svn commit: r359945 - in head: lib/geom/eli sys/geom/eli

John Baldwin jhb at FreeBSD.org
Wed Apr 15 18:24:30 UTC 2020 

On 4/15/20 10:55 AM, Kyle Evans wrote:
> On Tue, Apr 14, 2020 at 7:15 PM John Baldwin <jhb at freebsd.org> wrote:
>>
>> Author: jhb
>> Date: Wed Apr 15 00:14:50 2020
>> New Revision: 359945
>> URL: https://svnweb.freebsd.org/changeset/base/359945
>>
>> Log:
>>   Remove support for geli(4) algorithms deprecated in r348206.
>>
>>   This removes support for reading and writing volumes using the
>>   following algorithms:
>>
>>   - Triple DES
>>   - Blowfish
>>   - MD5 HMAC integrity
>>
>>   In addition, this commit adds an explicit whitelist of supported
>>   algorithms to give a better error message when an invalid or
>>   unsupported algorithm is used by an existing volume.
>>
>>   Reviewed by:  cem
>>   Sponsored by: Chelsio Communications
>>   Differential Revision:        https://reviews.freebsd.org/D24343
>>
>> Modified:
>>   head/lib/geom/eli/geli.8
>>   head/lib/geom/eli/geom_eli.c
>>   head/sys/geom/eli/g_eli.c
>>   head/sys/geom/eli/g_eli.h
>>   head/sys/geom/eli/g_eli_crypto.c
>>   head/sys/geom/eli/g_eli_ctl.c
>>
>> [... snip ...]
>> @@ -522,6 +506,36 @@ eli_metadata_dump(const struct g_eli_metadata *md)
>>         printf("  MD5 hash: %s\n", str);
>>  }
>>
>> +#ifdef _KERNEL
>> +static bool
>> +eli_metadata_crypto_supported(const struct g_eli_metadata *md)
>> +{
>> +
>> +       switch (md->md_ealgo) {
>> +       case CRYPTO_NULL_CBC:
>> +       case CRYPTO_AES_CBC:
>> +       case CRYPTO_CAMELLIA_CBC:
>> +       case CRYPTO_AES_XTS:
>> +               break;
>> +       default:
>> +               return (false);
>> +       }
>> +       if (md->md_flags & G_ELI_FLAG_AUTH) {
>> +               switch (md->md_aalgo) {
>> +               case CRYPTO_SHA1_HMAC:
>> +               case CRYPTO_RIPEMD160_HMAC:
>> +               case CRYPTO_SHA2_256_HMAC:
>> +               case CRYPTO_SHA2_384_HMAC:
>> +               case CRYPTO_SHA2_512_HMAC:
>> +                       break;
>> +               default:
>> +                       return (false);
>> +               }
>> +       }
>> +       return (true);
>> +}
>> +#endif
>> +
>>  static __inline u_int
>>  g_eli_keylen(u_int algo, u_int keylen)
>>  {
>> [... snip ...]
> 
> eli_metadata_crypto_supported is defined here, but unused in most
> compilation units that include g_eli.h, resulting in some amount of
> noise:
> 
> In file included from /usr/src/sys/geom/eli/g_eli_crypto.c:46:
> /usr/src/sys/geom/eli/g_eli.h:511:1: warning: unused function
> 'eli_metadata_crypto_supported' [-Wunused-function]
> eli_metadata_crypto_supported(const struct g_eli_metadata *md)
> 
> (repeat for g_eli_hmac.c, g_eli_integrity.c, g_eli_key.c,
> g_eli_key_cache.c, g_eli_privacy.c, pkcs5v2.c)
> 
> Given that it's probably not in danger of silently going away and not
> getting removed, any objection to marking it __unused to squelch the warnings?

Oh, rather, I should mark it __inline.  There are several other functions
in g_eli.h that are similarly not always used, but they are marked __inline
which is how they avoid the warning.

-- 
John Baldwin

More information about the svn-src-head mailing list