Linaro Git Browser
Code Review Sign In
review.linaro.org / kernel / linux-linaro-stable.git / 94f5e0243c48aa01441c987743dc468e2d6eaca2 / . / drivers / md / dm-crypt.c
blob: c29daf417aafa2cdb2defde9eb26717826ba37c9 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/*
Jana Saoutbf14299f2014-06-24 14:27:04 -0400[diff] [blame]2 * Copyright (C) 2003 Jana Saout <jana@saout.de>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3 * Copyright (C) 2004 Clemens Fruhwirth <clemens@endorphin.org>
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]4 * Copyright (C) 2006-2009 Red Hat, Inc. All rights reserved.
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]5 * Copyright (C) 2013 Milan Broz <gmazyland@gmail.com>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]6 *
7 * This file is released under the GPL.
8 */
9
Milan Broz43d69032008-02-08 02:11:09 +0000[diff] [blame]10#include <linux/completion.h>
Herbert Xud1806f62006-08-22 20:29:17 +1000[diff] [blame]11#include <linux/err.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]12#include <linux/module.h>
13#include <linux/init.h>
14#include <linux/kernel.h>
15#include <linux/bio.h>
16#include <linux/blkdev.h>
17#include <linux/mempool.h>
18#include <linux/slab.h>
19#include <linux/crypto.h>
20#include <linux/workqueue.h>
Andrew Morton3fcfab12006-10-19 23:28:16 -0700[diff] [blame]21#include <linux/backing-dev.h>
Arun Sharma600634972011-07-26 16:09:06 -0700[diff] [blame]22#include <linux/atomic.h>
David Hardeman378f0582005-09-17 17:55:31 +1000[diff] [blame]23#include <linux/scatterlist.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]24#include <asm/page.h>
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]25#include <asm/unaligned.h>
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]26#include <crypto/hash.h>
27#include <crypto/md5.h>
28#include <crypto/algapi.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]29
Mikulas Patocka586e80e2008-10-21 17:44:59 +0100[diff] [blame]30#include <linux/device-mapper.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]31
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]32#define DM_MSG_PREFIX "crypt"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]33
34/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]35 * context holding the current state of a multi-part conversion
36 */
37struct convert_context {
Milan Broz43d69032008-02-08 02:11:09 +0000[diff] [blame]38 struct completion restart;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]39 struct bio *bio_in;
40 struct bio *bio_out;
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]41 struct bvec_iter iter_in;
42 struct bvec_iter iter_out;
Mikulas Patockac66029f2012-07-27 15:08:05 +0100[diff] [blame]43 sector_t cc_sector;
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]44 atomic_t cc_pending;
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]45 struct ablkcipher_request *req;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]46};
47
Milan Broz53017032008-02-08 02:10:38 +0000[diff] [blame]48/*
49 * per bio private data
50 */
51struct dm_crypt_io {
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]52 struct crypt_config *cc;
Milan Broz53017032008-02-08 02:10:38 +0000[diff] [blame]53 struct bio *base_bio;
54 struct work_struct work;
55
56 struct convert_context ctx;
57
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]58 atomic_t io_pending;
Milan Broz53017032008-02-08 02:10:38 +0000[diff] [blame]59 int error;
Milan Broz0c395b02008-02-08 02:10:54 +0000[diff] [blame]60 sector_t sector;
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]61} CRYPTO_MINALIGN_ATTR;
Milan Broz53017032008-02-08 02:10:38 +0000[diff] [blame]62
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]63struct dm_crypt_request {
Huang Yingb2174ee2009-03-16 17:44:33 +0000[diff] [blame]64 struct convert_context *ctx;
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]65 struct scatterlist sg_in;
66 struct scatterlist sg_out;
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]67 sector_t iv_sector;
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]68};
69
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]70struct crypt_config;
71
72struct crypt_iv_operations {
73 int (*ctr)(struct crypt_config *cc, struct dm_target *ti,
Milan Brozd469f842007-10-19 22:42:37 +0100[diff] [blame]74 const char *opts);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]75 void (*dtr)(struct crypt_config *cc);
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]76 int (*init)(struct crypt_config *cc);
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]77 int (*wipe)(struct crypt_config *cc);
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]78 int (*generator)(struct crypt_config *cc, u8 *iv,
79 struct dm_crypt_request *dmreq);
80 int (*post)(struct crypt_config *cc, u8 *iv,
81 struct dm_crypt_request *dmreq);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]82};
83
Milan Broz60473592009-12-10 23:51:55 +0000[diff] [blame]84struct iv_essiv_private {
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]85 struct crypto_hash *hash_tfm;
86 u8 *salt;
Milan Broz60473592009-12-10 23:51:55 +0000[diff] [blame]87};
88
89struct iv_benbi_private {
90 int shift;
91};
92
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]93#define LMK_SEED_SIZE 64 /* hash + 0 */
94struct iv_lmk_private {
95 struct crypto_shash *hash_tfm;
96 u8 *seed;
97};
98
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]99#define TCW_WHITENING_SIZE 16
100struct iv_tcw_private {
101 struct crypto_shash *crc32_tfm;
102 u8 *iv_seed;
103 u8 *whitening;
104};
105
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]106/*
107 * Crypt: maps a linear range of a block device
108 * and encrypts / decrypts at the same time.
109 */
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]110enum flags { DM_CRYPT_SUSPENDED, DM_CRYPT_KEY_VALID, DM_CRYPT_SAME_CPU };
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]111
112/*
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]113 * The fields in here must be read only after initialization.
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]114 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]115struct crypt_config {
116 struct dm_dev *dev;
117 sector_t start;
118
119 /*
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]120 * pool for per bio private data, crypto requests and
121 * encryption requeusts/buffer pages
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]122 */
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]123 mempool_t *req_pool;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]124 mempool_t *page_pool;
Milan Broz6a24c712006-10-03 01:15:40 -0700[diff] [blame]125 struct bio_set *bs;
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]126 struct mutex bio_alloc_lock;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]127
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]128 struct workqueue_struct *io_queue;
129 struct workqueue_struct *crypt_queue;
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]130
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]131 char *cipher;
Milan Broz7dbcd132011-01-13 19:59:52 +0000[diff] [blame]132 char *cipher_string;
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]133
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]134 struct crypt_iv_operations *iv_gen_ops;
Herbert Xu79066ad2006-12-05 13:41:52 -0800[diff] [blame]135 union {
Milan Broz60473592009-12-10 23:51:55 +0000[diff] [blame]136 struct iv_essiv_private essiv;
137 struct iv_benbi_private benbi;
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]138 struct iv_lmk_private lmk;
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]139 struct iv_tcw_private tcw;
Herbert Xu79066ad2006-12-05 13:41:52 -0800[diff] [blame]140 } iv_gen_private;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]141 sector_t iv_offset;
142 unsigned int iv_size;
143
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]144 /* ESSIV: struct crypto_cipher *essiv_tfm */
145 void *iv_private;
146 struct crypto_ablkcipher **tfms;
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]147 unsigned tfms_count;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]148
149 /*
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]150 * Layout of each crypto request:
151 *
152 * struct ablkcipher_request
153 * context
154 * padding
155 * struct dm_crypt_request
156 * padding
157 * IV
158 *
159 * The padding is added so that dm_crypt_request and the IV are
160 * correctly aligned.
161 */
162 unsigned int dmreq_start;
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]163
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]164 unsigned int per_bio_data_size;
165
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]166 unsigned long flags;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]167 unsigned int key_size;
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]168 unsigned int key_parts; /* independent parts in key buffer */
169 unsigned int key_extra_size; /* additional keys length */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]170 u8 key[0];
171};
172
Milan Broz6a24c712006-10-03 01:15:40 -0700[diff] [blame]173#define MIN_IOS 16
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]174
Alasdair G Kergon028867a2007-07-12 17:26:32 +0100[diff] [blame]175static void clone_init(struct dm_crypt_io *, struct bio *);
Alasdair G Kergon395b1672008-02-08 02:10:52 +0000[diff] [blame]176static void kcryptd_queue_crypt(struct dm_crypt_io *io);
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]177static u8 *iv_of_dmreq(struct crypt_config *cc, struct dm_crypt_request *dmreq);
Olaf Kirch027581f2007-05-09 02:32:52 -0700[diff] [blame]178
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]179/*
180 * Use this to access cipher attributes that are the same for each CPU.
181 */
182static struct crypto_ablkcipher *any_tfm(struct crypt_config *cc)
183{
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]184 return cc->tfms[0];
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]185}
186
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]187/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]188 * Different IV generation algorithms:
189 *
Rik Snel3c164bd2006-09-02 18:17:33 +1000[diff] [blame]190 * plain: the initial vector is the 32-bit little-endian version of the sector
Robert P. J. Day3a4fa0a2007-10-19 23:10:43 +0200[diff] [blame]191 * number, padded with zeros if necessary.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]192 *
Milan Broz61afef62009-12-10 23:52:25 +0000[diff] [blame]193 * plain64: the initial vector is the 64-bit little-endian version of the sector
194 * number, padded with zeros if necessary.
195 *
Rik Snel3c164bd2006-09-02 18:17:33 +1000[diff] [blame]196 * essiv: "encrypted sector|salt initial vector", the sector number is
197 * encrypted with the bulk cipher using a salt as key. The salt
198 * should be derived from the bulk cipher's key via hashing.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]199 *
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]200 * benbi: the 64-bit "big-endian 'narrow block'-count", starting at 1
201 * (needed for LRW-32-AES and possible other narrow block modes)
202 *
Ludwig Nussel46b47732007-05-09 02:32:55 -0700[diff] [blame]203 * null: the initial vector is always zero. Provides compatibility with
204 * obsolete loop_fish2 devices. Do not use for new devices.
205 *
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]206 * lmk: Compatible implementation of the block chaining mode used
207 * by the Loop-AES block device encryption system
208 * designed by Jari Ruusu. See http://loop-aes.sourceforge.net/
209 * It operates on full 512 byte sectors and uses CBC
210 * with an IV derived from the sector number, the data and
211 * optionally extra IV seed.
212 * This means that after decryption the first block
213 * of sector must be tweaked according to decrypted data.
214 * Loop-AES can use three encryption schemes:
215 * version 1: is plain aes-cbc mode
216 * version 2: uses 64 multikey scheme with lmk IV generator
217 * version 3: the same as version 2 with additional IV seed
218 * (it uses 65 keys, last key is used as IV seed)
219 *
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]220 * tcw: Compatible implementation of the block chaining mode used
221 * by the TrueCrypt device encryption system (prior to version 4.1).
222 * For more info see: http://www.truecrypt.org
223 * It operates on full 512 byte sectors and uses CBC
224 * with an IV derived from initial key and the sector number.
225 * In addition, whitening value is applied on every sector, whitening
226 * is calculated from initial key, sector number and mixed using CRC32.
227 * Note that this encryption scheme is vulnerable to watermarking attacks
228 * and should be used for old compatible containers access only.
229 *
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]230 * plumb: unimplemented, see:
231 * http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/454
232 */
233
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]234static int crypt_iv_plain_gen(struct crypt_config *cc, u8 *iv,
235 struct dm_crypt_request *dmreq)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]236{
237 memset(iv, 0, cc->iv_size);
Alasdair G Kergon283a8322011-08-02 12:32:01 +0100[diff] [blame]238 *(__le32 *)iv = cpu_to_le32(dmreq->iv_sector & 0xffffffff);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]239
240 return 0;
241}
242
Milan Broz61afef62009-12-10 23:52:25 +0000[diff] [blame]243static int crypt_iv_plain64_gen(struct crypt_config *cc, u8 *iv,
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]244 struct dm_crypt_request *dmreq)
Milan Broz61afef62009-12-10 23:52:25 +0000[diff] [blame]245{
246 memset(iv, 0, cc->iv_size);
Alasdair G Kergon283a8322011-08-02 12:32:01 +0100[diff] [blame]247 *(__le64 *)iv = cpu_to_le64(dmreq->iv_sector);
Milan Broz61afef62009-12-10 23:52:25 +0000[diff] [blame]248
249 return 0;
250}
251
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]252/* Initialise ESSIV - compute salt but no local memory allocations */
253static int crypt_iv_essiv_init(struct crypt_config *cc)
254{
255 struct iv_essiv_private *essiv = &cc->iv_gen_private.essiv;
256 struct hash_desc desc;
257 struct scatterlist sg;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]258 struct crypto_cipher *essiv_tfm;
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]259 int err;
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]260
261 sg_init_one(&sg, cc->key, cc->key_size);
262 desc.tfm = essiv->hash_tfm;
263 desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
264
265 err = crypto_hash_digest(&desc, &sg, cc->key_size, essiv->salt);
266 if (err)
267 return err;
268
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]269 essiv_tfm = cc->iv_private;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]270
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]271 err = crypto_cipher_setkey(essiv_tfm, essiv->salt,
272 crypto_hash_digestsize(essiv->hash_tfm));
273 if (err)
274 return err;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]275
276 return 0;
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]277}
278
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]279/* Wipe salt and reset key derived from volume key */
280static int crypt_iv_essiv_wipe(struct crypt_config *cc)
281{
282 struct iv_essiv_private *essiv = &cc->iv_gen_private.essiv;
283 unsigned salt_size = crypto_hash_digestsize(essiv->hash_tfm);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]284 struct crypto_cipher *essiv_tfm;
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]285 int r, err = 0;
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]286
287 memset(essiv->salt, 0, salt_size);
288
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]289 essiv_tfm = cc->iv_private;
290 r = crypto_cipher_setkey(essiv_tfm, essiv->salt, salt_size);
291 if (r)
292 err = r;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]293
294 return err;
295}
296
297/* Set up per cpu cipher state */
298static struct crypto_cipher *setup_essiv_cpu(struct crypt_config *cc,
299 struct dm_target *ti,
300 u8 *salt, unsigned saltsize)
301{
302 struct crypto_cipher *essiv_tfm;
303 int err;
304
305 /* Setup the essiv_tfm with the given salt */
306 essiv_tfm = crypto_alloc_cipher(cc->cipher, 0, CRYPTO_ALG_ASYNC);
307 if (IS_ERR(essiv_tfm)) {
308 ti->error = "Error allocating crypto tfm for ESSIV";
309 return essiv_tfm;
310 }
311
312 if (crypto_cipher_blocksize(essiv_tfm) !=
313 crypto_ablkcipher_ivsize(any_tfm(cc))) {
314 ti->error = "Block size of ESSIV cipher does "
315 "not match IV size of block cipher";
316 crypto_free_cipher(essiv_tfm);
317 return ERR_PTR(-EINVAL);
318 }
319
320 err = crypto_cipher_setkey(essiv_tfm, salt, saltsize);
321 if (err) {
322 ti->error = "Failed to set key for ESSIV cipher";
323 crypto_free_cipher(essiv_tfm);
324 return ERR_PTR(err);
325 }
326
327 return essiv_tfm;
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]328}
329
Milan Broz60473592009-12-10 23:51:55 +0000[diff] [blame]330static void crypt_iv_essiv_dtr(struct crypt_config *cc)
331{
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]332 struct crypto_cipher *essiv_tfm;
Milan Broz60473592009-12-10 23:51:55 +0000[diff] [blame]333 struct iv_essiv_private *essiv = &cc->iv_gen_private.essiv;
334
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]335 crypto_free_hash(essiv->hash_tfm);
336 essiv->hash_tfm = NULL;
337
338 kzfree(essiv->salt);
339 essiv->salt = NULL;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]340
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]341 essiv_tfm = cc->iv_private;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]342
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]343 if (essiv_tfm)
344 crypto_free_cipher(essiv_tfm);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]345
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]346 cc->iv_private = NULL;
Milan Broz60473592009-12-10 23:51:55 +0000[diff] [blame]347}
348
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]349static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
Milan Brozd469f842007-10-19 22:42:37 +0100[diff] [blame]350 const char *opts)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]351{
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]352 struct crypto_cipher *essiv_tfm = NULL;
353 struct crypto_hash *hash_tfm = NULL;
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]354 u8 *salt = NULL;
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]355 int err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]356
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]357 if (!opts) {
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]358 ti->error = "Digest algorithm missing for ESSIV mode";
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]359 return -EINVAL;
360 }
361
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]362 /* Allocate hash algorithm */
Herbert Xu35058682006-08-24 19:10:20 +1000[diff] [blame]363 hash_tfm = crypto_alloc_hash(opts, 0, CRYPTO_ALG_ASYNC);
364 if (IS_ERR(hash_tfm)) {
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]365 ti->error = "Error initializing ESSIV hash";
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]366 err = PTR_ERR(hash_tfm);
367 goto bad;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]368 }
369
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]370 salt = kzalloc(crypto_hash_digestsize(hash_tfm), GFP_KERNEL);
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]371 if (!salt) {
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]372 ti->error = "Error kmallocing salt storage in ESSIV";
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]373 err = -ENOMEM;
374 goto bad;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]375 }
376
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]377 cc->iv_gen_private.essiv.salt = salt;
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]378 cc->iv_gen_private.essiv.hash_tfm = hash_tfm;
379
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]380 essiv_tfm = setup_essiv_cpu(cc, ti, salt,
381 crypto_hash_digestsize(hash_tfm));
382 if (IS_ERR(essiv_tfm)) {
383 crypt_iv_essiv_dtr(cc);
384 return PTR_ERR(essiv_tfm);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]385 }
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]386 cc->iv_private = essiv_tfm;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]387
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]388 return 0;
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]389
390bad:
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]391 if (hash_tfm && !IS_ERR(hash_tfm))
392 crypto_free_hash(hash_tfm);
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]393 kfree(salt);
Milan Broz5861f1b2009-12-10 23:51:56 +0000[diff] [blame]394 return err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]395}
396
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]397static int crypt_iv_essiv_gen(struct crypt_config *cc, u8 *iv,
398 struct dm_crypt_request *dmreq)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]399{
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]400 struct crypto_cipher *essiv_tfm = cc->iv_private;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]401
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]402 memset(iv, 0, cc->iv_size);
Alasdair G Kergon283a8322011-08-02 12:32:01 +0100[diff] [blame]403 *(__le64 *)iv = cpu_to_le64(dmreq->iv_sector);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]404 crypto_cipher_encrypt_one(essiv_tfm, iv, iv);
405
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]406 return 0;
407}
408
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]409static int crypt_iv_benbi_ctr(struct crypt_config *cc, struct dm_target *ti,
410 const char *opts)
411{
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]412 unsigned bs = crypto_ablkcipher_blocksize(any_tfm(cc));
David Howellsf0d1b0b2006-12-08 02:37:49 -0800[diff] [blame]413 int log = ilog2(bs);
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]414
415 /* we need to calculate how far we must shift the sector count
416 * to get the cipher block count, we use this shift in _gen */
417
418 if (1 << log != bs) {
419 ti->error = "cypher blocksize is not a power of 2";
420 return -EINVAL;
421 }
422
423 if (log > 9) {
424 ti->error = "cypher blocksize is > 512";
425 return -EINVAL;
426 }
427
Milan Broz60473592009-12-10 23:51:55 +0000[diff] [blame]428 cc->iv_gen_private.benbi.shift = 9 - log;
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]429
430 return 0;
431}
432
433static void crypt_iv_benbi_dtr(struct crypt_config *cc)
434{
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]435}
436
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]437static int crypt_iv_benbi_gen(struct crypt_config *cc, u8 *iv,
438 struct dm_crypt_request *dmreq)
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]439{
Herbert Xu79066ad2006-12-05 13:41:52 -0800[diff] [blame]440 __be64 val;
441
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]442 memset(iv, 0, cc->iv_size - sizeof(u64)); /* rest is cleared below */
Herbert Xu79066ad2006-12-05 13:41:52 -0800[diff] [blame]443
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]444 val = cpu_to_be64(((u64)dmreq->iv_sector << cc->iv_gen_private.benbi.shift) + 1);
Herbert Xu79066ad2006-12-05 13:41:52 -0800[diff] [blame]445 put_unaligned(val, (__be64 *)(iv + cc->iv_size - sizeof(u64)));
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]446
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]447 return 0;
448}
449
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]450static int crypt_iv_null_gen(struct crypt_config *cc, u8 *iv,
451 struct dm_crypt_request *dmreq)
Ludwig Nussel46b47732007-05-09 02:32:55 -0700[diff] [blame]452{
453 memset(iv, 0, cc->iv_size);
454
455 return 0;
456}
457
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]458static void crypt_iv_lmk_dtr(struct crypt_config *cc)
459{
460 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk;
461
462 if (lmk->hash_tfm && !IS_ERR(lmk->hash_tfm))
463 crypto_free_shash(lmk->hash_tfm);
464 lmk->hash_tfm = NULL;
465
466 kzfree(lmk->seed);
467 lmk->seed = NULL;
468}
469
470static int crypt_iv_lmk_ctr(struct crypt_config *cc, struct dm_target *ti,
471 const char *opts)
472{
473 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk;
474
475 lmk->hash_tfm = crypto_alloc_shash("md5", 0, 0);
476 if (IS_ERR(lmk->hash_tfm)) {
477 ti->error = "Error initializing LMK hash";
478 return PTR_ERR(lmk->hash_tfm);
479 }
480
481 /* No seed in LMK version 2 */
482 if (cc->key_parts == cc->tfms_count) {
483 lmk->seed = NULL;
484 return 0;
485 }
486
487 lmk->seed = kzalloc(LMK_SEED_SIZE, GFP_KERNEL);
488 if (!lmk->seed) {
489 crypt_iv_lmk_dtr(cc);
490 ti->error = "Error kmallocing seed storage in LMK";
491 return -ENOMEM;
492 }
493
494 return 0;
495}
496
497static int crypt_iv_lmk_init(struct crypt_config *cc)
498{
499 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk;
500 int subkey_size = cc->key_size / cc->key_parts;
501
502 /* LMK seed is on the position of LMK_KEYS + 1 key */
503 if (lmk->seed)
504 memcpy(lmk->seed, cc->key + (cc->tfms_count * subkey_size),
505 crypto_shash_digestsize(lmk->hash_tfm));
506
507 return 0;
508}
509
510static int crypt_iv_lmk_wipe(struct crypt_config *cc)
511{
512 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk;
513
514 if (lmk->seed)
515 memset(lmk->seed, 0, LMK_SEED_SIZE);
516
517 return 0;
518}
519
520static int crypt_iv_lmk_one(struct crypt_config *cc, u8 *iv,
521 struct dm_crypt_request *dmreq,
522 u8 *data)
523{
524 struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk;
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]525 SHASH_DESC_ON_STACK(desc, lmk->hash_tfm);
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]526 struct md5_state md5state;
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]527 __le32 buf[4];
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]528 int i, r;
529
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]530 desc->tfm = lmk->hash_tfm;
531 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]532
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]533 r = crypto_shash_init(desc);
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]534 if (r)
535 return r;
536
537 if (lmk->seed) {
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]538 r = crypto_shash_update(desc, lmk->seed, LMK_SEED_SIZE);
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]539 if (r)
540 return r;
541 }
542
543 /* Sector is always 512B, block size 16, add data of blocks 1-31 */
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]544 r = crypto_shash_update(desc, data + 16, 16 * 31);
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]545 if (r)
546 return r;
547
548 /* Sector is cropped to 56 bits here */
549 buf[0] = cpu_to_le32(dmreq->iv_sector & 0xFFFFFFFF);
550 buf[1] = cpu_to_le32((((u64)dmreq->iv_sector >> 32) & 0x00FFFFFF) | 0x80000000);
551 buf[2] = cpu_to_le32(4024);
552 buf[3] = 0;
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]553 r = crypto_shash_update(desc, (u8 *)buf, sizeof(buf));
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]554 if (r)
555 return r;
556
557 /* No MD5 padding here */
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]558 r = crypto_shash_export(desc, &md5state);
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]559 if (r)
560 return r;
561
562 for (i = 0; i < MD5_HASH_WORDS; i++)
563 __cpu_to_le32s(&md5state.hash[i]);
564 memcpy(iv, &md5state.hash, cc->iv_size);
565
566 return 0;
567}
568
569static int crypt_iv_lmk_gen(struct crypt_config *cc, u8 *iv,
570 struct dm_crypt_request *dmreq)
571{
572 u8 *src;
573 int r = 0;
574
575 if (bio_data_dir(dmreq->ctx->bio_in) == WRITE) {
Cong Wangc2e022c2011-11-28 13:26:02 +0800[diff] [blame]576 src = kmap_atomic(sg_page(&dmreq->sg_in));
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]577 r = crypt_iv_lmk_one(cc, iv, dmreq, src + dmreq->sg_in.offset);
Cong Wangc2e022c2011-11-28 13:26:02 +0800[diff] [blame]578 kunmap_atomic(src);
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]579 } else
580 memset(iv, 0, cc->iv_size);
581
582 return r;
583}
584
585static int crypt_iv_lmk_post(struct crypt_config *cc, u8 *iv,
586 struct dm_crypt_request *dmreq)
587{
588 u8 *dst;
589 int r;
590
591 if (bio_data_dir(dmreq->ctx->bio_in) == WRITE)
592 return 0;
593
Cong Wangc2e022c2011-11-28 13:26:02 +0800[diff] [blame]594 dst = kmap_atomic(sg_page(&dmreq->sg_out));
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]595 r = crypt_iv_lmk_one(cc, iv, dmreq, dst + dmreq->sg_out.offset);
596
597 /* Tweak the first block of plaintext sector */
598 if (!r)
599 crypto_xor(dst + dmreq->sg_out.offset, iv, cc->iv_size);
600
Cong Wangc2e022c2011-11-28 13:26:02 +0800[diff] [blame]601 kunmap_atomic(dst);
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]602 return r;
603}
604
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]605static void crypt_iv_tcw_dtr(struct crypt_config *cc)
606{
607 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
608
609 kzfree(tcw->iv_seed);
610 tcw->iv_seed = NULL;
611 kzfree(tcw->whitening);
612 tcw->whitening = NULL;
613
614 if (tcw->crc32_tfm && !IS_ERR(tcw->crc32_tfm))
615 crypto_free_shash(tcw->crc32_tfm);
616 tcw->crc32_tfm = NULL;
617}
618
619static int crypt_iv_tcw_ctr(struct crypt_config *cc, struct dm_target *ti,
620 const char *opts)
621{
622 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
623
624 if (cc->key_size <= (cc->iv_size + TCW_WHITENING_SIZE)) {
625 ti->error = "Wrong key size for TCW";
626 return -EINVAL;
627 }
628
629 tcw->crc32_tfm = crypto_alloc_shash("crc32", 0, 0);
630 if (IS_ERR(tcw->crc32_tfm)) {
631 ti->error = "Error initializing CRC32 in TCW";
632 return PTR_ERR(tcw->crc32_tfm);
633 }
634
635 tcw->iv_seed = kzalloc(cc->iv_size, GFP_KERNEL);
636 tcw->whitening = kzalloc(TCW_WHITENING_SIZE, GFP_KERNEL);
637 if (!tcw->iv_seed || !tcw->whitening) {
638 crypt_iv_tcw_dtr(cc);
639 ti->error = "Error allocating seed storage in TCW";
640 return -ENOMEM;
641 }
642
643 return 0;
644}
645
646static int crypt_iv_tcw_init(struct crypt_config *cc)
647{
648 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
649 int key_offset = cc->key_size - cc->iv_size - TCW_WHITENING_SIZE;
650
651 memcpy(tcw->iv_seed, &cc->key[key_offset], cc->iv_size);
652 memcpy(tcw->whitening, &cc->key[key_offset + cc->iv_size],
653 TCW_WHITENING_SIZE);
654
655 return 0;
656}
657
658static int crypt_iv_tcw_wipe(struct crypt_config *cc)
659{
660 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
661
662 memset(tcw->iv_seed, 0, cc->iv_size);
663 memset(tcw->whitening, 0, TCW_WHITENING_SIZE);
664
665 return 0;
666}
667
668static int crypt_iv_tcw_whitening(struct crypt_config *cc,
669 struct dm_crypt_request *dmreq,
670 u8 *data)
671{
672 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
673 u64 sector = cpu_to_le64((u64)dmreq->iv_sector);
674 u8 buf[TCW_WHITENING_SIZE];
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]675 SHASH_DESC_ON_STACK(desc, tcw->crc32_tfm);
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]676 int i, r;
677
678 /* xor whitening with sector number */
679 memcpy(buf, tcw->whitening, TCW_WHITENING_SIZE);
680 crypto_xor(buf, (u8 *)&sector, 8);
681 crypto_xor(&buf[8], (u8 *)&sector, 8);
682
683 /* calculate crc32 for every 32bit part and xor it */
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]684 desc->tfm = tcw->crc32_tfm;
685 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]686 for (i = 0; i < 4; i++) {
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]687 r = crypto_shash_init(desc);
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]688 if (r)
689 goto out;
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]690 r = crypto_shash_update(desc, &buf[i * 4], 4);
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]691 if (r)
692 goto out;
Jan-Simon Möllerb6106262012-07-02 13:50:54 +0200[diff] [blame]693 r = crypto_shash_final(desc, &buf[i * 4]);
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]694 if (r)
695 goto out;
696 }
697 crypto_xor(&buf[0], &buf[12], 4);
698 crypto_xor(&buf[4], &buf[8], 4);
699
700 /* apply whitening (8 bytes) to whole sector */
701 for (i = 0; i < ((1 << SECTOR_SHIFT) / 8); i++)
702 crypto_xor(data + i * 8, buf, 8);
703out:
Milan Broz1a71d6f2014-11-22 09:36:04 +0100[diff] [blame]704 memzero_explicit(buf, sizeof(buf));
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]705 return r;
706}
707
708static int crypt_iv_tcw_gen(struct crypt_config *cc, u8 *iv,
709 struct dm_crypt_request *dmreq)
710{
711 struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
712 u64 sector = cpu_to_le64((u64)dmreq->iv_sector);
713 u8 *src;
714 int r = 0;
715
716 /* Remove whitening from ciphertext */
717 if (bio_data_dir(dmreq->ctx->bio_in) != WRITE) {
718 src = kmap_atomic(sg_page(&dmreq->sg_in));
719 r = crypt_iv_tcw_whitening(cc, dmreq, src + dmreq->sg_in.offset);
720 kunmap_atomic(src);
721 }
722
723 /* Calculate IV */
724 memcpy(iv, tcw->iv_seed, cc->iv_size);
725 crypto_xor(iv, (u8 *)&sector, 8);
726 if (cc->iv_size > 8)
727 crypto_xor(&iv[8], (u8 *)&sector, cc->iv_size - 8);
728
729 return r;
730}
731
732static int crypt_iv_tcw_post(struct crypt_config *cc, u8 *iv,
733 struct dm_crypt_request *dmreq)
734{
735 u8 *dst;
736 int r;
737
738 if (bio_data_dir(dmreq->ctx->bio_in) != WRITE)
739 return 0;
740
741 /* Apply whitening on ciphertext */
742 dst = kmap_atomic(sg_page(&dmreq->sg_out));
743 r = crypt_iv_tcw_whitening(cc, dmreq, dst + dmreq->sg_out.offset);
744 kunmap_atomic(dst);
745
746 return r;
747}
748
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]749static struct crypt_iv_operations crypt_iv_plain_ops = {
750 .generator = crypt_iv_plain_gen
751};
752
Milan Broz61afef62009-12-10 23:52:25 +0000[diff] [blame]753static struct crypt_iv_operations crypt_iv_plain64_ops = {
754 .generator = crypt_iv_plain64_gen
755};
756
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]757static struct crypt_iv_operations crypt_iv_essiv_ops = {
758 .ctr = crypt_iv_essiv_ctr,
759 .dtr = crypt_iv_essiv_dtr,
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]760 .init = crypt_iv_essiv_init,
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]761 .wipe = crypt_iv_essiv_wipe,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]762 .generator = crypt_iv_essiv_gen
763};
764
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]765static struct crypt_iv_operations crypt_iv_benbi_ops = {
766 .ctr = crypt_iv_benbi_ctr,
767 .dtr = crypt_iv_benbi_dtr,
768 .generator = crypt_iv_benbi_gen
769};
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]770
Ludwig Nussel46b47732007-05-09 02:32:55 -0700[diff] [blame]771static struct crypt_iv_operations crypt_iv_null_ops = {
772 .generator = crypt_iv_null_gen
773};
774
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]775static struct crypt_iv_operations crypt_iv_lmk_ops = {
776 .ctr = crypt_iv_lmk_ctr,
777 .dtr = crypt_iv_lmk_dtr,
778 .init = crypt_iv_lmk_init,
779 .wipe = crypt_iv_lmk_wipe,
780 .generator = crypt_iv_lmk_gen,
781 .post = crypt_iv_lmk_post
782};
783
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]784static struct crypt_iv_operations crypt_iv_tcw_ops = {
785 .ctr = crypt_iv_tcw_ctr,
786 .dtr = crypt_iv_tcw_dtr,
787 .init = crypt_iv_tcw_init,
788 .wipe = crypt_iv_tcw_wipe,
789 .generator = crypt_iv_tcw_gen,
790 .post = crypt_iv_tcw_post
791};
792
Milan Brozd469f842007-10-19 22:42:37 +0100[diff] [blame]793static void crypt_convert_init(struct crypt_config *cc,
794 struct convert_context *ctx,
795 struct bio *bio_out, struct bio *bio_in,
Milan Brozfcd369d2008-02-08 02:10:41 +0000[diff] [blame]796 sector_t sector)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]797{
798 ctx->bio_in = bio_in;
799 ctx->bio_out = bio_out;
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]800 if (bio_in)
801 ctx->iter_in = bio_in->bi_iter;
802 if (bio_out)
803 ctx->iter_out = bio_out->bi_iter;
Mikulas Patockac66029f2012-07-27 15:08:05 +0100[diff] [blame]804 ctx->cc_sector = sector + cc->iv_offset;
Milan Broz43d69032008-02-08 02:11:09 +0000[diff] [blame]805 init_completion(&ctx->restart);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]806}
807
Huang Yingb2174ee2009-03-16 17:44:33 +0000[diff] [blame]808static struct dm_crypt_request *dmreq_of_req(struct crypt_config *cc,
809 struct ablkcipher_request *req)
810{
811 return (struct dm_crypt_request *)((char *)req + cc->dmreq_start);
812}
813
814static struct ablkcipher_request *req_of_dmreq(struct crypt_config *cc,
815 struct dm_crypt_request *dmreq)
816{
817 return (struct ablkcipher_request *)((char *)dmreq - cc->dmreq_start);
818}
819
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]820static u8 *iv_of_dmreq(struct crypt_config *cc,
821 struct dm_crypt_request *dmreq)
822{
823 return (u8 *)ALIGN((unsigned long)(dmreq + 1),
824 crypto_ablkcipher_alignmask(any_tfm(cc)) + 1);
825}
826
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]827static int crypt_convert_block(struct crypt_config *cc,
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]828 struct convert_context *ctx,
829 struct ablkcipher_request *req)
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]830{
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]831 struct bio_vec bv_in = bio_iter_iovec(ctx->bio_in, ctx->iter_in);
832 struct bio_vec bv_out = bio_iter_iovec(ctx->bio_out, ctx->iter_out);
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]833 struct dm_crypt_request *dmreq;
834 u8 *iv;
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]835 int r;
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]836
Huang Yingb2174ee2009-03-16 17:44:33 +0000[diff] [blame]837 dmreq = dmreq_of_req(cc, req);
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]838 iv = iv_of_dmreq(cc, dmreq);
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]839
Mikulas Patockac66029f2012-07-27 15:08:05 +0100[diff] [blame]840 dmreq->iv_sector = ctx->cc_sector;
Huang Yingb2174ee2009-03-16 17:44:33 +0000[diff] [blame]841 dmreq->ctx = ctx;
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]842 sg_init_table(&dmreq->sg_in, 1);
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]843 sg_set_page(&dmreq->sg_in, bv_in.bv_page, 1 << SECTOR_SHIFT,
844 bv_in.bv_offset);
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]845
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]846 sg_init_table(&dmreq->sg_out, 1);
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]847 sg_set_page(&dmreq->sg_out, bv_out.bv_page, 1 << SECTOR_SHIFT,
848 bv_out.bv_offset);
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]849
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]850 bio_advance_iter(ctx->bio_in, &ctx->iter_in, 1 << SECTOR_SHIFT);
851 bio_advance_iter(ctx->bio_out, &ctx->iter_out, 1 << SECTOR_SHIFT);
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]852
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]853 if (cc->iv_gen_ops) {
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]854 r = cc->iv_gen_ops->generator(cc, iv, dmreq);
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]855 if (r < 0)
856 return r;
857 }
858
859 ablkcipher_request_set_crypt(req, &dmreq->sg_in, &dmreq->sg_out,
860 1 << SECTOR_SHIFT, iv);
861
862 if (bio_data_dir(ctx->bio_in) == WRITE)
863 r = crypto_ablkcipher_encrypt(req);
864 else
865 r = crypto_ablkcipher_decrypt(req);
866
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]867 if (!r && cc->iv_gen_ops && cc->iv_gen_ops->post)
868 r = cc->iv_gen_ops->post(cc, iv, dmreq);
869
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]870 return r;
Milan Broz01482b72008-02-08 02:11:04 +0000[diff] [blame]871}
872
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]873static void kcryptd_async_done(struct crypto_async_request *async_req,
874 int error);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]875
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]876static void crypt_alloc_req(struct crypt_config *cc,
877 struct convert_context *ctx)
878{
Mikulas Patockac66029f2012-07-27 15:08:05 +0100[diff] [blame]879 unsigned key_index = ctx->cc_sector & (cc->tfms_count - 1);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]880
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]881 if (!ctx->req)
882 ctx->req = mempool_alloc(cc->req_pool, GFP_NOIO);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]883
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]884 ablkcipher_request_set_tfm(ctx->req, cc->tfms[key_index]);
885 ablkcipher_request_set_callback(ctx->req,
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]886 CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]887 kcryptd_async_done, dmreq_of_req(cc, ctx->req));
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]888}
889
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]890static void crypt_free_req(struct crypt_config *cc,
891 struct ablkcipher_request *req, struct bio *base_bio)
892{
893 struct dm_crypt_io *io = dm_per_bio_data(base_bio, cc->per_bio_data_size);
894
895 if ((struct ablkcipher_request *)(io + 1) != req)
896 mempool_free(req, cc->req_pool);
897}
898
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]899/*
900 * Encrypt / decrypt data from one bio to another one (can be the same one)
901 */
902static int crypt_convert(struct crypt_config *cc,
Milan Brozd469f842007-10-19 22:42:37 +0100[diff] [blame]903 struct convert_context *ctx)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]904{
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]905 int r;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]906
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]907 atomic_set(&ctx->cc_pending, 1);
Milan Brozc8081612008-10-10 13:37:08 +0100[diff] [blame]908
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]909 while (ctx->iter_in.bi_size && ctx->iter_out.bi_size) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]910
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]911 crypt_alloc_req(cc, ctx);
912
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]913 atomic_inc(&ctx->cc_pending);
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]914
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]915 r = crypt_convert_block(cc, ctx, ctx->req);
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]916
917 switch (r) {
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]918 /* async */
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]919 case -EBUSY:
920 wait_for_completion(&ctx->restart);
Wolfram Sang16735d02013-11-14 14:32:02 -0800[diff] [blame]921 reinit_completion(&ctx->restart);
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]922 /* fall through*/
923 case -EINPROGRESS:
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]924 ctx->req = NULL;
Mikulas Patockac66029f2012-07-27 15:08:05 +0100[diff] [blame]925 ctx->cc_sector++;
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]926 continue;
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]927
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]928 /* sync */
929 case 0:
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]930 atomic_dec(&ctx->cc_pending);
Mikulas Patockac66029f2012-07-27 15:08:05 +0100[diff] [blame]931 ctx->cc_sector++;
Milan Brozc7f1b202008-07-02 09:34:28 +0100[diff] [blame]932 cond_resched();
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]933 continue;
934
935 /* error */
936 default:
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]937 atomic_dec(&ctx->cc_pending);
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]938 return r;
939 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]940 }
941
Milan Broz3f1e9072008-03-28 14:16:07 -0700[diff] [blame]942 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]943}
944
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]945static void crypt_free_buffer_pages(struct crypt_config *cc, struct bio *clone);
946
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]947/*
948 * Generate a new unfragmented bio with the given size
949 * This should never violate the device limitations
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]950 *
951 * This function may be called concurrently. If we allocate from the mempool
952 * concurrently, there is a possibility of deadlock. For example, if we have
953 * mempool of 256 pages, two processes, each wanting 256, pages allocate from
954 * the mempool concurrently, it may deadlock in a situation where both processes
955 * have allocated 128 pages and the mempool is exhausted.
956 *
957 * In order to avoid this scenario we allocate the pages under a mutex.
958 *
959 * In order to not degrade performance with excessive locking, we try
960 * non-blocking allocations without a mutex first but on failure we fallback
961 * to blocking allocations with a mutex.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]962 */
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]963static struct bio *crypt_alloc_buffer(struct dm_crypt_io *io, unsigned size)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]964{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]965 struct crypt_config *cc = io->cc;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]966 struct bio *clone;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]967 unsigned int nr_iovecs = (size + PAGE_SIZE - 1) >> PAGE_SHIFT;
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]968 gfp_t gfp_mask = GFP_NOWAIT | __GFP_HIGHMEM;
969 unsigned i, len, remaining_size;
Milan Broz91e10622007-12-13 14:16:10 +0000[diff] [blame]970 struct page *page;
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]971 struct bio_vec *bvec;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]972
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]973retry:
974 if (unlikely(gfp_mask & __GFP_WAIT))
975 mutex_lock(&cc->bio_alloc_lock);
976
Olaf Kirch2f9941b2007-05-09 02:32:53 -0700[diff] [blame]977 clone = bio_alloc_bioset(GFP_NOIO, nr_iovecs, cc->bs);
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]978 if (!clone)
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]979 goto return_clone;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]980
Olaf Kirch027581f2007-05-09 02:32:52 -0700[diff] [blame]981 clone_init(io, clone);
Milan Broz6a24c712006-10-03 01:15:40 -0700[diff] [blame]982
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]983 remaining_size = size;
984
Olaf Kirchf97380b2007-05-09 02:32:54 -0700[diff] [blame]985 for (i = 0; i < nr_iovecs; i++) {
Milan Broz91e10622007-12-13 14:16:10 +0000[diff] [blame]986 page = mempool_alloc(cc->page_pool, gfp_mask);
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]987 if (!page) {
988 crypt_free_buffer_pages(cc, clone);
989 bio_put(clone);
990 gfp_mask |= __GFP_WAIT;
991 goto retry;
992 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]993
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]994 len = (remaining_size > PAGE_SIZE) ? PAGE_SIZE : remaining_size;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]995
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]996 bvec = &clone->bi_io_vec[clone->bi_vcnt++];
997 bvec->bv_page = page;
998 bvec->bv_len = len;
999 bvec->bv_offset = 0;
1000
1001 clone->bi_iter.bi_size += len;
Milan Broz91e10622007-12-13 14:16:10 +0000[diff] [blame]1002
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]1003 remaining_size -= len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1004 }
1005
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]1006return_clone:
1007 if (unlikely(gfp_mask & __GFP_WAIT))
1008 mutex_unlock(&cc->bio_alloc_lock);
1009
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1010 return clone;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1011}
1012
Neil Brown644bd2f2007-10-16 13:48:46 +0200[diff] [blame]1013static void crypt_free_buffer_pages(struct crypt_config *cc, struct bio *clone)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1014{
Neil Brown644bd2f2007-10-16 13:48:46 +0200[diff] [blame]1015 unsigned int i;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1016 struct bio_vec *bv;
1017
Kent Overstreetcb34e052012-09-05 15:22:02 -0700[diff] [blame]1018 bio_for_each_segment_all(bv, clone, i) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1019 BUG_ON(!bv->bv_page);
1020 mempool_free(bv->bv_page, cc->page_pool);
1021 bv->bv_page = NULL;
1022 }
1023}
1024
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]1025static void crypt_io_init(struct dm_crypt_io *io, struct crypt_config *cc,
1026 struct bio *bio, sector_t sector)
Milan Brozdc440d1e2008-10-10 13:37:03 +0100[diff] [blame]1027{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1028 io->cc = cc;
Milan Brozdc440d1e2008-10-10 13:37:03 +0100[diff] [blame]1029 io->base_bio = bio;
1030 io->sector = sector;
1031 io->error = 0;
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]1032 io->ctx.req = NULL;
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]1033 atomic_set(&io->io_pending, 0);
Milan Brozdc440d1e2008-10-10 13:37:03 +0100[diff] [blame]1034}
1035
Milan Broz3e1a8bd2008-10-10 13:37:02 +0100[diff] [blame]1036static void crypt_inc_pending(struct dm_crypt_io *io)
1037{
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]1038 atomic_inc(&io->io_pending);
Milan Broz3e1a8bd2008-10-10 13:37:02 +0100[diff] [blame]1039}
1040
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1041/*
1042 * One of the bios was finished. Check for completion of
1043 * the whole request and correctly clean up the buffer.
1044 */
Milan Broz5742fd72008-02-08 02:10:43 +0000[diff] [blame]1045static void crypt_dec_pending(struct dm_crypt_io *io)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1046{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1047 struct crypt_config *cc = io->cc;
Milan Brozb35f8ca2009-03-16 17:44:36 +0000[diff] [blame]1048 struct bio *base_bio = io->base_bio;
Milan Brozb35f8ca2009-03-16 17:44:36 +0000[diff] [blame]1049 int error = io->error;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1050
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]1051 if (!atomic_dec_and_test(&io->io_pending))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1052 return;
1053
Mikulas Patocka610f2de2014-02-20 18:01:01 -0500[diff] [blame]1054 if (io->ctx.req)
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]1055 crypt_free_req(cc, io->ctx.req, base_bio);
Milan Brozb35f8ca2009-03-16 17:44:36 +0000[diff] [blame]1056
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]1057 bio_endio(base_bio, error);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1058}
1059
1060/*
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]1061 * kcryptd/kcryptd_io:
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1062 *
1063 * Needed because it would be very unwise to do decryption in an
Milan Broz23541d22006-10-03 01:15:39 -0700[diff] [blame]1064 * interrupt context.
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]1065 *
1066 * kcryptd performs the actual encryption or decryption.
1067 *
1068 * kcryptd_io performs the IO submission.
1069 *
1070 * They must be separated as otherwise the final stages could be
1071 * starved by new requests which can block in the first stages due
1072 * to memory allocation.
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]1073 *
1074 * The work is done per CPU global for all dm-crypt instances.
1075 * They should not depend on each other and do not block.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1076 */
NeilBrown6712ecf2007-09-27 12:47:43 +0200[diff] [blame]1077static void crypt_endio(struct bio *clone, int error)
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1078{
Alasdair G Kergon028867a2007-07-12 17:26:32 +0100[diff] [blame]1079 struct dm_crypt_io *io = clone->bi_private;
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1080 struct crypt_config *cc = io->cc;
Milan Brozee7a4912008-02-08 02:10:46 +0000[diff] [blame]1081 unsigned rw = bio_data_dir(clone);
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1082
Milan Brozadfe4772007-12-13 14:15:51 +0000[diff] [blame]1083 if (unlikely(!bio_flagged(clone, BIO_UPTODATE) && !error))
1084 error = -EIO;
1085
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1086 /*
NeilBrown6712ecf2007-09-27 12:47:43 +0200[diff] [blame]1087 * free the processed pages
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1088 */
Milan Brozee7a4912008-02-08 02:10:46 +0000[diff] [blame]1089 if (rw == WRITE)
Neil Brown644bd2f2007-10-16 13:48:46 +0200[diff] [blame]1090 crypt_free_buffer_pages(cc, clone);
Milan Brozee7a4912008-02-08 02:10:46 +0000[diff] [blame]1091
1092 bio_put(clone);
1093
1094 if (rw == READ && !error) {
1095 kcryptd_queue_crypt(io);
1096 return;
NeilBrown6712ecf2007-09-27 12:47:43 +0200[diff] [blame]1097 }
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1098
Milan Brozadfe4772007-12-13 14:15:51 +0000[diff] [blame]1099 if (unlikely(error))
Milan Broz5742fd72008-02-08 02:10:43 +0000[diff] [blame]1100 io->error = error;
1101
1102 crypt_dec_pending(io);
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1103}
1104
Alasdair G Kergon028867a2007-07-12 17:26:32 +0100[diff] [blame]1105static void clone_init(struct dm_crypt_io *io, struct bio *clone)
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1106{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1107 struct crypt_config *cc = io->cc;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1108
1109 clone->bi_private = io;
1110 clone->bi_end_io = crypt_endio;
1111 clone->bi_bdev = cc->dev->bdev;
1112 clone->bi_rw = io->base_bio->bi_rw;
1113}
1114
Milan Broz20c82532011-01-13 19:59:53 +0000[diff] [blame]1115static int kcryptd_io_read(struct dm_crypt_io *io, gfp_t gfp)
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1116{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1117 struct crypt_config *cc = io->cc;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1118 struct bio *base_bio = io->base_bio;
1119 struct bio *clone;
Milan Broz93e605c2006-10-03 01:15:38 -0700[diff] [blame]1120
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1121 /*
1122 * The block layer might modify the bvec array, so always
1123 * copy the required bvecs because we need the original
1124 * one in order to decrypt the whole bio data *afterwards*.
1125 */
Kent Overstreetbf800ef2012-09-06 15:35:02 -0700[diff] [blame]1126 clone = bio_clone_bioset(base_bio, gfp, cc->bs);
Jens Axboe7eaceac2011-03-10 08:52:07 +0100[diff] [blame]1127 if (!clone)
Milan Broz20c82532011-01-13 19:59:53 +0000[diff] [blame]1128 return 1;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1129
Milan Broz20c82532011-01-13 19:59:53 +0000[diff] [blame]1130 crypt_inc_pending(io);
1131
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1132 clone_init(io, clone);
Kent Overstreet4f024f32013-10-11 15:44:27 -0700[diff] [blame]1133 clone->bi_iter.bi_sector = cc->start + io->sector;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1134
Milan Broz93e605c2006-10-03 01:15:38 -0700[diff] [blame]1135 generic_make_request(clone);
Milan Broz20c82532011-01-13 19:59:53 +0000[diff] [blame]1136 return 0;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1137}
1138
Milan Broz4e4eef62008-02-08 02:10:49 +0000[diff] [blame]1139static void kcryptd_io_write(struct dm_crypt_io *io)
1140{
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1141 struct bio *clone = io->ctx.bio_out;
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1142 generic_make_request(clone);
Milan Broz4e4eef62008-02-08 02:10:49 +0000[diff] [blame]1143}
1144
Alasdair G Kergon395b1672008-02-08 02:10:52 +0000[diff] [blame]1145static void kcryptd_io(struct work_struct *work)
1146{
1147 struct dm_crypt_io *io = container_of(work, struct dm_crypt_io, work);
1148
Milan Broz20c82532011-01-13 19:59:53 +0000[diff] [blame]1149 if (bio_data_dir(io->base_bio) == READ) {
1150 crypt_inc_pending(io);
1151 if (kcryptd_io_read(io, GFP_NOIO))
1152 io->error = -ENOMEM;
1153 crypt_dec_pending(io);
1154 } else
Alasdair G Kergon395b1672008-02-08 02:10:52 +0000[diff] [blame]1155 kcryptd_io_write(io);
1156}
1157
1158static void kcryptd_queue_io(struct dm_crypt_io *io)
1159{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1160 struct crypt_config *cc = io->cc;
Alasdair G Kergon395b1672008-02-08 02:10:52 +0000[diff] [blame]1161
1162 INIT_WORK(&io->work, kcryptd_io);
1163 queue_work(cc->io_queue, &io->work);
1164}
1165
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1166static void kcryptd_crypt_write_io_submit(struct dm_crypt_io *io, int async)
Milan Broz4e4eef62008-02-08 02:10:49 +0000[diff] [blame]1167{
Milan Brozdec1ced2008-02-08 02:10:57 +0000[diff] [blame]1168 struct bio *clone = io->ctx.bio_out;
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1169 struct crypt_config *cc = io->cc;
Milan Brozdec1ced2008-02-08 02:10:57 +0000[diff] [blame]1170
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1171 if (unlikely(io->error < 0)) {
Milan Brozdec1ced2008-02-08 02:10:57 +0000[diff] [blame]1172 crypt_free_buffer_pages(cc, clone);
1173 bio_put(clone);
Milan Broz6c031f42008-10-10 13:37:06 +0100[diff] [blame]1174 crypt_dec_pending(io);
Milan Brozdec1ced2008-02-08 02:10:57 +0000[diff] [blame]1175 return;
1176 }
1177
1178 /* crypt_convert should have filled the clone bio */
Kent Overstreet003b5c52013-10-11 15:45:43 -0700[diff] [blame]1179 BUG_ON(io->ctx.iter_out.bi_size);
Milan Brozdec1ced2008-02-08 02:10:57 +0000[diff] [blame]1180
Kent Overstreet4f024f32013-10-11 15:44:27 -0700[diff] [blame]1181 clone->bi_iter.bi_sector = cc->start + io->sector;
Milan Broz899c95d2008-02-08 02:11:02 +0000[diff] [blame]1182
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1183 if (async)
1184 kcryptd_queue_io(io);
Alasdair G Kergon1e37bb82008-10-10 13:37:05 +0100[diff] [blame]1185 else
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1186 generic_make_request(clone);
Milan Broz4e4eef62008-02-08 02:10:49 +0000[diff] [blame]1187}
1188
Milan Brozfc5a5e92008-10-10 13:37:04 +0100[diff] [blame]1189static void kcryptd_crypt_write_convert(struct dm_crypt_io *io)
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1190{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1191 struct crypt_config *cc = io->cc;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1192 struct bio *clone;
Milan Brozc8081612008-10-10 13:37:08 +0100[diff] [blame]1193 int crypt_finished;
Milan Brozb635b002008-10-21 17:45:00 +0100[diff] [blame]1194 sector_t sector = io->sector;
Milan Brozdec1ced2008-02-08 02:10:57 +0000[diff] [blame]1195 int r;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1196
Milan Broz93e605c2006-10-03 01:15:38 -0700[diff] [blame]1197 /*
Milan Brozfc5a5e92008-10-10 13:37:04 +0100[diff] [blame]1198 * Prevent io from disappearing until this function completes.
1199 */
1200 crypt_inc_pending(io);
Milan Brozb635b002008-10-21 17:45:00 +0100[diff] [blame]1201 crypt_convert_init(cc, &io->ctx, NULL, io->base_bio, sector);
Milan Brozfc5a5e92008-10-10 13:37:04 +0100[diff] [blame]1202
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]1203 clone = crypt_alloc_buffer(io, io->base_bio->bi_iter.bi_size);
1204 if (unlikely(!clone)) {
1205 io->error = -EIO;
1206 goto dec;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1207 }
Milan Broz899c95d2008-02-08 02:11:02 +0000[diff] [blame]1208
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]1209 io->ctx.bio_out = clone;
1210 io->ctx.iter_out = clone->bi_iter;
1211
1212 sector += bio_sectors(clone);
1213
1214 crypt_inc_pending(io);
1215 r = crypt_convert(cc, &io->ctx);
1216 if (r)
1217 io->error = -EIO;
1218 crypt_finished = atomic_dec_and_test(&io->ctx.cc_pending);
1219
1220 /* Encryption was already finished, submit io now */
1221 if (crypt_finished) {
1222 kcryptd_crypt_write_io_submit(io, 0);
1223 io->sector = sector;
1224 }
1225
1226dec:
Milan Broz899c95d2008-02-08 02:11:02 +0000[diff] [blame]1227 crypt_dec_pending(io);
Milan Broz84131db2008-02-08 02:10:59 +0000[diff] [blame]1228}
1229
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1230static void kcryptd_crypt_read_done(struct dm_crypt_io *io)
Milan Broz5742fd72008-02-08 02:10:43 +0000[diff] [blame]1231{
Milan Broz5742fd72008-02-08 02:10:43 +0000[diff] [blame]1232 crypt_dec_pending(io);
1233}
1234
Milan Broz4e4eef62008-02-08 02:10:49 +0000[diff] [blame]1235static void kcryptd_crypt_read_convert(struct dm_crypt_io *io)
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1236{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1237 struct crypt_config *cc = io->cc;
Milan Broz5742fd72008-02-08 02:10:43 +0000[diff] [blame]1238 int r = 0;
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1239
Milan Broz3e1a8bd2008-10-10 13:37:02 +0100[diff] [blame]1240 crypt_inc_pending(io);
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]1241
Milan Broz53017032008-02-08 02:10:38 +0000[diff] [blame]1242 crypt_convert_init(cc, &io->ctx, io->base_bio, io->base_bio,
Milan Broz0c395b02008-02-08 02:10:54 +0000[diff] [blame]1243 io->sector);
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1244
Milan Broz5742fd72008-02-08 02:10:43 +0000[diff] [blame]1245 r = crypt_convert(cc, &io->ctx);
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1246 if (r < 0)
1247 io->error = -EIO;
Milan Broz5742fd72008-02-08 02:10:43 +0000[diff] [blame]1248
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]1249 if (atomic_dec_and_test(&io->ctx.cc_pending))
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1250 kcryptd_crypt_read_done(io);
Milan Broz3a7f6c92008-02-08 02:11:14 +0000[diff] [blame]1251
1252 crypt_dec_pending(io);
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1253}
1254
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1255static void kcryptd_async_done(struct crypto_async_request *async_req,
1256 int error)
1257{
Huang Yingb2174ee2009-03-16 17:44:33 +0000[diff] [blame]1258 struct dm_crypt_request *dmreq = async_req->data;
1259 struct convert_context *ctx = dmreq->ctx;
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1260 struct dm_crypt_io *io = container_of(ctx, struct dm_crypt_io, ctx);
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1261 struct crypt_config *cc = io->cc;
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1262
1263 if (error == -EINPROGRESS) {
1264 complete(&ctx->restart);
1265 return;
1266 }
1267
Milan Broz2dc53272011-01-13 19:59:54 +0000[diff] [blame]1268 if (!error && cc->iv_gen_ops && cc->iv_gen_ops->post)
1269 error = cc->iv_gen_ops->post(cc, iv_of_dmreq(cc, dmreq), dmreq);
1270
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1271 if (error < 0)
1272 io->error = -EIO;
1273
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]1274 crypt_free_req(cc, req_of_dmreq(cc, dmreq), io->base_bio);
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1275
Mikulas Patocka40b62292012-07-27 15:08:04 +0100[diff] [blame]1276 if (!atomic_dec_and_test(&ctx->cc_pending))
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1277 return;
1278
1279 if (bio_data_dir(io->base_bio) == READ)
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1280 kcryptd_crypt_read_done(io);
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1281 else
Mikulas Patocka72c6e7a2012-03-28 18:41:22 +0100[diff] [blame]1282 kcryptd_crypt_write_io_submit(io, 1);
Milan Broz95497a92008-02-08 02:11:12 +0000[diff] [blame]1283}
1284
Milan Broz4e4eef62008-02-08 02:10:49 +0000[diff] [blame]1285static void kcryptd_crypt(struct work_struct *work)
1286{
1287 struct dm_crypt_io *io = container_of(work, struct dm_crypt_io, work);
1288
1289 if (bio_data_dir(io->base_bio) == READ)
1290 kcryptd_crypt_read_convert(io);
1291 else
1292 kcryptd_crypt_write_convert(io);
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1293}
1294
Alasdair G Kergon395b1672008-02-08 02:10:52 +0000[diff] [blame]1295static void kcryptd_queue_crypt(struct dm_crypt_io *io)
1296{
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1297 struct crypt_config *cc = io->cc;
Alasdair G Kergon395b1672008-02-08 02:10:52 +0000[diff] [blame]1298
1299 INIT_WORK(&io->work, kcryptd_crypt);
1300 queue_work(cc->crypt_queue, &io->work);
1301}
1302
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1303/*
1304 * Decode key from its hex representation
1305 */
1306static int crypt_decode_key(u8 *key, char *hex, unsigned int size)
1307{
1308 char buffer[3];
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1309 unsigned int i;
1310
1311 buffer[2] = '\0';
1312
Milan Broz8b004452006-10-03 01:15:37 -0700[diff] [blame]1313 for (i = 0; i < size; i++) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1314 buffer[0] = *hex++;
1315 buffer[1] = *hex++;
1316
majianpeng1a66a082012-07-27 15:07:59 +0100[diff] [blame]1317 if (kstrtou8(buffer, 16, &key[i]))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1318 return -EINVAL;
1319 }
1320
1321 if (*hex != '\0')
1322 return -EINVAL;
1323
1324 return 0;
1325}
1326
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1327static void crypt_free_tfms(struct crypt_config *cc)
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1328{
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1329 unsigned i;
1330
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1331 if (!cc->tfms)
1332 return;
1333
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1334 for (i = 0; i < cc->tfms_count; i++)
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1335 if (cc->tfms[i] && !IS_ERR(cc->tfms[i])) {
1336 crypto_free_ablkcipher(cc->tfms[i]);
1337 cc->tfms[i] = NULL;
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1338 }
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1339
1340 kfree(cc->tfms);
1341 cc->tfms = NULL;
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1342}
1343
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1344static int crypt_alloc_tfms(struct crypt_config *cc, char *ciphermode)
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1345{
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1346 unsigned i;
1347 int err;
1348
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1349 cc->tfms = kmalloc(cc->tfms_count * sizeof(struct crypto_ablkcipher *),
1350 GFP_KERNEL);
1351 if (!cc->tfms)
1352 return -ENOMEM;
1353
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1354 for (i = 0; i < cc->tfms_count; i++) {
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1355 cc->tfms[i] = crypto_alloc_ablkcipher(ciphermode, 0, 0);
1356 if (IS_ERR(cc->tfms[i])) {
1357 err = PTR_ERR(cc->tfms[i]);
1358 crypt_free_tfms(cc);
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1359 return err;
1360 }
1361 }
1362
1363 return 0;
1364}
1365
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]1366static int crypt_setkey_allcpus(struct crypt_config *cc)
1367{
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]1368 unsigned subkey_size;
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1369 int err = 0, i, r;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]1370
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]1371 /* Ignore extra keys (which are used for IV etc) */
1372 subkey_size = (cc->key_size - cc->key_extra_size) >> ilog2(cc->tfms_count);
1373
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1374 for (i = 0; i < cc->tfms_count; i++) {
1375 r = crypto_ablkcipher_setkey(cc->tfms[i],
1376 cc->key + (i * subkey_size),
1377 subkey_size);
1378 if (r)
1379 err = r;
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]1380 }
1381
1382 return err;
1383}
1384
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1385static int crypt_set_key(struct crypt_config *cc, char *key)
1386{
Milan Brozde8be5a2011-03-24 13:54:27 +0000[diff] [blame]1387 int r = -EINVAL;
1388 int key_string_len = strlen(key);
1389
Milan Broz69a8cfc2011-01-13 19:59:49 +0000[diff] [blame]1390 /* The key size may not be changed. */
Milan Brozde8be5a2011-03-24 13:54:27 +0000[diff] [blame]1391 if (cc->key_size != (key_string_len >> 1))
1392 goto out;
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1393
Milan Broz69a8cfc2011-01-13 19:59:49 +0000[diff] [blame]1394 /* Hyphen (which gives a key_size of zero) means there is no key. */
1395 if (!cc->key_size && strcmp(key, "-"))
Milan Brozde8be5a2011-03-24 13:54:27 +0000[diff] [blame]1396 goto out;
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1397
Milan Broz69a8cfc2011-01-13 19:59:49 +0000[diff] [blame]1398 if (cc->key_size && crypt_decode_key(cc->key, key, cc->key_size) < 0)
Milan Brozde8be5a2011-03-24 13:54:27 +0000[diff] [blame]1399 goto out;
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1400
1401 set_bit(DM_CRYPT_KEY_VALID, &cc->flags);
1402
Milan Brozde8be5a2011-03-24 13:54:27 +0000[diff] [blame]1403 r = crypt_setkey_allcpus(cc);
1404
1405out:
1406 /* Hex key string not needed after here, so wipe it. */
1407 memset(key, '0', key_string_len);
1408
1409 return r;
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1410}
1411
1412static int crypt_wipe_key(struct crypt_config *cc)
1413{
1414 clear_bit(DM_CRYPT_KEY_VALID, &cc->flags);
1415 memset(&cc->key, 0, cc->key_size * sizeof(u8));
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]1416
1417 return crypt_setkey_allcpus(cc);
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1418}
1419
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1420static void crypt_dtr(struct dm_target *ti)
1421{
1422 struct crypt_config *cc = ti->private;
1423
1424 ti->private = NULL;
1425
1426 if (!cc)
1427 return;
1428
1429 if (cc->io_queue)
1430 destroy_workqueue(cc->io_queue);
1431 if (cc->crypt_queue)
1432 destroy_workqueue(cc->crypt_queue);
1433
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1434 crypt_free_tfms(cc);
1435
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1436 if (cc->bs)
1437 bioset_free(cc->bs);
1438
1439 if (cc->page_pool)
1440 mempool_destroy(cc->page_pool);
1441 if (cc->req_pool)
1442 mempool_destroy(cc->req_pool);
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1443
1444 if (cc->iv_gen_ops && cc->iv_gen_ops->dtr)
1445 cc->iv_gen_ops->dtr(cc);
1446
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1447 if (cc->dev)
1448 dm_put_device(ti, cc->dev);
1449
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1450 kzfree(cc->cipher);
Milan Broz7dbcd132011-01-13 19:59:52 +0000[diff] [blame]1451 kzfree(cc->cipher_string);
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1452
1453 /* Must zero key material before freeing */
1454 kzfree(cc);
1455}
1456
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1457static int crypt_ctr_cipher(struct dm_target *ti,
1458 char *cipher_in, char *key)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1459{
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1460 struct crypt_config *cc = ti->private;
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1461 char *tmp, *cipher, *chainmode, *ivmode, *ivopts, *keycount;
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1462 char *cipher_api = NULL;
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1463 int ret = -EINVAL;
Mikulas Patocka31998ef12012-03-28 18:41:26 +0100[diff] [blame]1464 char dummy;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1465
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1466 /* Convert to crypto api definition? */
1467 if (strchr(cipher_in, '(')) {
1468 ti->error = "Bad cipher specification";
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1469 return -EINVAL;
1470 }
1471
Milan Broz7dbcd132011-01-13 19:59:52 +0000[diff] [blame]1472 cc->cipher_string = kstrdup(cipher_in, GFP_KERNEL);
1473 if (!cc->cipher_string)
1474 goto bad_mem;
1475
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1476 /*
1477 * Legacy dm-crypt cipher specification
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1478 * cipher[:keycount]-mode-iv:ivopts
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1479 */
1480 tmp = cipher_in;
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1481 keycount = strsep(&tmp, "-");
1482 cipher = strsep(&keycount, ":");
1483
1484 if (!keycount)
1485 cc->tfms_count = 1;
Mikulas Patocka31998ef12012-03-28 18:41:26 +0100[diff] [blame]1486 else if (sscanf(keycount, "%u%c", &cc->tfms_count, &dummy) != 1 ||
Milan Brozd1f96422011-01-13 19:59:54 +0000[diff] [blame]1487 !is_power_of_2(cc->tfms_count)) {
1488 ti->error = "Bad cipher key count specification";
1489 return -EINVAL;
1490 }
1491 cc->key_parts = cc->tfms_count;
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]1492 cc->key_extra_size = 0;
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1493
1494 cc->cipher = kstrdup(cipher, GFP_KERNEL);
1495 if (!cc->cipher)
1496 goto bad_mem;
1497
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1498 chainmode = strsep(&tmp, "-");
1499 ivopts = strsep(&tmp, "-");
1500 ivmode = strsep(&ivopts, ":");
1501
1502 if (tmp)
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1503 DMWARN("Ignoring unexpected additional cipher options");
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1504
Milan Broz7dbcd132011-01-13 19:59:52 +0000[diff] [blame]1505 /*
1506 * For compatibility with the original dm-crypt mapping format, if
1507 * only the cipher name is supplied, use cbc-plain.
1508 */
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1509 if (!chainmode || (!strcmp(chainmode, "plain") && !ivmode)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1510 chainmode = "cbc";
1511 ivmode = "plain";
1512 }
1513
Herbert Xud1806f62006-08-22 20:29:17 +1000[diff] [blame]1514 if (strcmp(chainmode, "ecb") && !ivmode) {
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1515 ti->error = "IV mechanism required";
1516 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1517 }
1518
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1519 cipher_api = kmalloc(CRYPTO_MAX_ALG_NAME, GFP_KERNEL);
1520 if (!cipher_api)
1521 goto bad_mem;
1522
1523 ret = snprintf(cipher_api, CRYPTO_MAX_ALG_NAME,
1524 "%s(%s)", chainmode, cipher);
1525 if (ret < 0) {
1526 kfree(cipher_api);
1527 goto bad_mem;
Herbert Xud1806f62006-08-22 20:29:17 +1000[diff] [blame]1528 }
1529
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1530 /* Allocate cipher */
Mikulas Patockafd2d2312012-07-27 15:08:05 +0100[diff] [blame]1531 ret = crypt_alloc_tfms(cc, cipher_api);
1532 if (ret < 0) {
1533 ti->error = "Error allocating crypto tfm";
1534 goto bad;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1535 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1536
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1537 /* Initialize IV */
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]1538 cc->iv_size = crypto_ablkcipher_ivsize(any_tfm(cc));
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1539 if (cc->iv_size)
1540 /* at least a 64 bit sector number should fit in our buffer */
1541 cc->iv_size = max(cc->iv_size,
1542 (unsigned int)(sizeof(u64) / sizeof(u8)));
1543 else if (ivmode) {
1544 DMWARN("Selected cipher does not support IVs");
1545 ivmode = NULL;
1546 }
1547
1548 /* Choose ivmode, see comments at iv code. */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1549 if (ivmode == NULL)
1550 cc->iv_gen_ops = NULL;
1551 else if (strcmp(ivmode, "plain") == 0)
1552 cc->iv_gen_ops = &crypt_iv_plain_ops;
Milan Broz61afef62009-12-10 23:52:25 +0000[diff] [blame]1553 else if (strcmp(ivmode, "plain64") == 0)
1554 cc->iv_gen_ops = &crypt_iv_plain64_ops;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1555 else if (strcmp(ivmode, "essiv") == 0)
1556 cc->iv_gen_ops = &crypt_iv_essiv_ops;
Rik Snel48527fa2006-09-03 08:56:39 +1000[diff] [blame]1557 else if (strcmp(ivmode, "benbi") == 0)
1558 cc->iv_gen_ops = &crypt_iv_benbi_ops;
Ludwig Nussel46b47732007-05-09 02:32:55 -0700[diff] [blame]1559 else if (strcmp(ivmode, "null") == 0)
1560 cc->iv_gen_ops = &crypt_iv_null_ops;
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]1561 else if (strcmp(ivmode, "lmk") == 0) {
1562 cc->iv_gen_ops = &crypt_iv_lmk_ops;
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]1563 /*
1564 * Version 2 and 3 is recognised according
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]1565 * to length of provided multi-key string.
1566 * If present (version 3), last key is used as IV seed.
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]1567 * All keys (including IV seed) are always the same size.
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]1568 */
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]1569 if (cc->key_size % cc->key_parts) {
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]1570 cc->key_parts++;
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]1571 cc->key_extra_size = cc->key_size / cc->key_parts;
1572 }
Milan Brozed04d982013-10-28 23:21:04 +0100[diff] [blame]1573 } else if (strcmp(ivmode, "tcw") == 0) {
1574 cc->iv_gen_ops = &crypt_iv_tcw_ops;
1575 cc->key_parts += 2; /* IV + whitening */
1576 cc->key_extra_size = cc->iv_size + TCW_WHITENING_SIZE;
Milan Broz34745782011-01-13 19:59:55 +0000[diff] [blame]1577 } else {
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1578 ret = -EINVAL;
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]1579 ti->error = "Invalid IV mode";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1580 goto bad;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1581 }
1582
Milan Brozda31a072013-10-28 23:21:03 +0100[diff] [blame]1583 /* Initialize and set key */
1584 ret = crypt_set_key(cc, key);
1585 if (ret < 0) {
1586 ti->error = "Error decoding and setting key";
1587 goto bad;
1588 }
1589
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1590 /* Allocate IV */
1591 if (cc->iv_gen_ops && cc->iv_gen_ops->ctr) {
1592 ret = cc->iv_gen_ops->ctr(cc, ti, ivopts);
1593 if (ret < 0) {
1594 ti->error = "Error creating IV";
1595 goto bad;
1596 }
Milan Brozb95bf2d2009-12-10 23:51:56 +0000[diff] [blame]1597 }
1598
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1599 /* Initialize IV (set keys for ESSIV etc) */
1600 if (cc->iv_gen_ops && cc->iv_gen_ops->init) {
1601 ret = cc->iv_gen_ops->init(cc);
1602 if (ret < 0) {
1603 ti->error = "Error initialising IV";
1604 goto bad;
1605 }
1606 }
1607
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1608 ret = 0;
1609bad:
1610 kfree(cipher_api);
1611 return ret;
1612
1613bad_mem:
1614 ti->error = "Cannot allocate cipher strings";
1615 return -ENOMEM;
1616}
1617
1618/*
1619 * Construct an encryption mapping:
1620 * <cipher> <key> <iv_offset> <dev_path> <start>
1621 */
1622static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
1623{
1624 struct crypt_config *cc;
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1625 unsigned int key_size, opt_params;
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1626 unsigned long long tmpll;
1627 int ret;
Mikulas Patockad49ec522014-08-28 11:09:31 -0400[diff] [blame]1628 size_t iv_size_padding;
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1629 struct dm_arg_set as;
1630 const char *opt_string;
Mikulas Patocka31998ef12012-03-28 18:41:26 +0100[diff] [blame]1631 char dummy;
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1632
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1633 static struct dm_arg _args[] = {
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]1634 {0, 2, "Invalid number of feature args"},
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1635 };
1636
1637 if (argc < 5) {
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1638 ti->error = "Not enough arguments";
1639 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1640 }
1641
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1642 key_size = strlen(argv[1]) >> 1;
1643
1644 cc = kzalloc(sizeof(*cc) + key_size * sizeof(u8), GFP_KERNEL);
1645 if (!cc) {
1646 ti->error = "Cannot allocate encryption context";
1647 return -ENOMEM;
1648 }
Milan Broz69a8cfc2011-01-13 19:59:49 +0000[diff] [blame]1649 cc->key_size = key_size;
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1650
1651 ti->private = cc;
1652 ret = crypt_ctr_cipher(ti, argv[0], argv[1]);
1653 if (ret < 0)
1654 goto bad;
1655
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]1656 cc->dmreq_start = sizeof(struct ablkcipher_request);
Andi Kleenc0297722011-01-13 19:59:53 +0000[diff] [blame]1657 cc->dmreq_start += crypto_ablkcipher_reqsize(any_tfm(cc));
Mikulas Patockad49ec522014-08-28 11:09:31 -0400[diff] [blame]1658 cc->dmreq_start = ALIGN(cc->dmreq_start, __alignof__(struct dm_crypt_request));
1659
1660 if (crypto_ablkcipher_alignmask(any_tfm(cc)) < CRYPTO_MINALIGN) {
1661 /* Allocate the padding exactly */
1662 iv_size_padding = -(cc->dmreq_start + sizeof(struct dm_crypt_request))
1663 & crypto_ablkcipher_alignmask(any_tfm(cc));
1664 } else {
1665 /*
1666 * If the cipher requires greater alignment than kmalloc
1667 * alignment, we don't know the exact position of the
1668 * initialization vector. We must assume worst case.
1669 */
1670 iv_size_padding = crypto_ablkcipher_alignmask(any_tfm(cc));
1671 }
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]1672
Mikulas Patocka94f5e022015-02-13 08:25:26 -0500[diff] [blame^]1673 ret = -ENOMEM;
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]1674 cc->req_pool = mempool_create_kmalloc_pool(MIN_IOS, cc->dmreq_start +
Mikulas Patockad49ec522014-08-28 11:09:31 -0400[diff] [blame]1675 sizeof(struct dm_crypt_request) + iv_size_padding + cc->iv_size);
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]1676 if (!cc->req_pool) {
1677 ti->error = "Cannot allocate crypt request mempool";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1678 goto bad;
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]1679 }
Milan Brozddd42ed2008-02-08 02:11:07 +0000[diff] [blame]1680
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]1681 cc->per_bio_data_size = ti->per_bio_data_size =
Mikulas Patockad49ec522014-08-28 11:09:31 -0400[diff] [blame]1682 ALIGN(sizeof(struct dm_crypt_io) + cc->dmreq_start +
1683 sizeof(struct dm_crypt_request) + iv_size_padding + cc->iv_size,
1684 ARCH_KMALLOC_MINALIGN);
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]1685
Mikulas Patockacf2f1ab2015-02-13 08:23:52 -0500[diff] [blame]1686 cc->page_pool = mempool_create_page_pool(BIO_MAX_PAGES, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1687 if (!cc->page_pool) {
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]1688 ti->error = "Cannot allocate page mempool";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1689 goto bad;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1690 }
1691
Jens Axboebb799ca2008-12-10 15:35:05 +0100[diff] [blame]1692 cc->bs = bioset_create(MIN_IOS, 0);
Milan Broz6a24c712006-10-03 01:15:40 -0700[diff] [blame]1693 if (!cc->bs) {
1694 ti->error = "Cannot allocate crypt bioset";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1695 goto bad;
Milan Broz6a24c712006-10-03 01:15:40 -0700[diff] [blame]1696 }
1697
Mikulas Patocka7145c242015-02-13 08:24:41 -0500[diff] [blame]1698 mutex_init(&cc->bio_alloc_lock);
1699
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1700 ret = -EINVAL;
Mikulas Patocka31998ef12012-03-28 18:41:26 +0100[diff] [blame]1701 if (sscanf(argv[2], "%llu%c", &tmpll, &dummy) != 1) {
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]1702 ti->error = "Invalid iv_offset sector";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1703 goto bad;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1704 }
Andrew Morton4ee218c2006-03-27 01:17:48 -0800[diff] [blame]1705 cc->iv_offset = tmpll;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1706
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1707 if (dm_get_device(ti, argv[3], dm_table_get_mode(ti->table), &cc->dev)) {
1708 ti->error = "Device lookup failed";
1709 goto bad;
1710 }
1711
Mikulas Patocka31998ef12012-03-28 18:41:26 +0100[diff] [blame]1712 if (sscanf(argv[4], "%llu%c", &tmpll, &dummy) != 1) {
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]1713 ti->error = "Invalid device sector";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1714 goto bad;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1715 }
Andrew Morton4ee218c2006-03-27 01:17:48 -0800[diff] [blame]1716 cc->start = tmpll;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1717
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1718 argv += 5;
1719 argc -= 5;
1720
1721 /* Optional parameters */
1722 if (argc) {
1723 as.argc = argc;
1724 as.argv = argv;
1725
1726 ret = dm_read_arg_group(_args, &as, &opt_params, &ti->error);
1727 if (ret)
1728 goto bad;
1729
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]1730 while (opt_params--) {
1731 opt_string = dm_shift_arg(&as);
1732 if (!opt_string) {
1733 ti->error = "Not enough feature arguments";
1734 goto bad;
1735 }
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1736
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]1737 if (!strcasecmp(opt_string, "allow_discards"))
1738 ti->num_discard_bios = 1;
1739
1740 else if (!strcasecmp(opt_string, "same_cpu_crypt"))
1741 set_bit(DM_CRYPT_SAME_CPU, &cc->flags);
1742
1743 else {
1744 ti->error = "Invalid feature arguments";
1745 goto bad;
1746 }
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1747 }
1748 }
1749
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1750 ret = -ENOMEM;
Tejun Heo670368a2013-07-30 08:40:21 -0400[diff] [blame]1751 cc->io_queue = alloc_workqueue("kcryptd_io", WQ_MEM_RECLAIM, 1);
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]1752 if (!cc->io_queue) {
1753 ti->error = "Couldn't create kcryptd io queue";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1754 goto bad;
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]1755 }
1756
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]1757 if (test_bit(DM_CRYPT_SAME_CPU, &cc->flags))
1758 cc->crypt_queue = alloc_workqueue("kcryptd", WQ_CPU_INTENSIVE | WQ_MEM_RECLAIM, 1);
1759 else
1760 cc->crypt_queue = alloc_workqueue("kcryptd", WQ_CPU_INTENSIVE | WQ_MEM_RECLAIM | WQ_UNBOUND,
1761 num_online_cpus());
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]1762 if (!cc->crypt_queue) {
Milan Broz9934a8b2007-10-19 22:38:57 +0100[diff] [blame]1763 ti->error = "Couldn't create kcryptd queue";
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1764 goto bad;
Milan Broz9934a8b2007-10-19 22:38:57 +0100[diff] [blame]1765 }
1766
Alasdair G Kergon55a62ee2013-03-01 22:45:47 +0000[diff] [blame]1767 ti->num_flush_bios = 1;
Alasdair G Kergon0ac55482012-07-27 15:08:08 +0100[diff] [blame]1768 ti->discard_zeroes_data_unsupported = true;
Milan Broz983c7db2011-09-25 23:26:21 +0100[diff] [blame]1769
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1770 return 0;
1771
Milan Broz28513fc2010-08-12 04:14:06 +0100[diff] [blame]1772bad:
1773 crypt_dtr(ti);
1774 return ret;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1775}
1776
Mikulas Patocka7de3ee52012-12-21 20:23:41 +0000[diff] [blame]1777static int crypt_map(struct dm_target *ti, struct bio *bio)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1778{
Alasdair G Kergon028867a2007-07-12 17:26:32 +0100[diff] [blame]1779 struct dm_crypt_io *io;
Alasdair G Kergon49a8a922012-07-27 15:08:05 +0100[diff] [blame]1780 struct crypt_config *cc = ti->private;
Mikulas Patocka647c7db2009-06-22 10:12:23 +0100[diff] [blame]1781
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1782 /*
1783 * If bio is REQ_FLUSH or REQ_DISCARD, just bypass crypt queues.
1784 * - for REQ_FLUSH device-mapper core ensures that no IO is in-flight
1785 * - for REQ_DISCARD caller must use flush if IO ordering matters
1786 */
1787 if (unlikely(bio->bi_rw & (REQ_FLUSH | REQ_DISCARD))) {
Mikulas Patocka647c7db2009-06-22 10:12:23 +0100[diff] [blame]1788 bio->bi_bdev = cc->dev->bdev;
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1789 if (bio_sectors(bio))
Kent Overstreet4f024f32013-10-11 15:44:27 -0700[diff] [blame]1790 bio->bi_iter.bi_sector = cc->start +
1791 dm_target_offset(ti, bio->bi_iter.bi_sector);
Mikulas Patocka647c7db2009-06-22 10:12:23 +0100[diff] [blame]1792 return DM_MAPIO_REMAPPED;
1793 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1794
Mikulas Patocka298a9fa2014-03-28 15:51:55 -0400[diff] [blame]1795 io = dm_per_bio_data(bio, cc->per_bio_data_size);
1796 crypt_io_init(io, cc, bio, dm_target_offset(ti, bio->bi_iter.bi_sector));
1797 io->ctx.req = (struct ablkcipher_request *)(io + 1);
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]1798
Milan Broz20c82532011-01-13 19:59:53 +0000[diff] [blame]1799 if (bio_data_dir(io->base_bio) == READ) {
1800 if (kcryptd_io_read(io, GFP_NOWAIT))
1801 kcryptd_queue_io(io);
1802 } else
Milan Brozcabf08e2007-10-19 22:38:58 +0100[diff] [blame]1803 kcryptd_queue_crypt(io);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1804
Kiyoshi Uedad2a7ad22006-12-08 02:41:06 -0800[diff] [blame]1805 return DM_MAPIO_SUBMITTED;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1806}
1807
Mikulas Patockafd7c092e2013-03-01 22:45:44 +0000[diff] [blame]1808static void crypt_status(struct dm_target *ti, status_type_t type,
1809 unsigned status_flags, char *result, unsigned maxlen)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1810{
Milan Broz5ebaee62010-08-12 04:14:07 +0100[diff] [blame]1811 struct crypt_config *cc = ti->private;
Mikulas Patockafd7c092e2013-03-01 22:45:44 +0000[diff] [blame]1812 unsigned i, sz = 0;
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]1813 int num_feature_args = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1814
1815 switch (type) {
1816 case STATUSTYPE_INFO:
1817 result[0] = '\0';
1818 break;
1819
1820 case STATUSTYPE_TABLE:
Milan Broz7dbcd132011-01-13 19:59:52 +0000[diff] [blame]1821 DMEMIT("%s ", cc->cipher_string);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1822
Mikulas Patockafd7c092e2013-03-01 22:45:44 +0000[diff] [blame]1823 if (cc->key_size > 0)
1824 for (i = 0; i < cc->key_size; i++)
1825 DMEMIT("%02x", cc->key[i]);
1826 else
1827 DMEMIT("-");
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1828
Andrew Morton4ee218c2006-03-27 01:17:48 -0800[diff] [blame]1829 DMEMIT(" %llu %s %llu", (unsigned long long)cc->iv_offset,
1830 cc->dev->name, (unsigned long long)cc->start);
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1831
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]1832 num_feature_args += !!ti->num_discard_bios;
1833 num_feature_args += test_bit(DM_CRYPT_SAME_CPU, &cc->flags);
1834 if (num_feature_args) {
1835 DMEMIT(" %d", num_feature_args);
1836 if (ti->num_discard_bios)
1837 DMEMIT(" allow_discards");
1838 if (test_bit(DM_CRYPT_SAME_CPU, &cc->flags))
1839 DMEMIT(" same_cpu_crypt");
1840 }
Milan Broz772ae5f2011-08-02 12:32:08 +0100[diff] [blame]1841
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1842 break;
1843 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1844}
1845
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1846static void crypt_postsuspend(struct dm_target *ti)
1847{
1848 struct crypt_config *cc = ti->private;
1849
1850 set_bit(DM_CRYPT_SUSPENDED, &cc->flags);
1851}
1852
1853static int crypt_preresume(struct dm_target *ti)
1854{
1855 struct crypt_config *cc = ti->private;
1856
1857 if (!test_bit(DM_CRYPT_KEY_VALID, &cc->flags)) {
1858 DMERR("aborting resume - crypt key is not set.");
1859 return -EAGAIN;
1860 }
1861
1862 return 0;
1863}
1864
1865static void crypt_resume(struct dm_target *ti)
1866{
1867 struct crypt_config *cc = ti->private;
1868
1869 clear_bit(DM_CRYPT_SUSPENDED, &cc->flags);
1870}
1871
1872/* Message interface
1873 * key set <key>
1874 * key wipe
1875 */
1876static int crypt_message(struct dm_target *ti, unsigned argc, char **argv)
1877{
1878 struct crypt_config *cc = ti->private;
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]1879 int ret = -EINVAL;
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1880
1881 if (argc < 2)
1882 goto error;
1883
Mike Snitzer498f0102011-08-02 12:32:04 +0100[diff] [blame]1884 if (!strcasecmp(argv[0], "key")) {
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1885 if (!test_bit(DM_CRYPT_SUSPENDED, &cc->flags)) {
1886 DMWARN("not suspended during key manipulation.");
1887 return -EINVAL;
1888 }
Mike Snitzer498f0102011-08-02 12:32:04 +0100[diff] [blame]1889 if (argc == 3 && !strcasecmp(argv[1], "set")) {
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]1890 ret = crypt_set_key(cc, argv[2]);
1891 if (ret)
1892 return ret;
1893 if (cc->iv_gen_ops && cc->iv_gen_ops->init)
1894 ret = cc->iv_gen_ops->init(cc);
1895 return ret;
1896 }
Mike Snitzer498f0102011-08-02 12:32:04 +0100[diff] [blame]1897 if (argc == 2 && !strcasecmp(argv[1], "wipe")) {
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]1898 if (cc->iv_gen_ops && cc->iv_gen_ops->wipe) {
1899 ret = cc->iv_gen_ops->wipe(cc);
1900 if (ret)
1901 return ret;
1902 }
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1903 return crypt_wipe_key(cc);
Milan Broz542da312009-12-10 23:51:57 +0000[diff] [blame]1904 }
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1905 }
1906
1907error:
1908 DMWARN("unrecognised message received.");
1909 return -EINVAL;
1910}
1911
Milan Brozd41e26b2008-07-21 12:00:40 +0100[diff] [blame]1912static int crypt_merge(struct dm_target *ti, struct bvec_merge_data *bvm,
1913 struct bio_vec *biovec, int max_size)
1914{
1915 struct crypt_config *cc = ti->private;
1916 struct request_queue *q = bdev_get_queue(cc->dev->bdev);
1917
1918 if (!q->merge_bvec_fn)
1919 return max_size;
1920
1921 bvm->bi_bdev = cc->dev->bdev;
Alasdair G Kergonb441a2622010-08-12 04:14:11 +0100[diff] [blame]1922 bvm->bi_sector = cc->start + dm_target_offset(ti, bvm->bi_sector);
Milan Brozd41e26b2008-07-21 12:00:40 +0100[diff] [blame]1923
1924 return min(max_size, q->merge_bvec_fn(q, bvm, biovec));
1925}
1926
Mike Snitzeraf4874e2009-06-22 10:12:33 +0100[diff] [blame]1927static int crypt_iterate_devices(struct dm_target *ti,
1928 iterate_devices_callout_fn fn, void *data)
1929{
1930 struct crypt_config *cc = ti->private;
1931
Mike Snitzer5dea2712009-07-23 20:30:42 +0100[diff] [blame]1932 return fn(ti, cc->dev, cc->start, ti->len, data);
Mike Snitzeraf4874e2009-06-22 10:12:33 +0100[diff] [blame]1933}
1934
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1935static struct target_type crypt_target = {
1936 .name = "crypt",
Mikulas Patockaf3396c582015-02-13 08:23:09 -0500[diff] [blame]1937 .version = {1, 14, 0},
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1938 .module = THIS_MODULE,
1939 .ctr = crypt_ctr,
1940 .dtr = crypt_dtr,
1941 .map = crypt_map,
1942 .status = crypt_status,
Milan Broze48d4bb2006-10-03 01:15:37 -0700[diff] [blame]1943 .postsuspend = crypt_postsuspend,
1944 .preresume = crypt_preresume,
1945 .resume = crypt_resume,
1946 .message = crypt_message,
Milan Brozd41e26b2008-07-21 12:00:40 +0100[diff] [blame]1947 .merge = crypt_merge,
Mike Snitzeraf4874e2009-06-22 10:12:33 +0100[diff] [blame]1948 .iterate_devices = crypt_iterate_devices,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1949};
1950
1951static int __init dm_crypt_init(void)
1952{
1953 int r;
1954
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1955 r = dm_register_target(&crypt_target);
Mikulas Patocka94f5e022015-02-13 08:25:26 -0500[diff] [blame^]1956 if (r < 0)
Alasdair G Kergon72d94862006-06-26 00:27:35 -0700[diff] [blame]1957 DMERR("register failed %d", r);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1958
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1959 return r;
1960}
1961
1962static void __exit dm_crypt_exit(void)
1963{
Mikulas Patocka10d3bd02009-01-06 03:04:58 +0000[diff] [blame]1964 dm_unregister_target(&crypt_target);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1965}
1966
1967module_init(dm_crypt_init);
1968module_exit(dm_crypt_exit);
1969
Jana Saoutbf14299f2014-06-24 14:27:04 -0400[diff] [blame]1970MODULE_AUTHOR("Jana Saout <jana@saout.de>");
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1971MODULE_DESCRIPTION(DM_NAME " target for transparent encryption / decryption");
1972MODULE_LICENSE("GPL");