aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/md/dm-crypt.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/md/dm-crypt.c')
-rw-r--r--drivers/md/dm-crypt.c68
1 files changed, 61 insertions, 7 deletions
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index c7bee4f2eedb..a1086ee8cccd 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -20,6 +20,7 @@
20#include <asm/atomic.h> 20#include <asm/atomic.h>
21#include <linux/scatterlist.h> 21#include <linux/scatterlist.h>
22#include <asm/page.h> 22#include <asm/page.h>
23#include <asm/unaligned.h>
23 24
24#include "dm.h" 25#include "dm.h"
25 26
@@ -85,7 +86,10 @@ struct crypt_config {
85 */ 86 */
86 struct crypt_iv_operations *iv_gen_ops; 87 struct crypt_iv_operations *iv_gen_ops;
87 char *iv_mode; 88 char *iv_mode;
88 struct crypto_cipher *iv_gen_private; 89 union {
90 struct crypto_cipher *essiv_tfm;
91 int benbi_shift;
92 } iv_gen_private;
89 sector_t iv_offset; 93 sector_t iv_offset;
90 unsigned int iv_size; 94 unsigned int iv_size;
91 95
@@ -113,6 +117,9 @@ static struct kmem_cache *_crypt_io_pool;
113 * encrypted with the bulk cipher using a salt as key. The salt 117 * encrypted with the bulk cipher using a salt as key. The salt
114 * should be derived from the bulk cipher's key via hashing. 118 * should be derived from the bulk cipher's key via hashing.
115 * 119 *
120 * benbi: the 64-bit "big-endian 'narrow block'-count", starting at 1
121 * (needed for LRW-32-AES and possible other narrow block modes)
122 *
116 * plumb: unimplemented, see: 123 * plumb: unimplemented, see:
117 * http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/454 124 * http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/454
118 */ 125 */
@@ -191,21 +198,61 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
191 } 198 }
192 kfree(salt); 199 kfree(salt);
193 200
194 cc->iv_gen_private = essiv_tfm; 201 cc->iv_gen_private.essiv_tfm = essiv_tfm;
195 return 0; 202 return 0;
196} 203}
197 204
198static void crypt_iv_essiv_dtr(struct crypt_config *cc) 205static void crypt_iv_essiv_dtr(struct crypt_config *cc)
199{ 206{
200 crypto_free_cipher(cc->iv_gen_private); 207 crypto_free_cipher(cc->iv_gen_private.essiv_tfm);
201 cc->iv_gen_private = NULL; 208 cc->iv_gen_private.essiv_tfm = NULL;
202} 209}
203 210
204static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector) 211static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
205{ 212{
206 memset(iv, 0, cc->iv_size); 213 memset(iv, 0, cc->iv_size);
207 *(u64 *)iv = cpu_to_le64(sector); 214 *(u64 *)iv = cpu_to_le64(sector);
208 crypto_cipher_encrypt_one(cc->iv_gen_private, iv, iv); 215 crypto_cipher_encrypt_one(cc->iv_gen_private.essiv_tfm, iv, iv);
216 return 0;
217}
218
219static int crypt_iv_benbi_ctr(struct crypt_config *cc, struct dm_target *ti,
220 const char *opts)
221{
222 unsigned int bs = crypto_blkcipher_blocksize(cc->tfm);
223 int log = long_log2(bs);
224
225 /* we need to calculate how far we must shift the sector count
226 * to get the cipher block count, we use this shift in _gen */
227
228 if (1 << log != bs) {
229 ti->error = "cypher blocksize is not a power of 2";
230 return -EINVAL;
231 }
232
233 if (log > 9) {
234 ti->error = "cypher blocksize is > 512";
235 return -EINVAL;
236 }
237
238 cc->iv_gen_private.benbi_shift = 9 - log;
239
240 return 0;
241}
242
243static void crypt_iv_benbi_dtr(struct crypt_config *cc)
244{
245}
246
247static int crypt_iv_benbi_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
248{
249 __be64 val;
250
251 memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */
252
253 val = cpu_to_be64(((u64)sector << cc->iv_gen_private.benbi_shift) + 1);
254 put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64)));
255
209 return 0; 256 return 0;
210} 257}
211 258
@@ -219,13 +266,18 @@ static struct crypt_iv_operations crypt_iv_essiv_ops = {
219 .generator = crypt_iv_essiv_gen 266 .generator = crypt_iv_essiv_gen
220}; 267};
221 268
269static struct crypt_iv_operations crypt_iv_benbi_ops = {
270 .ctr = crypt_iv_benbi_ctr,
271 .dtr = crypt_iv_benbi_dtr,
272 .generator = crypt_iv_benbi_gen
273};
222 274
223static int 275static int
224crypt_convert_scatterlist(struct crypt_config *cc, struct scatterlist *out, 276crypt_convert_scatterlist(struct crypt_config *cc, struct scatterlist *out,
225 struct scatterlist *in, unsigned int length, 277 struct scatterlist *in, unsigned int length,
226 int write, sector_t sector) 278 int write, sector_t sector)
227{ 279{
228 u8 iv[cc->iv_size]; 280 u8 iv[cc->iv_size] __attribute__ ((aligned(__alignof__(u64))));
229 struct blkcipher_desc desc = { 281 struct blkcipher_desc desc = {
230 .tfm = cc->tfm, 282 .tfm = cc->tfm,
231 .info = iv, 283 .info = iv,
@@ -768,7 +820,7 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
768 cc->tfm = tfm; 820 cc->tfm = tfm;
769 821
770 /* 822 /*
771 * Choose ivmode. Valid modes: "plain", "essiv:<esshash>". 823 * Choose ivmode. Valid modes: "plain", "essiv:<esshash>", "benbi".
772 * See comments at iv code 824 * See comments at iv code
773 */ 825 */
774 826
@@ -778,6 +830,8 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
778 cc->iv_gen_ops = &crypt_iv_plain_ops; 830 cc->iv_gen_ops = &crypt_iv_plain_ops;
779 else if (strcmp(ivmode, "essiv") == 0) 831 else if (strcmp(ivmode, "essiv") == 0)
780 cc->iv_gen_ops = &crypt_iv_essiv_ops; 832 cc->iv_gen_ops = &crypt_iv_essiv_ops;
833 else if (strcmp(ivmode, "benbi") == 0)
834 cc->iv_gen_ops = &crypt_iv_benbi_ops;
781 else { 835 else {
782 ti->error = "Invalid IV mode"; 836 ti->error = "Invalid IV mode";
783 goto bad2; 837 goto bad2;