qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Failing iotest 206


From: Thomas Huth
Subject: Re: Failing iotest 206
Date: Tue, 20 Jul 2021 10:20:28 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.12.0

On 20/07/2021 03.12, Eric Blake wrote:
On Mon, Jul 19, 2021 at 10:06:01AM +0200, Thomas Huth wrote:
  Hi,

iotest 206 fails for me with:


--- 206.out
+++ 206.out.bad
@@ -99,55 +99,19 @@

  {"execute": "blockdev-create", "arguments": {"job-id": "job0", "options":
{"driver": "qcow2", "encrypt": {"cipher-alg": "twofish-128", "cipher-mode":
"ctr", "format": "luks", "hash-alg": "sha1", "iter-time": 10, "ivgen-alg":
"plain64", "ivgen-hash-alg": "md5", "key-secret": "keysec0"}, "file":
{"driver": "file", "filename": "TEST_DIR/PID-t.qcow2"}, "size": 33554432}}}
  {"return": {}}
+Job failed: Unsupported cipher algorithm twofish-128 with ctr mode
  {"execute": "job-dismiss", "arguments": {"id": "job0"}}
  {"return": {}}


Looks like it is missing a check for the availability of the corresponding
crypto stuff? Does anybody got a clue how to fix this?

What system is this on?

RHEL 8.4

Which crypto library versions are installed?

gnutls-3.6.14-8.el8_3.x86_64
nettle-3.4.1-4.el8_3.x86_64

I suspect this is related to Dan's effort to speed up crypto by
favoring gnutls over nettle, where the switch in favored libraries
failed to account for whether twofish-128 is supported?

https://lists.gnu.org/archive/html/qemu-devel/2021-07/msg03886.html

You're right, I've bisected the problem now, and the commit that introduced the issue is this one here:

commit 8bd0931f63008b1d50c8df75a611323a93c052bf
Author: Daniel P. Berrangé <berrange@redhat.com>
Date:   Fri Jul 2 17:38:33 2021 +0100

    crypto: prefer gnutls as the crypto backend if new enough

    If we have gnutls >= 3.6.13, then it has enough functionality
    and performance that we can use it as the preferred crypto
    backend.

    Reviewed-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

 Thomas





reply via email to

[Prev in Thread] Current Thread [Next in Thread]