linux/include/linux/keyslot-manager.h
<<
>>
Prefs 
   1/* SPDX-License-Identifier: GPL-2.0 */
   2/*
   3 * Copyright 2019 Google LLC
   4 */
   5
   6#ifndef __LINUX_KEYSLOT_MANAGER_H
   7#define __LINUX_KEYSLOT_MANAGER_H
   8
   9#include <linux/bio.h>
  10#include <linux/blk-crypto.h>
  11
  12struct blk_keyslot_manager;
  13
  14/**
  15 * struct blk_ksm_ll_ops - functions to manage keyslots in hardware
  16 * @keyslot_program:    Program the specified key into the specified slot in the
  17 *                      inline encryption hardware.
  18 * @keyslot_evict:      Evict key from the specified keyslot in the hardware.
  19 *                      The key is provided so that e.g. dm layers can evict
  20 *                      keys from the devices that they map over.
  21 *                      Returns 0 on success, -errno otherwise.
  22 *
  23 * This structure should be provided by storage device drivers when they set up
  24 * a keyslot manager - this structure holds the function ptrs that the keyslot
  25 * manager will use to manipulate keyslots in the hardware.
  26 */
  27struct blk_ksm_ll_ops {
  28        int (*keyslot_program)(struct blk_keyslot_manager *ksm,
  29                               const struct blk_crypto_key *key,
  30                               unsigned int slot);
  31        int (*keyslot_evict)(struct blk_keyslot_manager *ksm,
  32                             const struct blk_crypto_key *key,
  33                             unsigned int slot);
  34};
  35
  36struct blk_keyslot_manager {
  37        /*
  38         * The struct blk_ksm_ll_ops that this keyslot manager will use
  39         * to perform operations like programming and evicting keys on the
  40         * device
  41         */
  42        struct blk_ksm_ll_ops ksm_ll_ops;
  43
  44        /*
  45         * The maximum number of bytes supported for specifying the data unit
  46         * number.
  47         */
  48        unsigned int max_dun_bytes_supported;
  49
  50        /*
  51         * Array of size BLK_ENCRYPTION_MODE_MAX of bitmasks that represents
  52         * whether a crypto mode and data unit size are supported. The i'th
  53         * bit of crypto_mode_supported[crypto_mode] is set iff a data unit
  54         * size of (1 << i) is supported. We only support data unit sizes
  55         * that are powers of 2.
  56         */
  57        unsigned int crypto_modes_supported[BLK_ENCRYPTION_MODE_MAX];
  58
  59        /* Device for runtime power management (NULL if none) */
  60        struct device *dev;
  61
  62        /* Here onwards are *private* fields for internal keyslot manager use */
  63
  64        unsigned int num_slots;
  65
  66        /* Protects programming and evicting keys from the device */
  67        struct rw_semaphore lock;
  68
  69        /* List of idle slots, with least recently used slot at front */
  70        wait_queue_head_t idle_slots_wait_queue;
  71        struct list_head idle_slots;
  72        spinlock_t idle_slots_lock;
  73
  74        /*
  75         * Hash table which maps struct *blk_crypto_key to keyslots, so that we
  76         * can find a key's keyslot in O(1) time rather than O(num_slots).
  77         * Protected by 'lock'.
  78         */
  79        struct hlist_head *slot_hashtable;
  80        unsigned int log_slot_ht_size;
  81
  82        /* Per-keyslot data */
  83        struct blk_ksm_keyslot *slots;
  84};
  85
  86int blk_ksm_init(struct blk_keyslot_manager *ksm, unsigned int num_slots);
  87
  88int devm_blk_ksm_init(struct device *dev, struct blk_keyslot_manager *ksm,
  89                      unsigned int num_slots);
  90
  91blk_status_t blk_ksm_get_slot_for_key(struct blk_keyslot_manager *ksm,
  92                                      const struct blk_crypto_key *key,
  93                                      struct blk_ksm_keyslot **slot_ptr);
  94
  95unsigned int blk_ksm_get_slot_idx(struct blk_ksm_keyslot *slot);
  96
  97void blk_ksm_put_slot(struct blk_ksm_keyslot *slot);
  98
  99bool blk_ksm_crypto_cfg_supported(struct blk_keyslot_manager *ksm,
 100                                  const struct blk_crypto_config *cfg);
 101
 102int blk_ksm_evict_key(struct blk_keyslot_manager *ksm,
 103                      const struct blk_crypto_key *key);
 104
 105void blk_ksm_reprogram_all_keys(struct blk_keyslot_manager *ksm);
 106
 107void blk_ksm_destroy(struct blk_keyslot_manager *ksm);
 108
 109void blk_ksm_intersect_modes(struct blk_keyslot_manager *parent,
 110                             const struct blk_keyslot_manager *child);
 111
 112void blk_ksm_init_passthrough(struct blk_keyslot_manager *ksm);
 113
 114bool blk_ksm_is_superset(struct blk_keyslot_manager *ksm_superset,
 115                         struct blk_keyslot_manager *ksm_subset);
 116
 117void blk_ksm_update_capabilities(struct blk_keyslot_manager *target_ksm,
 118                                 struct blk_keyslot_manager *reference_ksm);
 119
 120#endif /* __LINUX_KEYSLOT_MANAGER_H */
 121
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.