The patch titled ecryptfs: more elegant AES key size manipulation has been removed from the -mm tree. Its filename is ecryptfs-more-elegant-aes-key-size-manipulation.patch This patch was dropped because it was folded into ecryptfs-fs-makefile-and-fs-kconfig.patch ------------------------------------------------------ Subject: ecryptfs: more elegant AES key size manipulation From: Mike Halcrow <mhalcrow@xxxxxxxxxx> Move logic to deal with AES special cases into the function that performs string to cipher code mapping. Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx> DESC ecryptfs-more-elegant-aes-key-size-manipulation-tidy EDESC - braces are useful - Dont' open-code ARRAY_SIZE() Cc: Michael Halcrow <mhalcrow@xxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxx> --- fs/ecryptfs/crypto.c | 36 ++++++++++++++++++++++---------- fs/ecryptfs/ecryptfs_kernel.h | 2 - fs/ecryptfs/keystore.c | 21 ------------------ 3 files changed, 27 insertions(+), 32 deletions(-) diff -puN fs/ecryptfs/crypto.c~ecryptfs-more-elegant-aes-key-size-manipulation fs/ecryptfs/crypto.c --- a/fs/ecryptfs/crypto.c~ecryptfs-more-elegant-aes-key-size-manipulation +++ a/fs/ecryptfs/crypto.c @@ -1059,16 +1059,32 @@ ecryptfs_cipher_code_str_map[] = { * * Returns zero on no match, or the cipher code on match */ -u16 ecryptfs_code_for_cipher_string(char *str) +u16 ecryptfs_code_for_cipher_string(struct ecryptfs_crypt_stat *crypt_stat) { int i; - - for (i = 0; i < (sizeof(ecryptfs_cipher_code_str_map) - / sizeof(struct ecryptfs_cipher_code_str_map_elem)); - i++) - if (strcmp(str, ecryptfs_cipher_code_str_map[i].cipher_str)==0) - return ecryptfs_cipher_code_str_map[i].cipher_code; - return 0; + u16 code = 0; + struct ecryptfs_cipher_code_str_map_elem *map = + ecryptfs_cipher_code_str_map; + + if (strcmp(crypt_stat->cipher, "aes") == 0) { + switch (crypt_stat->key_size) { + case 16: + code = RFC2440_CIPHER_AES_128; + break; + case 24: + code = RFC2440_CIPHER_AES_192; + break; + case 32: + code = RFC2440_CIPHER_AES_256; + } + } else { + for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) + if (strcmp(crypt_stat->cipher, map[i].cipher_str) == 0){ + code = map[i].cipher_code; + break; + } + } + return code; } /** @@ -1084,9 +1100,7 @@ int ecryptfs_cipher_code_to_string(char int i; str[0] = '\0'; - for (i = 0; i < (sizeof(ecryptfs_cipher_code_str_map) - / sizeof(struct ecryptfs_cipher_code_str_map_elem)); - i++) + for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code) strcpy(str, ecryptfs_cipher_code_str_map[i].cipher_str); if (str[0] == '\0') { diff -puN fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-more-elegant-aes-key-size-manipulation fs/ecryptfs/ecryptfs_kernel.h --- a/fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-more-elegant-aes-key-size-manipulation +++ a/fs/ecryptfs/ecryptfs_kernel.h @@ -439,7 +439,7 @@ int ecryptfs_new_file_context(struct den int contains_ecryptfs_marker(char *data); int ecryptfs_read_header_region(char *data, struct dentry *dentry, struct nameidata *nd); -u16 ecryptfs_code_for_cipher_string(char *str); +u16 ecryptfs_code_for_cipher_string(struct ecryptfs_crypt_stat *crypt_stat); int ecryptfs_cipher_code_to_string(char *str, u16 cipher_code); void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat); int ecryptfs_generate_key_packet_set(char *dest_base, diff -puN fs/ecryptfs/keystore.c~ecryptfs-more-elegant-aes-key-size-manipulation fs/ecryptfs/keystore.c --- a/fs/ecryptfs/keystore.c~ecryptfs-more-elegant-aes-key-size-manipulation +++ a/fs/ecryptfs/keystore.c @@ -923,32 +923,13 @@ encrypted_session_key_set: } (*packet_size) += packet_size_length; dest[(*packet_size)++] = 0x04; /* version 4 */ - cipher_code = ecryptfs_code_for_cipher_string(crypt_stat->cipher); + cipher_code = ecryptfs_code_for_cipher_string(crypt_stat); if (cipher_code == 0) { ecryptfs_printk(KERN_WARNING, "Unable to generate code for " "cipher [%s]\n", crypt_stat->cipher); rc = -EINVAL; goto out; } - /* If it is AES, we need to get more specific. */ - if (cipher_code == RFC2440_CIPHER_AES_128){ - switch (crypt_stat->key_size) { - case 16: - break; - case 24: - cipher_code = RFC2440_CIPHER_AES_192; - break; - case 32: - cipher_code = RFC2440_CIPHER_AES_256; - break; - default: - rc = -EINVAL; - ecryptfs_printk(KERN_WARNING, "Unsupported AES key " - "size: [%d]\n", - crypt_stat->key_size); - goto out; - } - } dest[(*packet_size)++] = cipher_code; dest[(*packet_size)++] = 0x03; /* S2K */ dest[(*packet_size)++] = 0x01; /* MD5 (TODO: parameterize) */ _ Patches currently in -mm which might be from mhalcrow@xxxxxxxxxx are origin.patch ecryptfs-fs-makefile-and-fs-kconfig.patch ecryptfs-more-elegant-aes-key-size-manipulation.patch ecryptfs-more-intelligent-use-of-tfm-objects.patch ecryptfs-remove-debugging-cruft.patch ecryptfs-get_sb_dev-fix.patch ecryptfs-validate-minimum-header-extent-size.patch ecryptfs-validate-body-size.patch ecryptfs-validate-packet-length-prior-to-parsing-add-comments.patch ecryptfs-use-the-passed-in-max-value-as-the-upper-bound.patch ecryptfs-change-the-maximum-size-check-when-writing-header.patch ecryptfs-print-the-actual-option-that-is-problematic.patch ecryptfs-add-a-maintainers-entry.patch ecryptfs-partial-signed-integer-to-size_t-conversion-updated-ii.patch ecryptfs-graceful-handling-of-mount-error.patch ecryptfs-fix-printk-format-warnings.patch ecryptfs-associate-vfsmount-with-dentry-rather-than-superblock.patch ecryptfs-mntput-lower-mount-on-umount_begin.patch vfs-make-filldir_t-and-struct-kstat-deal-in-64-bit-inode-numbers-ecryptfs.patch make-kmem_cache_destroy-return-void-ecryptfs.patch ecryptfs-inode-numbering-fixes.patch ecryptfs-versioning-fixes.patch ecryptfs-versioning-fixes-tidy.patch ecryptfs-grab-lock-on-lower_page-in-ecryptfs_sync_page.patch ecryptfs-enable-plaintext-passthrough.patch - To unsubscribe from this list: send the line "unsubscribe mm-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html