[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 02/10] crypto: run qcrypto_pbkdf2_count_iters in a new thread
From: |
Daniel P . Berrangé |
Subject: |
[PULL 02/10] crypto: run qcrypto_pbkdf2_count_iters in a new thread |
Date: |
Mon, 9 Sep 2024 15:16:27 +0100 |
From: Tiago Pasqualini <tiago.pasqualini@canonical.com>
CPU time accounting in the kernel has been demonstrated to have a
sawtooth pattern[1][2]. This can cause the getrusage system call to
not be as accurate as we are expecting, which can cause this calculation
to stall.
The kernel discussions shows that this inaccuracy happens when CPU time
gets big enough, so this patch changes qcrypto_pbkdf2_count_iters to run
in a fresh thread to avoid this inaccuracy. It also adds a sanity check
to fail the process if CPU time is not accounted.
[1]
https://lore.kernel.org/lkml/159231011694.16989.16351419333851309713.tip-bot2@tip-bot2/
[2]
https://lore.kernel.org/lkml/20221226031010.4079885-1-maxing.lan@bytedance.com/t/#m1c7f2fdc0ea742776a70fd1aa2a2e414c437f534
Resolves: #2398
Signed-off-by: Tiago Pasqualini <tiago.pasqualini@canonical.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/pbkdf.c | 53 +++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 46 insertions(+), 7 deletions(-)
diff --git a/crypto/pbkdf.c b/crypto/pbkdf.c
index 8d198c152c..d1c06ef3ed 100644
--- a/crypto/pbkdf.c
+++ b/crypto/pbkdf.c
@@ -19,6 +19,7 @@
*/
#include "qemu/osdep.h"
+#include "qemu/thread.h"
#include "qapi/error.h"
#include "crypto/pbkdf.h"
#ifndef _WIN32
@@ -85,12 +86,28 @@ static int qcrypto_pbkdf2_get_thread_cpu(unsigned long long
*val_ms,
#endif
}
-uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm hash,
- const uint8_t *key, size_t nkey,
- const uint8_t *salt, size_t nsalt,
- size_t nout,
- Error **errp)
+typedef struct CountItersData {
+ QCryptoHashAlgorithm hash;
+ const uint8_t *key;
+ size_t nkey;
+ const uint8_t *salt;
+ size_t nsalt;
+ size_t nout;
+ uint64_t iterations;
+ Error **errp;
+} CountItersData;
+
+static void *threaded_qcrypto_pbkdf2_count_iters(void *data)
{
+ CountItersData *iters_data = (CountItersData *) data;
+ QCryptoHashAlgorithm hash = iters_data->hash;
+ const uint8_t *key = iters_data->key;
+ size_t nkey = iters_data->nkey;
+ const uint8_t *salt = iters_data->salt;
+ size_t nsalt = iters_data->nsalt;
+ size_t nout = iters_data->nout;
+ Error **errp = iters_data->errp;
+
uint64_t ret = -1;
g_autofree uint8_t *out = g_new(uint8_t, nout);
uint64_t iterations = (1 << 15);
@@ -114,7 +131,10 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm
hash,
delta_ms = end_ms - start_ms;
- if (delta_ms > 500) {
+ if (delta_ms == 0) { /* sanity check */
+ error_setg(errp, "Unable to get accurate CPU usage");
+ goto cleanup;
+ } else if (delta_ms > 500) {
break;
} else if (delta_ms < 100) {
iterations = iterations * 10;
@@ -129,5 +149,24 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm
hash,
cleanup:
memset(out, 0, nout);
- return ret;
+ iters_data->iterations = ret;
+ return NULL;
+}
+
+uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm hash,
+ const uint8_t *key, size_t nkey,
+ const uint8_t *salt, size_t nsalt,
+ size_t nout,
+ Error **errp)
+{
+ CountItersData data = {
+ hash, key, nkey, salt, nsalt, nout, 0, errp
+ };
+ QemuThread thread;
+
+ qemu_thread_create(&thread, "pbkdf2", threaded_qcrypto_pbkdf2_count_iters,
+ &data, QEMU_THREAD_JOINABLE);
+ qemu_thread_join(&thread);
+
+ return data.iterations;
}
--
2.45.2
- [PULL 00/10] Crypto fixes patches, Daniel P . Berrangé, 2024/09/09
- [PULL 01/10] iotests: fix expected output from gnutls, Daniel P . Berrangé, 2024/09/09
- [PULL 02/10] crypto: run qcrypto_pbkdf2_count_iters in a new thread,
Daniel P . Berrangé <=
- [PULL 03/10] crypto: check gnutls & gcrypt support the requested pbkdf hash, Daniel P . Berrangé, 2024/09/09
- [PULL 04/10] tests/unit: always build the pbkdf crypto unit test, Daniel P . Berrangé, 2024/09/09
- [PULL 05/10] tests/unit: build pbkdf test on macOS, Daniel P . Berrangé, 2024/09/09
- [PULL 07/10] crypto: use consistent error reporting pattern for unsupported cipher modes, Daniel P . Berrangé, 2024/09/09
- [PULL 06/10] crypto: avoid leak of ctx when bad cipher mode is given, Daniel P . Berrangé, 2024/09/09
- [PULL 08/10] crypto: Define macros for hash algorithm digest lengths, Daniel P . Berrangé, 2024/09/09
- [PULL 09/10] crypto: Support SHA384 hash when using glib, Daniel P . Berrangé, 2024/09/09
- [PULL 10/10] crypto: Introduce x509 utils, Daniel P . Berrangé, 2024/09/09
- Re: [PULL 00/10] Crypto fixes patches, Peter Maydell, 2024/09/09
- Re: [PULL 00/10] Crypto fixes patches, Michael Tokarev, 2024/09/11