From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: qemu-block@nongnu.org
Subject: [Qemu-devel] [PATCH v1 11/15] qcow: make encrypt_sectors encrypt in place
Date: Tue, 12 Jan 2016 18:56:18 +0000 [thread overview]
Message-ID: <1452624982-19332-12-git-send-email-berrange@redhat.com> (raw)
In-Reply-To: <1452624982-19332-1-git-send-email-berrange@redhat.com>
Instead of requiring separate input/output buffers for
encrypting data, change encrypt_sectors() to assume
use of a single buffer, encrypting in place. One current
caller all uses the same buffer for input/output already
and the other two callers are easily converted todo so.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qcow.c | 31 ++++++++++---------------------
1 file changed, 10 insertions(+), 21 deletions(-)
diff --git a/block/qcow.c b/block/qcow.c
index 635085e..5a4f310 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -293,12 +293,9 @@ static int qcow_set_key(BlockDriverState *bs, const char *key)
return 0;
}
-/* The crypt function is compatible with the linux cryptoloop
- algorithm for < 4 GB images. NOTE: out_buf == in_buf is
- supported */
static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
- uint8_t *out_buf, const uint8_t *in_buf,
- int nb_sectors, bool enc, Error **errp)
+ uint8_t *buf, int nb_sectors, bool enc,
+ Error **errp)
{
union {
uint64_t ll[2];
@@ -317,14 +314,12 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
}
if (enc) {
ret = qcrypto_cipher_encrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
512,
errp);
} else {
ret = qcrypto_cipher_decrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
512,
errp);
}
@@ -332,8 +327,7 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
return -1;
}
sector_num++;
- in_buf += 512;
- out_buf += 512;
+ buf += 512;
}
return 0;
}
@@ -453,13 +447,12 @@ static uint64_t get_cluster_offset(BlockDriverState *bs,
uint64_t start_sect;
assert(s->cipher);
start_sect = (offset & ~(s->cluster_size - 1)) >> 9;
- memset(s->cluster_data + 512, 0x00, 512);
+ memset(s->cluster_data, 0x00, 512);
for(i = 0; i < s->cluster_sectors; i++) {
if (i < n_start || i >= n_end) {
Error *err = NULL;
if (encrypt_sectors(s, start_sect + i,
- s->cluster_data,
- s->cluster_data + 512, 1,
+ s->cluster_data, 1,
true, &err) < 0) {
error_free(err);
errno = EIO;
@@ -637,7 +630,7 @@ static coroutine_fn int qcow_co_readv(BlockDriverState *bs, int64_t sector_num,
}
if (bs->encrypted) {
assert(s->cipher);
- if (encrypt_sectors(s, sector_num, buf, buf,
+ if (encrypt_sectors(s, sector_num, buf,
n, false, &err) < 0) {
goto fail;
}
@@ -672,7 +665,6 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
BDRVQcowState *s = bs->opaque;
int index_in_cluster;
uint64_t cluster_offset;
- const uint8_t *src_buf;
int ret = 0, n;
uint8_t *cluster_data = NULL;
struct iovec hd_iov;
@@ -715,18 +707,15 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
if (!cluster_data) {
cluster_data = g_malloc0(s->cluster_size);
}
- if (encrypt_sectors(s, sector_num, cluster_data, buf,
+ if (encrypt_sectors(s, sector_num, buf,
n, true, &err) < 0) {
error_free(err);
ret = -EIO;
break;
}
- src_buf = cluster_data;
- } else {
- src_buf = buf;
}
- hd_iov.iov_base = (void *)src_buf;
+ hd_iov.iov_base = (void *)buf;
hd_iov.iov_len = n * 512;
qemu_iovec_init_external(&hd_qiov, &hd_iov, 1);
qemu_co_mutex_unlock(&s->lock);
--
2.5.0
next prev parent reply other threads:[~2016-01-12 18:56 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-12 18:56 [Qemu-devel] [PATCH v1 00/15] Support LUKS encryption in block devices Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 01/15] crypto: add cryptographic random byte source Daniel P. Berrange
2016-01-13 2:46 ` Fam Zheng
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 02/15] crypto: add support for PBKDF2 algorithm Daniel P. Berrange
2016-01-13 5:53 ` Fam Zheng
2016-01-14 12:17 ` Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 03/15] crypto: add support for generating initialization vectors Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 04/15] crypto: add support for anti-forensic split algorithm Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 05/15] crypto: add block encryption framework Daniel P. Berrange
2016-01-13 23:40 ` Eric Blake
2016-01-14 12:16 ` Daniel P. Berrange
2016-01-18 19:48 ` Eric Blake
2016-01-19 9:41 ` Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 06/15] crypto: implement the LUKS block encryption format Daniel P. Berrange
2016-01-13 23:43 ` Eric Blake
2016-01-14 10:14 ` Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 07/15] block: add flag to indicate that no I/O will be performed Daniel P. Berrange
2016-01-13 17:44 ` [Qemu-devel] [Qemu-block] " Kevin Wolf
2016-01-13 17:56 ` Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 08/15] block: add generic full disk encryption driver Daniel P. Berrange
2016-01-13 23:47 ` Eric Blake
2016-01-14 10:15 ` Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 09/15] qcow2: make qcow2_encrypt_sectors encrypt in place Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 10/15] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
2016-01-13 18:42 ` [Qemu-devel] [Qemu-block] " Kevin Wolf
2016-01-14 12:14 ` Daniel P. Berrange
2016-01-14 12:58 ` Kevin Wolf
2016-01-12 18:56 ` Daniel P. Berrange [this message]
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 12/15] qcow: convert QCow " Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 13/15] block: rip out all traces of password prompting Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 14/15] block: remove all encryption handling APIs Daniel P. Berrange
2016-01-12 18:56 ` [Qemu-devel] [PATCH v1 15/15] block: remove support for legecy AES qcow/qcow2 encryption Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1452624982-19332-12-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).