Deleted Added
sdiff udiff text old ( 213062 ) new ( 213067 )
full compact
28c28
< __FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 213062 2010-09-23 11:19:48Z pjd $");
---
> __FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 213067 2010-09-23 11:49:47Z pjd $");
377a378,405
> * Select encryption key. If G_ELI_FLAG_SINGLE_KEY is present we only have one
> * key available for all the data. If the flag is not present select the key
> * based on data offset.
> */
> uint8_t *
> g_eli_crypto_key(struct g_eli_softc *sc, off_t offset, size_t blocksize)
> {
> u_int nkey;
>
> if (sc->sc_nekeys == 1)
> return (sc->sc_ekeys[0]);
>
> KASSERT(sc->sc_nekeys > 1, ("%s: sc_nekeys=%u", __func__,
> sc->sc_nekeys));
> KASSERT((sc->sc_flags & G_ELI_FLAG_SINGLE_KEY) == 0,
> ("%s: SINGLE_KEY flag set, but sc_nekeys=%u", __func__,
> sc->sc_nekeys));
>
> /* We switch key every 2^G_ELI_KEY_SHIFT blocks. */
> nkey = (offset >> G_ELI_KEY_SHIFT) / blocksize;
>
> KASSERT(nkey < sc->sc_nekeys, ("%s: nkey=%u >= sc_nekeys=%u", __func__,
> nkey, sc->sc_nekeys));
>
> return (sc->sc_ekeys[nkey]);
> }
>
> /*
550a579,580
> if (md->md_version < 5)
> sc->sc_flags |= G_ELI_FLAG_SINGLE_KEY;
553,557d582
< /*
< * Remember the keys in our softc structure.
< */
< g_eli_mkey_propagate(sc, mkey);
< sc->sc_ekeylen = md->md_keylen;
587,594d611
< /*
< * Precalculate SHA256 for IV generation.
< * This is expensive operation and we can do it only once now or for
< * every access to sector, so now will be much better.
< */
< SHA256_Init(&sc->sc_ivctx);
< SHA256_Update(&sc->sc_ivctx, sc->sc_ivkey, sizeof(sc->sc_ivkey));
<
635a653,677
> sc->sc_sectorsize = md->md_sectorsize;
> sc->sc_mediasize = bpp->mediasize;
> if (!(sc->sc_flags & G_ELI_FLAG_ONETIME))
> sc->sc_mediasize -= bpp->sectorsize;
> if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
> sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize);
> else {
> sc->sc_mediasize /= sc->sc_bytes_per_sector;
> sc->sc_mediasize *= sc->sc_sectorsize;
> }
>
> /*
> * Remember the keys in our softc structure.
> */
> g_eli_mkey_propagate(sc, mkey);
> sc->sc_ekeylen = md->md_keylen;
>
> /*
> * Precalculate SHA256 for IV generation.
> * This is expensive operation and we can do it only once now or for
> * every access to sector, so now will be much better.
> */
> SHA256_Init(&sc->sc_ivctx);
> SHA256_Update(&sc->sc_ivctx, sc->sc_ivkey, sizeof(sc->sc_ivkey));
>
641c683
< crie.cri_key = sc->sc_ekey;
---
> crie.cri_key = sc->sc_ekeys[0];
718,727c760,761
< pp->sectorsize = md->md_sectorsize;
< pp->mediasize = bpp->mediasize;
< if (!(sc->sc_flags & G_ELI_FLAG_ONETIME))
< pp->mediasize -= bpp->sectorsize;
< if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
< pp->mediasize -= (pp->mediasize % pp->sectorsize);
< else {
< pp->mediasize /= sc->sc_bytes_per_sector;
< pp->mediasize *= pp->sectorsize;
< }
---
> pp->mediasize = sc->sc_mediasize;
> pp->sectorsize = sc->sc_sectorsize;
757a792,796
> if (sc->sc_ekeys != NULL) {
> bzero(sc->sc_ekeys,
> sc->sc_nekeys * (sizeof(uint8_t *) + G_ELI_DATAKEYLEN));
> free(sc->sc_ekeys, M_ELI);
> }
796a836,838
> bzero(sc->sc_ekeys,
> sc->sc_nekeys * (sizeof(uint8_t *) + G_ELI_DATAKEYLEN));
> free(sc->sc_ekeys, M_ELI);
1044a1087
> ADD_FLAG(G_ELI_FLAG_SINGLE_KEY, "SINGLE-KEY");