From patchwork Thu Jul 14 11:56:30 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Milan Broz X-Patchwork-Id: 974902 X-Patchwork-Delegate: agk@redhat.com Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by demeter1.kernel.org (8.14.4/8.14.4) with ESMTP id p6EBx3WR011546 for ; Thu, 14 Jul 2011 11:59:23 GMT Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id p6EBudqn026269; Thu, 14 Jul 2011 07:56:41 -0400 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id p6EBucU2021181 for ; Thu, 14 Jul 2011 07:56:38 -0400 Received: from tawny.mazyland.net (tawny.brq.redhat.com [10.34.26.53]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p6EBuWlx028307; Thu, 14 Jul 2011 07:56:32 -0400 From: Milan Broz To: dm-devel@redhat.com Date: Thu, 14 Jul 2011 13:56:30 +0200 Message-Id: <1310644590-14438-1-git-send-email-mbroz@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-loop: dm-devel@redhat.com Cc: Milan Broz Subject: [dm-devel] [PATCH] dm-crypt: add mapping table option to allowing discard requests X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk Reply-To: device-mapper development List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]); Thu, 14 Jul 2011 11:59:23 +0000 (UTC) Add optional parameter field to dmcrypt table and support "allow_discards" option. Discard requests bypass crypt queue processing, bio request is simple remapped to underlying device. Note that discard will be never enabled by default because of security consequences, it is up to administrator to enable it for encrypted devices. (Note that userspace cryptsetup will not understand new optional parameters yet, support for this will come later.) Signed-off-by: Milan Broz --- Documentation/device-mapper/dm-crypt.txt | 19 +++++++++++++- drivers/md/dm-crypt.c | 39 ++++++++++++++++++++++++++--- 2 files changed, 53 insertions(+), 5 deletions(-) diff --git a/Documentation/device-mapper/dm-crypt.txt b/Documentation/device-mapper/dm-crypt.txt index 6b5c42d..08a36a7 100644 --- a/Documentation/device-mapper/dm-crypt.txt +++ b/Documentation/device-mapper/dm-crypt.txt @@ -4,7 +4,7 @@ dm-crypt Device-Mapper's "crypt" target provides transparent encryption of block devices using the kernel crypto API. -Parameters: +Parameters: [<#opt_params> ] Encryption cipher and an optional IV generation mode. @@ -37,6 +37,23 @@ Parameters: Starting sector within the device where the encrypted data begins. +<#opt_params> + Number of optional parameters. If there are no optional parameters, + the optional paramaters section can be skipped or #opt_params can be zero. + Otherwise #opt_params indicates count of following arguments. + + Examples of optional parameters section: + 1 allow_discards + +allow_discards + The block discards requests are passed through the crypt device. + (Default is to block discards requests.) + + WARNING: allowing discard on encrypted device has serious irreversible + security consequences, discarded blocks can be easily located on device + later. This can lead to leak of information from ciphertext device + (unique pattern for detecting filesystem type, used space etc). + Example scripts =============== LUKS (Linux Unified Key Setup) is now the preferred way to set up disk diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index c8827ff..2747483 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -1575,11 +1575,11 @@ bad_mem: static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv) { struct crypt_config *cc; - unsigned int key_size; + unsigned int key_size, opt_params; unsigned long long tmpll; int ret; - if (argc != 5) { + if (argc < 5) { ti->error = "Not enough arguments"; return -EINVAL; } @@ -1648,6 +1648,26 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv) } cc->start = tmpll; + /* Optional parameters */ + if (argc > 5) { + if (sscanf(argv[5], "%u", &opt_params) < 0) { + ti->error = "Invalid optional parameters"; + goto bad; + } + + if (opt_params + 6 > argc) { + ti->error = "Arguments do not agree with counts given"; + goto bad; + } + + if (opt_params == 1 && !strcmp(argv[6], "allow_discards")) + ti->num_discard_requests = 1; + else if (opt_params) { + ti->error = "Invalid optional parameters"; + goto bad; + } + } + ret = -ENOMEM; cc->io_queue = alloc_workqueue("kcryptd_io", WQ_NON_REENTRANT| @@ -1682,9 +1702,16 @@ static int crypt_map(struct dm_target *ti, struct bio *bio, struct dm_crypt_io *io; struct crypt_config *cc; - if (bio->bi_rw & REQ_FLUSH) { + /* + * If bio is REQ_FLUSH or REQ_DISCARD, just bypass crypt queues. + * - for REQ_FLUSH device-mapper core ensures that no IO is in-flight + * - for REQ_DISCARD caller must use flush if IO ordering matters + */ + if (unlikely(bio->bi_rw & (REQ_FLUSH | REQ_DISCARD))) { cc = ti->private; bio->bi_bdev = cc->dev->bdev; + if (bio_sectors(bio)) + bio->bi_sector = cc->start + dm_target_offset(ti, bio->bi_sector); return DM_MAPIO_REMAPPED; } @@ -1727,6 +1754,10 @@ static int crypt_status(struct dm_target *ti, status_type_t type, DMEMIT(" %llu %s %llu", (unsigned long long)cc->iv_offset, cc->dev->name, (unsigned long long)cc->start); + + if (ti->num_discard_requests) + DMEMIT(" 1 allow_discards"); + break; } return 0; @@ -1823,7 +1854,7 @@ static int crypt_iterate_devices(struct dm_target *ti, static struct target_type crypt_target = { .name = "crypt", - .version = {1, 10, 0}, + .version = {1, 11, 0}, .module = THIS_MODULE, .ctr = crypt_ctr, .dtr = crypt_dtr,