lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240730115838.3507302-5-quic_mdalam@quicinc.com>
Date: Tue, 30 Jul 2024 17:28:36 +0530
From: Md Sadre Alam <quic_mdalam@...cinc.com>
To: axboe@...nel.dk, agk@...hat.com, snitzer@...nel.org, mpatocka@...hat.com,
        adrian.hunter@...el.com, quic_asutoshd@...cinc.com,
        ritesh.list@...il.com, ulf.hansson@...aro.org, andersson@...nel.org,
        konrad.dybcio@...aro.org, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org, dm-devel@...ts.linux.dev,
        linux-mmc@...r.kernel.org, linux-arm-msm@...r.kernel.org,
        quic_viswanat@...cinc.com, quic_srichara@...cinc.com,
        quic_varada@...cinc.com
Cc: quic_mdalam@...cinc.com
Subject: [PATCH 4/6] md: dm-crypt: Add additional algo modes for inline encryption

Add support for AES-XTS-128, AES-CBC-128 and AES-CBC-256 algo
modes for inline encryption.

Signed-off-by: Md Sadre Alam <quic_mdalam@...cinc.com>
---
 drivers/md/dm-crypt.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index c0257d961968..884cf76fc4c6 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -2482,8 +2482,14 @@ static int crypt_select_inline_crypt_mode(struct dm_target *ti, char *cipher,
 {
 	struct crypt_config *cc = ti->private;
 
-	if (strcmp(cipher, "xts(aes)") == 0) {
+	if (strcmp(cipher, "xts(aes128)") == 0) {
+		cc->crypto_mode = BLK_ENCRYPTION_MODE_AES_128_XTS;
+	} else if (strcmp(cipher, "xts(aes256)") == 0) {
 		cc->crypto_mode = BLK_ENCRYPTION_MODE_AES_256_XTS;
+	} else if (strcmp(cipher, "cbc(aes128)") == 0) {
+		cc->crypto_mode = BLK_ENCRYPTION_MODE_AES_128_CBC;
+	} else if (strcmp(cipher, "cbc(aes256)") == 0) {
+		cc->crypto_mode = BLK_ENCRYPTION_MODE_AES_256_CBC;
 	} else {
 		ti->error = "Invalid cipher for inline_crypt";
 		return -EINVAL;
-- 
2.34.1


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ