summaryrefslogtreecommitdiff
path: root/sys/dev/softraidvar.h
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2008-06-14 03:01:01 +0000
committerDamien Miller <djm@cvs.openbsd.org>2008-06-14 03:01:01 +0000
commit547a5857db175855e29f1fabb3c4242ed109fd57 (patch)
tree5da6ced9ebe65bcb3cf27d55f6756a78a41711e0 /sys/dev/softraidvar.h
parent41cc8a46dfd727ab262f91b87912430e1fd3fc01 (diff)
Use multiple crypto keys per volume. Each key is used to encrypt at
most 0.5TB of disk. This is well below P1619-2007's recommendation for AES-XTS of 1TB/key, but small enough so we can test that we actually use multiple keys with inexpensive hardware. We allocate 32 keys, so this will do for volumes up to 16TB. Fix a crypto session leak in sr_crypto_free_resources() much debugging help mshoexer@; ok hshoexer@ marco@
Diffstat (limited to 'sys/dev/softraidvar.h')
-rw-r--r--sys/dev/softraidvar.h5
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/dev/softraidvar.h b/sys/dev/softraidvar.h
index 3c0d099b87a..f44eeb0cb26 100644
--- a/sys/dev/softraidvar.h
+++ b/sys/dev/softraidvar.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: softraidvar.h,v 1.58 2008/06/14 00:39:15 djm Exp $ */
+/* $OpenBSD: softraidvar.h,v 1.59 2008/06/14 03:01:00 djm Exp $ */
/*
* Copyright (c) 2006 Marco Peereboom <marco@peereboom.us>
* Copyright (c) 2008 Chris Kuethe <ckuethe@openbsd.org>
@@ -100,6 +100,7 @@ struct sr_chunk_meta {
#define SR_CRYPTO_KEYBYTES (SR_CRYPTO_KEYBITS >> 3)
#define SR_CRYPTO_KDFHINTBYTES 256
#define SR_CRYPTO_CHECKBYTES 64
+#define SR_CRYPTO_KEY_BLKSHIFT 30 /* 0.5TB per key */
struct sr_crypto_genkdf {
u_int32_t len;
@@ -292,7 +293,7 @@ struct sr_crypto {
u_int8_t scr_key[SR_CRYPTO_MAXKEYS][SR_CRYPTO_KEYBYTES];
u_int8_t scr_maskkey[SR_CRYPTO_MAXKEYBYTES];
- u_int64_t scr_sid/*[SR_CRYPTO_MAXKEYS]*/;
+ u_int64_t scr_sid[SR_CRYPTO_MAXKEYS];
};
struct sr_metadata_list {
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 10:28:52 +0000