aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--drivers/md/dm-crypt.c180
1 files changed, 93 insertions, 87 deletions
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index a8aab9cf26b9..139bbe2254cd 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -999,6 +999,45 @@ static int crypt_wipe_key(struct crypt_config *cc)
999 return crypto_ablkcipher_setkey(cc->tfm, cc->key, cc->key_size); 999 return crypto_ablkcipher_setkey(cc->tfm, cc->key, cc->key_size);
1000} 1000}
1001 1001
1002static void crypt_dtr(struct dm_target *ti)
1003{
1004 struct crypt_config *cc = ti->private;
1005
1006 ti->private = NULL;
1007
1008 if (!cc)
1009 return;
1010
1011 if (cc->io_queue)
1012 destroy_workqueue(cc->io_queue);
1013 if (cc->crypt_queue)
1014 destroy_workqueue(cc->crypt_queue);
1015
1016 if (cc->bs)
1017 bioset_free(cc->bs);
1018
1019 if (cc->page_pool)
1020 mempool_destroy(cc->page_pool);
1021 if (cc->req_pool)
1022 mempool_destroy(cc->req_pool);
1023 if (cc->io_pool)
1024 mempool_destroy(cc->io_pool);
1025
1026 if (cc->iv_gen_ops && cc->iv_gen_ops->dtr)
1027 cc->iv_gen_ops->dtr(cc);
1028
1029 if (cc->tfm && !IS_ERR(cc->tfm))
1030 crypto_free_ablkcipher(cc->tfm);
1031
1032 if (cc->dev)
1033 dm_put_device(ti, cc->dev);
1034
1035 kfree(cc->iv_mode);
1036
1037 /* Must zero key material before freeing */
1038 kzfree(cc);
1039}
1040
1002/* 1041/*
1003 * Construct an encryption mapping: 1042 * Construct an encryption mapping:
1004 * <cipher> <key> <iv_offset> <dev_path> <start> 1043 * <cipher> <key> <iv_offset> <dev_path> <start>
@@ -1006,7 +1045,6 @@ static int crypt_wipe_key(struct crypt_config *cc)
1006static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv) 1045static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
1007{ 1046{
1008 struct crypt_config *cc; 1047 struct crypt_config *cc;
1009 struct crypto_ablkcipher *tfm;
1010 char *tmp; 1048 char *tmp;
1011 char *cipher; 1049 char *cipher;
1012 char *chainmode; 1050 char *chainmode;
@@ -1014,6 +1052,7 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
1014 char *ivopts; 1052 char *ivopts;
1015 unsigned int key_size; 1053 unsigned int key_size;
1016 unsigned long long tmpll; 1054 unsigned long long tmpll;
1055 int ret = -EINVAL;
1017 1056
1018 if (argc != 5) { 1057 if (argc != 5) {
1019 ti->error = "Not enough arguments"; 1058 ti->error = "Not enough arguments";
@@ -1032,12 +1071,13 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
1032 key_size = strlen(argv[1]) >> 1; 1071 key_size = strlen(argv[1]) >> 1;
1033 1072
1034 cc = kzalloc(sizeof(*cc) + key_size * sizeof(u8), GFP_KERNEL); 1073 cc = kzalloc(sizeof(*cc) + key_size * sizeof(u8), GFP_KERNEL);
1035 if (cc == NULL) { 1074 if (!cc) {
1036 ti->error = 1075 ti->error = "Cannot allocate transparent encryption context";
1037 "Cannot allocate transparent encryption context";
1038 return -ENOMEM; 1076 return -ENOMEM;
1039 } 1077 }
1040 1078
1079 ti->private = cc;
1080
1041 /* Compatibility mode for old dm-crypt cipher strings */ 1081 /* Compatibility mode for old dm-crypt cipher strings */
1042 if (!chainmode || (strcmp(chainmode, "plain") == 0 && !ivmode)) { 1082 if (!chainmode || (strcmp(chainmode, "plain") == 0 && !ivmode)) {
1043 chainmode = "cbc"; 1083 chainmode = "cbc";
@@ -1046,35 +1086,36 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
1046 1086
1047 if (strcmp(chainmode, "ecb") && !ivmode) { 1087 if (strcmp(chainmode, "ecb") && !ivmode) {
1048 ti->error = "This chaining mode requires an IV mechanism"; 1088 ti->error = "This chaining mode requires an IV mechanism";
1049 goto bad_cipher; 1089 goto bad;
1050 } 1090 }
1051 1091
1092 ret = -ENOMEM;
1052 if (snprintf(cc->cipher, CRYPTO_MAX_ALG_NAME, "%s(%s)", 1093 if (snprintf(cc->cipher, CRYPTO_MAX_ALG_NAME, "%s(%s)",
1053 chainmode, cipher) >= CRYPTO_MAX_ALG_NAME) { 1094 chainmode, cipher) >= CRYPTO_MAX_ALG_NAME) {
1054 ti->error = "Chain mode + cipher name is too long"; 1095 ti->error = "Chain mode + cipher name is too long";
1055 goto bad_cipher; 1096 goto bad;
1056 } 1097 }
1057 1098
1058 tfm = crypto_alloc_ablkcipher(cc->cipher, 0, 0); 1099 cc->tfm = crypto_alloc_ablkcipher(cc->cipher, 0, 0);
1059 if (IS_ERR(tfm)) { 1100 if (IS_ERR(cc->tfm)) {
1060 ti->error = "Error allocating crypto tfm"; 1101 ti->error = "Error allocating crypto tfm";
1061 goto bad_cipher; 1102 goto bad;
1062 } 1103 }
1063 1104
1064 strcpy(cc->cipher, cipher); 1105 strcpy(cc->cipher, cipher);
1065 strcpy(cc->chainmode, chainmode); 1106 strcpy(cc->chainmode, chainmode);
1066 cc->tfm = tfm;
1067 1107
1068 if (crypt_set_key(cc, argv[1]) < 0) { 1108 ret = crypt_set_key(cc, argv[1]);
1109 if (ret < 0) {
1069 ti->error = "Error decoding and setting key"; 1110 ti->error = "Error decoding and setting key";
1070 goto bad_ivmode; 1111 goto bad;
1071 } 1112 }
1072 1113
1073 /* 1114 /*
1074 * Choose ivmode. Valid modes: "plain", "essiv:<esshash>", "benbi". 1115 * Choose ivmode. Valid modes: "plain", "essiv:<esshash>", "benbi".
1075 * See comments at iv code 1116 * See comments at iv code
1076 */ 1117 */
1077 1118 ret = -EINVAL;
1078 if (ivmode == NULL) 1119 if (ivmode == NULL)
1079 cc->iv_gen_ops = NULL; 1120 cc->iv_gen_ops = NULL;
1080 else if (strcmp(ivmode, "plain") == 0) 1121 else if (strcmp(ivmode, "plain") == 0)
@@ -1089,20 +1130,28 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
1089 cc->iv_gen_ops = &crypt_iv_null_ops; 1130 cc->iv_gen_ops = &crypt_iv_null_ops;
1090 else { 1131 else {
1091 ti->error = "Invalid IV mode"; 1132 ti->error = "Invalid IV mode";
1092 goto bad_ivmode; 1133 goto bad;
1093 } 1134 }
1094 1135
1095 if (cc->iv_gen_ops && cc->iv_gen_ops->ctr && 1136 /* Allocate IV */
1096 cc->iv_gen_ops->ctr(cc, ti, ivopts) < 0) 1137 if (cc->iv_gen_ops && cc->iv_gen_ops->ctr) {
1097 goto bad_ivmode; 1138 ret = cc->iv_gen_ops->ctr(cc, ti, ivopts);
1139 if (ret < 0) {
1140 ti->error = "Error creating IV";
1141 goto bad;
1142 }
1143 }
1098 1144
1099 if (cc->iv_gen_ops && cc->iv_gen_ops->init && 1145 /* Initialize IV (set keys for ESSIV etc) */
1100 cc->iv_gen_ops->init(cc) < 0) { 1146 if (cc->iv_gen_ops && cc->iv_gen_ops->init) {
1101 ti->error = "Error initialising IV"; 1147 ret = cc->iv_gen_ops->init(cc);
1102 goto bad_slab_pool; 1148 if (ret < 0) {
1149 ti->error = "Error initialising IV";
1150 goto bad;
1151 }
1103 } 1152 }
1104 1153
1105 cc->iv_size = crypto_ablkcipher_ivsize(tfm); 1154 cc->iv_size = crypto_ablkcipher_ivsize(cc->tfm);
1106 if (cc->iv_size) 1155 if (cc->iv_size)
1107 /* at least a 64 bit sector number should fit in our buffer */ 1156 /* at least a 64 bit sector number should fit in our buffer */
1108 cc->iv_size = max(cc->iv_size, 1157 cc->iv_size = max(cc->iv_size,
@@ -1116,62 +1165,65 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
1116 } 1165 }
1117 } 1166 }
1118 1167
1168 ret = -ENOMEM;
1119 cc->io_pool = mempool_create_slab_pool(MIN_IOS, _crypt_io_pool); 1169 cc->io_pool = mempool_create_slab_pool(MIN_IOS, _crypt_io_pool);
1120 if (!cc->io_pool) { 1170 if (!cc->io_pool) {
1121 ti->error = "Cannot allocate crypt io mempool"; 1171 ti->error = "Cannot allocate crypt io mempool";
1122 goto bad_slab_pool; 1172 goto bad;
1123 } 1173 }
1124 1174