crypto: expose encryption sector size in APIs

While current encryption schemes all have a fixed sector size of 512 bytes, this is not guaranteed to be the case in future. Expose the sector size in the APIs so the block layer can remove assumptions about fixed 512 byte sectors. Reviewed-by: N Max Reitz <mreitz@redhat.com> Reviewed-by: N Eric Blake <eblake@redhat.com> Signed-off-by: N Daniel P. Berrange <berrange@redhat.com> Message-id: 20170927125340.12360-3-berrange@redhat.com Signed-off-by: N Max Reitz <mreitz@redhat.com>

crypto: expose encryption sector size in APIs
While current encryption schemes all have a fixed sector size of 512 bytes, this is not guaranteed to be the case in future. Expose the sector size in the APIs so the block layer can remove assumptions about fixed 512 byte sectors. Reviewed-by: N Max Reitz <mreitz@redhat.com> Reviewed-by: N Eric Blake <eblake@redhat.com> Signed-off-by: N Daniel P. Berrange <berrange@redhat.com> Message-id: 20170927125340.12360-3-berrange@redhat.com Signed-off-by: N Max Reitz <mreitz@redhat.com>
850f49de · Daniel P. Berrange · Max Reitz · 161253e2 · 850f49de · 850f49de
5 changed file
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -846,8 +846,9 @@ qcrypto_block_luks_open(QCryptoBlock *block,
        }
    }
+    block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
    block->payload_offset = luks->header.payload_offset *
-        QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+        block->sector_size;
    luks->cipher_alg = cipheralg;
    luks->cipher_mode = ciphermode;
@@ -1240,8 +1241,9 @@ qcrypto_block_luks_create(QCryptoBlock *block,
                   QCRYPTO_BLOCK_LUKS_SECTOR_SIZE)) *
         QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS);
+    block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
    block->payload_offset = luks->header.payload_offset *
-        QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+        block->sector_size;
    /* Reserve header space to match payload offset */
    initfunc(block, block->payload_offset, opaque, &local_err);

--- a/crypto/block-qcow.c
+++ b/crypto/block-qcow.c
@@ -80,6 +80,7 @@ qcrypto_block_qcow_init(QCryptoBlock *block,
        goto fail;
    }
+    block->sector_size = QCRYPTO_BLOCK_QCOW_SECTOR_SIZE;
    block->payload_offset = 0;
    return 0;

--- a/crypto/block.c
+++ b/crypto/block.c
@@ -170,6 +170,12 @@ uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block)
 }
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block)
+{
+    return block->sector_size;
+}
 void qcrypto_block_free(QCryptoBlock *block)
 {
    if (!block) {

--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -36,6 +36,7 @@ struct QCryptoBlock {
    QCryptoHashAlgorithm kdfhash;
    size_t niv;
    uint64_t payload_offset; /* In bytes */
+    uint64_t sector_size; /* In bytes */
 };
 struct QCryptoBlockDriver {

--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -240,6 +240,21 @@ QCryptoHashAlgorithm qcrypto_block_get_kdf_hash(QCryptoBlock *block);
 */
 uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block);
+/**
+ * qcrypto_block_get_sector_size:
+ * @block: the block encryption object
+ *
+ * Get the size of sectors used for payload encryption. A new
+ * IV is used at the start of each sector. The encryption
+ * sector size is not required to match the sector size of the
+ * underlying storage. For example LUKS will always use a 512
+ * byte sector size, even if the volume is on a disk with 4k
+ * sectors.
+ *
+ * Returns: the sector in bytes
+ */
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block);
 /**
 * qcrypto_block_free:
 * @block: the block encryption object