1. 14 1月, 2011 7 次提交
    • M
      dm crypt: add loop aes iv generator · 34745785
      Milan Broz 提交于
      This patch adds a compatible implementation of the block
      chaining mode used by the Loop-AES block device encryption
      system (http://loop-aes.sourceforge.net/) designed
      by Jari Ruusu.
      
      It operates on full 512 byte sectors and uses CBC
      with an IV derived from the sector number, the data and
      optionally extra IV seed.
      
      This means that after CBC decryption the first block of sector
      must be tweaked according to decrypted data.
      
      Loop-AES can use three encryption schemes:
       version 1: is plain aes-cbc mode (already compatible)
       version 2: uses 64 multikey scheme with own IV generator
       version 3: the same as version 2 with additional IV seed
                  (it uses 65 keys, last key is used as IV seed)
      
      The IV generator is here named lmk (Loop-AES multikey)
      and for the cipher specification looks like: aes:64-cbc-lmk
      
      Version 2 and 3 is recognised according to length
      of provided multi-key string (which is just hexa encoded
      "raw key" used in original Loop-AES ioctl).
      
      Configuration of the device and decoding key string will
      be done in userspace (cryptsetup).
      (Loop-AES stores keys in gpg encrypted file, raw keys are
      output of simple hashing of lines in this file).
      
      Based on an implementation by Max Vozeler:
        http://article.gmane.org/gmane.linux.kernel.cryptoapi/3752/Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      CC: Max Vozeler <max@hinterhof.net>
      34745785
    • M
      dm crypt: add multi key capability · d1f96423
      Milan Broz 提交于
      This patch adds generic multikey handling to be used
      in following patch for Loop-AES mode compatibility.
      
      This patch extends mapping table to optional keycount and
      implements generic multi-key capability.
      
      With more keys defined the <key> string is divided into
      several <keycount> sections and these are used for tfms.
      
      The tfm is used according to sector offset
      (sector 0->tfm[0], sector 1->tfm[1], sector N->tfm[N modulo keycount])
      (only power of two values supported for keycount here).
      
      Because of tfms per-cpu allocation, this mode can be take
      a lot of memory on large smp systems.
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      Cc: Max Vozeler <max@hinterhof.net>
      d1f96423
    • M
      dm crypt: add post iv call to iv generator · 2dc5327d
      Milan Broz 提交于
      IV (initialisation vector) can in principle depend not only
      on sector but also on plaintext data (or other attributes).
      
      Change IV generator interface to work directly with dmreq
      structure to allow such dependence in generator.
      
      Also add post() function which is called after the crypto
      operation.
      
      This allows tricky modification of decrypted data or IV
      internals.
      
      In asynchronous mode the post() can be called after
      ctx->sector count was increased so it is needed
      to add iv_sector copy directly to dmreq structure.
      (N.B. dmreq always include only one sector in scatterlists)
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      2dc5327d
    • M
      dm crypt: use io thread for reads only if mempool exhausted · 20c82538
      Milan Broz 提交于
      If there is enough memory, code can directly submit bio
      instead queing this operation in separate thread.
      
      Try to alloc bio clone with GFP_NOWAIT and only if it
      fails use separate queue (map function cannot block here).
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      20c82538
    • A
      dm crypt: scale to multiple cpus · c0297721
      Andi Kleen 提交于
      Currently dm-crypt does all the encryption work for a single dm-crypt
      mapping in a single workqueue. This does not scale well when multiple
      CPUs are submitting IO at a high rate. The single CPU running the single
      thread cannot keep up with the encryption and encrypted IO performance
      tanks.
      
      This patch changes the crypto workqueue to be per CPU. This means
      that as long as the IO submitter (or the interrupt target CPUs
      for reads) runs on different CPUs the encryption work will be also
      parallel.
      
      To avoid a bottleneck on the IO worker I also changed those to be
      per-CPU threads.
      
      There is still some shared data, so I suspect some bouncing
      cache lines. But I haven't done a detailed study on that yet.
      Signed-off-by: NAndi Kleen <ak@linux.intel.com>
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      c0297721
    • M
      dm crypt: simplify compatible table output · 7dbcd137
      Milan Broz 提交于
      Rename cc->cipher_mode to cc->cipher_string and store the whole of the cipher
      information so it can easily be printed when processing the DM_DEV_STATUS ioctl.
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      7dbcd137
    • M
      dm crypt: set key size early · 69a8cfcd
      Milan Broz 提交于
      Simplify key size verification (hexadecimal string) and
      set key size early in constructor.
      
      (Patch required by later changes.)
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      69a8cfcd
  2. 10 9月, 2010 1 次提交
    • T
      dm: implement REQ_FLUSH/FUA support for bio-based dm · d87f4c14
      Tejun Heo 提交于
      This patch converts bio-based dm to support REQ_FLUSH/FUA instead of
      now deprecated REQ_HARDBARRIER.
      
      * -EOPNOTSUPP handling logic dropped.
      
      * Preflush is handled as before but postflush is dropped and replaced
        with passing down REQ_FUA to member request_queues.  This replaces
        one array wide cache flush w/ member specific FUA writes.
      
      * __split_and_process_bio() now calls __clone_and_map_flush() directly
        for flushes and guarantees all FLUSH bio's going to targets are zero
      `  length.
      
      * It's now guaranteed that all FLUSH bio's which are passed onto dm
        targets are zero length.  bio_empty_barrier() tests are replaced
        with REQ_FLUSH tests.
      
      * Empty WRITE_BARRIERs are replaced with WRITE_FLUSHes.
      
      * Dropped unlikely() around REQ_FLUSH tests.  Flushes are not unlikely
        enough to be marked with unlikely().
      
      * Block layer now filters out REQ_FLUSH/FUA bio's if the request_queue
        doesn't support cache flushing.  Advertise REQ_FLUSH | REQ_FUA
        capability.
      
      * Request based dm isn't converted yet.  dm_init_request_based_queue()
        resets flush support to 0 for now.  To avoid disturbing request
        based dm code, dm->flush_error is added for bio based dm while
        requested based dm continues to use dm->barrier_error.
      
      Lightly tested linear, stripe, raid1, snap and crypt targets.  Please
      proceed with caution as I'm not familiar with the code base.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Cc: dm-devel@redhat.com
      Cc: Christoph Hellwig <hch@lst.de>
      Signed-off-by: NJens Axboe <jaxboe@fusionio.com>
      d87f4c14
  3. 12 8月, 2010 4 次提交
  4. 06 3月, 2010 1 次提交
  5. 11 12月, 2009 6 次提交
  6. 09 11月, 2009 1 次提交
  7. 24 7月, 2009 1 次提交
  8. 11 7月, 2009 1 次提交
  9. 22 6月, 2009 2 次提交
  10. 03 4月, 2009 1 次提交
  11. 17 3月, 2009 2 次提交
    • M
      dm crypt: wait for endio to complete before destruction · b35f8caa
      Milan Broz 提交于
      The following oops has been reported when dm-crypt runs over a loop device.
      
      ...
      [   70.381058] Process loop0 (pid: 4268, ti=cf3b2000 task=cf1cc1f0 task.ti=cf3b2000)
      ...
      [   70.381058] Call Trace:
      [   70.381058]  [<d0d76601>] ? crypt_dec_pending+0x5e/0x62 [dm_crypt]
      [   70.381058]  [<d0d767b8>] ? crypt_endio+0xa2/0xaa [dm_crypt]
      [   70.381058]  [<d0d76716>] ? crypt_endio+0x0/0xaa [dm_crypt]
      [   70.381058]  [<c01a2f24>] ? bio_endio+0x2b/0x2e
      [   70.381058]  [<d0806530>] ? dec_pending+0x224/0x23b [dm_mod]
      [   70.381058]  [<d08066e4>] ? clone_endio+0x79/0xa4 [dm_mod]
      [   70.381058]  [<d080666b>] ? clone_endio+0x0/0xa4 [dm_mod]
      [   70.381058]  [<c01a2f24>] ? bio_endio+0x2b/0x2e
      [   70.381058]  [<c02bad86>] ? loop_thread+0x380/0x3b7
      [   70.381058]  [<c02ba8a1>] ? do_lo_send_aops+0x0/0x165
      [   70.381058]  [<c013754f>] ? autoremove_wake_function+0x0/0x33
      [   70.381058]  [<c02baa06>] ? loop_thread+0x0/0x3b7
      
      When a table is being replaced, it waits for I/O to complete
      before destroying the mempool, but the endio function doesn't
      call mempool_free() until after completing the bio.
      
      Fix it by swapping the order of those two operations.
      
      The same problem occurs in dm.c with md referenced after dec_pending.
      Again, we swap the order.
      
      Cc: stable@kernel.org
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      b35f8caa
    • H
      dm crypt: fix kcryptd_async_done parameter · b2174eeb
      Huang Ying 提交于
      In the async encryption-complete function (kcryptd_async_done), the
      crypto_async_request passed in may be different from the one passed to
      crypto_ablkcipher_encrypt/decrypt.  Only crypto_async_request->data is
      guaranteed to be same as the one passed in.  The current
      kcryptd_async_done uses the passed-in crypto_async_request directly
      which may cause the AES-NI-based AES algorithm implementation to panic.
      
      This patch fixes this bug by only using crypto_async_request->data,
      which points to dm_crypt_request, the crypto_async_request passed in.
      The original data (convert_context) is gotten from dm_crypt_request.
      
      [mbroz@redhat.com: reworked]
      Cc: stable@kernel.org
      Signed-off-by: NHuang Ying <ying.huang@intel.com>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      b2174eeb
  12. 06 1月, 2009 1 次提交
    • M
      dm: consolidate target deregistration error handling · 10d3bd09
      Mikulas Patocka 提交于
      Change dm_unregister_target to return void and use BUG() for error
      reporting.
      
      dm_unregister_target can only fail because of programming bug in the
      target driver. It can't fail because of user's behavior or disk errors.
      
      This patch changes unregister_target to return void and use BUG if
      someone tries to unregister non-registered target or unregister target
      that is in use.
      
      This patch removes code duplication (testing of error codes in all dm
      targets) and reports bugs in just one place, in dm_unregister_target. In
      some target drivers, these return codes were ignored, which could lead
      to a situation where bugs could be missed.
      Signed-off-by: NMikulas Patocka <mpatocka@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      10d3bd09
  13. 29 12月, 2008 1 次提交
    • J
      bio: allow individual slabs in the bio_set · bb799ca0
      Jens Axboe 提交于
      Instead of having a global bio slab cache, add a reference to one
      in each bio_set that is created. This allows for personalized slabs
      in each bio_set, so that they can have bios of different sizes.
      
      This means we can personalize the bios we return. File systems may
      want to embed the bio inside another structure, to avoid allocation
      more items (and stuffing them in ->bi_private) after the get a bio.
      Or we may want to embed a number of bio_vecs directly at the end
      of a bio, to avoid doing two allocations to return a bio. This is now
      possible.
      Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
      bb799ca0
  14. 22 10月, 2008 4 次提交
    • M
      dm crypt: remove waitqueue · 0a4a1047
      Milan Broz 提交于
      Remove waitqueue no longer needed with the async crypto interface.
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      0a4a1047
    • M
      dm crypt: fix async split · 393b47ef
      Milan Broz 提交于
      When writing io, dm-crypt has to allocate a new cloned bio
      and encrypt the data into newly-allocated pages attached to this bio.
      In rare cases, because of hw restrictions (e.g. physical segment limit)
      or memory pressure, sometimes more than one cloned bio has to be used,
      each processing a different fragment of the original.
      
      Currently there is one waitqueue which waits for one fragment to finish
      and continues processing the next fragment.
      
      But when using asynchronous crypto this doesn't work, because several
      fragments may be processed asynchronously or in parallel and there is
      only one crypt context that cannot be shared between the bio fragments.
      The result may be corruption of the data contained in the encrypted bio.
      
      The patch fixes this by allocating new dm_crypt_io structs (with new
      crypto contexts) and running them independently.
      
      The fragments contains a pointer to the base dm_crypt_io struct to
      handle reference counting, so the base one is properly deallocated
      after all the fragments are finished.
      
      In a low memory situation, this only uses one additional object from the
      mempool.  If the mempool is empty, the next allocation simple waits for
      previous fragments to complete.
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      393b47ef
    • M
      dm crypt: tidy sector · b635b00e
      Milan Broz 提交于
      Prepare local sector variable (offset) for later patch.
      Do not update io->sector for still-running I/O.
      
      No functional change.
      Signed-off-by: NMilan Broz <mbroz@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      b635b00e
    • M
      dm: remove dm header from targets · 586e80e6
      Mikulas Patocka 提交于
      Change #include "dm.h" to #include <linux/device-mapper.h> in all targets.
      Targets should not need direct access to internal DM structures.
      Signed-off-by: NMikulas Patocka <mpatocka@redhat.com>
      Signed-off-by: NAlasdair G Kergon <agk@redhat.com>
      586e80e6
  15. 10 10月, 2008 7 次提交