1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * Copyright 2019 Google LLC
4  */
5 
6 #ifndef __LINUX_BLK_CRYPTO_PROFILE_H
7 #define __LINUX_BLK_CRYPTO_PROFILE_H
8 
9 #include <linux/bio.h>
10 #include <linux/blk-crypto.h>
11 
12 struct blk_crypto_profile;
13 
14 /**
15  * struct blk_crypto_ll_ops - functions to control inline encryption hardware
16  *
17  * Low-level operations for controlling inline encryption hardware.  This
18  * interface must be implemented by storage drivers that support inline
19  * encryption.  All functions may sleep, are serialized by profile->lock, and
20  * are never called while profile->dev (if set) is runtime-suspended.
21  */
22 struct blk_crypto_ll_ops {
23 
24 	/**
25 	 * @keyslot_program: Program a key into the inline encryption hardware.
26 	 *
27 	 * Program @key into the specified @slot in the inline encryption
28 	 * hardware, overwriting any key that the keyslot may already contain.
29 	 * The keyslot is guaranteed to not be in-use by any I/O.
30 	 *
31 	 * This is required if the device has keyslots.  Otherwise (i.e. if the
32 	 * device is a layered device, or if the device is real hardware that
33 	 * simply doesn't have the concept of keyslots) it is never called.
34 	 *
35 	 * Must return 0 on success, or -errno on failure.
36 	 */
37 	int (*keyslot_program)(struct blk_crypto_profile *profile,
38 			       const struct blk_crypto_key *key,
39 			       unsigned int slot);
40 
41 	/**
42 	 * @keyslot_evict: Evict a key from the inline encryption hardware.
43 	 *
44 	 * If the device has keyslots, this function must evict the key from the
45 	 * specified @slot.  The slot will contain @key, but there should be no
46 	 * need for the @key argument to be used as @slot should be sufficient.
47 	 * The keyslot is guaranteed to not be in-use by any I/O.
48 	 *
49 	 * If the device doesn't have keyslots itself, this function must evict
50 	 * @key from any underlying devices.  @slot won't be valid in this case.
51 	 *
52 	 * If there are no keyslots and no underlying devices, this function
53 	 * isn't required.
54 	 *
55 	 * Must return 0 on success, or -errno on failure.
56 	 */
57 	int (*keyslot_evict)(struct blk_crypto_profile *profile,
58 			     const struct blk_crypto_key *key,
59 			     unsigned int slot);
60 };
61 
62 /**
63  * struct blk_crypto_profile - inline encryption profile for a device
64  *
65  * This struct contains a storage device's inline encryption capabilities (e.g.
66  * the supported crypto algorithms), driver-provided functions to control the
67  * inline encryption hardware (e.g. programming and evicting keys), and optional
68  * device-independent keyslot management data.
69  */
70 struct blk_crypto_profile {
71 
72 	/* public: Drivers must initialize the following fields. */
73 
74 	/**
75 	 * @ll_ops: Driver-provided functions to control the inline encryption
76 	 * hardware, e.g. program and evict keys.
77 	 */
78 	struct blk_crypto_ll_ops ll_ops;
79 
80 	/**
81 	 * @max_dun_bytes_supported: The maximum number of bytes supported for
82 	 * specifying the data unit number (DUN).  Specifically, the range of
83 	 * supported DUNs is 0 through (1 << (8 * max_dun_bytes_supported)) - 1.
84 	 */
85 	unsigned int max_dun_bytes_supported;
86 
87 	/**
88 	 * @modes_supported: Array of bitmasks that specifies whether each
89 	 * combination of crypto mode and data unit size is supported.
90 	 * Specifically, the i'th bit of modes_supported[crypto_mode] is set if
91 	 * crypto_mode can be used with a data unit size of (1 << i).  Note that
92 	 * only data unit sizes that are powers of 2 can be supported.
93 	 */
94 	unsigned int modes_supported[BLK_ENCRYPTION_MODE_MAX];
95 
96 	/**
97 	 * @dev: An optional device for runtime power management.  If the driver
98 	 * provides this device, it will be runtime-resumed before any function
99 	 * in @ll_ops is called and will remain resumed during the call.
100 	 */
101 	struct device *dev;
102 
103 	/* private: The following fields shouldn't be accessed by drivers. */
104 
105 	/* Number of keyslots, or 0 if not applicable */
106 	unsigned int num_slots;
107 
108 	/*
109 	 * Serializes all calls to functions in @ll_ops as well as all changes
110 	 * to @slot_hashtable.  This can also be taken in read mode to look up
111 	 * keyslots while ensuring that they can't be changed concurrently.
112 	 */
113 	struct rw_semaphore lock;
114 
115 	/* List of idle slots, with least recently used slot at front */
116 	wait_queue_head_t idle_slots_wait_queue;
117 	struct list_head idle_slots;
118 	spinlock_t idle_slots_lock;
119 
120 	/*
121 	 * Hash table which maps struct *blk_crypto_key to keyslots, so that we
122 	 * can find a key's keyslot in O(1) time rather than O(num_slots).
123 	 * Protected by 'lock'.
124 	 */
125 	struct hlist_head *slot_hashtable;
126 	unsigned int log_slot_ht_size;
127 
128 	/* Per-keyslot data */
129 	struct blk_crypto_keyslot *slots;
130 };
131 
132 int blk_crypto_profile_init(struct blk_crypto_profile *profile,
133 			    unsigned int num_slots);
134 
135 int devm_blk_crypto_profile_init(struct device *dev,
136 				 struct blk_crypto_profile *profile,
137 				 unsigned int num_slots);
138 
139 unsigned int blk_crypto_keyslot_index(struct blk_crypto_keyslot *slot);
140 
141 void blk_crypto_reprogram_all_keys(struct blk_crypto_profile *profile);
142 
143 void blk_crypto_profile_destroy(struct blk_crypto_profile *profile);
144 
145 void blk_crypto_intersect_capabilities(struct blk_crypto_profile *parent,
146 				       const struct blk_crypto_profile *child);
147 
148 bool blk_crypto_has_capabilities(const struct blk_crypto_profile *target,
149 				 const struct blk_crypto_profile *reference);
150 
151 void blk_crypto_update_capabilities(struct blk_crypto_profile *dst,
152 				    const struct blk_crypto_profile *src);
153 
154 #endif /* __LINUX_BLK_CRYPTO_PROFILE_H */
155