From patchwork Fri Jun 28 15:21:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168101 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3831962ilk; Fri, 28 Jun 2019 08:21:28 -0700 (PDT) X-Google-Smtp-Source: APXvYqx+xKJyEBQM9W/rEDUvvBjP4asxrTrDyWi6gYCHYRTbEwvx7ctGqEbJ8hzDkj0yik9gh15f X-Received: by 2002:a17:90a:d983:: with SMTP id d3mr13681142pjv.88.1561735288531; Fri, 28 Jun 2019 08:21:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561735288; cv=none; d=google.com; s=arc-20160816; b=sdPYyIljLlgZ/MKRGam8dL4aQjMoSK5AteGdBhuTPrBCZG4ZrkLWbTFisrbCCvdPVR nk+FO3CKdH53P4gDs744P3GKnxK5TZfqdu8EYUrER/4wZ7/cdsrHUXlbKqwCQ9uYTK9T P0IlOQgy62eSmQXY9Xv0TTvJHOgIGeBWV7fnuWZSBT8KYb9k/V5oy06vtOQIc9bhTEfH MNoPCd6zYWs1Ju1omkEJQz8oXfa6my/qg8FhphsiqgSuB+iStYKn4PEBYzR+7cUxqM7u Rr5hUgPuKVaW/9MhgPLJHLIDiw+04JSHkyopmZcpuxS7WnrcxwwNvZQgjdbuzNhwe5BB lUbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=qsECSzDwZmZWjunZWkZ4/sxN9oyV7lbTfmYWPWEtO7o=; b=BWocj/QZ3hwb8yUpazDdN+KIWduauOdE5eDRvwPhPyIvKYb4gi8Rxf/UAHDfL6oaVq j1RE7XQL2Kb0vV4senLU5Tatv2bs748YlZgyrieaQ8oT1ekwbHoYoVVvv0u1BBvd5Xfe 2hZ+EGKXv4ZkqThz1EJJOBRftMBY6nI2nfiia70n5gqcMOPTznNC8Q6x8M9upAYDCnyl CWxU8MW0YamgcUv8TM3ZGmxbsaujB5+TWu+LFTVYHEM239omqHReEEsxJPxNhpLXO0wG 9tMBcf/1Qiy0eofmgySOs6b0bY717DgsJK0tEtzmZDnXitAMamHie+CxCbOKNwvyzJyz ql/w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=o+7yKEDq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d6si1097884pjc.7.2019.06.28.08.21.28; Fri, 28 Jun 2019 08:21:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=o+7yKEDq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726750AbfF1PV1 (ORCPT + 3 others); Fri, 28 Jun 2019 11:21:27 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:53010 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726773AbfF1PV1 (ORCPT ); Fri, 28 Jun 2019 11:21:27 -0400 Received: by mail-wm1-f65.google.com with SMTP id s3so9484550wms.2 for ; Fri, 28 Jun 2019 08:21:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=qsECSzDwZmZWjunZWkZ4/sxN9oyV7lbTfmYWPWEtO7o=; b=o+7yKEDqtEK1l4oK+b/ES4RAAsXKsIEa21cEXJi2IgiwlDivOuMtbO/jaDNKKwI8Kz USDlJ6axNNDcAuaZtXM1OLo/Rvtz7Ho0Ad26n5jk13Nk0xkDxokRlRCLrfUaVxjpyKA3 j093/r9Y1qEUeq7oY1Bmg59tDpUa0hQ+c8zyUeBYeWmBuyWPOdS9GEG1whhy3QscQWha qeL+g7AiXTmu85hd87LL+MEnUrxgncuVMfpLkXoiO4E8vWvZxRoCUjX5Q1I0FQJHCZJm szFfXdAYW4Ky1PuhipEvmhnAeskMN2TlnPNcyDfcqG1JpEEYI6s0jpYi8JR1IN1jexpj tlOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=qsECSzDwZmZWjunZWkZ4/sxN9oyV7lbTfmYWPWEtO7o=; b=tqTy0l7J/1huEQDIde9k32ogv6h6PcV61unkoM7uVU4iqurIg2KCwQmwSUEzgoy7Lq +Tb/6/OfIlmH0l551Qjas/nFslk8TgKAXHNaTo5rBfgD+PX5b87+oz3pyJ3zPV9I4EyC afBFUlC5ycp97CBuEoKwmFCeVH/Ibow6uV9mZgG3IUjLssZ40xftJ16pCaFA7xeDz3E7 unPZkNNBvEQVH2hCshBFJrF3LNQK0fCVjSWZV7pVcu9LFkR81HuYottLKIFBJrEc+swH J6uXzAhAmGIVCrDA83Itk3vNx0t/A9MnJe67yLz88TVWpc/XNyb8yC9JfNG3CZgY3pAD 9dcQ== X-Gm-Message-State: APjAAAV/un6Uh/nHRkXgMV4Ft26GG6kzBaB4qdlP1a272ZsNCgrbfd/c 4JEZjAHnrUcJ5Hkli0xJYSoEZPB2MBM= X-Received: by 2002:a7b:cd84:: with SMTP id y4mr7676832wmj.79.1561735285257; Fri, 28 Jun 2019 08:21:25 -0700 (PDT) Received: from localhost.localdomain (91-167-84-221.subs.proxad.net. [91.167.84.221]) by smtp.gmail.com with ESMTPSA id u13sm2734319wrq.62.2019.06.28.08.21.24 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 08:21:24 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , Eric Biggers , dm-devel@redhat.com, linux-fscrypt@vger.kernel.org, Gilad Ben-Yossef , Milan Broz Subject: [PATCH v6 3/7] md: dm-crypt: infer ESSIV block cipher from cipher string directly Date: Fri, 28 Jun 2019 17:21:08 +0200 Message-Id: <20190628152112.914-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628152112.914-1-ard.biesheuvel@linaro.org> References: <20190628152112.914-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Instead of allocating a crypto skcipher tfm 'foo' and attempting to infer the encapsulated block cipher from the driver's 'name' field, directly parse the string that we used to allocated the tfm. These are always identical (unless the allocation failed, in which case we bail anyway), but using the string allows us to use it in the allocation, which is something we will need when switching to the 'essiv' crypto API template. Signed-off-by: Ard Biesheuvel --- drivers/md/dm-crypt.c | 35 +++++++++----------- 1 file changed, 15 insertions(+), 20 deletions(-) -- 2.20.1 Reviewed-by: Milan Broz diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index 1b16d34bb785..f001f1104cb5 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -2321,25 +2321,17 @@ static int crypt_ctr_ivmode(struct dm_target *ti, const char *ivmode) * The cc->cipher is currently used only in ESSIV. * This should be probably done by crypto-api calls (once available...) */ -static int crypt_ctr_blkdev_cipher(struct crypt_config *cc) +static int crypt_ctr_blkdev_cipher(struct crypt_config *cc, char *alg_name) { - const char *alg_name = NULL; char *start, *end; if (crypt_integrity_aead(cc)) { - alg_name = crypto_tfm_alg_name(crypto_aead_tfm(any_tfm_aead(cc))); - if (!alg_name) - return -EINVAL; if (crypt_integrity_hmac(cc)) { alg_name = strchr(alg_name, ','); if (!alg_name) return -EINVAL; } alg_name++; - } else { - alg_name = crypto_tfm_alg_name(crypto_skcipher_tfm(any_tfm(cc))); - if (!alg_name) - return -EINVAL; } start = strchr(alg_name, '('); @@ -2434,6 +2426,20 @@ static int crypt_ctr_cipher_new(struct dm_target *ti, char *cipher_in, char *key if (*ivmode && !strcmp(*ivmode, "lmk")) cc->tfms_count = 64; + if (crypt_integrity_aead(cc)) { + ret = crypt_ctr_auth_cipher(cc, cipher_api); + if (ret < 0) { + ti->error = "Invalid AEAD cipher spec"; + return -ENOMEM; + } + } + + ret = crypt_ctr_blkdev_cipher(cc, cipher_api); + if (ret < 0) { + ti->error = "Cannot allocate cipher string"; + return -ENOMEM; + } + cc->key_parts = cc->tfms_count; /* Allocate cipher */ @@ -2445,21 +2451,10 @@ static int crypt_ctr_cipher_new(struct dm_target *ti, char *cipher_in, char *key /* Alloc AEAD, can be used only in new format. */ if (crypt_integrity_aead(cc)) { - ret = crypt_ctr_auth_cipher(cc, cipher_api); - if (ret < 0) { - ti->error = "Invalid AEAD cipher spec"; - return -ENOMEM; - } cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); } else cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); - ret = crypt_ctr_blkdev_cipher(cc); - if (ret < 0) { - ti->error = "Cannot allocate cipher string"; - return -ENOMEM; - } - return 0; }