Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp608035imm; Wed, 6 Jun 2018 03:06:01 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJ+p1/xfd7xpEc2MG29jAnBKRVLFu/z5qkk6XsRMqJhIbtB2O2a0yKMz8dYI44l/Yaih+oJ X-Received: by 2002:a17:902:758e:: with SMTP id j14-v6mr2585001pll.160.1528279561131; Wed, 06 Jun 2018 03:06:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528279561; cv=none; d=google.com; s=arc-20160816; b=Y6jO8P82m3JwJtXn9kQwKCvnQdPB50lnOEzLwmmTJkwKQvHAQI7/Ce305KR8QmdV9/ ruoN+9d1gNXtJgPtb4RL5nNMO1qTEicehuiePhxGzX7z3GOfEIl2URr1Rr2ZJ4JOR7jw kNmXSvCObSASuvFpkJxvYhuBMAKnM5KjrqLtV3jEa14nuMF6097j6psOclup85DOBSAe eqxt214dZjKMWUa5aPsfekr6NjXITuIeoT8VxGqxjv93uPPncI2yLaDejefzKCbNWj9N 407wLY+k+k/MWS4/XZjslCdrr6og8Kr8wpSIiFr4Jl6axcAhIvym5kqeWBeJ9wcnvbRK 1NDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :content-language:accept-language:references:message-id:date :thread-index:thread-topic:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=64Ydrqflv/clK98WG6t/oyXBim6qeYgDY3EY7rTAP+o=; b=OBOycdd7eX1lLcEKa6zFXLq3JTT9A+Ys7QQTpVusSgCUllTWUrvWq3eyAQFZPiCwlz M156QMGyZzVddOxM0i5MBY5tVUMvUICZZ1/3PDEmvoexDIq5PmWC+lHj943cfh2gE3xz 6WT6onYUc2TEcNu0+wSE3b5zftcOEULmrRfb/QqHIvpsEsMvu964+Xll2BxfSN7Dx/9/ bFVkV2GD13EuuimFGNXbykVMO8tEN2GYFEscE69zWGE0kI06YP4pJuIdGRyVGT054h2/ kcZ6nnPxCpyinADgM6VqBu1iToCWUWNvcf5QA8ndPJmojCE668mpITeX3wEj+FzeSQJh qbTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@synopsys.com header.s=mail header.b=JQQy8fl9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=synopsys.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w5-v6si9067664pgq.110.2018.06.06.03.05.46; Wed, 06 Jun 2018 03:06:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@synopsys.com header.s=mail header.b=JQQy8fl9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=synopsys.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932543AbeFFKE1 (ORCPT + 99 others); Wed, 6 Jun 2018 06:04:27 -0400 Received: from smtprelay6.synopsys.com ([198.182.37.59]:38219 "EHLO smtprelay.synopsys.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752215AbeFFKEZ (ORCPT ); Wed, 6 Jun 2018 06:04:25 -0400 Received: from mailhost.synopsys.com (mailhost2.synopsys.com [10.13.184.66]) by smtprelay.synopsys.com (Postfix) with ESMTP id 722E01E04A3; Wed, 6 Jun 2018 12:04:23 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=synopsys.com; s=mail; t=1528279463; bh=64Ydrqflv/clK98WG6t/oyXBim6qeYgDY3EY7rTAP+o=; h=From:To:CC:Subject:Date:References:From; b=JQQy8fl9X0uKFkndYK9RiNa8Y0etm+15A34dt/O5WMN5dk9NeoFmKZf9+mRKv4taJ WO7wtuAWoRXUwg6S15/r+zMV5TZOQCs188+I+0+2TESACC/JXtMjhRYA5S0CFfWdGe n1KHziGR/WqaWnKOtIDS5l1KhTkZnBX1ZHBm8Oboa3l8a48Kbuc2MZgXgEfLkzR0JV ZBJKb/HsDk5hpz3z1GqVb5AyNzIr2zSRyI4XrzJgNMBxeKTMUK4tW+wlMy2NQ6PToo fsLCleOG3lgqfm0jTA3AtHEXhZkFy3rIkMvoNIHeWF5jLhcP4QuGLT9YrzgpzzdI2/ E5NBJc8ofT47w== Received: from US01WXQAHTC1.internal.synopsys.com (us01wxqahtc1.internal.synopsys.com [10.12.238.230]) by mailhost.synopsys.com (Postfix) with ESMTP id 89E613AFA; Wed, 6 Jun 2018 03:04:22 -0700 (PDT) Received: from IN01WEHTCA.internal.synopsys.com (10.144.199.104) by US01WXQAHTC1.internal.synopsys.com (10.12.238.230) with Microsoft SMTP Server (TLS) id 14.3.361.1; Wed, 6 Jun 2018 03:04:22 -0700 Received: from IN01WEMBXA.internal.synopsys.com ([fe80::ed6f:22d3:d35:4833]) by IN01WEHTCA.internal.synopsys.com ([::1]) with mapi id 14.03.0361.001; Wed, 6 Jun 2018 15:34:15 +0530 From: Ladvine D Almeida To: Christoph Hellwig , Ladvine D Almeida CC: Milan Broz , Alasdair Kergon , "Mike Snitzer" , "linux-kernel@vger.kernel.org" , Manjunath M Bettegowda , Prabu Thangamuthu , Tejas Joglekar , device-mapper development , Joao Pinto , "tytso@mit.edu" , "jaegeuk@kernel.org" , "linux-crypto@vger.kernel.org" , "linux-block@vger.kernel.org" Subject: Re: [PATCH] md: dm-crypt: Add Inline Encryption support for dmcrypt Thread-Topic: [PATCH] md: dm-crypt: Add Inline Encryption support for dmcrypt Thread-Index: AQHT9qGCqs8Dj7X7aUOxjJFw2Ba+qw== Date: Wed, 6 Jun 2018 10:04:14 +0000 Message-ID: References: <7a510610-9133-39aa-6841-3925c532f3c0@gmail.com> <20180601081642.GA25973@infradead.org> Accept-Language: en-US, en-IN Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.12.239.235] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Friday 01 June 2018 09:16 AM, Christoph Hellwig wrote:=0A= > On Wed, May 30, 2018 at 02:52:07PM +0000, Ladvine D Almeida wrote:=0A= >> when the optional argument "perform_inline_encrypt" is set, we are not u= nconditionally sending the bio=0A= >> to the block devices. The steps are explained below:=0A= >> 1. user invokes the dm-setup command with the registered cipher "xts" an= d with the optional argument=0A= >> "perform_inline_encrypt".=0A= >> 2. dm-setup invokes the setkey function of the newly introduced algorith= m, which finds the available key slots=0A= >> to be programmed(UFS Host controller Inline Encryption engine has multip= le keyslots), program the key slot,=0A= >> and return the key slot index as return value of the set key function.= =0A= >> 3. When read/write operation happens, crypt_map() function in dm-crypt v= alidates whether there is associated=0A= >> key configuration index for the request. The Bio will be submitted direc= tly in this case only with the associated=0A= >> crypto context.=0A= >> 4. Block device driver, eg. UFS host controller driver will create the T= ransfer requests as per this crypto context and=0A= >> encryption happens inside the controller.=0A= > Why isn't this all controlled by the ufs drivers, using helpers as=0A= > required?=0A= =0A= The idea is to make use of the existing utilities like dmsetup to configure= the keys, mapping etc.=0A= =0A= >=0A= > Also why do we even need this API over just implementing TCG=0A= > Opal/Opalite on the device?=0A= >=0A= TCG Opal/Opalite is FDE solution. right?=0A= =0A= File Based Encryption is accomplished in the ext4/f2fs layer by invoking th= e registered algorithms from LKCF.=0A= =0A= There is a scope for FBE, if the implementation is crypto API.=0A= =0A= =0A= Regards,=0A= =0A= Ladvine=0A= =0A=