| g_eli.c (290406) | g_eli.c (293306) |
|---|---|
| 1/*- 2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 11 unchanged lines hidden (view full) --- 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 11 unchanged lines hidden (view full) --- 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include <sys/cdefs.h> |
| 28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 290406 2015-11-05 17:37:35Z smh $"); | 28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 293306 2016-01-07 05:47:34Z allanjude $"); |
| 29 30#include <sys/param.h> 31#include <sys/systm.h> 32#include <sys/cons.h> 33#include <sys/kernel.h> 34#include <sys/linker.h> 35#include <sys/module.h> 36#include <sys/lock.h> --- 529 unchanged lines hidden (view full) --- 566 if (sc->sc_flags & G_ELI_FLAG_AUTH) 567 g_eli_auth_run(wr, bp); 568 else 569 g_eli_crypto_run(wr, bp); 570 } 571 } 572} 573 | 29 30#include <sys/param.h> 31#include <sys/systm.h> 32#include <sys/cons.h> 33#include <sys/kernel.h> 34#include <sys/linker.h> 35#include <sys/module.h> 36#include <sys/lock.h> --- 529 unchanged lines hidden (view full) --- 566 if (sc->sc_flags & G_ELI_FLAG_AUTH) 567 g_eli_auth_run(wr, bp); 568 else 569 g_eli_crypto_run(wr, bp); 570 } 571 } 572} 573 |
| 574/* 575 * Here we generate IV. It is unique for every sector. 576 */ 577void 578g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv, 579 size_t size) 580{ 581 uint8_t off[8]; 582 583 if ((sc->sc_flags & G_ELI_FLAG_NATIVE_BYTE_ORDER) != 0) 584 bcopy(&offset, off, sizeof(off)); 585 else 586 le64enc(off, (uint64_t)offset); 587 588 switch (sc->sc_ealgo) { 589 case CRYPTO_AES_XTS: 590 bcopy(off, iv, sizeof(off)); 591 bzero(iv + sizeof(off), size - sizeof(off)); 592 break; 593 default: 594 { 595 u_char hash[SHA256_DIGEST_LENGTH]; 596 SHA256_CTX ctx; 597 598 /* Copy precalculated SHA256 context for IV-Key. */ 599 bcopy(&sc->sc_ivctx, &ctx, sizeof(ctx)); 600 SHA256_Update(&ctx, off, sizeof(off)); 601 SHA256_Final(hash, &ctx); 602 bcopy(hash, iv, MIN(sizeof(hash), size)); 603 break; 604 } 605 } 606} 607 | |
| 608int 609g_eli_read_metadata(struct g_class *mp, struct g_provider *pp, 610 struct g_eli_metadata *md) 611{ 612 struct g_geom *gp; 613 struct g_consumer *cp; 614 u_char *buf = NULL; 615 int error; --- 130 unchanged lines hidden (view full) --- 746 * If detach-on-last-close feature is not enabled and we don't operate 747 * on read-only provider, we can simply use g_std_access(). 748 */ 749 if (md->md_flags & (G_ELI_FLAG_WO_DETACH | G_ELI_FLAG_RO)) 750 gp->access = g_eli_access; 751 else 752 gp->access = g_std_access; 753 | 574int 575g_eli_read_metadata(struct g_class *mp, struct g_provider *pp, 576 struct g_eli_metadata *md) 577{ 578 struct g_geom *gp; 579 struct g_consumer *cp; 580 u_char *buf = NULL; 581 int error; --- 130 unchanged lines hidden (view full) --- 712 * If detach-on-last-close feature is not enabled and we don't operate 713 * on read-only provider, we can simply use g_std_access(). 714 */ 715 if (md->md_flags & (G_ELI_FLAG_WO_DETACH | G_ELI_FLAG_RO)) 716 gp->access = g_eli_access; 717 else 718 gp->access = g_std_access; 719 |
| 754 sc->sc_version = md->md_version; 755 sc->sc_inflight = 0; 756 sc->sc_crypto = G_ELI_CRYPTO_UNKNOWN; 757 sc->sc_flags = md->md_flags; 758 /* Backward compatibility. */ 759 if (md->md_version < G_ELI_VERSION_04) 760 sc->sc_flags |= G_ELI_FLAG_NATIVE_BYTE_ORDER; 761 if (md->md_version < G_ELI_VERSION_05) 762 sc->sc_flags |= G_ELI_FLAG_SINGLE_KEY; 763 if (md->md_version < G_ELI_VERSION_06 && 764 (sc->sc_flags & G_ELI_FLAG_AUTH) != 0) { 765 sc->sc_flags |= G_ELI_FLAG_FIRST_KEY; 766 } 767 if (md->md_version < G_ELI_VERSION_07) 768 sc->sc_flags |= G_ELI_FLAG_ENC_IVKEY; 769 sc->sc_ealgo = md->md_ealgo; | 720 eli_metadata_softc(sc, md, bpp->sectorsize, bpp->mediasize); |
| 770 sc->sc_nkey = nkey; 771 | 721 sc->sc_nkey = nkey; 722 |
| 772 if (sc->sc_flags & G_ELI_FLAG_AUTH) { 773 sc->sc_akeylen = sizeof(sc->sc_akey) * 8; 774 sc->sc_aalgo = md->md_aalgo; 775 sc->sc_alen = g_eli_hashlen(sc->sc_aalgo); 776 777 sc->sc_data_per_sector = bpp->sectorsize - sc->sc_alen; 778 /* 779 * Some hash functions (like SHA1 and RIPEMD160) generates hash 780 * which length is not multiple of 128 bits, but we want data 781 * length to be multiple of 128, so we can encrypt without 782 * padding. The line below rounds down data length to multiple 783 * of 128 bits. 784 */ 785 sc->sc_data_per_sector -= sc->sc_data_per_sector % 16; 786 787 sc->sc_bytes_per_sector = 788 (md->md_sectorsize - 1) / sc->sc_data_per_sector + 1; 789 sc->sc_bytes_per_sector *= bpp->sectorsize; 790 } 791 | |
| 792 gp->softc = sc; 793 sc->sc_geom = gp; 794 795 bioq_init(&sc->sc_queue); 796 mtx_init(&sc->sc_queue_mtx, "geli:queue", NULL, MTX_DEF); 797 mtx_init(&sc->sc_ekeys_lock, "geli:ekeys", NULL, MTX_DEF); 798 799 pp = NULL; --- 26 unchanged lines hidden (view full) --- 826 bpp->name, error); 827 } else { 828 G_ELI_DEBUG(1, "Cannot access %s (error=%d).", 829 bpp->name, error); 830 } 831 goto failed; 832 } 833 | 723 gp->softc = sc; 724 sc->sc_geom = gp; 725 726 bioq_init(&sc->sc_queue); 727 mtx_init(&sc->sc_queue_mtx, "geli:queue", NULL, MTX_DEF); 728 mtx_init(&sc->sc_ekeys_lock, "geli:ekeys", NULL, MTX_DEF); 729 730 pp = NULL; --- 26 unchanged lines hidden (view full) --- 757 bpp->name, error); 758 } else { 759 G_ELI_DEBUG(1, "Cannot access %s (error=%d).", 760 bpp->name, error); 761 } 762 goto failed; 763 } 764 |
| 834 sc->sc_sectorsize = md->md_sectorsize; 835 sc->sc_mediasize = bpp->mediasize; 836 if (!(sc->sc_flags & G_ELI_FLAG_ONETIME)) 837 sc->sc_mediasize -= bpp->sectorsize; 838 if (!(sc->sc_flags & G_ELI_FLAG_AUTH)) 839 sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize); 840 else { 841 sc->sc_mediasize /= sc->sc_bytes_per_sector; 842 sc->sc_mediasize *= sc->sc_sectorsize; 843 } 844 | |
| 845 /* 846 * Remember the keys in our softc structure. 847 */ 848 g_eli_mkey_propagate(sc, mkey); | 765 /* 766 * Remember the keys in our softc structure. 767 */ 768 g_eli_mkey_propagate(sc, mkey); |
| 849 sc->sc_ekeylen = md->md_keylen; | |
| 850 851 LIST_INIT(&sc->sc_workers); 852 853 threads = g_eli_threads; 854 if (threads == 0) 855 threads = mp_ncpus; 856 sc->sc_cpubind = (mp_ncpus > 1 && threads == mp_ncpus); 857 for (i = 0; i < threads; i++) { --- 491 unchanged lines hidden --- | 769 770 LIST_INIT(&sc->sc_workers); 771 772 threads = g_eli_threads; 773 if (threads == 0) 774 threads = mp_ncpus; 775 sc->sc_cpubind = (mp_ncpus > 1 && threads == mp_ncpus); 776 for (i = 0; i < threads; i++) { --- 491 unchanged lines hidden --- |