crypto: delete built-in XTS cipher mode support
The built-in AES+XTS implementation is used for the LUKS encryption
When building system emulators it is reasonable to expect that an
external crypto library is being used instead. The performance of the
builtin XTS implementation is terrible as it has no CPU acceleration
support. It is thus not worth keeping a home grown XTS implementation
for the built-in cipher backend.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
diff --git a/meson.build b/meson.build
index a96c8b8..8f899e1 100644
--- a/meson.build
+++ b/meson.build
@@ -826,7 +826,7 @@
# Nettle has priority over gcrypt
gcrypt = not_found
nettle = not_found
-xts = 'private'
+xts = 'none'
if get_option('nettle').enabled() and get_option('gcrypt').enabled()
error('Only one of gcrypt & nettle can be enabled')
elif (not get_option('nettle').auto() or have_system) and not get_option('gcrypt').enabled()
@@ -834,8 +834,8 @@
method: 'pkg-config',
required: get_option('nettle'),
kwargs: static_kwargs)
- if nettle.found() and cc.has_header('nettle/xts.h', dependencies: nettle)
- xts = 'nettle'
+ if nettle.found() and not cc.has_header('nettle/xts.h', dependencies: nettle)
+ xts = 'private'
endif
endif
if (not get_option('gcrypt').auto() or have_system) and not nettle.found()
@@ -843,7 +843,6 @@
method: 'config-tool',
required: get_option('gcrypt'),
kwargs: static_kwargs)
- xts = 'gcrypt'
# Debian has removed -lgpg-error from libgcrypt-config
# as it "spreads unnecessary dependencies" which in
# turn breaks static builds...
