On 2/27/22 23:05, Eric Biggers wrote:
-static u8 blank_key[BLK_CRYPTO_MAX_KEY_SIZE];
+static u8 blank_key[BLK_CRYPTO_MAX_STANDARD_KEY_SIZE];
static void blk_crypto_fallback_evict_keyslot(unsigned int slot)
{
@@ -539,7 +539,7 @@ static int blk_crypto_fallback_init(void)
if (blk_crypto_fallback_inited)
return 0;
- prandom_bytes(blank_key, BLK_CRYPTO_MAX_KEY_SIZE);
+ prandom_bytes(blank_key, BLK_CRYPTO_MAX_STANDARD_KEY_SIZE);
Please use sizeof(blank_key) to make it easier for readers to verify that the
length argument is correct.
+int blk_crypto_derive_sw_secret(struct blk_crypto_profile *profile,
+ const u8 *wrapped_key,
+ unsigned int wrapped_key_size,
+ u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])
+{
+ int err = -EOPNOTSUPP;
+
+ if (profile &&
+ (profile->key_types_supported & BLK_CRYPTO_KEY_TYPE_HW_WRAPPED) &&
+ profile->ll_ops.derive_sw_secret) {
+ blk_crypto_hw_enter(profile);
+ err = profile->ll_ops.derive_sw_secret(profile, wrapped_key,
+ wrapped_key_size,
+ sw_secret);
+ blk_crypto_hw_exit(profile);
+ }
+ return err;
+}
Please use the common kernel style: return early if the preconditions have not
been met. That helps to keep the indentation level low.
@@ -68,7 +71,10 @@ static int __init bio_crypt_ctx_init(void)
/* Sanity check that no algorithm exceeds the defined limits. */
for (i = 0; i < BLK_ENCRYPTION_MODE_MAX; i++) {
- BUG_ON(blk_crypto_modes[i].keysize > BLK_CRYPTO_MAX_KEY_SIZE);
+ BUG_ON(blk_crypto_modes[i].keysize >
+ BLK_CRYPTO_MAX_STANDARD_KEY_SIZE);
+ BUG_ON(blk_crypto_modes[i].security_strength >
+ blk_crypto_modes[i].keysize);
BUG_ON(blk_crypto_modes[i].ivsize > BLK_CRYPTO_MAX_IV_SIZE);
}
Does the following advice from Linus Torvalds apply to the above code: "because
there is NO EXCUSE to knowingly kill the kernel"? See also
https://lkml.org/lkml/2016/10/4/1.
Thanks,
Bart.
