There are no more encrypt-only keys, so swap_key_prepare loses a flag.
OK?
---
sys/uvm/uvm_swap_encrypt.c | 31 ++++++++++++-------------------
sys/uvm/uvm_swap_encrypt.h | 2 +-
2 files changed, 13 insertions(+), 20 deletions(-)
diff --git sys/uvm/uvm_swap_encrypt.c sys/uvm/uvm_swap_encrypt.c
index 71406f13ee3..2c663bfc68e 100644
--- sys/uvm/uvm_swap_encrypt.c
+++ sys/uvm/uvm_swap_encrypt.c
@@ -34,17 +34,17 @@
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/sysctl.h>
#include <sys/time.h>
-#include <crypto/rijndael.h>
+#include <crypto/aes.h>
#include <uvm/uvm.h>
#include <uvm/uvm_swap_encrypt.h>
struct swap_key *kcur = NULL;
-rijndael_ctx swap_ctxt;
+AES_CTX swap_ctxt;
int uvm_doswapencrypt = 1;
u_int uvm_swpkeyscreated = 0;
u_int uvm_swpkeysdeleted = 0;
@@ -119,16 +119,16 @@ swap_encrypt(struct swap_key *key, caddr_t src, caddr_t
dst, u_int64_t block,
u_int32_t iv1, iv2, iv3, iv4;
if (!swap_encrypt_initialized)
swap_encrypt_initialized = 1;
- swap_key_prepare(key, 1);
+ swap_key_prepare(key);
count /= sizeof(u_int32_t);
iv[0] = block >> 32; iv[1] = block; iv[2] = ~iv[0]; iv[3] = ~iv[1];
- rijndael_encrypt(&swap_ctxt, (u_char *)iv, (u_char *)iv);
+ AES_Encrypt(&swap_ctxt, (u_char *)iv, (u_char *)iv);
iv1 = iv[0]; iv2 = iv[1]; iv3 = iv[2]; iv4 = iv[3];
for (; count > 0; count -= 4) {
ddst[0] = dsrc[0] ^ iv1;
ddst[1] = dsrc[1] ^ iv2;
@@ -136,11 +136,11 @@ swap_encrypt(struct swap_key *key, caddr_t src, caddr_t
dst, u_int64_t block,
ddst[3] = dsrc[3] ^ iv4;
/*
* Do not worry about endianess, it only needs to decrypt
* on this machine.
*/
- rijndael_encrypt(&swap_ctxt, (u_char *)ddst, (u_char *)ddst);
+ AES_Encrypt(&swap_ctxt, (u_char *)ddst, (u_char *)ddst);
iv1 = ddst[0];
iv2 = ddst[1];
iv3 = ddst[2];
iv4 = ddst[3];
@@ -164,24 +164,24 @@ swap_decrypt(struct swap_key *key, caddr_t src, caddr_t
dst, u_int64_t block,
u_int32_t iv1, iv2, iv3, iv4, niv1, niv2, niv3, niv4;
if (!swap_encrypt_initialized)
panic("swap_decrypt: key not initialized");
- swap_key_prepare(key, 0);
+ swap_key_prepare(key);
count /= sizeof(u_int32_t);
iv[0] = block >> 32; iv[1] = block; iv[2] = ~iv[0]; iv[3] = ~iv[1];
- rijndael_encrypt(&swap_ctxt, (u_char *)iv, (u_char *)iv);
+ AES_Encrypt(&swap_ctxt, (u_char *)iv, (u_char *)iv);
iv1 = iv[0]; iv2 = iv[1]; iv3 = iv[2]; iv4 = iv[3];
for (; count > 0; count -= 4) {
ddst[0] = niv1 = dsrc[0];
ddst[1] = niv2 = dsrc[1];
ddst[2] = niv3 = dsrc[2];
ddst[3] = niv4 = dsrc[3];
- rijndael_decrypt(&swap_ctxt, (u_char *)ddst, (u_char *)ddst);
+ AES_Decrypt(&swap_ctxt, (u_char *)ddst, (u_char *)ddst);
ddst[0] ^= iv1;
ddst[1] ^= iv2;
ddst[2] ^= iv3;
ddst[3] ^= iv4;
@@ -194,26 +194,19 @@ swap_decrypt(struct swap_key *key, caddr_t src, caddr_t
dst, u_int64_t block,
ddst += 4;
}
}
void
-swap_key_prepare(struct swap_key *key, int encrypt)
+swap_key_prepare(struct swap_key *key)
{
/*
- * Check if we have prepared for this key already,
- * if we only have the encryption schedule, we have
- * to recompute and get the decryption schedule also.
+ * Check if we have prepared for this key already.
*/
- if (kcur == key && (encrypt || !swap_ctxt.enc_only))
+ if (kcur == key)
return;
- if (encrypt)
- rijndael_set_key_enc_only(&swap_ctxt, (u_char *)key->key,
- sizeof(key->key) * 8);
- else
- rijndael_set_key(&swap_ctxt, (u_char *)key->key,
- sizeof(key->key) * 8);
+ AES_Setkey(&swap_ctxt, (u_char *)key->key, sizeof(key->key));
kcur = key;
}
/*
diff --git sys/uvm/uvm_swap_encrypt.h sys/uvm/uvm_swap_encrypt.h
index e883f6b758b..3c100c3de8d 100644
--- sys/uvm/uvm_swap_encrypt.h
+++ sys/uvm/uvm_swap_encrypt.h
@@ -57,11 +57,11 @@ int swap_encrypt_ctl(int *, u_int, void *, size_t *, void
*, size_t,
void swap_encrypt(struct swap_key *,caddr_t, caddr_t, u_int64_t, size_t);
void swap_decrypt(struct swap_key *,caddr_t, caddr_t, u_int64_t, size_t);
void swap_key_cleanup(struct swap_key *);
-void swap_key_prepare(struct swap_key *, int);
+void swap_key_prepare(struct swap_key *);
#define SWAP_KEY_GET(s,x) do { \
if ((x)->refcount == 0) { \
swap_key_create(x); \
} \
--
2.12.2
