On Wed, Apr 20, 2022 at 7:43 PM Paolo Bonzini <pbonz...@redhat.com> wrote:
> Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
>
Reviewed-by: Marc-André Lureau <marcandre.lur...@redhat.com>
> ---
> configure | 44 -----------------------------------
> crypto/meson.build | 4 +++-
> meson.build | 15 +++++++++++-
> meson_options.txt | 2 ++
> scripts/meson-buildoptions.sh | 3 +++
> 5 files changed, 22 insertions(+), 46 deletions(-)
>
> diff --git a/configure b/configure
> index cfd15c3518..1c74d2c5f2 100755
> --- a/configure
> +++ b/configure
> @@ -322,7 +322,6 @@ trace_file="trace"
> coroutine=""
> tls_priority="NORMAL"
> plugins="$default_feature"
> -secret_keyring="$default_feature"
> meson=""
> meson_args=""
> ninja=""
> @@ -1009,10 +1008,6 @@ for opt do
> ;;
> --gdb=*) gdb_bin="$optarg"
> ;;
> - --enable-keyring) secret_keyring="yes"
> - ;;
> - --disable-keyring) secret_keyring="no"
> - ;;
> --enable-gio) gio=yes
> ;;
> --disable-gio) gio=no
> @@ -2440,41 +2435,6 @@ case "$slirp" in
> ;;
> esac
>
> -##########################################
> -# check for usable __NR_keyctl syscall
> -
> -if test "$linux" = "yes" ; then
> -
> - have_keyring=no
> - cat > $TMPC << EOF
> -#include <errno.h>
> -#include <asm/unistd.h>
> -#include <linux/keyctl.h>
> -#include <unistd.h>
> -int main(void) {
> - return syscall(__NR_keyctl, KEYCTL_READ, 0, NULL, NULL, 0);
> -}
> -EOF
> - if compile_prog "" "" ; then
> - have_keyring=yes
> - fi
> -fi
> -if test "$secret_keyring" != "no"
> -then
> - if test "$have_keyring" = "yes"
> - then
> - secret_keyring=yes
> - else
> - if test "$secret_keyring" = "yes"
> - then
> - error_exit "syscall __NR_keyctl requested, \
> -but not implemented on your system"
> - else
> - secret_keyring=no
> - fi
> - fi
> -fi
> -
> ##########################################
> # End of CC checks
> # After here, no more $cc or $ld runs
> @@ -2760,10 +2720,6 @@ if test -n "$gdb_bin"; then
> fi
> fi
>
> -if test "$secret_keyring" = "yes" ; then
> - echo "CONFIG_SECRET_KEYRING=y" >> $config_host_mak
> -fi
> -
> echo "ROMS=$roms" >> $config_host_mak
> echo "MAKE=$make" >> $config_host_mak
> echo "PYTHON=$python" >> $config_host_mak
> diff --git a/crypto/meson.build b/crypto/meson.build
> index 19c44bea89..f065f2f277 100644
> --- a/crypto/meson.build
> +++ b/crypto/meson.build
> @@ -34,7 +34,9 @@ else
> crypto_ss.add(files('hash-glib.c', 'hmac-glib.c', 'pbkdf-stub.c'))
> endif
>
> -crypto_ss.add(when: 'CONFIG_SECRET_KEYRING', if_true:
> files('secret_keyring.c'))
> +if have_keyring
> + crypto_ss.add(files('secret_keyring.c'))
> +endif
> if have_afalg
> crypto_ss.add(if_true: files('afalg.c', 'cipher-afalg.c',
> 'hash-afalg.c'))
> endif
> diff --git a/meson.build b/meson.build
> index bdee186702..066bb69174 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -1938,6 +1938,19 @@ config_host_data.set('CONFIG_GETAUXVAL',
> cc.links(gnu_source_prefix + '''
> return getauxval(AT_HWCAP) == 0;
> }'''))
>
> +have_keyring = get_option('keyring') \
> + .require(targetos == 'linux', error_message: 'keyring is only available
> on Linux') \
> + .require(cc.compiles('''
> + #include <errno.h>
> + #include <asm/unistd.h>
> + #include <linux/keyctl.h>
> + #include <sys/syscall.h>
> + #include <unistd.h>
> + int main(void) {
> + return syscall(__NR_keyctl, KEYCTL_READ, 0, NULL, NULL, 0);
> + }'''), error_message: 'keyctl syscall not available on this
> system').allowed()
> +config_host_data.set('CONFIG_SECRET_KEYRING', have_keyring)
> +
> have_cpuid_h = cc.links('''
> #include <cpuid.h>
> int main(void) {
> @@ -3684,7 +3697,7 @@ if nettle.found()
> endif
> summary_info += {'AF_ALG support': have_afalg}
> summary_info += {'rng-none': get_option('rng_none')}
> -summary_info += {'Linux keyring':
> config_host.has_key('CONFIG_SECRET_KEYRING')}
> +summary_info += {'Linux keyring': have_keyring}
> summary(summary_info, bool_yn: true, section: 'Crypto')
>
> # Libraries
> diff --git a/meson_options.txt b/meson_options.txt
> index c00e0866e9..d58c69315c 100644
> --- a/meson_options.txt
> +++ b/meson_options.txt
> @@ -90,6 +90,8 @@ option('avx2', type: 'feature', value: 'auto',
> description: 'AVX2 optimizations')
> option('avx512f', type: 'feature', value: 'disabled',
> description: 'AVX512F optimizations')
> +option('keyring', type: 'feature', value: 'auto',
> + description: 'Linux keyring support')
>
> option('attr', type : 'feature', value : 'auto',
> description: 'attr/xattr support')
> diff --git a/scripts/meson-buildoptions.sh b/scripts/meson-buildoptions.sh
> index cd922614e8..0daeb11fd3 100644
> --- a/scripts/meson-buildoptions.sh
> +++ b/scripts/meson-buildoptions.sh
> @@ -68,6 +68,7 @@ meson_options_help() {
> printf "%s\n" ' hvf HVF acceleration support'
> printf "%s\n" ' iconv Font glyph conversion support'
> printf "%s\n" ' jack JACK sound support'
> + printf "%s\n" ' keyring Linux keyring support'
> printf "%s\n" ' kvm KVM acceleration support'
> printf "%s\n" ' l2tpv3 l2tpv3 network backend support'
> printf "%s\n" ' libdaxctl libdaxctl support'
> @@ -229,6 +230,8 @@ _meson_option_parse() {
> --disable-install-blobs) printf "%s" -Dinstall_blobs=false ;;
> --enable-jack) printf "%s" -Djack=enabled ;;
> --disable-jack) printf "%s" -Djack=disabled ;;
> + --enable-keyring) printf "%s" -Dkeyring=enabled ;;
> + --disable-keyring) printf "%s" -Dkeyring=disabled ;;
> --enable-kvm) printf "%s" -Dkvm=enabled ;;
> --disable-kvm) printf "%s" -Dkvm=disabled ;;
> --enable-l2tpv3) printf "%s" -Dl2tpv3=enabled ;;
> --
> 2.35.1
>
>
>
>
--
Marc-André Lureau
