io: add support for activating TLS thread safety workaround

Add a QIO_CHANNEL_FEATURE_CONCURRENT_IO feature flag. If this is set on a QIOChannelTLS session object, the TLS session will be marked as requiring thread safety, which will activate the workaround for GNUTLS bug 1717 if needed. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Fabiano Rosas <farosas@suse.de> Link: https://lore.kernel.org/qemu-devel/20250718150514.2635338-3-berrange@redhat.com Signed-off-by: Fabiano Rosas <farosas@suse.de>
9 months ago · edea818371
2 changed files with 6 additions and 0 deletions
--- a/include/io/channel.h
+++ b/include/io/channel.h
@ -46,6 +46,7 @@ enum QIOChannelFeature {
    QIO_CHANNEL_FEATURE_WRITE_ZERO_COPY,
    QIO_CHANNEL_FEATURE_READ_MSG_PEEK,
    QIO_CHANNEL_FEATURE_SEEKABLE,
+    QIO_CHANNEL_FEATURE_CONCURRENT_IO,
 };


--- a/io/channel-tls.c
+++ b/io/channel-tls.c
@ -241,6 +241,11 @@ void qio_channel_tls_handshake(QIOChannelTLS *ioc,
 {
    QIOTask *task;

+    if (qio_channel_has_feature(QIO_CHANNEL(ioc),
+                                QIO_CHANNEL_FEATURE_CONCURRENT_IO)) {
+        qcrypto_tls_session_require_thread_safety(ioc->session);
+    }
+
    task = qio_task_new(OBJECT(ioc),
                        func, opaque, destroy);