Bug 1549543 - Use of Nettle crypto library prevents FIPS compliance, need to go back to libgcrypt
Summary: Use of Nettle crypto library prevents FIPS compliance, need to go back to lib...
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.5
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Miroslav Rezanina
QA Contact: Tingting Mao
Depends On:
Blocks: 1549751
TreeView+ depends on / blocked
Reported: 2018-02-27 12:02 UTC by Daniel Berrangé
Modified: 2018-11-01 11:06 UTC (History)
13 users (show)

Fixed In Version: qemu-kvm-rhev-2.12.0-2.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1549544 1549751 (view as bug list)
Last Closed: 2018-11-01 11:04:15 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:3443 None None None 2018-11-01 11:06:44 UTC

Comment 2 Daniel Berrangé 2018-02-27 12:44:45 UTC
NB, the in-tree XTS impl provides a further complication for FIPS cert, since libgcrypt does not provide any impl for that.

Comment 4 Miroslav Rezanina 2018-05-16 07:52:56 UTC
Fix included in qemu-kvm-rhev-2.12.0-2.el7

Comment 10 Tingting Mao 2018-07-05 09:54:42 UTC
Regression test for luks

Packages Tested:

New Bugs(1): --------> not regression
Bug 1593111-qemu-img is very slow when changing the backing file from qcow2 image to luks image

reproduced Bugs(5)
Bug 1537485-test cases of qemu-iotests failed for luks format
Bug 1535894-RFE: qemu-img should support to create a sparse image during conversion when the source image is in luks format
Bug 1575578-Failed to convert a source image to the qcow2 image encrypted by luks
Bug 1534951-RFE: Support preallocation mode for luks format
Bug 1534898-qemu-img should give meaningful error messages when create 16TB luks format image on ext4

Regression test for luks-inside-qcow2

Packages Tested:
kernel: kernel-3.10.0-915.el7
qemu-kvm-rhev: qemu-kvm-rhev-2.12.0-6.el7

New Bugs(1): -------> not regression
Bug 1594622- The error info is misleading when creating snapshot with the specified format is not qcow2

reproduced Bugs(5)
Bug 1575578 - Failed to convert a source image to the qcow2 image encrypted by luks
Bug 1529209 - Fail to create internal snapshots when guest boots up with luks-inside-qcow2 format image
Bug 1191402 - The error info is not accurate when create image with specify wrong backing_fmt
Bug 1542858 - size of luks-encrypted qcow2 image exceeds the required in qemu-img measure output
Bug 1331279 - test cases of qemu-iotests failed

Comment 11 Tingting Mao 2018-07-06 02:06:50 UTC
Test for the VNC password

1. Boot up guest with "-vnc :$port,password" and set up password on qemu monitor
(qemu)set_password vnc xxx
2. Connet to the guest by vnc with the password "xxx"

After step2 ,connect to guest with password successfully

Comment 12 errata-xmlrpc 2018-11-01 11:04:15 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.