eCryptfs: set inode key only once per crypto operation
authorTrevor Highland <trevor.highland@gmail.com>
Wed, 6 Feb 2008 09:38:33 +0000 (01:38 -0800)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Wed, 6 Feb 2008 18:41:12 +0000 (10:41 -0800)
There is no need to keep re-setting the same key for any given eCryptfs inode.
This patch optimizes the use of the crypto API and helps performance a bit.

Signed-off-by: Trevor Highland <trevor.highland@gmail.com>
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/ecryptfs/crypto.c
fs/ecryptfs/ecryptfs_kernel.h

index 4d1b2b4eb79ecf4b634e926ba39115d71b3e1e22..7eaa395a77bd95b23f0f71dec575c003220e5f10 100644 (file)
@@ -355,8 +355,11 @@ static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
        }
        /* Consider doing this once, when the file is opened */
        mutex_lock(&crypt_stat->cs_tfm_mutex);
-       rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
-                                    crypt_stat->key_size);
+       if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
+               rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
+                                            crypt_stat->key_size);
+               crypt_stat->flags |= ECRYPTFS_KEY_SET;
+       }
        if (rc) {
                ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
                                rc);
index 3d637e9ca36a7cdbc99e07fbf2a87f7ab3b3a116..2a6103954c1e420a921985ab6c84b305b7b87180 100644 (file)
@@ -234,6 +234,7 @@ struct ecryptfs_crypt_stat {
 #define ECRYPTFS_KEY_VALID          0x00000080
 #define ECRYPTFS_METADATA_IN_XATTR  0x00000100
 #define ECRYPTFS_VIEW_AS_ENCRYPTED  0x00000200
+#define ECRYPTFS_KEY_SET            0x00000400
        u32 flags;
        unsigned int file_version;
        size_t iv_bytes;