On Wed, Apr 15, 2020 at 1:24 PM John Baldwin <j...@freebsd.org> wrote: > > On 4/15/20 10:55 AM, Kyle Evans wrote: > > On Tue, Apr 14, 2020 at 7:15 PM John Baldwin <j...@freebsd.org> wrote: > >> > >> Author: jhb > >> Date: Wed Apr 15 00:14:50 2020 > >> New Revision: 359945 > >> URL: https://svnweb.freebsd.org/changeset/base/359945 > >> > >> Log: > >> Remove support for geli(4) algorithms deprecated in r348206. > >> > >> This removes support for reading and writing volumes using the > >> following algorithms: > >> > >> - Triple DES > >> - Blowfish > >> - MD5 HMAC integrity > >> > >> In addition, this commit adds an explicit whitelist of supported > >> algorithms to give a better error message when an invalid or > >> unsupported algorithm is used by an existing volume. > >> > >> Reviewed by: cem > >> Sponsored by: Chelsio Communications > >> Differential Revision: https://reviews.freebsd.org/D24343 > >> > >> Modified: > >> head/lib/geom/eli/geli.8 > >> head/lib/geom/eli/geom_eli.c > >> head/sys/geom/eli/g_eli.c > >> head/sys/geom/eli/g_eli.h > >> head/sys/geom/eli/g_eli_crypto.c > >> head/sys/geom/eli/g_eli_ctl.c > >> > >> [... snip ...] > >> @@ -522,6 +506,36 @@ eli_metadata_dump(const struct g_eli_metadata *md) > >> printf(" MD5 hash: %s\n", str); > >> } > >> > >> +#ifdef _KERNEL > >> +static bool > >> +eli_metadata_crypto_supported(const struct g_eli_metadata *md) > >> +{ > >> + > >> + switch (md->md_ealgo) { > >> + case CRYPTO_NULL_CBC: > >> + case CRYPTO_AES_CBC: > >> + case CRYPTO_CAMELLIA_CBC: > >> + case CRYPTO_AES_XTS: > >> + break; > >> + default: > >> + return (false); > >> + } > >> + if (md->md_flags & G_ELI_FLAG_AUTH) { > >> + switch (md->md_aalgo) { > >> + case CRYPTO_SHA1_HMAC: > >> + case CRYPTO_RIPEMD160_HMAC: > >> + case CRYPTO_SHA2_256_HMAC: > >> + case CRYPTO_SHA2_384_HMAC: > >> + case CRYPTO_SHA2_512_HMAC: > >> + break; > >> + default: > >> + return (false); > >> + } > >> + } > >> + return (true); > >> +} > >> +#endif > >> + > >> static __inline u_int > >> g_eli_keylen(u_int algo, u_int keylen) > >> { > >> [... snip ...] > > > > eli_metadata_crypto_supported is defined here, but unused in most > > compilation units that include g_eli.h, resulting in some amount of > > noise: > > > > In file included from /usr/src/sys/geom/eli/g_eli_crypto.c:46: > > /usr/src/sys/geom/eli/g_eli.h:511:1: warning: unused function > > 'eli_metadata_crypto_supported' [-Wunused-function] > > eli_metadata_crypto_supported(const struct g_eli_metadata *md) > > > > (repeat for g_eli_hmac.c, g_eli_integrity.c, g_eli_key.c, > > g_eli_key_cache.c, g_eli_privacy.c, pkcs5v2.c) > > > > Given that it's probably not in danger of silently going away and not > > getting removed, any objection to marking it __unused to squelch the > > warnings? > > Oh, rather, I should mark it __inline. There are several other functions > in g_eli.h that are similarly not always used, but they are marked __inline > which is how they avoid the warning. >
Works for me. =-) Thanks! _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
