From: Eric Biggers <ebiggers@kernel.org>
To: Satya Tangirala <satyat@google.com>
Cc: Jens Axboe <axboe@kernel.dk>, Mike Snitzer <snitzer@redhat.com>,
linux-kernel@vger.kernel.org, linux-block@vger.kernel.org,
dm-devel@redhat.com, Alasdair Kergon <agk@redhat.com>
Subject: Re: [dm-devel] [PATCH v4 3/5] dm: add support for passing through inline crypto support
Date: Wed, 10 Feb 2021 12:17:30 -0800 [thread overview]
Message-ID: <YCQ/WjAsVA2gdb7d@gmail.com> (raw)
In-Reply-To: <20210201051019.1174983-4-satyat@google.com>
On Mon, Feb 01, 2021 at 05:10:17AM +0000, Satya Tangirala wrote:
> Update the device-mapper core to support exposing the inline crypto
> support of the underlying device(s) through the device-mapper device.
>
> This works by creating a "passthrough keyslot manager" for the dm
> device, which declares support for encryption settings which all
> underlying devices support. When a supported setting is used, the bio
> cloning code handles cloning the crypto context to the bios for all the
> underlying devices. When an unsupported setting is used, the blk-crypto
> fallback is used as usual.
>
> Crypto support on each underlying device is ignored unless the
> corresponding dm target opts into exposing it. This is needed because
> for inline crypto to semantically operate on the original bio, the data
> must not be transformed by the dm target. Thus, targets like dm-linear
> can expose crypto support of the underlying device, but targets like
> dm-crypt can't. (dm-crypt could use inline crypto itself, though.)
>
> A DM device's table can only be changed if the "new" inline encryption
> capabilities are a (*not* necessarily strict) superset of the "old" inline
> encryption capabilities. Attempts to make changes to the table that result
> in some inline encryption capability becoming no longer supported will be
> rejected.
>
> For the sake of clarity, key eviction from underlying devices will be
> handled in a future patch.
>
> Co-developed-by: Eric Biggers <ebiggers@google.com>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> Signed-off-by: Satya Tangirala <satyat@google.com>
I don't see any obvious issues with this latest version. I assume you've tested
it on real hardware?
If it's needed despite my Co-developed-by, feel free to add:
Reviewed-by: Eric Biggers <ebiggers@google.com>
A few nits about comments, in case you resend:
> diff --git a/drivers/md/dm-core.h b/drivers/md/dm-core.h
> index 086d293c2b03..bf3e66f39a4a 100644
> --- a/drivers/md/dm-core.h
> +++ b/drivers/md/dm-core.h
> @@ -13,6 +13,7 @@
> #include <linux/ktime.h>
> #include <linux/genhd.h>
> #include <linux/blk-mq.h>
> +#include <linux/keyslot-manager.h>
>
> #include <trace/events/block.h>
>
> @@ -162,6 +163,10 @@ struct dm_table {
> void *event_context;
>
> struct dm_md_mempools *mempools;
> +
> +#ifdef CONFIG_BLK_INLINE_ENCRYPTION
> + struct blk_keyslot_manager *ksm;
> +#endif
> };
It might be helpful if there was a brief comment here that explained that this
field is only set temporarily while the table is being set up, and it gets set
to NULL after the capabilities have been transferred to the request_queue.
I.e., it's not something that stays around here while the dm device is active.
> +/*
> + * Constructs and returns a keyslot manager that represents the crypto
> + * capabilities of the devices described by the dm_table. However, if the
> + * constructed keyslot manager does not support a superset of the crypto
> + * capabilities supported by the current keyslot manager of the mapped_device,
> + * it returns an error instead, since we don't support restricting crypto
> + * capabilities on table changes. Finally, if the constructed keyslot manager
> + * doesn't actually support any crypto modes at all, it just returns NULL.
> + */
> +static int
> +dm_table_construct_keyslot_manager(struct dm_table *t)
This doesn't "return" the keyslot manager anymore, but rather assigns it to
t->ksm. It would also be helpful if the comment explicitly mentioned that the
goal is to find the capabilities that all the devices have in common.
E.g. "Initializes t->ksm with a keyslot manager that represents the common set
of crypto capabilities of the devices described by the dm_table.".
> diff --git a/include/linux/device-mapper.h b/include/linux/device-mapper.h
> index 61a66fb8ebb3..d2142f5a82a7 100644
> --- a/include/linux/device-mapper.h
> +++ b/include/linux/device-mapper.h
> @@ -257,6 +257,12 @@ struct target_type {
> #define DM_TARGET_NOWAIT 0x00000080
> #define dm_target_supports_nowait(type) ((type)->features & DM_TARGET_NOWAIT)
>
> +/*
> + *
> + */
> +#define DM_TARGET_PASSES_CRYPTO 0x00000100
> +#define dm_target_passes_crypto(type) ((type)->features & DM_TARGET_PASSES_CRYPTO)
The above comment isn't very useful :-)
- Eric
--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2021-02-10 20:18 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-01 5:10 [dm-devel] [PATCH v4 0/5] add support for inline encryption to device mapper Satya Tangirala
2021-02-01 5:10 ` [dm-devel] [PATCH v4 1/5] block: keyslot-manager: Introduce passthrough keyslot manager Satya Tangirala
2021-02-01 5:10 ` [dm-devel] [PATCH v4 2/5] block: keyslot-manager: Introduce functions for device mapper support Satya Tangirala
2021-02-10 19:55 ` Eric Biggers
2021-02-01 5:10 ` [dm-devel] [PATCH v4 3/5] dm: add support for passing through inline crypto support Satya Tangirala
2021-02-10 20:17 ` Eric Biggers [this message]
2021-02-11 22:58 ` Satya Tangirala
2021-02-01 5:10 ` [dm-devel] [PATCH v4 4/5] dm: support key eviction from keyslot managers of underlying devices Satya Tangirala
2021-02-10 20:19 ` Eric Biggers
2021-02-01 5:10 ` [dm-devel] [PATCH v4 5/5] dm: set DM_TARGET_PASSES_CRYPTO feature for some targets Satya Tangirala
2021-02-10 20:24 ` Eric Biggers
2021-02-10 19:33 ` [dm-devel] [PATCH v4 0/5] add support for inline encryption to device mapper Mike Snitzer
2021-02-10 19:59 ` Jens Axboe
2021-02-11 23:01 ` Satya Tangirala
2021-02-11 23:04 ` Mike Snitzer
2021-02-12 0:47 ` Satya Tangirala
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YCQ/WjAsVA2gdb7d@gmail.com \
--to=ebiggers@kernel.org \
--cc=agk@redhat.com \
--cc=axboe@kernel.dk \
--cc=dm-devel@redhat.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=satyat@google.com \
--cc=snitzer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).