aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMilan Broz <mbroz@redhat.com>2009-12-10 18:51:55 -0500
committerAlasdair G Kergon <agk@redhat.com>2009-12-10 18:51:55 -0500
commit6047359277517c4e56d8bfd6ea4966d7a3924151 (patch)
treef7e28344ace2714ff5346a758dd02682c8761852
parent0b4309581b5be8749afdd5a9087fd82a2a5c9932 (diff)
dm crypt: move private iv fields to structs
Define private structures for IV so it's easy to add further attributes in a following patch which fixes the way key material is wiped from memory. Also move ESSIV destructor and remove unnecessary 'status' operation. There are no functional changes in this patch. Cc: stable@kernel.org Signed-off-by: Milan Broz <mbroz@redhat.com> Signed-off-by: Alasdair G Kergon <agk@redhat.com>
-rw-r--r--drivers/md/dm-crypt.c35
1 files changed, 22 insertions, 13 deletions
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index f2c139305e13..bec5ac54e23e 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -71,10 +71,17 @@ struct crypt_iv_operations {
71 int (*ctr)(struct crypt_config *cc, struct dm_target *ti, 71 int (*ctr)(struct crypt_config *cc, struct dm_target *ti,
72 const char *opts); 72 const char *opts);
73 void (*dtr)(struct crypt_config *cc); 73 void (*dtr)(struct crypt_config *cc);
74 const char *(*status)(struct crypt_config *cc);
75 int (*generator)(struct crypt_config *cc, u8 *iv, sector_t sector); 74 int (*generator)(struct crypt_config *cc, u8 *iv, sector_t sector);
76}; 75};
77 76
77struct iv_essiv_private {
78 struct crypto_cipher *tfm;
79};
80
81struct iv_benbi_private {
82 int shift;
83};
84
78/* 85/*
79 * Crypt: maps a linear range of a block device 86 * Crypt: maps a linear range of a block device
80 * and encrypts / decrypts at the same time. 87 * and encrypts / decrypts at the same time.
@@ -102,8 +109,8 @@ struct crypt_config {
102 struct crypt_iv_operations *iv_gen_ops; 109 struct crypt_iv_operations *iv_gen_ops;
103 char *iv_mode; 110 char *iv_mode;
104 union { 111 union {
105 struct crypto_cipher *essiv_tfm; 112 struct iv_essiv_private essiv;
106 int benbi_shift; 113 struct iv_benbi_private benbi;
107 } iv_gen_private; 114 } iv_gen_private;
108 sector_t iv_offset; 115 sector_t iv_offset;
109 unsigned int iv_size; 116 unsigned int iv_size;
@@ -169,6 +176,14 @@ static int crypt_iv_plain_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
169 return 0; 176 return 0;
170} 177}
171 178
179static void crypt_iv_essiv_dtr(struct crypt_config *cc)
180{
181 struct iv_essiv_private *essiv = &cc->iv_gen_private.essiv;
182
183 crypto_free_cipher(essiv->tfm);
184 essiv->tfm = NULL;
185}
186
172static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti, 187static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
173 const char *opts) 188 const char *opts)
174{ 189{
@@ -236,21 +251,15 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
236 } 251 }
237 kfree(salt); 252 kfree(salt);
238 253
239 cc->iv_gen_private.essiv_tfm = essiv_tfm; 254 cc->iv_gen_private.essiv.tfm = essiv_tfm;
240 return 0; 255 return 0;
241} 256}
242 257
243static void crypt_iv_essiv_dtr(struct crypt_config *cc)
244{
245 crypto_free_cipher(cc->iv_gen_private.essiv_tfm);
246 cc->iv_gen_private.essiv_tfm = NULL;
247}
248
249static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector) 258static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
250{ 259{
251 memset(iv, 0, cc->iv_size); 260 memset(iv, 0, cc->iv_size);
252 *(u64 *)iv = cpu_to_le64(sector); 261 *(u64 *)iv = cpu_to_le64(sector);
253 crypto_cipher_encrypt_one(cc->iv_gen_private.essiv_tfm, iv, iv); 262 crypto_cipher_encrypt_one(cc->iv_gen_private.essiv.tfm, iv, iv);
254 return 0; 263 return 0;
255} 264}
256 265
@@ -273,7 +282,7 @@ static int crypt_iv_benbi_ctr(struct crypt_config *cc, struct dm_target *ti,
273 return -EINVAL; 282 return -EINVAL;
274 } 283 }
275 284
276 cc->iv_gen_private.benbi_shift = 9 - log; 285 cc->iv_gen_private.benbi.shift = 9 - log;
277 286
278 return 0; 287 return 0;
279} 288}
@@ -288,7 +297,7 @@ static int crypt_iv_benbi_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
288 297
289 memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */ 298 memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */
290 299
291 val = cpu_to_be64(((u64)sector << cc->iv_gen_private.benbi_shift) + 1); 300 val = cpu_to_be64(((u64)sector << cc->iv_gen_private.benbi.shift) + 1);
292 put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64))); 301 put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64)));
293 302
294 return 0; 303 return 0;