Loading drivers/md/dm-default-key.c +38 −4 Original line number Diff line number Diff line Loading @@ -137,14 +137,29 @@ static int default_key_ctr_optional(struct dm_target *ti, return 0; } void default_key_adjust_sector_size_and_iv(char **argv, struct dm_target *ti, struct default_key_c **dkc) static void default_key_adjust_sector_size_and_iv(char **argv, struct dm_target *ti, struct default_key_c **dkc, u8 *raw, u32 size, bool is_legacy) { struct dm_dev *dev; int i; union { u8 bytes[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE]; u32 words[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE / sizeof(u32)]; } key_new; dev = (*dkc)->dev; if (!strcmp(argv[0], "AES-256-XTS")) { if (is_legacy) { memcpy(key_new.bytes, raw, size); for (i = 0; i < ARRAY_SIZE(key_new.words); i++) __cpu_to_be32s(&key_new.words[i]); memcpy(raw, key_new.bytes, size); if (ti->len & (((*dkc)->sector_size >> SECTOR_SHIFT) - 1)) (*dkc)->sector_size = SECTOR_SIZE; Loading @@ -171,6 +186,24 @@ static int default_key_ctr(struct dm_target *ti, unsigned int argc, char **argv) unsigned long long tmpll; char dummy; int err; char *_argv[10]; bool is_legacy = false; if (argc >= 4 && !strcmp(argv[0], "AES-256-XTS")) { argc = 0; _argv[argc++] = "aes-xts-plain64"; _argv[argc++] = argv[1]; _argv[argc++] = "0"; _argv[argc++] = argv[2]; _argv[argc++] = argv[3]; _argv[argc++] = "3"; _argv[argc++] = "allow_discards"; _argv[argc++] = "sector_size:4096"; _argv[argc++] = "iv_large_sectors"; _argv[argc] = NULL; argv = _argv; is_legacy = true; } if (argc < 5) { ti->error = "Not enough arguments"; Loading Loading @@ -245,7 +278,8 @@ static int default_key_ctr(struct dm_target *ti, unsigned int argc, char **argv) goto bad; } default_key_adjust_sector_size_and_iv(argv, ti, &dkc); default_key_adjust_sector_size_and_iv(argv, ti, &dkc, raw_key, raw_key_size, is_legacy); dkc->sector_bits = ilog2(dkc->sector_size); if (ti->len & ((dkc->sector_size >> SECTOR_SHIFT) - 1)) { Loading drivers/soc/qcom/crypto-qti-tz.c +12 −1 Original line number Diff line number Diff line Loading @@ -35,10 +35,21 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry, uint32_t smc_id = 0; char *tzbuf = NULL; struct scm_desc desc = {0}; int i; union { u8 bytes[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE]; u32 words[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE / sizeof(u32)]; } key_new; tzbuf = ice_buffer; memcpy(tzbuf, key->raw, key->size); memcpy(key_new.bytes, key->raw, key->size); if (!key->is_hw_wrapped) { for (i = 0; i < ARRAY_SIZE(key_new.words); i++) __cpu_to_be32s(&key_new.words[i]); } memcpy(tzbuf, key_new.bytes, key->size); dmac_flush_range(tzbuf, tzbuf + key->size); smc_id = TZ_ES_CONFIG_SET_ICE_KEY_ID; Loading fs/crypto/keysetup_v1.c +11 −1 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ #include <keys/user-type.h> #include <linux/hashtable.h> #include <linux/scatterlist.h> #include <linux/bio-crypt-ctx.h> #include "fscrypt_private.h" Loading Loading @@ -268,14 +269,23 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci, { u8 *derived_key; int err; int i; union { u8 bytes[FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE]; u32 words[FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE / sizeof(u32)]; } key_new; /*Support legacy ice based content encryption mode*/ if ((fscrypt_policy_contents_mode(&ci->ci_policy) == FSCRYPT_MODE_PRIVATE) && fscrypt_using_inline_encryption(ci)) { memcpy(key_new.bytes, raw_master_key, ci->ci_mode->keysize); for (i = 0; i < ARRAY_SIZE(key_new.words); i++) __cpu_to_be32s(&key_new.words[i]); err = fscrypt_prepare_inline_crypt_key(&ci->ci_key, raw_master_key, key_new.bytes, ci->ci_mode->keysize, false, ci); Loading fs/crypto/policy.c +4 −0 Original line number Diff line number Diff line Loading @@ -43,6 +43,10 @@ static bool fscrypt_valid_enc_modes(u32 contents_mode, u32 filenames_mode) filenames_mode == FSCRYPT_MODE_ADIANTUM) return true; if (contents_mode == FSCRYPT_MODE_PRIVATE && filenames_mode == FSCRYPT_MODE_AES_256_CTS) return true; return false; } Loading Loading
drivers/md/dm-default-key.c +38 −4 Original line number Diff line number Diff line Loading @@ -137,14 +137,29 @@ static int default_key_ctr_optional(struct dm_target *ti, return 0; } void default_key_adjust_sector_size_and_iv(char **argv, struct dm_target *ti, struct default_key_c **dkc) static void default_key_adjust_sector_size_and_iv(char **argv, struct dm_target *ti, struct default_key_c **dkc, u8 *raw, u32 size, bool is_legacy) { struct dm_dev *dev; int i; union { u8 bytes[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE]; u32 words[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE / sizeof(u32)]; } key_new; dev = (*dkc)->dev; if (!strcmp(argv[0], "AES-256-XTS")) { if (is_legacy) { memcpy(key_new.bytes, raw, size); for (i = 0; i < ARRAY_SIZE(key_new.words); i++) __cpu_to_be32s(&key_new.words[i]); memcpy(raw, key_new.bytes, size); if (ti->len & (((*dkc)->sector_size >> SECTOR_SHIFT) - 1)) (*dkc)->sector_size = SECTOR_SIZE; Loading @@ -171,6 +186,24 @@ static int default_key_ctr(struct dm_target *ti, unsigned int argc, char **argv) unsigned long long tmpll; char dummy; int err; char *_argv[10]; bool is_legacy = false; if (argc >= 4 && !strcmp(argv[0], "AES-256-XTS")) { argc = 0; _argv[argc++] = "aes-xts-plain64"; _argv[argc++] = argv[1]; _argv[argc++] = "0"; _argv[argc++] = argv[2]; _argv[argc++] = argv[3]; _argv[argc++] = "3"; _argv[argc++] = "allow_discards"; _argv[argc++] = "sector_size:4096"; _argv[argc++] = "iv_large_sectors"; _argv[argc] = NULL; argv = _argv; is_legacy = true; } if (argc < 5) { ti->error = "Not enough arguments"; Loading Loading @@ -245,7 +278,8 @@ static int default_key_ctr(struct dm_target *ti, unsigned int argc, char **argv) goto bad; } default_key_adjust_sector_size_and_iv(argv, ti, &dkc); default_key_adjust_sector_size_and_iv(argv, ti, &dkc, raw_key, raw_key_size, is_legacy); dkc->sector_bits = ilog2(dkc->sector_size); if (ti->len & ((dkc->sector_size >> SECTOR_SHIFT) - 1)) { Loading
drivers/soc/qcom/crypto-qti-tz.c +12 −1 Original line number Diff line number Diff line Loading @@ -35,10 +35,21 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry, uint32_t smc_id = 0; char *tzbuf = NULL; struct scm_desc desc = {0}; int i; union { u8 bytes[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE]; u32 words[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE / sizeof(u32)]; } key_new; tzbuf = ice_buffer; memcpy(tzbuf, key->raw, key->size); memcpy(key_new.bytes, key->raw, key->size); if (!key->is_hw_wrapped) { for (i = 0; i < ARRAY_SIZE(key_new.words); i++) __cpu_to_be32s(&key_new.words[i]); } memcpy(tzbuf, key_new.bytes, key->size); dmac_flush_range(tzbuf, tzbuf + key->size); smc_id = TZ_ES_CONFIG_SET_ICE_KEY_ID; Loading
fs/crypto/keysetup_v1.c +11 −1 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ #include <keys/user-type.h> #include <linux/hashtable.h> #include <linux/scatterlist.h> #include <linux/bio-crypt-ctx.h> #include "fscrypt_private.h" Loading Loading @@ -268,14 +269,23 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci, { u8 *derived_key; int err; int i; union { u8 bytes[FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE]; u32 words[FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE / sizeof(u32)]; } key_new; /*Support legacy ice based content encryption mode*/ if ((fscrypt_policy_contents_mode(&ci->ci_policy) == FSCRYPT_MODE_PRIVATE) && fscrypt_using_inline_encryption(ci)) { memcpy(key_new.bytes, raw_master_key, ci->ci_mode->keysize); for (i = 0; i < ARRAY_SIZE(key_new.words); i++) __cpu_to_be32s(&key_new.words[i]); err = fscrypt_prepare_inline_crypt_key(&ci->ci_key, raw_master_key, key_new.bytes, ci->ci_mode->keysize, false, ci); Loading
fs/crypto/policy.c +4 −0 Original line number Diff line number Diff line Loading @@ -43,6 +43,10 @@ static bool fscrypt_valid_enc_modes(u32 contents_mode, u32 filenames_mode) filenames_mode == FSCRYPT_MODE_ADIANTUM) return true; if (contents_mode == FSCRYPT_MODE_PRIVATE && filenames_mode == FSCRYPT_MODE_AES_256_CTS) return true; return false; } Loading
