tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
libceph: factor out __ceph_x_decrypt()
Will be used for decrypting the server challenge which is only preceded
by ceph_x_encrypt_header.
Drop struct_v check to allow for extending ceph_x_encrypt_header in the
future.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
+24
-9
+24
-9
net/ceph/auth_x.c
+24
-9
net/ceph/auth_x.c
···
70
70
return sizeof(u32) + ciphertext_len;
71
71
}
72
72
73
+
static int __ceph_x_decrypt(struct ceph_crypto_key *secret, void *p,
74
+
int ciphertext_len)
75
+
{
76
+
struct ceph_x_encrypt_header *hdr = p;
77
+
int plaintext_len;
78
+
int ret;
79
+
80
+
ret = ceph_crypt(secret, false, p, ciphertext_len, ciphertext_len,
81
+
&plaintext_len);
82
+
if (ret)
83
+
return ret;
84
+
85
+
if (le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC) {
86
+
pr_err("%s bad magic\n", __func__);
87
+
return -EINVAL;
88
+
}
89
+
90
+
return plaintext_len - sizeof(*hdr);
91
+
}
92
+
73
93
static int ceph_x_decrypt(struct ceph_crypto_key *secret, void **p, void *end)
74
94
{
75
-
struct ceph_x_encrypt_header *hdr = *p + sizeof(u32);
76
-
int ciphertext_len, plaintext_len;
95
+
int ciphertext_len;
77
96
int ret;
78
97
79
98
ceph_decode_32_safe(p, end, ciphertext_len, e_inval);
80
99
ceph_decode_need(p, end, ciphertext_len, e_inval);
81
100
82
-
ret = ceph_crypt(secret, false, *p, end - *p, ciphertext_len,
83
-
&plaintext_len);
84
-
if (ret)
101
+
ret = __ceph_x_decrypt(secret, *p, ciphertext_len);
102
+
if (ret < 0)
85
103
return ret;
86
104
87
-
if (hdr->struct_v != 1 || le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC)
88
-
return -EPERM;
89
-
90
105
*p += ciphertext_len;
91
-
return plaintext_len - sizeof(struct ceph_x_encrypt_header);
106
+
return ret;
92
107
93
108
e_inval:
94
109
return -EINVAL;