From patchwork Wed Jan  9 10:57:14 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Milan Broz <gmazyland@gmail.com>
X-Patchwork-Id: 10753857
X-Patchwork-Delegate: snitzer@redhat.com
Return-Path: <dm-devel-bounces@redhat.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id ADEF06C2
	for <patchwork-dm-devel@patchwork.kernel.org>;
 Wed,  9 Jan 2019 10:57:36 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 99E7028DFC
	for <patchwork-dm-devel@patchwork.kernel.org>;
 Wed,  9 Jan 2019 10:57:36 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 8CBA428E6F; Wed,  9 Jan 2019 10:57:36 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No,
 score=-7.7 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 24CB828DFC
	for <patchwork-dm-devel@patchwork.kernel.org>;
 Wed,  9 Jan 2019 10:57:36 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 20289804E4;
	Wed,  9 Jan 2019 10:57:34 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id B657E27CA3;
	Wed,  9 Jan 2019 10:57:33 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id BCC8C3F7CD;
	Wed,  9 Jan 2019 10:57:32 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x09AvV3d011498 for <dm-devel@listman.util.phx.redhat.com>;
	Wed, 9 Jan 2019 05:57:31 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 0D38C60C67; Wed,  9 Jan 2019 10:57:31 +0000 (UTC)
Delivered-To: dm-devel@redhat.com
Received: from mx1.redhat.com (ext-mx07.extmail.prod.ext.phx2.redhat.com
	[10.5.110.31])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 51BAA6714D;
	Wed,  9 Jan 2019 10:57:22 +0000 (UTC)
Received: from mail-wm1-f65.google.com (mail-wm1-f65.google.com
	[209.85.128.65])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id D6714C070147;
	Wed,  9 Jan 2019 10:57:20 +0000 (UTC)
Received: by mail-wm1-f65.google.com with SMTP id f81so7661451wmd.4;
	Wed, 09 Jan 2019 02:57:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=mo+Ec41jNjjKbTSxbb0nyPPmHSEDRK6vOZPjxoLI+Lg=;
	b=qu71uhEEmYpj6ojSMIzZmdEo570SbNFhUHNBOuuzJQmrj1481dIeJX4RSxD1BtnzyA
	gW19oPWofedqKxPW7QGVI+tCWC989hGHL3R4xWLv2TsIc08dPLrS8+g65+x1CfWyPCCB
	DBY9bTov/qs7WoR99onpzwt+Se2xi4Dwt/lfCXq3A7YP1zJZesKb1pXascaZpSPpqmW8
	J9bOUbnCzwsbtLt0qu+KgxYDdho2wtUgBhcGsUJmIQ7rak31n9DZ0CxeaChFnqi34DF8
	UapJf4oEbEoq/o+mNGLoU57B9sAjGheqdoXCNBGsPL44jkRGI7yMzrOCOvf3JDfp/FRq
	xR6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=mo+Ec41jNjjKbTSxbb0nyPPmHSEDRK6vOZPjxoLI+Lg=;
	b=PgoZgXxaZOOLUHthpeRdJVzPt1gcptkMTe7t7mFuc6P0FcQwwPw6NZuJph0px8t29e
	QvMN50CAjVoEI9TBvV8gqJlXRyHyaRt8uNXpQdyL3tq9xpZF9//4RrHcgjPrp78QF0Vu
	4SpW5mtkUW/8IbPhEx0g/3lGWhU0nNoCq0b1/zZqSGTd0m/xI5d+PmoUfubTxNWOMxyI
	YwFRfrtWnmeJkFhWYwQc1DyT3Kab2rUus18bzKA+B62SyHSlHWk34FEfbbxOJ3ue+e2J
	efzFN6VAodQXaQVtzYRKKY9+Ta5+u5E91mjiTsrwYd9VglfY7gC/RounWkTUzZquzMoo
	RQng==
X-Gm-Message-State: AJcUukc3QJiLQNnvC0YTv5JlWzC5iCZMrPcg/wseEhnvvS5rupdLQl36
	haNyiiuj9W94x1yCk3X+NfOsGs2g
X-Google-Smtp-Source: 
 ALg8bN5kmIuWH3FhtjgRFe3WnYhpZtdWAsI3FIc6MjRj6TVtA4nMz/17tKmIBUppOdBoKsHblfZawg==
X-Received: by 2002:a1c:ca15:: with SMTP id a21mr4775235wmg.132.1547031439135;
	Wed, 09 Jan 2019 02:57:19 -0800 (PST)
Received: from merlot.mazyland.net
	(dynamic-2a00-1028-8d1c-8c9e-b33d-9d5e-0500-19b7.ipv6.broadband.iol.cz.
	[2a00:1028:8d1c:8c9e:b33d:9d5e:500:19b7])
	by smtp.googlemail.com with ESMTPSA id
	f137sm11495930wmg.29.2019.01.09.02.57.17
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Wed, 09 Jan 2019 02:57:18 -0800 (PST)
From: Milan Broz <gmazyland@gmail.com>
To: dm-devel@redhat.com
Date: Wed,  9 Jan 2019 11:57:14 +0100
Message-Id: <20190109105714.3606-1-gmazyland@gmail.com>
MIME-Version: 1.0
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.31]);
	Wed, 09 Jan 2019 10:57:21 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com
 [10.5.110.31]);
	Wed, 09 Jan 2019 10:57:21 +0000 (UTC) for IP:'209.85.128.65'
	DOMAIN:'mail-wm1-f65.google.com' HELO:'mail-wm1-f65.google.com'
	FROM:'gmazyland@gmail.com' RCPT:''
X-RedHat-Spam-Score: -0.111  (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU,
	FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,
	SPF_PASS) 209.85.128.65 mail-wm1-f65.google.com 209.85.128.65
	mail-wm1-f65.google.com <gmazyland@gmail.com>
X-Scanned-By: MIMEDefang 2.78 on 10.5.110.31
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: dm-devel@redhat.com
Cc: mpatocka@redhat.com, Milan Broz <gmazyland@gmail.com>, snitzer@redhat.com
Subject: [dm-devel] [PATCH] dm-crypt: Fix parsing of extended IV arguments.
X-BeenThere: dm-devel@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: device-mapper development <dm-devel.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/dm-devel>,
	<mailto:dm-devel-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/dm-devel>
List-Post: <mailto:dm-devel@redhat.com>
List-Help: <mailto:dm-devel-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/dm-devel>,
	<mailto:dm-devel-request@redhat.com?subject=subscribe>
Sender: dm-devel-bounces@redhat.com
Errors-To: dm-devel-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Wed, 09 Jan 2019 10:57:35 +0000 (UTC)
X-Virus-Scanned: ClamAV using ClamSMTP

The dm-crypt cipher specification in a mapping table is defined as
  cipher[:keycount]-chainmode-ivmode[:ivopts] or with the new crypt API format
  capi:cipher_api_spec-ivmode[:ivopts].

For ESSIV, the parameter includes hash specification, for example aes-cbc-essiv:sha256.

The implementation expected that additional IV option never includes another dash '-' character

Unfortunately, with SHA3, we have now names like sha3-256, so the mapping table parser fails:

dmsetup create test --table "0 8 crypt aes-cbc-essiv:sha3-256 9c1185a5c5e9fc54612808977ee8f5b9e 0 /dev/sdb 0"
  or (new format)
dmsetup create test --table "0 8 crypt capi:cbc(aes)-essiv:sha3-256 9c1185a5c5e9fc54612808977ee8f5b9e 0 /dev/sdb 0"

  device-mapper: crypt: Ignoring unexpected additional cipher options
  device-mapper: table: 253:0: crypt: Error creating IV
  device-mapper: ioctl: error adding target to table

This patch fixes the dm-crypt constructor to ignore additional dash in IV options and also removes
bogus warning (that is ignored anyway).

[This patch should go into stable tree as well.]

Signed-off-by: Milan Broz <gmazyland@gmail.com>
---
 drivers/md/dm-crypt.c | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 0ff22159a0ca..71bfb85f9652 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -2414,9 +2414,21 @@ static int crypt_ctr_cipher_new(struct dm_target *ti, char *cipher_in, char *key
 	 * capi:cipher_api_spec-iv:ivopts
 	 */
 	tmp = &cipher_in[strlen("capi:")];
-	cipher_api = strsep(&tmp, "-");
-	*ivmode = strsep(&tmp, ":");
-	*ivopts = tmp;
+
+	/* Separate IV options if present, it can contain another '-' in hash name */
+	*ivopts = strrchr(tmp, ':');
+	if (*ivopts) {
+		**ivopts = '\0';
+		(*ivopts)++;
+	}
+	/* Parse IV mode */
+	*ivmode = strrchr(tmp, '-');
+	if (*ivmode) {
+		**ivmode = '\0';
+		(*ivmode)++;
+	}
+	/* The rest is crypto API spec */
+	cipher_api = tmp;
 
 	if (*ivmode && !strcmp(*ivmode, "lmk"))
 		cc->tfms_count = 64;
@@ -2486,11 +2498,8 @@ static int crypt_ctr_cipher_old(struct dm_target *ti, char *cipher_in, char *key
 		goto bad_mem;
 
 	chainmode = strsep(&tmp, "-");
-	*ivopts = strsep(&tmp, "-");
-	*ivmode = strsep(&*ivopts, ":");
-
-	if (tmp)
-		DMWARN("Ignoring unexpected additional cipher options");
+	*ivmode   = strsep(&tmp, ":");
+	*ivopts = tmp;
 
 	/*
 	 * For compatibility with the original dm-crypt mapping format, if