From: Eric Biggers <ebiggers@kernel.org>
To: fstests@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
Jaegeuk Kim <jaegeuk@kernel.org>, Chao Yu <yuchao0@huawei.com>,
Daeho Jeong <daeho43@gmail.com>
Subject: [PATCH 3/5] fscrypt-crypt-util: add --block-number option
Date: Wed, 30 Sep 2020 17:25:05 -0700 [thread overview]
Message-ID: <20201001002508.328866-4-ebiggers@kernel.org> (raw)
In-Reply-To: <20201001002508.328866-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Currently fscrypt-crypt-util assumes that the number of the first block
encrypted/decrypted is 0. I.e., it replicates either contents
encryption from the start of a file, or encryption of a filename.
However, to easily test compression+encryption on f2fs, we need the
ability to specify a different starting block number.
Add a --block-number option which does this.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
src/fscrypt-crypt-util.c | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/src/fscrypt-crypt-util.c b/src/fscrypt-crypt-util.c
index 5c065116..26698d7a 100644
--- a/src/fscrypt-crypt-util.c
+++ b/src/fscrypt-crypt-util.c
@@ -59,6 +59,8 @@ static void usage(FILE *fp)
"WARNING: this program is only meant for testing, not for \"real\" use!\n"
"\n"
"Options:\n"
+" --block-number=BNUM Starting block number for IV generation.\n"
+" Default: 0\n"
" --block-size=BLOCK_SIZE Encrypt each BLOCK_SIZE bytes independently.\n"
" Default: 4096 bytes\n"
" --decrypt Decrypt instead of encrypt\n"
@@ -1787,6 +1789,7 @@ struct key_and_iv_params {
bool file_nonce_specified;
bool iv_ino_lblk_64;
bool iv_ino_lblk_32;
+ u64 block_number;
u64 inode_number;
u8 fs_uuid[UUID_SIZE];
bool fs_uuid_specified;
@@ -1839,6 +1842,9 @@ static void get_key_and_iv(const struct key_and_iv_params *params,
memset(iv, 0, sizeof(*iv));
+ /* Overridden later for iv_ino_lblk_{64,32} */
+ iv->block_number = cpu_to_le64(params->block_number);
+
if (params->iv_ino_lblk_64 || params->iv_ino_lblk_32) {
const char *opt = params->iv_ino_lblk_64 ? "--iv-ino-lblk-64" :
"--iv-ino-lblk-32";
@@ -1852,6 +1858,8 @@ static void get_key_and_iv(const struct key_and_iv_params *params,
die("%s requires --inode-number", opt);
if (params->mode_num == 0)
die("%s requires --mode-num", opt);
+ if (params->block_number > UINT32_MAX)
+ die("%s can't use --block-number > UINT32_MAX", opt);
if (params->inode_number > UINT32_MAX)
die("%s can't use --inode-number > UINT32_MAX", opt);
}
@@ -1881,6 +1889,7 @@ static void get_key_and_iv(const struct key_and_iv_params *params,
info[infolen++] = params->mode_num;
memcpy(&info[infolen], params->fs_uuid, UUID_SIZE);
infolen += UUID_SIZE;
+ iv->block_number32 = cpu_to_le32(params->block_number);
iv->inode_number = cpu_to_le32(params->inode_number);
} else if (params->iv_ino_lblk_32) {
info[infolen++] = HKDF_CONTEXT_IV_INO_LBLK_32_KEY;
@@ -1888,7 +1897,9 @@ static void get_key_and_iv(const struct key_and_iv_params *params,
memcpy(&info[infolen], params->fs_uuid, UUID_SIZE);
infolen += UUID_SIZE;
iv->block_number32 =
- cpu_to_le32(hash_inode_number(params));
+ cpu_to_le32(hash_inode_number(params) +
+ params->block_number);
+ iv->inode_number = 0;
} else if (params->mode_num != 0) {
info[infolen++] = HKDF_CONTEXT_DIRECT_KEY;
info[infolen++] = params->mode_num;
@@ -1913,6 +1924,7 @@ static void get_key_and_iv(const struct key_and_iv_params *params,
}
enum {
+ OPT_BLOCK_NUMBER,
OPT_BLOCK_SIZE,
OPT_DECRYPT,
OPT_FILE_NONCE,
@@ -1927,6 +1939,7 @@ enum {
};
static const struct option longopts[] = {
+ { "block-number", required_argument, NULL, OPT_BLOCK_NUMBER },
{ "block-size", required_argument, NULL, OPT_BLOCK_SIZE },
{ "decrypt", no_argument, NULL, OPT_DECRYPT },
{ "file-nonce", required_argument, NULL, OPT_FILE_NONCE },
@@ -1968,6 +1981,12 @@ int main(int argc, char *argv[])
while ((c = getopt_long(argc, argv, "", longopts, NULL)) != -1) {
switch (c) {
+ case OPT_BLOCK_NUMBER:
+ errno = 0;
+ params.block_number = strtoull(optarg, &tmp, 10);
+ if (*tmp || errno)
+ die("Invalid block number: %s", optarg);
+ break;
case OPT_BLOCK_SIZE:
errno = 0;
block_size = strtoul(optarg, &tmp, 10);
--
2.28.0
next prev parent reply other threads:[~2020-10-01 0:25 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-01 0:25 [PATCH 0/5] xfstests: test f2fs compression+encryption Eric Biggers
2020-10-01 0:25 ` [PATCH 1/5] fscrypt-crypt-util: clean up parsing --block-size and --inode-number Eric Biggers
2020-10-01 0:25 ` [PATCH 2/5] fscrypt-crypt-util: fix IV incrementing for --iv-ino-lblk-32 Eric Biggers
2020-10-01 0:25 ` Eric Biggers [this message]
2020-10-01 0:25 ` [PATCH 4/5] common/f2fs: add _require_scratch_f2fs_compression() Eric Biggers
2020-10-01 0:25 ` [PATCH 5/5] f2fs: verify ciphertext of compressed+encrypted file Eric Biggers
2020-10-07 3:48 ` [PATCH 0/5] xfstests: test f2fs compression+encryption Eric Biggers
2020-10-07 4:27 ` [f2fs-dev] " Daeho Jeong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201001002508.328866-4-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=daeho43@gmail.com \
--cc=fstests@vger.kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=yuchao0@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).