2 * QEMU block full disk encryption
4 * Copyright (c) 2015-2016 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "qemu/osdep.h"
23 #include "block/block_int.h"
24 #include "sysemu/block-backend.h"
25 #include "crypto/block.h"
26 #include "qapi/opts-visitor.h"
27 #include "qapi/qapi-visit-crypto.h"
28 #include "qapi/qmp/qdict.h"
29 #include "qapi/qobject-input-visitor.h"
30 #include "qapi/error.h"
31 #include "qemu/option.h"
32 #include "block/crypto.h"
34 typedef struct BlockCrypto BlockCrypto
;
41 static int block_crypto_probe_generic(QCryptoBlockFormat format
,
46 if (qcrypto_block_has_format(format
, buf
, buf_size
)) {
54 static ssize_t
block_crypto_read_func(QCryptoBlock
*block
,
61 BlockDriverState
*bs
= opaque
;
64 ret
= bdrv_pread(bs
->file
, offset
, buf
, buflen
);
66 error_setg_errno(errp
, -ret
, "Could not read encryption header");
73 struct BlockCryptoCreateData
{
79 static ssize_t
block_crypto_write_func(QCryptoBlock
*block
,
86 struct BlockCryptoCreateData
*data
= opaque
;
89 ret
= blk_pwrite(data
->blk
, offset
, buf
, buflen
, 0);
91 error_setg_errno(errp
, -ret
, "Could not write encryption header");
98 static ssize_t
block_crypto_init_func(QCryptoBlock
*block
,
103 struct BlockCryptoCreateData
*data
= opaque
;
105 /* User provided size should reflect amount of space made
106 * available to the guest, so we must take account of that
107 * which will be used by the crypto header
109 return blk_truncate(data
->blk
, data
->size
+ headerlen
, PREALLOC_MODE_OFF
,
114 static QemuOptsList block_crypto_runtime_opts_luks
= {
116 .head
= QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks
.head
),
118 BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
119 { /* end of list */ }
124 static QemuOptsList block_crypto_create_opts_luks
= {
126 .head
= QTAILQ_HEAD_INITIALIZER(block_crypto_create_opts_luks
.head
),
129 .name
= BLOCK_OPT_SIZE
,
130 .type
= QEMU_OPT_SIZE
,
131 .help
= "Virtual disk size"
133 BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
134 BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(""),
135 BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(""),
136 BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(""),
137 BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(""),
138 BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(""),
139 BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""),
140 { /* end of list */ }
145 QCryptoBlockOpenOptions
*
146 block_crypto_open_opts_init(QCryptoBlockFormat format
,
151 QCryptoBlockOpenOptions
*ret
= NULL
;
152 Error
*local_err
= NULL
;
154 ret
= g_new0(QCryptoBlockOpenOptions
, 1);
155 ret
->format
= format
;
157 v
= qobject_input_visitor_new_keyval(QOBJECT(opts
));
159 visit_start_struct(v
, NULL
, NULL
, 0, &local_err
);
165 case Q_CRYPTO_BLOCK_FORMAT_LUKS
:
166 visit_type_QCryptoBlockOptionsLUKS_members(
167 v
, &ret
->u
.luks
, &local_err
);
170 case Q_CRYPTO_BLOCK_FORMAT_QCOW
:
171 visit_type_QCryptoBlockOptionsQCow_members(
172 v
, &ret
->u
.qcow
, &local_err
);
176 error_setg(&local_err
, "Unsupported block format %d", format
);
180 visit_check_struct(v
, &local_err
);
183 visit_end_struct(v
, NULL
);
187 error_propagate(errp
, local_err
);
188 qapi_free_QCryptoBlockOpenOptions(ret
);
196 QCryptoBlockCreateOptions
*
197 block_crypto_create_opts_init(QCryptoBlockFormat format
,
202 QCryptoBlockCreateOptions
*ret
= NULL
;
203 Error
*local_err
= NULL
;
205 ret
= g_new0(QCryptoBlockCreateOptions
, 1);
206 ret
->format
= format
;
208 v
= qobject_input_visitor_new_keyval(QOBJECT(opts
));
210 visit_start_struct(v
, NULL
, NULL
, 0, &local_err
);
216 case Q_CRYPTO_BLOCK_FORMAT_LUKS
:
217 visit_type_QCryptoBlockCreateOptionsLUKS_members(
218 v
, &ret
->u
.luks
, &local_err
);
221 case Q_CRYPTO_BLOCK_FORMAT_QCOW
:
222 visit_type_QCryptoBlockOptionsQCow_members(
223 v
, &ret
->u
.qcow
, &local_err
);
227 error_setg(&local_err
, "Unsupported block format %d", format
);
231 visit_check_struct(v
, &local_err
);
234 visit_end_struct(v
, NULL
);
238 error_propagate(errp
, local_err
);
239 qapi_free_QCryptoBlockCreateOptions(ret
);
247 static int block_crypto_open_generic(QCryptoBlockFormat format
,
248 QemuOptsList
*opts_spec
,
249 BlockDriverState
*bs
,
254 BlockCrypto
*crypto
= bs
->opaque
;
255 QemuOpts
*opts
= NULL
;
256 Error
*local_err
= NULL
;
258 QCryptoBlockOpenOptions
*open_opts
= NULL
;
259 unsigned int cflags
= 0;
260 QDict
*cryptoopts
= NULL
;
262 bs
->file
= bdrv_open_child(NULL
, options
, "file", bs
, &child_file
,
268 bs
->supported_write_flags
= BDRV_REQ_FUA
&
269 bs
->file
->bs
->supported_write_flags
;
271 opts
= qemu_opts_create(opts_spec
, NULL
, 0, &error_abort
);
272 qemu_opts_absorb_qdict(opts
, options
, &local_err
);
274 error_propagate(errp
, local_err
);
278 cryptoopts
= qemu_opts_to_qdict(opts
, NULL
);
280 open_opts
= block_crypto_open_opts_init(format
, cryptoopts
, errp
);
285 if (flags
& BDRV_O_NO_IO
) {
286 cflags
|= QCRYPTO_BLOCK_OPEN_NO_IO
;
288 crypto
->block
= qcrypto_block_open(open_opts
, NULL
,
289 block_crypto_read_func
,
294 if (!crypto
->block
) {
299 bs
->encrypted
= true;
304 qapi_free_QCryptoBlockOpenOptions(open_opts
);
309 static int block_crypto_co_create_generic(BlockDriverState
*bs
,
311 QCryptoBlockCreateOptions
*opts
,
316 QCryptoBlock
*crypto
= NULL
;
317 struct BlockCryptoCreateData data
;
319 blk
= blk_new(BLK_PERM_WRITE
| BLK_PERM_RESIZE
, BLK_PERM_ALL
);
321 ret
= blk_insert_bs(blk
, bs
, errp
);
326 data
= (struct BlockCryptoCreateData
) {
331 crypto
= qcrypto_block_create(opts
, NULL
,
332 block_crypto_init_func
,
333 block_crypto_write_func
,
344 qcrypto_block_free(crypto
);
349 static int block_crypto_truncate(BlockDriverState
*bs
, int64_t offset
,
350 PreallocMode prealloc
, Error
**errp
)
352 BlockCrypto
*crypto
= bs
->opaque
;
353 uint64_t payload_offset
=
354 qcrypto_block_get_payload_offset(crypto
->block
);
355 assert(payload_offset
< (INT64_MAX
- offset
));
357 offset
+= payload_offset
;
359 return bdrv_truncate(bs
->file
, offset
, prealloc
, errp
);
362 static void block_crypto_close(BlockDriverState
*bs
)
364 BlockCrypto
*crypto
= bs
->opaque
;
365 qcrypto_block_free(crypto
->block
);
368 static int block_crypto_reopen_prepare(BDRVReopenState
*state
,
369 BlockReopenQueue
*queue
, Error
**errp
)
371 /* nothing needs checking */
376 * 1 MB bounce buffer gives good performance / memory tradeoff
377 * when using cache=none|directsync.
379 #define BLOCK_CRYPTO_MAX_IO_SIZE (1024 * 1024)
381 static coroutine_fn
int
382 block_crypto_co_preadv(BlockDriverState
*bs
, uint64_t offset
, uint64_t bytes
,
383 QEMUIOVector
*qiov
, int flags
)
385 BlockCrypto
*crypto
= bs
->opaque
;
386 uint64_t cur_bytes
; /* number of bytes in current iteration */
387 uint64_t bytes_done
= 0;
388 uint8_t *cipher_data
= NULL
;
389 QEMUIOVector hd_qiov
;
391 uint64_t sector_size
= qcrypto_block_get_sector_size(crypto
->block
);
392 uint64_t payload_offset
= qcrypto_block_get_payload_offset(crypto
->block
);
395 assert(payload_offset
< INT64_MAX
);
396 assert(QEMU_IS_ALIGNED(offset
, sector_size
));
397 assert(QEMU_IS_ALIGNED(bytes
, sector_size
));
399 qemu_iovec_init(&hd_qiov
, qiov
->niov
);
401 /* Bounce buffer because we don't wish to expose cipher text
402 * in qiov which points to guest memory.
405 qemu_try_blockalign(bs
->file
->bs
, MIN(BLOCK_CRYPTO_MAX_IO_SIZE
,
407 if (cipher_data
== NULL
) {
413 cur_bytes
= MIN(bytes
, BLOCK_CRYPTO_MAX_IO_SIZE
);
415 qemu_iovec_reset(&hd_qiov
);
416 qemu_iovec_add(&hd_qiov
, cipher_data
, cur_bytes
);
418 ret
= bdrv_co_preadv(bs
->file
, payload_offset
+ offset
+ bytes_done
,
419 cur_bytes
, &hd_qiov
, 0);
424 if (qcrypto_block_decrypt(crypto
->block
, offset
+ bytes_done
,
425 cipher_data
, cur_bytes
, NULL
) < 0) {
430 qemu_iovec_from_buf(qiov
, bytes_done
, cipher_data
, cur_bytes
);
433 bytes_done
+= cur_bytes
;
437 qemu_iovec_destroy(&hd_qiov
);
438 qemu_vfree(cipher_data
);
444 static coroutine_fn
int
445 block_crypto_co_pwritev(BlockDriverState
*bs
, uint64_t offset
, uint64_t bytes
,
446 QEMUIOVector
*qiov
, int flags
)
448 BlockCrypto
*crypto
= bs
->opaque
;
449 uint64_t cur_bytes
; /* number of bytes in current iteration */
450 uint64_t bytes_done
= 0;
451 uint8_t *cipher_data
= NULL
;
452 QEMUIOVector hd_qiov
;
454 uint64_t sector_size
= qcrypto_block_get_sector_size(crypto
->block
);
455 uint64_t payload_offset
= qcrypto_block_get_payload_offset(crypto
->block
);
457 assert(!(flags
& ~BDRV_REQ_FUA
));
458 assert(payload_offset
< INT64_MAX
);
459 assert(QEMU_IS_ALIGNED(offset
, sector_size
));
460 assert(QEMU_IS_ALIGNED(bytes
, sector_size
));
462 qemu_iovec_init(&hd_qiov
, qiov
->niov
);
464 /* Bounce buffer because we're not permitted to touch
465 * contents of qiov - it points to guest memory.
468 qemu_try_blockalign(bs
->file
->bs
, MIN(BLOCK_CRYPTO_MAX_IO_SIZE
,
470 if (cipher_data
== NULL
) {
476 cur_bytes
= MIN(bytes
, BLOCK_CRYPTO_MAX_IO_SIZE
);
478 qemu_iovec_to_buf(qiov
, bytes_done
, cipher_data
, cur_bytes
);
480 if (qcrypto_block_encrypt(crypto
->block
, offset
+ bytes_done
,
481 cipher_data
, cur_bytes
, NULL
) < 0) {
486 qemu_iovec_reset(&hd_qiov
);
487 qemu_iovec_add(&hd_qiov
, cipher_data
, cur_bytes
);
489 ret
= bdrv_co_pwritev(bs
->file
, payload_offset
+ offset
+ bytes_done
,
490 cur_bytes
, &hd_qiov
, flags
);
496 bytes_done
+= cur_bytes
;
500 qemu_iovec_destroy(&hd_qiov
);
501 qemu_vfree(cipher_data
);
506 static void block_crypto_refresh_limits(BlockDriverState
*bs
, Error
**errp
)
508 BlockCrypto
*crypto
= bs
->opaque
;
509 uint64_t sector_size
= qcrypto_block_get_sector_size(crypto
->block
);
510 bs
->bl
.request_alignment
= sector_size
; /* No sub-sector I/O */
514 static int64_t block_crypto_getlength(BlockDriverState
*bs
)
516 BlockCrypto
*crypto
= bs
->opaque
;
517 int64_t len
= bdrv_getlength(bs
->file
->bs
);
519 uint64_t offset
= qcrypto_block_get_payload_offset(crypto
->block
);
520 assert(offset
< INT64_MAX
);
532 static int block_crypto_probe_luks(const uint8_t *buf
,
534 const char *filename
) {
535 return block_crypto_probe_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS
,
536 buf
, buf_size
, filename
);
539 static int block_crypto_open_luks(BlockDriverState
*bs
,
544 return block_crypto_open_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS
,
545 &block_crypto_runtime_opts_luks
,
546 bs
, options
, flags
, errp
);
549 static int coroutine_fn
550 block_crypto_co_create_luks(BlockdevCreateOptions
*create_options
, Error
**errp
)
552 BlockdevCreateOptionsLUKS
*luks_opts
;
553 BlockDriverState
*bs
= NULL
;
554 QCryptoBlockCreateOptions create_opts
;
557 assert(create_options
->driver
== BLOCKDEV_DRIVER_LUKS
);
558 luks_opts
= &create_options
->u
.luks
;
560 bs
= bdrv_open_blockdev_ref(luks_opts
->file
, errp
);
565 create_opts
= (QCryptoBlockCreateOptions
) {
566 .format
= Q_CRYPTO_BLOCK_FORMAT_LUKS
,
567 .u
.luks
= *qapi_BlockdevCreateOptionsLUKS_base(luks_opts
),
570 ret
= block_crypto_co_create_generic(bs
, luks_opts
->size
, &create_opts
,
582 static int coroutine_fn
block_crypto_co_create_opts_luks(const char *filename
,
586 QCryptoBlockCreateOptions
*create_opts
= NULL
;
587 BlockDriverState
*bs
= NULL
;
593 size
= qemu_opt_get_size_del(opts
, BLOCK_OPT_SIZE
, 0);
595 cryptoopts
= qemu_opts_to_qdict_filtered(opts
, NULL
,
596 &block_crypto_create_opts_luks
,
599 create_opts
= block_crypto_create_opts_init(Q_CRYPTO_BLOCK_FORMAT_LUKS
,
606 /* Create protocol layer */
607 ret
= bdrv_create_file(filename
, opts
, errp
);
612 bs
= bdrv_open(filename
, NULL
, NULL
,
613 BDRV_O_RDWR
| BDRV_O_RESIZE
| BDRV_O_PROTOCOL
, errp
);
619 /* Create format layer */
620 ret
= block_crypto_co_create_generic(bs
, size
, create_opts
, errp
);
628 qapi_free_QCryptoBlockCreateOptions(create_opts
);
633 static int block_crypto_get_info_luks(BlockDriverState
*bs
,
634 BlockDriverInfo
*bdi
)
636 BlockDriverInfo subbdi
;
639 ret
= bdrv_get_info(bs
->file
->bs
, &subbdi
);
644 bdi
->unallocated_blocks_are_zero
= false;
645 bdi
->cluster_size
= subbdi
.cluster_size
;
650 static ImageInfoSpecific
*
651 block_crypto_get_specific_info_luks(BlockDriverState
*bs
)
653 BlockCrypto
*crypto
= bs
->opaque
;
654 ImageInfoSpecific
*spec_info
;
655 QCryptoBlockInfo
*info
;
657 info
= qcrypto_block_get_info(crypto
->block
, NULL
);
661 if (info
->format
!= Q_CRYPTO_BLOCK_FORMAT_LUKS
) {
662 qapi_free_QCryptoBlockInfo(info
);
666 spec_info
= g_new(ImageInfoSpecific
, 1);
667 spec_info
->type
= IMAGE_INFO_SPECIFIC_KIND_LUKS
;
668 spec_info
->u
.luks
.data
= g_new(QCryptoBlockInfoLUKS
, 1);
669 *spec_info
->u
.luks
.data
= info
->u
.luks
;
671 /* Blank out pointers we've just stolen to avoid double free */
672 memset(&info
->u
.luks
, 0, sizeof(info
->u
.luks
));
674 qapi_free_QCryptoBlockInfo(info
);
679 BlockDriver bdrv_crypto_luks
= {
680 .format_name
= "luks",
681 .instance_size
= sizeof(BlockCrypto
),
682 .bdrv_probe
= block_crypto_probe_luks
,
683 .bdrv_open
= block_crypto_open_luks
,
684 .bdrv_close
= block_crypto_close
,
685 .bdrv_child_perm
= bdrv_format_default_perms
,
686 .bdrv_co_create
= block_crypto_co_create_luks
,
687 .bdrv_co_create_opts
= block_crypto_co_create_opts_luks
,
688 .bdrv_truncate
= block_crypto_truncate
,
689 .create_opts
= &block_crypto_create_opts_luks
,
691 .bdrv_reopen_prepare
= block_crypto_reopen_prepare
,
692 .bdrv_refresh_limits
= block_crypto_refresh_limits
,
693 .bdrv_co_preadv
= block_crypto_co_preadv
,
694 .bdrv_co_pwritev
= block_crypto_co_pwritev
,
695 .bdrv_getlength
= block_crypto_getlength
,
696 .bdrv_get_info
= block_crypto_get_info_luks
,
697 .bdrv_get_specific_info
= block_crypto_get_specific_info_luks
,
700 static void block_crypto_init(void)
702 bdrv_register(&bdrv_crypto_luks
);
705 block_init(block_crypto_init
);