| dcb80cd9 | 09-Jan-2025 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: fix bogus error benchmarking pbkdf on fast machines
We're seeing periodic reports of errors like:
$ qemu-img create -f luks --object secret,data=123456,id=sec0 \
-o key-se
crypto: fix bogus error benchmarking pbkdf on fast machines
We're seeing periodic reports of errors like:
$ qemu-img create -f luks --object secret,data=123456,id=sec0 \
-o key-secret=sec0 luks-info.img 1M
Formatting 'luks-info.img', fmt=luks size=1048576 key-secret=sec0
qemu-img: luks-info.img: Unable to get accurate CPU usage
This error message comes from a recent attempt to workaround a
kernel bug with measuring rusage in long running processes:
commit c72cab5ad9f849bbcfcf4be7952b8b8946cc626e
Author: Tiago Pasqualini <tiago.pasqualini@canonical.com>
Date: Wed Sep 4 20:52:30 2024 -0300
crypto: run qcrypto_pbkdf2_count_iters in a new thread
Unfortunately this has a subtle bug on machines which are very fast.
On the first time around the loop, the 'iterations' value is quite
small (1 << 15), and so will run quite fast. Testing has shown that
some machines can complete this benchmarking task in as little as
7 milliseconds.
Unfortunately the 'getrusage' data is not updated at the time of
the 'getrusage' call, it is done asynchronously by the scheduler.
The 7 millisecond completion time for the benchmark is short
enough that 'getrusage' sometimes reports 0 accumulated execution
time.
As a result the 'delay_ms == 0' sanity check in the above commit
is triggering non-deterministically on such machines.
The benchmarking loop intended to run multiple times, increasing
the 'iterations' value until the benchmark ran for > 500 ms, but
the sanity check doesn't allow this to happen.
To fix it, we keep a loop counter and only run the sanity check
after we've been around the loop more than 5 times. At that point
the 'iterations' value is high enough that even with infrequent
updates of 'getrusage' accounting data on fast machines, we should
see a non-zero value.
Fixes: https://lore.kernel.org/qemu-devel/ffe542bb-310c-4616-b0ca-13182f849fd1@redhat.com/
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2336437
Reported-by: Thomas Huth <thuth@redhat.com>
Reported-by: Richard W.M. Jones <rjones@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250109093746.1216300-1-berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit 145f12ea885c8fcfbe2d0ac5230630f071b5a9fb)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
show more ...
|
| a7e42752 | 30-Oct-2024 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: perform runtime check for hash/hmac support in gcrypt
gcrypto has the ability to dynamically disable hash/hmac algorithms
at runtime, so QEMU must perform a runtime check.
Reviewed-by: Phil
crypto: perform runtime check for hash/hmac support in gcrypt
gcrypto has the ability to dynamically disable hash/hmac algorithms
at runtime, so QEMU must perform a runtime check.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| bbd40a0e | 30-Oct-2024 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: fix error check on gcry_md_open
Gcrypt does not return negative values on error, it returns non-zero
values. This caused QEMU not to detect failure to open an unsupported
hash, resulting in
crypto: fix error check on gcry_md_open
Gcrypt does not return negative values on error, it returns non-zero
values. This caused QEMU not to detect failure to open an unsupported
hash, resulting in a later crash trying to use a NULL context.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| d078da86 | 30-Oct-2024 |
liequan che <liequanche@gmail.com> |
crypto: Introduce SM3 hash hmac pbkdf algorithm
Introduce the SM3 cryptographic hash algorithm (GB/T 32905-2016).
SM3 (GB/T 32905-2016) is a cryptographic standard issued by the
Organization of Sta
crypto: Introduce SM3 hash hmac pbkdf algorithm
Introduce the SM3 cryptographic hash algorithm (GB/T 32905-2016).
SM3 (GB/T 32905-2016) is a cryptographic standard issued by the
Organization of State Commercial Cryptography Administration (OSCCA)
as an authorized cryptographic algorithm for use within China.
Detect the SM3 cryptographic hash algorithm and enable the feature silently
if it is available.
Signed-off-by: cheliequan <cheliequan@inspur.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 62eb377e | 22-Oct-2024 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: purge 'loaded' property that was not fully removed
The 'loaded' property on TLS creds and secret objects was marked as
deprecated in 6.0.0. In 7.1.0 the deprecation info was moved into
the '
crypto: purge 'loaded' property that was not fully removed
The 'loaded' property on TLS creds and secret objects was marked as
deprecated in 6.0.0. In 7.1.0 the deprecation info was moved into
the 'removed-features.rst' file, but the property was not actually
removed, just made read-only. This was a highly unusual practice,
so finish the long overdue removal job.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| f8395ce8 | 17-Oct-2024 |
Markus Armbruster <armbru@redhat.com> |
crypto/hash-afalg: Fix broken build
Fux build broken by semantic conflict with commit
8f525028bc6 (qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo).
Fixes: 90c3dc60735a (crypto/hash-afalg: Implem
crypto/hash-afalg: Fix broken build
Fux build broken by semantic conflict with commit
8f525028bc6 (qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo).
Fixes: 90c3dc60735a (crypto/hash-afalg: Implement new hash API)
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| dde538c9 | 15-Oct-2024 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto/hash: avoid overwriting user supplied result pointer
If the user provides a pre-allocated buffer for the hash result,
we must use that rather than re-allocating a new buffer.
Reported-by: Do
crypto/hash: avoid overwriting user supplied result pointer
If the user provides a pre-allocated buffer for the hash result,
we must use that rather than re-allocating a new buffer.
Reported-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 04eeeec6 | 18-Sep-2024 |
Dr. David Alan Gilbert <dave@treblig.org> |
crypto: Remove unused DER string functions
qcrypto_der_encode_octet_str_begin and _end have been unused
since they were added in
3b34ccad66 ("crypto: Support DER encodings")
Remove them.
Signed-
crypto: Remove unused DER string functions
qcrypto_der_encode_octet_str_begin and _end have been unused
since they were added in
3b34ccad66 ("crypto: Support DER encodings")
Remove them.
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 95cc223a | 10-Oct-2024 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: drop obsolete back compat logic for old nettle
The nettle 2.x series declared all the hash functions with 'int' for
the data size. Since we dropped support for anything older than 3.4
we can
crypto: drop obsolete back compat logic for old nettle
The nettle 2.x series declared all the hash functions with 'int' for
the data size. Since we dropped support for anything older than 3.4
we can assume nettle is using 'size_t' and thus avoid the back compat
looping logic.
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 24a6271e | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hashpriv: Remove old hash API function
Remove old hash_bytesv function, as it was replaced by the 4
new functions.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: D
crypto/hashpriv: Remove old hash API function
Remove old hash_bytesv function, as it was replaced by the 4
new functions.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 8a70903b | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-afalg: Remove old hash API functions
Removes the old hash API functions in the afalg driver,
and modifies the hmac function to use the new helper functions.
Signed-off-by: Alejandro Zei
crypto/hash-afalg: Remove old hash API functions
Removes the old hash API functions in the afalg driver,
and modifies the hmac function to use the new helper functions.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
[ clg: - Checkpatch fixes ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 7908bf74 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-nettle: Remove old hash API functions
Removes old hash implementation in the nettle hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berr
crypto/hash-nettle: Remove old hash API functions
Removes old hash implementation in the nettle hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
[ clg: - Fixed spelling in commit log ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| d946043c | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-gnutls: Remove old hash API functions
Removes old hash implementation in the gnutls hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berr
crypto/hash-gnutls: Remove old hash API functions
Removes old hash implementation in the gnutls hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
[ clg: - Fixed spelling in commit log ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 7dae595e | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-gcrypt: Remove old hash API functions
Removes old hash implementation in the gcrypt hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berr
crypto/hash-gcrypt: Remove old hash API functions
Removes old hash implementation in the gcrypt hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
[ clg: - Fixed spelling in commit log ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 8d46ede7 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-glib: Remove old hash API functions
Removes old hash implement-ion in the GLib hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berrangé
crypto/hash-glib: Remove old hash API functions
Removes old hash implement-ion in the GLib hash driver.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
[ clg: - Fixed spelling in commit log ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| e3c07527 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash: Implement and use new hash API
Changes the public hash API implementation to support accumulative hashing.
Implementations for the public functions are added to call the new
driver fun
crypto/hash: Implement and use new hash API
Changes the public hash API implementation to support accumulative hashing.
Implementations for the public functions are added to call the new
driver functions that implement context creation, updating,
finalization, and destruction.
Additionally changes the "shortcut" functions to use these 4 new core
functions.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Reworked qcrypto_hash_bytesv() error handling
- Used hash->driver int qcrypto_hash_new(), qcrypto_hash_free()
qcrypto_hash_updatev()
- Introduced qcrypto_hash_supports() check in
qcrypto_hash_new()
- Introduced g_autofree variables in qcrypto_hash_finalize_digest()
and qcrypto_hash_finalize_base64()
- Re-arrranged code in qcrypto_hash_digestv() and
qcrypto_hash_digest()
- Checkpatch fixes ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 90c3dc60 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-afalg: Implement new hash API
Updates the afalg hash driver to support the new accumulative
hashing changes as part of the patch series.
Implements opening/closing of contexts, updating
crypto/hash-afalg: Implement new hash API
Updates the afalg hash driver to support the new accumulative
hashing changes as part of the patch series.
Implements opening/closing of contexts, updating hash data
and finalizing the hash digest.
In order to support the update function, a flag needs to be passed
to the kernel via the socket send call (MSG_MORE) to notify it that more
data is to be expected to calculate the hash correctly.
As a result, a new function was added to the iov helper utils to allow
passing a flag to the socket send call.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Handled qcrypto_afalg_hash_ctx_new() errors in
qcrypto_afalg_hash_new()
- Freed alg_name in qcrypto_afalg_hash_new()
- Reworked qcrypto_afalg_recv_from_kernel()
- Split iov changes from original patch ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 278d5960 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-nettle: Implement new hash API
Implements the new hashing API in the nettle hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an out
crypto/hash-nettle: Implement new hash API
Implements the new hashing API in the nettle hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an output hash.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Dropped qcrypto_hash_supports() in qcrypto_nettle_hash_new() ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| f4f3d666 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-gnutls: Implement new hash API
Implements the new hashing API in the gnutls hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an out
crypto/hash-gnutls: Implement new hash API
Implements the new hashing API in the gnutls hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an output hash.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Dropped qcrypto_hash_supports() in qcrypto_gnutls_hash_new()
- Reworked qcrypto_gnutls_hash_finalize()
- Handled gnutls_hash_init() errors in qcrypto_gnutls_hash_new()
- Replaced gnutls_hash_deinit() by gnutls_hash_output() in
qcrypto_gnutls_hash_finalize()
- Freed resources with gnutls_hash_deinit() in
qcrypto_gnutls_hash_free() ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 4fd0a730 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-gcrypt: Implement new hash API
Implements the new hashing API in the gcrypt hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an out
crypto/hash-gcrypt: Implement new hash API
Implements the new hashing API in the gcrypt hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an output hash.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Dropped qcrypto_hash_supports() in qcrypto_gcrypt_hash_new()
- Reworked qcrypto_gcrypt_hash_finalize()
- Handled gcry_md_open() errors in qcrypto_gcrypt_hash_new()
- Checkpatch fixes ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| c6ccd2af | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto/hash-glib: Implement new hash API
Implements the new hashing API in the GLib hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an output
crypto/hash-glib: Implement new hash API
Implements the new hashing API in the GLib hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an output hash.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Dropped qcrypto_hash_supports() in qcrypto_glib_hash_new()
- Removed superfluous cast (GChecksum *) in qcrypto_glib_hash_free()
- Reworked qcrypto_glib_hash_finalize() ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 190feb48 | 08-Oct-2024 |
Alejandro Zeise <alejandro.zeise@seagate.com> |
crypto: accumulative hashing API
Changes the hash API to support accumulative hashing.
Hash objects are created with "qcrypto_hash_new",
updated with data with "qcrypto_hash_update", and
the hash ob
crypto: accumulative hashing API
Changes the hash API to support accumulative hashing.
Hash objects are created with "qcrypto_hash_new",
updated with data with "qcrypto_hash_update", and
the hash obtained with "qcrypto_hash_finalize".
These changes bring the hashing API more in line with the
hmac API.
Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
[ clg: - Changed documentation "non-zero on error" -> "-1 on error" ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
| 8f525028 | 04-Sep-2024 |
Markus Armbruster <armbru@redhat.com> |
qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo
For consistency with other types names *Algo.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.co
qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo
For consistency with other types names *Algo.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20240904111836.3273842-17-armbru@redhat.com>
show more ...
|
| c96050f4 | 04-Sep-2024 |
Markus Armbruster <armbru@redhat.com> |
qapi/crypto: Rename QCryptoRSAPaddingAlgorithm to *Algo, and drop prefix
QAPI's 'prefix' feature can make the connection between enumeration
type and its constants less than obvious. It's best used
qapi/crypto: Rename QCryptoRSAPaddingAlgorithm to *Algo, and drop prefix
QAPI's 'prefix' feature can make the connection between enumeration
type and its constants less than obvious. It's best used with
restraint.
QCryptoRSAPaddingAlgorithm has a 'prefix' that overrides the generated
enumeration constants' prefix to QCRYPTO_RSA_PADDING_ALG.
We could simply drop 'prefix', but then the prefix becomes
QCRYPTO_RSA_PADDING_ALGORITHM, which is rather long.
We could additionally rename the type to QCryptoRSAPaddingAlg, but I
think the abbreviation "alg" is less than clear.
Rename the type to QCryptoRSAPaddingAlgo instead. The prefix becomes
QCRYPTO_RSA_PADDING_ALGO.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20240904111836.3273842-16-armbru@redhat.com>
show more ...
|
| cd48d82a | 04-Sep-2024 |
Markus Armbruster <armbru@redhat.com> |
qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix
QAPI's 'prefix' feature can make the connection between enumeration
type and its constants less than obvious. It's best used w
qapi/crypto: Rename QCryptoAkCipherAlgorithm to *Algo, and drop prefix
QAPI's 'prefix' feature can make the connection between enumeration
type and its constants less than obvious. It's best used with
restraint.
QCryptoAkCipherAlgorithm has a 'prefix' that overrides the generated
enumeration constants' prefix to QCRYPTO_AKCIPHER_ALG.
We could simply drop 'prefix', but then the prefix becomes
QCRYPTO_AK_CIPHER_ALGORITHM, which is rather long.
We could additionally rename the type to QCryptoAkCipherAlg, but I
think the abbreviation "alg" is less than clear.
Rename the type to QCryptoAkCipherAlgo instead. The prefix becomes
QCRYPTO_AK_CIPHER_ALGO.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20240904111836.3273842-15-armbru@redhat.com>
show more ...
|