mirror of
https://github.com/torvalds/linux.git
synced 2026-06-07 05:55:44 +02:00
c2b86b727a
The block layer patches for inline encryption are now in upstream, so
update Android to the upstream version of inline encryption. The
fscrypt/f2fs/ext4 patches are also updated to the latest version sent
upstream (since they can't be updated separately from the block layer
patches).
Changes v6 => v7:
- Keyslot management is now done on a per-request basis rather than a
per-bio basis.
- Storage drivers can now specify the maximum number of bytes they
can accept for the data unit number (DUN) for each crypto algorithm,
and upper layers can specify the minimum number of bytes of DUN they
want with the blk_crypto_key they send with the bio - a driver is
only considered to support a blk_crypto_key if the driver supports at
least as many DUN bytes as the upper layer wants. This is necessary
because storage drivers may not support as many bytes as the
algorithm specification dictates (for e.g. UFS only supports 8 byte
DUNs for AES-256-XTS, even though the algorithm specification
says DUNs are 16 bytes long).
- Introduce SB_INLINECRYPT to keep track of whether inline encryption
is enabled for a filesystem (instead of using an fscrypt_operation).
- Expose keyslot manager declaration and embed it within ufs_hba to
clean up code.
- Make blk-crypto preclude blk-integrity.
- Some bug fixes
- Introduce UFSHCD_QUIRK_BROKEN_CRYPTO for UFS drivers that don't
support inline encryption (yet)
Changes v7 => v8:
- Pass a struct blk_ksm_keyslot * around instead of slot numbers which
simplifies some functions and passes around arguments with better types
- Make bios with no encryption context avoid making calls into blk-crypto
by checking for the presence of bi_crypt_context before making the call
- Make blk-integrity preclude inline encryption support at probe time
- Many many cleanups
Changes v8 => v9:
- Don't open code bio_has_crypt_ctx into callers of blk-crypto functions.
- Lots of cleanups
Changes v9 => v10:
- Incorporate Eric's fix for allowing en/decryption to happen as usual via
fscrypt in the case that hardware doesn't support the desired crypto
configuration, but blk-crypto-fallback is disabled. (Introduce
struct blk_crypto_config and blk_crypto_config_supported for fscrypt
to call, to check that either blk-crypto-fallback is enabled or the
device supports the crypto configuration).
- Update docs
- Lots of cleanups
Changes v10 => v11:
- We now allocate a new bio_crypt_ctx for each request instead of
pulling and reusing the one in the bio inserted into the request. The
bio_crypt_ctx of a bio is freed after the bio is ended.
- Make each blk_ksm_keyslot store a pointer to the blk_crypto_key
instead of a copy of the blk_crypto_key, so that each blk_crypto_key
will have its own keyslot. We also won't need to compute the siphash
for a blk_crypto_key anymore.
- Minor cleanups
Changes v11 => v12:
- Inlined some fscrypt functions
- Minor cleanups and improved comments
Changes v12 => v13:
- Updated docs
- Minor cleanups
- rebased onto linux-block/for-next
Changes v13 => fscrypt/f2fs/ext4 upstream patch series
- rename struct fscrypt_info::ci_key to ci_enc_key
- set dun bytes more precisely in fscrypt
- cleanups
Bug: 137270441
Test: Test cuttlefish boots both with and without inlinecrypt mount
option specified in fstab, while using both F2FS and EXT4 for
userdata.img. Also verified ciphertext via
"atest -v vts_kernel_encryption_test"
Also tested by running gce-xfstests on both the
auto and encrypt test groups on EXT4 and F2FS both with and
without the inlinecrypt mount option. The UFS changes were
tested on a Pixel 4 device.
Link: https://lore.kernel.org/linux-block/20200514003727.69001-1-satyat@google.com/
Link: https://lore.kernel.org/linux-fscrypt/20200617075732.213198-1-satyat@google.com/
Link: https://lore.kernel.org/linux-scsi/20200617081841.218985-1-satyat@google.com/
Change-Id: I57c10d370bf006c9dfcf173f21a720413017761e
Signed-off-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
202 lines
5.0 KiB
C
202 lines
5.0 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Copyright 2019 Google LLC
|
|
*/
|
|
|
|
#ifndef __LINUX_BLK_CRYPTO_INTERNAL_H
|
|
#define __LINUX_BLK_CRYPTO_INTERNAL_H
|
|
|
|
#include <linux/bio.h>
|
|
#include <linux/blkdev.h>
|
|
|
|
/* Represents a crypto mode supported by blk-crypto */
|
|
struct blk_crypto_mode {
|
|
const char *cipher_str; /* crypto API name (for fallback case) */
|
|
unsigned int keysize; /* key size in bytes */
|
|
unsigned int ivsize; /* iv size in bytes */
|
|
};
|
|
|
|
extern const struct blk_crypto_mode blk_crypto_modes[];
|
|
|
|
#ifdef CONFIG_BLK_INLINE_ENCRYPTION
|
|
|
|
void bio_crypt_dun_increment(u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE],
|
|
unsigned int inc);
|
|
|
|
bool bio_crypt_rq_ctx_compatible(struct request *rq, struct bio *bio);
|
|
|
|
bool bio_crypt_ctx_mergeable(struct bio_crypt_ctx *bc1, unsigned int bc1_bytes,
|
|
struct bio_crypt_ctx *bc2);
|
|
|
|
static inline bool bio_crypt_ctx_back_mergeable(struct request *req,
|
|
struct bio *bio)
|
|
{
|
|
return bio_crypt_ctx_mergeable(req->crypt_ctx, blk_rq_bytes(req),
|
|
bio->bi_crypt_context);
|
|
}
|
|
|
|
static inline bool bio_crypt_ctx_front_mergeable(struct request *req,
|
|
struct bio *bio)
|
|
{
|
|
return bio_crypt_ctx_mergeable(bio->bi_crypt_context,
|
|
bio->bi_iter.bi_size, req->crypt_ctx);
|
|
}
|
|
|
|
static inline bool bio_crypt_ctx_merge_rq(struct request *req,
|
|
struct request *next)
|
|
{
|
|
return bio_crypt_ctx_mergeable(req->crypt_ctx, blk_rq_bytes(req),
|
|
next->crypt_ctx);
|
|
}
|
|
|
|
static inline void blk_crypto_rq_set_defaults(struct request *rq)
|
|
{
|
|
rq->crypt_ctx = NULL;
|
|
rq->crypt_keyslot = NULL;
|
|
}
|
|
|
|
static inline bool blk_crypto_rq_is_encrypted(struct request *rq)
|
|
{
|
|
return rq->crypt_ctx;
|
|
}
|
|
|
|
#else /* CONFIG_BLK_INLINE_ENCRYPTION */
|
|
|
|
static inline bool bio_crypt_rq_ctx_compatible(struct request *rq,
|
|
struct bio *bio)
|
|
{
|
|
return true;
|
|
}
|
|
|
|
static inline bool bio_crypt_ctx_front_mergeable(struct request *req,
|
|
struct bio *bio)
|
|
{
|
|
return true;
|
|
}
|
|
|
|
static inline bool bio_crypt_ctx_back_mergeable(struct request *req,
|
|
struct bio *bio)
|
|
{
|
|
return true;
|
|
}
|
|
|
|
static inline bool bio_crypt_ctx_merge_rq(struct request *req,
|
|
struct request *next)
|
|
{
|
|
return true;
|
|
}
|
|
|
|
static inline void blk_crypto_rq_set_defaults(struct request *rq) { }
|
|
|
|
static inline bool blk_crypto_rq_is_encrypted(struct request *rq)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
#endif /* CONFIG_BLK_INLINE_ENCRYPTION */
|
|
|
|
void __bio_crypt_advance(struct bio *bio, unsigned int bytes);
|
|
static inline void bio_crypt_advance(struct bio *bio, unsigned int bytes)
|
|
{
|
|
if (bio_has_crypt_ctx(bio))
|
|
__bio_crypt_advance(bio, bytes);
|
|
}
|
|
|
|
void __bio_crypt_free_ctx(struct bio *bio);
|
|
static inline void bio_crypt_free_ctx(struct bio *bio)
|
|
{
|
|
if (bio_has_crypt_ctx(bio))
|
|
__bio_crypt_free_ctx(bio);
|
|
}
|
|
|
|
static inline void bio_crypt_do_front_merge(struct request *rq,
|
|
struct bio *bio)
|
|
{
|
|
#ifdef CONFIG_BLK_INLINE_ENCRYPTION
|
|
if (bio_has_crypt_ctx(bio))
|
|
memcpy(rq->crypt_ctx->bc_dun, bio->bi_crypt_context->bc_dun,
|
|
sizeof(rq->crypt_ctx->bc_dun));
|
|
#endif
|
|
}
|
|
|
|
bool __blk_crypto_bio_prep(struct bio **bio_ptr);
|
|
static inline bool blk_crypto_bio_prep(struct bio **bio_ptr)
|
|
{
|
|
if (bio_has_crypt_ctx(*bio_ptr))
|
|
return __blk_crypto_bio_prep(bio_ptr);
|
|
return true;
|
|
}
|
|
|
|
blk_status_t __blk_crypto_init_request(struct request *rq);
|
|
static inline blk_status_t blk_crypto_init_request(struct request *rq)
|
|
{
|
|
if (blk_crypto_rq_is_encrypted(rq))
|
|
return __blk_crypto_init_request(rq);
|
|
return BLK_STS_OK;
|
|
}
|
|
|
|
void __blk_crypto_free_request(struct request *rq);
|
|
static inline void blk_crypto_free_request(struct request *rq)
|
|
{
|
|
if (blk_crypto_rq_is_encrypted(rq))
|
|
__blk_crypto_free_request(rq);
|
|
}
|
|
|
|
void __blk_crypto_rq_bio_prep(struct request *rq, struct bio *bio,
|
|
gfp_t gfp_mask);
|
|
static inline void blk_crypto_rq_bio_prep(struct request *rq, struct bio *bio,
|
|
gfp_t gfp_mask)
|
|
{
|
|
if (bio_has_crypt_ctx(bio))
|
|
__blk_crypto_rq_bio_prep(rq, bio, gfp_mask);
|
|
}
|
|
|
|
/**
|
|
* blk_crypto_insert_cloned_request - Prepare a cloned request to be inserted
|
|
* into a request queue.
|
|
* @rq: the request being queued
|
|
*
|
|
* Return: BLK_STS_OK on success, nonzero on error.
|
|
*/
|
|
static inline blk_status_t blk_crypto_insert_cloned_request(struct request *rq)
|
|
{
|
|
|
|
if (blk_crypto_rq_is_encrypted(rq))
|
|
return blk_crypto_init_request(rq);
|
|
return BLK_STS_OK;
|
|
}
|
|
|
|
#ifdef CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK
|
|
|
|
int blk_crypto_fallback_start_using_mode(enum blk_crypto_mode_num mode_num);
|
|
|
|
bool blk_crypto_fallback_bio_prep(struct bio **bio_ptr);
|
|
|
|
int blk_crypto_fallback_evict_key(const struct blk_crypto_key *key);
|
|
|
|
#else /* CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK */
|
|
|
|
static inline int
|
|
blk_crypto_fallback_start_using_mode(enum blk_crypto_mode_num mode_num)
|
|
{
|
|
pr_warn_once("crypto API fallback is disabled\n");
|
|
return -ENOPKG;
|
|
}
|
|
|
|
static inline bool blk_crypto_fallback_bio_prep(struct bio **bio_ptr)
|
|
{
|
|
pr_warn_once("crypto API fallback disabled; failing request.\n");
|
|
(*bio_ptr)->bi_status = BLK_STS_NOTSUPP;
|
|
return false;
|
|
}
|
|
|
|
static inline int
|
|
blk_crypto_fallback_evict_key(const struct blk_crypto_key *key)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
#endif /* CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK */
|
|
|
|
#endif /* __LINUX_BLK_CRYPTO_INTERNAL_H */
|