LCOV - code coverage report
Current view: top level - include/linux - blk-crypto.h (source / functions) Hit Total Coverage
Test: coverage.info Lines: 0 1 0.0 %
Date: 2023-04-06 08:38:28 Functions: 0 0 -

          Line data    Source code
       1             : /* SPDX-License-Identifier: GPL-2.0 */
       2             : /*
       3             :  * Copyright 2019 Google LLC
       4             :  */
       5             : 
       6             : #ifndef __LINUX_BLK_CRYPTO_H
       7             : #define __LINUX_BLK_CRYPTO_H
       8             : 
       9             : #include <linux/types.h>
      10             : 
      11             : enum blk_crypto_mode_num {
      12             :         BLK_ENCRYPTION_MODE_INVALID,
      13             :         BLK_ENCRYPTION_MODE_AES_256_XTS,
      14             :         BLK_ENCRYPTION_MODE_AES_128_CBC_ESSIV,
      15             :         BLK_ENCRYPTION_MODE_ADIANTUM,
      16             :         BLK_ENCRYPTION_MODE_SM4_XTS,
      17             :         BLK_ENCRYPTION_MODE_MAX,
      18             : };
      19             : 
      20             : #define BLK_CRYPTO_MAX_KEY_SIZE         64
      21             : /**
      22             :  * struct blk_crypto_config - an inline encryption key's crypto configuration
      23             :  * @crypto_mode: encryption algorithm this key is for
      24             :  * @data_unit_size: the data unit size for all encryption/decryptions with this
      25             :  *      key.  This is the size in bytes of each individual plaintext and
      26             :  *      ciphertext.  This is always a power of 2.  It might be e.g. the
      27             :  *      filesystem block size or the disk sector size.
      28             :  * @dun_bytes: the maximum number of bytes of DUN used when using this key
      29             :  */
      30             : struct blk_crypto_config {
      31             :         enum blk_crypto_mode_num crypto_mode;
      32             :         unsigned int data_unit_size;
      33             :         unsigned int dun_bytes;
      34             : };
      35             : 
      36             : /**
      37             :  * struct blk_crypto_key - an inline encryption key
      38             :  * @crypto_cfg: the crypto configuration (like crypto_mode, key size) for this
      39             :  *              key
      40             :  * @data_unit_size_bits: log2 of data_unit_size
      41             :  * @size: size of this key in bytes (determined by @crypto_cfg.crypto_mode)
      42             :  * @raw: the raw bytes of this key.  Only the first @size bytes are used.
      43             :  *
      44             :  * A blk_crypto_key is immutable once created, and many bios can reference it at
      45             :  * the same time.  It must not be freed until all bios using it have completed
      46             :  * and it has been evicted from all devices on which it may have been used.
      47             :  */
      48             : struct blk_crypto_key {
      49             :         struct blk_crypto_config crypto_cfg;
      50             :         unsigned int data_unit_size_bits;
      51             :         unsigned int size;
      52             :         u8 raw[BLK_CRYPTO_MAX_KEY_SIZE];
      53             : };
      54             : 
      55             : #define BLK_CRYPTO_MAX_IV_SIZE          32
      56             : #define BLK_CRYPTO_DUN_ARRAY_SIZE       (BLK_CRYPTO_MAX_IV_SIZE / sizeof(u64))
      57             : 
      58             : /**
      59             :  * struct bio_crypt_ctx - an inline encryption context
      60             :  * @bc_key: the key, algorithm, and data unit size to use
      61             :  * @bc_dun: the data unit number (starting IV) to use
      62             :  *
      63             :  * A bio_crypt_ctx specifies that the contents of the bio will be encrypted (for
      64             :  * write requests) or decrypted (for read requests) inline by the storage device
      65             :  * or controller, or by the crypto API fallback.
      66             :  */
      67             : struct bio_crypt_ctx {
      68             :         const struct blk_crypto_key     *bc_key;
      69             :         u64                             bc_dun[BLK_CRYPTO_DUN_ARRAY_SIZE];
      70             : };
      71             : 
      72             : #include <linux/blk_types.h>
      73             : #include <linux/blkdev.h>
      74             : 
      75             : #ifdef CONFIG_BLK_INLINE_ENCRYPTION
      76             : 
      77             : static inline bool bio_has_crypt_ctx(struct bio *bio)
      78             : {
      79             :         return bio->bi_crypt_context;
      80             : }
      81             : 
      82             : void bio_crypt_set_ctx(struct bio *bio, const struct blk_crypto_key *key,
      83             :                        const u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE],
      84             :                        gfp_t gfp_mask);
      85             : 
      86             : bool bio_crypt_dun_is_contiguous(const struct bio_crypt_ctx *bc,
      87             :                                  unsigned int bytes,
      88             :                                  const u64 next_dun[BLK_CRYPTO_DUN_ARRAY_SIZE]);
      89             : 
      90             : int blk_crypto_init_key(struct blk_crypto_key *blk_key, const u8 *raw_key,
      91             :                         enum blk_crypto_mode_num crypto_mode,
      92             :                         unsigned int dun_bytes,
      93             :                         unsigned int data_unit_size);
      94             : 
      95             : int blk_crypto_start_using_key(struct block_device *bdev,
      96             :                                const struct blk_crypto_key *key);
      97             : 
      98             : int blk_crypto_evict_key(struct block_device *bdev,
      99             :                          const struct blk_crypto_key *key);
     100             : 
     101             : bool blk_crypto_config_supported_natively(struct block_device *bdev,
     102             :                                           const struct blk_crypto_config *cfg);
     103             : bool blk_crypto_config_supported(struct block_device *bdev,
     104             :                                  const struct blk_crypto_config *cfg);
     105             : 
     106             : #else /* CONFIG_BLK_INLINE_ENCRYPTION */
     107             : 
     108             : static inline bool bio_has_crypt_ctx(struct bio *bio)
     109             : {
     110             :         return false;
     111             : }
     112             : 
     113             : #endif /* CONFIG_BLK_INLINE_ENCRYPTION */
     114             : 
     115             : int __bio_crypt_clone(struct bio *dst, struct bio *src, gfp_t gfp_mask);
     116             : /**
     117             :  * bio_crypt_clone - clone bio encryption context
     118             :  * @dst: destination bio
     119             :  * @src: source bio
     120             :  * @gfp_mask: memory allocation flags
     121             :  *
     122             :  * If @src has an encryption context, clone it to @dst.
     123             :  *
     124             :  * Return: 0 on success, -ENOMEM if out of memory.  -ENOMEM is only possible if
     125             :  *         @gfp_mask doesn't include %__GFP_DIRECT_RECLAIM.
     126             :  */
     127             : static inline int bio_crypt_clone(struct bio *dst, struct bio *src,
     128             :                                   gfp_t gfp_mask)
     129             : {
     130           0 :         if (bio_has_crypt_ctx(src))
     131             :                 return __bio_crypt_clone(dst, src, gfp_mask);
     132             :         return 0;
     133             : }
     134             : 
     135             : #endif /* __LINUX_BLK_CRYPTO_H */

Generated by: LCOV version 1.14