+static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
+ const char *opts)
+{
+ struct crypto_tfm *essiv_tfm;
+ struct crypto_tfm *hash_tfm;
+ struct scatterlist sg;
+ unsigned int saltsize;
+ u8 *salt;
+
+ if (opts == NULL) {
+ ti->error = PFX "Digest algorithm missing for ESSIV mode";
+ return -EINVAL;
+ }
+
+ /* Hash the cipher key with the given hash algorithm */
+ hash_tfm = crypto_alloc_tfm(opts, 0);
+ if (hash_tfm == NULL) {
+ ti->error = PFX "Error initializing ESSIV hash";
+ return -EINVAL;
+ }
+
+ if (crypto_tfm_alg_type(hash_tfm) != CRYPTO_ALG_TYPE_DIGEST) {
+ ti->error = PFX "Expected digest algorithm for ESSIV hash";
+ crypto_free_tfm(hash_tfm);
+ return -EINVAL;
+ }
+
+ saltsize = crypto_tfm_alg_digestsize(hash_tfm);
+ salt = kmalloc(saltsize, GFP_KERNEL);
+ if (salt == NULL) {
+ ti->error = PFX "Error kmallocing salt storage in ESSIV";
+ crypto_free_tfm(hash_tfm);
+ return -ENOMEM;
+ }
+
+ sg.page = virt_to_page(cc->key);
+ sg.offset = offset_in_page(cc->key);
+ sg.length = cc->key_size;
+ crypto_digest_digest(hash_tfm, &sg, 1, salt);
+ crypto_free_tfm(hash_tfm);
+
+ /* Setup the essiv_tfm with the given salt */
+ essiv_tfm = crypto_alloc_tfm(crypto_tfm_alg_name(cc->tfm),
+ CRYPTO_TFM_MODE_ECB);
+ if (essiv_tfm == NULL) {
+ ti->error = PFX "Error allocating crypto tfm for ESSIV";
+ kfree(salt);
+ return -EINVAL;
+ }
+ if (crypto_tfm_alg_blocksize(essiv_tfm)
+ != crypto_tfm_alg_ivsize(cc->tfm)) {
+ ti->error = PFX "Block size of ESSIV cipher does "
+ "not match IV size of block cipher";
+ crypto_free_tfm(essiv_tfm);
+ kfree(salt);
+ return -EINVAL;
+ }
+ if (crypto_cipher_setkey(essiv_tfm, salt, saltsize) < 0) {
+ ti->error = PFX "Failed to set key for ESSIV cipher";
+ crypto_free_tfm(essiv_tfm);
+ kfree(salt);
+ return -EINVAL;
+ }
+ kfree(salt);
+
+ cc->iv_gen_private = (void *)essiv_tfm;
+ return 0;
+}
+
+static void crypt_iv_essiv_dtr(struct crypt_config *cc)
+{
+ crypto_free_tfm((struct crypto_tfm *)cc->iv_gen_private);
+ cc->iv_gen_private = NULL;
+}
+
+static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
+{
+ struct scatterlist sg = { NULL, };
+
+ memset(iv, 0, cc->iv_size);
+ *(u64 *)iv = cpu_to_le64(sector);
+
+ sg.page = virt_to_page(iv);
+ sg.offset = offset_in_page(iv);
+ sg.length = cc->iv_size;
+ crypto_cipher_encrypt((struct crypto_tfm *)cc->iv_gen_private,
+ &sg, &sg, cc->iv_size);
+
+ return 0;
+}
+
+static struct crypt_iv_operations crypt_iv_plain_ops = {
+ .generator = crypt_iv_plain_gen
+};
+
+static struct crypt_iv_operations crypt_iv_essiv_ops = {
+ .ctr = crypt_iv_essiv_ctr,
+ .dtr = crypt_iv_essiv_dtr,
+ .generator = crypt_iv_essiv_gen
+};
+
+