Commit | Line | Data |
---|---|---|
1b262839 ST |
1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* | |
3 | * Copyright 2019 Google LLC | |
4 | */ | |
5 | ||
6 | #ifndef __LINUX_KEYSLOT_MANAGER_H | |
7 | #define __LINUX_KEYSLOT_MANAGER_H | |
8 | ||
9 | #include <linux/bio.h> | |
10 | #include <linux/blk-crypto.h> | |
11 | ||
12 | struct blk_keyslot_manager; | |
13 | ||
14 | /** | |
15 | * struct blk_ksm_ll_ops - functions to manage keyslots in hardware | |
16 | * @keyslot_program: Program the specified key into the specified slot in the | |
17 | * inline encryption hardware. | |
18 | * @keyslot_evict: Evict key from the specified keyslot in the hardware. | |
19 | * The key is provided so that e.g. dm layers can evict | |
20 | * keys from the devices that they map over. | |
21 | * Returns 0 on success, -errno otherwise. | |
22 | * | |
23 | * This structure should be provided by storage device drivers when they set up | |
24 | * a keyslot manager - this structure holds the function ptrs that the keyslot | |
25 | * manager will use to manipulate keyslots in the hardware. | |
26 | */ | |
27 | struct blk_ksm_ll_ops { | |
28 | int (*keyslot_program)(struct blk_keyslot_manager *ksm, | |
29 | const struct blk_crypto_key *key, | |
30 | unsigned int slot); | |
31 | int (*keyslot_evict)(struct blk_keyslot_manager *ksm, | |
32 | const struct blk_crypto_key *key, | |
33 | unsigned int slot); | |
34 | }; | |
35 | ||
36 | struct blk_keyslot_manager { | |
37 | /* | |
38 | * The struct blk_ksm_ll_ops that this keyslot manager will use | |
39 | * to perform operations like programming and evicting keys on the | |
40 | * device | |
41 | */ | |
42 | struct blk_ksm_ll_ops ksm_ll_ops; | |
43 | ||
44 | /* | |
45 | * The maximum number of bytes supported for specifying the data unit | |
46 | * number. | |
47 | */ | |
48 | unsigned int max_dun_bytes_supported; | |
49 | ||
50 | /* | |
51 | * Array of size BLK_ENCRYPTION_MODE_MAX of bitmasks that represents | |
52 | * whether a crypto mode and data unit size are supported. The i'th | |
53 | * bit of crypto_mode_supported[crypto_mode] is set iff a data unit | |
54 | * size of (1 << i) is supported. We only support data unit sizes | |
55 | * that are powers of 2. | |
56 | */ | |
57 | unsigned int crypto_modes_supported[BLK_ENCRYPTION_MODE_MAX]; | |
58 | ||
59 | /* Device for runtime power management (NULL if none) */ | |
60 | struct device *dev; | |
61 | ||
62 | /* Here onwards are *private* fields for internal keyslot manager use */ | |
63 | ||
64 | unsigned int num_slots; | |
65 | ||
66 | /* Protects programming and evicting keys from the device */ | |
67 | struct rw_semaphore lock; | |
68 | ||
69 | /* List of idle slots, with least recently used slot at front */ | |
70 | wait_queue_head_t idle_slots_wait_queue; | |
71 | struct list_head idle_slots; | |
72 | spinlock_t idle_slots_lock; | |
73 | ||
74 | /* | |
75 | * Hash table which maps struct *blk_crypto_key to keyslots, so that we | |
76 | * can find a key's keyslot in O(1) time rather than O(num_slots). | |
77 | * Protected by 'lock'. | |
78 | */ | |
79 | struct hlist_head *slot_hashtable; | |
80 | unsigned int log_slot_ht_size; | |
81 | ||
82 | /* Per-keyslot data */ | |
83 | struct blk_ksm_keyslot *slots; | |
84 | }; | |
85 | ||
86 | int blk_ksm_init(struct blk_keyslot_manager *ksm, unsigned int num_slots); | |
87 | ||
5851d3b0 EB |
88 | int devm_blk_ksm_init(struct device *dev, struct blk_keyslot_manager *ksm, |
89 | unsigned int num_slots); | |
90 | ||
1b262839 ST |
91 | blk_status_t blk_ksm_get_slot_for_key(struct blk_keyslot_manager *ksm, |
92 | const struct blk_crypto_key *key, | |
93 | struct blk_ksm_keyslot **slot_ptr); | |
94 | ||
95 | unsigned int blk_ksm_get_slot_idx(struct blk_ksm_keyslot *slot); | |
96 | ||
97 | void blk_ksm_put_slot(struct blk_ksm_keyslot *slot); | |
98 | ||
99 | bool blk_ksm_crypto_cfg_supported(struct blk_keyslot_manager *ksm, | |
100 | const struct blk_crypto_config *cfg); | |
101 | ||
102 | int blk_ksm_evict_key(struct blk_keyslot_manager *ksm, | |
103 | const struct blk_crypto_key *key); | |
104 | ||
105 | void blk_ksm_reprogram_all_keys(struct blk_keyslot_manager *ksm); | |
106 | ||
107 | void blk_ksm_destroy(struct blk_keyslot_manager *ksm); | |
108 | ||
d3b17a24 ST |
109 | void blk_ksm_intersect_modes(struct blk_keyslot_manager *parent, |
110 | const struct blk_keyslot_manager *child); | |
111 | ||
7bdcc48f ST |
112 | void blk_ksm_init_passthrough(struct blk_keyslot_manager *ksm); |
113 | ||
d3b17a24 ST |
114 | bool blk_ksm_is_superset(struct blk_keyslot_manager *ksm_superset, |
115 | struct blk_keyslot_manager *ksm_subset); | |
116 | ||
117 | void blk_ksm_update_capabilities(struct blk_keyslot_manager *target_ksm, | |
118 | struct blk_keyslot_manager *reference_ksm); | |
119 | ||
1b262839 | 120 | #endif /* __LINUX_KEYSLOT_MANAGER_H */ |