]>
Commit | Line | Data |
---|---|---|
78368575 DB |
1 | /* |
2 | * QEMU block full disk encryption | |
3 | * | |
4 | * Copyright (c) 2015-2016 Red Hat, Inc. | |
5 | * | |
6 | * This library is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU Lesser General Public | |
8 | * License as published by the Free Software Foundation; either | |
9 | * version 2 of the License, or (at your option) any later version. | |
10 | * | |
11 | * This library is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * Lesser General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU Lesser General Public | |
17 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. | |
18 | * | |
19 | */ | |
20 | ||
21 | #include "qemu/osdep.h" | |
22 | ||
23 | #include "block/block_int.h" | |
f853465a | 24 | #include "block/qdict.h" |
78368575 DB |
25 | #include "sysemu/block-backend.h" |
26 | #include "crypto/block.h" | |
27 | #include "qapi/opts-visitor.h" | |
9af23989 | 28 | #include "qapi/qapi-visit-crypto.h" |
306a06e5 | 29 | #include "qapi/qobject-input-visitor.h" |
78368575 | 30 | #include "qapi/error.h" |
0b8fa32f | 31 | #include "qemu/module.h" |
922a01a0 | 32 | #include "qemu/option.h" |
1bba30da | 33 | #include "qemu/cutils.h" |
0d8c41da | 34 | #include "crypto.h" |
78368575 DB |
35 | |
36 | typedef struct BlockCrypto BlockCrypto; | |
37 | ||
38 | struct BlockCrypto { | |
39 | QCryptoBlock *block; | |
40 | }; | |
41 | ||
42 | ||
43 | static int block_crypto_probe_generic(QCryptoBlockFormat format, | |
44 | const uint8_t *buf, | |
45 | int buf_size, | |
46 | const char *filename) | |
47 | { | |
48 | if (qcrypto_block_has_format(format, buf, buf_size)) { | |
49 | return 100; | |
50 | } else { | |
51 | return 0; | |
52 | } | |
53 | } | |
54 | ||
55 | ||
56 | static ssize_t block_crypto_read_func(QCryptoBlock *block, | |
57 | size_t offset, | |
58 | uint8_t *buf, | |
59 | size_t buflen, | |
e4a3507e | 60 | void *opaque, |
37509233 | 61 | Error **errp) |
78368575 DB |
62 | { |
63 | BlockDriverState *bs = opaque; | |
64 | ssize_t ret; | |
65 | ||
cf2ab8fc | 66 | ret = bdrv_pread(bs->file, offset, buf, buflen); |
78368575 DB |
67 | if (ret < 0) { |
68 | error_setg_errno(errp, -ret, "Could not read encryption header"); | |
69 | return ret; | |
70 | } | |
71 | return ret; | |
72 | } | |
73 | ||
74 | ||
75 | struct BlockCryptoCreateData { | |
78368575 DB |
76 | BlockBackend *blk; |
77 | uint64_t size; | |
672de729 | 78 | PreallocMode prealloc; |
78368575 DB |
79 | }; |
80 | ||
81 | ||
82 | static ssize_t block_crypto_write_func(QCryptoBlock *block, | |
83 | size_t offset, | |
84 | const uint8_t *buf, | |
85 | size_t buflen, | |
e4a3507e | 86 | void *opaque, |
37509233 | 87 | Error **errp) |
78368575 DB |
88 | { |
89 | struct BlockCryptoCreateData *data = opaque; | |
90 | ssize_t ret; | |
91 | ||
8341f00d | 92 | ret = blk_pwrite(data->blk, offset, buf, buflen, 0); |
78368575 DB |
93 | if (ret < 0) { |
94 | error_setg_errno(errp, -ret, "Could not write encryption header"); | |
95 | return ret; | |
96 | } | |
97 | return ret; | |
98 | } | |
99 | ||
100 | ||
101 | static ssize_t block_crypto_init_func(QCryptoBlock *block, | |
102 | size_t headerlen, | |
e4a3507e | 103 | void *opaque, |
37509233 | 104 | Error **errp) |
78368575 DB |
105 | { |
106 | struct BlockCryptoCreateData *data = opaque; | |
3d1900a4 ML |
107 | Error *local_error = NULL; |
108 | int ret; | |
78368575 | 109 | |
3d7ed9c4 | 110 | if (data->size > INT64_MAX || headerlen > INT64_MAX - data->size) { |
3d1900a4 ML |
111 | ret = -EFBIG; |
112 | goto error; | |
3d7ed9c4 KW |
113 | } |
114 | ||
78368575 DB |
115 | /* User provided size should reflect amount of space made |
116 | * available to the guest, so we must take account of that | |
117 | * which will be used by the crypto header | |
118 | */ | |
3d1900a4 ML |
119 | ret = blk_truncate(data->blk, data->size + headerlen, false, |
120 | data->prealloc, 0, &local_error); | |
121 | ||
122 | if (ret >= 0) { | |
123 | return ret; | |
124 | } | |
125 | ||
126 | error: | |
127 | if (ret == -EFBIG) { | |
128 | /* Replace the error message with a better one */ | |
129 | error_free(local_error); | |
130 | error_setg(errp, "The requested file size is too large"); | |
131 | } else { | |
132 | error_propagate(errp, local_error); | |
133 | } | |
134 | ||
135 | return ret; | |
78368575 DB |
136 | } |
137 | ||
138 | ||
139 | static QemuOptsList block_crypto_runtime_opts_luks = { | |
140 | .name = "crypto", | |
141 | .head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head), | |
142 | .desc = { | |
4a47f854 | 143 | BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""), |
78368575 DB |
144 | { /* end of list */ } |
145 | }, | |
146 | }; | |
147 | ||
148 | ||
149 | static QemuOptsList block_crypto_create_opts_luks = { | |
150 | .name = "crypto", | |
151 | .head = QTAILQ_HEAD_INITIALIZER(block_crypto_create_opts_luks.head), | |
152 | .desc = { | |
153 | { | |
154 | .name = BLOCK_OPT_SIZE, | |
155 | .type = QEMU_OPT_SIZE, | |
156 | .help = "Virtual disk size" | |
157 | }, | |
4a47f854 DB |
158 | BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""), |
159 | BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(""), | |
160 | BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(""), | |
161 | BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(""), | |
162 | BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(""), | |
163 | BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(""), | |
164 | BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""), | |
78368575 DB |
165 | { /* end of list */ } |
166 | }, | |
167 | }; | |
168 | ||
169 | ||
306a06e5 | 170 | QCryptoBlockOpenOptions * |
796d3239 | 171 | block_crypto_open_opts_init(QDict *opts, Error **errp) |
78368575 | 172 | { |
09204eac | 173 | Visitor *v; |
796d3239 | 174 | QCryptoBlockOpenOptions *ret; |
78368575 | 175 | |
796d3239 | 176 | v = qobject_input_visitor_new_flat_confused(opts, errp); |
e6af90f3 | 177 | if (!v) { |
796d3239 | 178 | return NULL; |
f853465a | 179 | } |
78368575 | 180 | |
796d3239 | 181 | visit_type_QCryptoBlockOpenOptions(v, NULL, &ret, errp); |
78368575 | 182 | |
09204eac | 183 | visit_free(v); |
78368575 DB |
184 | return ret; |
185 | } | |
186 | ||
187 | ||
306a06e5 | 188 | QCryptoBlockCreateOptions * |
796d3239 | 189 | block_crypto_create_opts_init(QDict *opts, Error **errp) |
78368575 | 190 | { |
09204eac | 191 | Visitor *v; |
796d3239 | 192 | QCryptoBlockCreateOptions *ret; |
78368575 | 193 | |
796d3239 | 194 | v = qobject_input_visitor_new_flat_confused(opts, errp); |
e6af90f3 | 195 | if (!v) { |
796d3239 | 196 | return NULL; |
f853465a | 197 | } |
78368575 | 198 | |
796d3239 | 199 | visit_type_QCryptoBlockCreateOptions(v, NULL, &ret, errp); |
78368575 | 200 | |
09204eac | 201 | visit_free(v); |
78368575 DB |
202 | return ret; |
203 | } | |
204 | ||
43cbd06d ML |
205 | QCryptoBlockAmendOptions * |
206 | block_crypto_amend_opts_init(QDict *opts, Error **errp) | |
207 | { | |
208 | Visitor *v; | |
209 | QCryptoBlockAmendOptions *ret; | |
210 | ||
211 | v = qobject_input_visitor_new_flat_confused(opts, errp); | |
212 | if (!v) { | |
213 | return NULL; | |
214 | } | |
215 | ||
216 | visit_type_QCryptoBlockAmendOptions(v, NULL, &ret, errp); | |
217 | ||
218 | visit_free(v); | |
219 | return ret; | |
220 | } | |
221 | ||
78368575 DB |
222 | |
223 | static int block_crypto_open_generic(QCryptoBlockFormat format, | |
224 | QemuOptsList *opts_spec, | |
225 | BlockDriverState *bs, | |
226 | QDict *options, | |
227 | int flags, | |
228 | Error **errp) | |
229 | { | |
230 | BlockCrypto *crypto = bs->opaque; | |
231 | QemuOpts *opts = NULL; | |
232 | Error *local_err = NULL; | |
233 | int ret = -EINVAL; | |
234 | QCryptoBlockOpenOptions *open_opts = NULL; | |
235 | unsigned int cflags = 0; | |
306a06e5 | 236 | QDict *cryptoopts = NULL; |
78368575 | 237 | |
8b1869da HR |
238 | bs->file = bdrv_open_child(NULL, options, "file", bs, &child_of_bds, |
239 | BDRV_CHILD_IMAGE, false, errp); | |
4e4bf5c4 KW |
240 | if (!bs->file) { |
241 | return -EINVAL; | |
242 | } | |
243 | ||
d67a6b09 DB |
244 | bs->supported_write_flags = BDRV_REQ_FUA & |
245 | bs->file->bs->supported_write_flags; | |
246 | ||
78368575 DB |
247 | opts = qemu_opts_create(opts_spec, NULL, 0, &error_abort); |
248 | qemu_opts_absorb_qdict(opts, options, &local_err); | |
249 | if (local_err) { | |
250 | error_propagate(errp, local_err); | |
251 | goto cleanup; | |
252 | } | |
253 | ||
306a06e5 | 254 | cryptoopts = qemu_opts_to_qdict(opts, NULL); |
796d3239 | 255 | qdict_put_str(cryptoopts, "format", QCryptoBlockFormat_str(format)); |
306a06e5 | 256 | |
796d3239 | 257 | open_opts = block_crypto_open_opts_init(cryptoopts, errp); |
78368575 DB |
258 | if (!open_opts) { |
259 | goto cleanup; | |
260 | } | |
261 | ||
262 | if (flags & BDRV_O_NO_IO) { | |
263 | cflags |= QCRYPTO_BLOCK_OPEN_NO_IO; | |
264 | } | |
1cd9a787 | 265 | crypto->block = qcrypto_block_open(open_opts, NULL, |
78368575 DB |
266 | block_crypto_read_func, |
267 | bs, | |
268 | cflags, | |
c972fa12 | 269 | 1, |
78368575 DB |
270 | errp); |
271 | ||
272 | if (!crypto->block) { | |
273 | ret = -EIO; | |
274 | goto cleanup; | |
275 | } | |
276 | ||
54115412 | 277 | bs->encrypted = true; |
78368575 DB |
278 | |
279 | ret = 0; | |
280 | cleanup: | |
cb3e7f08 | 281 | qobject_unref(cryptoopts); |
78368575 DB |
282 | qapi_free_QCryptoBlockOpenOptions(open_opts); |
283 | return ret; | |
284 | } | |
285 | ||
286 | ||
1ec4f416 KW |
287 | static int block_crypto_co_create_generic(BlockDriverState *bs, |
288 | int64_t size, | |
289 | QCryptoBlockCreateOptions *opts, | |
672de729 | 290 | PreallocMode prealloc, |
1ec4f416 | 291 | Error **errp) |
78368575 | 292 | { |
1ec4f416 KW |
293 | int ret; |
294 | BlockBackend *blk; | |
78368575 | 295 | QCryptoBlock *crypto = NULL; |
1ec4f416 | 296 | struct BlockCryptoCreateData data; |
306a06e5 | 297 | |
a3aeeab5 EB |
298 | blk = blk_new_with_bs(bs, BLK_PERM_WRITE | BLK_PERM_RESIZE, BLK_PERM_ALL, |
299 | errp); | |
300 | if (!blk) { | |
301 | ret = -EPERM; | |
1ec4f416 | 302 | goto cleanup; |
3b5a1f6a KW |
303 | } |
304 | ||
672de729 ML |
305 | if (prealloc == PREALLOC_MODE_METADATA) { |
306 | prealloc = PREALLOC_MODE_OFF; | |
307 | } | |
308 | ||
1ec4f416 KW |
309 | data = (struct BlockCryptoCreateData) { |
310 | .blk = blk, | |
311 | .size = size, | |
672de729 | 312 | .prealloc = prealloc, |
1ec4f416 | 313 | }; |
3b5a1f6a | 314 | |
1ec4f416 | 315 | crypto = qcrypto_block_create(opts, NULL, |
78368575 DB |
316 | block_crypto_init_func, |
317 | block_crypto_write_func, | |
318 | &data, | |
319 | errp); | |
320 | ||
321 | if (!crypto) { | |
322 | ret = -EIO; | |
323 | goto cleanup; | |
324 | } | |
325 | ||
326 | ret = 0; | |
327 | cleanup: | |
328 | qcrypto_block_free(crypto); | |
1ec4f416 | 329 | blk_unref(blk); |
78368575 DB |
330 | return ret; |
331 | } | |
332 | ||
061ca8a3 | 333 | static int coroutine_fn |
c80d8b06 | 334 | block_crypto_co_truncate(BlockDriverState *bs, int64_t offset, bool exact, |
92b92799 KW |
335 | PreallocMode prealloc, BdrvRequestFlags flags, |
336 | Error **errp) | |
78368575 DB |
337 | { |
338 | BlockCrypto *crypto = bs->opaque; | |
31376555 | 339 | uint64_t payload_offset = |
78368575 | 340 | qcrypto_block_get_payload_offset(crypto->block); |
120bc742 KW |
341 | |
342 | if (payload_offset > INT64_MAX - offset) { | |
343 | error_setg(errp, "The requested file size is too large"); | |
344 | return -EFBIG; | |
345 | } | |
78368575 DB |
346 | |
347 | offset += payload_offset; | |
348 | ||
7b8e4857 | 349 | return bdrv_co_truncate(bs->file, offset, exact, prealloc, 0, errp); |
78368575 DB |
350 | } |
351 | ||
352 | static void block_crypto_close(BlockDriverState *bs) | |
353 | { | |
354 | BlockCrypto *crypto = bs->opaque; | |
355 | qcrypto_block_free(crypto->block); | |
356 | } | |
357 | ||
f87e08f9 DB |
358 | static int block_crypto_reopen_prepare(BDRVReopenState *state, |
359 | BlockReopenQueue *queue, Error **errp) | |
360 | { | |
361 | /* nothing needs checking */ | |
362 | return 0; | |
363 | } | |
78368575 | 364 | |
161253e2 DB |
365 | /* |
366 | * 1 MB bounce buffer gives good performance / memory tradeoff | |
367 | * when using cache=none|directsync. | |
368 | */ | |
369 | #define BLOCK_CRYPTO_MAX_IO_SIZE (1024 * 1024) | |
78368575 DB |
370 | |
371 | static coroutine_fn int | |
a73466fb DB |
372 | block_crypto_co_preadv(BlockDriverState *bs, uint64_t offset, uint64_t bytes, |
373 | QEMUIOVector *qiov, int flags) | |
78368575 DB |
374 | { |
375 | BlockCrypto *crypto = bs->opaque; | |
a73466fb | 376 | uint64_t cur_bytes; /* number of bytes in current iteration */ |
78368575 DB |
377 | uint64_t bytes_done = 0; |
378 | uint8_t *cipher_data = NULL; | |
379 | QEMUIOVector hd_qiov; | |
380 | int ret = 0; | |
a73466fb DB |
381 | uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block); |
382 | uint64_t payload_offset = qcrypto_block_get_payload_offset(crypto->block); | |
a73466fb DB |
383 | |
384 | assert(!flags); | |
385 | assert(payload_offset < INT64_MAX); | |
386 | assert(QEMU_IS_ALIGNED(offset, sector_size)); | |
387 | assert(QEMU_IS_ALIGNED(bytes, sector_size)); | |
78368575 DB |
388 | |
389 | qemu_iovec_init(&hd_qiov, qiov->niov); | |
390 | ||
161253e2 DB |
391 | /* Bounce buffer because we don't wish to expose cipher text |
392 | * in qiov which points to guest memory. | |
78368575 DB |
393 | */ |
394 | cipher_data = | |
161253e2 | 395 | qemu_try_blockalign(bs->file->bs, MIN(BLOCK_CRYPTO_MAX_IO_SIZE, |
78368575 DB |
396 | qiov->size)); |
397 | if (cipher_data == NULL) { | |
398 | ret = -ENOMEM; | |
399 | goto cleanup; | |
400 | } | |
401 | ||
a73466fb DB |
402 | while (bytes) { |
403 | cur_bytes = MIN(bytes, BLOCK_CRYPTO_MAX_IO_SIZE); | |
78368575 DB |
404 | |
405 | qemu_iovec_reset(&hd_qiov); | |
a73466fb | 406 | qemu_iovec_add(&hd_qiov, cipher_data, cur_bytes); |
78368575 | 407 | |
a73466fb DB |
408 | ret = bdrv_co_preadv(bs->file, payload_offset + offset + bytes_done, |
409 | cur_bytes, &hd_qiov, 0); | |
78368575 DB |
410 | if (ret < 0) { |
411 | goto cleanup; | |
412 | } | |
413 | ||
4609742a DB |
414 | if (qcrypto_block_decrypt(crypto->block, offset + bytes_done, |
415 | cipher_data, cur_bytes, NULL) < 0) { | |
78368575 DB |
416 | ret = -EIO; |
417 | goto cleanup; | |
418 | } | |
419 | ||
a73466fb | 420 | qemu_iovec_from_buf(qiov, bytes_done, cipher_data, cur_bytes); |
78368575 | 421 | |
a73466fb DB |
422 | bytes -= cur_bytes; |
423 | bytes_done += cur_bytes; | |
78368575 DB |
424 | } |
425 | ||
426 | cleanup: | |
427 | qemu_iovec_destroy(&hd_qiov); | |
428 | qemu_vfree(cipher_data); | |
429 | ||
430 | return ret; | |
431 | } | |
432 | ||
433 | ||
434 | static coroutine_fn int | |
a73466fb DB |
435 | block_crypto_co_pwritev(BlockDriverState *bs, uint64_t offset, uint64_t bytes, |
436 | QEMUIOVector *qiov, int flags) | |
78368575 DB |
437 | { |
438 | BlockCrypto *crypto = bs->opaque; | |
a73466fb | 439 | uint64_t cur_bytes; /* number of bytes in current iteration */ |
78368575 DB |
440 | uint64_t bytes_done = 0; |
441 | uint8_t *cipher_data = NULL; | |
442 | QEMUIOVector hd_qiov; | |
443 | int ret = 0; | |
a73466fb DB |
444 | uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block); |
445 | uint64_t payload_offset = qcrypto_block_get_payload_offset(crypto->block); | |
a73466fb | 446 | |
d67a6b09 | 447 | assert(!(flags & ~BDRV_REQ_FUA)); |
a73466fb DB |
448 | assert(payload_offset < INT64_MAX); |
449 | assert(QEMU_IS_ALIGNED(offset, sector_size)); | |
450 | assert(QEMU_IS_ALIGNED(bytes, sector_size)); | |
78368575 DB |
451 | |
452 | qemu_iovec_init(&hd_qiov, qiov->niov); | |
453 | ||
161253e2 DB |
454 | /* Bounce buffer because we're not permitted to touch |
455 | * contents of qiov - it points to guest memory. | |
78368575 DB |
456 | */ |
457 | cipher_data = | |
161253e2 | 458 | qemu_try_blockalign(bs->file->bs, MIN(BLOCK_CRYPTO_MAX_IO_SIZE, |
78368575 DB |
459 | qiov->size)); |
460 | if (cipher_data == NULL) { | |
461 | ret = -ENOMEM; | |
462 | goto cleanup; | |
463 | } | |
464 | ||
a73466fb DB |
465 | while (bytes) { |
466 | cur_bytes = MIN(bytes, BLOCK_CRYPTO_MAX_IO_SIZE); | |
78368575 | 467 | |
a73466fb | 468 | qemu_iovec_to_buf(qiov, bytes_done, cipher_data, cur_bytes); |
78368575 | 469 | |
4609742a DB |
470 | if (qcrypto_block_encrypt(crypto->block, offset + bytes_done, |
471 | cipher_data, cur_bytes, NULL) < 0) { | |
78368575 DB |
472 | ret = -EIO; |
473 | goto cleanup; | |
474 | } | |
475 | ||
476 | qemu_iovec_reset(&hd_qiov); | |
a73466fb | 477 | qemu_iovec_add(&hd_qiov, cipher_data, cur_bytes); |
78368575 | 478 | |
a73466fb | 479 | ret = bdrv_co_pwritev(bs->file, payload_offset + offset + bytes_done, |
d67a6b09 | 480 | cur_bytes, &hd_qiov, flags); |
78368575 DB |
481 | if (ret < 0) { |
482 | goto cleanup; | |
483 | } | |
484 | ||
a73466fb DB |
485 | bytes -= cur_bytes; |
486 | bytes_done += cur_bytes; | |
78368575 DB |
487 | } |
488 | ||
489 | cleanup: | |
490 | qemu_iovec_destroy(&hd_qiov); | |
491 | qemu_vfree(cipher_data); | |
492 | ||
493 | return ret; | |
494 | } | |
495 | ||
a73466fb DB |
496 | static void block_crypto_refresh_limits(BlockDriverState *bs, Error **errp) |
497 | { | |
498 | BlockCrypto *crypto = bs->opaque; | |
499 | uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block); | |
500 | bs->bl.request_alignment = sector_size; /* No sub-sector I/O */ | |
501 | } | |
502 | ||
78368575 DB |
503 | |
504 | static int64_t block_crypto_getlength(BlockDriverState *bs) | |
505 | { | |
506 | BlockCrypto *crypto = bs->opaque; | |
507 | int64_t len = bdrv_getlength(bs->file->bs); | |
508 | ||
31376555 DB |
509 | uint64_t offset = qcrypto_block_get_payload_offset(crypto->block); |
510 | assert(offset < INT64_MAX); | |
e39e959e KW |
511 | |
512 | if (offset > len) { | |
513 | return -EIO; | |
514 | } | |
78368575 DB |
515 | |
516 | len -= offset; | |
517 | ||
518 | return len; | |
519 | } | |
520 | ||
521 | ||
a9da6e49 SH |
522 | static BlockMeasureInfo *block_crypto_measure(QemuOpts *opts, |
523 | BlockDriverState *in_bs, | |
524 | Error **errp) | |
525 | { | |
526 | g_autoptr(QCryptoBlockCreateOptions) create_opts = NULL; | |
527 | Error *local_err = NULL; | |
528 | BlockMeasureInfo *info; | |
529 | uint64_t size; | |
530 | size_t luks_payload_size; | |
531 | QDict *cryptoopts; | |
532 | ||
533 | /* | |
534 | * Preallocation mode doesn't affect size requirements but we must consume | |
535 | * the option. | |
536 | */ | |
537 | g_free(qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC)); | |
538 | ||
539 | size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0); | |
540 | ||
541 | if (in_bs) { | |
542 | int64_t ssize = bdrv_getlength(in_bs); | |
543 | ||
544 | if (ssize < 0) { | |
545 | error_setg_errno(&local_err, -ssize, | |
546 | "Unable to get image virtual_size"); | |
547 | goto err; | |
548 | } | |
549 | ||
550 | size = ssize; | |
551 | } | |
552 | ||
553 | cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL, | |
554 | &block_crypto_create_opts_luks, true); | |
555 | qdict_put_str(cryptoopts, "format", "luks"); | |
556 | create_opts = block_crypto_create_opts_init(cryptoopts, &local_err); | |
557 | qobject_unref(cryptoopts); | |
558 | if (!create_opts) { | |
559 | goto err; | |
560 | } | |
561 | ||
562 | if (!qcrypto_block_calculate_payload_offset(create_opts, NULL, | |
563 | &luks_payload_size, | |
564 | &local_err)) { | |
565 | goto err; | |
566 | } | |
567 | ||
568 | /* | |
569 | * Unallocated blocks are still encrypted so allocation status makes no | |
570 | * difference to the file size. | |
571 | */ | |
5d72c68b | 572 | info = g_new0(BlockMeasureInfo, 1); |
a9da6e49 SH |
573 | info->fully_allocated = luks_payload_size + size; |
574 | info->required = luks_payload_size + size; | |
575 | return info; | |
576 | ||
577 | err: | |
578 | error_propagate(errp, local_err); | |
579 | return NULL; | |
580 | } | |
581 | ||
582 | ||
78368575 DB |
583 | static int block_crypto_probe_luks(const uint8_t *buf, |
584 | int buf_size, | |
585 | const char *filename) { | |
586 | return block_crypto_probe_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS, | |
587 | buf, buf_size, filename); | |
588 | } | |
589 | ||
590 | static int block_crypto_open_luks(BlockDriverState *bs, | |
591 | QDict *options, | |
592 | int flags, | |
593 | Error **errp) | |
594 | { | |
595 | return block_crypto_open_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS, | |
596 | &block_crypto_runtime_opts_luks, | |
597 | bs, options, flags, errp); | |
598 | } | |
599 | ||
1bedcaf1 KW |
600 | static int coroutine_fn |
601 | block_crypto_co_create_luks(BlockdevCreateOptions *create_options, Error **errp) | |
602 | { | |
603 | BlockdevCreateOptionsLUKS *luks_opts; | |
604 | BlockDriverState *bs = NULL; | |
605 | QCryptoBlockCreateOptions create_opts; | |
672de729 | 606 | PreallocMode preallocation = PREALLOC_MODE_OFF; |
1bedcaf1 KW |
607 | int ret; |
608 | ||
609 | assert(create_options->driver == BLOCKDEV_DRIVER_LUKS); | |
610 | luks_opts = &create_options->u.luks; | |
611 | ||
612 | bs = bdrv_open_blockdev_ref(luks_opts->file, errp); | |
613 | if (bs == NULL) { | |
614 | return -EIO; | |
615 | } | |
616 | ||
617 | create_opts = (QCryptoBlockCreateOptions) { | |
618 | .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, | |
619 | .u.luks = *qapi_BlockdevCreateOptionsLUKS_base(luks_opts), | |
620 | }; | |
621 | ||
672de729 ML |
622 | if (luks_opts->has_preallocation) { |
623 | preallocation = luks_opts->preallocation; | |
624 | } | |
625 | ||
1bedcaf1 | 626 | ret = block_crypto_co_create_generic(bs, luks_opts->size, &create_opts, |
672de729 | 627 | preallocation, errp); |
1bedcaf1 KW |
628 | if (ret < 0) { |
629 | goto fail; | |
630 | } | |
631 | ||
632 | ret = 0; | |
633 | fail: | |
634 | bdrv_unref(bs); | |
635 | return ret; | |
636 | } | |
637 | ||
b92902df ML |
638 | static int coroutine_fn block_crypto_co_create_opts_luks(BlockDriver *drv, |
639 | const char *filename, | |
efc75e2a SH |
640 | QemuOpts *opts, |
641 | Error **errp) | |
78368575 | 642 | { |
1ec4f416 KW |
643 | QCryptoBlockCreateOptions *create_opts = NULL; |
644 | BlockDriverState *bs = NULL; | |
645 | QDict *cryptoopts; | |
672de729 ML |
646 | PreallocMode prealloc; |
647 | char *buf = NULL; | |
1ec4f416 KW |
648 | int64_t size; |
649 | int ret; | |
672de729 | 650 | Error *local_err = NULL; |
1ec4f416 KW |
651 | |
652 | /* Parse options */ | |
653 | size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0); | |
654 | ||
672de729 ML |
655 | buf = qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC); |
656 | prealloc = qapi_enum_parse(&PreallocMode_lookup, buf, | |
657 | PREALLOC_MODE_OFF, &local_err); | |
658 | g_free(buf); | |
659 | if (local_err) { | |
660 | error_propagate(errp, local_err); | |
661 | return -EINVAL; | |
662 | } | |
663 | ||
1ec4f416 KW |
664 | cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL, |
665 | &block_crypto_create_opts_luks, | |
666 | true); | |
667 | ||
796d3239 MA |
668 | qdict_put_str(cryptoopts, "format", "luks"); |
669 | create_opts = block_crypto_create_opts_init(cryptoopts, errp); | |
1ec4f416 KW |
670 | if (!create_opts) { |
671 | ret = -EINVAL; | |
672 | goto fail; | |
673 | } | |
674 | ||
675 | /* Create protocol layer */ | |
676 | ret = bdrv_create_file(filename, opts, errp); | |
677 | if (ret < 0) { | |
0b68589d | 678 | goto fail; |
1ec4f416 KW |
679 | } |
680 | ||
681 | bs = bdrv_open(filename, NULL, NULL, | |
682 | BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, errp); | |
683 | if (!bs) { | |
684 | ret = -EINVAL; | |
685 | goto fail; | |
686 | } | |
687 | ||
688 | /* Create format layer */ | |
672de729 | 689 | ret = block_crypto_co_create_generic(bs, size, create_opts, prealloc, errp); |
1ec4f416 KW |
690 | if (ret < 0) { |
691 | goto fail; | |
692 | } | |
693 | ||
694 | ret = 0; | |
695 | fail: | |
1bba30da DHB |
696 | /* |
697 | * If an error occurred, delete 'filename'. Even if the file existed | |
698 | * beforehand, it has been truncated and corrupted in the process. | |
699 | */ | |
700 | if (ret && bs) { | |
701 | Error *local_delete_err = NULL; | |
702 | int r_del = bdrv_co_delete_file(bs, &local_delete_err); | |
703 | /* | |
704 | * ENOTSUP will happen if the block driver doesn't support | |
705 | * the 'bdrv_co_delete_file' interface. This is a predictable | |
706 | * scenario and shouldn't be reported back to the user. | |
707 | */ | |
708 | if ((r_del < 0) && (r_del != -ENOTSUP)) { | |
709 | error_report_err(local_delete_err); | |
710 | } | |
711 | } | |
712 | ||
1ec4f416 KW |
713 | bdrv_unref(bs); |
714 | qapi_free_QCryptoBlockCreateOptions(create_opts); | |
cb3e7f08 | 715 | qobject_unref(cryptoopts); |
1ec4f416 | 716 | return ret; |
78368575 DB |
717 | } |
718 | ||
c7c4cf49 DB |
719 | static int block_crypto_get_info_luks(BlockDriverState *bs, |
720 | BlockDriverInfo *bdi) | |
721 | { | |
722 | BlockDriverInfo subbdi; | |
723 | int ret; | |
724 | ||
725 | ret = bdrv_get_info(bs->file->bs, &subbdi); | |
726 | if (ret != 0) { | |
727 | return ret; | |
728 | } | |
729 | ||
730 | bdi->unallocated_blocks_are_zero = false; | |
c7c4cf49 DB |
731 | bdi->cluster_size = subbdi.cluster_size; |
732 | ||
733 | return 0; | |
734 | } | |
735 | ||
736 | static ImageInfoSpecific * | |
1bf6e9ca | 737 | block_crypto_get_specific_info_luks(BlockDriverState *bs, Error **errp) |
c7c4cf49 DB |
738 | { |
739 | BlockCrypto *crypto = bs->opaque; | |
740 | ImageInfoSpecific *spec_info; | |
741 | QCryptoBlockInfo *info; | |
742 | ||
1bf6e9ca | 743 | info = qcrypto_block_get_info(crypto->block, errp); |
c7c4cf49 DB |
744 | if (!info) { |
745 | return NULL; | |
746 | } | |
1bf6e9ca | 747 | assert(info->format == Q_CRYPTO_BLOCK_FORMAT_LUKS); |
c7c4cf49 DB |
748 | |
749 | spec_info = g_new(ImageInfoSpecific, 1); | |
750 | spec_info->type = IMAGE_INFO_SPECIFIC_KIND_LUKS; | |
751 | spec_info->u.luks.data = g_new(QCryptoBlockInfoLUKS, 1); | |
752 | *spec_info->u.luks.data = info->u.luks; | |
753 | ||
754 | /* Blank out pointers we've just stolen to avoid double free */ | |
755 | memset(&info->u.luks, 0, sizeof(info->u.luks)); | |
756 | ||
757 | qapi_free_QCryptoBlockInfo(info); | |
758 | ||
759 | return spec_info; | |
760 | } | |
761 | ||
2654267c HR |
762 | static const char *const block_crypto_strong_runtime_opts[] = { |
763 | BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET, | |
764 | ||
765 | NULL | |
766 | }; | |
767 | ||
782b9d06 | 768 | static BlockDriver bdrv_crypto_luks = { |
78368575 DB |
769 | .format_name = "luks", |
770 | .instance_size = sizeof(BlockCrypto), | |
771 | .bdrv_probe = block_crypto_probe_luks, | |
772 | .bdrv_open = block_crypto_open_luks, | |
773 | .bdrv_close = block_crypto_close, | |
497da823 FZ |
774 | /* This driver doesn't modify LUKS metadata except when creating image. |
775 | * Allow share-rw=on as a special case. */ | |
69dca43d | 776 | .bdrv_child_perm = bdrv_default_perms, |
1bedcaf1 | 777 | .bdrv_co_create = block_crypto_co_create_luks, |
efc75e2a | 778 | .bdrv_co_create_opts = block_crypto_co_create_opts_luks, |
061ca8a3 | 779 | .bdrv_co_truncate = block_crypto_co_truncate, |
78368575 DB |
780 | .create_opts = &block_crypto_create_opts_luks, |
781 | ||
f87e08f9 | 782 | .bdrv_reopen_prepare = block_crypto_reopen_prepare, |
a73466fb DB |
783 | .bdrv_refresh_limits = block_crypto_refresh_limits, |
784 | .bdrv_co_preadv = block_crypto_co_preadv, | |
785 | .bdrv_co_pwritev = block_crypto_co_pwritev, | |
78368575 | 786 | .bdrv_getlength = block_crypto_getlength, |
a9da6e49 | 787 | .bdrv_measure = block_crypto_measure, |
c7c4cf49 DB |
788 | .bdrv_get_info = block_crypto_get_info_luks, |
789 | .bdrv_get_specific_info = block_crypto_get_specific_info_luks, | |
2654267c | 790 | |
d67066d8 HR |
791 | .is_format = true, |
792 | ||
2654267c | 793 | .strong_runtime_opts = block_crypto_strong_runtime_opts, |
78368575 DB |
794 | }; |
795 | ||
796 | static void block_crypto_init(void) | |
797 | { | |
798 | bdrv_register(&bdrv_crypto_luks); | |
799 | } | |
800 | ||
801 | block_init(block_crypto_init); |