From patchwork Thu Mar 16 14:39:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Milan Broz X-Patchwork-Id: 9628421 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5312960522 for ; Thu, 16 Mar 2017 14:40:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 463A72857D for ; Thu, 16 Mar 2017 14:40:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3B326285EB; Thu, 16 Mar 2017 14:40:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.3 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id B5693285A1 for ; Thu, 16 Mar 2017 14:40:28 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 83BA7C0567A1; Thu, 16 Mar 2017 14:40:27 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 83BA7C0567A1 Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=dm-devel-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 83BA7C0567A1 Authentication-Results: mx1.redhat.com; dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="tJRPc47P" Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5B5FF85A3A; Thu, 16 Mar 2017 14:40:26 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1610F1853D05; Thu, 16 Mar 2017 14:40:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v2GEe96O029435 for ; Thu, 16 Mar 2017 10:40:09 -0400 Received: by smtp.corp.redhat.com (Postfix) id CF2FD91298; Thu, 16 Mar 2017 14:40:09 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx06.extmail.prod.ext.phx2.redhat.com [10.5.110.30]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C7A945C6CA for ; Thu, 16 Mar 2017 14:40:05 +0000 (UTC) Received: from mail-wr0-f195.google.com (mail-wr0-f195.google.com [209.85.128.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8B29B42BCC for ; Thu, 16 Mar 2017 14:40:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 8B29B42BCC Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=gmazyland@gmail.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 8B29B42BCC Received: by mail-wr0-f195.google.com with SMTP id u108so6192501wrb.2 for ; Thu, 16 Mar 2017 07:40:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=LZ4mCAyzqvX6E8iippJSQRFFgTygbxEp0HTXlD2L1dY=; b=tJRPc47PKRASdKfNQkKRpZHiSmMeQCwnttXv6dF5DFnyi7+7wRPCaNmkDB1y2mLII7 5FAvjsviL90TUhtbU/Bd06t1KgL0rUiMgllki1JoTw7dV7wH8x1G/jdGtBqIDVRovnM/ 9lza0ClXunjrXhor9MGXv9to93sF49NUj9NAUVzz2vedzAt7EvSy4bgnk/MxsRcPq0V1 U9LBkT8kfXgeIfTrZ8kYDzy6SZpvnt0JZkeQrqO163R4ycZX+Bc1ctTlVYSOwR32c/Pw ji+JRmyyJL5waB+vU+RpHsEiNZfXV4LGNhP/0TNLaii7Als2OyRw8X/TZBI2N7QPUcyh 26nQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=LZ4mCAyzqvX6E8iippJSQRFFgTygbxEp0HTXlD2L1dY=; b=nY8U9VmZ673DpSHNq9wtgamUr2MIuN5Y3lGknaLtghKPsy1xzbLYA7i15yVNztClbY QRIiH0VlwWpvvmnO2AaZkmMO/dZc9pcTjzSXewfps3EekVEX0L0lOUr+EcQ32RTg/Zj2 IeyjjEY5iT4niQlb9bz9U8ADxwL433EYs8McA9P9Mo1ov1Pyw5Yz8sg4aVnaRTs2rtUD aK6A6es2+gdnJwygv7+l7IfmAMkMMc4dm16MOeCz17UR4PM/KQ78O4yjKpXjJ/fiK38G Zwnys+g9x5z3hX0HxEvX4L+mqDnVgd8nUdPhdh2SxOGsp6EwSEYp+eifTnb56Jmnkp9F Zuhw== X-Gm-Message-State: AFeK/H2aUbRPZ5Ax/5H9oUnKRRaBkmyytw69aPAeHE763PPLtYIER9GLIoVvZc/eJtMTlg== X-Received: by 10.223.169.161 with SMTP id b30mr8781713wrd.196.1489675202038; Thu, 16 Mar 2017 07:40:02 -0700 (PDT) Received: from merlot.mazyland.net (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.googlemail.com with ESMTPSA id i203sm4553466wmf.12.2017.03.16.07.40.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 16 Mar 2017 07:40:01 -0700 (PDT) From: Milan Broz To: dm-devel@redhat.com Date: Thu, 16 Mar 2017 15:39:39 +0100 Message-Id: <20170316143944.19843-3-gmazyland@gmail.com> In-Reply-To: <20170316143944.19843-1-gmazyland@gmail.com> References: <20170316143944.19843-1-gmazyland@gmail.com> In-Reply-To: References: X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 16 Mar 2017 14:40:04 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 16 Mar 2017 14:40:04 +0000 (UTC) for IP:'209.85.128.195' DOMAIN:'mail-wr0-f195.google.com' HELO:'mail-wr0-f195.google.com' FROM:'gmazyland@gmail.com' RCPT:'' X-RedHat-Spam-Score: -1.71 (BAYES_50, DCC_REPUT_13_19, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, RCVD_IN_SORBS_SPAM, SPF_PASS) 209.85.128.195 mail-wr0-f195.google.com 209.85.128.195 mail-wr0-f195.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.30 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: dm-devel@redhat.com Cc: Milan Broz Subject: [dm-devel] [PATCH 2/7] dm-crypt: Move IV constructor to separate function. X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 16 Mar 2017 14:40:29 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP No functional change in this patch, just preparation for next patches. Signed-off-by: Milan Broz --- drivers/md/dm-crypt.c | 130 +++++++++++++++++++++++++++----------------------- 1 file changed, 69 insertions(+), 61 deletions(-) diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index 9ec6d50603f6..faec408dcf50 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -2196,6 +2196,73 @@ static void crypt_dtr(struct dm_target *ti) kzfree(cc); } +static int crypt_ctr_ivmode(struct dm_target *ti, const char *ivmode) +{ + struct crypt_config *cc = ti->private; + + if (crypt_integrity_mode(cc)) + cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); + else + cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); + + if (crypt_integrity_hmac(cc)) { + cc->authenc_key = kmalloc(crypt_authenckey_size(cc), GFP_KERNEL); + if (!cc->authenc_key) { + ti->error = "Error allocating authenc key space"; + return -ENOMEM; + } + } + + if (cc->iv_size) + /* at least a 64 bit sector number should fit in our buffer */ + cc->iv_size = max(cc->iv_size, + (unsigned int)(sizeof(u64) / sizeof(u8))); + else if (ivmode) { + DMWARN("Selected cipher does not support IVs"); + ivmode = NULL; + } + + /* Choose ivmode, see comments at iv code. */ + if (ivmode == NULL) + cc->iv_gen_ops = NULL; + else if (strcmp(ivmode, "plain") == 0) + cc->iv_gen_ops = &crypt_iv_plain_ops; + else if (strcmp(ivmode, "plain64") == 0) + cc->iv_gen_ops = &crypt_iv_plain64_ops; + else if (strcmp(ivmode, "essiv") == 0) + cc->iv_gen_ops = &crypt_iv_essiv_ops; + else if (strcmp(ivmode, "benbi") == 0) + cc->iv_gen_ops = &crypt_iv_benbi_ops; + else if (strcmp(ivmode, "null") == 0) + cc->iv_gen_ops = &crypt_iv_null_ops; + else if (strcmp(ivmode, "lmk") == 0) { + cc->iv_gen_ops = &crypt_iv_lmk_ops; + /* + * Version 2 and 3 is recognised according + * to length of provided multi-key string. + * If present (version 3), last key is used as IV seed. + * All keys (including IV seed) are always the same size. + */ + if (cc->key_size % cc->key_parts) { + cc->key_parts++; + cc->key_extra_size = cc->key_size / cc->key_parts; + } + } else if (strcmp(ivmode, "tcw") == 0) { + cc->iv_gen_ops = &crypt_iv_tcw_ops; + cc->key_parts += 2; /* IV + whitening */ + cc->key_extra_size = cc->iv_size + TCW_WHITENING_SIZE; + } else if (strcmp(ivmode, "random") == 0) { + cc->iv_gen_ops = &crypt_iv_random_ops; + /* Need storage space in integrity fields. */ + cc->integrity_iv_size = cc->iv_size; + } else { + ti->error = "Invalid IV mode"; + return -EINVAL; + } + + return 0; +} + static int crypt_ctr_cipher(struct dm_target *ti, char *cipher_in, char *key) { @@ -2205,7 +2272,6 @@ static int crypt_ctr_cipher(struct dm_target *ti, int ret = -EINVAL; char dummy; - /* Convert to crypto api definition? */ if (strchr(cipher_in, '(')) { ti->error = "Bad cipher specification"; return -EINVAL; @@ -2276,67 +2342,9 @@ static int crypt_ctr_cipher(struct dm_target *ti, } /* Initialize IV */ - if (crypt_integrity_mode(cc)) - cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); - else - cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); - - if (crypt_integrity_hmac(cc)) { - cc->authenc_key = kmalloc(crypt_authenckey_size(cc), GFP_KERNEL); - if (!cc->authenc_key) { - ret = -ENOMEM; - ti->error = "Error allocating authenc key space"; - goto bad; - } - } - - if (cc->iv_size) - /* at least a 64 bit sector number should fit in our buffer */ - cc->iv_size = max(cc->iv_size, - (unsigned int)(sizeof(u64) / sizeof(u8))); - else if (ivmode) { - DMWARN("Selected cipher does not support IVs"); - ivmode = NULL; - } - - /* Choose ivmode, see comments at iv code. */ - if (ivmode == NULL) - cc->iv_gen_ops = NULL; - else if (strcmp(ivmode, "plain") == 0) - cc->iv_gen_ops = &crypt_iv_plain_ops; - else if (strcmp(ivmode, "plain64") == 0) - cc->iv_gen_ops = &crypt_iv_plain64_ops; - else if (strcmp(ivmode, "essiv") == 0) - cc->iv_gen_ops = &crypt_iv_essiv_ops; - else if (strcmp(ivmode, "benbi") == 0) - cc->iv_gen_ops = &crypt_iv_benbi_ops; - else if (strcmp(ivmode, "null") == 0) - cc->iv_gen_ops = &crypt_iv_null_ops; - else if (strcmp(ivmode, "lmk") == 0) { - cc->iv_gen_ops = &crypt_iv_lmk_ops; - /* - * Version 2 and 3 is recognised according - * to length of provided multi-key string. - * If present (version 3), last key is used as IV seed. - * All keys (including IV seed) are always the same size. - */ - if (cc->key_size % cc->key_parts) { - cc->key_parts++; - cc->key_extra_size = cc->key_size / cc->key_parts; - } - } else if (strcmp(ivmode, "tcw") == 0) { - cc->iv_gen_ops = &crypt_iv_tcw_ops; - cc->key_parts += 2; /* IV + whitening */ - cc->key_extra_size = cc->iv_size + TCW_WHITENING_SIZE; - } else if (strcmp(ivmode, "random") == 0) { - cc->iv_gen_ops = &crypt_iv_random_ops; - /* Need storage space in integrity fields. */ - cc->integrity_iv_size = cc->iv_size; - } else { - ret = -EINVAL; - ti->error = "Invalid IV mode"; + ret = crypt_ctr_ivmode(ti, ivmode); + if (ret < 0) goto bad; - } /* Initialize and set key */ ret = crypt_set_key(cc, key);