diff options
author | Milan Broz <mbroz@redhat.com> | 2009-12-10 18:51:55 -0500 |
---|---|---|
committer | Alasdair G Kergon <agk@redhat.com> | 2009-12-10 18:51:55 -0500 |
commit | 6047359277517c4e56d8bfd6ea4966d7a3924151 (patch) | |
tree | f7e28344ace2714ff5346a758dd02682c8761852 | |
parent | 0b4309581b5be8749afdd5a9087fd82a2a5c9932 (diff) |
dm crypt: move private iv fields to structs
Define private structures for IV so it's easy to add further attributes
in a following patch which fixes the way key material is wiped from
memory. Also move ESSIV destructor and remove unnecessary 'status'
operation.
There are no functional changes in this patch.
Cc: stable@kernel.org
Signed-off-by: Milan Broz <mbroz@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
-rw-r--r-- | drivers/md/dm-crypt.c | 35 |
1 files changed, 22 insertions, 13 deletions
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index f2c139305e13..bec5ac54e23e 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c | |||
@@ -71,10 +71,17 @@ struct crypt_iv_operations { | |||
71 | int (*ctr)(struct crypt_config *cc, struct dm_target *ti, | 71 | int (*ctr)(struct crypt_config *cc, struct dm_target *ti, |
72 | const char *opts); | 72 | const char *opts); |
73 | void (*dtr)(struct crypt_config *cc); | 73 | void (*dtr)(struct crypt_config *cc); |
74 | const char *(*status)(struct crypt_config *cc); | ||
75 | int (*generator)(struct crypt_config *cc, u8 *iv, sector_t sector); | 74 | int (*generator)(struct crypt_config *cc, u8 *iv, sector_t sector); |
76 | }; | 75 | }; |
77 | 76 | ||
77 | struct iv_essiv_private { | ||
78 | struct crypto_cipher *tfm; | ||
79 | }; | ||
80 | |||
81 | struct iv_benbi_private { | ||
82 | int shift; | ||
83 | }; | ||
84 | |||
78 | /* | 85 | /* |
79 | * Crypt: maps a linear range of a block device | 86 | * Crypt: maps a linear range of a block device |
80 | * and encrypts / decrypts at the same time. | 87 | * and encrypts / decrypts at the same time. |
@@ -102,8 +109,8 @@ struct crypt_config { | |||
102 | struct crypt_iv_operations *iv_gen_ops; | 109 | struct crypt_iv_operations *iv_gen_ops; |
103 | char *iv_mode; | 110 | char *iv_mode; |
104 | union { | 111 | union { |
105 | struct crypto_cipher *essiv_tfm; | 112 | struct iv_essiv_private essiv; |
106 | int benbi_shift; | 113 | struct iv_benbi_private benbi; |
107 | } iv_gen_private; | 114 | } iv_gen_private; |
108 | sector_t iv_offset; | 115 | sector_t iv_offset; |
109 | unsigned int iv_size; | 116 | unsigned int iv_size; |
@@ -169,6 +176,14 @@ static int crypt_iv_plain_gen(struct crypt_config *cc, u8 *iv, sector_t sector) | |||
169 | return 0; | 176 | return 0; |
170 | } | 177 | } |
171 | 178 | ||
179 | static void crypt_iv_essiv_dtr(struct crypt_config *cc) | ||
180 | { | ||
181 | struct iv_essiv_private *essiv = &cc->iv_gen_private.essiv; | ||
182 | |||
183 | crypto_free_cipher(essiv->tfm); | ||
184 | essiv->tfm = NULL; | ||
185 | } | ||
186 | |||
172 | static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti, | 187 | static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti, |
173 | const char *opts) | 188 | const char *opts) |
174 | { | 189 | { |
@@ -236,21 +251,15 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti, | |||
236 | } | 251 | } |
237 | kfree(salt); | 252 | kfree(salt); |
238 | 253 | ||
239 | cc->iv_gen_private.essiv_tfm = essiv_tfm; | 254 | cc->iv_gen_private.essiv.tfm = essiv_tfm; |
240 | return 0; | 255 | return 0; |
241 | } | 256 | } |
242 | 257 | ||
243 | static void crypt_iv_essiv_dtr(struct crypt_config *cc) | ||
244 | { | ||
245 | crypto_free_cipher(cc->iv_gen_private.essiv_tfm); | ||
246 | cc->iv_gen_private.essiv_tfm = NULL; | ||
247 | } | ||
248 | |||
249 | static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector) | 258 | static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector) |
250 | { | 259 | { |
251 | memset(iv, 0, cc->iv_size); | 260 | memset(iv, 0, cc->iv_size); |
252 | *(u64 *)iv = cpu_to_le64(sector); | 261 | *(u64 *)iv = cpu_to_le64(sector); |
253 | crypto_cipher_encrypt_one(cc->iv_gen_private.essiv_tfm, iv, iv); | 262 | crypto_cipher_encrypt_one(cc->iv_gen_private.essiv.tfm, iv, iv); |
254 | return 0; | 263 | return 0; |
255 | } | 264 | } |
256 | 265 | ||
@@ -273,7 +282,7 @@ static int crypt_iv_benbi_ctr(struct crypt_config *cc, struct dm_target *ti, | |||
273 | return -EINVAL; | 282 | return -EINVAL; |
274 | } | 283 | } |
275 | 284 | ||
276 | cc->iv_gen_private.benbi_shift = 9 - log; | 285 | cc->iv_gen_private.benbi.shift = 9 - log; |
277 | 286 | ||
278 | return 0; | 287 | return 0; |
279 | } | 288 | } |
@@ -288,7 +297,7 @@ static int crypt_iv_benbi_gen(struct crypt_config *cc, u8 *iv, sector_t sector) | |||
288 | 297 | ||
289 | memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */ | 298 | memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */ |
290 | 299 | ||
291 | val = cpu_to_be64(((u64)sector << cc->iv_gen_private.benbi_shift) + 1); | 300 | val = cpu_to_be64(((u64)sector << cc->iv_gen_private.benbi.shift) + 1); |
292 | put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64))); | 301 | put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64))); |
293 | 302 | ||
294 | return 0; | 303 | return 0; |