Modify header files by adding data strcture and MACROs to support
certification related self-tests and integrity tests.
Add data structure qcrypto_func_set in qcrpto.h, and use it in
dm-req-crypt.c, to support qualcomm crypto library as a dynamic
loadable kernel module (for the FIPS certificate requirement).
Change-Id: I9e60374b93014b5783559820de2056168fb73bbd
Acked-by: Jing Deng <jingd@qti.qualcomm.com>
Signed-off-by: Zhen Kong <zkong@codeaurora.org>
Signed-off-by: William Clark <wclark@codeaurora.org>
Split an IO into multiple requests so the the crypto accelerators
can be exercized in parallel to reduce latency.
Change-Id: I24b15568b5afd375ad39bf3b74f60743f0e1dde9
Acked-by: Baranidharan Muthukumaran <bmuthuku@qti.qualcomm.com>
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
Storage hardware can have embedded crypto engine which can greatly
reduce degradation in IO performance if crypto operations are performed
on data. Added support in dm-req-crypt so that it can work either in
transparent mode or crypto mode. In transparent mode, dm-req-crypt will
not perform any crypto operation by itself. In crypto mode, dm-req-crypt
will perform crypto operation on data using a seperate crypto engine
(SW based CE or HW based CE).
Change-Id: I8f27840899566c1a608ca13ce6b7480c9866fb6a
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
Recalculate nr_phys_segments after pages are allocated
for write requests. Move _req_crypt_io_pool allocation
and de-allocation to ctr and dtr instead of driver init
and exit.
Change-Id: I8576dce1f7c9bc39dcc975762562fb84a349bba7
Acked-by: Baranidharan Muthukumaran <bmuthuku@qti.qualcomm.com>
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
dm-req-crypt was not initializing number of engines available for
crypto operation. Hence, number of engines were getting accumulated
everytime a device based of dm-req-crypt was created. This caused
crash in qcrypto module while retrieving the crypto engine.
Change-Id: I06b5b296a80ae4f9f6bfd024222be9f47a29bfce
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
dm-req-crypt does not release the device which it got during
construction of dm-req-crypt based node. This causes issue if
dm-req-crypt based device is created and destroyed without
rebooting the device.
Change-Id: Ifeb1210a6e1cf365b8a656556082806a24f3e582
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
Add info message when mapping a block-device to
the dm-req-crypt device-mapper target.
This is the first step before this driver can be used for
encryption of a block device.
It is called once per power-up when disk-encryption is enabled.
Change-Id: I51866b95cbe77d1a3d39fcd5d5d5297c78950fa2
Signed-off-by: Amir Samuelov <amirs@codeaurora.org>
Remove WQ_HIGHPRI flag for the workqueue. WQ_HIGHPRI and
WQ_UNBOUND flags cannot be used together.
Change-Id: I4ca4eb6596552866049ea6402e492f463eeaed2c
Acked-by: Baranidharan Muthukumaran <bmuthuku@qti.qualcomm.com>
Signed-off-by: Zhen Kong <zkong@codeaurora.org>
Add support for multiple crypto instances, ping-pong between
available crypto instances to increase performance
Change-Id: I562d77bf0f70ce6cab173dae18bc40fc5e766ba1
Signed-off-by: William Clark <wclark@codeaurora.org>
for backward compatibility, argc == 5 is allowed.
however, check argc >= 6 before access argv[5].
Change-Id: Ib7baf741b302110bb170b8c915bfa3dbb223f606
Signed-off-by: Amir Samuelov <amirs@codeaurora.org>
When read/write a file using dircet-io (O_DIRECT),
we can't get the inode from a bio by walking the path
bio->bi_io_vec->bv_page->mapping->host
since the page is anonymous and not mapped.
On the other more typical cases when not using O_DIRECT,
the page cache is used and the bv_page is available.
Change-Id: I349cad54a978ed9919f960d55f0f95c1e53262e5
Signed-off-by: Amir Samuelov <amirs@codeaurora.org>
Support Per-File-Encryption (PFE) based on file tagging.
The Per-File-Tagger (PFT) reports if a file should be encrypted or not.
The Per-File-Encryption can be used after Full-Disk-Encryption (FDE) was
completed or without FDE.
The PFE and FDE uses different keys, which are managed by the Trust-Zone.
Change-Id: I727ef11e252649f895a5e3f8a49ca848cea50795
Signed-off-by: Amir Samuelov <amirs@codeaurora.org>
HW crypto provides different instance for different use cases.
Dm-req-crypt should use the one for full disk encryption use case.
Change-Id: I22d3f6ab1dd6f83b0d5b83a681236719e2340934
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
dm-req-crypt defines optional functions from device mapper. These
functions are not required for dm-req-crypt. dm-req-crypt has few
memory de-allocation issues. This change removes unnecessary
functions and fixes memory deallocation issues as well.
Change-Id: Id36bd13989940ce41571a8a10277730048df6f6d
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
dm-req-crypt currently uses AES 128 bit. Updating dm-req-crypt
to use AES 256 bit instead.
Change-Id: I2e8a4484b25496d53f1f9aa83ec6c0ed7b947901
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
dm-req-crypt uses AES-XTS algorithm implemented by HW crypto
engine. Crypto driver renamed the aes-xts algorithm to avoid
conflict with SW based implementation of AES-XTS. dm-req-crypt
must use the new name for AES-XTS provided by crypto driver.
Change-Id: I286b6435af33fd64673c7c1af4bb2447f3115868
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>
dm-crypt provides bios based device mapper module. dm-crypt
operates on packets with 512 bytes size which is not effiicent
way for HW based crypto blocks. dm-req-crypt is developed to
address this. dm-req-crypt works on requests which carry upto
512KB of data for unmerged requests.
Change-Id: I7d6a63d516dc2dbe80f46c06dd0722847d55bc9f
Signed-off-by: Dinesh K Garg <dineshg@codeaurora.org>