You've already forked linux-apfs
mirror of
https://github.com/linux-apfs/linux-apfs.git
synced 2026-05-01 15:00:59 -07:00
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (48 commits) [NETFILTER]: Fix non-ANSI func. decl. [TG3]: Identify Serdes devices more clearly. [TG3]: Use msleep. [TG3]: Use netif_msg_*. [TG3]: Allow partial speed advertisement. [TG3]: Add TG3_FLG2_IS_NIC flag. [TG3]: Add 5787F device ID. [TG3]: Fix Phy loopback. [WANROUTER]: Kill kmalloc debugging code. [TCP] inet_twdr_hangman: Delete unnecessary memory barrier(). [NET]: Memory barrier cleanups [IPSEC]: Fix inetpeer leak in ipv4 xfrm dst entries. audit: disable ipsec auditing when CONFIG_AUDITSYSCALL=n audit: Add auditing to ipsec [IRDA] irlan: Fix compile warning when CONFIG_PROC_FS=n [IrDA]: Incorrect TTP header reservation [IrDA]: PXA FIR code device model conversion [GENETLINK]: Fix misplaced command flags. [NETLIK]: Add a pointer to the Generic Netlink wiki page. [IPV6] RAW: Don't release unlocked sock. ...
This commit is contained in:
Linus Torvalds
+61
-7
@@ -20,6 +20,7 @@
|
||||
#include <asm/atomic.h>
|
||||
#include <linux/scatterlist.h>
|
||||
#include <asm/page.h>
|
||||
#include <asm/unaligned.h>
|
||||
|
||||
#include "dm.h"
|
||||
|
||||
@@ -85,7 +86,10 @@ struct crypt_config {
|
||||
*/
|
||||
struct crypt_iv_operations *iv_gen_ops;
|
||||
char *iv_mode;
|
||||
struct crypto_cipher *iv_gen_private;
|
||||
union {
|
||||
struct crypto_cipher *essiv_tfm;
|
||||
int benbi_shift;
|
||||
} iv_gen_private;
|
||||
sector_t iv_offset;
|
||||
unsigned int iv_size;
|
||||
|
||||
@@ -113,6 +117,9 @@ static struct kmem_cache *_crypt_io_pool;
|
||||
* encrypted with the bulk cipher using a salt as key. The salt
|
||||
* should be derived from the bulk cipher's key via hashing.
|
||||
*
|
||||
* benbi: the 64-bit "big-endian 'narrow block'-count", starting at 1
|
||||
* (needed for LRW-32-AES and possible other narrow block modes)
|
||||
*
|
||||
* plumb: unimplemented, see:
|
||||
* http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/454
|
||||
*/
|
||||
@@ -191,21 +198,61 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
|
||||
}
|
||||
kfree(salt);
|
||||
|
||||
cc->iv_gen_private = essiv_tfm;
|
||||
cc->iv_gen_private.essiv_tfm = essiv_tfm;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void crypt_iv_essiv_dtr(struct crypt_config *cc)
|
||||
{
|
||||
crypto_free_cipher(cc->iv_gen_private);
|
||||
cc->iv_gen_private = NULL;
|
||||
crypto_free_cipher(cc->iv_gen_private.essiv_tfm);
|
||||
cc->iv_gen_private.essiv_tfm = NULL;
|
||||
}
|
||||
|
||||
static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
|
||||
{
|
||||
memset(iv, 0, cc->iv_size);
|
||||
*(u64 *)iv = cpu_to_le64(sector);
|
||||
crypto_cipher_encrypt_one(cc->iv_gen_private, iv, iv);
|
||||
crypto_cipher_encrypt_one(cc->iv_gen_private.essiv_tfm, iv, iv);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int crypt_iv_benbi_ctr(struct crypt_config *cc, struct dm_target *ti,
|
||||
const char *opts)
|
||||
{
|
||||
unsigned int bs = crypto_blkcipher_blocksize(cc->tfm);
|
||||
int log = long_log2(bs);
|
||||
|
||||
/* we need to calculate how far we must shift the sector count
|
||||
* to get the cipher block count, we use this shift in _gen */
|
||||
|
||||
if (1 << log != bs) {
|
||||
ti->error = "cypher blocksize is not a power of 2";
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
if (log > 9) {
|
||||
ti->error = "cypher blocksize is > 512";
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
cc->iv_gen_private.benbi_shift = 9 - log;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void crypt_iv_benbi_dtr(struct crypt_config *cc)
|
||||
{
|
||||
}
|
||||
|
||||
static int crypt_iv_benbi_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
|
||||
{
|
||||
__be64 val;
|
||||
|
||||
memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */
|
||||
|
||||
val = cpu_to_be64(((u64)sector << cc->iv_gen_private.benbi_shift) + 1);
|
||||
put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64)));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -219,13 +266,18 @@ static struct crypt_iv_operations crypt_iv_essiv_ops = {
|
||||
.generator = crypt_iv_essiv_gen
|
||||
};
|
||||
|
||||
static struct crypt_iv_operations crypt_iv_benbi_ops = {
|
||||
.ctr = crypt_iv_benbi_ctr,
|
||||
.dtr = crypt_iv_benbi_dtr,
|
||||
.generator = crypt_iv_benbi_gen
|
||||
};
|
||||
|
||||
static int
|
||||
crypt_convert_scatterlist(struct crypt_config *cc, struct scatterlist *out,
|
||||
struct scatterlist *in, unsigned int length,
|
||||
int write, sector_t sector)
|
||||
{
|
||||
u8 iv[cc->iv_size];
|
||||
u8 iv[cc->iv_size] __attribute__ ((aligned(__alignof__(u64))));
|
||||
struct blkcipher_desc desc = {
|
||||
.tfm = cc->tfm,
|
||||
.info = iv,
|
||||
@@ -768,7 +820,7 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
|
||||
cc->tfm = tfm;
|
||||
|
||||
/*
|
||||
* Choose ivmode. Valid modes: "plain", "essiv:<esshash>".
|
||||
* Choose ivmode. Valid modes: "plain", "essiv:<esshash>", "benbi".
|
||||
* See comments at iv code
|
||||
*/
|
||||
|
||||
@@ -778,6 +830,8 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
|
||||
cc->iv_gen_ops = &crypt_iv_plain_ops;
|
||||
else if (strcmp(ivmode, "essiv") == 0)
|
||||
cc->iv_gen_ops = &crypt_iv_essiv_ops;
|
||||
else if (strcmp(ivmode, "benbi") == 0)
|
||||
cc->iv_gen_ops = &crypt_iv_benbi_ops;
|
||||
else {
|
||||
ti->error = "Invalid IV mode";
|
||||
goto bad2;
|
||||
|
||||
Reference in New Issue
Block a user