Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp327978imm;
        Thu, 31 May 2018 00:49:17 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKKvlt+GsKe1vm92/tAU5C4Um8KzxGZ7e2zm0xXA/ssjksFczabJc9IOiJWLq3DlPWZ1fcBg
X-Received: by 2002:a17:902:8b82:: with SMTP id ay2-v6mr5876205plb.295.1527752957449;
        Thu, 31 May 2018 00:49:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1527752957; cv=none;
        d=google.com; s=arc-20160816;
        b=sK6wPEDnFdmVv2ZiCLQe1B3jOx4G4v1Bp0W5wqKY8gKCYJ/uDRgvaoYjKPiM23Skj/
         fhIjayA7ON3PXdEu4MrUZKvqocwlIt9yQlrZFbe+7hmlPiUAFQPXfM4F7/k5OzgiW9IH
         4D8AjTnn2zVS5U4qUGOe26v6pCegPCpfMMhYxw6uVLHIAe0KDsXLQQwwQj7GVioshZcc
         cdwzH4pF3mtR/aTawk6SRX8qasfMdkt+2bt2bj1iH3PxrGIr5W0MQQtqlLHyJl1j4Kiq
         2lMnOP/k5cKJEyynbgnMnDrW6ZA7q178Ax0/6+TFuHdHhQmGQ/zBD8Btz2BCai2SC4OA
         D6PQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:content-transfer-encoding
         :content-language:accept-language:references:message-id:date
         :thread-index:thread-topic:subject:cc:to:from:dkim-signature
         :arc-authentication-results;
        bh=nlh4dyprSn7RVaSgrksGOp4l5nI9e6iTBHhFDbUKX3g=;
        b=SrwFVtGc8YJk0ir74GRpM0tdVl4jYbSVx8lWW+WW6cKLau/Clis2xAji2HnCC0YVxI
         hllGXA3UlNDR51/DnX4jentdMHYIY2tG5vgwmpSjVlYSymzrjZqdeSjibYJCyxELI8HG
         OH/tcsjN7iAO+LluEkM6z4mFUFw7Cnrt6Du8Sp0s1ZrtwajKwDKzmLbnINWtFbkQVnAV
         Jdira1s7h7bEacDTZz0siMpmPNQH2A+BN8E0/Y06ZH2hB5asvZSd/lbUzX/rtkybwYmb
         ZOuYFqZgf0e9vjwyaONX9f2sF7f7CE7j/ns+cDxXQ/5E8zxQ1XH7QwCNpDp5zq/6rvI9
         tsvA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@synopsys.com header.s=mail header.b=fdvKoD3p;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=synopsys.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id r5-v6si28510380pgv.244.2018.05.31.00.49.03;
        Thu, 31 May 2018 00:49:17 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@synopsys.com header.s=mail header.b=fdvKoD3p;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=synopsys.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754052AbeEaHro (ORCPT <rfc822;7819ynot@gmail.com> + 99 others);
        Thu, 31 May 2018 03:47:44 -0400
Received: from smtprelay6.synopsys.com ([198.182.37.59]:36250 "EHLO
        smtprelay.synopsys.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753957AbeEaHrl (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 31 May 2018 03:47:41 -0400
Received: from mailhost.synopsys.com (mailhost2.synopsys.com [10.13.184.66])
        by smtprelay.synopsys.com (Postfix) with ESMTP id BA6251E055D;
        Thu, 31 May 2018 09:47:39 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=synopsys.com; s=mail;
        t=1527752860; bh=et3ihbzYBNWXmOlvm4cqXNdutKnOx+2puHOnLEKJjzQ=;
        h=From:To:CC:Subject:Date:References:From;
        b=fdvKoD3pQ/bGUrdku4zux856PnIaU5cb0/LFS9Ndw1aRD5blmhA0mSZeO7vVCzsB6
         BiaSE5KA4YbsrbgOWrCEAGuWrHdQQ/s4AYSiY8JUviBKnP9JH2QetnlVtfTEp69g/Q
         sUzoBtcH50rHgyommkJeu9uVJ+whhVafiamYS+/hqPm0PINO8tq8XEQwf4A/EdNDW/
         24qWe+LqJohy4VHaBUhbQSWVObqSeZNpNT42R+aED3RRxan8Eninp3l77nETS45y8M
         isQqeuiflQ+aSgiHvTjOBp+cjKm56MXSerE0b5RBaM0U9/DfFQo17dUPjOO/LYI6NV
         uZnMYV6vkUFOA==
Received: from us01wehtc1.internal.synopsys.com (us01wehtc1.internal.synopsys.com [10.12.239.235])
        by mailhost.synopsys.com (Postfix) with ESMTP id 5CF943CC2;
        Thu, 31 May 2018 00:47:38 -0700 (PDT)
Received: from IN01WEHTCA.internal.synopsys.com (10.144.199.104) by
 us01wehtc1.internal.synopsys.com (10.12.239.231) with Microsoft SMTP Server
 (TLS) id 14.3.361.1; Thu, 31 May 2018 00:47:38 -0700
Received: from IN01WEMBXA.internal.synopsys.com ([fe80::ed6f:22d3:d35:4833])
 by IN01WEHTCA.internal.synopsys.com ([::1]) with mapi id 14.03.0361.001; Thu,
 31 May 2018 13:17:35 +0530
From:   Ladvine D Almeida <Ladvine.DAlmeida@synopsys.com>
To:     Jens Axboe <axboe@kernel.dk>,
        Ladvine D Almeida <Ladvine.DAlmeida@synopsys.com>,
        "ming.lei@redhat.com" <ming.lei@redhat.com>
CC:     "linux-block@vger.kernel.org" <linux-block@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "Manjunath M Bettegowda" <Manjunath.MB@synopsys.com>,
        Prabu Thangamuthu <Prabu.T@synopsys.com>,
        Tejas Joglekar <Tejas.Joglekar@synopsys.com>,
        Joao Pinto <Joao.Pinto@synopsys.com>
Subject: Re: [PATCH] block: Add block level changes for inline encryption
Thread-Topic: [PATCH] block: Add block level changes for inline encryption
Thread-Index: AQHT9pwpRN+yoa9w10qCAP3oXXj0ew==
Date:   Thu, 31 May 2018 07:47:35 +0000
Message-ID: <BD7FB879CC136E419544C8E2AE7B9C3020BD90@IN01WEMBXA.internal.synopsys.com>
References: <d3624fab-e6fc-f14d-c780-db703c809068@synopsys.com>
 <77544032-b6ff-bc5e-9fec-666e66b2cc70@kernel.dk>
Accept-Language: en-US, en-IN
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.12.239.235]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Monday 28 May 2018 04:54 PM, Jens Axboe wrote:=0A=
> On 5/28/18 7:43 AM, Ladvine D Almeida wrote:=0A=
>> This patch introduces new variable under bio structure to=0A=
>> facilitate inline encryption. This variable is used to=0A=
>> associate I/O requests to crypto information.=0A=
> Hard no on this, for two reasons:=0A=
>=0A=
> 1) Any additions to struct bio are scrutinized heavily and=0A=
>    need strong justification.=0A=
=0A=
Thanks for sharing your feedback on the patch.=0A=
I am providing reference to an earlier article related to inline encryption=
 support below:=0A=
https://lwn.net/Articles/717754/=0A=
=0A=
In the Existing approach, the crypto transformation happens on the I/O requ=
ests before=0A=
they are actually submitted to the block level drivers for the payload tran=
sfer. This is=0A=
accomplished using the software algorithms or crypto accelerators invoked b=
y the=0A=
device mapper or the file systems.=0A=
=0A=
The inline encryption engine sits inside the controller(unlike the crypto a=
ccelerators). The=0A=
challenging part now is that we cannot perform encryption outside controlle=
r and there=0A=
is a need to communicate this crypto information to the block device driver=
s so they can=0A=
use the same for forming the transfer requests to the controller. This is p=
ossible=0A=
only by associating the bio to the crypto information, because the crypto c=
ontext is=0A=
different for individual I/O requests.=0A=
=0A=
This modification is generic that it can be used by any host controllers wi=
th the inline encryption=0A=
engine like UFS Host Controller, Mobile Storage Host Controller etc.=0A=
=0A=
>=0A=
> 2) Without an actual use case, any change is always denied.=0A=
>    This is just a stand-alone patch.=0A=
=0A=
The Use case is supporting the Inline Encryption Engine inside the UFS Host=
 Controller.=0A=
UFS Host Controller has multiple key slots available for use. Each key slot=
 can be used when=0A=
we setup disks for encryption using different keys with the device mapper.=
=0A=
When the I/O requests happens on each disks configured, there is a need to =
associate the bio to=0A=
crypto context before submitting the bio to the block layer. UFS Host Contr=
oller driver will use this=0A=
information from the bio to form the UTRD requests with associated Key ID(d=
ifferent ID for different=0A=
key slots). The actual encryption happens inside the controller for the I/O=
 requests making use of the=0A=
key programmed in the key slot associated to same.=0A=
=0A=
The List of patches related to the Inline Encryption support are shared bel=
ow:=0A=
https://lkml.org/lkml/2018/5/28/1027=0A=
https://lkml.org/lkml/2018/5/28/1153=0A=
https://lkml.org/lkml/2018/5/28/1196=0A=
https://lkml.org/lkml/2018/5/28/1158=0A=
https://lkml.org/lkml/2018/5/28/1173=0A=
https://lkml.org/lkml/2018/5/28/1178=0A=
=0A=
The implementation has been tested for Full Disk Encryption using the UFS H=
ost Controller=0A=
with inline encryption engine on Synopsys HAPS-70 FPGA-based Prototyping Sy=
stem. We seen=0A=
a considerable performance improvement over the traditional approach of usi=
ng crypto=0A=
accelerators that much overhead involved in the device mapper layer can now=
 be avoided.=0A=
=0A=
>=0A=
> On top of that, you have it inside BLK_CGROUP, which is=0A=
> probably not what you want.=0A=
=0A=
Yes. It has to be corrected.=0A=
=0A=
>=0A=
Best Regards,=0A=
=0A=
Ladvine=0A=
=0A=