eCryptfs: set inode key only once per crypto operation

There is no need to keep re-setting the same key for any given eCryptfs inode.
This patch optimizes the use of the crypto API and helps performance a bit.

Signed-off-by: Trevor Highland <trevor.highland@gmail.com>
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Trevor Highland 2008-02-06 01:38:33 -08:00 committed by Linus Torvalds
parent cc11beffdf
commit 8e3a6f16ba
2 changed files with 6 additions and 2 deletions

View File

@ -355,8 +355,11 @@ static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
} }
/* Consider doing this once, when the file is opened */ /* Consider doing this once, when the file is opened */
mutex_lock(&crypt_stat->cs_tfm_mutex); mutex_lock(&crypt_stat->cs_tfm_mutex);
rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key, if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
crypt_stat->key_size); rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
crypt_stat->key_size);
crypt_stat->flags |= ECRYPTFS_KEY_SET;
}
if (rc) { if (rc) {
ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n", ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
rc); rc);

View File

@ -234,6 +234,7 @@ struct ecryptfs_crypt_stat {
#define ECRYPTFS_KEY_VALID 0x00000080 #define ECRYPTFS_KEY_VALID 0x00000080
#define ECRYPTFS_METADATA_IN_XATTR 0x00000100 #define ECRYPTFS_METADATA_IN_XATTR 0x00000100
#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200 #define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200
#define ECRYPTFS_KEY_SET 0x00000400
u32 flags; u32 flags;
unsigned int file_version; unsigned int file_version;
size_t iv_bytes; size_t iv_bytes;