master key nonce

crypto.c

@@ -56,14 +56,18 @@ void derive_passphrase(struct bcache_key *key, const char *passphrase)
 		die("scrypt error: %i", ret);
 }
 
-void disk_key_encrypt(struct bcache_disk_key *disk_key,
+void disk_key_encrypt(struct cache_sb *sb,
+		      struct bcache_disk_key *disk_key,
 		      struct bcache_key *key)
 {
+	__le32 nonce[2];
 	int ret;
 
+	memcpy(nonce, &sb->set_magic, sizeof(sb->set_magic));
+
 	ret = crypto_stream_chacha20_xor((void *) disk_key,
 					 (void *) disk_key, sizeof(*disk_key),
-					 (void *) &bch_master_key_nonce,
+					 (void *) nonce,
 					 (void *) key);
 	if (ret)
 		die("chacha20 error: %i", ret);

crypto.h

@@ -17,7 +17,8 @@ static const struct nonce bch_master_key_nonce	= BCACHE_MASTER_KEY_NONCE;
 
 char *read_passphrase(const char *);
 void derive_passphrase(struct bcache_key *, const char *);
-void disk_key_encrypt(struct bcache_disk_key *, struct bcache_key *);
+void disk_key_encrypt(struct cache_sb *sb, struct bcache_disk_key *,
+		      struct bcache_key *);
 void disk_key_init(struct bcache_disk_key *);
 
 #endif /* _CRYPTO_H */

libbcache.c

@@ -126,13 +126,15 @@ void bcache_format(struct dev_opts *devs, size_t nr_devs,
 	SET_CACHE_SET_DATA_REPLICAS_HAVE(sb,	data_replicas);
 	SET_CACHE_SET_ERROR_ACTION(sb,		on_error_action);
 
+	SET_CACHE_SET_STR_HASH_TYPE(sb, BCH_STR_HASH_SIPHASH);
+
 	if (passphrase) {
 		struct bcache_key key;
 		struct bcache_disk_key disk_key;
 
 		derive_passphrase(&key, passphrase);
 		disk_key_init(&disk_key);
-		disk_key_encrypt(&disk_key, &key);
+		disk_key_encrypt(sb, &disk_key, &key);
 
 		memcpy(sb->encryption_key, &disk_key, sizeof(disk_key));
 		SET_CACHE_SET_ENCRYPTION_TYPE(sb, 1);