[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs
From: |
Kevin Wolf |
Subject: |
[Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs |
Date: |
Fri, 6 Oct 2017 17:54:13 +0200 |
From: "Daniel P. Berrange" <address@hidden>
While current encryption schemes all have a fixed sector size of
512 bytes, this is not guaranteed to be the case in future. Expose
the sector size in the APIs so the block layer can remove assumptions
about fixed 512 byte sectors.
Reviewed-by: Max Reitz <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Message-id: address@hidden
Signed-off-by: Max Reitz <address@hidden>
---
crypto/blockpriv.h | 1 +
include/crypto/block.h | 15 +++++++++++++++
crypto/block-luks.c | 6 ++++--
crypto/block-qcow.c | 1 +
crypto/block.c | 6 ++++++
5 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
index 0edb810e22..d227522d88 100644
--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -36,6 +36,7 @@ struct QCryptoBlock {
QCryptoHashAlgorithm kdfhash;
size_t niv;
uint64_t payload_offset; /* In bytes */
+ uint64_t sector_size; /* In bytes */
};
struct QCryptoBlockDriver {
diff --git a/include/crypto/block.h b/include/crypto/block.h
index f0e543bee1..13232b2472 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -241,6 +241,21 @@ QCryptoHashAlgorithm
qcrypto_block_get_kdf_hash(QCryptoBlock *block);
uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block);
/**
+ * qcrypto_block_get_sector_size:
+ * @block: the block encryption object
+ *
+ * Get the size of sectors used for payload encryption. A new
+ * IV is used at the start of each sector. The encryption
+ * sector size is not required to match the sector size of the
+ * underlying storage. For example LUKS will always use a 512
+ * byte sector size, even if the volume is on a disk with 4k
+ * sectors.
+ *
+ * Returns: the sector in bytes
+ */
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block);
+
+/**
* qcrypto_block_free:
* @block: the block encryption object
*
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 36bc856084..a9062bb0f2 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -846,8 +846,9 @@ qcrypto_block_luks_open(QCryptoBlock *block,
}
}
+ block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
block->payload_offset = luks->header.payload_offset *
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ block->sector_size;
luks->cipher_alg = cipheralg;
luks->cipher_mode = ciphermode;
@@ -1240,8 +1241,9 @@ qcrypto_block_luks_create(QCryptoBlock *block,
QCRYPTO_BLOCK_LUKS_SECTOR_SIZE)) *
QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS);
+ block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
block->payload_offset = luks->header.payload_offset *
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ block->sector_size;
/* Reserve header space to match payload offset */
initfunc(block, block->payload_offset, opaque, &local_err);
diff --git a/crypto/block-qcow.c b/crypto/block-qcow.c
index a456fe338b..4dd594a9ba 100644
--- a/crypto/block-qcow.c
+++ b/crypto/block-qcow.c
@@ -80,6 +80,7 @@ qcrypto_block_qcow_init(QCryptoBlock *block,
goto fail;
}
+ block->sector_size = QCRYPTO_BLOCK_QCOW_SECTOR_SIZE;
block->payload_offset = 0;
return 0;
diff --git a/crypto/block.c b/crypto/block.c
index c382393d9a..a7a9ad240e 100644
--- a/crypto/block.c
+++ b/crypto/block.c
@@ -170,6 +170,12 @@ uint64_t qcrypto_block_get_payload_offset(QCryptoBlock
*block)
}
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block)
+{
+ return block->sector_size;
+}
+
+
void qcrypto_block_free(QCryptoBlock *block)
{
if (!block) {
--
2.13.6
- [Qemu-devel] [PULL 28/54] qemu-iotests: do not include common.rc in "check", (continued)
- [Qemu-devel] [PULL 28/54] qemu-iotests: do not include common.rc in "check", Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 33/54] block: Introduce BdrvChildRole.update_filename, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 39/54] block: Uniform handling of 0-length bdrv_get_block_status(), Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 35/54] qemu-iotests: Allow QMP pretty printing in common.qemu, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 34/54] commit: Support multiple roots above top node, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 32/54] qemu-iotests: merge "check" and "common", Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 38/54] qemu-io: Add -C for opening with copy-on-read, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 37/54] commit: Remove overlay_bs, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 40/54] iotests: Restore stty settings on completion, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 46/54] block: fix data type casting for crypto payload offset, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs,
Kevin Wolf <=
- [Qemu-devel] [PULL 41/54] block: Add blkdebug hook for copy-on-read, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 42/54] block: Perform copy-on-read in loop, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 44/54] block: use 1 MB bounce buffers for crypto instead of 16KB, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 36/54] qemu-iotests: Test commit block job where top has two parents, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 43/54] iotests: Add test 197 for covering copy-on-read, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 47/54] block: convert crypto driver to bdrv_co_preadv|pwritev, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 50/54] block/mirror: check backing in bdrv_mirror_top_refresh_filename, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 48/54] block: convert qcrypto_block_encrypt|decrypt to take bytes offset, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 51/54] iotests: Fix 195 if IMGFMT is part of TEST_DIR, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 49/54] block: support passthrough of BDRV_REQ_FUA in crypto driver, Kevin Wolf, 2017/10/06