Message ID | 02d08ca67a4ec88cee61446d6b330c2945b5588f.1703482349.git.yong.huang@smartx.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Support generic Luks encryption | expand |
On Mon, Dec 25, 2023 at 01:45:07PM +0800, Hyman Huang wrote: > Set the payload_offset_sector to a value that is nearly never reached > in order to mark it as invalid and indicate that 0 should be the offset > of the read/write operation on the 'file' protocol blockdev node. > > Signed-off-by: Hyman Huang <yong.huang@smartx.com> > --- > crypto/block-luks.c | 41 +++++++++++++++++++++++++++++++---------- > 1 file changed, 31 insertions(+), 10 deletions(-) > > diff --git a/crypto/block-luks.c b/crypto/block-luks.c > index fb01ec38bb..48443ffcae 100644 > --- a/crypto/block-luks.c > +++ b/crypto/block-luks.c > @@ -34,6 +34,8 @@ > > #include "qemu/bitmap.h" > > +#define INVALID_SECTOR_OFFSET UINT32_MAX > + > /* > * Reference for the LUKS format implemented here is > * > @@ -136,6 +138,13 @@ struct QCryptoBlockLUKS { > }; > > > +static inline uint32_t > +qcrypto_block_luks_payload_offset(uint32_t sector) > +{ > + return sector == INVALID_SECTOR_OFFSET ? 0 : > + sector * QCRYPTO_BLOCK_LUKS_SECTOR_SIZE; > +} > + > static int qcrypto_block_luks_cipher_name_lookup(const char *name, > QCryptoCipherMode mode, > uint32_t key_bytes, > @@ -1255,8 +1264,8 @@ qcrypto_block_luks_open(QCryptoBlock *block, > } > > block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE; > - block->payload_offset = luks->header.payload_offset_sector * > - block->sector_size; > + block->payload_offset = > + qcrypto_block_luks_payload_offset(luks->header.payload_offset_sector); > > return 0; > > @@ -1529,16 +1538,28 @@ qcrypto_block_luks_create(QCryptoBlock *block, > slot->stripes = QCRYPTO_BLOCK_LUKS_STRIPES; > } > > - /* The total size of the LUKS headers is the partition header + key > - * slot headers, rounded up to the nearest sector, combined with > - * the size of each master key material region, also rounded up > - * to the nearest sector */ > - luks->header.payload_offset_sector = header_sectors + > - QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS * split_key_sectors; > + if (block->detached_header) { > + /* > + * Set the payload_offset_sector to a value that is nearly never > + * reached in order to mark it as invalid and indicate that 0 should > + * be the offset of the read/write operation on the 'file' protocol > + * blockdev node. Here the UINT32_MAX is choosed > + */ > + luks->header.payload_offset_sector = INVALID_SECTOR_OFFSET; We should be setting payload offset to 0 when using a detached header to match behaviour of 'cryptsetup' tools. > + } else { > + /* > + * The total size of the LUKS headers is the partition header + key > + * slot headers, rounded up to the nearest sector, combined with > + * the size of each master key material region, also rounded up > + * to the nearest sector > + */ > + luks->header.payload_offset_sector = header_sectors + > + QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS * split_key_sectors; > + } > > block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE; > - block->payload_offset = luks->header.payload_offset_sector * > - block->sector_size; > + block->payload_offset = > + qcrypto_block_luks_payload_offset(luks->header.payload_offset_sector); > > /* Reserve header space to match payload offset */ > initfunc(block, block->payload_offset, opaque, &local_err); > -- > 2.39.1 > With regards, Daniel
diff --git a/crypto/block-luks.c b/crypto/block-luks.c index fb01ec38bb..48443ffcae 100644 --- a/crypto/block-luks.c +++ b/crypto/block-luks.c @@ -34,6 +34,8 @@ #include "qemu/bitmap.h" +#define INVALID_SECTOR_OFFSET UINT32_MAX + /* * Reference for the LUKS format implemented here is * @@ -136,6 +138,13 @@ struct QCryptoBlockLUKS { }; +static inline uint32_t +qcrypto_block_luks_payload_offset(uint32_t sector) +{ + return sector == INVALID_SECTOR_OFFSET ? 0 : + sector * QCRYPTO_BLOCK_LUKS_SECTOR_SIZE; +} + static int qcrypto_block_luks_cipher_name_lookup(const char *name, QCryptoCipherMode mode, uint32_t key_bytes, @@ -1255,8 +1264,8 @@ qcrypto_block_luks_open(QCryptoBlock *block, } block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE; - block->payload_offset = luks->header.payload_offset_sector * - block->sector_size; + block->payload_offset = + qcrypto_block_luks_payload_offset(luks->header.payload_offset_sector); return 0; @@ -1529,16 +1538,28 @@ qcrypto_block_luks_create(QCryptoBlock *block, slot->stripes = QCRYPTO_BLOCK_LUKS_STRIPES; } - /* The total size of the LUKS headers is the partition header + key - * slot headers, rounded up to the nearest sector, combined with - * the size of each master key material region, also rounded up - * to the nearest sector */ - luks->header.payload_offset_sector = header_sectors + - QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS * split_key_sectors; + if (block->detached_header) { + /* + * Set the payload_offset_sector to a value that is nearly never + * reached in order to mark it as invalid and indicate that 0 should + * be the offset of the read/write operation on the 'file' protocol + * blockdev node. Here the UINT32_MAX is choosed + */ + luks->header.payload_offset_sector = INVALID_SECTOR_OFFSET; + } else { + /* + * The total size of the LUKS headers is the partition header + key + * slot headers, rounded up to the nearest sector, combined with + * the size of each master key material region, also rounded up + * to the nearest sector + */ + luks->header.payload_offset_sector = header_sectors + + QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS * split_key_sectors; + } block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE; - block->payload_offset = luks->header.payload_offset_sector * - block->sector_size; + block->payload_offset = + qcrypto_block_luks_payload_offset(luks->header.payload_offset_sector); /* Reserve header space to match payload offset */ initfunc(block, block->payload_offset, opaque, &local_err);
Set the payload_offset_sector to a value that is nearly never reached in order to mark it as invalid and indicate that 0 should be the offset of the read/write operation on the 'file' protocol blockdev node. Signed-off-by: Hyman Huang <yong.huang@smartx.com> --- crypto/block-luks.c | 41 +++++++++++++++++++++++++++++++---------- 1 file changed, 31 insertions(+), 10 deletions(-)