From patchwork Wed Nov 12 12:42:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 690 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762951403; bh=Jd38FUsJzdJrKAcO4IA07t37KMFpp1YSxYilE+UykJY=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=poG42Hc1KFcgEyE+vqeIuHo2NxCEVPEtOMhxt6sGcn1y140nj6nKhXZpFKSkV8hD8 cWOB1pCq4GCU6jzGn3T2hbO4Ag6KJ65ldb/ykYOmld+8ksm3oRMK4dFm0u9I/u85pz 18qp2xlKlqeVsipaZSo6uiGmQ0FGie/uxyfaRKEPF4+Qj/yLeyJ+SXpxwIad3bW8wE jI0x0RPiY8zeYQ1vwgZeUQIyMUnzAmM1hQoFAz3lNJeiddFNhz7exCZ0jF9+LPF5pE uZxX27oUBafMfN1UFNzZIbvcnuiIkVgLKP89Bhuiueqcyxl+TF/BNOVh0VqpzUndQ0 jG4/kUSY6guaQ== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id C6B18684FB for ; Wed, 12 Nov 2025 05:43:23 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 2coAN-eUsZXg for ; Wed, 12 Nov 2025 05:43:23 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762951403; bh=Jd38FUsJzdJrKAcO4IA07t37KMFpp1YSxYilE+UykJY=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=poG42Hc1KFcgEyE+vqeIuHo2NxCEVPEtOMhxt6sGcn1y140nj6nKhXZpFKSkV8hD8 cWOB1pCq4GCU6jzGn3T2hbO4Ag6KJ65ldb/ykYOmld+8ksm3oRMK4dFm0u9I/u85pz 18qp2xlKlqeVsipaZSo6uiGmQ0FGie/uxyfaRKEPF4+Qj/yLeyJ+SXpxwIad3bW8wE jI0x0RPiY8zeYQ1vwgZeUQIyMUnzAmM1hQoFAz3lNJeiddFNhz7exCZ0jF9+LPF5pE uZxX27oUBafMfN1UFNzZIbvcnuiIkVgLKP89Bhuiueqcyxl+TF/BNOVh0VqpzUndQ0 jG4/kUSY6guaQ== Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id B69F8684F1 for ; Wed, 12 Nov 2025 05:43:23 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762951401; bh=c0m2ZP8iXVRIvUCaNy4KmQNMMEBDDS+FhxEeFu010yM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=od34LLQUeO9GEEEdDumEFv5QX2aOLBVVxQtcxMPJ+XryVvtHyEQFJFnCwYM3PohP0 JW541YOoGT3CRHkJ4Gsg4KSMzzajA/CESOZdiEpzhY8O1N6jJmjU2I/jWl8I/n4+iM clL4H5wE3Gt3O7WPEOkbB2RmZfuQNNynLxTaqLa1idRF2Xdhyo++HcAaUW94aAIi85 NayTd9Ix3DBZTzljzOARJYSfJOHxOJFjSh2bfh8d/+QNObA/AYNzTk6S8BkMXlTeW2 UrqHjVKxsivvBUlPQZPmqMmaLAewUictkMTaXEzuHq7KxiME8pgV2i/fGWRTtv1qWe TGWMEL/njFHLg== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id B0BB6684F6; Wed, 12 Nov 2025 05:43:21 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP id Su82sidavtil; Wed, 12 Nov 2025 05:43:21 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762951396; bh=sC1cwxi0zTXWbH6pun9ySXzgIiGucihl/DyWTwm3IlI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bifpwfhAZmpTeRAzvR6XkM8RO5gY5/0gtQa7jt3HuW2k9kq/wmeU3RyoyZ3ijrffv VT3/agAXhp5TjsqqYUhAb+uGD7AfwRkBcTD5vPSlP3q0LeJETxyVpxhZqDDVDPMOAl bijebFTLaXmbJbTaD7Bekx3aSRck3T8g0HzSICAv6OeTE6QXCg69iP8xn9Okxg1+kf Ym08FWYzOE4ktfPPNjm5+OqZrUNN0FcC50n8aof6Bw900RrcllW+XCFzTOvBtWnf5B Dp3shkB+mDmKqnhVH+MMDN/3PwEDEiRh5Cd5b4a/MQ3a5H3qJbEmEskMr3lEEKJvtn AzxNFWatRWN/w== Received: from u-boot.org (unknown [73.34.74.121]) by mail.u-boot.org (Postfix) with ESMTPSA id 7996D682E4; Wed, 12 Nov 2025 05:43:16 -0700 (MST) From: Simon Glass To: U-Boot Concept Date: Wed, 12 Nov 2025 05:42:45 -0700 Message-ID: <20251112124252.1081477-5-sjg@u-boot.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251112124252.1081477-1-sjg@u-boot.org> References: <20251112124252.1081477-1-sjg@u-boot.org> MIME-Version: 1.0 Message-ID-Hash: QMGWKCOPBLNORWWHTUIDCDBACVZA6U3H X-Message-ID-Hash: QMGWKCOPBLNORWWHTUIDCDBACVZA6U3H X-MailFrom: sjg@u-boot.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 4/5] luks: Split out crypt reading into its own function List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Simon Glass In preparation for adding support for a new algorithm, move the decryption part of blkmap_crypt_read() into its own function. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/blkmap_crypt.c | 67 ++++++++++++++++++++++-------------- 1 file changed, 42 insertions(+), 25 deletions(-) diff --git a/drivers/block/blkmap_crypt.c b/drivers/block/blkmap_crypt.c index bc77ddc2751..2de6be23662 100644 --- a/drivers/block/blkmap_crypt.c +++ b/drivers/block/blkmap_crypt.c @@ -45,37 +45,17 @@ struct blkmap_crypt { u8 essiv_key[32]; }; -static ulong blkmap_crypt_read(struct blkmap *bm, struct blkmap_slice *bms, - lbaint_t blknr, lbaint_t blkcnt, void *buffer) +static ulong crypt_read_cbc(struct blkmap *bm, struct blkmap_crypt *bmc, + lbaint_t blknr, lbaint_t blkcnt, + u8 *encrypted_buf, void *buffer) { - struct blkmap_crypt *bmc = container_of(bms, struct blkmap_crypt, slice); struct blk_desc *bd = dev_get_uclass_plat(bm->blk); - struct blk_desc *src_bd = dev_get_uclass_plat(bmc->blk); - lbaint_t src_blknr, blocks_read; - u8 *encrypted_buf, *dest = buffer; u8 expkey[AES256_EXPAND_KEY_LENGTH]; u8 iv[AES_BLOCK_LENGTH]; + u8 *dest = buffer; u64 sector; lbaint_t i; - /* Allocate buffer for encrypted data */ - encrypted_buf = malloc_cache_aligned(blkcnt * src_bd->blksz); - if (!encrypted_buf) - return 0; - - /* - * Calculate source block number (LUKS payload offset + requested - * block) - */ - src_blknr = bmc->blknr + bmc->payload_offset + blknr; - - /* Read encrypted data from underlying device */ - blocks_read = blk_read(bmc->blk, src_blknr, blkcnt, encrypted_buf); - if (blocks_read != blkcnt) { - free(encrypted_buf); - return 0; - } - /* Expand AES key */ aes_expand_key(bmc->master_key, bmc->key_size * 8, expkey); @@ -116,11 +96,48 @@ static ulong blkmap_crypt_read(struct blkmap *bm, struct blkmap_slice *bms, dest + i * bd->blksz, bd->blksz / AES_BLOCK_LENGTH); } - free(encrypted_buf); return blkcnt; } +static ulong blkmap_crypt_read(struct blkmap *bm, struct blkmap_slice *bms, + lbaint_t blknr, lbaint_t blkcnt, void *buffer) +{ + struct blkmap_crypt *bmc = container_of(bms, struct blkmap_crypt, slice); + struct blk_desc *src_bd = dev_get_uclass_plat(bmc->blk); + lbaint_t src_blknr, blocks_read; + u8 *encrypted_buf; + ulong result; + + /* Allocate buffer for encrypted data */ + encrypted_buf = malloc_cache_aligned(blkcnt * src_bd->blksz); + if (!encrypted_buf) + return 0; + + /* + * Calculate source block number (LUKS payload offset + requested + * block) + */ + src_blknr = bmc->blknr + bmc->payload_offset + blknr; + + /* Read encrypted data from underlying device */ + blocks_read = blk_read(bmc->blk, src_blknr, blkcnt, encrypted_buf); + if (blocks_read != blkcnt) { + free(encrypted_buf); + return 0; + } + + if (blknr == 0 && blkcnt >= 1) { + log_debug("First 32 bytes of ENCRYPTED data:\n"); + log_debug_hex("", encrypted_buf, 32); + } + + result = crypt_read_cbc(bm, bmc, blknr, blkcnt, encrypted_buf, buffer); + free(encrypted_buf); + + return result; +} + static void blkmap_crypt_destroy(struct blkmap *bm, struct blkmap_slice *bms) { struct blkmap_crypt *bmc = container_of(bms, struct blkmap_crypt, slice);