From patchwork Fri Jun 21 08:09:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167366 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp418471ilk; Fri, 21 Jun 2019 01:09:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqwUayAubbaT5bBVpoTpTpIJfenzl89S/KodmTxoobb86pIgOWczm+MfkfPEMRDgQDDHtdYh X-Received: by 2002:a17:902:6902:: with SMTP id j2mr57697740plk.321.1561104579747; Fri, 21 Jun 2019 01:09:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561104579; cv=none; d=google.com; s=arc-20160816; b=aOwNYOajj/Ls2vwuxxZDvF29vTu8lDl+pRsdPbaJVbsxxsadffaBvjSRkSoboWnneX tFaxBYOtD16IXqyXgNrXXI/n+vjLhoON5WFEPIcMj1iVOxffwQEgNnbE6QeLDaJl1rjs ATS/o9ReWeHU2H0yoXp2Bd1Zj3cV8aHVNy6JoldZXvU/DHHbUkoj/H1WIUCwvbdrcOGy hST48GoX3KciUloHnvbv54XfzU0Yp6gkm0EqvxG7r2vbFtar4yRZvI2gc4ToiQhW+TJd u0g7dPDQJyxKNOAqtAk8GTgtPLC1nrZp7mgNxhSVVG0/hwCYRUvRSE3qVm5chcgOYmOj y0BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:reply-to:references:in-reply-to :message-id:date:subject:cc:to:from; bh=/uKKjInkWp1PaGyDaXp46+5uod5ONIxK+i4fieupQyY=; b=dluoQtbxB6/IgW2EZiy40iKutERZeEJCatt32auz9lS/Jg/puw7HrbzEVWRqvNPSnW 59z9IUY7MOICPpCqvzBalPiqwDr/Yr0cHxXS/YeTri1jTG2ecszn4FNPFiHpaOzbIQzO PObk8MeGRypQdJ8B6r8vFAh4BfPbUDCswKA+0O32b46bC2FkhXykui8GhHABx89qISuL zEHtDNGkfDXIEvS1cdPkcJ72BZmv0zPPQGSsR7x9IEoYhtr6/2NyUsI5ALt8ZefKfYRY a8HLNAAxhCb8+P3jep8fDpX7rl0oMXc2Ec6qxLezzAYlu3ZObv9kn2+3fS7+X+KZ+nbp lIew== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f63si2062053plf.224.2019.06.21.01.09.39; Fri, 21 Jun 2019 01:09:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726338AbfFUIJj (ORCPT + 3 others); Fri, 21 Jun 2019 04:09:39 -0400 Received: from foss.arm.com ([217.140.110.172]:49760 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726030AbfFUIJi (ORCPT ); Fri, 21 Jun 2019 04:09:38 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 33D40EBD; Fri, 21 Jun 2019 01:09:38 -0700 (PDT) Received: from e111045-lin.arm.com (unknown [10.37.10.16]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 86EC93F246; Fri, 21 Jun 2019 01:09:36 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , Eric Biggers , dm-devel@redhat.com, linux-fscrypt@vger.kernel.org, Gilad Ben-Yossef , Milan Broz Subject: [PATCH v4 3/6] md: dm-crypt: infer ESSIV block cipher from cipher string directly Date: Fri, 21 Jun 2019 10:09:15 +0200 Message-Id: <20190621080918.22809-4-ard.biesheuvel@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190621080918.22809-1-ard.biesheuvel@arm.com> References: <20190621080918.22809-1-ard.biesheuvel@arm.com> Reply-To: ard.biesheuvel@linaro.org Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Ard Biesheuvel Instead of allocating a crypto skcipher tfm 'foo' and attempting to infer the encapsulated block cipher from the driver's 'name' field, directly parse the string that we used to allocated the tfm. These are always identical (unless the allocation failed, in which case we bail anyway), but using the string allows us to use it in the allocation, which is something we will need when switching to the 'essiv' crypto API template. Signed-off-by: Ard Biesheuvel --- drivers/md/dm-crypt.c | 35 +++++++++----------- 1 file changed, 15 insertions(+), 20 deletions(-) -- 2.17.1 diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index 1b16d34bb785..f001f1104cb5 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -2321,25 +2321,17 @@ static int crypt_ctr_ivmode(struct dm_target *ti, const char *ivmode) * The cc->cipher is currently used only in ESSIV. * This should be probably done by crypto-api calls (once available...) */ -static int crypt_ctr_blkdev_cipher(struct crypt_config *cc) +static int crypt_ctr_blkdev_cipher(struct crypt_config *cc, char *alg_name) { - const char *alg_name = NULL; char *start, *end; if (crypt_integrity_aead(cc)) { - alg_name = crypto_tfm_alg_name(crypto_aead_tfm(any_tfm_aead(cc))); - if (!alg_name) - return -EINVAL; if (crypt_integrity_hmac(cc)) { alg_name = strchr(alg_name, ','); if (!alg_name) return -EINVAL; } alg_name++; - } else { - alg_name = crypto_tfm_alg_name(crypto_skcipher_tfm(any_tfm(cc))); - if (!alg_name) - return -EINVAL; } start = strchr(alg_name, '('); @@ -2434,6 +2426,20 @@ static int crypt_ctr_cipher_new(struct dm_target *ti, char *cipher_in, char *key if (*ivmode && !strcmp(*ivmode, "lmk")) cc->tfms_count = 64; + if (crypt_integrity_aead(cc)) { + ret = crypt_ctr_auth_cipher(cc, cipher_api); + if (ret < 0) { + ti->error = "Invalid AEAD cipher spec"; + return -ENOMEM; + } + } + + ret = crypt_ctr_blkdev_cipher(cc, cipher_api); + if (ret < 0) { + ti->error = "Cannot allocate cipher string"; + return -ENOMEM; + } + cc->key_parts = cc->tfms_count; /* Allocate cipher */ @@ -2445,21 +2451,10 @@ static int crypt_ctr_cipher_new(struct dm_target *ti, char *cipher_in, char *key /* Alloc AEAD, can be used only in new format. */ if (crypt_integrity_aead(cc)) { - ret = crypt_ctr_auth_cipher(cc, cipher_api); - if (ret < 0) { - ti->error = "Invalid AEAD cipher spec"; - return -ENOMEM; - } cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc)); } else cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc)); - ret = crypt_ctr_blkdev_cipher(cc); - if (ret < 0) { - ti->error = "Cannot allocate cipher string"; - return -ENOMEM; - } - return 0; }