-static
-int do_bulk_privacy(struct gss_ctx *gctx,
- struct ptlrpc_bulk_desc *desc,
- int encrypt, __u32 alg,
- struct ptlrpc_bulk_sec_desc *bsd)
-{
- struct crypto_tfm *tfm;
- struct scatterlist sg, sg2, *sgd;
- int i, rc;
- __u8 local_iv[sizeof(bsd->bsd_iv)];
-
- LASSERT(alg < BULK_PRIV_ALG_MAX);
-
- if (encrypt)
- bsd->bsd_priv_alg = BULK_PRIV_ALG_NULL;
-
- if (alg == BULK_PRIV_ALG_NULL)
- return 0;
-
- if (encrypt)
- get_random_bytes(bsd->bsd_iv, sizeof(bsd->bsd_iv));
-
- /* compute the secret iv */
- lgss_plain_encrypt(gctx, sizeof(local_iv), bsd->bsd_iv, local_iv);
-
- tfm = crypto_alloc_tfm(sptlrpc_bulk_priv_alg2name(alg),
- sptlrpc_bulk_priv_alg2flags(alg));
- if (tfm == NULL) {
- CERROR("Failed to allocate TFM %s\n",
- sptlrpc_bulk_priv_alg2name(alg));
- return -ENOMEM;
- }
-
- rc = crypto_cipher_setkey(tfm, local_iv, sizeof(local_iv));
- if (rc) {
- CERROR("Failed to set key for TFM %s: %d\n",
- sptlrpc_bulk_priv_alg2name(alg), rc);
- crypto_free_tfm(tfm);
- return rc;
- }
-
- for (i = 0; i < desc->bd_iov_count; i++) {
- sg.page = desc->bd_iov[i].kiov_page;
- sg.offset = desc->bd_iov[i].kiov_offset;
- sg.length = desc->bd_iov[i].kiov_len;
-
- if (desc->bd_enc_pages) {
- sg2.page = desc->bd_enc_pages[i];
- sg2.offset = desc->bd_iov[i].kiov_offset;
- sg2.length = desc->bd_iov[i].kiov_len;
-
- sgd = &sg2;
- } else
- sgd = &sg;
-
- if (encrypt)
- rc = crypto_cipher_encrypt(tfm, sgd, &sg, sg.length);
- else
- rc = crypto_cipher_decrypt(tfm, sgd, &sg, sg.length);
-
- LASSERT(rc == 0);
-
- if (desc->bd_enc_pages)
- desc->bd_iov[i].kiov_page = desc->bd_enc_pages[i];
-
- /* although the procedure might be lengthy, the crypto functions
- * internally called cond_resched() from time to time.
- */
- }
-
- crypto_free_tfm(tfm);
-
- if (encrypt)
- bsd->bsd_priv_alg = alg;
-
- return 0;
-}
-