[PATCH 3/3] [DM] dm-crypt: Use crypto ablkcipher interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[DM] dm-crypt: Use crypto ablkcipher interface

This patch converts the uses of blkcipher to ablkcipher so that
async algorithms can be used if they're present.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
---

 drivers/md/dm-crypt.c |  219 +++++++++++++++++++++++++++++++++++---------------
 1 files changed, 157 insertions(+), 62 deletions(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -6,6 +6,7 @@
  * This file is released under the GPL.
  */
 
+#include <linux/completion.h>
 #include <linux/err.h>
 #include <linux/module.h>
 #include <linux/init.h>
@@ -31,6 +32,7 @@
  * context holding the current state of a multi-part conversion
  */
 struct convert_context {
+	struct completion restart;
 	struct bio *bio_in;
 	struct bio *bio_out;
 	unsigned int offset_in;
@@ -39,6 +41,7 @@ struct convert_context {
 	unsigned int idx_out;
 	sector_t sector;
 	int write;
+	atomic_t pending;
 	int err;
 };
 
@@ -60,6 +63,11 @@ struct crypt_io {
 	unsigned bvec_idx;
 };
 
+struct dm_crypt_request {
+	struct scatterlist sg_in;
+	struct scatterlist sg_out;
+};
+
 struct crypt_config;
 
 struct crypt_iv_operations {
@@ -80,10 +88,11 @@ struct crypt_config {
 	sector_t start;
 
 	/*
-	 * pool for per bio private data and
-	 * for encryption buffer pages
+	 * pool for per bio private data, crypto requests and
+	 * encryption requeusts/buffer pages
 	 */
 	mempool_t *io_pool;
+	mempool_t *req_pool;
 	mempool_t *page_pool;
 	struct bio_set *bs;
 
@@ -99,9 +108,25 @@ struct crypt_config {
 	sector_t iv_offset;
 	unsigned int iv_size;
 
+	/*
+	 * Layout of each crypto request:
+	 *
+	 *   struct ablkcipher_request
+	 *      context
+	 *      padding
+	 *   struct dm_crypt_request
+	 *      padding
+	 *   IV
+	 *
+	 * The padding is added so that dm_crypt_request and the IV are
+	 * correctly aligned.
+	 */
+	unsigned int dmreq_start;
+	struct ablkcipher_request *req;
+
 	char cipher[CRYPTO_MAX_ALG_NAME];
 	char chainmode[CRYPTO_MAX_ALG_NAME];
-	struct crypto_blkcipher *tfm;
+	struct crypto_ablkcipher *tfm;
 	unsigned long flags;
 	unsigned int key_size;
 	u8 key[0];
@@ -188,7 +213,7 @@ static int crypt_iv_essiv_ctr(struct cry
 		return PTR_ERR(essiv_tfm);
 	}
 	if (crypto_cipher_blocksize(essiv_tfm) !=
-	    crypto_blkcipher_ivsize(cc->tfm)) {
+	    crypto_ablkcipher_ivsize(cc->tfm)) {
 		ti->error = "Block size of ESSIV cipher does "
 			        "not match IV size of block cipher";
 		crypto_free_cipher(essiv_tfm);
@@ -225,7 +250,7 @@ static int crypt_iv_essiv_gen(struct cry
 static int crypt_iv_benbi_ctr(struct crypt_config *cc, struct dm_target *ti,
 			      const char *opts)
 {
-	unsigned int bs = crypto_blkcipher_blocksize(cc->tfm);
+	unsigned int bs = crypto_ablkcipher_blocksize(cc->tfm);
 	int log = ilog2(bs);
 
 	/* we need to calculate how far we must shift the sector count
@@ -278,38 +303,6 @@ static struct crypt_iv_operations crypt_
 	.generator = crypt_iv_benbi_gen
 };
 
-static int
-crypt_convert_scatterlist(struct crypt_config *cc, struct scatterlist *out,
-                          struct scatterlist *in, unsigned int length,
-                          int write, sector_t sector)
-{
-	u8 iv[cc->iv_size] __attribute__ ((aligned(__alignof__(u64))));
-	struct blkcipher_desc desc = {
-		.tfm = cc->tfm,
-		.info = iv,
-		.flags = CRYPTO_TFM_REQ_MAY_SLEEP,
-	};
-	int r;
-
-	if (cc->iv_gen_ops) {
-		r = cc->iv_gen_ops->generator(cc, iv, sector);
-		if (r < 0)
-			return r;
-
-		if (write)
-			r = crypto_blkcipher_encrypt_iv(&desc, out, in, length);
-		else
-			r = crypto_blkcipher_decrypt_iv(&desc, out, in, length);
-	} else {
-		if (write)
-			r = crypto_blkcipher_encrypt(&desc, out, in, length);
-		else
-			r = crypto_blkcipher_decrypt(&desc, out, in, length);
-	}
-
-	return r;
-}
-
 static void dec_pending(struct crypt_io *io, int error);
 
 static inline void crypt_read_done(struct convert_context *ctx, int async)
@@ -321,6 +314,31 @@ static inline void crypt_read_done(struc
 
 static void crypt_write_done(struct convert_context *ctx, int async);
 
+static void dm_crypt_complete(struct crypto_async_request *req, int err)
+{
+	struct convert_context *ctx = req->data;
+	struct crypt_io *io = container_of(ctx, struct crypt_io, ctx);
+	struct crypt_config *cc = io->target->private;
+
+	if (err == -EINPROGRESS) {
+		complete(&ctx->restart);
+		return;
+	}
+
+	mempool_free(ablkcipher_request_cast(req), cc->req_pool);
+
+	if (err)
+		ctx->err = err;
+
+	if (!atomic_dec_and_test(&ctx->pending))
+		return;
+
+	if (ctx->write)
+		crypt_write_done(ctx, 1);
+	else
+		crypt_read_done(ctx, 1);
+}
+
 static void
 crypt_convert_init(struct crypt_config *cc, struct convert_context *ctx,
                    struct bio *bio_out, struct bio *bio_in,
@@ -334,6 +352,17 @@ crypt_convert_init(struct crypt_config *
 	ctx->idx_out = bio_out ? bio_out->bi_idx : 0;
 	ctx->sector = sector + cc->iv_offset;
 	ctx->write = write;
+
+	init_completion(&ctx->restart);
+
+	atomic_set(&ctx->pending, 2);
+	ctx->err = 0;
+
+	if (cc->req)
+		ablkcipher_request_set_callback(
+			cc->req, CRYPTO_TFM_REQ_MAY_BACKLOG |
+				  CRYPTO_TFM_REQ_MAY_SLEEP,
+			dm_crypt_complete, ctx);
 }
 
 /*
@@ -342,45 +371,90 @@ crypt_convert_init(struct crypt_config *
 static int crypt_convert(struct crypt_config *cc,
                          struct convert_context *ctx)
 {
-	int r = 0;
+	struct ablkcipher_request *req = cc->req;
+	struct dm_crypt_request *dmreq;
+	u8 *iv;
+
+	dmreq = (void *)((char *)req + cc->dmreq_start);
+	iv = (u8 *)ALIGN((unsigned long)(dmreq + 1),
+			 crypto_ablkcipher_alignmask(cc->tfm) + 1);
 
 	while(ctx->idx_in < ctx->bio_in->bi_vcnt &&
 	      ctx->idx_out < ctx->bio_out->bi_vcnt) {
 		struct bio_vec *bv_in = bio_iovec_idx(ctx->bio_in, ctx->idx_in);
 		struct bio_vec *bv_out = bio_iovec_idx(ctx->bio_out, ctx->idx_out);
-		struct scatterlist sg_in = {
-			.page = bv_in->bv_page,
-			.offset = bv_in->bv_offset + ctx->offset_in,
-			.length = 1 << SECTOR_SHIFT
-		};
-		struct scatterlist sg_out = {
-			.page = bv_out->bv_page,
-			.offset = bv_out->bv_offset + ctx->offset_out,
-			.length = 1 << SECTOR_SHIFT
-		};
+		int r;
+
+		if (!req) {
+			req = mempool_alloc(cc->req_pool, GFP_NOIO);
+			ablkcipher_request_set_tfm(req, cc->tfm);
+			ablkcipher_request_set_callback(
+				req, CRYPTO_TFM_REQ_MAY_BACKLOG |
+				     CRYPTO_TFM_REQ_MAY_SLEEP,
+				dm_crypt_complete, ctx);
+			dmreq = (void *)((char *)req + cc->dmreq_start);
+			iv = (u8 *)ALIGN(
+				(unsigned long)(dmreq + 1),
+				crypto_ablkcipher_alignmask(cc->tfm) + 1);
+		}
+
+		dmreq->sg_in.page = bv_in->bv_page;
+		dmreq->sg_in.offset = bv_in->bv_offset + ctx->offset_in;
+		dmreq->sg_in.length = 1 << SECTOR_SHIFT;
+
+		dmreq->sg_out.page = bv_out->bv_page;
+		dmreq->sg_out.offset = bv_out->bv_offset + ctx->offset_out;
+		dmreq->sg_out.length = 1 << SECTOR_SHIFT;
 
-		ctx->offset_in += sg_in.length;
+		ctx->offset_in += 1<< SECTOR_SHIFT;
 		if (ctx->offset_in >= bv_in->bv_len) {
 			ctx->offset_in = 0;
 			ctx->idx_in++;
 		}
 
-		ctx->offset_out += sg_out.length;
+		ctx->offset_out += 1 << SECTOR_SHIFT;
 		if (ctx->offset_out >= bv_out->bv_len) {
 			ctx->offset_out = 0;
 			ctx->idx_out++;
+		} 
+
+		if (cc->iv_gen_ops) {
+			r = cc->iv_gen_ops->generator(cc, iv, ctx->sector++);
+			if (r < 0) {
+				ctx->err = r;
+				break;
+			}
 		}
 
-		r = crypt_convert_scatterlist(cc, &sg_out, &sg_in, sg_in.length,
-		                              ctx->write, ctx->sector);
+		ablkcipher_request_set_crypt(req, &dmreq->sg_in,
+					     &dmreq->sg_out, 1 << SECTOR_SHIFT,
+					     iv);
+		if (ctx->write)
+			r = crypto_ablkcipher_encrypt(req);
+		else
+			r = crypto_ablkcipher_decrypt(req);
+
+		switch (r) {
+		case -EBUSY:
+			wait_for_completion(&ctx->restart);
+			INIT_COMPLETION(ctx->restart);
+			/* fall through*/
+		case -EINPROGRESS:
+			atomic_inc(&ctx->pending);
+			req = NULL;
+			/* fall through*/
+		case 0:
+			continue;
+		}
 
 		ctx->err = r;
+		break;
+	}
 
-		if (r < 0)
-			break;
+	cc->req = req;
 
-		ctx->sector++;
-	}
+	if (atomic_sub_return(2, &ctx->pending))
+		return -EINPROGRESS;
 
 	if (ctx->write)
 		crypt_write_done(ctx, 0);
@@ -844,7 +918,7 @@ static int crypt_wipe_key(struct crypt_c
 static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
 {
 	struct crypt_config *cc;
-	struct crypto_blkcipher *tfm;
+	struct crypto_ablkcipher *tfm;
 	char *tmp;
 	char *cipher;
 	char *chainmode;
@@ -898,7 +972,7 @@ static int crypt_ctr(struct dm_target *t
 		goto bad1;
 	}
 
-	tfm = crypto_alloc_blkcipher(cc->cipher, 0, CRYPTO_ALG_ASYNC);
+	tfm = crypto_alloc_ablkcipher(cc->cipher, 0, 0);
 	if (IS_ERR(tfm)) {
 		ti->error = "Error allocating crypto tfm";
 		goto bad1;
@@ -930,7 +1004,7 @@ static int crypt_ctr(struct dm_target *t
 	    cc->iv_gen_ops->ctr(cc, ti, ivopts) < 0)
 		goto bad2;
 
-	cc->iv_size = crypto_blkcipher_ivsize(tfm);
+	cc->iv_size = crypto_ablkcipher_ivsize(tfm);
 	if (cc->iv_size)
 		/* at least a 64 bit sector number should fit in our buffer */
 		cc->iv_size = max(cc->iv_size,
@@ -950,6 +1024,21 @@ static int crypt_ctr(struct dm_target *t
 		goto bad3;
 	}
 
+	cc->dmreq_start = sizeof(struct ablkcipher_request);
+	cc->dmreq_start += crypto_ablkcipher_reqsize(tfm);
+	cc->dmreq_start = ALIGN(cc->dmreq_start, crypto_tfm_ctx_alignment());
+	cc->dmreq_start += crypto_ablkcipher_alignmask(tfm) &
+			   ~(crypto_tfm_ctx_alignment() - 1);
+
+	cc->req_pool = mempool_create_kmalloc_pool(
+		MIN_IOS, cc->dmreq_start +
+			 sizeof(struct dm_crypt_request) +
+			 cc->iv_size);
+	if (!cc->req_pool) {
+		ti->error = "Cannot allocate crypt request mempool";
+		goto bad_req_pool;
+	}
+
 	cc->page_pool = mempool_create_page_pool(MIN_POOL_PAGES, 0);
 	if (!cc->page_pool) {
 		ti->error = "Cannot allocate page mempool";
@@ -962,7 +1051,7 @@ static int crypt_ctr(struct dm_target *t
 		goto bad_bs;
 	}
 
-	if (crypto_blkcipher_setkey(tfm, cc->key, key_size) < 0) {
+	if (crypto_ablkcipher_setkey(tfm, cc->key, key_size) < 0) {
 		ti->error = "Error setting key";
 		goto bad5;
 	}
@@ -1005,12 +1094,14 @@ bad5:
 bad_bs:
 	mempool_destroy(cc->page_pool);
 bad4:
+	mempool_destroy(cc->req_pool);
+bad_req_pool:
 	mempool_destroy(cc->io_pool);
 bad3:
 	if (cc->iv_gen_ops && cc->iv_gen_ops->dtr)
 		cc->iv_gen_ops->dtr(cc);
 bad2:
-	crypto_free_blkcipher(tfm);
+	crypto_free_ablkcipher(tfm);
 bad1:
 	/* Must zero key material before freeing */
 	memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
@@ -1022,14 +1113,18 @@ static void crypt_dtr(struct dm_target *
 {
 	struct crypt_config *cc = (struct crypt_config *) ti->private;
 
+	if (cc->req)
+		mempool_free(cc->req, cc->req_pool);
+
 	bioset_free(cc->bs);
 	mempool_destroy(cc->page_pool);
+	mempool_destroy(cc->req_pool);
 	mempool_destroy(cc->io_pool);
 
 	kfree(cc->iv_mode);
 	if (cc->iv_gen_ops && cc->iv_gen_ops->dtr)
 		cc->iv_gen_ops->dtr(cc);
-	crypto_free_blkcipher(cc->tfm);
+	crypto_free_ablkcipher(cc->tfm);
 	dm_put_device(ti, cc->dev);
 
 	/* Must zero key material before freeing */

--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel

[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux