eCryptfs: set inode key only once per crypto operation
There is no need to keep re-setting the same key for any given eCryptfs inode. This patch optimizes the use of the crypto API and helps performance a bit. Signed-off-by: Trevor Highland <trevor.highland@gmail.com> Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
cc11beffdf
commit
8e3a6f16ba
@ -355,8 +355,11 @@ static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
|
||||
}
|
||||
/* Consider doing this once, when the file is opened */
|
||||
mutex_lock(&crypt_stat->cs_tfm_mutex);
|
||||
rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
|
||||
crypt_stat->key_size);
|
||||
if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
|
||||
rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
|
||||
crypt_stat->key_size);
|
||||
crypt_stat->flags |= ECRYPTFS_KEY_SET;
|
||||
}
|
||||
if (rc) {
|
||||
ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
|
||||
rc);
|
||||
|
@ -234,6 +234,7 @@ struct ecryptfs_crypt_stat {
|
||||
#define ECRYPTFS_KEY_VALID 0x00000080
|
||||
#define ECRYPTFS_METADATA_IN_XATTR 0x00000100
|
||||
#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200
|
||||
#define ECRYPTFS_KEY_SET 0x00000400
|
||||
u32 flags;
|
||||
unsigned int file_version;
|
||||
size_t iv_bytes;
|
||||
|
Loading…
Reference in New Issue
Block a user