|
|
@@ -187,15 +187,15 @@ static void crypt_iv_essiv_dtr(struct crypt_config *cc)
|
|
|
static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
|
|
|
const char *opts)
|
|
|
{
|
|
|
- struct crypto_cipher *essiv_tfm;
|
|
|
- struct crypto_hash *hash_tfm;
|
|
|
+ struct crypto_cipher *essiv_tfm = NULL;
|
|
|
+ struct crypto_hash *hash_tfm = NULL;
|
|
|
struct hash_desc desc;
|
|
|
struct scatterlist sg;
|
|
|
unsigned int saltsize;
|
|
|
- u8 *salt;
|
|
|
+ u8 *salt = NULL;
|
|
|
int err;
|
|
|
|
|
|
- if (opts == NULL) {
|
|
|
+ if (!opts) {
|
|
|
ti->error = "Digest algorithm missing for ESSIV mode";
|
|
|
return -EINVAL;
|
|
|
}
|
|
|
@@ -204,15 +204,16 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
|
|
|
hash_tfm = crypto_alloc_hash(opts, 0, CRYPTO_ALG_ASYNC);
|
|
|
if (IS_ERR(hash_tfm)) {
|
|
|
ti->error = "Error initializing ESSIV hash";
|
|
|
- return PTR_ERR(hash_tfm);
|
|
|
+ err = PTR_ERR(hash_tfm);
|
|
|
+ goto bad;
|
|
|
}
|
|
|
|
|
|
saltsize = crypto_hash_digestsize(hash_tfm);
|
|
|
- salt = kmalloc(saltsize, GFP_KERNEL);
|
|
|
- if (salt == NULL) {
|
|
|
+ salt = kzalloc(saltsize, GFP_KERNEL);
|
|
|
+ if (!salt) {
|
|
|
ti->error = "Error kmallocing salt storage in ESSIV";
|
|
|
- crypto_free_hash(hash_tfm);
|
|
|
- return -ENOMEM;
|
|
|
+ err = -ENOMEM;
|
|
|
+ goto bad;
|
|
|
}
|
|
|
|
|
|
sg_init_one(&sg, cc->key, cc->key_size);
|
|
|
@@ -220,39 +221,44 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
|
|
|
desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
|
|
|
err = crypto_hash_digest(&desc, &sg, cc->key_size, salt);
|
|
|
crypto_free_hash(hash_tfm);
|
|
|
+ hash_tfm = NULL;
|
|
|
|
|
|
if (err) {
|
|
|
ti->error = "Error calculating hash in ESSIV";
|
|
|
- kfree(salt);
|
|
|
- return err;
|
|
|
+ goto bad;
|
|
|
}
|
|
|
|
|
|
/* Setup the essiv_tfm with the given salt */
|
|
|
essiv_tfm = crypto_alloc_cipher(cc->cipher, 0, CRYPTO_ALG_ASYNC);
|
|
|
if (IS_ERR(essiv_tfm)) {
|
|
|
ti->error = "Error allocating crypto tfm for ESSIV";
|
|
|
- kfree(salt);
|
|
|
- return PTR_ERR(essiv_tfm);
|
|
|
+ err = PTR_ERR(essiv_tfm);
|
|
|
+ goto bad;
|
|
|
}
|
|
|
if (crypto_cipher_blocksize(essiv_tfm) !=
|
|
|
crypto_ablkcipher_ivsize(cc->tfm)) {
|
|
|
ti->error = "Block size of ESSIV cipher does "
|
|
|
"not match IV size of block cipher";
|
|
|
- crypto_free_cipher(essiv_tfm);
|
|
|
- kfree(salt);
|
|
|
- return -EINVAL;
|
|
|
+ err = -EINVAL;
|
|
|
+ goto bad;
|
|
|
}
|
|
|
err = crypto_cipher_setkey(essiv_tfm, salt, saltsize);
|
|
|
if (err) {
|
|
|
ti->error = "Failed to set key for ESSIV cipher";
|
|
|
- crypto_free_cipher(essiv_tfm);
|
|
|
- kfree(salt);
|
|
|
- return err;
|
|
|
+ goto bad;
|
|
|
}
|
|
|
- kfree(salt);
|
|
|
+ kzfree(salt);
|
|
|
|
|
|
cc->iv_gen_private.essiv.tfm = essiv_tfm;
|
|
|
return 0;
|
|
|
+
|
|
|
+bad:
|
|
|
+ if (essiv_tfm && !IS_ERR(essiv_tfm))
|
|
|
+ crypto_free_cipher(essiv_tfm);
|
|
|
+ if (hash_tfm && !IS_ERR(hash_tfm))
|
|
|
+ crypto_free_hash(hash_tfm);
|
|
|
+ kzfree(salt);
|
|
|
+ return err;
|
|
|
}
|
|
|
|
|
|
static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
|
Milan Broz