Support crypt segment in libdevmapper tree.

- it can support multiple segments, but note that
to work properly, correct IV (initialization vector)
offset parameter must be set properly.

Because most usage of IV start offset is when we join
several crypto segments together (so iv_offset is the segment
start offset), DM_CRYPT_IV_DEFAULT is defined to simplify
the process.

Function accepts the string in cipher agrument (already
including chainmode and iv type; chainmode and iv parameters are NULL
in this case) or user can provide split parameters which will
join into dm-crypt cipher specification "cipher-chainmode-iv".

All these parameters must be supplied in correct dm-crypt format.

diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM
index c486fcdb1781f932057cf35db2ceca44574b7ce8..521ba35e66e431ea834cc2a97594208afdc41f51 100644 (file)
--- a/WHATS_NEW_DM
+++ b/WHATS_NEW_DM
@@ -1,5 +1,6 @@
-Version 1.02.33 -    
+Version 1.02.33 -
 ===============================
+  Add crypt target handling to libdevmapper node.
   Add splitname command to dmsetup.
   Add subsystem, vg_name, lv_name, lv_layer fields to dmsetup reports.
   Make mempool optional in dm_split_lvm_name().

diff --git a/libdm/.exported_symbols b/libdm/.exported_symbols
index 2c80b05919f390e7bd45c073517fd07426650235..82a7c9eaa538bbf437b257ca06aafba399b1f8a5 100644 (file)
--- a/libdm/.exported_symbols
+++ b/libdm/.exported_symbols
@@ -67,6 +67,7 @@ dm_tree_node_add_error_target
 dm_tree_node_add_zero_target
 dm_tree_node_add_linear_target
 dm_tree_node_add_striped_target
+dm_tree_node_add_crypt_target
 dm_tree_node_add_mirror_target
 dm_tree_node_add_mirror_target_log
 dm_tree_node_add_target_area

diff --git a/libdm/libdevmapper.h b/libdm/libdevmapper.h
index c8ce21f643cd5b51589ca8a6bdb8a3a9e3fa4ce9..4d03a21738e1b5b6590bd0a61ab4d049b56b2872 100644 (file)
--- a/libdm/libdevmapper.h
+++ b/libdm/libdevmapper.h
@@ -374,6 +374,21 @@ int dm_tree_node_add_linear_target(struct dm_tree_node *node,
 int dm_tree_node_add_striped_target(struct dm_tree_node *node,
                                       uint64_t size,
                                       uint32_t stripe_size);
+
+#define DM_CRYPT_IV_DEFAULT    UINT64_C(-1)    /* iv_offset == seg offset */
+/*
+ * Function accepts one string in cipher specification
+ * (chainmode and iv should be NULL because included in cipher string)
+ *   or
+ * separate arguments which will be joined to "cipher-chainmode-iv"
+ */
+int dm_tree_node_add_crypt_target(struct dm_tree_node *node,
+                                 uint64_t size,
+                                 const char *cipher,
+                                 const char *chainmode,
+                                 const char *iv,
+                                 uint64_t iv_offset,
+                                 const char *key);
 int dm_tree_node_add_mirror_target(struct dm_tree_node *node,
                                      uint64_t size);
  

diff --git a/libdm/libdm-deptree.c b/libdm/libdm-deptree.c
index 179cf95fa5e99871f95909a84ec6ec60ed7d01ee..616331add6c57fc7d1bb25920718cb829ec1af7f 100644 (file)
--- a/libdm/libdm-deptree.c
+++ b/libdm/libdm-deptree.c
@@ -28,7 +28,8 @@
 
 /* Supported segment types */
 enum {
-       SEG_ERROR, 
+       SEG_CRYPT,
+       SEG_ERROR,
        SEG_LINEAR,
        SEG_MIRRORED,
        SEG_SNAPSHOT,
@@ -43,6 +44,7 @@ struct {
        unsigned type;
        const char *target;
 } dm_segtypes[] = {
+       { SEG_CRYPT, "crypt" },
        { SEG_ERROR, "error" },
        { SEG_LINEAR, "linear" },
        { SEG_MIRRORED, "mirror" },
@@ -69,8 +71,8 @@ struct load_segment {
 
        uint64_t size;
 
-       unsigned area_count;            /* Linear + Striped + Mirrored */
-       struct dm_list areas;           /* Linear + Striped + Mirrored */
+       unsigned area_count;            /* Linear + Striped + Mirrored + Crypt */
+       struct dm_list areas;           /* Linear + Striped + Mirrored + Crypt */
 
        uint32_t stripe_size;           /* Striped */
 
@@ -85,6 +87,12 @@ struct load_segment {
        unsigned mirror_area_count;     /* Mirror */
        uint32_t flags;                 /* Mirror log */
        char *uuid;                     /* Clustered mirror log */
+
+       const char *cipher;             /* Crypt */
+       const char *chainmode;          /* Crypt */
+       const char *iv;                 /* Crypt */
+       uint64_t iv_offset;             /* Crypt */
+       const char *key;                /* Crypt */
 };
 
 /* Per-device properties */
@@ -1328,6 +1336,13 @@ static int _emit_segment_line(struct dm_task *dmt, struct load_segment *seg, uin
        case SEG_STRIPED:
                EMIT_PARAMS(pos, "%u %u", seg->area_count, seg->stripe_size);
                break;
+       case SEG_CRYPT:
+               EMIT_PARAMS(pos, "%s%s%s%s%s %s %" PRIu64, seg->cipher,
+                           seg->chainmode ? "-" : "", seg->chainmode ?: "",
+                           seg->iv ? "-" : "", seg->iv ?: "", seg->key,
+                           seg->iv_offset != DM_CRYPT_IV_DEFAULT ?
+                           seg->iv_offset : *seg_start);
+               break;
        }
 
        switch(seg->type) {
@@ -1336,6 +1351,7 @@ static int _emit_segment_line(struct dm_task *dmt, struct load_segment *seg, uin
        case SEG_SNAPSHOT_ORIGIN:
        case SEG_ZERO:
                break;
+       case SEG_CRYPT:
        case SEG_LINEAR:
        case SEG_MIRRORED:
        case SEG_STRIPED:
@@ -1673,6 +1689,28 @@ int dm_tree_node_add_striped_target(struct dm_tree_node *node,
        return 1;
 }
 
+int dm_tree_node_add_crypt_target(struct dm_tree_node *node,
+                                 uint64_t size,
+                                 const char *cipher,
+                                 const char *chainmode,
+                                 const char *iv,
+                                 uint64_t iv_offset,
+                                 const char *key)
+{
+       struct load_segment *seg;
+
+       if (!(seg = _add_segment(node, SEG_CRYPT, size)))
+               return_0;
+
+       seg->cipher = cipher;
+       seg->chainmode = chainmode;
+       seg->iv = iv;
+       seg->iv_offset = iv_offset;
+       seg->key = key;
+
+       return 1;
+}
+
 int dm_tree_node_add_mirror_target_log(struct dm_tree_node *node,
                                          uint32_t region_size,
                                          unsigned clustered,