From patchwork Tue Jun 6 07:07:01 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Milan Broz X-Patchwork-Id: 9769349 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 305D460353 for ; Tue, 6 Jun 2017 17:28:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 22F562684F for ; Tue, 6 Jun 2017 17:28:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 16302284C3; Tue, 6 Jun 2017 17:28:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id AF5F52684F for ; Tue, 6 Jun 2017 17:28:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5CD5361D10; Tue, 6 Jun 2017 17:28:49 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 5CD5361D10 Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=dm-devel-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 5CD5361D10 Authentication-Results: mx1.redhat.com; dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Tyn4VpSd" Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3396077DC4; Tue, 6 Jun 2017 17:28:49 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F0A0C4A492; Tue, 6 Jun 2017 17:28:48 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v5677OLs000500 for ; Tue, 6 Jun 2017 03:07:24 -0400 Received: by smtp.corp.redhat.com (Postfix) id 93C387F8F2; Tue, 6 Jun 2017 07:07:24 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx04.extmail.prod.ext.phx2.redhat.com [10.5.110.28]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8D2F67F8EE for ; Tue, 6 Jun 2017 07:07:22 +0000 (UTC) Received: from mail-wr0-f194.google.com (mail-wr0-f194.google.com [209.85.128.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C31A285543 for ; Tue, 6 Jun 2017 07:07:20 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com C31A285543 Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=gmazyland@gmail.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com C31A285543 Received: by mail-wr0-f194.google.com with SMTP id v104so9429723wrb.0 for ; Tue, 06 Jun 2017 00:07:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=Ry7ijQeuP7BRXRNjVER9VmyjuHXR6bCY0drASQ7nC0I=; b=Tyn4VpSd5m3HF95jNAkCwOE8lkUDnQb+QlgjOTV+2ufuSieN711hTH9HvVTyNX5ibb ddWepV0SAXD8xA7dvgnoj0MWxxSWcRSaDG2KvdJ9ZV+tuco/5WK8OUN5x1LsXMUTeejT 0A+aZ3ljQ6LoQwK0++XHXANk6AbMONdGN2+WtvtftXbFtFTJyoSPNjCbU5Dc2Fq4cBKy P5P/Fu5uBYRvgv3cQ9ivXJP1EFvxZCbGKxZ8m7zjvtPguGjcqVIYtzMuj38tQylenJ+G 7+RWZiVir4d6sHK4xRaHPgSLefB7DGO3k1a5QtYjZv8jXPHtcNUtR95UWJpm5J+I/Tec 9RIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=Ry7ijQeuP7BRXRNjVER9VmyjuHXR6bCY0drASQ7nC0I=; b=cVGUFZ2cWNypBj4YIDIZzl+mfFdex/HrvwjkCZsUcA5nFpczFBaLqWT7M7OHB9VRdx CBq0dmiLIddSfpEK6KUhhwAAiavxLOIL2wFFGyfI99OVatIkKMJJ3xwx5CYCjoqOe8iH SIoKkem/mrGzQcbjuXNQECZy7KiesEr8ebUb6odSnRVjJGG17r6VWk35OHX4+wIfKIGb yTSAoIp1vRyM7GxbRIvkJaal/AHAk75B6e2XYfKYb14f0QCmqV6fFHYkbrXNF4oe0xBa 9Rz0ZOEd/sswde+aGYnFwHVdE4uIdBxeVLXK/HyO0gqL1Ch4N7Y7pgqsA3RxeQPF8FE8 I9ag== X-Gm-Message-State: AODbwcBaWL8el6OqAglrh/zuiLDRRT0Teo3kbAurJfW4DBLsUzOJezkZ Z4uuA2o57+qcsk/I X-Received: by 10.223.157.10 with SMTP id k10mr3876349wre.171.1496732839191; Tue, 06 Jun 2017 00:07:19 -0700 (PDT) Received: from merlot.mazyland.net (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.googlemail.com with ESMTPSA id b201sm15400680wme.2.2017.06.06.00.07.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Jun 2017 00:07:18 -0700 (PDT) From: Milan Broz To: dm-devel@redhat.com Date: Tue, 6 Jun 2017 09:07:01 +0200 Message-Id: <20170606070701.28061-1-gmazyland@gmail.com> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 06 Jun 2017 07:07:21 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 06 Jun 2017 07:07:21 +0000 (UTC) for IP:'209.85.128.194' DOMAIN:'mail-wr0-f194.google.com' HELO:'mail-wr0-f194.google.com' FROM:'gmazyland@gmail.com' RCPT:'' X-RedHat-Spam-Score: -0.31 (BAYES_50, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_PASS) 209.85.128.194 mail-wr0-f194.google.com 209.85.128.194 mail-wr0-f194.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.28 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: dm-devel@redhat.com Cc: thomas.a.kaeding@gmail.com, Milan Broz Subject: [dm-devel] [PATCH] dm-crypt: Add big-endian variant of plain64 IV (plain64be). X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 06 Jun 2017 17:28:50 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP The big-endian IV is needed to map images from extracted disks that are used in some external (on-chip FDE) disk encryption drives. (For example for data recovery from external USB/SATA drives that supports "internal" encryption.) Signed-off-by: Milan Broz --- drivers/md/dm-crypt.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index ebf9e72d479b..a68f9476c483 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -246,6 +246,9 @@ static struct crypto_aead *any_tfm_aead(struct crypt_config *cc) * plain64: the initial vector is the 64-bit little-endian version of the sector * number, padded with zeros if necessary. * + * plain64be: the initial vector is the 64-bit big-endian version of the sector + * number, padded with zeros if necessary. + * * essiv: "encrypted sector|salt initial vector", the sector number is * encrypted with the bulk cipher using a salt as key. The salt * should be derived from the bulk cipher's key via hashing. @@ -302,6 +305,16 @@ static int crypt_iv_plain64_gen(struct crypt_config *cc, u8 *iv, return 0; } +static int crypt_iv_plain64be_gen(struct crypt_config *cc, u8 *iv, + struct dm_crypt_request *dmreq) +{ + memset(iv, 0, cc->iv_size); + /* iv_size is at least of size u64; usually it is 16 bytes */ + *(__be64 *)&iv[cc->iv_size - sizeof(u64)] = cpu_to_be64(dmreq->iv_sector); + + return 0; +} + /* Initialise ESSIV - compute salt but no local memory allocations */ static int crypt_iv_essiv_init(struct crypt_config *cc) { @@ -835,6 +848,10 @@ static const struct crypt_iv_operations crypt_iv_plain64_ops = { .generator = crypt_iv_plain64_gen }; +static const struct crypt_iv_operations crypt_iv_plain64be_ops = { + .generator = crypt_iv_plain64be_gen +}; + static const struct crypt_iv_operations crypt_iv_essiv_ops = { .ctr = crypt_iv_essiv_ctr, .dtr = crypt_iv_essiv_dtr, @@ -2208,6 +2225,8 @@ static int crypt_ctr_ivmode(struct dm_target *ti, const char *ivmode) cc->iv_gen_ops = &crypt_iv_plain_ops; else if (strcmp(ivmode, "plain64") == 0) cc->iv_gen_ops = &crypt_iv_plain64_ops; + else if (strcmp(ivmode, "plain64be") == 0) + cc->iv_gen_ops = &crypt_iv_plain64be_ops; else if (strcmp(ivmode, "essiv") == 0) cc->iv_gen_ops = &crypt_iv_essiv_ops; else if (strcmp(ivmode, "benbi") == 0) @@ -2986,7 +3005,7 @@ static void crypt_io_hints(struct dm_target *ti, struct queue_limits *limits) static struct target_type crypt_target = { .name = "crypt", - .version = {1, 17, 0}, + .version = {1, 18, 0}, .module = THIS_MODULE, .ctr = crypt_ctr, .dtr = crypt_dtr,