移去rt

hc

2023-12-08 01573e231f18eb2d99162747186f59511f56b64d

 kernel/include/linux/blk-crypto.h
..
..
@@ -6,13 +6,93 @@
6
6
 #ifndef __LINUX_BLK_CRYPTO_H
7
7
 #define __LINUX_BLK_CRYPTO_H
8
8
 
9
-#include <linux/bio.h>
9
+#include <linux/types.h>
10
+
11
+enum blk_crypto_mode_num {
12
+	BLK_ENCRYPTION_MODE_INVALID,
13
+	BLK_ENCRYPTION_MODE_AES_256_XTS,
14
+	BLK_ENCRYPTION_MODE_AES_128_CBC_ESSIV,
15
+	BLK_ENCRYPTION_MODE_ADIANTUM,
16
+	BLK_ENCRYPTION_MODE_MAX,
17
+};
18
+
19
+#define BLK_CRYPTO_MAX_KEY_SIZE		64
20
+#define BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE                128
21
+
22
+/**
23
+ * struct blk_crypto_config - an inline encryption key's crypto configuration
24
+ * @crypto_mode: encryption algorithm this key is for
25
+ * @data_unit_size: the data unit size for all encryption/decryptions with this
26
+ *	key.  This is the size in bytes of each individual plaintext and
27
+ *	ciphertext.  This is always a power of 2.  It might be e.g. the
28
+ *	filesystem block size or the disk sector size.
29
+ * @dun_bytes: the maximum number of bytes of DUN used when using this key
30
+ * @is_hw_wrapped: @raw points to a wrapped key to be used by an inline
31
+ *	encryption hardware that accepts wrapped keys.
32
+ */
33
+struct blk_crypto_config {
34
+	enum blk_crypto_mode_num crypto_mode;
35
+	unsigned int data_unit_size;
36
+	unsigned int dun_bytes;
37
+	bool is_hw_wrapped;
38
+};
39
+
40
+/**
41
+ * struct blk_crypto_key - an inline encryption key
42
+ * @crypto_cfg: the crypto configuration (like crypto_mode, key size) for this
43
+ *		key
44
+ * @data_unit_size_bits: log2 of data_unit_size
45
+ * @size: size of this key in bytes (determined by @crypto_cfg.crypto_mode)
46
+ * @raw: the raw bytes of this key.  Only the first @size bytes are used.
47
+ *
48
+ * A blk_crypto_key is immutable once created, and many bios can reference it at
49
+ * the same time.  It must not be freed until all bios using it have completed
50
+ * and it has been evicted from all devices on which it may have been used.
51
+ */
52
+struct blk_crypto_key {
53
+	struct blk_crypto_config crypto_cfg;
54
+	unsigned int data_unit_size_bits;
55
+	unsigned int size;
56
+	u8 raw[BLK_CRYPTO_MAX_WRAPPED_KEY_SIZE];
57
+};
58
+
59
+#define BLK_CRYPTO_MAX_IV_SIZE		32
60
+#define BLK_CRYPTO_DUN_ARRAY_SIZE	(BLK_CRYPTO_MAX_IV_SIZE / sizeof(u64))
61
+
62
+/**
63
+ * struct bio_crypt_ctx - an inline encryption context
64
+ * @bc_key: the key, algorithm, and data unit size to use
65
+ * @bc_dun: the data unit number (starting IV) to use
66
+ *
67
+ * A bio_crypt_ctx specifies that the contents of the bio will be encrypted (for
68
+ * write requests) or decrypted (for read requests) inline by the storage device
69
+ * or controller, or by the crypto API fallback.
70
+ */
71
+struct bio_crypt_ctx {
72
+	const struct blk_crypto_key	*bc_key;
73
+	u64				bc_dun[BLK_CRYPTO_DUN_ARRAY_SIZE];
74
+};
75
+
76
+#include <linux/blk_types.h>
77
+#include <linux/blkdev.h>
78
+
79
+struct request;
80
+struct request_queue;
10
81
 
11
82
 #ifdef CONFIG_BLK_INLINE_ENCRYPTION
12
83
 
13
-int blk_crypto_submit_bio(struct bio **bio_ptr);
84
+static inline bool bio_has_crypt_ctx(struct bio *bio)
85
+{
86
+	return bio->bi_crypt_context;
87
+}
14
88
 
15
-bool blk_crypto_endio(struct bio *bio);
89
+void bio_crypt_set_ctx(struct bio *bio, const struct blk_crypto_key *key,
90
+		       const u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE],
91
+		       gfp_t gfp_mask);
92
+
93
+bool bio_crypt_dun_is_contiguous(const struct bio_crypt_ctx *bc,
94
+				 unsigned int bytes,
95
+				 const u64 next_dun[BLK_CRYPTO_DUN_ARRAY_SIZE]);
16
96
 
17
97
 int blk_crypto_init_key(struct blk_crypto_key *blk_key,
18
98
 			const u8 *raw_key, unsigned int raw_key_size,
..
..
@@ -21,40 +101,78 @@
21
101
 			unsigned int dun_bytes,
22
102
 			unsigned int data_unit_size);
23
103
 
24
-int blk_crypto_start_using_mode(enum blk_crypto_mode_num crypto_mode,
25
-				unsigned int dun_bytes,
26
-				unsigned int data_unit_size,
27
-				bool is_hw_wrapped_key,
28
-				struct request_queue *q);
104
+int blk_crypto_start_using_key(const struct blk_crypto_key *key,
105
+			       struct request_queue *q);
29
106
 
30
107
 int blk_crypto_evict_key(struct request_queue *q,
31
108
 			 const struct blk_crypto_key *key);
32
109
 
110
+bool blk_crypto_config_supported(struct request_queue *q,
111
+				 const struct blk_crypto_config *cfg);
112
+
33
113
 #else /* CONFIG_BLK_INLINE_ENCRYPTION */
34
114
 
35
-static inline int blk_crypto_submit_bio(struct bio **bio_ptr)
115
+static inline bool bio_has_crypt_ctx(struct bio *bio)
36
116
 {
37
-	return 0;
38
-}
39
-
40
-static inline bool blk_crypto_endio(struct bio *bio)
41
-{
42
-	return true;
117
+	return false;
43
118
 }
44
119
 
45
120
 #endif /* CONFIG_BLK_INLINE_ENCRYPTION */
46
121
 
47
-#ifdef CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK
122
+static inline void bio_clone_skip_dm_default_key(struct bio *dst,
123
+						 const struct bio *src);
48
124
 
49
-int blk_crypto_fallback_init(void);
50
-
51
-#else /* CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK */
52
-
53
-static inline int blk_crypto_fallback_init(void)
125
+int __bio_crypt_clone(struct bio *dst, struct bio *src, gfp_t gfp_mask);
126
+/**
127
+ * bio_crypt_clone - clone bio encryption context
128
+ * @dst: destination bio
129
+ * @src: source bio
130
+ * @gfp_mask: memory allocation flags
131
+ *
132
+ * If @src has an encryption context, clone it to @dst.
133
+ *
134
+ * Return: 0 on success, -ENOMEM if out of memory.  -ENOMEM is only possible if
135
+ *	   @gfp_mask doesn't include %__GFP_DIRECT_RECLAIM.
136
+ */
137
+static inline int bio_crypt_clone(struct bio *dst, struct bio *src,
138
+				  gfp_t gfp_mask)
54
139
 {
140
+	bio_clone_skip_dm_default_key(dst, src);
141
+	if (bio_has_crypt_ctx(src))
142
+		return __bio_crypt_clone(dst, src, gfp_mask);
55
143
 	return 0;
56
144
 }
57
145
 
58
-#endif /* CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK */
146
+#if IS_ENABLED(CONFIG_DM_DEFAULT_KEY)
147
+static inline void bio_set_skip_dm_default_key(struct bio *bio)
148
+{
149
+	bio->bi_skip_dm_default_key = true;
150
+}
151
+
152
+static inline bool bio_should_skip_dm_default_key(const struct bio *bio)
153
+{
154
+	return bio->bi_skip_dm_default_key;
155
+}
156
+
157
+static inline void bio_clone_skip_dm_default_key(struct bio *dst,
158
+						 const struct bio *src)
159
+{
160
+	dst->bi_skip_dm_default_key = src->bi_skip_dm_default_key;
161
+}
162
+#else /* CONFIG_DM_DEFAULT_KEY */
163
+static inline void bio_set_skip_dm_default_key(struct bio *bio)
164
+{
165
+}
166
+
167
+static inline bool bio_should_skip_dm_default_key(const struct bio *bio)
168
+{
169
+	return false;
170
+}
171
+
172
+static inline void bio_clone_skip_dm_default_key(struct bio *dst,
173
+						 const struct bio *src)
174
+{
175
+}
176
+#endif /* !CONFIG_DM_DEFAULT_KEY */
59
177
 
60
178
 #endif /* __LINUX_BLK_CRYPTO_H */