18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * drivers/hyperhold/hp_device.c 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * Copyright (c) 2020-2022 Huawei Technologies Co., Ltd. 68c2ecf20Sopenharmony_ci */ 78c2ecf20Sopenharmony_ci 88c2ecf20Sopenharmony_ci#define pr_fmt(fmt) "[HYPERHOLD]" fmt 98c2ecf20Sopenharmony_ci 108c2ecf20Sopenharmony_ci#include <linux/random.h> 118c2ecf20Sopenharmony_ci#include <linux/blk-crypto.h> 128c2ecf20Sopenharmony_ci 138c2ecf20Sopenharmony_ci#include "hp_device.h" 148c2ecf20Sopenharmony_ci 158c2ecf20Sopenharmony_ci#define HP_CIPHER_MODE BLK_ENCRYPTION_MODE_AES_256_XTS 168c2ecf20Sopenharmony_ci#define HP_CIPHER_NAME "xts(aes)" 178c2ecf20Sopenharmony_ci#define HP_KEY_SIZE (64) 188c2ecf20Sopenharmony_ci#define HP_IV_SIZE (16) 198c2ecf20Sopenharmony_ci 208c2ecf20Sopenharmony_ciunion hp_iv { 218c2ecf20Sopenharmony_ci __le64 index; 228c2ecf20Sopenharmony_ci __le64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE]; 238c2ecf20Sopenharmony_ci}; 248c2ecf20Sopenharmony_ci 258c2ecf20Sopenharmony_civoid unbind_bdev(struct hp_device *dev) 268c2ecf20Sopenharmony_ci{ 278c2ecf20Sopenharmony_ci int ret; 288c2ecf20Sopenharmony_ci 298c2ecf20Sopenharmony_ci if (!dev->bdev) 308c2ecf20Sopenharmony_ci goto close; 318c2ecf20Sopenharmony_ci if (!dev->old_block_size) 328c2ecf20Sopenharmony_ci goto put; 338c2ecf20Sopenharmony_ci ret = set_blocksize(dev->bdev, dev->old_block_size); 348c2ecf20Sopenharmony_ci if (ret) 358c2ecf20Sopenharmony_ci pr_err("set old block size %d failed, err = %d!\n", 368c2ecf20Sopenharmony_ci dev->old_block_size, ret); 378c2ecf20Sopenharmony_ci dev->old_block_size = 0; 388c2ecf20Sopenharmony_ciput: 398c2ecf20Sopenharmony_ci blkdev_put(dev->bdev, FMODE_READ | FMODE_WRITE | FMODE_EXCL); 408c2ecf20Sopenharmony_ci dev->bdev = NULL; 418c2ecf20Sopenharmony_ciclose: 428c2ecf20Sopenharmony_ci if (dev->filp) 438c2ecf20Sopenharmony_ci filp_close(dev->filp, NULL); 448c2ecf20Sopenharmony_ci dev->filp = NULL; 458c2ecf20Sopenharmony_ci 468c2ecf20Sopenharmony_ci pr_info("hyperhold bdev unbinded.\n"); 478c2ecf20Sopenharmony_ci} 488c2ecf20Sopenharmony_ci 498c2ecf20Sopenharmony_cibool bind_bdev(struct hp_device *dev, const char *name) 508c2ecf20Sopenharmony_ci{ 518c2ecf20Sopenharmony_ci struct inode *inode = NULL; 528c2ecf20Sopenharmony_ci int ret; 538c2ecf20Sopenharmony_ci 548c2ecf20Sopenharmony_ci dev->filp = filp_open(name, O_RDWR | O_LARGEFILE, 0); 558c2ecf20Sopenharmony_ci if (IS_ERR(dev->filp)) { 568c2ecf20Sopenharmony_ci pr_err("open file %s failed, err = %ld!\n", name, PTR_ERR(dev->filp)); 578c2ecf20Sopenharmony_ci dev->filp = NULL; 588c2ecf20Sopenharmony_ci goto err; 598c2ecf20Sopenharmony_ci } 608c2ecf20Sopenharmony_ci inode = dev->filp->f_mapping->host; 618c2ecf20Sopenharmony_ci if (!S_ISBLK(inode->i_mode)) { 628c2ecf20Sopenharmony_ci pr_err("%s is not a block device!\n", name); 638c2ecf20Sopenharmony_ci goto err; 648c2ecf20Sopenharmony_ci } 658c2ecf20Sopenharmony_ci dev->bdev = blkdev_get_by_dev(inode->i_rdev, FMODE_READ | FMODE_WRITE | FMODE_EXCL, dev); 668c2ecf20Sopenharmony_ci if (IS_ERR(dev->bdev)) { 678c2ecf20Sopenharmony_ci ret = PTR_ERR(dev->bdev); 688c2ecf20Sopenharmony_ci dev->bdev = NULL; 698c2ecf20Sopenharmony_ci pr_err("get blkdev %s failed, err = %d!\n", name, ret); 708c2ecf20Sopenharmony_ci goto err; 718c2ecf20Sopenharmony_ci } 728c2ecf20Sopenharmony_ci dev->old_block_size = block_size(dev->bdev); 738c2ecf20Sopenharmony_ci ret = set_blocksize(dev->bdev, PAGE_SIZE); 748c2ecf20Sopenharmony_ci if (ret) { 758c2ecf20Sopenharmony_ci pr_err("set %s block size failed, err = %d!\n", name, ret); 768c2ecf20Sopenharmony_ci goto err; 778c2ecf20Sopenharmony_ci } 788c2ecf20Sopenharmony_ci dev->dev_size = (u64)i_size_read(inode); 798c2ecf20Sopenharmony_ci dev->sec_size = SECTOR_SIZE; 808c2ecf20Sopenharmony_ci 818c2ecf20Sopenharmony_ci pr_info("hyperhold bind bdev %s of size %llu / %u succ.\n", 828c2ecf20Sopenharmony_ci name, dev->dev_size, dev->sec_size); 838c2ecf20Sopenharmony_ci 848c2ecf20Sopenharmony_ci return true; 858c2ecf20Sopenharmony_cierr: 868c2ecf20Sopenharmony_ci unbind_bdev(dev); 878c2ecf20Sopenharmony_ci 888c2ecf20Sopenharmony_ci return false; 898c2ecf20Sopenharmony_ci} 908c2ecf20Sopenharmony_ci 918c2ecf20Sopenharmony_ciint soft_crypt_page(struct crypto_skcipher *ctfm, struct page *dst_page, 928c2ecf20Sopenharmony_ci struct page *src_page, unsigned int op) 938c2ecf20Sopenharmony_ci{ 948c2ecf20Sopenharmony_ci struct skcipher_request *req = NULL; 958c2ecf20Sopenharmony_ci DECLARE_CRYPTO_WAIT(wait); 968c2ecf20Sopenharmony_ci struct scatterlist dst, src; 978c2ecf20Sopenharmony_ci int ret = 0; 988c2ecf20Sopenharmony_ci union hp_iv iv; 998c2ecf20Sopenharmony_ci 1008c2ecf20Sopenharmony_ci memset(&iv, 0, sizeof(union hp_iv)); 1018c2ecf20Sopenharmony_ci iv.index = cpu_to_le64(src_page->index); 1028c2ecf20Sopenharmony_ci 1038c2ecf20Sopenharmony_ci req = skcipher_request_alloc(ctfm, GFP_NOIO); 1048c2ecf20Sopenharmony_ci if (!req) { 1058c2ecf20Sopenharmony_ci pr_err("alloc skcipher request failed!\n"); 1068c2ecf20Sopenharmony_ci return -ENOMEM; 1078c2ecf20Sopenharmony_ci } 1088c2ecf20Sopenharmony_ci 1098c2ecf20Sopenharmony_ci skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, 1108c2ecf20Sopenharmony_ci crypto_req_done, &wait); 1118c2ecf20Sopenharmony_ci sg_init_table(&dst, 1); 1128c2ecf20Sopenharmony_ci sg_set_page(&dst, dst_page, PAGE_SIZE, 0); 1138c2ecf20Sopenharmony_ci sg_init_table(&src, 1); 1148c2ecf20Sopenharmony_ci sg_set_page(&src, src_page, PAGE_SIZE, 0); 1158c2ecf20Sopenharmony_ci skcipher_request_set_crypt(req, &src, &dst, PAGE_SIZE, &iv); 1168c2ecf20Sopenharmony_ci if (op == HP_DEV_ENCRYPT) 1178c2ecf20Sopenharmony_ci ret = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); 1188c2ecf20Sopenharmony_ci else if (op == HP_DEV_DECRYPT) 1198c2ecf20Sopenharmony_ci ret = crypto_wait_req(crypto_skcipher_decrypt(req), &wait); 1208c2ecf20Sopenharmony_ci else 1218c2ecf20Sopenharmony_ci BUG(); 1228c2ecf20Sopenharmony_ci 1238c2ecf20Sopenharmony_ci skcipher_request_free(req); 1248c2ecf20Sopenharmony_ci 1258c2ecf20Sopenharmony_ci if (ret) 1268c2ecf20Sopenharmony_ci pr_err("%scrypt failed!\n", op == HP_DEV_ENCRYPT ? "en" : "de"); 1278c2ecf20Sopenharmony_ci 1288c2ecf20Sopenharmony_ci return ret; 1298c2ecf20Sopenharmony_ci} 1308c2ecf20Sopenharmony_ci 1318c2ecf20Sopenharmony_cistatic struct crypto_skcipher *soft_crypto_init(const u8 *key) 1328c2ecf20Sopenharmony_ci{ 1338c2ecf20Sopenharmony_ci char *cipher = HP_CIPHER_NAME; 1348c2ecf20Sopenharmony_ci u32 key_len = HP_KEY_SIZE; 1358c2ecf20Sopenharmony_ci struct crypto_skcipher *ctfm = NULL; 1368c2ecf20Sopenharmony_ci int ret; 1378c2ecf20Sopenharmony_ci 1388c2ecf20Sopenharmony_ci ctfm = crypto_alloc_skcipher(cipher, 0, 0); 1398c2ecf20Sopenharmony_ci if (IS_ERR(ctfm)) { 1408c2ecf20Sopenharmony_ci pr_err("alloc ctfm failed, ret = %ld!\n", PTR_ERR(ctfm)); 1418c2ecf20Sopenharmony_ci ctfm = NULL; 1428c2ecf20Sopenharmony_ci goto err; 1438c2ecf20Sopenharmony_ci } 1448c2ecf20Sopenharmony_ci crypto_skcipher_clear_flags(ctfm, ~0); 1458c2ecf20Sopenharmony_ci crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1468c2ecf20Sopenharmony_ci ret = crypto_skcipher_setkey(ctfm, key, key_len); 1478c2ecf20Sopenharmony_ci if (ret) { 1488c2ecf20Sopenharmony_ci pr_err("ctfm setkey failed, ret = %d!\n", ret); 1498c2ecf20Sopenharmony_ci goto err; 1508c2ecf20Sopenharmony_ci } 1518c2ecf20Sopenharmony_ci 1528c2ecf20Sopenharmony_ci return ctfm; 1538c2ecf20Sopenharmony_cierr: 1548c2ecf20Sopenharmony_ci if (ctfm) 1558c2ecf20Sopenharmony_ci crypto_free_skcipher(ctfm); 1568c2ecf20Sopenharmony_ci 1578c2ecf20Sopenharmony_ci return NULL; 1588c2ecf20Sopenharmony_ci} 1598c2ecf20Sopenharmony_ci 1608c2ecf20Sopenharmony_ci#ifdef CONFIG_BLK_INLINE_ENCRYPTION 1618c2ecf20Sopenharmony_civoid inline_crypt_bio(struct blk_crypto_key *blk_key, struct bio *bio) 1628c2ecf20Sopenharmony_ci{ 1638c2ecf20Sopenharmony_ci union hp_iv iv; 1648c2ecf20Sopenharmony_ci 1658c2ecf20Sopenharmony_ci memset(&iv, 0, sizeof(union hp_iv)); 1668c2ecf20Sopenharmony_ci iv.index = cpu_to_le64(bio->bi_iter.bi_sector); 1678c2ecf20Sopenharmony_ci 1688c2ecf20Sopenharmony_ci bio_crypt_set_ctx(bio, blk_key, iv.dun, GFP_NOIO); 1698c2ecf20Sopenharmony_ci} 1708c2ecf20Sopenharmony_ci 1718c2ecf20Sopenharmony_cistatic struct blk_crypto_key *inline_crypto_init(const u8 *key) 1728c2ecf20Sopenharmony_ci{ 1738c2ecf20Sopenharmony_ci struct blk_crypto_key *blk_key = NULL; 1748c2ecf20Sopenharmony_ci u32 dun_bytes = HP_IV_SIZE - sizeof(__le64); 1758c2ecf20Sopenharmony_ci int ret; 1768c2ecf20Sopenharmony_ci 1778c2ecf20Sopenharmony_ci blk_key = kzalloc(sizeof(struct blk_crypto_key), GFP_KERNEL); 1788c2ecf20Sopenharmony_ci if (!blk_key) { 1798c2ecf20Sopenharmony_ci pr_err("blk key alloc failed!\n"); 1808c2ecf20Sopenharmony_ci goto err; 1818c2ecf20Sopenharmony_ci } 1828c2ecf20Sopenharmony_ci ret = blk_crypto_init_key(blk_key, key, HP_CIPHER_MODE, dun_bytes, PAGE_SIZE); 1838c2ecf20Sopenharmony_ci if (ret) { 1848c2ecf20Sopenharmony_ci pr_err("blk key init failed, ret = %d!\n", ret); 1858c2ecf20Sopenharmony_ci goto err; 1868c2ecf20Sopenharmony_ci } 1878c2ecf20Sopenharmony_ci 1888c2ecf20Sopenharmony_ci return blk_key; 1898c2ecf20Sopenharmony_cierr: 1908c2ecf20Sopenharmony_ci if (blk_key) 1918c2ecf20Sopenharmony_ci kfree_sensitive(blk_key); 1928c2ecf20Sopenharmony_ci 1938c2ecf20Sopenharmony_ci return NULL; 1948c2ecf20Sopenharmony_ci} 1958c2ecf20Sopenharmony_ci#else 1968c2ecf20Sopenharmony_civoid inline_crypt_bio(struct blk_crypto_key *blk_key, struct bio *bio) {} 1978c2ecf20Sopenharmony_cistatic struct blk_crypto_key *inline_crypto_init(const u8 *key) 1988c2ecf20Sopenharmony_ci{ 1998c2ecf20Sopenharmony_ci pr_err("CONFIG_BLK_INLINE_ENCRYPTION is not enabled!\n"); 2008c2ecf20Sopenharmony_ci return NULL; 2018c2ecf20Sopenharmony_ci} 2028c2ecf20Sopenharmony_ci#endif 2038c2ecf20Sopenharmony_ci 2048c2ecf20Sopenharmony_cibool crypto_init(struct hp_device *dev, bool soft) 2058c2ecf20Sopenharmony_ci{ 2068c2ecf20Sopenharmony_ci u8 key[HP_KEY_SIZE]; 2078c2ecf20Sopenharmony_ci bool ret = false; 2088c2ecf20Sopenharmony_ci 2098c2ecf20Sopenharmony_ci get_random_bytes(key, HP_KEY_SIZE); 2108c2ecf20Sopenharmony_ci if (soft) { 2118c2ecf20Sopenharmony_ci dev->ctfm = soft_crypto_init(key); 2128c2ecf20Sopenharmony_ci ret = dev->ctfm; 2138c2ecf20Sopenharmony_ci } else { 2148c2ecf20Sopenharmony_ci dev->blk_key = inline_crypto_init(key); 2158c2ecf20Sopenharmony_ci ret = dev->blk_key; 2168c2ecf20Sopenharmony_ci if (ret) 2178c2ecf20Sopenharmony_ci pr_warn("soft crypt has been turned off, now apply hard crypt!\n"); 2188c2ecf20Sopenharmony_ci } 2198c2ecf20Sopenharmony_ci memzero_explicit(key, HP_KEY_SIZE); 2208c2ecf20Sopenharmony_ci 2218c2ecf20Sopenharmony_ci return ret; 2228c2ecf20Sopenharmony_ci} 2238c2ecf20Sopenharmony_ci 2248c2ecf20Sopenharmony_civoid crypto_deinit(struct hp_device *dev) 2258c2ecf20Sopenharmony_ci{ 2268c2ecf20Sopenharmony_ci if (dev->ctfm) { 2278c2ecf20Sopenharmony_ci crypto_free_skcipher(dev->ctfm); 2288c2ecf20Sopenharmony_ci dev->ctfm = NULL; 2298c2ecf20Sopenharmony_ci } 2308c2ecf20Sopenharmony_ci if (dev->blk_key) { 2318c2ecf20Sopenharmony_ci kfree_sensitive(dev->blk_key); 2328c2ecf20Sopenharmony_ci dev->blk_key = NULL; 2338c2ecf20Sopenharmony_ci } 2348c2ecf20Sopenharmony_ci} 235