summaryrefslogtreecommitdiff
path: root/fs/ext4/crypto.c
diff options
context:
space:
mode:
authorTheodore Ts'o <tytso@mit.edu>2015-05-18 20:16:47 +0300
committerTheodore Ts'o <tytso@mit.edu>2015-05-18 20:16:47 +0300
commite2881b1b51d871a72911faf2fc7e090655940506 (patch)
tree07bc66d72cc03479c98b7b63edb53f1fa4069383 /fs/ext4/crypto.c
parentd229959072eba40e1c2a4f53f8af17f1e770eb66 (diff)
downloadlinux-e2881b1b51d871a72911faf2fc7e090655940506.tar.xz
ext4 crypto: separate kernel and userspace structure for the key
Use struct ext4_encryption_key only for the master key passed via the kernel keyring. For internal kernel space users, we now use struct ext4_crypt_info. This will allow us to put information from the policy structure so we can cache it and avoid needing to constantly looking up the extended attribute. We will do this in a spearate patch. This patch is mostly mechnical to make it easier for patch review. Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ext4/crypto.c')
-rw-r--r--fs/ext4/crypto.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c
index 8ff15273ab0c..918200ed9bf8 100644
--- a/fs/ext4/crypto.c
+++ b/fs/ext4/crypto.c
@@ -118,7 +118,7 @@ struct ext4_crypto_ctx *ext4_get_crypto_ctx(struct inode *inode)
struct ext4_crypto_ctx *ctx = NULL;
int res = 0;
unsigned long flags;
- struct ext4_encryption_key *key = &EXT4_I(inode)->i_encryption_key;
+ struct ext4_crypt_info *ci = &EXT4_I(inode)->i_crypt_info;
if (!ext4_read_workqueue)
ext4_init_crypto();
@@ -152,14 +152,14 @@ struct ext4_crypto_ctx *ext4_get_crypto_ctx(struct inode *inode)
/* Allocate a new Crypto API context if we don't already have
* one or if it isn't the right mode. */
- BUG_ON(key->mode == EXT4_ENCRYPTION_MODE_INVALID);
- if (ctx->tfm && (ctx->mode != key->mode)) {
+ BUG_ON(ci->ci_mode == EXT4_ENCRYPTION_MODE_INVALID);
+ if (ctx->tfm && (ctx->mode != ci->ci_mode)) {
crypto_free_tfm(ctx->tfm);
ctx->tfm = NULL;
ctx->mode = EXT4_ENCRYPTION_MODE_INVALID;
}
if (!ctx->tfm) {
- switch (key->mode) {
+ switch (ci->ci_mode) {
case EXT4_ENCRYPTION_MODE_AES_256_XTS:
ctx->tfm = crypto_ablkcipher_tfm(
crypto_alloc_ablkcipher("xts(aes)", 0, 0));
@@ -177,9 +177,9 @@ struct ext4_crypto_ctx *ext4_get_crypto_ctx(struct inode *inode)
ctx->tfm = NULL;
goto out;
}
- ctx->mode = key->mode;
+ ctx->mode = ci->ci_mode;
}
- BUG_ON(key->size != ext4_encryption_key_size(key->mode));
+ BUG_ON(ci->ci_size != ext4_encryption_key_size(ci->ci_mode));
/* There shouldn't be a bounce page attached to the crypto
* context at this point. */
@@ -322,7 +322,7 @@ static int ext4_page_crypto(struct ext4_crypto_ctx *ctx,
int res = 0;
BUG_ON(!ctx->tfm);
- BUG_ON(ctx->mode != ei->i_encryption_key.mode);
+ BUG_ON(ctx->mode != ei->i_crypt_info.ci_mode);
if (ctx->mode != EXT4_ENCRYPTION_MODE_AES_256_XTS) {
printk_ratelimited(KERN_ERR
@@ -334,8 +334,8 @@ static int ext4_page_crypto(struct ext4_crypto_ctx *ctx,
crypto_ablkcipher_clear_flags(atfm, ~0);
crypto_tfm_set_flags(ctx->tfm, CRYPTO_TFM_REQ_WEAK_KEY);
- res = crypto_ablkcipher_setkey(atfm, ei->i_encryption_key.raw,
- ei->i_encryption_key.size);
+ res = crypto_ablkcipher_setkey(atfm, ei->i_crypt_info.ci_raw,
+ ei->i_crypt_info.ci_size);
if (res) {
printk_ratelimited(KERN_ERR
"%s: crypto_ablkcipher_setkey() failed\n",