[libvirt] [PATCHV2] qemu: ask for -enable-fips when FIPS is required
Eric Blake
eblake at redhat.com
Tue Dec 17 18:29:18 UTC 2013
On 12/16/2013 01:46 AM, Peter Krempa wrote:
> On 12/13/13 19:51, Eric Blake wrote:
>> On a system that is enforcing FIPS, most libraries honor the
>> current mode by default. Qemu, on the other hand, refused to
>> honor FIPS mode unless you add the '-enable-fips' command
>> line option; worse, this option is not discoverable via QMP,
>> and is only present on binaries built for Linux. So, if we
>> detect FIPS mode, then we unconditionally ask for FIPS; either
>> qemu is new enough to have the option and then correctly
>> cripple insecure VNC passwords, or it is so old that we are
>> correctly avoiding a FIPS violation by preventing qemu from
>> starting. Meanwhile, if we don't detect FIPS mode, then
>> omitting the argument is safe whether the qemu has the option
>> (but it would do nothing because FIPS is disabled) or whether
>> qemu lacks the option (including in the case where we are not
>> running on Linux).
>>
>> + if (virFileExists("/proc/sys/crypto/fips_enabled")) {
>> + char buf[sizeof("1\n")];
>
> No need for the above buffer as virFileReadAll actually allocates the
> buffer itself.
D'oh. Version 3 coming up.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20131217/52dceee8/attachment-0001.sig>
More information about the libvir-list
mailing list