From: Fam Zheng <famz@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>,
qemu-devel@nongnu.org, qemu-block@nongnu.org
Subject: Re: [Qemu-devel] [PATCH v2 11/17] qcow2: make qcow2_encrypt_sectors encrypt in place
Date: Thu, 21 Jan 2016 17:13:39 +0800 [thread overview]
Message-ID: <20160121091339.GC31470@ad.usersys.redhat.com> (raw)
In-Reply-To: <1453311539-1193-12-git-send-email-berrange@redhat.com>
On Wed, 01/20 17:38, Daniel P. Berrange wrote:
> Instead of requiring separate input/output buffers for
> encrypting data, change qcow2_encrypt_sectors() to assume
> use of a single buffer, encrypting in place. The current
> callers all used the same buffer for input/output already.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/qcow2-cluster.c | 17 +++++------------
> block/qcow2.c | 5 ++---
> block/qcow2.h | 3 +--
> 3 files changed, 8 insertions(+), 17 deletions(-)
>
> diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
> index 34112c3..f5bc4f2 100644
> --- a/block/qcow2-cluster.c
> +++ b/block/qcow2-cluster.c
> @@ -341,12 +341,8 @@ static int count_contiguous_clusters_by_type(int nb_clusters,
> return i;
> }
>
> -/* The crypt function is compatible with the linux cryptoloop
> - algorithm for < 4 GB images. NOTE: out_buf == in_buf is
> - supported */
> int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
> - uint8_t *out_buf, const uint8_t *in_buf,
> - int nb_sectors, bool enc,
> + uint8_t *buf, int nb_sectors, bool enc,
> Error **errp)
> {
> union {
> @@ -366,14 +362,12 @@ int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
> }
> if (enc) {
> ret = qcrypto_cipher_encrypt(s->cipher,
> - in_buf,
> - out_buf,
> + buf, buf,
> 512,
> errp);
> } else {
> ret = qcrypto_cipher_decrypt(s->cipher,
> - in_buf,
> - out_buf,
> + buf, buf,
> 512,
> errp);
> }
> @@ -381,8 +375,7 @@ int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
> return -1;
> }
> sector_num++;
> - in_buf += 512;
> - out_buf += 512;
> + buf += 512;
> }
> return 0;
> }
> @@ -430,7 +423,7 @@ static int coroutine_fn copy_sectors(BlockDriverState *bs,
> Error *err = NULL;
> assert(s->cipher);
> if (qcow2_encrypt_sectors(s, start_sect + n_start,
> - iov.iov_base, iov.iov_base, n,
> + iov.iov_base, n,
> true, &err) < 0) {
> ret = -EIO;
> error_free(err);
> diff --git a/block/qcow2.c b/block/qcow2.c
> index d992e7f..2fae692 100644
> --- a/block/qcow2.c
> +++ b/block/qcow2.c
> @@ -1504,7 +1504,7 @@ static coroutine_fn int qcow2_co_readv(BlockDriverState *bs, int64_t sector_num,
> assert(s->cipher);
> Error *err = NULL;
> if (qcow2_encrypt_sectors(s, sector_num, cluster_data,
> - cluster_data, cur_nr_sectors, false,
> + cur_nr_sectors, false,
> &err) < 0) {
> error_free(err);
> ret = -EIO;
> @@ -1604,8 +1604,7 @@ static coroutine_fn int qcow2_co_writev(BlockDriverState *bs,
> qemu_iovec_to_buf(&hd_qiov, 0, cluster_data, hd_qiov.size);
>
> if (qcow2_encrypt_sectors(s, sector_num, cluster_data,
> - cluster_data, cur_nr_sectors,
> - true, &err) < 0) {
> + cur_nr_sectors, true, &err) < 0) {
> error_free(err);
> ret = -EIO;
> goto fail;
> diff --git a/block/qcow2.h b/block/qcow2.h
> index a063a3c..ae04285 100644
> --- a/block/qcow2.h
> +++ b/block/qcow2.h
> @@ -540,8 +540,7 @@ int qcow2_write_l1_entry(BlockDriverState *bs, int l1_index);
> void qcow2_l2_cache_reset(BlockDriverState *bs);
> int qcow2_decompress_cluster(BlockDriverState *bs, uint64_t cluster_offset);
> int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
> - uint8_t *out_buf, const uint8_t *in_buf,
> - int nb_sectors, bool enc, Error **errp);
> + uint8_t *buf, int nb_sectors, bool enc, Error **errp);
>
> int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset,
> int *num, uint64_t *cluster_offset);
> --
> 2.5.0
>
Reviewed-by: Fam Zheng <famz@redhat.com>
next prev parent reply other threads:[~2016-01-21 9:13 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-20 17:38 [Qemu-devel] [PATCH v2 00/17] Support LUKS encryption in block devices Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 01/17] crypto: ensure qcrypto_hash_digest_len is always defined Daniel P. Berrange
2016-01-21 6:12 ` Fam Zheng
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 02/17] crypto: add cryptographic random byte source Daniel P. Berrange
2016-01-21 6:12 ` Fam Zheng
2016-01-21 8:59 ` Daniel P. Berrange
2016-02-04 17:44 ` Eric Blake
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 03/17] crypto: add support for PBKDF2 algorithm Daniel P. Berrange
2016-01-21 6:59 ` Fam Zheng
2016-01-21 10:59 ` Daniel P. Berrange
2016-02-04 22:14 ` Eric Blake
2016-02-05 9:23 ` Daniel P. Berrange
2016-02-05 10:13 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 04/17] crypto: add support for generating initialization vectors Daniel P. Berrange
2016-01-21 7:51 ` Fam Zheng
2016-01-21 11:00 ` Daniel P. Berrange
2016-02-04 22:57 ` Eric Blake
2016-02-05 10:23 ` Daniel P. Berrange
2016-02-05 13:23 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 05/17] crypto: add support for anti-forensic split algorithm Daniel P. Berrange
2016-01-21 8:37 ` Fam Zheng
2016-01-21 11:01 ` Daniel P. Berrange
2016-02-04 23:26 ` Eric Blake
2016-02-05 12:37 ` Daniel P. Berrange
2016-02-05 12:39 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 06/17] crypto: add block encryption framework Daniel P. Berrange
2016-02-05 0:23 ` Eric Blake
2016-02-05 12:43 ` Daniel P. Berrange
2016-02-05 18:48 ` Eric Blake
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 07/17] crypto: implement the LUKS block encryption format Daniel P. Berrange
2016-02-05 17:38 ` Eric Blake
2016-02-08 16:03 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 08/17] block: add flag to indicate that no I/O will be performed Daniel P. Berrange
2016-02-05 19:08 ` Eric Blake
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 09/17] qemu-img/qemu-io: don't prompt for passwords if not required Daniel P. Berrange
2016-02-05 19:52 ` Eric Blake
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 10/17] block: add generic full disk encryption driver Daniel P. Berrange
2016-01-21 9:12 ` Fam Zheng
2016-01-21 11:02 ` Daniel P. Berrange
2016-01-21 13:01 ` Fam Zheng
2016-01-21 13:12 ` Daniel P. Berrange
2016-02-05 22:20 ` Eric Blake
2016-02-08 16:28 ` Daniel P. Berrange
2016-02-08 20:23 ` Eric Blake
2016-02-09 9:55 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 11/17] qcow2: make qcow2_encrypt_sectors encrypt in place Daniel P. Berrange
2016-01-21 9:13 ` Fam Zheng [this message]
2016-02-05 23:22 ` Eric Blake
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 12/17] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
2016-01-21 9:54 ` Fam Zheng
2016-01-21 10:50 ` Daniel P. Berrange
2016-01-21 13:56 ` Fam Zheng
2016-01-21 14:03 ` Daniel P. Berrange
2016-02-08 18:12 ` Eric Blake
2016-02-09 12:32 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 13/17] qcow: make encrypt_sectors encrypt in place Daniel P. Berrange
2016-02-08 20:30 ` Eric Blake
2016-02-09 12:33 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 14/17] qcow: convert QCow to use QCryptoBlock for encryption Daniel P. Berrange
2016-02-08 20:57 ` Eric Blake
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 15/17] block: rip out all traces of password prompting Daniel P. Berrange
2016-01-21 13:02 ` Fam Zheng
2016-01-21 13:11 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 16/17] block: remove all encryption handling APIs Daniel P. Berrange
2016-02-08 21:23 ` Eric Blake
2016-02-09 12:34 ` Daniel P. Berrange
2016-01-20 17:38 ` [Qemu-devel] [PATCH v2 17/17] block: remove support for legecy AES qcow/qcow2 encryption Daniel P. Berrange
2016-02-08 21:26 ` Eric Blake
2016-02-09 12:35 ` Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160121091339.GC31470@ad.usersys.redhat.com \
--to=famz@redhat.com \
--cc=berrange@redhat.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).