From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs
Date: Fri, 6 Oct 2017 17:54:13 +0200 [thread overview]
Message-ID: <20171006155422.10135-46-kwolf@redhat.com> (raw)
In-Reply-To: <20171006155422.10135-1-kwolf@redhat.com>
From: "Daniel P. Berrange" <berrange@redhat.com>
While current encryption schemes all have a fixed sector size of
512 bytes, this is not guaranteed to be the case in future. Expose
the sector size in the APIs so the block layer can remove assumptions
about fixed 512 byte sectors.
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 20170927125340.12360-3-berrange@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
---
crypto/blockpriv.h | 1 +
include/crypto/block.h | 15 +++++++++++++++
crypto/block-luks.c | 6 ++++--
crypto/block-qcow.c | 1 +
crypto/block.c | 6 ++++++
5 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
index 0edb810e22..d227522d88 100644
--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -36,6 +36,7 @@ struct QCryptoBlock {
QCryptoHashAlgorithm kdfhash;
size_t niv;
uint64_t payload_offset; /* In bytes */
+ uint64_t sector_size; /* In bytes */
};
struct QCryptoBlockDriver {
diff --git a/include/crypto/block.h b/include/crypto/block.h
index f0e543bee1..13232b2472 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -241,6 +241,21 @@ QCryptoHashAlgorithm qcrypto_block_get_kdf_hash(QCryptoBlock *block);
uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block);
/**
+ * qcrypto_block_get_sector_size:
+ * @block: the block encryption object
+ *
+ * Get the size of sectors used for payload encryption. A new
+ * IV is used at the start of each sector. The encryption
+ * sector size is not required to match the sector size of the
+ * underlying storage. For example LUKS will always use a 512
+ * byte sector size, even if the volume is on a disk with 4k
+ * sectors.
+ *
+ * Returns: the sector in bytes
+ */
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block);
+
+/**
* qcrypto_block_free:
* @block: the block encryption object
*
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 36bc856084..a9062bb0f2 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -846,8 +846,9 @@ qcrypto_block_luks_open(QCryptoBlock *block,
}
}
+ block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
block->payload_offset = luks->header.payload_offset *
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ block->sector_size;
luks->cipher_alg = cipheralg;
luks->cipher_mode = ciphermode;
@@ -1240,8 +1241,9 @@ qcrypto_block_luks_create(QCryptoBlock *block,
QCRYPTO_BLOCK_LUKS_SECTOR_SIZE)) *
QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS);
+ block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
block->payload_offset = luks->header.payload_offset *
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ block->sector_size;
/* Reserve header space to match payload offset */
initfunc(block, block->payload_offset, opaque, &local_err);
diff --git a/crypto/block-qcow.c b/crypto/block-qcow.c
index a456fe338b..4dd594a9ba 100644
--- a/crypto/block-qcow.c
+++ b/crypto/block-qcow.c
@@ -80,6 +80,7 @@ qcrypto_block_qcow_init(QCryptoBlock *block,
goto fail;
}
+ block->sector_size = QCRYPTO_BLOCK_QCOW_SECTOR_SIZE;
block->payload_offset = 0;
return 0;
diff --git a/crypto/block.c b/crypto/block.c
index c382393d9a..a7a9ad240e 100644
--- a/crypto/block.c
+++ b/crypto/block.c
@@ -170,6 +170,12 @@ uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block)
}
+uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block)
+{
+ return block->sector_size;
+}
+
+
void qcrypto_block_free(QCryptoBlock *block)
{
if (!block) {
--
2.13.6
next prev parent reply other threads:[~2017-10-06 15:55 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-06 15:53 [Qemu-devel] [PULL 00/54] Block layer patches Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 01/54] block: Typo fix in copy_on_readv() Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 02/54] block: Make bdrv_img_create() size selection easier to read Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 03/54] hbitmap: Rename serialization_granularity to serialization_align Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 04/54] qcow2: Ensure bitmap serialization is aligned Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 05/54] dirty-bitmap: Drop unused functions Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 06/54] dirty-bitmap: Avoid size query failure during truncate Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 07/54] dirty-bitmap: Change bdrv_dirty_bitmap_size() to report bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 08/54] dirty-bitmap: Track bitmap size by bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 09/54] dirty-bitmap: Change bdrv_dirty_bitmap_*serialize*() to take bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 10/54] qcow2: Switch sectors_covered_by_bitmap_cluster() to byte-based Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 11/54] dirty-bitmap: Set iterator start by offset, not sector Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 12/54] dirty-bitmap: Change bdrv_dirty_iter_next() to report byte offset Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 13/54] dirty-bitmap: Change bdrv_get_dirty_count() to report bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 14/54] dirty-bitmap: Change bdrv_get_dirty_locked() to take bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 15/54] dirty-bitmap: Change bdrv_[re]set_dirty_bitmap() to use bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 16/54] mirror: Switch mirror_dirty_init() to byte-based iteration Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 17/54] qcow2: Switch qcow2_measure() " Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 18/54] qcow2: Switch load_bitmap_data() " Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 19/54] qcow2: Switch store_bitmap_data() " Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 20/54] dirty-bitmap: Switch bdrv_set_dirty() to bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 21/54] dirty-bitmap: Convert internal hbitmap size/granularity Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 22/54] hw/block/onenand: Remove dead code block Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 23/54] qemu-iotests: remove dead code Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 24/54] qemu-iotests: get rid of AWK_PROG Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 25/54] qemu-iotests: move "check" code out of common.rc Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 26/54] qemu-iotests: cleanup and fix search for programs Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 27/54] qemu-iotests: limit non-_PROG-suffixed variables to common.rc Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 28/54] qemu-iotests: do not include common.rc in "check" Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 29/54] qemu-iotests: disintegrate more parts of common.config Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 30/54] qemu-iotests: fix uninitialized variable Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 31/54] qemu-iotests: get rid of $iam Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 32/54] qemu-iotests: merge "check" and "common" Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 33/54] block: Introduce BdrvChildRole.update_filename Kevin Wolf
2017-11-03 18:34 ` Peter Maydell
2017-10-06 15:54 ` [Qemu-devel] [PULL 34/54] commit: Support multiple roots above top node Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 35/54] qemu-iotests: Allow QMP pretty printing in common.qemu Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 36/54] qemu-iotests: Test commit block job where top has two parents Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 37/54] commit: Remove overlay_bs Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 38/54] qemu-io: Add -C for opening with copy-on-read Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 39/54] block: Uniform handling of 0-length bdrv_get_block_status() Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 40/54] iotests: Restore stty settings on completion Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 41/54] block: Add blkdebug hook for copy-on-read Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 42/54] block: Perform copy-on-read in loop Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 43/54] iotests: Add test 197 for covering copy-on-read Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 44/54] block: use 1 MB bounce buffers for crypto instead of 16KB Kevin Wolf
2017-10-06 15:54 ` Kevin Wolf [this message]
2017-10-06 15:54 ` [Qemu-devel] [PULL 46/54] block: fix data type casting for crypto payload offset Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 47/54] block: convert crypto driver to bdrv_co_preadv|pwritev Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 48/54] block: convert qcrypto_block_encrypt|decrypt to take bytes offset Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 49/54] block: support passthrough of BDRV_REQ_FUA in crypto driver Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 50/54] block/mirror: check backing in bdrv_mirror_top_refresh_filename Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 51/54] iotests: Fix 195 if IMGFMT is part of TEST_DIR Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 52/54] qcow2: fix return error code in qcow2_truncate() Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 53/54] qcow2: truncate the tail of the image file after shrinking the image Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 54/54] block/mirror: check backing in bdrv_mirror_top_flush Kevin Wolf
2017-10-06 18:01 ` [Qemu-devel] [PULL 00/54] Block layer patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171006155422.10135-46-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.