1 files changed, 73 insertions, 0 deletions
diff --git a/net/ceph/crypto.c b/net/ceph/crypto.c
index 7b505b0c983f..5a8009c9e0cd 100644
--- a/net/ceph/crypto.c
+++ b/net/ceph/crypto.c
@@ -5,10 +5,23 @@
 #include <linux/scatterlist.h>
 #include <linux/slab.h>
 #include <crypto/hash.h>
+#include <linux/key-type.h>
+#include <keys/ceph-type.h>
 #include <linux/ceph/decode.h>
 #include "crypto.h"
+int ceph_crypto_key_clone(struct ceph_crypto_key *dst,
+                          const struct ceph_crypto_key *src)
+{
+        memcpy(dst, src, sizeof(struct ceph_crypto_key));
+        dst->key = kmalloc(src->len, GFP_NOFS);
+        if (!dst->key)
+                return -ENOMEM;
+        memcpy(dst->key, src->key, src->len);
+        return 0;
+}
 int ceph_crypto_key_encode(struct ceph_crypto_key *key, void **p, void *end)
 {
        if (*p + sizeof(u16) + sizeof(key->created) +
@@ -410,3 +423,63 @@ int ceph_encrypt2(struct ceph_crypto_key *secret, void *dst, size_t *dst_len,
                return -EINVAL;
        }
 }
+int ceph_key_instantiate(struct key *key, const void *data, size_t datalen)
+{
+        struct ceph_crypto_key *ckey;
+        int ret;
+        void *p;
+        ret = -EINVAL;
+        if (datalen <= 0 || datalen > 32767 || !data)
+                goto err;
+        ret = key_payload_reserve(key, datalen);
+        if (ret < 0)
+                goto err;
+        ret = -ENOMEM;
+        ckey = kmalloc(sizeof(*ckey), GFP_KERNEL);
+        if (!ckey)
+                goto err;
+        /* TODO ceph_crypto_key_decode should really take const input */
+        p = (void*)data;
+        ret = ceph_crypto_key_decode(ckey, &p, (char*)data+datalen);
+        if (ret < 0)
+                goto err_ckey;
+        key->payload.data = ckey;
+        return 0;
+err_ckey:
+        kfree(ckey);
+err:
+        return ret;
+}
+int ceph_key_match(const struct key *key, const void *description)
+{
+        return strcmp(key->description, description) == 0;
+}
+void ceph_key_destroy(struct key *key) {
+        struct ceph_crypto_key *ckey = key->payload.data;
+        ceph_crypto_key_destroy(ckey);
+}
+struct key_type key_type_ceph = {
+        .name           = "ceph",
+        .instantiate    = ceph_key_instantiate,
+        .match          = ceph_key_match,
+        .destroy        = ceph_key_destroy,
+};
+int ceph_crypto_init(void) {
+        return register_key_type(&key_type_ceph);
+}
+void ceph_crypto_shutdown(void) {
+        unregister_key_type(&key_type_ceph);
+}

diff --git a/net/ceph/crypto.c b/net/ceph/crypto.c index 7b505b0c983f..5a8009c9e0cd 100644 --- a/net/ceph/crypto.c +++ b/net/ceph/crypto.c
@@ -5,10 +5,23 @@
5	#include <linux/scatterlist.h>	5	#include <linux/scatterlist.h>
6	#include <linux/slab.h>	6	#include <linux/slab.h>
7	#include <crypto/hash.h>	7	#include <crypto/hash.h>
		8	#include <linux/key-type.h>
8		9
		10	#include <keys/ceph-type.h>
9	#include <linux/ceph/decode.h>	11	#include <linux/ceph/decode.h>
10	#include "crypto.h"	12	#include "crypto.h"
11		13
		14	int ceph_crypto_key_clone(struct ceph_crypto_key *dst,
		15	const struct ceph_crypto_key *src)
		16	{
		17	memcpy(dst, src, sizeof(struct ceph_crypto_key));
		18	dst->key = kmalloc(src->len, GFP_NOFS);
		19	if (!dst->key)
		20	return -ENOMEM;
		21	memcpy(dst->key, src->key, src->len);
		22	return 0;
		23	}
		24
12	int ceph_crypto_key_encode(struct ceph_crypto_key key, void p, void end)	25	int ceph_crypto_key_encode(struct ceph_crypto_key key, void p, void end)
13	{	26	{
14	if (*p + sizeof(u16) + sizeof(key->created) +	27	if (*p + sizeof(u16) + sizeof(key->created) +
@@ -410,3 +423,63 @@ int ceph_encrypt2(struct ceph_crypto_key secret, void dst, size_t *dst_len,
410	return -EINVAL;	423	return -EINVAL;
411	}	424	}
412	}	425	}
		426
		427	int ceph_key_instantiate(struct key key, const void data, size_t datalen)
		428	{
		429	struct ceph_crypto_key *ckey;
		430	int ret;
		431	void *p;
		432
		433	ret = -EINVAL;
		434	if (datalen <= 0 \|\| datalen > 32767 \|\| !data)
		435	goto err;
		436
		437	ret = key_payload_reserve(key, datalen);
		438	if (ret < 0)
		439	goto err;
		440
		441	ret = -ENOMEM;
		442	ckey = kmalloc(sizeof(*ckey), GFP_KERNEL);
		443	if (!ckey)
		444	goto err;
		445
		446	/* TODO ceph_crypto_key_decode should really take const input */
		447	p = (void*)data;
		448	ret = ceph_crypto_key_decode(ckey, &p, (char*)data+datalen);
		449	if (ret < 0)
		450	goto err_ckey;
		451
		452	key->payload.data = ckey;
		453	return 0;
		454
		455	err_ckey:
		456	kfree(ckey);
		457	err:
		458	return ret;
		459	}
		460
		461	int ceph_key_match(const struct key key, const void description)
		462	{
		463	return strcmp(key->description, description) == 0;
		464	}
		465
		466	void ceph_key_destroy(struct key *key) {
		467	struct ceph_crypto_key *ckey = key->payload.data;
		468
		469	ceph_crypto_key_destroy(ckey);
		470	}
		471
		472	struct key_type key_type_ceph = {
		473	.name = "ceph",
		474	.instantiate = ceph_key_instantiate,
		475	.match = ceph_key_match,
		476	.destroy = ceph_key_destroy,
		477	};
		478
		479	int ceph_crypto_init(void) {
		480	return register_key_type(&key_type_ceph);
		481	}
		482
		483	void ceph_crypto_shutdown(void) {
		484	unregister_key_type(&key_type_ceph);
		485	}