aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2017-09-27 13:53:36 +0100
committerMax Reitz <mreitz@redhat.com>2017-10-06 16:30:47 +0200
commit850f49de9b57511dcaf2cd7e45059f8f38fadf3b (patch)
tree497e5c335910bdaa9a01d3fcc74eecdd344d986f
parent161253e2d0a83a1b33bca019c6e926013e1a03db (diff)
downloadqemu-850f49de9b57511dcaf2cd7e45059f8f38fadf3b.zip
qemu-850f49de9b57511dcaf2cd7e45059f8f38fadf3b.tar.gz
qemu-850f49de9b57511dcaf2cd7e45059f8f38fadf3b.tar.bz2
crypto: expose encryption sector size in APIs
While current encryption schemes all have a fixed sector size of 512 bytes, this is not guaranteed to be the case in future. Expose the sector size in the APIs so the block layer can remove assumptions about fixed 512 byte sectors. Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170927125340.12360-3-berrange@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
-rw-r--r--crypto/block-luks.c6
-rw-r--r--crypto/block-qcow.c1
-rw-r--r--crypto/block.c6
-rw-r--r--crypto/blockpriv.h1
-rw-r--r--include/crypto/block.h15
5 files changed, 27 insertions, 2 deletions
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 36bc856..a9062bb 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -846,8 +846,9 @@ qcrypto_block_luks_open(QCryptoBlock *block,
}
}
+ block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
block->payload_offset = luks->header.payload_offset *
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ block->sector_size;
luks->cipher_alg = cipheralg;
luks->cipher_mode = ciphermode;
@@ -1240,8 +1241,9 @@ qcrypto_block_luks_create(QCryptoBlock *block,
QCRYPTO_BLOCK_LUKS_SECTOR_SIZE)) *
QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS);
+ block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
block->payload_offset = luks->header.payload_offset *
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ block->sector_size;
/* Reserve header space to match payload offset */
initfunc(block, block->payload_offset, opaque, &local_err);
diff --git a/crypto/block-qcow.c b/crypto/block-qcow.c
index a456fe3..4dd594a 100644
--- a/crypto/block-qcow.c
+++ b/crypto/block-qcow.c
@@ -80,6 +80,7 @@ qcrypto_block_qcow_init(QCryptoBlock *block,
goto fail;
}
+ block->sector_size = QCRYPTO_BLOCK_QCOW_SECTOR_SIZE;
block->payload_offset = 0;
return 0;
diff --git a/crypto/block.c b/crypto/block.c
index c382393..a7a9ad2 100644
--- a/crypto/block.c
+++ b/crypto/block.c
@@ -170,6 +170,12 @@ uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block)
}
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block)
+{
+ return block->sector_size;
+}
+
+
void qcrypto_block_free(QCryptoBlock *block)
{
if (!block) {
diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
index 0edb810..d227522 100644
--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -36,6 +36,7 @@ struct QCryptoBlock {
QCryptoHashAlgorithm kdfhash;
size_t niv;
uint64_t payload_offset; /* In bytes */
+ uint64_t sector_size; /* In bytes */
};
struct QCryptoBlockDriver {
diff --git a/include/crypto/block.h b/include/crypto/block.h
index f0e543b..13232b2 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -241,6 +241,21 @@ QCryptoHashAlgorithm qcrypto_block_get_kdf_hash(QCryptoBlock *block);
uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block);
/**
+ * qcrypto_block_get_sector_size:
+ * @block: the block encryption object
+ *
+ * Get the size of sectors used for payload encryption. A new
+ * IV is used at the start of each sector. The encryption
+ * sector size is not required to match the sector size of the
+ * underlying storage. For example LUKS will always use a 512
+ * byte sector size, even if the volume is on a disk with 4k
+ * sectors.
+ *
+ * Returns: the sector in bytes
+ */
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block);
+
+/**
* qcrypto_block_free:
* @block: the block encryption object
*