svn commit: r359945 - in head: lib/geom/eli sys/geom/eli
Kyle Evans
kevans at freebsd.org
Wed Apr 15 17:55:54 UTC 2020
On Tue, Apr 14, 2020 at 7:15 PM John Baldwin <jhb at freebsd.org> wrote:
>
> Author: jhb
> Date: Wed Apr 15 00:14:50 2020
> New Revision: 359945
> URL: https://svnweb.freebsd.org/changeset/base/359945
>
> Log:
> Remove support for geli(4) algorithms deprecated in r348206.
>
> This removes support for reading and writing volumes using the
> following algorithms:
>
> - Triple DES
> - Blowfish
> - MD5 HMAC integrity
>
> In addition, this commit adds an explicit whitelist of supported
> algorithms to give a better error message when an invalid or
> unsupported algorithm is used by an existing volume.
>
> Reviewed by: cem
> Sponsored by: Chelsio Communications
> Differential Revision: https://reviews.freebsd.org/D24343
>
> Modified:
> head/lib/geom/eli/geli.8
> head/lib/geom/eli/geom_eli.c
> head/sys/geom/eli/g_eli.c
> head/sys/geom/eli/g_eli.h
> head/sys/geom/eli/g_eli_crypto.c
> head/sys/geom/eli/g_eli_ctl.c
>
> [... snip ...]
> @@ -522,6 +506,36 @@ eli_metadata_dump(const struct g_eli_metadata *md)
> printf(" MD5 hash: %s\n", str);
> }
>
> +#ifdef _KERNEL
> +static bool
> +eli_metadata_crypto_supported(const struct g_eli_metadata *md)
> +{
> +
> + switch (md->md_ealgo) {
> + case CRYPTO_NULL_CBC:
> + case CRYPTO_AES_CBC:
> + case CRYPTO_CAMELLIA_CBC:
> + case CRYPTO_AES_XTS:
> + break;
> + default:
> + return (false);
> + }
> + if (md->md_flags & G_ELI_FLAG_AUTH) {
> + switch (md->md_aalgo) {
> + case CRYPTO_SHA1_HMAC:
> + case CRYPTO_RIPEMD160_HMAC:
> + case CRYPTO_SHA2_256_HMAC:
> + case CRYPTO_SHA2_384_HMAC:
> + case CRYPTO_SHA2_512_HMAC:
> + break;
> + default:
> + return (false);
> + }
> + }
> + return (true);
> +}
> +#endif
> +
> static __inline u_int
> g_eli_keylen(u_int algo, u_int keylen)
> {
> [... snip ...]
eli_metadata_crypto_supported is defined here, but unused in most
compilation units that include g_eli.h, resulting in some amount of
noise:
In file included from /usr/src/sys/geom/eli/g_eli_crypto.c:46:
/usr/src/sys/geom/eli/g_eli.h:511:1: warning: unused function
'eli_metadata_crypto_supported' [-Wunused-function]
eli_metadata_crypto_supported(const struct g_eli_metadata *md)
(repeat for g_eli_hmac.c, g_eli_integrity.c, g_eli_key.c,
g_eli_key_cache.c, g_eli_privacy.c, pkcs5v2.c)
Given that it's probably not in danger of silently going away and not
getting removed, any objection to marking it __unused to squelch the warnings?
Thanks,
Kyle Evans
More information about the svn-src-all
mailing list