移去rt

hc

2023-12-08 01573e231f18eb2d99162747186f59511f56b64d

 kernel/include/linux/keyslot-manager.h
..
..
@@ -7,6 +7,7 @@
7
7
 #define __LINUX_KEYSLOT_MANAGER_H
8
8
 
9
9
 #include <linux/bio.h>
10
+#include <linux/blk-crypto.h>
10
11
 
11
12
 /* Inline crypto feature bits.  Must set at least one. */
12
13
 enum {
..
..
@@ -17,12 +18,10 @@
17
18
 	BLK_CRYPTO_FEATURE_WRAPPED_KEYS = BIT(1),
18
19
 };
19
20
 
20
-#ifdef CONFIG_BLK_INLINE_ENCRYPTION
21
-
22
-struct keyslot_manager;
21
+struct blk_keyslot_manager;
23
22
 
24
23
 /**
25
- * struct keyslot_mgmt_ll_ops - functions to manage keyslots in hardware
24
+ * struct blk_ksm_ll_ops - functions to manage keyslots in hardware
26
25
  * @keyslot_program:	Program the specified key into the specified slot in the
27
26
  *			inline encryption hardware.
28
27
  * @keyslot_evict:	Evict key from the specified keyslot in the hardware.
..
..
@@ -37,67 +36,112 @@
37
36
  * a keyslot manager - this structure holds the function ptrs that the keyslot
38
37
  * manager will use to manipulate keyslots in the hardware.
39
38
  */
40
-struct keyslot_mgmt_ll_ops {
41
-	int (*keyslot_program)(struct keyslot_manager *ksm,
39
+struct blk_ksm_ll_ops {
40
+	int (*keyslot_program)(struct blk_keyslot_manager *ksm,
42
41
 			       const struct blk_crypto_key *key,
43
42
 			       unsigned int slot);
44
-	int (*keyslot_evict)(struct keyslot_manager *ksm,
43
+	int (*keyslot_evict)(struct blk_keyslot_manager *ksm,
45
44
 			     const struct blk_crypto_key *key,
46
45
 			     unsigned int slot);
47
-	int (*derive_raw_secret)(struct keyslot_manager *ksm,
46
+	int (*derive_raw_secret)(struct blk_keyslot_manager *ksm,
48
47
 				 const u8 *wrapped_key,
49
48
 				 unsigned int wrapped_key_size,
50
49
 				 u8 *secret, unsigned int secret_size);
51
50
 };
52
51
 
53
-struct keyslot_manager *keyslot_manager_create(
54
-	struct device *dev,
55
-	unsigned int num_slots,
56
-	const struct keyslot_mgmt_ll_ops *ksm_ops,
57
-	unsigned int features,
58
-	const unsigned int crypto_mode_supported[BLK_ENCRYPTION_MODE_MAX],
59
-	void *ll_priv_data);
52
+struct blk_keyslot_manager {
53
+	/*
54
+	 * The struct blk_ksm_ll_ops that this keyslot manager will use
55
+	 * to perform operations like programming and evicting keys on the
56
+	 * device
57
+	 */
58
+	struct blk_ksm_ll_ops ksm_ll_ops;
60
59
 
61
-void keyslot_manager_set_max_dun_bytes(struct keyslot_manager *ksm,
62
-				       unsigned int max_dun_bytes);
60
+	/*
61
+	 * The maximum number of bytes supported for specifying the data unit
62
+	 * number.
63
+	 */
64
+	unsigned int max_dun_bytes_supported;
63
65
 
64
-int keyslot_manager_get_slot_for_key(struct keyslot_manager *ksm,
65
-				     const struct blk_crypto_key *key);
66
+	/*
67
+	 * The supported features as a bitmask of BLK_CRYPTO_FEATURE_* flags.
68
+	 * Most drivers should set BLK_CRYPTO_FEATURE_STANDARD_KEYS here.
69
+	 */
70
+	unsigned int features;
66
71
 
67
-void keyslot_manager_get_slot(struct keyslot_manager *ksm, unsigned int slot);
72
+	/*
73
+	 * Array of size BLK_ENCRYPTION_MODE_MAX of bitmasks that represents
74
+	 * whether a crypto mode and data unit size are supported. The i'th
75
+	 * bit of crypto_mode_supported[crypto_mode] is set iff a data unit
76
+	 * size of (1 << i) is supported. We only support data unit sizes
77
+	 * that are powers of 2.
78
+	 */
79
+	unsigned int crypto_modes_supported[BLK_ENCRYPTION_MODE_MAX];
68
80
 
69
-void keyslot_manager_put_slot(struct keyslot_manager *ksm, unsigned int slot);
81
+	/* Device for runtime power management (NULL if none) */
82
+	struct device *dev;
70
83
 
71
-bool keyslot_manager_crypto_mode_supported(struct keyslot_manager *ksm,
72
-					   enum blk_crypto_mode_num crypto_mode,
73
-					   unsigned int dun_bytes,
74
-					   unsigned int data_unit_size,
75
-					   bool is_hw_wrapped_key);
84
+	/* Here onwards are *private* fields for internal keyslot manager use */
76
85
 
77
-int keyslot_manager_evict_key(struct keyslot_manager *ksm,
78
-			      const struct blk_crypto_key *key);
86
+	unsigned int num_slots;
79
87
 
80
-void keyslot_manager_reprogram_all_keys(struct keyslot_manager *ksm);
88
+	/* Protects programming and evicting keys from the device */
89
+	struct rw_semaphore lock;
81
90
 
82
-void *keyslot_manager_private(struct keyslot_manager *ksm);
91
+	/* List of idle slots, with least recently used slot at front */
92
+	wait_queue_head_t idle_slots_wait_queue;
93
+	struct list_head idle_slots;
94
+	spinlock_t idle_slots_lock;
83
95
 
84
-void keyslot_manager_destroy(struct keyslot_manager *ksm);
96
+	/*
97
+	 * Hash table which maps struct *blk_crypto_key to keyslots, so that we
98
+	 * can find a key's keyslot in O(1) time rather than O(num_slots).
99
+	 * Protected by 'lock'.
100
+	 */
101
+	struct hlist_head *slot_hashtable;
102
+	unsigned int log_slot_ht_size;
85
103
 
86
-struct keyslot_manager *keyslot_manager_create_passthrough(
87
-	struct device *dev,
88
-	const struct keyslot_mgmt_ll_ops *ksm_ops,
89
-	unsigned int features,
90
-	const unsigned int crypto_mode_supported[BLK_ENCRYPTION_MODE_MAX],
91
-	void *ll_priv_data);
104
+	/* Per-keyslot data */
105
+	struct blk_ksm_keyslot *slots;
106
+};
92
107
 
93
-void keyslot_manager_intersect_modes(struct keyslot_manager *parent,
94
-				     const struct keyslot_manager *child);
108
+int blk_ksm_init(struct blk_keyslot_manager *ksm, unsigned int num_slots);
95
109
 
96
-int keyslot_manager_derive_raw_secret(struct keyslot_manager *ksm,
97
-				      const u8 *wrapped_key,
98
-				      unsigned int wrapped_key_size,
99
-				      u8 *secret, unsigned int secret_size);
110
+int devm_blk_ksm_init(struct device *dev, struct blk_keyslot_manager *ksm,
111
+		      unsigned int num_slots);
100
112
 
101
-#endif /* CONFIG_BLK_INLINE_ENCRYPTION */
113
+blk_status_t blk_ksm_get_slot_for_key(struct blk_keyslot_manager *ksm,
114
+				      const struct blk_crypto_key *key,
115
+				      struct blk_ksm_keyslot **slot_ptr);
116
+
117
+unsigned int blk_ksm_get_slot_idx(struct blk_ksm_keyslot *slot);
118
+
119
+void blk_ksm_put_slot(struct blk_ksm_keyslot *slot);
120
+
121
+bool blk_ksm_crypto_cfg_supported(struct blk_keyslot_manager *ksm,
122
+				  const struct blk_crypto_config *cfg);
123
+
124
+int blk_ksm_evict_key(struct blk_keyslot_manager *ksm,
125
+		      const struct blk_crypto_key *key);
126
+
127
+void blk_ksm_reprogram_all_keys(struct blk_keyslot_manager *ksm);
128
+
129
+void blk_ksm_destroy(struct blk_keyslot_manager *ksm);
130
+
131
+int blk_ksm_derive_raw_secret(struct blk_keyslot_manager *ksm,
132
+			      const u8 *wrapped_key,
133
+			      unsigned int wrapped_key_size,
134
+			      u8 *secret, unsigned int secret_size);
135
+
136
+void blk_ksm_intersect_modes(struct blk_keyslot_manager *parent,
137
+			     const struct blk_keyslot_manager *child);
138
+
139
+void blk_ksm_init_passthrough(struct blk_keyslot_manager *ksm);
140
+
141
+bool blk_ksm_is_superset(struct blk_keyslot_manager *ksm_superset,
142
+			 struct blk_keyslot_manager *ksm_subset);
143
+
144
+void blk_ksm_update_capabilities(struct blk_keyslot_manager *target_ksm,
145
+				 struct blk_keyslot_manager *reference_ksm);
102
146
 
103
147
 #endif /* __LINUX_KEYSLOT_MANAGER_H */