé, 2021/07/06
- Re: [PATCH 11/18] crypto: rename des-rfb cipher to just des, Eric Blake, 2021/07/08
[PATCH 14/18] crypto: add gnutls cipher provider, Daniel P . Berrangé, 2021/07/06
[PATCH 15/18] crypto: add gnutls hash provider, Daniel P . Berrangé, 2021/07/06