1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* |
3 | * Copyright 2019 Google LLC |
4 | */ |
5 | |
6 | #ifndef __LINUX_BLK_CRYPTO_PROFILE_H |
7 | #define __LINUX_BLK_CRYPTO_PROFILE_H |
8 | |
9 | #include <linux/bio.h> |
10 | #include <linux/blk-crypto.h> |
11 | |
12 | struct blk_crypto_profile; |
13 | |
14 | /** |
15 | * struct blk_crypto_ll_ops - functions to control inline encryption hardware |
16 | * |
17 | * Low-level operations for controlling inline encryption hardware. This |
18 | * interface must be implemented by storage drivers that support inline |
19 | * encryption. All functions may sleep, are serialized by profile->lock, and |
20 | * are never called while profile->dev (if set) is runtime-suspended. |
21 | */ |
22 | struct blk_crypto_ll_ops { |
23 | |
24 | /** |
25 | * @keyslot_program: Program a key into the inline encryption hardware. |
26 | * |
27 | * Program @key into the specified @slot in the inline encryption |
28 | * hardware, overwriting any key that the keyslot may already contain. |
29 | * The keyslot is guaranteed to not be in-use by any I/O. |
30 | * |
31 | * This is required if the device has keyslots. Otherwise (i.e. if the |
32 | * device is a layered device, or if the device is real hardware that |
33 | * simply doesn't have the concept of keyslots) it is never called. |
34 | * |
35 | * Must return 0 on success, or -errno on failure. |
36 | */ |
37 | int (*keyslot_program)(struct blk_crypto_profile *profile, |
38 | const struct blk_crypto_key *key, |
39 | unsigned int slot); |
40 | |
41 | /** |
42 | * @keyslot_evict: Evict a key from the inline encryption hardware. |
43 | * |
44 | * If the device has keyslots, this function must evict the key from the |
45 | * specified @slot. The slot will contain @key, but there should be no |
46 | * need for the @key argument to be used as @slot should be sufficient. |
47 | * The keyslot is guaranteed to not be in-use by any I/O. |
48 | * |
49 | * If the device doesn't have keyslots itself, this function must evict |
50 | * @key from any underlying devices. @slot won't be valid in this case. |
51 | * |
52 | * If there are no keyslots and no underlying devices, this function |
53 | * isn't required. |
54 | * |
55 | * Must return 0 on success, or -errno on failure. |
56 | */ |
57 | int (*keyslot_evict)(struct blk_crypto_profile *profile, |
58 | const struct blk_crypto_key *key, |
59 | unsigned int slot); |
60 | }; |
61 | |
62 | /** |
63 | * struct blk_crypto_profile - inline encryption profile for a device |
64 | * |
65 | * This struct contains a storage device's inline encryption capabilities (e.g. |
66 | * the supported crypto algorithms), driver-provided functions to control the |
67 | * inline encryption hardware (e.g. programming and evicting keys), and optional |
68 | * device-independent keyslot management data. |
69 | */ |
70 | struct blk_crypto_profile { |
71 | |
72 | /* public: Drivers must initialize the following fields. */ |
73 | |
74 | /** |
75 | * @ll_ops: Driver-provided functions to control the inline encryption |
76 | * hardware, e.g. program and evict keys. |
77 | */ |
78 | struct blk_crypto_ll_ops ll_ops; |
79 | |
80 | /** |
81 | * @max_dun_bytes_supported: The maximum number of bytes supported for |
82 | * specifying the data unit number (DUN). Specifically, the range of |
83 | * supported DUNs is 0 through (1 << (8 * max_dun_bytes_supported)) - 1. |
84 | */ |
85 | unsigned int max_dun_bytes_supported; |
86 | |
87 | /** |
88 | * @modes_supported: Array of bitmasks that specifies whether each |
89 | * combination of crypto mode and data unit size is supported. |
90 | * Specifically, the i'th bit of modes_supported[crypto_mode] is set if |
91 | * crypto_mode can be used with a data unit size of (1 << i). Note that |
92 | * only data unit sizes that are powers of 2 can be supported. |
93 | */ |
94 | unsigned int modes_supported[BLK_ENCRYPTION_MODE_MAX]; |
95 | |
96 | /** |
97 | * @dev: An optional device for runtime power management. If the driver |
98 | * provides this device, it will be runtime-resumed before any function |
99 | * in @ll_ops is called and will remain resumed during the call. |
100 | */ |
101 | struct device *dev; |
102 | |
103 | /* private: The following fields shouldn't be accessed by drivers. */ |
104 | |
105 | /* Number of keyslots, or 0 if not applicable */ |
106 | unsigned int num_slots; |
107 | |
108 | /* |
109 | * Serializes all calls to functions in @ll_ops as well as all changes |
110 | * to @slot_hashtable. This can also be taken in read mode to look up |
111 | * keyslots while ensuring that they can't be changed concurrently. |
112 | */ |
113 | struct rw_semaphore lock; |
114 | struct lock_class_key lockdep_key; |
115 | |
116 | /* List of idle slots, with least recently used slot at front */ |
117 | wait_queue_head_t idle_slots_wait_queue; |
118 | struct list_head idle_slots; |
119 | spinlock_t idle_slots_lock; |
120 | |
121 | /* |
122 | * Hash table which maps struct *blk_crypto_key to keyslots, so that we |
123 | * can find a key's keyslot in O(1) time rather than O(num_slots). |
124 | * Protected by 'lock'. |
125 | */ |
126 | struct hlist_head *slot_hashtable; |
127 | unsigned int log_slot_ht_size; |
128 | |
129 | /* Per-keyslot data */ |
130 | struct blk_crypto_keyslot *slots; |
131 | }; |
132 | |
133 | int blk_crypto_profile_init(struct blk_crypto_profile *profile, |
134 | unsigned int num_slots); |
135 | |
136 | int devm_blk_crypto_profile_init(struct device *dev, |
137 | struct blk_crypto_profile *profile, |
138 | unsigned int num_slots); |
139 | |
140 | unsigned int blk_crypto_keyslot_index(struct blk_crypto_keyslot *slot); |
141 | |
142 | void blk_crypto_reprogram_all_keys(struct blk_crypto_profile *profile); |
143 | |
144 | void blk_crypto_profile_destroy(struct blk_crypto_profile *profile); |
145 | |
146 | void blk_crypto_intersect_capabilities(struct blk_crypto_profile *parent, |
147 | const struct blk_crypto_profile *child); |
148 | |
149 | bool blk_crypto_has_capabilities(const struct blk_crypto_profile *target, |
150 | const struct blk_crypto_profile *reference); |
151 | |
152 | void blk_crypto_update_capabilities(struct blk_crypto_profile *dst, |
153 | const struct blk_crypto_profile *src); |
154 | |
155 | #endif /* __LINUX_BLK_CRYPTO_PROFILE_H */ |
156 | |