From patchwork Mon Oct 28 22:21:03 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Milan Broz X-Patchwork-Id: 3104501 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: X-Original-To: patchwork-dm-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 89AACBF924 for ; Mon, 28 Oct 2013 22:28:19 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id AB6BC20360 for ; Mon, 28 Oct 2013 22:28:18 +0000 (UTC) Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by mail.kernel.org (Postfix) with ESMTP id BAE0B20304 for ; Mon, 28 Oct 2013 22:28:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r9SMMApe029398; Mon, 28 Oct 2013 18:22:12 -0400 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r9SMMAdl004027 for ; Mon, 28 Oct 2013 18:22:10 -0400 Received: from mx1.redhat.com (ext-mx14.extmail.prod.ext.phx2.redhat.com [10.5.110.19]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r9SMMAfZ005115 for ; Mon, 28 Oct 2013 18:22:10 -0400 Received: from mail-ea0-f170.google.com (mail-ea0-f170.google.com [209.85.215.170]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r9SMM8LW024123 for ; Mon, 28 Oct 2013 18:22:08 -0400 Received: by mail-ea0-f170.google.com with SMTP id q10so2059069eaj.1 for ; Mon, 28 Oct 2013 15:22:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=/5p59Bft/AGGPqcMbka35HumCUgNDuCAbQRGWynvBHk=; b=uUxpa7xxfjjBv56vi/yhnfJUFRRhLbfLke4ys+YnP0fLQie3e3/EvbDCO3DLLYk4zO mh9qOoa4yZqKbOqs3ziVjcH6QJ1IGBtnUxyUlms5RBTdo8kw5yf094At+jjelHvW9cDU 5UmURQGnkx9fJhyfXmFYEtnM+WlHD0uiNH3z5fb3LhqFPQg44TtYM3wG5Kqrx1nYqWDf X7X0JwcOci7RPwSeAtvgvcD3JC9OUNvGUReFXSm+Jbt3lzISLREOabtTym0GDCX325b4 /Li0BoAZmbH5NqavLCzeLJOa85Xn/qhbqevI0tKBYMRtPkyZPmmjmQ/qPLDIjyWTxkfz Ki/g== X-Received: by 10.14.99.129 with SMTP id x1mr632999eef.91.1382998927711; Mon, 28 Oct 2013 15:22:07 -0700 (PDT) Received: from tawny.mazyland.net (56.157.broadband5.iol.cz. [88.100.157.56]) by mx.google.com with ESMTPSA id f49sm62356736eec.7.2013.10.28.15.22.05 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 28 Oct 2013 15:22:06 -0700 (PDT) From: Milan Broz To: dm-devel@redhat.com Date: Mon, 28 Oct 2013 23:21:03 +0100 Message-Id: <1382998864-10380-1-git-send-email-gmazyland@gmail.com> In-Reply-To: <1382275000-10660-1-git-send-email-gmazyland@gmail.com> References: <1382275000-10660-1-git-send-email-gmazyland@gmail.com> X-RedHat-Spam-Score: -3.1 (BAYES_00, DCC_REPUT_00_12, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, SPF_PASS) X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 X-Scanned-By: MIMEDefang 2.68 on 10.5.110.19 X-loop: dm-devel@redhat.com Cc: Milan Broz Subject: [dm-devel] [PATCH 1/2] dm-crypt: Properly handle extra key string in initialization X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk Reply-To: device-mapper development List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Some encryption modes use extra keys (e.g. loopAES has IV seed) which are not used in block cipher initialization but are part of key string in table constructor. Patch adds additional field which described lenght of this extra keys and substracts it before real key encryption setting. So the key_size always includes the size of provided key in mapping table in bytes. The key_parts descibes how many parts (usually keys) contains the whole key buffer and key_extra_size contains size in bytes of additional keys part (this number of bytes must be cut off because is processed by IV generator). | K1 | K2 | .... | K64 | Kiv | |----------- key_size ----------------- | | |-key_extra_size-| | [64 keys] [1 key] | => key_parts = 65 Example where key string contains main key K, whitening key Kw and IV seed Kiv: | K | Kiv | Kw | |--------------- key_size ---------------| | |-----key_extra_size-------| | [1 key] | [1 key] | [1 key] | => key_parts = 3 Because extra keys are calculated during IV mode setting, key initialization is moved after this step. For now, this change has no effect to supported modes (thanks to ilog2 rounding) but is required by following patch. Signed-off-by: Milan Broz --- drivers/md/dm-crypt.c | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index 0fce0bc..878bda7 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -171,7 +171,8 @@ struct crypt_config { unsigned long flags; unsigned int key_size; - unsigned int key_parts; + unsigned int key_parts; /* independent parts in key buffer */ + unsigned int key_extra_size;/* additional keys length */ u8 key[0]; }; @@ -1274,9 +1275,12 @@ static int crypt_alloc_tfms(struct crypt_config *cc, char *ciphermode) static int crypt_setkey_allcpus(struct crypt_config *cc) { - unsigned subkey_size = cc->key_size >> ilog2(cc->tfms_count); + unsigned subkey_size; int err = 0, i, r; + /* Ignore extra keys (which are used for IV etc) */ + subkey_size = (cc->key_size - cc->key_extra_size) >> ilog2(cc->tfms_count); + for (i = 0; i < cc->tfms_count; i++) { r = crypto_ablkcipher_setkey(cc->tfms[i], cc->key + (i * subkey_size), @@ -1409,6 +1413,7 @@ static int crypt_ctr_cipher(struct dm_target *ti, return -EINVAL; } cc->key_parts = cc->tfms_count; + cc->key_extra_size = 0; cc->cipher = kstrdup(cipher, GFP_KERNEL); if (!cc->cipher) @@ -1460,13 +1465,6 @@ static int crypt_ctr_cipher(struct dm_target *ti, goto bad; } - /* Initialize and set key */ - ret = crypt_set_key(cc, key); - if (ret < 0) { - ti->error = "Error decoding and setting key"; - goto bad; - } - /* Initialize IV */ cc->iv_size = crypto_ablkcipher_ivsize(any_tfm(cc)); if (cc->iv_size) @@ -1497,14 +1495,23 @@ static int crypt_ctr_cipher(struct dm_target *ti, * to length of provided multi-key string. * If present (version 3), last key is used as IV seed. */ - if (cc->key_size % cc->key_parts) + if (cc->key_size % cc->key_parts) { cc->key_parts++; + cc->key_extra_size = cc->key_size / cc->key_parts; + } } else { ret = -EINVAL; ti->error = "Invalid IV mode"; goto bad; } + /* Initialize and set key */ + ret = crypt_set_key(cc, key); + if (ret < 0) { + ti->error = "Error decoding and setting key"; + goto bad; + } + /* Allocate IV */ if (cc->iv_gen_ops && cc->iv_gen_ops->ctr) { ret = cc->iv_gen_ops->ctr(cc, ti, ivopts);