blk-crypto: rename blk_keyslot_manager to blk_crypto_profile

	struct crypto_skcipher *tfms[BLK_ENCRYPTION_MODE_MAX];

} *blk_crypto_keyslots;

static struct blk_keyslot_manager blk_crypto_ksm;

static struct blk_crypto_profile blk_crypto_fallback_profile;

static struct workqueue_struct *blk_crypto_wq;

static mempool_t *blk_crypto_bounce_page_pool;

static struct bio_set crypto_bio_split;

	slotp->crypto_mode = BLK_ENCRYPTION_MODE_INVALID;

}

static int blk_crypto_fallback_keyslot_program(struct blk_keyslot_manager *ksm,

static int

blk_crypto_fallback_keyslot_program(struct blk_crypto_profile *profile,

				    const struct blk_crypto_key *key,

				    unsigned int slot)

{

	return 0;

}

static int blk_crypto_fallback_keyslot_evict(struct blk_keyslot_manager *ksm,

static int blk_crypto_fallback_keyslot_evict(struct blk_crypto_profile *profile,

					     const struct blk_crypto_key *key,

					     unsigned int slot)

{

	return 0;

}

/*

 * The crypto API fallback KSM ops - only used for a bio when it specifies a

 * blk_crypto_key that was not supported by the device's inline encryption

 * hardware.

 */

static const struct blk_ksm_ll_ops blk_crypto_ksm_ll_ops = {

static const struct blk_crypto_ll_ops blk_crypto_fallback_ll_ops = {

	.keyslot_program        = blk_crypto_fallback_keyslot_program,

	.keyslot_evict          = blk_crypto_fallback_keyslot_evict,

};

}

static bool

blk_crypto_fallback_alloc_cipher_req(struct blk_ksm_keyslot *slot,

blk_crypto_fallback_alloc_cipher_req(struct blk_crypto_keyslot *slot,

				     struct skcipher_request **ciph_req_ret,

				     struct crypto_wait *wait)

{

	struct skcipher_request *ciph_req;

	const struct blk_crypto_fallback_keyslot *slotp;

	int keyslot_idx = blk_ksm_get_slot_idx(slot);

	int keyslot_idx = blk_crypto_keyslot_index(slot);

	slotp = &blk_crypto_keyslots[keyslot_idx];

	ciph_req = skcipher_request_alloc(slotp->tfms[slotp->crypto_mode],

{

	struct bio *src_bio, *enc_bio;

	struct bio_crypt_ctx *bc;

	struct blk_ksm_keyslot *slot;

	struct blk_crypto_keyslot *slot;

	int data_unit_size;

	struct skcipher_request *ciph_req = NULL;

	DECLARE_CRYPTO_WAIT(wait);

	}

	/*

	 * Use the crypto API fallback keyslot manager to get a crypto_skcipher

	 * for the algorithm and key specified for this bio.

	 * Get a blk-crypto-fallback keyslot that contains a crypto_skcipher for

	 * this bio's algorithm and key.

	 */

	blk_st = blk_ksm_get_slot_for_key(&blk_crypto_ksm, bc->bc_key, &slot);

	blk_st = blk_crypto_get_keyslot(&blk_crypto_fallback_profile,

					bc->bc_key, &slot);

	if (blk_st != BLK_STS_OK) {

		src_bio->bi_status = blk_st;

		goto out_put_enc_bio;

out_free_ciph_req:

	skcipher_request_free(ciph_req);

out_release_keyslot:

	blk_ksm_put_slot(slot);

	blk_crypto_put_keyslot(slot);

out_put_enc_bio:

	if (enc_bio)

		bio_put(enc_bio);

		container_of(work, struct bio_fallback_crypt_ctx, work);

	struct bio *bio = f_ctx->bio;

	struct bio_crypt_ctx *bc = &f_ctx->crypt_ctx;

	struct blk_ksm_keyslot *slot;

	struct blk_crypto_keyslot *slot;

	struct skcipher_request *ciph_req = NULL;

	DECLARE_CRYPTO_WAIT(wait);

	u64 curr_dun[BLK_CRYPTO_DUN_ARRAY_SIZE];

	blk_status_t blk_st;

	/*

	 * Use the crypto API fallback keyslot manager to get a crypto_skcipher

	 * for the algorithm and key specified for this bio.

	 * Get a blk-crypto-fallback keyslot that contains a crypto_skcipher for

	 * this bio's algorithm and key.

	 */

	blk_st = blk_ksm_get_slot_for_key(&blk_crypto_ksm, bc->bc_key, &slot);

	blk_st = blk_crypto_get_keyslot(&blk_crypto_fallback_profile,

					bc->bc_key, &slot);

	if (blk_st != BLK_STS_OK) {

		bio->bi_status = blk_st;

		goto out_no_keyslot;

out:

	skcipher_request_free(ciph_req);

	blk_ksm_put_slot(slot);

	blk_crypto_put_keyslot(slot);

out_no_keyslot:

	mempool_free(f_ctx, bio_fallback_crypt_ctx_pool);

	bio_endio(bio);

		return false;

	}

	if (!blk_ksm_crypto_cfg_supported(&blk_crypto_ksm,

	if (!__blk_crypto_cfg_supported(&blk_crypto_fallback_profile,

					&bc->bc_key->crypto_cfg)) {

		bio->bi_status = BLK_STS_NOTSUPP;

		return false;

int blk_crypto_fallback_evict_key(const struct blk_crypto_key *key)

{

	return blk_ksm_evict_key(&blk_crypto_ksm, key);

	return __blk_crypto_evict_key(&blk_crypto_fallback_profile, key);

}

static bool blk_crypto_fallback_inited;

{

	int i;

	int err;

	struct blk_crypto_profile *profile = &blk_crypto_fallback_profile;

	if (blk_crypto_fallback_inited)

		return 0;

	if (err)

		goto out;

	err = blk_ksm_init(&blk_crypto_ksm, blk_crypto_num_keyslots);

	err = blk_crypto_profile_init(profile, blk_crypto_num_keyslots);

	if (err)

		goto fail_free_bioset;

	err = -ENOMEM;

	blk_crypto_ksm.ksm_ll_ops = blk_crypto_ksm_ll_ops;

	blk_crypto_ksm.max_dun_bytes_supported = BLK_CRYPTO_MAX_IV_SIZE;

	profile->ll_ops = blk_crypto_fallback_ll_ops;

	profile->max_dun_bytes_supported = BLK_CRYPTO_MAX_IV_SIZE;

	/* All blk-crypto modes have a crypto API fallback. */

	for (i = 0; i < BLK_ENCRYPTION_MODE_MAX; i++)

		blk_crypto_ksm.crypto_modes_supported[i] = 0xFFFFFFFF;

	blk_crypto_ksm.crypto_modes_supported[BLK_ENCRYPTION_MODE_INVALID] = 0;

		profile->modes_supported[i] = 0xFFFFFFFF;

	profile->modes_supported[BLK_ENCRYPTION_MODE_INVALID] = 0;

	blk_crypto_wq = alloc_workqueue("blk_crypto_wq",

					WQ_UNBOUND | WQ_HIGHPRI |

					WQ_MEM_RECLAIM, num_online_cpus());

	if (!blk_crypto_wq)

		goto fail_free_ksm;

		goto fail_destroy_profile;

	blk_crypto_keyslots = kcalloc(blk_crypto_num_keyslots,

				      sizeof(blk_crypto_keyslots[0]),

	kfree(blk_crypto_keyslots);

fail_free_wq:

	destroy_workqueue(blk_crypto_wq);

fail_free_ksm:

	blk_ksm_destroy(&blk_crypto_ksm);

fail_destroy_profile:

	blk_crypto_profile_destroy(profile);

fail_free_bioset:

	bioset_exit(&crypto_bio_split);

out:

blk_status_t __blk_crypto_init_request(struct request *rq)

{

	return blk_ksm_get_slot_for_key(rq->q->ksm, rq->crypt_ctx->bc_key,

	return blk_crypto_get_keyslot(rq->q->crypto_profile,

				      rq->crypt_ctx->bc_key,

				      &rq->crypt_keyslot);

}

 */

void __blk_crypto_free_request(struct request *rq)

{

	blk_ksm_put_slot(rq->crypt_keyslot);

	blk_crypto_put_keyslot(rq->crypt_keyslot);

	mempool_free(rq->crypt_ctx, bio_crypt_ctx_pool);

	blk_crypto_rq_set_defaults(rq);

}

{

	struct bio *bio = *bio_ptr;

	const struct blk_crypto_key *bc_key = bio->bi_crypt_context->bc_key;

	struct blk_crypto_profile *profile;

	/* Error if bio has no data. */

	if (WARN_ON_ONCE(!bio_has_data(bio))) {

	 * Success if device supports the encryption context, or if we succeeded

	 * in falling back to the crypto API.

	 */

	if (blk_ksm_crypto_cfg_supported(bdev_get_queue(bio->bi_bdev)->ksm,

					 &bc_key->crypto_cfg))

	profile = bdev_get_queue(bio->bi_bdev)->crypto_profile;

	if (__blk_crypto_cfg_supported(profile, &bc_key->crypto_cfg))

		return true;

	if (blk_crypto_fallback_bio_prep(bio_ptr))

				 const struct blk_crypto_config *cfg)

{

	return IS_ENABLED(CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK) ||

	       blk_ksm_crypto_cfg_supported(q->ksm, cfg);

	       __blk_crypto_cfg_supported(q->crypto_profile, cfg);

}

/**

int blk_crypto_start_using_key(const struct blk_crypto_key *key,

			       struct request_queue *q)

{

	if (blk_ksm_crypto_cfg_supported(q->ksm, &key->crypto_cfg))

	if (__blk_crypto_cfg_supported(q->crypto_profile, &key->crypto_cfg))

		return 0;

	return blk_crypto_fallback_start_using_mode(key->crypto_cfg.crypto_mode);

}

 * evicted from any hardware that it might have been programmed into.  The key

 * must not be in use by any in-flight IO when this function is called.

 *

 * Return: 0 on success or if key is not present in the q's ksm, -err on error.

 * Return: 0 on success or if the key wasn't in any keyslot; -errno on error.

 */

int blk_crypto_evict_key(struct request_queue *q,

			 const struct blk_crypto_key *key)

{

	if (blk_ksm_crypto_cfg_supported(q->ksm, &key->crypto_cfg))

		return blk_ksm_evict_key(q->ksm, key);

	if (__blk_crypto_cfg_supported(q->crypto_profile, &key->crypto_cfg))

		return __blk_crypto_evict_key(q->crypto_profile, key);

	/*

	 * If the request queue's associated inline encryption hardware didn't

	 * have support for the key, then the key might have been programmed

	 * into the fallback keyslot manager, so try to evict from there.

	 * If the request_queue didn't support the key, then blk-crypto-fallback

	 * may have been used, so try to evict the key from blk-crypto-fallback.

	 */

	return blk_crypto_fallback_evict_key(key);

}

	blk_queue_flag_set(QUEUE_FLAG_STABLE_WRITES, disk->queue);

#ifdef CONFIG_BLK_INLINE_ENCRYPTION

	if (disk->queue->ksm) {

	if (disk->queue->crypto_profile) {

		pr_warn("blk-integrity: Integrity and hardware inline encryption are not supported together. Disabling hardware inline encryption.\n");

		blk_ksm_unregister(disk->queue);

		blk_crypto_unregister(disk->queue);

	}

#endif

}

	struct dm_md_mempools *mempools;

#ifdef CONFIG_BLK_INLINE_ENCRYPTION

	struct blk_keyslot_manager *ksm;

	struct blk_crypto_profile *crypto_profile;

#endif

};