On Mon, May 27, 2024 at 11:58:49AM -0400, Stefan Hajnoczi wrote: > The block layer does not know how many threads will perform I/O. It is > possible > to exceed the number of threads that is given to qcrypto_block_open() and this > can trigger an assertion failure in qcrypto_block_pop_cipher(). > > This patch series removes the n_threads argument and instead handles an > arbitrary number of threads. > --- > Is it secure to store the key in QCryptoBlock? In this series I assumed the > answer is yes since the QCryptoBlock's cipher state is equally sensitive, but > I'm not familiar with this code or a crypto expert.
Yes, its a case of .... this is undesirable, but we do it everywhere already, so this isn't making it any worse. For both patches Acked-by: Daniel P. Berrangé <berra...@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
