I have two patches, one for cryptoAPI (current CVS) and one for the Linux kernel (2.4.17). The cryptoapi patch fixes a silly symbol name bug. The patch for the Linux kernel changes the default lo_iv_mode to LO_IV_MODE_SECTOR--otherwise, the patch is just a straightforward port of the patch in cryptoapi/doc in cryptoavi CVS. I noticed that there doesn't seem to be a way to set lo_iv_mode from user-space, not even with a module or kernel command-line parameter. Is this just one of those features that isn't implemented yet, or did I miss something? The patches seem to work: I can swap on an rc6 encrypted partition using the patches, and I can create an ext2 filesystem on an rc6 loopback file, copy some data to it, unmount, losetup -d, losetup -e, mount it again, and _still access the data afterwards_. Whee! This still doesn't completely work for encrypted swap because somebody (who shall remain nameless, but whose name rhymes with socks) seems to have "lost" the kreclaimd kernel thread. I thought I would try to get someone else to look at this before tackling that problem...
? tests/.deps
? tests/Makefile
? tests/Makefile.in
Index: api/cryptoloop.c
===================================================================
RCS file: /cvsroot/cryptoapi/cryptoapi/api/cryptoloop.c,v
retrieving revision 1.4
diff -u -r1.4 cryptoloop.c
--- api/cryptoloop.c 2001/12/14 23:38:49 1.4
+++ api/cryptoloop.c 2001/12/26 21:30:57
@@ -44,7 +44,7 @@
# error you need at least kernel 2.4.3 -- unless you know exacty what you are doing
#endif
-#if !defined(LOOP_IV_SECTOR_SIZE)
+#if !defined(LO_IV_SECTOR_SIZE)
# error you need to to patch your loop.c driver
#endif
@@ -85,10 +85,10 @@
struct cipher_context *cx;
/* encryption breaks for non sector aligned offsets */
- if (info->lo_offset % LOOP_IV_SECTOR_SIZE)
+ if (info->lo_offset % LO_IV_SECTOR_SIZE)
goto out;
- lx->blocksize = LOOP_IV_SECTOR_SIZE;
+ lx->blocksize = LO_IV_SECTOR_SIZE;
lx->debug = 0;
strncpy(cipher, info->lo_name, LO_NAME_SIZE);
@@ -163,7 +163,7 @@
out = raw_buf;
}
- IV /= blocksize / LOOP_IV_SECTOR_SIZE;
+ IV /= blocksize / LO_IV_SECTOR_SIZE;
#if defined(CRYPTOLOOP_DEBUG)
if (lx->debug)
@@ -203,7 +203,7 @@
switch (cmd) {
case CRYPTOLOOP_SET_BLKSIZE:
printk (KERN_DEBUG "cryptoloop: switch to blocksize %d requested\n", *arg_int);
- if (*arg_int >= 0 && (*arg_int % LOOP_IV_SECTOR_SIZE == 0))
+ if (*arg_int >= 0 && (*arg_int % LO_IV_SECTOR_SIZE == 0))
{
lx->blocksize = *arg_int;
err = 0;
--- /home/zblaxell/linux/p3-laptop/kernel-source-2.4.17-zb-p3-laptop-zb2001122605/drivers/block/loop.c Fri Dec 21 12:41:53 2001
+++ drivers/block/loop.c Wed Dec 26 13:59:05 2001
@@ -36,6 +36,9 @@
* Al Viro too.
* Jens Axboe <axboe@xxxxxxx>, Nov 2000
*
+ * Fixed and made IV calculation customizable by lo_iv_mode
+ * Herbert Valerio Riedel <hvr@xxxxxxx>, Apr 2001
+ *
* Still To Fix:
* - Advisory locking is ignored here.
* - Should use an own CAP_* category instead of CAP_SYS_ADMIN
@@ -168,6 +171,43 @@
lo->lo_device);
}
+static inline int loop_get_bs(struct loop_device *lo)
+{
+ int bs = 0;
+
+ if (blksize_size[MAJOR(lo->lo_device)])
+ bs = blksize_size[MAJOR(lo->lo_device)][MINOR(lo->lo_device)];
+ if (!bs)
+ bs = BLOCK_SIZE;
+
+ return bs;
+}
+
+static inline unsigned long loop_get_iv(struct loop_device *lo,
+ unsigned long sector)
+{
+ unsigned long offset, IV;
+ int bs;
+
+ switch (lo->lo_iv_mode) {
+ case LO_IV_MODE_SECTOR:
+ IV = sector + (lo->lo_offset >> LO_IV_SECTOR_BITS);
+ break;
+
+ default:
+ printk (KERN_WARNING "loop: unexpected lo_iv_mode\n");
+ case LO_IV_MODE_DEFAULT:
+ bs = loop_get_bs(lo);
+ IV = sector / (bs >> 9) + lo->lo_offset / bs;
+ offset = ((sector % (bs >> 9)) << 9) + lo->lo_offset % bs;
+ if (offset >= bs)
+ IV++;
+ break;
+ }
+
+ return IV;
+}
+
static int lo_send(struct loop_device *lo, struct buffer_head *bh, int bsize,
loff_t pos)
{
@@ -186,7 +226,7 @@
len = bh->b_size;
data = bh->b_data;
while (len > 0) {
- int IV = index * (PAGE_CACHE_SIZE/bsize) + offset/bsize;
+ unsigned long IV = loop_get_iv(lo, (pos - lo->lo_offset) >> LO_IV_SECTOR_BITS);
int transfer_result;
size = PAGE_CACHE_SIZE - offset;
@@ -244,7 +284,10 @@
unsigned long count = desc->count;
struct lo_read_data *p = (struct lo_read_data*)desc->buf;
struct loop_device *lo = p->lo;
- int IV = page->index * (PAGE_CACHE_SIZE/p->bsize) + offset/p->bsize;
+ unsigned long IV = loop_get_iv(lo,
+ ((page->index << (PAGE_CACHE_SHIFT - LO_IV_SECTOR_BITS))
+ + (offset >> LO_IV_SECTOR_BITS)
+ - (lo->lo_offset >> LO_IV_SECTOR_BITS)));
if (size > count)
size = count;
@@ -284,32 +327,6 @@
return desc.error;
}
-static inline int loop_get_bs(struct loop_device *lo)
-{
- int bs = 0;
-
- if (blksize_size[MAJOR(lo->lo_device)])
- bs = blksize_size[MAJOR(lo->lo_device)][MINOR(lo->lo_device)];
- if (!bs)
- bs = BLOCK_SIZE;
-
- return bs;
-}
-
-static inline unsigned long loop_get_iv(struct loop_device *lo,
- unsigned long sector)
-{
- int bs = loop_get_bs(lo);
- unsigned long offset, IV;
-
- IV = sector / (bs >> 9) + lo->lo_offset / bs;
- offset = ((sector % (bs >> 9)) << 9) + lo->lo_offset % bs;
- if (offset >= bs)
- IV++;
-
- return IV;
-}
-
static int do_bh_filebacked(struct loop_device *lo, struct buffer_head *bh, int rw)
{
loff_t pos;
@@ -677,6 +694,7 @@
lo->lo_backing_file = file;
lo->transfer = NULL;
lo->ioctl = NULL;
+ lo->lo_iv_mode = LO_IV_MODE_SECTOR;
figure_loop_size(lo);
lo->old_gfp_mask = inode->i_mapping->gfp_mask;
inode->i_mapping->gfp_mask = GFP_NOIO;
Attachment:
pgp00079.pgp
Description: PGP signature
