Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1490623ybz; Wed, 29 Apr 2020 23:47:02 -0700 (PDT) X-Google-Smtp-Source: APiQypLe/B/jH7C5WUPkgq2K1pP6Pfg9rRx2nc885mY5HZ7r1FweAsge/TLoyO5LP8sW2GoCyob9 X-Received: by 2002:a05:6402:1496:: with SMTP id e22mr1316460edv.301.1588229222284; Wed, 29 Apr 2020 23:47:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588229222; cv=none; d=google.com; s=arc-20160816; b=FzBd2x0Y/NqSbLsLjnDyqczWJGbrv+af0beK6SPqJcQiapkQX2vSjYveqcyQhCWqb7 /0G67LjoVD/4uKD8snfcv67MbZQiK2iF2cqUrCreFncY8MyycRVH3uk/tO9QYP2pUTrg qDsmIP1AkUYdT6GrFiZkpyvaa+MgcHEs2zJ0PHqS988DwQFIb1rdPPx3b9iVG9fmov6+ jIWHWvFX99jhiQmRFKjLaOzno9FROhJPzWXHj2ziSGdVwjczbDmzEKh65UTprELZTcsp 1CPLLcg0XbXgxea5vDmEvJQcm9jhtFSf5d5m+wrg2H7+KLJVewf9zcM/AMVVHiP2gnUB 80SQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=Y00lEMnHo5m3YYgjRZgc6ekEdIQO21MUeychMvvKxAc=; b=qV+MVlor5GIXOelBs7jl1ssS1nnVy6j2g7ksXuJX4m0JYfr0WDhdXGYs0QUbrNIYY8 gvwwHDSD9ScSjQeqOckXniq6DxiKw527BfnfmBLd8l4FCpAOspVxlZOi6CZNkI2Xam1f 4NOIJ6bjkJYEQSkDY6wcNpRt/qQV2mO3QpiodYKnq4yXXczGmZyf1NQPU44xC+cmqgI+ +L7STuduZmJpg6E5uoAy3LOzLkmbiHzhUvOAhlGgNITCNeMPTx1z132sxQNfOn59WVRL /ehbkU32oZvs45lRbN2sODoUeB3YS/WKmiVFg7BdFxQQggZn+leT0yWCwowmuxtSyGKj 6o0A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=AnHSkbJz; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c61si4965523edf.53.2020.04.29.23.46.30; Wed, 29 Apr 2020 23:47:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=AnHSkbJz; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726463AbgD3GqY (ORCPT + 99 others); Thu, 30 Apr 2020 02:46:24 -0400 Received: from mail.kernel.org ([198.145.29.99]:49308 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726180AbgD3GqY (ORCPT ); Thu, 30 Apr 2020 02:46:24 -0400 Received: from sol.localdomain (c-107-3-166-239.hsd1.ca.comcast.net [107.3.166.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B66C8214D8; Thu, 30 Apr 2020 06:46:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588229183; bh=S8VnrcC8lJzFcPUaXFPCvyn46mx7gp2QMp+KtHDb6+E=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=AnHSkbJzWg0a+1u5u9ySsA8JJGJo6Pq7XgC03hxGia+a3xwYv0092zLFCF3QnpAmA R4z1iy7z2j2vd4IB8SXqek9ackjWIhsx9Xkdt4njmPINY3adLhUHAJbz5HoRzHDybp vR9e01b8EZprxcbpv7WK50etU4yWaGtZxHT7uueg= Date: Wed, 29 Apr 2020 23:46:21 -0700 From: Eric Biggers To: Satya Tangirala Cc: linux-block@vger.kernel.org, linux-scsi@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org, Barani Muthukumaran , Kuohong Wang , Kim Boojin Subject: Re: [PATCH v11 02/12] block: Keyslot Manager for Inline Encryption Message-ID: <20200430064621.GA16238@sol.localdomain> References: <20200429072121.50094-1-satyat@google.com> <20200429072121.50094-3-satyat@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200429072121.50094-3-satyat@google.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org A few very minor comments: On Wed, Apr 29, 2020 at 07:21:11AM +0000, Satya Tangirala wrote: > diff --git a/block/keyslot-manager.c b/block/keyslot-manager.c > new file mode 100644 > index 0000000000000..b584723b392ad > --- /dev/null > +++ b/block/keyslot-manager.c > @@ -0,0 +1,380 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright 2019 Google LLC > + */ > + > +/** > + * DOC: The Keyslot Manager > + * > + * Many devices with inline encryption support have a limited number of "slots" > + * into which encryption contexts may be programmed, and requests can be tagged > + * with a slot number to specify the key to use for en/decryption. > + * > + * As the number of slots are limited, and programming keys is expensive on > + * many inline encryption hardware, we don't want to program the same key into > + * multiple slots - if multiple requests are using the same key, we want to > + * program just one slot with that key and use that slot for all requests. > + * > + * The keyslot manager manages these keyslots appropriately, and also acts as > + * an abstraction between the inline encryption hardware and the upper layers. > + * > + * Lower layer devices will set up a keyslot manager in their request queue > + * and tell it how to perform device specific operations like programming/ > + * evicting keys from keyslots. > + * > + * Upper layers will call blk_ksm_get_slot_for_key() to program a > + * key into some slot in the inline encryption hardware. > + */ > +#include Now that this file doesn't use crypto_memneq(), the include of can be removed. > +/** > + * blk_ksm_get_slot_for_key() - Program a key into a keyslot. > + * @ksm: The keyslot manager to program the key into. > + * @key: Pointer to the key object to program, including the raw key, crypto > + * mode, and data unit size. > + * @keyslot: A pointer to return the pointer of the allocated keyslot. > + * > + * Get a keyslot that's been programmed with the specified key. If one already > + * exists, return it with incremented refcount. Otherwise, wait for a keyslot > + * to become idle and program it. > + * > + * Context: Process context. Takes and releases ksm->lock. > + * Return: BLK_STS_OK on success (and keyslot is set to the pointer of the > + * allocated keyslot), or some other blk_status_t otherwise (and > + * keyslot is set to NULL). > + */ > +blk_status_t blk_ksm_get_slot_for_key(struct blk_keyslot_manager *ksm, > + const struct blk_crypto_key *key, > + struct blk_ksm_keyslot **slot_ptr) The comment should say @slot_ptr, not @keyslot. You can find kerneldoc warnings using 'scripts/kernel-doc -v -none $file'. > +/** > + * blk_ksm_crypto_cfg_supported() - Find out if the crypto_mode, dusize, dun > + * bytes of a crypto_config are supported by a > + * ksm. IMO, shorten this a bit to something like "Find out if a crypto configuration is supported by a ksm", so that less of the comment becomes outdated when someone adds a new field. > + * @ksm: The keyslot manager to check > + * @cfg: The crypto configuration to check for. > + * > + * Checks for crypto_mode/data unit size/dun bytes support. > + * > + * Return: Whether or not this ksm supports the specified crypto key. "config", not "key". - Eric