diff options
| author | Milan Broz | 2017-03-16 15:39:39 +0100 |
|---|---|---|
| committer | Mike Snitzer | 2017-03-24 20:54:19 +0100 |
| commit | e889f97a3e35a4e8f48ebc04c27031ca8805aa7e (patch) | |
| tree | c9e5b7a96a83ffadf3363f8f42bb75162f93946a /drivers/md/dm-crypt.c | |
| parent | dm crypt: add cryptographic data integrity protection (authenticated encryption) (diff) | |
| download | kernel-qcow2-linux-e889f97a3e35a4e8f48ebc04c27031ca8805aa7e.tar.gz kernel-qcow2-linux-e889f97a3e35a4e8f48ebc04c27031ca8805aa7e.tar.xz kernel-qcow2-linux-e889f97a3e35a4e8f48ebc04c27031ca8805aa7e.zip | |
dm crypt: factor IV constructor out to separate function
No functional change.
Signed-off-by: Milan Broz <gmazyland@gmail.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Diffstat (limited to 'drivers/md/dm-crypt.c')
| -rw-r--r-- | drivers/md/dm-crypt.c | 130 |
1 files changed, 69 insertions, 61 deletions
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index e8e570d000f6..aa0aca1aea79 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -2196,6 +2196,73 @@ static void crypt_dtr(struct dm_target *ti) kzfree(cc); } +static int crypt_ctr_ivmode(struct dm_target *ti, const char *ivmode) +{ + struct crypt_config *cc = ti->private; + + if (crypt_integrity_mode(cc)) + cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); + else + cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); + + if (crypt_integrity_hmac(cc)) { + cc->authenc_key = kmalloc(crypt_authenckey_size(cc), GFP_KERNEL); + if (!cc->authenc_key) { + ti->error = "Error allocating authenc key space"; + return -ENOMEM; + } + } + + if (cc->iv_size) + /* at least a 64 bit sector number should fit in our buffer */ + cc->iv_size = max(cc->iv_size, + (unsigned int)(sizeof(u64) / sizeof(u8))); + else if (ivmode) { + DMWARN("Selected cipher does not support IVs"); + ivmode = NULL; + } + + /* Choose ivmode, see comments at iv code. */ + if (ivmode == NULL) + cc->iv_gen_ops = NULL; + else if (strcmp(ivmode, "plain") == 0) + cc->iv_gen_ops = &crypt_iv_plain_ops; + else if (strcmp(ivmode, "plain64") == 0) + cc->iv_gen_ops = &crypt_iv_plain64_ops; + else if (strcmp(ivmode, "essiv") == 0) + cc->iv_gen_ops = &crypt_iv_essiv_ops; + else if (strcmp(ivmode, "benbi") == 0) + cc->iv_gen_ops = &crypt_iv_benbi_ops; + else if (strcmp(ivmode, "null") == 0) + cc->iv_gen_ops = &crypt_iv_null_ops; + else if (strcmp(ivmode, "lmk") == 0) { + cc->iv_gen_ops = &crypt_iv_lmk_ops; + /* + * Version 2 and 3 is recognised according + * to length of provided multi-key string. + * If present (version 3), last key is used as IV seed. + * All keys (including IV seed) are always the same size. + */ + if (cc->key_size % cc->key_parts) { + cc->key_parts++; + cc->key_extra_size = cc->key_size / cc->key_parts; + } + } else if (strcmp(ivmode, "tcw") == 0) { + cc->iv_gen_ops = &crypt_iv_tcw_ops; + cc->key_parts += 2; /* IV + whitening */ + cc->key_extra_size = cc->iv_size + TCW_WHITENING_SIZE; + } else if (strcmp(ivmode, "random") == 0) { + cc->iv_gen_ops = &crypt_iv_random_ops; + /* Need storage space in integrity fields. */ + cc->integrity_iv_size = cc->iv_size; + } else { + ti->error = "Invalid IV mode"; + return -EINVAL; + } + + return 0; +} + static int crypt_ctr_cipher(struct dm_target *ti, char *cipher_in, char *key) { @@ -2205,7 +2272,6 @@ static int crypt_ctr_cipher(struct dm_target *ti, int ret = -EINVAL; char dummy; - /* Convert to crypto api definition? */ if (strchr(cipher_in, '(')) { ti->error = "Bad cipher specification"; return -EINVAL; @@ -2276,67 +2342,9 @@ static int crypt_ctr_cipher(struct dm_target *ti, } /* Initialize IV */ - if (crypt_integrity_mode(cc)) - cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); - else - cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); - - if (crypt_integrity_hmac(cc)) { - cc->authenc_key = kmalloc(crypt_authenckey_size(cc), GFP_KERNEL); - if (!cc->authenc_key) { - ret = -ENOMEM; - ti->error = "Error allocating authenc key space"; - goto bad; - } - } - - if (cc->iv_size) - /* at least a 64 bit sector number should fit in our buffer */ - cc->iv_size = max(cc->iv_size, - (unsigned int)(sizeof(u64) / sizeof(u8))); - else if (ivmode) { - DMWARN("Selected cipher does not support IVs"); - ivmode = NULL; - } - - /* Choose ivmode, see comments at iv code. */ - if (ivmode == NULL) - cc->iv_gen_ops = NULL; - else if (strcmp(ivmode, "plain") == 0) - cc->iv_gen_ops = &crypt_iv_plain_ops; - else if (strcmp(ivmode, "plain64") == 0) - cc->iv_gen_ops = &crypt_iv_plain64_ops; - else if (strcmp(ivmode, "essiv") == 0) - cc->iv_gen_ops = &crypt_iv_essiv_ops; - else if (strcmp(ivmode, "benbi") == 0) - cc->iv_gen_ops = &crypt_iv_benbi_ops; - else if (strcmp(ivmode, "null") == 0) - cc->iv_gen_ops = &crypt_iv_null_ops; - else if (strcmp(ivmode, "lmk") == 0) { - cc->iv_gen_ops = &crypt_iv_lmk_ops; - /* - * Version 2 and 3 is recognised according - * to length of provided multi-key string. - * If present (version 3), last key is used as IV seed. - * All keys (including IV seed) are always the same size. - */ - if (cc->key_size % cc->key_parts) { - cc->key_parts++; - cc->key_extra_size = cc->key_size / cc->key_parts; - } - } else if (strcmp(ivmode, "tcw") == 0) { - cc->iv_gen_ops = &crypt_iv_tcw_ops; - cc->key_parts += 2; /* IV + whitening */ - cc->key_extra_size = cc->iv_size + TCW_WHITENING_SIZE; - } else if (strcmp(ivmode, "random") == 0) { - cc->iv_gen_ops = &crypt_iv_random_ops; - /* Need storage space in integrity fields. */ - cc->integrity_iv_size = cc->iv_size; - } else { - ret = -EINVAL; - ti->error = "Invalid IV mode"; + ret = crypt_ctr_ivmode(ti, ivmode); + if (ret < 0) goto bad; - } /* Initialize and set key */ ret = crypt_set_key(cc, key); |