[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v1 RFC 34/34] char: introduce support for TLS en
|
From: |
Kashyap Chamarthy |
|
Subject: |
Re: [Qemu-devel] [PATCH v1 RFC 34/34] char: introduce support for TLS encrypted TCP chardev backend |
|
Date: |
Wed, 6 May 2015 10:34:06 +0200 |
|
User-agent: |
Mutt/1.5.23.1-rc1 (2014-03-12) |
On Tue, May 05, 2015 at 04:54:44PM +0200, Kashyap Chamarthy wrote:
[. . .]
> While running QEMU as TLS server, the TLS handshake completes
> successfully when connected via `gnutls-cli`.
>
> However, when using QEMU as client to connect to an existing GnuTLS
> server, I notice a segmentation fault:
>
> $ /home/kashyapc/build/tls-qemu/x86_64-softmmu/qemu-system-x86_64 \
> -nodefconfig -nodefaults -device sga -display none \
> -chardev socket,id=s0,host=localhost,port=9000,tls-cred=tls0 \
> -device isa-serial,chardev=s0 \
> -object
> qcrypto-tls-creds,id=tls0,credtype=x509,endpoint=client,dir=/export/security/gnutls
> Segmentation fault (core dumped)
Some debugging with `gdb` below.
QEMU was built with:
./configure --target-list=x86_64-softmmu --enable-debug
make -j4
Stack traces:
$ gdb /home/kashyapc/build/tls-qemu/x86_64-softmmu/qemu-system-x86_64
[. . .]
(gdb) run -nodefconfig -nodefaults -device sga -display none -chardev
socket,id=s0,host=localhost,port=9000,tls-cred=tls0 -device
isa-serial,chardev=s0 -object
qcrypto-tls-creds,id=tls0,credtype=x509,endpoint=client,dir=/export/security/gnutls
Starting program:
/home/kashyapc/build/tls-qemu/x86_64-softmmu/qemu-system-x86_64 -nodefconfig
-nodefaults -device sga -display none -chardev
socket,id=s0,host=localhost,port=9000,tls-cred=tls0 -device
isa-serial,chardev=s0 -object
qcrypto-tls-creds,id=tls0,credtype=x509,endpoint=client,dir=/export/security/gnutls
[. . .]
Program received signal SIGSEGV, Segmentation fault.
__strstr_sse2_unaligned () at
../sysdeps/x86_64/multiarch/strstr-sse2-unaligned.S:40
40 movdqu (%rdi), %xmm3
(gdb) thread apply all bt full
Thread 2 (Thread 0x7fffe4fcc700 (LWP 5393)):
#0 0x00007ffff6bce8fd in nanosleep () at ../sysdeps/unix/syscall-template.S:81
#1 0x00007ffff64f1de8 in g_usleep () at /lib64/libglib-2.0.so.0
#2 0x00005555559d32d7 in call_rcu_thread (opaque=0x0) at
/home/kashyapc/tinker-space/qemu/util/rcu.c:228
tries = 0
n = 0
node = 0x7ffff7fd19a0
#3 0x00007ffff6bc652a in start_thread (arg=0x7fffe4fcc700) at
pthread_create.c:310
__res = <optimized out>
pd = 0x7fffe4fcc700
now = <optimized out>
unwind_buf =
{cancel_jmp_buf = {{jmp_buf = {140737035159296,
3180389637749088242, 140737488345857, 4096, 140737035159296, 140737035160000,
-3180444589616128014, -3180404459381186574}, mask_was_saved = 0}}, priv = {pad
= {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
pagesize_m1 = <optimized out>
sp = <optimized out>
freesize = <optimized out>
#4 0x00007fffeea0979d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:109
---Type <return> to continue, or q <return> to quit---
Thread 1 (Thread 0x7ffff7f89bc0 (LWP 5389)):
#0 0x00007fffee9ae6dd in __strstr_sse2_unaligned () at
../sysdeps/x86_64/multiarch/strstr-sse2-unaligned.S:40
#1 0x00007ffff1c6b370 in _gnutls_url_is_known () at /lib64/libgnutls.so.28
#2 0x00007ffff1c6b3d9 in gnutls_certificate_set_x509_key_file2 () at
/lib64/libgnutls.so.28
#3 0x00005555559aba85 in qcrypto_tls_creds_load_x509 (creds=0x55555639ac60,
errp=0x7fffffffd8d8) at /home/kashyapc/tinker-space/qemu/crypto/tlscreds.c:728
cacert = 0x55555639a8c0 "/export/security/gnutls/ca-cert.pem"
cacrl = 0x0
cert = 0x0
key = 0x0
dhparams = 0x0
ret = 1
rv = -1
#4 0x00005555559abdb2 in qcrypto_tls_creds_load (creds=0x55555639ac60,
errp=0x7fffffffd8d8) at /home/kashyapc/tinker-space/qemu/crypto/tlscreds.c:820
#5 0x00005555559abf30 in qcrypto_tls_creds_prop_set_loaded
(obj=0x55555639ac60, value=true, errp=0x7fffffffd8d8) at
/home/kashyapc/tinker-space/qemu/crypto/tlscreds.c:888
creds = 0x55555639ac60
__func__ = "qcrypto_tls_creds_prop_set_loaded"
#6 0x00005555558cec1c in property_set_bool (obj=0x55555639ac60,
v=0x55555639b4d0, opaque=0x55555639ad40, name=0x555555a59695 "loaded",
errp=0x7fffffffd8d8)
at /home/kashyapc/tinker-space/qemu/qom/object.c:1600
prop = 0x55555639ad40
value = true
local_err = 0x0
---Type <return> to continue, or q <return> to quit---
#7 0x00005555558cd485 in object_property_set (obj=0x55555639ac60,
v=0x55555639b4d0, name=0x555555a59695 "loaded", errp=0x7fffffffd8d8) at
/home/kashyapc/tinker-space/qemu/qom/object.c:901
prop = 0x55555639ad60
#8 0x00005555558cfa47 in object_property_set_qobject (obj=0x55555639ac60,
value=0x55555639b200, name=0x555555a59695 "loaded", errp=0x7fffffffd8d8)
at /home/kashyapc/tinker-space/qemu/qom/qom-qobject.c:24
mi = 0x55555639b4d0
#9 0x00005555558cd6f4 in object_property_set_bool (obj=0x55555639ac60,
value=true, name=0x555555a59695 "loaded", errp=0x7fffffffd8d8) at
/home/kashyapc/tinker-space/qemu/qom/object.c:969
qbool = 0x55555639b200
#10 0x00005555559ac2e5 in qcrypto_tls_creds_complete (uc=0x55555639ac60,
errp=0x7fffffffd8d8) at /home/kashyapc/tinker-space/qemu/crypto/tlscreds.c:1018
#11 0x00005555558d0899 in user_creatable_complete (obj=0x55555639ac60,
errp=0x7fffffffd8d8) at
/home/kashyapc/tinker-space/qemu/qom/object_interfaces.c:17
ucc = 0x5555563702f0
uc = 0x55555639ac60
__func__ = "user_creatable_complete"
#12 0x0000555555750201 in object_add (type=0x55555639a8f0 "qcrypto-tls-creds",
id=0x55555639a850 "tls0", qdict=0x5555563997b0, v=0x5555563996a0,
errp=0x7fffffffd920)
at /home/kashyapc/tinker-space/qemu/qmp.c:659
obj = 0x55555639ac60
klass = 0x555556370050
e = 0x0
local_err = 0x0
#13 0x0000555555736a2d in object_create (opts=0x55555638a7e0,
opaque=0x55555573684e <object_create_phase1>) at
/home/kashyapc/tinker-space/qemu/vl.c:2644
err = 0x0
type = 0x55555639a8f0 "qcrypto-tls-creds"
---Type <return> to continue, or q <return> to quit---
id = 0x55555639a850 "tls0"
dummy = 0x55555639aaf0
ov = 0x5555563996a0
pdict = 0x5555563997b0
type_predicate = 0x55555573684e <object_create_phase1>
#14 0x00005555559d08e0 in qemu_opts_foreach (list=0x555555e12ee0
<qemu_object_opts>, func=0x5555557368aa <object_create>, opaque=0x55555573684e
<object_create_phase1>, abort_on_failure=0)
at /home/kashyapc/tinker-space/qemu/util/qemu-option.c:1059
loc = {kind = LOC_CMDLINE, num = 2, ptr = 0x7fffffffde10, prev =
0x555556315300 <std_loc>}
opts = 0x55555638a7e0
rc = 0
#15 0x000055555573a273 in main (argc=13, argv=0x7fffffffddb8,
envp=0x7fffffffde28) at /home/kashyapc/tinker-space/qemu/vl.c:4039
i = 21845
snapshot = 0
linux_boot = 3
initrd_filename = 0xffff800000002441 <error: Cannot access memory at
address 0xffff800000002441>
kernel_filename = 0xffffffffffffffff <error: Cannot access memory at
address 0xffffffffffffffff>
kernel_cmdline = 0x555556345060 "\241x\244UUU"
boot_order = 0x0
boot_once = 0x0
ds = 0x7fffffffdbbf
cyls = 0
---Type <return> to continue, or q <return> to quit---
heads = 0
secs = 0
translation = 0
hda_opts = 0x0
opts = 0x55555638aa50
machine_opts = 0xffffffffffffffff
icount_opts = 0x0
olist = 0x0
optind = 13
optarg = 0x0
loadvm = 0x0
machine_class = 0x55555637ac70
cpu_model = 0x0
vga_model = 0x0
qtest_chrdev = 0x0
qtest_log = 0x0
pid_file = 0x0
incoming = 0x0
show_vnc_port = 0
defconfig = false
userconfig = true
---Type <return> to continue, or q <return> to quit---
log_mask = 0x0
log_file = 0x0
mem_trace =
{malloc = 0x5555557366c1 <malloc_and_trace>, realloc = 0x5555557366f6
<realloc_and_trace>, free = 0x55555573673a <free_and_trace>, calloc = 0x0,
try_malloc = 0x0, try_realloc = 0x0}
trace_events = 0x0
trace_file = 0x0
maxram_size = 134217728
ram_slots = 0
vmstate_dump_file = 0x0
main_loop_err = 0x0
err = 0x0
__func__ = "main"
--
/kashyap