mirror of
git://sourceware.org/git/lvm2.git
synced 2024-12-21 13:34:40 +03:00
Support crypt segment in libdevmapper tree.
- it can support multiple segments, but note that to work properly, correct IV (initialization vector) offset parameter must be set properly. Because most usage of IV start offset is when we join several crypto segments together (so iv_offset is the segment start offset), DM_CRYPT_IV_DEFAULT is defined to simplify the process. Function accepts the string in cipher agrument (already including chainmode and iv type; chainmode and iv parameters are NULL in this case) or user can provide split parameters which will join into dm-crypt cipher specification "cipher-chainmode-iv". All these parameters must be supplied in correct dm-crypt format.
This commit is contained in:
parent
33048414d4
commit
12ca060e9f
@ -1,5 +1,6 @@
|
|||||||
Version 1.02.33 -
|
Version 1.02.33 -
|
||||||
===============================
|
===============================
|
||||||
|
Add crypt target handling to libdevmapper node.
|
||||||
Add splitname command to dmsetup.
|
Add splitname command to dmsetup.
|
||||||
Add subsystem, vg_name, lv_name, lv_layer fields to dmsetup reports.
|
Add subsystem, vg_name, lv_name, lv_layer fields to dmsetup reports.
|
||||||
Make mempool optional in dm_split_lvm_name().
|
Make mempool optional in dm_split_lvm_name().
|
||||||
|
@ -67,6 +67,7 @@ dm_tree_node_add_error_target
|
|||||||
dm_tree_node_add_zero_target
|
dm_tree_node_add_zero_target
|
||||||
dm_tree_node_add_linear_target
|
dm_tree_node_add_linear_target
|
||||||
dm_tree_node_add_striped_target
|
dm_tree_node_add_striped_target
|
||||||
|
dm_tree_node_add_crypt_target
|
||||||
dm_tree_node_add_mirror_target
|
dm_tree_node_add_mirror_target
|
||||||
dm_tree_node_add_mirror_target_log
|
dm_tree_node_add_mirror_target_log
|
||||||
dm_tree_node_add_target_area
|
dm_tree_node_add_target_area
|
||||||
|
@ -374,6 +374,21 @@ int dm_tree_node_add_linear_target(struct dm_tree_node *node,
|
|||||||
int dm_tree_node_add_striped_target(struct dm_tree_node *node,
|
int dm_tree_node_add_striped_target(struct dm_tree_node *node,
|
||||||
uint64_t size,
|
uint64_t size,
|
||||||
uint32_t stripe_size);
|
uint32_t stripe_size);
|
||||||
|
|
||||||
|
#define DM_CRYPT_IV_DEFAULT UINT64_C(-1) /* iv_offset == seg offset */
|
||||||
|
/*
|
||||||
|
* Function accepts one string in cipher specification
|
||||||
|
* (chainmode and iv should be NULL because included in cipher string)
|
||||||
|
* or
|
||||||
|
* separate arguments which will be joined to "cipher-chainmode-iv"
|
||||||
|
*/
|
||||||
|
int dm_tree_node_add_crypt_target(struct dm_tree_node *node,
|
||||||
|
uint64_t size,
|
||||||
|
const char *cipher,
|
||||||
|
const char *chainmode,
|
||||||
|
const char *iv,
|
||||||
|
uint64_t iv_offset,
|
||||||
|
const char *key);
|
||||||
int dm_tree_node_add_mirror_target(struct dm_tree_node *node,
|
int dm_tree_node_add_mirror_target(struct dm_tree_node *node,
|
||||||
uint64_t size);
|
uint64_t size);
|
||||||
|
|
||||||
|
@ -28,6 +28,7 @@
|
|||||||
|
|
||||||
/* Supported segment types */
|
/* Supported segment types */
|
||||||
enum {
|
enum {
|
||||||
|
SEG_CRYPT,
|
||||||
SEG_ERROR,
|
SEG_ERROR,
|
||||||
SEG_LINEAR,
|
SEG_LINEAR,
|
||||||
SEG_MIRRORED,
|
SEG_MIRRORED,
|
||||||
@ -43,6 +44,7 @@ struct {
|
|||||||
unsigned type;
|
unsigned type;
|
||||||
const char *target;
|
const char *target;
|
||||||
} dm_segtypes[] = {
|
} dm_segtypes[] = {
|
||||||
|
{ SEG_CRYPT, "crypt" },
|
||||||
{ SEG_ERROR, "error" },
|
{ SEG_ERROR, "error" },
|
||||||
{ SEG_LINEAR, "linear" },
|
{ SEG_LINEAR, "linear" },
|
||||||
{ SEG_MIRRORED, "mirror" },
|
{ SEG_MIRRORED, "mirror" },
|
||||||
@ -69,8 +71,8 @@ struct load_segment {
|
|||||||
|
|
||||||
uint64_t size;
|
uint64_t size;
|
||||||
|
|
||||||
unsigned area_count; /* Linear + Striped + Mirrored */
|
unsigned area_count; /* Linear + Striped + Mirrored + Crypt */
|
||||||
struct dm_list areas; /* Linear + Striped + Mirrored */
|
struct dm_list areas; /* Linear + Striped + Mirrored + Crypt */
|
||||||
|
|
||||||
uint32_t stripe_size; /* Striped */
|
uint32_t stripe_size; /* Striped */
|
||||||
|
|
||||||
@ -85,6 +87,12 @@ struct load_segment {
|
|||||||
unsigned mirror_area_count; /* Mirror */
|
unsigned mirror_area_count; /* Mirror */
|
||||||
uint32_t flags; /* Mirror log */
|
uint32_t flags; /* Mirror log */
|
||||||
char *uuid; /* Clustered mirror log */
|
char *uuid; /* Clustered mirror log */
|
||||||
|
|
||||||
|
const char *cipher; /* Crypt */
|
||||||
|
const char *chainmode; /* Crypt */
|
||||||
|
const char *iv; /* Crypt */
|
||||||
|
uint64_t iv_offset; /* Crypt */
|
||||||
|
const char *key; /* Crypt */
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Per-device properties */
|
/* Per-device properties */
|
||||||
@ -1328,6 +1336,13 @@ static int _emit_segment_line(struct dm_task *dmt, struct load_segment *seg, uin
|
|||||||
case SEG_STRIPED:
|
case SEG_STRIPED:
|
||||||
EMIT_PARAMS(pos, "%u %u", seg->area_count, seg->stripe_size);
|
EMIT_PARAMS(pos, "%u %u", seg->area_count, seg->stripe_size);
|
||||||
break;
|
break;
|
||||||
|
case SEG_CRYPT:
|
||||||
|
EMIT_PARAMS(pos, "%s%s%s%s%s %s %" PRIu64, seg->cipher,
|
||||||
|
seg->chainmode ? "-" : "", seg->chainmode ?: "",
|
||||||
|
seg->iv ? "-" : "", seg->iv ?: "", seg->key,
|
||||||
|
seg->iv_offset != DM_CRYPT_IV_DEFAULT ?
|
||||||
|
seg->iv_offset : *seg_start);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
switch(seg->type) {
|
switch(seg->type) {
|
||||||
@ -1336,6 +1351,7 @@ static int _emit_segment_line(struct dm_task *dmt, struct load_segment *seg, uin
|
|||||||
case SEG_SNAPSHOT_ORIGIN:
|
case SEG_SNAPSHOT_ORIGIN:
|
||||||
case SEG_ZERO:
|
case SEG_ZERO:
|
||||||
break;
|
break;
|
||||||
|
case SEG_CRYPT:
|
||||||
case SEG_LINEAR:
|
case SEG_LINEAR:
|
||||||
case SEG_MIRRORED:
|
case SEG_MIRRORED:
|
||||||
case SEG_STRIPED:
|
case SEG_STRIPED:
|
||||||
@ -1673,6 +1689,28 @@ int dm_tree_node_add_striped_target(struct dm_tree_node *node,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int dm_tree_node_add_crypt_target(struct dm_tree_node *node,
|
||||||
|
uint64_t size,
|
||||||
|
const char *cipher,
|
||||||
|
const char *chainmode,
|
||||||
|
const char *iv,
|
||||||
|
uint64_t iv_offset,
|
||||||
|
const char *key)
|
||||||
|
{
|
||||||
|
struct load_segment *seg;
|
||||||
|
|
||||||
|
if (!(seg = _add_segment(node, SEG_CRYPT, size)))
|
||||||
|
return_0;
|
||||||
|
|
||||||
|
seg->cipher = cipher;
|
||||||
|
seg->chainmode = chainmode;
|
||||||
|
seg->iv = iv;
|
||||||
|
seg->iv_offset = iv_offset;
|
||||||
|
seg->key = key;
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
int dm_tree_node_add_mirror_target_log(struct dm_tree_node *node,
|
int dm_tree_node_add_mirror_target_log(struct dm_tree_node *node,
|
||||||
uint32_t region_size,
|
uint32_t region_size,
|
||||||
unsigned clustered,
|
unsigned clustered,
|
||||||
|
Loading…
Reference in New Issue
Block a user