eCryptfs: Combine encrypt_scatterlist() and decrypt_scatterlist()

These two functions are identical except for a debug printk and whether they call crypto_ablkcipher_encrypt() or crypto_ablkcipher_decrypt(), so they can be safely merged if the caller can indicate if encryption or decryption should occur. The debug printk is useless so it is removed. Two new #define's are created to indicate if an ENCRYPT or DECRYPT operation is desired. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
author: Tyler Hicks <tyhicks@canonical.com> 2013-04-06 02:26:22 -0400
committer: Tyler Hicks <tyhicks@canonical.com> 2013-06-07 20:28:26 -0400
commit: 00a699400a707953368e970b37bb8765fdb08015 (patch)
tree: 5f0d915de16b024814d17fb1cd941db855b3bd99 /fs/ecryptfs
parent: 9c6043f41222b448a314b0b8370f33b579f777ea (diff)
1 files changed, 20 insertions, 86 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 35b409bda841..fb54a0182f2e 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -37,6 +37,9 @@
 #include <asm/unaligned.h>
 #include "ecryptfs_kernel.h"
+#define DECRYPT         0
+#define ENCRYPT         1
 static int
 ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
                             struct page *dst_page, struct page *src_page,
@@ -334,19 +337,20 @@ static void extent_crypt_complete(struct crypto_async_request *req, int rc)
 }
 /**
- * encrypt_scatterlist
+ * crypt_scatterlist
 * @crypt_stat: Pointer to the crypt_stat struct to initialize.
- * @dest_sg: Destination of encrypted data
+ * @dest_sg: Destination of the data after performing the crypto operation
- * @src_sg: Data to be encrypted
+ * @src_sg: Data to be encrypted or decrypted
- * @size: Length of data to be encrypted
+ * @size: Length of data
- * @iv: iv to use during encryption
+ * @iv: IV to use
+ * @op: ENCRYPT or DECRYPT to indicate the desired operation
 *
- * Returns the number of bytes encrypted; negative value on error
+ * Returns the number of bytes encrypted or decrypted; negative value on error
 */
-static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
+static int crypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
-                               struct scatterlist *dest_sg,
+                             struct scatterlist *dest_sg,
-                               struct scatterlist *src_sg, int size,
+                             struct scatterlist *src_sg, int size,
-                               unsigned char *iv)
+                             unsigned char *iv, int op)
 {
        struct ablkcipher_request *req = NULL;
        struct extent_crypt_result ecr;
@@ -389,9 +393,9 @@ static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
                crypt_stat->flags |= ECRYPTFS_KEY_SET;
        }
        mutex_unlock(&crypt_stat->cs_tfm_mutex);
-        ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes.\n", size);
        ablkcipher_request_set_crypt(req, src_sg, dest_sg, size, iv);
-        rc = crypto_ablkcipher_encrypt(req);
+        rc = op == ENCRYPT ? crypto_ablkcipher_encrypt(req) :
+                             crypto_ablkcipher_decrypt(req);
        if (rc == -EINPROGRESS || rc == -EBUSY) {
                struct extent_crypt_result *ecr = req->base.data;
@@ -624,78 +628,6 @@ out:
 }
 /**
- * decrypt_scatterlist
- * @crypt_stat: Cryptographic context
- * @dest_sg: The destination scatterlist to decrypt into
- * @src_sg: The source scatterlist to decrypt from
- * @size: The number of bytes to decrypt
- * @iv: The initialization vector to use for the decryption
- *
- * Returns the number of bytes decrypted; negative value on error
- */
-static int decrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
-                               struct scatterlist *dest_sg,
-                               struct scatterlist *src_sg, int size,
-                               unsigned char *iv)
-{
-        struct ablkcipher_request *req = NULL;
-        struct extent_crypt_result ecr;
-        int rc = 0;
-        BUG_ON(!crypt_stat || !crypt_stat->tfm
-               || !(crypt_stat->flags & ECRYPTFS_STRUCT_INITIALIZED));
-        if (unlikely(ecryptfs_verbosity > 0)) {
-                ecryptfs_printk(KERN_DEBUG, "Key size [%zd]; key:\n",
-                                crypt_stat->key_size);
-                ecryptfs_dump_hex(crypt_stat->key,
-                                  crypt_stat->key_size);
-        }
-        init_completion(&ecr.completion);
-        mutex_lock(&crypt_stat->cs_tfm_mutex);
-        req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
-        if (!req) {
-                mutex_unlock(&crypt_stat->cs_tfm_mutex);
-                rc = -ENOMEM;
-                goto out;
-        }
-        ablkcipher_request_set_callback(req,
-                        CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
-                        extent_crypt_complete, &ecr);
-        /* Consider doing this once, when the file is opened */
-        if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
-                rc = crypto_ablkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
-                                              crypt_stat->key_size);
-                if (rc) {
-                        ecryptfs_printk(KERN_ERR,
-                                        "Error setting key; rc = [%d]\n",
-                                        rc);
-                        mutex_unlock(&crypt_stat->cs_tfm_mutex);
-                        rc = -EINVAL;
-                        goto out;
-                }
-                crypt_stat->flags |= ECRYPTFS_KEY_SET;
-        }
-        mutex_unlock(&crypt_stat->cs_tfm_mutex);
-        ecryptfs_printk(KERN_DEBUG, "Decrypting [%d] bytes.\n", size);
-        ablkcipher_request_set_crypt(req, src_sg, dest_sg, size, iv);
-        rc = crypto_ablkcipher_decrypt(req);
-        if (rc == -EINPROGRESS || rc == -EBUSY) {
-                struct extent_crypt_result *ecr = req->base.data;
-                wait_for_completion(&ecr->completion);
-                rc = ecr->rc;
-                INIT_COMPLETION(ecr->completion);
-        }
-out:
-        ablkcipher_request_free(req);
-        return rc;
-}
-/**
 * ecryptfs_encrypt_page_offset
 * @crypt_stat: The cryptographic context
 * @dst_page: The page to encrypt into
@@ -718,7 +650,8 @@ ecryptfs_encrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
        sg_set_page(&src_sg, src_page, size, offset);
        sg_set_page(&dst_sg, dst_page, size, offset);
-        return encrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size, iv);
+        return crypt_scatterlist(crypt_stat, &dst_sg, &src_sg,
+                                 size, iv, ENCRYPT);
 }
 /**
@@ -745,7 +678,8 @@ ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
        sg_init_table(&dst_sg, 1);
        sg_set_page(&dst_sg, dst_page, size, offset);
-        return decrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size, iv);
+        return crypt_scatterlist(crypt_stat, &dst_sg, &src_sg,
+                                 size, iv, DECRYPT);
 }
 #define ECRYPTFS_MAX_SCATTERLIST_LEN 4
author	Tyler Hicks <tyhicks@canonical.com>	2013-04-06 02:26:22 -0400
committer	Tyler Hicks <tyhicks@canonical.com>	2013-06-07 20:28:26 -0400
commit	00a699400a707953368e970b37bb8765fdb08015 (patch)
tree	5f0d915de16b024814d17fb1cd941db855b3bd99 /fs/ecryptfs
parent	9c6043f41222b448a314b0b8370f33b579f777ea (diff)

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 35b409bda841..fb54a0182f2e 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c
@@ -37,6 +37,9 @@
37	#include <asm/unaligned.h>	37	#include <asm/unaligned.h>
38	#include "ecryptfs_kernel.h"	38	#include "ecryptfs_kernel.h"
39		39
		40	#define DECRYPT 0
		41	#define ENCRYPT 1
		42
40	static int	43	static int
41	ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,	44	ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
42	struct page dst_page, struct page src_page,	45	struct page dst_page, struct page src_page,
@@ -334,19 +337,20 @@ static void extent_crypt_complete(struct crypto_async_request *req, int rc)
334	}	337	}
335		338
336	/**	339	/**
337	* encrypt_scatterlist	340	* crypt_scatterlist
338	* @crypt_stat: Pointer to the crypt_stat struct to initialize.	341	* @crypt_stat: Pointer to the crypt_stat struct to initialize.
339	* @dest_sg: Destination of encrypted data	342	* @dest_sg: Destination of the data after performing the crypto operation
340	* @src_sg: Data to be encrypted	343	* @src_sg: Data to be encrypted or decrypted
341	* @size: Length of data to be encrypted	344	* @size: Length of data
342	* @iv: iv to use during encryption	345	* @iv: IV to use
		346	* @op: ENCRYPT or DECRYPT to indicate the desired operation
343	*	347	*
344	* Returns the number of bytes encrypted; negative value on error	348	* Returns the number of bytes encrypted or decrypted; negative value on error
345	*/	349	*/
346	static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,	350	static int crypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
347	struct scatterlist *dest_sg,	351	struct scatterlist *dest_sg,
348	struct scatterlist *src_sg, int size,	352	struct scatterlist *src_sg, int size,
349	unsigned char *iv)	353	unsigned char *iv, int op)
350	{	354	{
351	struct ablkcipher_request *req = NULL;	355	struct ablkcipher_request *req = NULL;
352	struct extent_crypt_result ecr;	356	struct extent_crypt_result ecr;
@@ -389,9 +393,9 @@ static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
389	crypt_stat->flags \|= ECRYPTFS_KEY_SET;	393	crypt_stat->flags \|= ECRYPTFS_KEY_SET;
390	}	394	}
391	mutex_unlock(&crypt_stat->cs_tfm_mutex);	395	mutex_unlock(&crypt_stat->cs_tfm_mutex);
392	ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes.\n", size);
393	ablkcipher_request_set_crypt(req, src_sg, dest_sg, size, iv);	396	ablkcipher_request_set_crypt(req, src_sg, dest_sg, size, iv);
394	rc = crypto_ablkcipher_encrypt(req);	397	rc = op == ENCRYPT ? crypto_ablkcipher_encrypt(req) :
		398	crypto_ablkcipher_decrypt(req);
395	if (rc == -EINPROGRESS \|\| rc == -EBUSY) {	399	if (rc == -EINPROGRESS \|\| rc == -EBUSY) {
396	struct extent_crypt_result *ecr = req->base.data;	400	struct extent_crypt_result *ecr = req->base.data;
397		401
@@ -624,78 +628,6 @@ out:
624	}	628	}
625		629
626	/**	630	/**
627	* decrypt_scatterlist
628	* @crypt_stat: Cryptographic context
629	* @dest_sg: The destination scatterlist to decrypt into
630	* @src_sg: The source scatterlist to decrypt from
631	* @size: The number of bytes to decrypt
632	* @iv: The initialization vector to use for the decryption
633	*
634	* Returns the number of bytes decrypted; negative value on error
635	*/
636	static int decrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
637	struct scatterlist *dest_sg,
638	struct scatterlist *src_sg, int size,
639	unsigned char *iv)
640	{
641	struct ablkcipher_request *req = NULL;
642	struct extent_crypt_result ecr;
643	int rc = 0;
644
645	BUG_ON(!crypt_stat \|\| !crypt_stat->tfm
646	\|\| !(crypt_stat->flags & ECRYPTFS_STRUCT_INITIALIZED));
647	if (unlikely(ecryptfs_verbosity > 0)) {
648	ecryptfs_printk(KERN_DEBUG, "Key size [%zd]; key:\n",
649	crypt_stat->key_size);
650	ecryptfs_dump_hex(crypt_stat->key,
651	crypt_stat->key_size);
652	}
653
654	init_completion(&ecr.completion);
655
656	mutex_lock(&crypt_stat->cs_tfm_mutex);
657	req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
658	if (!req) {
659	mutex_unlock(&crypt_stat->cs_tfm_mutex);
660	rc = -ENOMEM;
661	goto out;
662	}
663
664	ablkcipher_request_set_callback(req,
665	CRYPTO_TFM_REQ_MAY_BACKLOG \| CRYPTO_TFM_REQ_MAY_SLEEP,
666	extent_crypt_complete, &ecr);
667	/* Consider doing this once, when the file is opened */
668	if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
669	rc = crypto_ablkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
670	crypt_stat->key_size);
671	if (rc) {
672	ecryptfs_printk(KERN_ERR,
673	"Error setting key; rc = [%d]\n",
674	rc);
675	mutex_unlock(&crypt_stat->cs_tfm_mutex);
676	rc = -EINVAL;
677	goto out;
678	}
679	crypt_stat->flags \|= ECRYPTFS_KEY_SET;
680	}
681	mutex_unlock(&crypt_stat->cs_tfm_mutex);
682	ecryptfs_printk(KERN_DEBUG, "Decrypting [%d] bytes.\n", size);
683	ablkcipher_request_set_crypt(req, src_sg, dest_sg, size, iv);
684	rc = crypto_ablkcipher_decrypt(req);
685	if (rc == -EINPROGRESS \|\| rc == -EBUSY) {
686	struct extent_crypt_result *ecr = req->base.data;
687
688	wait_for_completion(&ecr->completion);
689	rc = ecr->rc;
690	INIT_COMPLETION(ecr->completion);
691	}
692	out:
693	ablkcipher_request_free(req);
694	return rc;
695
696	}
697
698	/**
699	* ecryptfs_encrypt_page_offset	631	* ecryptfs_encrypt_page_offset
700	* @crypt_stat: The cryptographic context	632	* @crypt_stat: The cryptographic context
701	* @dst_page: The page to encrypt into	633	* @dst_page: The page to encrypt into
@@ -718,7 +650,8 @@ ecryptfs_encrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
718		650
719	sg_set_page(&src_sg, src_page, size, offset);	651	sg_set_page(&src_sg, src_page, size, offset);
720	sg_set_page(&dst_sg, dst_page, size, offset);	652	sg_set_page(&dst_sg, dst_page, size, offset);
721	return encrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size, iv);	653	return crypt_scatterlist(crypt_stat, &dst_sg, &src_sg,
		654	size, iv, ENCRYPT);
722	}	655	}
723		656
724	/**	657	/**
@@ -745,7 +678,8 @@ ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
745	sg_init_table(&dst_sg, 1);	678	sg_init_table(&dst_sg, 1);
746	sg_set_page(&dst_sg, dst_page, size, offset);	679	sg_set_page(&dst_sg, dst_page, size, offset);
747		680
748	return decrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size, iv);	681	return crypt_scatterlist(crypt_stat, &dst_sg, &src_sg,
		682	size, iv, DECRYPT);
749	}	683	}
750		684
751	#define ECRYPTFS_MAX_SCATTERLIST_LEN 4	685	#define ECRYPTFS_MAX_SCATTERLIST_LEN 4