eCryptfs: set inode key only once per crypto operation
There is no need to keep re-setting the same key for any given eCryptfs inode. This patch optimizes the use of the crypto API and helps performance a bit. Signed-off-by: Trevor Highland <trevor.highland@gmail.com> Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
cc11beffdf
commit
8e3a6f16ba
|
@ -355,8 +355,11 @@ static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
|
||||||
}
|
}
|
||||||
/* Consider doing this once, when the file is opened */
|
/* Consider doing this once, when the file is opened */
|
||||||
mutex_lock(&crypt_stat->cs_tfm_mutex);
|
mutex_lock(&crypt_stat->cs_tfm_mutex);
|
||||||
|
if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
|
||||||
rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
|
rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
|
||||||
crypt_stat->key_size);
|
crypt_stat->key_size);
|
||||||
|
crypt_stat->flags |= ECRYPTFS_KEY_SET;
|
||||||
|
}
|
||||||
if (rc) {
|
if (rc) {
|
||||||
ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
|
ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
|
||||||
rc);
|
rc);
|
||||||
|
|
|
@ -234,6 +234,7 @@ struct ecryptfs_crypt_stat {
|
||||||
#define ECRYPTFS_KEY_VALID 0x00000080
|
#define ECRYPTFS_KEY_VALID 0x00000080
|
||||||
#define ECRYPTFS_METADATA_IN_XATTR 0x00000100
|
#define ECRYPTFS_METADATA_IN_XATTR 0x00000100
|
||||||
#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200
|
#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200
|
||||||
|
#define ECRYPTFS_KEY_SET 0x00000400
|
||||||
u32 flags;
|
u32 flags;
|
||||||
unsigned int file_version;
|
unsigned int file_version;
|
||||||
size_t iv_bytes;
|
size_t iv_bytes;
|
||||||
|
|
Loading…
Reference in New Issue