LCOV - code coverage report
Current view: top level - include/linux - blk-crypto.h (source / functions) Hit Total Coverage
Test: landlock.info Lines: 2 5 40.0 %
Date: 2021-04-22 12:43:58 Functions: 0 0 - 

          Line data    Source code
       1             : /* SPDX-License-Identifier: GPL-2.0 */
       2             : /*
       3             :  * Copyright 2019 Google LLC
       4             :  */
       5             : 
       6             : #ifndef __LINUX_BLK_CRYPTO_H
       7             : #define __LINUX_BLK_CRYPTO_H
       8             : 
       9             : #include <linux/types.h>
      10             : 
      11             : enum blk_crypto_mode_num {
      12             :         BLK_ENCRYPTION_MODE_INVALID,
      13             :         BLK_ENCRYPTION_MODE_AES_256_XTS,
      14             :         BLK_ENCRYPTION_MODE_AES_128_CBC_ESSIV,
      15             :         BLK_ENCRYPTION_MODE_ADIANTUM,
      16             :         BLK_ENCRYPTION_MODE_MAX,
      17             : };
      18             : 
      19             : #define BLK_CRYPTO_MAX_KEY_SIZE         64
      20             : /**
      21             :  * struct blk_crypto_config - an inline encryption key's crypto configuration
      22             :  * @crypto_mode: encryption algorithm this key is for
      23             :  * @data_unit_size: the data unit size for all encryption/decryptions with this
      24             :  *      key.  This is the size in bytes of each individual plaintext and
      25             :  *      ciphertext.  This is always a power of 2.  It might be e.g. the
      26             :  *      filesystem block size or the disk sector size.
      27             :  * @dun_bytes: the maximum number of bytes of DUN used when using this key
      28             :  */
      29             : struct blk_crypto_config {
      30             :         enum blk_crypto_mode_num crypto_mode;
      31             :         unsigned int data_unit_size;
      32             :         unsigned int dun_bytes;
      33             : };
      34             : 
      35             : /**
      36             :  * struct blk_crypto_key - an inline encryption key
      37             :  * @crypto_cfg: the crypto configuration (like crypto_mode, key size) for this
      38             :  *              key
      39             :  * @data_unit_size_bits: log2 of data_unit_size
      40             :  * @size: size of this key in bytes (determined by @crypto_cfg.crypto_mode)
      41             :  * @raw: the raw bytes of this key.  Only the first @size bytes are used.
      42             :  *
      43             :  * A blk_crypto_key is immutable once created, and many bios can reference it at
      44             :  * the same time.  It must not be freed until all bios using it have completed
      45             :  * and it has been evicted from all devices on which it may have been used.
      46             :  */
      47             : struct blk_crypto_key {
      48             :         struct blk_crypto_config crypto_cfg;
      49             :         unsigned int data_unit_size_bits;
      50             :         unsigned int size;
      51             :         u8 raw[BLK_CRYPTO_MAX_KEY_SIZE];
      52             : };
      53             : 
      54             : #define BLK_CRYPTO_MAX_IV_SIZE          32
      55             : #define BLK_CRYPTO_DUN_ARRAY_SIZE       (BLK_CRYPTO_MAX_IV_SIZE / sizeof(u64))
      56             : 
      57             : /**
      58             :  * struct bio_crypt_ctx - an inline encryption context
      59             :  * @bc_key: the key, algorithm, and data unit size to use
      60             :  * @bc_dun: the data unit number (starting IV) to use
      61             :  *
      62             :  * A bio_crypt_ctx specifies that the contents of the bio will be encrypted (for
      63             :  * write requests) or decrypted (for read requests) inline by the storage device
      64             :  * or controller, or by the crypto API fallback.
      65             :  */
      66             : struct bio_crypt_ctx {
      67             :         const struct blk_crypto_key     *bc_key;
      68             :         u64                             bc_dun[BLK_CRYPTO_DUN_ARRAY_SIZE];
      69             : };
      70             : 
      71             : #include <linux/blk_types.h>
      72             : #include <linux/blkdev.h>
      73             : 
      74             : struct request;
      75             : struct request_queue;
      76             : 
      77             : #ifdef CONFIG_BLK_INLINE_ENCRYPTION
      78             : 
      79             : static inline bool bio_has_crypt_ctx(struct bio *bio)
      80             : {
      81             :         return bio->bi_crypt_context;
      82             : }
      83             : 
      84             : void bio_crypt_set_ctx(struct bio *bio, const struct blk_crypto_key *key,
      85             :                        const u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE],
      86             :                        gfp_t gfp_mask);
      87             : 
      88             : bool bio_crypt_dun_is_contiguous(const struct bio_crypt_ctx *bc,
      89             :                                  unsigned int bytes,
      90             :                                  const u64 next_dun[BLK_CRYPTO_DUN_ARRAY_SIZE]);
      91             : 
      92             : int blk_crypto_init_key(struct blk_crypto_key *blk_key, const u8 *raw_key,
      93             :                         enum blk_crypto_mode_num crypto_mode,
      94             :                         unsigned int dun_bytes,
      95             :                         unsigned int data_unit_size);
      96             : 
      97             : int blk_crypto_start_using_key(const struct blk_crypto_key *key,
      98             :                                struct request_queue *q);
      99             : 
     100             : int blk_crypto_evict_key(struct request_queue *q,
     101             :                          const struct blk_crypto_key *key);
     102             : 
     103             : bool blk_crypto_config_supported(struct request_queue *q,
     104             :                                  const struct blk_crypto_config *cfg);
     105             : 
     106             : #else /* CONFIG_BLK_INLINE_ENCRYPTION */
     107             : 
     108       20788 : static inline bool bio_has_crypt_ctx(struct bio *bio)
     109             : {
     110       43579 :         return false;
     111             : }
     112             : 
     113             : #endif /* CONFIG_BLK_INLINE_ENCRYPTION */
     114             : 
     115             : int __bio_crypt_clone(struct bio *dst, struct bio *src, gfp_t gfp_mask);
     116             : /**
     117             :  * bio_crypt_clone - clone bio encryption context
     118             :  * @dst: destination bio
     119             :  * @src: source bio
     120             :  * @gfp_mask: memory allocation flags
     121             :  *
     122             :  * If @src has an encryption context, clone it to @dst.
     123             :  *
     124             :  * Return: 0 on success, -ENOMEM if out of memory.  -ENOMEM is only possible if
     125             :  *         @gfp_mask doesn't include %__GFP_DIRECT_RECLAIM.
     126             :  */
     127           0 : static inline int bio_crypt_clone(struct bio *dst, struct bio *src,
     128             :                                   gfp_t gfp_mask)
     129             : {
     130           0 :         if (bio_has_crypt_ctx(src))
     131             :                 return __bio_crypt_clone(dst, src, gfp_mask);
     132           0 :         return 0;
     133             : }
     134             : 
     135             : #endif /* __LINUX_BLK_CRYPTO_H */

Generated by: LCOV version 1.14