linux-block.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Satya Tangirala <satyat@google.com>
To: linux-block@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: Jens Axboe <axboe@kernel.dk>, Eric Biggers <ebiggers@google.com>,
	Satya Tangirala <satyat@google.com>
Subject: [PATCH v2 6/8] block: keyslot-manager: introduce blk_ksm_restrict_dus_to_queue_limits()
Date: Thu, 25 Mar 2021 21:26:07 +0000	[thread overview]
Message-ID: <20210325212609.492188-7-satyat@google.com> (raw)
In-Reply-To: <20210325212609.492188-1-satyat@google.com>

Not all crypto data unit sizes might be supported by the block layer due to
certain queue limits. This new function checks the queue limits and
appropriately modifies the keyslot manager to reflect only the supported
crypto data unit sizes. blk_ksm_register() runs any given ksm through this
function before actually registering the ksm with a queue.

Signed-off-by: Satya Tangirala <satyat@google.com>
---
 block/keyslot-manager.c | 59 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)

diff --git a/block/keyslot-manager.c b/block/keyslot-manager.c
index 2a2b1a9785d2..fad6d9c4b649 100644
--- a/block/keyslot-manager.c
+++ b/block/keyslot-manager.c
@@ -450,12 +450,71 @@ bool blk_ksm_is_empty(struct blk_keyslot_manager *ksm)
 }
 EXPORT_SYMBOL_GPL(blk_ksm_is_empty);
 
+/*
+ * Restrict the supported data unit sizes of the ksm based on the request queue
+ * limits
+ */
+void blk_ksm_restrict_dus_to_queue_limits(struct blk_keyslot_manager *ksm,
+					  struct queue_limits *limits)
+{
+	/* The largest possible data unit size we support is PAGE_SIZE. */
+	unsigned long largest_dus = PAGE_SIZE;
+	unsigned int dus_allowed_mask;
+	int i;
+	bool dus_was_restricted = false;
+
+	/*
+	 * If the queue doesn't support SG gaps, a bio might get split in the
+	 * middle of a data unit. So require SG gap support for inline
+	 * encryption for any data unit size larger than a single sector.
+	 */
+	if (limits->virt_boundary_mask)
+		largest_dus = SECTOR_SIZE;
+
+	/*
+	 * If the queue has chunk_sectors, the bio might be split within a data
+	 * unit if the data unit size is larger than a single sector. So only
+	 * support a single sector data unit size in this case.
+	 */
+	if (limits->chunk_sectors)
+		largest_dus = SECTOR_SIZE;
+
+	/*
+	 * Any bio sent to the queue must be allowed to contain at least a
+	 * data_unit_size worth of data. Since each segment in a bio contains
+	 * at least a SECTOR_SIZE worth of data, it's sufficient that
+	 * queue_max_segments(q) * SECTOR_SIZE >= data_unit_size. So disable
+	 * all data_unit_sizes not satisfiable.
+	 */
+	largest_dus = min(largest_dus,
+			1UL << (fls(limits->max_segments) - 1 + SECTOR_SHIFT));
+
+	/* Clear all unsupported data unit sizes. */
+	dus_allowed_mask = (largest_dus << 1) - 1;
+	for (i = 0; i < ARRAY_SIZE(ksm->crypto_modes_supported); i++) {
+		if (ksm->crypto_modes_supported[i] & (~dus_allowed_mask))
+			dus_was_restricted = true;
+		ksm->crypto_modes_supported[i] &= dus_allowed_mask;
+	}
+
+	if (dus_was_restricted) {
+		pr_warn("Disallowed use of encryption data unit sizes above %lu bytes with inline encryption hardware because of device request queue limits.\n",
+			largest_dus);
+	}
+}
+
 bool blk_ksm_register(struct blk_keyslot_manager *ksm, struct request_queue *q)
 {
 	if (blk_integrity_queue_supports_integrity(q)) {
 		pr_warn("Integrity and hardware inline encryption are not supported together. Disabling hardware inline encryption.\n");
 		return false;
 	}
+
+	blk_ksm_restrict_dus_to_queue_limits(ksm, &q->limits);
+
+	if (blk_ksm_is_empty(ksm))
+		return false;
+
 	q->ksm = ksm;
 	return true;
 }
-- 
2.31.0.291.g576ba9dcdaf-goog


  parent reply	other threads:[~2021-03-25 21:28 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-25 21:26 [PATCH v2 0/8] ensure bios aren't split in middle of crypto data unit Satya Tangirala
2021-03-25 21:26 ` [PATCH v2 1/8] block: introduce blk_ksm_is_empty() Satya Tangirala
2021-03-30 18:04   ` Christoph Hellwig
2021-04-15 19:21   ` Eric Biggers
2021-03-25 21:26 ` [PATCH v2 2/8] dm,mmc,ufshcd: handle error from blk_ksm_register() Satya Tangirala
2021-04-15 19:27   ` Eric Biggers
2021-03-25 21:26 ` [PATCH v2 3/8] block: blk-crypto: introduce blk_crypto_bio_sectors_alignment() Satya Tangirala
2021-04-15 19:33   ` Eric Biggers
2021-03-25 21:26 ` [PATCH v2 4/8] block: introduce bio_required_sector_alignment() Satya Tangirala
2021-03-30 18:06   ` Christoph Hellwig
2021-04-15 19:37     ` Eric Biggers
2021-04-15 19:44   ` Eric Biggers
2021-03-25 21:26 ` [PATCH v2 5/8] block: respect bio_required_sector_alignment() in blk-crypto-fallback Satya Tangirala
2021-04-15 19:45   ` Eric Biggers
2021-03-25 21:26 ` Satya Tangirala [this message]
2021-03-26  3:50   ` [PATCH v2 6/8] block: keyslot-manager: introduce blk_ksm_restrict_dus_to_queue_limits() kernel test robot
2021-03-26  6:28   ` kernel test robot
2021-04-15 19:55   ` Eric Biggers
2021-03-25 21:26 ` [PATCH v2 7/8] blk-merge: Ensure bios aren't split in middle of a crypto data unit Satya Tangirala
2021-03-25 21:26 ` [PATCH v2 8/8] block: add WARN() in bio_split() for sector alignment Satya Tangirala
2021-03-26  3:47   ` Bart Van Assche
2021-04-15 20:00   ` Eric Biggers
2021-03-25 21:51 ` [PATCH v2 0/8] ensure bios aren't split in middle of crypto data unit Bart Van Assche
2021-03-26  1:39   ` Satya Tangirala
2021-03-26  3:46     ` Bart Van Assche
2021-03-26  7:56       ` Satya Tangirala

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210325212609.492188-7-satyat@google.com \
    --to=satyat@google.com \
    --cc=axboe@kernel.dk \
    --cc=ebiggers@google.com \
    --cc=linux-block@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --subject='Re: [PATCH v2 6/8] block: keyslot-manager: introduce blk_ksm_restrict_dus_to_queue_limits()' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
on how to clone and mirror all data and code used for this inbox