From patchwork Wed Sep 9 23:44:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11766407 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3F1C914F6 for ; Thu, 10 Sep 2020 02:35:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1DE6B2145D for ; Thu, 10 Sep 2020 02:35:48 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="BOG+kNGE" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730855AbgIJCfn (ORCPT ); Wed, 9 Sep 2020 22:35:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57430 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730466AbgIJCdy (ORCPT ); Wed, 9 Sep 2020 22:33:54 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BC4AEC0617BE for ; Wed, 9 Sep 2020 16:44:32 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id r22so2816691pgk.14 for ; Wed, 09 Sep 2020 16:44:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=ebS6PiGWixaTBhYeaEc/zhiWarm78MJMQVZ5bZI+E3I=; b=BOG+kNGESKRaoSgVqWO2gB6H+qQyuA+/z1t1jG8ciNt94j4+5sMLPcpgQFoke0UJZI x801tPFdvaDo94tUeXboGCfKL++3yiTEg0yCJZhvbdSlfaweLFIylfFYFX+J5dVzjE2w eXjccl7NF4fgBv56mggpioFS9yeI1dMYxW4a1BkDOGhkXKeKTEPnbeJqeFTTfL0kdzr/ FdV1mAIDvAJEjQYZy0zEx+/lalYwev3E6o3GTUExEmElGm1t8OLpJMBu5+/w4yWr6S0J HtYThjAfEIw6/JqR4w1CqhHrKiUbYcniYXlXCKLqUWMK06zD7tNG2IdfzPmqQXprCTYn xAsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ebS6PiGWixaTBhYeaEc/zhiWarm78MJMQVZ5bZI+E3I=; b=I/E32jNi8Ma7ijpGwpslQKaAd247IsoJZx/P4TF6OFRp8B9Mg2Z8XZCjwuJFccfr0E N5o62BNHK2ACsQaNkvAcs/wghbeqFD7W6cosgZi/w57XKgPX3JWzvSg2+GVM3XbePXxS WtcnFLEJblvGpJTkFjrOC61lh3Iv77tYqjNWgMH6j0dkvFESs3jvu7bcreIaVZyEeDgj KZUCL/FObKaZ0hOhE8I/q4T0UG5p/8NorNC6H/w2rX7vZkuVrq5aS4bSAOwBH7ZPrhoQ IN0gw0Qbckv5nI2YApLeqjY9fyKckr/JXTG7vDZYbqjvgqWUCRCaQsIusLBDqQ81wZDu Fblg== X-Gm-Message-State: AOAM530ClHcXLoJbSl64GdkwpV0Ee4XRnNbc1IK4NW1iDeJo+YbnEl7W AUiyMMOa4aAHfLUG5m+HCx6Yf+5dzaEf3ePUqI90o2L9OKiUaCc45gRMngM0UI+/Jtew8qpzsR9 uA9SjO3sC4glSqPmx/mP3oytAYXFqLyHCFTauMDqyGSWecfP9fIPY/8epMtmcCWo0GOSU X-Google-Smtp-Source: ABdhPJyvq63o4Wpeo+ZPZJ2bBhb/p13PzGAtNwmcUOtqEpVa/QtHf09RXOxv8op6je00ssBQbZ5Cej9m9nQ= X-Received: from satyaprateek.c.googlers.com ([fda3:e722:ac3:10:24:72f4:c0a8:2d8e]) (user=satyat job=sendgmr) by 2002:a17:90b:15c6:: with SMTP id lh6mr245816pjb.0.1599695070812; Wed, 09 Sep 2020 16:44:30 -0700 (PDT) Date: Wed, 9 Sep 2020 23:44:20 +0000 In-Reply-To: <20200909234422.76194-1-satyat@google.com> Message-Id: <20200909234422.76194-2-satyat@google.com> Mime-Version: 1.0 References: <20200909234422.76194-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.526.ge36021eeef-goog Subject: [PATCH 1/3] block: keyslot-manager: Introduce passthrough keyslot manager From: Satya Tangirala To: linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, dm-devel@redhat.com Cc: Jens Axboe , Alasdair Kergon , Mike Snitzer , Eric Biggers , Satya Tangirala Sender: linux-block-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org The device mapper may map over devices that have inline encryption capabilities, and to make use of those capabilities, the DM device must itself advertise those inline encryption capabilities. One way to do this would be to have the DM device set up a keyslot manager with a "sufficiently large" number of keyslots, but that would use a lot of memory. Also, the DM device itself has no "keyslots", and it doesn't make much sense to talk about "programming a key into a DM device's keyslot manager", so all that extra memory used to represent those keyslots is just wasted. All a DM device really needs to be able to do is advertise the crypto capabilities of the underlying devices in a coherent manner and expose a way to evict keys from the underlying devices. There are also devices with inline encryption hardware that do not have a limited number of keyslots. One can send a raw encryption key along with a bio to these devices (as opposed to typical inline encryption hardware that require users to first program a raw encryption key into a keyslot, and send the index of that keyslot along with the bio). These devices also only need the same things from the keyslot manager that DM devices need - a way to advertise crypto capabilities and potentially a way to expose a function to evict keys from hardware. So we introduce a "passthrough" keyslot manager that provides a way to represent a keyslot manager that doesn't have just a limited number of keyslots, and for which do not require keys to be programmed into keyslots. DM devices can set up a passthrough keyslot manager in their request queues, and advertise appropriate crypto capabilities based on those of the underlying devices. Blk-crypto does not attempt to program keys into any keyslots in the passthrough keyslot manager. Instead, if/when the bio is resubmitted to the underlying device, blk-crypto will try to program the key into the underlying device's keyslot manager. Signed-off-by: Satya Tangirala --- block/keyslot-manager.c | 41 +++++++++++++++++++++++++++++++++ include/linux/keyslot-manager.h | 2 ++ 2 files changed, 43 insertions(+) diff --git a/block/keyslot-manager.c b/block/keyslot-manager.c index 35abcb1ec051..60ac406d54b9 100644 --- a/block/keyslot-manager.c +++ b/block/keyslot-manager.c @@ -62,6 +62,11 @@ static inline void blk_ksm_hw_exit(struct blk_keyslot_manager *ksm) pm_runtime_put_sync(ksm->dev); } +static inline bool blk_ksm_is_passthrough(struct blk_keyslot_manager *ksm) +{ + return ksm->num_slots == 0; +} + /** * blk_ksm_init() - Initialize a keyslot manager * @ksm: The keyslot_manager to initialize. @@ -198,6 +203,10 @@ blk_status_t blk_ksm_get_slot_for_key(struct blk_keyslot_manager *ksm, int err; *slot_ptr = NULL; + + if (blk_ksm_is_passthrough(ksm)) + return BLK_STS_OK; + down_read(&ksm->lock); slot = blk_ksm_find_and_grab_keyslot(ksm, key); up_read(&ksm->lock); @@ -318,6 +327,16 @@ int blk_ksm_evict_key(struct blk_keyslot_manager *ksm, struct blk_ksm_keyslot *slot; int err = 0; + if (blk_ksm_is_passthrough(ksm)) { + if (ksm->ksm_ll_ops.keyslot_evict) { + blk_ksm_hw_enter(ksm); + err = ksm->ksm_ll_ops.keyslot_evict(ksm, key, -1); + blk_ksm_hw_exit(ksm); + return err; + } + return 0; + } + blk_ksm_hw_enter(ksm); slot = blk_ksm_find_keyslot(ksm, key); if (!slot) @@ -353,6 +372,9 @@ void blk_ksm_reprogram_all_keys(struct blk_keyslot_manager *ksm) { unsigned int slot; + if (WARN_ON(blk_ksm_is_passthrough(ksm))) + return; + /* This is for device initialization, so don't resume the device */ down_write(&ksm->lock); for (slot = 0; slot < ksm->num_slots; slot++) { @@ -394,3 +416,22 @@ void blk_ksm_unregister(struct request_queue *q) { q->ksm = NULL; } + +/** + * blk_ksm_init_passthrough() - Init a passthrough keyslot manager + * @ksm: The keyslot manager to init + * + * Initialize a passthrough keyslot manager. + * Called by e.g. storage drivers to set up a keyslot manager in their + * request_queue, when the storage driver wants to manage its keys by itself. + * This is useful for inline encryption hardware that don't have a small fixed + * number of keyslots, and for layered devices. + * + * See blk_ksm_init() for more details about the parameters. + */ +void blk_ksm_init_passthrough(struct blk_keyslot_manager *ksm) +{ + memset(ksm, 0, sizeof(*ksm)); + init_rwsem(&ksm->lock); +} +EXPORT_SYMBOL_GPL(blk_ksm_init_passthrough); diff --git a/include/linux/keyslot-manager.h b/include/linux/keyslot-manager.h index 18f3f5346843..323e15dd6fa7 100644 --- a/include/linux/keyslot-manager.h +++ b/include/linux/keyslot-manager.h @@ -103,4 +103,6 @@ void blk_ksm_reprogram_all_keys(struct blk_keyslot_manager *ksm); void blk_ksm_destroy(struct blk_keyslot_manager *ksm); +void blk_ksm_init_passthrough(struct blk_keyslot_manager *ksm); + #endif /* __LINUX_KEYSLOT_MANAGER_H */ From patchwork Wed Sep 9 23:44:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11766399 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6C366112E for ; Thu, 10 Sep 2020 02:34:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 45E472087C for ; Thu, 10 Sep 2020 02:34:34 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="CNfeWydv" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730788AbgIJCeY (ORCPT ); Wed, 9 Sep 2020 22:34:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730541AbgIJCcb (ORCPT ); Wed, 9 Sep 2020 22:32:31 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E06C0C061383 for ; Wed, 9 Sep 2020 16:44:33 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id k3so3782015ybp.1 for ; Wed, 09 Sep 2020 16:44:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=Os3da9nFjMt73a4eualiesBSJv78kcIEnxCFYtpLmoI=; b=CNfeWydvw+qZ+wnfAvHjkgMhXVOVb1to35ASuzcBPiUvQ5WCQ+3X+k3LWA4wcHMRVD 1f9B1t5grGRJrS5SSOx9N+Xx5+d6PpP8oYm+RgHEYtymgxMROB+SArKfT9JKR5ZlpL1G 79OwZhwtWRWIYEqw0E5SsHA+A+xyCoWPZM2mKUMug0caTaxuQfraGVq5AqCQnOqhyC/w vn6KlJxvSyX2vqyX/w7ViSaxo/AGTlqdR3rBcyp44B1WHNDDyfvZ4IpXcqsLNrSFrX/0 SZX2jqAUKDPyQXHMmwq55FxxOC4R50uGmh/PWig7s8MaAwgF/OIpgWgXX8LVCatakten w9ZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Os3da9nFjMt73a4eualiesBSJv78kcIEnxCFYtpLmoI=; b=bacHoP4nMzCV4+Y6wJk8zdUBRAQ8G5u9EKSDwjPo6GBFjduhEkIXDQOhYffiG3SSCE tUkbDiYKnAkoaPHcr/Toq8Ygo8nMk6EJpDsaocAScJ42+3AiLJHCxyrJ0hI/MTM4okka eFhrS6tynK6vkRK7/gx3T+cQBpjIkRH9AGePmfVykWeCQjkGdVda4nYj+P09nIvI4WUz +4QI7SoieJErXLuNBHtDHRZImkKs99IG49cyerhTSjdSgcQZCZrm0WgJslNawEW8cSvu fJJEEtkIY6adN9vnbNh2W2mcLxxUcpwVifZET5paEKXDS/H34FNYTeJFkG5Pk7dwgCGY SpQQ== X-Gm-Message-State: AOAM531mlnZ/+7DtPa+cbQIRDgRD9DT3rCmaM0uyQgr8IeJNIVzhg+RK KUVcHnzpagjkV/AH0hN1LkDrWcbQdDPUS2aTUXQkR8FXHh//XmngLxoNXpSkmKX6gEfNA72u3E9 /CkzrwvUkLmx+xlnhTjuj+gCTUbCNI2r/3fgQc238biePnZl/ZVlCP4rMWfDY8Mbs+N3F X-Google-Smtp-Source: ABdhPJyzGBo5AelWEpWhdQPgVuFV2CqaWrUEA117nkxG0YAbUHbSqm3664Mi0AjVSR6WwQ9x/bDsUmp8D6M= X-Received: from satyaprateek.c.googlers.com ([fda3:e722:ac3:10:24:72f4:c0a8:2d8e]) (user=satyat job=sendgmr) by 2002:a5b:bcf:: with SMTP id c15mr9992965ybr.277.1599695072984; Wed, 09 Sep 2020 16:44:32 -0700 (PDT) Date: Wed, 9 Sep 2020 23:44:21 +0000 In-Reply-To: <20200909234422.76194-1-satyat@google.com> Message-Id: <20200909234422.76194-3-satyat@google.com> Mime-Version: 1.0 References: <20200909234422.76194-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.526.ge36021eeef-goog Subject: [PATCH 2/3] dm: add support for passing through inline crypto support From: Satya Tangirala To: linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, dm-devel@redhat.com Cc: Jens Axboe , Alasdair Kergon , Mike Snitzer , Eric Biggers , Satya Tangirala Sender: linux-block-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org From: Eric Biggers Update the device-mapper core to support exposing the inline crypto support of the underlying device(s) through the device-mapper device. This works by creating a "passthrough keyslot manager" for the dm device, which declares support for encryption settings which all underlying devices support. When a supported setting is used, the bio cloning code handles cloning the crypto context to the bios for all the underlying devices. When an unsupported setting is used, the blk-crypto fallback is used as usual. Crypto support on each underlying device is ignored unless the corresponding dm target opts into exposing it. This is needed because for inline crypto to semantically operate on the original bio, the data must not be transformed by the dm target. Thus, targets like dm-linear can expose crypto support of the underlying device, but targets like dm-crypt can't. (dm-crypt could use inline crypto itself, though.) When a key is evicted from the dm device, it is evicted from all underlying devices. Signed-off-by: Eric Biggers Co-developed-by: Satya Tangirala Signed-off-by: Satya Tangirala --- block/blk-crypto.c | 1 + block/keyslot-manager.c | 34 ++++++++++++ drivers/md/dm-core.h | 4 ++ drivers/md/dm-table.c | 52 +++++++++++++++++++ drivers/md/dm.c | 92 ++++++++++++++++++++++++++++++++- include/linux/device-mapper.h | 6 +++ include/linux/keyslot-manager.h | 7 +++ 7 files changed, 195 insertions(+), 1 deletion(-) diff --git a/block/blk-crypto.c b/block/blk-crypto.c index 2d5e60023b08..33555cf0e3e7 100644 --- a/block/blk-crypto.c +++ b/block/blk-crypto.c @@ -402,3 +402,4 @@ int blk_crypto_evict_key(struct request_queue *q, */ return blk_crypto_fallback_evict_key(key); } +EXPORT_SYMBOL_GPL(blk_crypto_evict_key); diff --git a/block/keyslot-manager.c b/block/keyslot-manager.c index 60ac406d54b9..e0f776c38d8a 100644 --- a/block/keyslot-manager.c +++ b/block/keyslot-manager.c @@ -416,6 +416,40 @@ void blk_ksm_unregister(struct request_queue *q) { q->ksm = NULL; } +EXPORT_SYMBOL_GPL(blk_ksm_unregister); + +/** + * blk_ksm_intersect_modes() - restrict supported modes by child device + * @parent: The keyslot manager for parent device + * @child: The keyslot manager for child device, or NULL + * + * Clear any crypto mode support bits in @parent that aren't set in @child. + * If @child is NULL, then all parent bits are cleared. + * + * Only use this when setting up the keyslot manager for a layered device, + * before it's been exposed yet. + */ +void blk_ksm_intersect_modes(struct blk_keyslot_manager *parent, + const struct blk_keyslot_manager *child) +{ + if (child) { + unsigned int i; + + parent->max_dun_bytes_supported = + min(parent->max_dun_bytes_supported, + child->max_dun_bytes_supported); + for (i = 0; i < ARRAY_SIZE(child->crypto_modes_supported); + i++) { + parent->crypto_modes_supported[i] &= + child->crypto_modes_supported[i]; + } + } else { + parent->max_dun_bytes_supported = 0; + memset(parent->crypto_modes_supported, 0, + sizeof(parent->crypto_modes_supported)); + } +} +EXPORT_SYMBOL_GPL(blk_ksm_intersect_modes); /** * blk_ksm_init_passthrough() - Init a passthrough keyslot manager diff --git a/drivers/md/dm-core.h b/drivers/md/dm-core.h index c4ef1fceead6..4542050eebfc 100644 --- a/drivers/md/dm-core.h +++ b/drivers/md/dm-core.h @@ -12,6 +12,7 @@ #include #include #include +#include #include @@ -49,6 +50,9 @@ struct mapped_device { int numa_node_id; struct request_queue *queue; +#ifdef CONFIG_BLK_INLINE_ENCRYPTION + struct blk_keyslot_manager ksm; +#endif atomic_t holders; atomic_t open_count; diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c index 5edc3079e7c1..09ad65e582a8 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c @@ -21,6 +21,8 @@ #include #include #include +#include +#include #define DM_MSG_PREFIX "table" @@ -1579,6 +1581,54 @@ static void dm_table_verify_integrity(struct dm_table *t) } } +#ifdef CONFIG_BLK_INLINE_ENCRYPTION +static int device_intersect_crypto_modes(struct dm_target *ti, + struct dm_dev *dev, sector_t start, + sector_t len, void *data) +{ + struct blk_keyslot_manager *parent = data; + struct blk_keyslot_manager *child = bdev_get_queue(dev->bdev)->ksm; + + blk_ksm_intersect_modes(parent, child); + return 0; +} + +/* + * Update the inline crypto modes supported by 'q->ksm' to be the intersection + * of the modes supported by all targets in the table. + * + * For any mode to be supported at all, all targets must have explicitly + * declared that they can pass through inline crypto support. For a particular + * mode to be supported, all underlying devices must also support it. + * + * Assume that 'q->ksm' initially declares all modes to be supported. + */ +static void dm_calculate_supported_crypto_modes(struct dm_table *t, + struct request_queue *q) +{ + struct dm_target *ti; + unsigned int i; + + for (i = 0; i < dm_table_get_num_targets(t); i++) { + ti = dm_table_get_target(t, i); + + if (!ti->may_passthrough_inline_crypto) { + blk_ksm_intersect_modes(q->ksm, NULL); + return; + } + if (!ti->type->iterate_devices) + continue; + ti->type->iterate_devices(ti, device_intersect_crypto_modes, + q->ksm); + } +} +#else /* CONFIG_BLK_INLINE_ENCRYPTION */ +static inline void dm_calculate_supported_crypto_modes(struct dm_table *t, + struct request_queue *q) +{ +} +#endif /* !CONFIG_BLK_INLINE_ENCRYPTION */ + static int device_flush_capable(struct dm_target *ti, struct dm_dev *dev, sector_t start, sector_t len, void *data) { @@ -1895,6 +1945,8 @@ void dm_table_set_restrictions(struct dm_table *t, struct request_queue *q, dm_table_verify_integrity(t); + dm_calculate_supported_crypto_modes(t, q); + /* * Some devices don't use blk_integrity but still want stable pages * because they do their own checksumming. diff --git a/drivers/md/dm.c b/drivers/md/dm.c index fb0255d25e4b..9cfc2b63323d 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -28,6 +28,7 @@ #include #include #include +#include #define DM_MSG_PREFIX "core" @@ -1869,6 +1870,8 @@ static const struct dax_operations dm_dax_ops; static void dm_wq_work(struct work_struct *work); +static void dm_destroy_inline_encryption(struct request_queue *q); + static void cleanup_mapped_device(struct mapped_device *md) { if (md->wq) @@ -1890,8 +1893,10 @@ static void cleanup_mapped_device(struct mapped_device *md) put_disk(md->disk); } - if (md->queue) + if (md->queue) { + dm_destroy_inline_encryption(md->queue); blk_cleanup_queue(md->queue); + } cleanup_srcu_struct(&md->io_barrier); @@ -2253,6 +2258,88 @@ struct queue_limits *dm_get_queue_limits(struct mapped_device *md) } EXPORT_SYMBOL_GPL(dm_get_queue_limits); +#ifdef CONFIG_BLK_INLINE_ENCRYPTION +struct dm_keyslot_evict_args { + const struct blk_crypto_key *key; + int err; +}; + +static int dm_keyslot_evict_callback(struct dm_target *ti, struct dm_dev *dev, + sector_t start, sector_t len, void *data) +{ + struct dm_keyslot_evict_args *args = data; + int err; + + err = blk_crypto_evict_key(bdev_get_queue(dev->bdev), args->key); + if (!args->err) + args->err = err; + /* Always try to evict the key from all devices. */ + return 0; +} + +/* + * When an inline encryption key is evicted from a device-mapper device, evict + * it from all the underlying devices. + */ +static int dm_keyslot_evict(struct blk_keyslot_manager *ksm, + const struct blk_crypto_key *key, unsigned int slot) +{ + struct mapped_device *md = container_of(ksm, struct mapped_device, ksm); + struct dm_keyslot_evict_args args = { key }; + struct dm_table *t; + int srcu_idx; + int i; + struct dm_target *ti; + + t = dm_get_live_table(md, &srcu_idx); + if (!t) + return 0; + for (i = 0; i < dm_table_get_num_targets(t); i++) { + ti = dm_table_get_target(t, i); + if (!ti->type->iterate_devices) + continue; + ti->type->iterate_devices(ti, dm_keyslot_evict_callback, &args); + } + dm_put_live_table(md, srcu_idx); + return args.err; +} + +static struct blk_ksm_ll_ops dm_ksm_ll_ops = { + .keyslot_evict = dm_keyslot_evict, +}; + +static void dm_init_inline_encryption(struct mapped_device *md) +{ + blk_ksm_init_passthrough(&md->ksm); + md->ksm.ksm_ll_ops = dm_ksm_ll_ops; + + /* + * Initially declare support for all crypto settings. Anything + * unsupported by a child device will be removed later when calculating + * the device restrictions. + */ + md->ksm.max_dun_bytes_supported = UINT_MAX; + memset(md->ksm.crypto_modes_supported, 0xFF, + sizeof(md->ksm.crypto_modes_supported)); + + blk_ksm_register(&md->ksm, md->queue); +} + +static void dm_destroy_inline_encryption(struct request_queue *q) +{ + blk_ksm_destroy(q->ksm); + blk_ksm_unregister(q); +} +#else /* CONFIG_BLK_INLINE_ENCRYPTION */ +static inline void dm_init_inline_encryption(struct mapped_device *md) +{ +} + +static inline void dm_destroy_inline_encryption(struct request_queue *q) +{ +} +#endif /* !CONFIG_BLK_INLINE_ENCRYPTION */ + /* * Setup the DM device's queue based on md's type */ @@ -2284,6 +2371,9 @@ int dm_setup_md_queue(struct mapped_device *md, struct dm_table *t) DMERR("Cannot calculate initial queue limits"); return r; } + + dm_init_inline_encryption(md); + dm_table_set_restrictions(t, md->queue, &limits); blk_register_queue(md->disk); diff --git a/include/linux/device-mapper.h b/include/linux/device-mapper.h index 93096e524e43..104f364866f9 100644 --- a/include/linux/device-mapper.h +++ b/include/linux/device-mapper.h @@ -320,6 +320,12 @@ struct dm_target { * whether or not its underlying devices have support. */ bool discards_supported:1; + + /* + * Set if inline crypto capabilities from this target's underlying + * device(s) can be exposed via the device-mapper device. + */ + bool may_passthrough_inline_crypto:1; }; void *dm_per_bio_data(struct bio *bio, size_t data_size); diff --git a/include/linux/keyslot-manager.h b/include/linux/keyslot-manager.h index 323e15dd6fa7..bfe7f35da4a8 100644 --- a/include/linux/keyslot-manager.h +++ b/include/linux/keyslot-manager.h @@ -9,6 +9,8 @@ #include #include +#ifdef CONFIG_BLK_INLINE_ENCRYPTION + struct blk_keyslot_manager; /** @@ -103,6 +105,11 @@ void blk_ksm_reprogram_all_keys(struct blk_keyslot_manager *ksm); void blk_ksm_destroy(struct blk_keyslot_manager *ksm); +void blk_ksm_intersect_modes(struct blk_keyslot_manager *parent, + const struct blk_keyslot_manager *child); + void blk_ksm_init_passthrough(struct blk_keyslot_manager *ksm); +#endif /* CONFIG_BLK_INLINE_ENCRYPTION */ + #endif /* __LINUX_KEYSLOT_MANAGER_H */ From patchwork Wed Sep 9 23:44:22 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11766397 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C7705746 for ; Thu, 10 Sep 2020 02:34:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AB5862145D for ; Thu, 10 Sep 2020 02:34:07 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="azshADfV" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729741AbgIJCdz (ORCPT ); Wed, 9 Sep 2020 22:33:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57210 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730596AbgIJCcb (ORCPT ); Wed, 9 Sep 2020 22:32:31 -0400 Received: from mail-qv1-xf4a.google.com (mail-qv1-xf4a.google.com [IPv6:2607:f8b0:4864:20::f4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D07BEC061387 for ; Wed, 9 Sep 2020 16:44:37 -0700 (PDT) Received: by mail-qv1-xf4a.google.com with SMTP id h9so2379413qvr.3 for ; Wed, 09 Sep 2020 16:44:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=1OQRbnpVQqbSHeNIDm4Hm9mK1gT2gj5RYSqpBEjn4gM=; b=azshADfVoWxyDpQuXUO3to8kiY9uHNIzQ57x8KjQIX+EK/Em5xQVxYtJPoEDS0aePD Y61/giUZ05cffykw283xaA3l6iWVCJg9wpB71S5nzH9EVlsB7DrwYd/1GbZ/6hqyy+aP V3CsVsXVhEhkNrcI6fwNQ8MdTXYqYu3mK8JIgFfSqFMjLHbltgP4QvmvdGhsb6hEmTat HpU4YccntOhHTahvRdzBbRxShPfV83u92ZPa5sdOLsdziXdRXd2FLqZ8tbj6J+BnKJxh 1ZzYAG/BSCC00j0EQm3RdQEmkV8TCxNK7oGMetTxZt4LkGA2j5eaVT5Dc+FDNGRbc5iD dDuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=1OQRbnpVQqbSHeNIDm4Hm9mK1gT2gj5RYSqpBEjn4gM=; b=YEnqzi70G9TcVJNF65N6SCiw3IMhQ32wp9sUH5+cFfpUqRan0xA2JTl7Dorgd603e9 rNSW/k5JB3dTuvUcM9FbVaCjrONqgfZvTE6cXHXNo6bf9PL+U4R5y2AeoFun9bvZB3vq frPoJvkxXMoZHYuaYKJtQYind4w45jKbbVknFA8B1znNocZ6m3DeAt78tz+GpkSxJkYv bcX0J+jh0fMDaY/7lMckiTG/0ugHVTdY0Jk9CRmRjmclIx9CJl6eNTPgn93eVMdKgZMA 9qeSqM94F31REBskT3ALrqYBWRXahTm2uMZV0lUtDnto4qelljEH9nsg0hloXXYLTl3P T4sA== X-Gm-Message-State: AOAM531hlEjkFZTgBWcYQQaDGnsvlcceC807oy24fKU6clNtg8aC9tOQ HAqzM0L1zKSc9juY15ThClumt6r8ipdjRJmF5eAbbUD7ZhZZnf+OfuMr6zBkuP0LyVccLjLWPcT ucbcA1iztNoYTx0cQ6TzYFS7UIkHFl+A/0T/5JS+yWmv/xX35YVeJYVSaRo0QRbvyh2lI X-Google-Smtp-Source: ABdhPJzRLKGMJkhtGLLHYN+CRFtSzCzysN6IpaLbffgbJgz/w24BGG12zL9AWcZQDiOos9PZsag2+r5yVUI= X-Received: from satyaprateek.c.googlers.com ([fda3:e722:ac3:10:24:72f4:c0a8:2d8e]) (user=satyat job=sendgmr) by 2002:ad4:5565:: with SMTP id w5mr6354094qvy.24.1599695074759; Wed, 09 Sep 2020 16:44:34 -0700 (PDT) Date: Wed, 9 Sep 2020 23:44:22 +0000 In-Reply-To: <20200909234422.76194-1-satyat@google.com> Message-Id: <20200909234422.76194-4-satyat@google.com> Mime-Version: 1.0 References: <20200909234422.76194-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.526.ge36021eeef-goog Subject: [PATCH 3/3] dm: enable may_passthrough_inline_crypto on some targets From: Satya Tangirala To: linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, dm-devel@redhat.com Cc: Jens Axboe , Alasdair Kergon , Mike Snitzer , Eric Biggers , Satya Tangirala Sender: linux-block-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org From: Eric Biggers dm-linear and dm-flakey obviously can pass through inline crypto support. dm-zero should declare that it passes through inline crypto support, since any reads from dm-zero should return zeroes, and blk-crypto should not attempt to decrypt data returned from dm-zero. Signed-off-by: Eric Biggers Co-developed-by: Satya Tangirala Signed-off-by: Satya Tangirala --- drivers/md/dm-flakey.c | 1 + drivers/md/dm-linear.c | 1 + drivers/md/dm-zero.c | 1 + 3 files changed, 3 insertions(+) diff --git a/drivers/md/dm-flakey.c b/drivers/md/dm-flakey.c index a2cc9e45cbba..655286dacc35 100644 --- a/drivers/md/dm-flakey.c +++ b/drivers/md/dm-flakey.c @@ -253,6 +253,7 @@ static int flakey_ctr(struct dm_target *ti, unsigned int argc, char **argv) ti->num_discard_bios = 1; ti->per_io_data_size = sizeof(struct per_bio_data); ti->private = fc; + ti->may_passthrough_inline_crypto = true; return 0; bad: diff --git a/drivers/md/dm-linear.c b/drivers/md/dm-linear.c index e1db43446327..6d81878e2ca8 100644 --- a/drivers/md/dm-linear.c +++ b/drivers/md/dm-linear.c @@ -62,6 +62,7 @@ static int linear_ctr(struct dm_target *ti, unsigned int argc, char **argv) ti->num_secure_erase_bios = 1; ti->num_write_same_bios = 1; ti->num_write_zeroes_bios = 1; + ti->may_passthrough_inline_crypto = true; ti->private = lc; return 0; diff --git a/drivers/md/dm-zero.c b/drivers/md/dm-zero.c index b65ca8dcfbdc..07e02f3a9cd1 100644 --- a/drivers/md/dm-zero.c +++ b/drivers/md/dm-zero.c @@ -26,6 +26,7 @@ static int zero_ctr(struct dm_target *ti, unsigned int argc, char **argv) * Silently drop discards, avoiding -EOPNOTSUPP. */ ti->num_discard_bios = 1; + ti->may_passthrough_inline_crypto = true; return 0; }