From: Alex Hornung <ahornung@gmail.com>
Date: Sat, 21 Aug 2010 12:48:24 +0000 (+0100)
Subject: dm_target_crypt - Enable support for AES-XTS
X-Git-Tag: v2.9.0~455
X-Git-Url: https://gitweb.dragonflybsd.org/~tuxillo/dragonfly.git/commitdiff_plain/178da76551950008d87bd1e5a103581cff89b2bb

dm_target_crypt - Enable support for AES-XTS
---

diff --git a/sys/dev/disk/dm/dm_target_crypt.c b/sys/dev/disk/dm/dm_target_crypt.c
index 5beccf131b..0d906e4b74 100644
--- a/sys/dev/disk/dm/dm_target_crypt.c
+++ b/sys/dev/disk/dm/dm_target_crypt.c
@@ -536,23 +536,34 @@ dm_target_crypt_init(dm_dev_t * dmv, void **target_config, char *params)
 		return ENOENT;
 	}
 
-	if (strcmp(crypto_mode, "cbc") != 0) {
-		kprintf("dm_target_crypt: only support 'cbc' chaining mode, "
-			"invalid mode '%s'\n", crypto_mode);
+	if ((strcmp(crypto_mode, "cbc") != 0) ||
+	    ((strcmp(crypto_mode, "xts") == 0) && (strcmp(crypto_alg, "aes") != 0)))
+	
+	{
+		kprintf("dm_target_crypt: only support 'cbc' chaining mode"
+		    " and aes-xts, invalid mode '%s-%s'\n",
+		    crypto_alg, crypto_mode);
 		goto notsup;
 	}
 
 	if (!strcmp(crypto_alg, "aes")) {
-		priv->crypto_alg = CRYPTO_AES_CBC;
-		if (klen != 128 && klen != 192 && klen != 256)
+		if (!strcmp(crypto_mode, "xts")) {
+			priv->crypto_alg = CRYPTO_AES_XTS;
+			if (klen != 256 && klen != 512)
+				goto notsup;
+		} else if (!strcmp(crypto_mode, "cbc")) {
+			priv->crypto_alg = CRYPTO_AES_CBC;
+			if (klen != 128 && klen != 192 && klen != 256)
+				goto notsup;
+		} else {
 			goto notsup;
+		}
 		priv->crypto_klen = klen;
 	} else if (!strcmp(crypto_alg, "blowfish")) {
 		priv->crypto_alg = CRYPTO_BLF_CBC;
 		if (klen < 128 || klen > 448 || (klen % 8) != 0)
 			goto notsup;
 		priv->crypto_klen = klen;
-
 	} else if (!strcmp(crypto_alg, "3des") ||
 		   !strncmp(crypto_alg, "des3", 4)) {
 		priv->crypto_alg = CRYPTO_3DES_CBC;