Merge git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-2.6-dm

Device-Mapper's "crypt" target provides transparent encryption of block devices

using the kernel crypto API.

Parameters: <cipher> <key> <iv_offset> <device path> <offset>

Parameters: <cipher> <key> <iv_offset> <device path> \

	      <offset> [<#opt_params> <opt_params>]

<cipher>

    Encryption cipher and an optional IV generation mode.

<offset>

    Starting sector within the device where the encrypted data begins.

<#opt_params>

    Number of optional parameters. If there are no optional parameters,

    the optional paramaters section can be skipped or #opt_params can be zero.

    Otherwise #opt_params is the number of following arguments.

    Example of optional parameters section:

        1 allow_discards

allow_discards

    Block discard requests (a.k.a. TRIM) are passed through the crypt device.

    The default is to ignore discard requests.

    WARNING: Assess the specific security risks carefully before enabling this

    option.  For example, allowing discards on encrypted devices may lead to

    the leak of information about the ciphertext device (filesystem type,

    used space etc.) if the discarded blocks can be located easily on the

    device later.

Example scripts

===============

LUKS (Linux Unified Key Setup) is now the preferred way to set up disk

dm-flakey

=========

This target is the same as the linear target except that it returns I/O

errors periodically.  It's been found useful in simulating failing

devices for testing purposes.

This target is the same as the linear target except that it exhibits

unreliable behaviour periodically.  It's been found useful in simulating

failing devices for testing purposes.

Starting from the time the table is loaded, the device is available for

<up interval> seconds, then returns errors for <down interval> seconds,

and then this cycle repeats.

<up interval> seconds, then exhibits unreliable behaviour for <down

interval> seconds, and then this cycle repeats.

Parameters: <dev path> <offset> <up interval> <down interval>

Also, consider using this in combination with the dm-delay target too,

which can delay reads and writes and/or send them to different

underlying devices.

Table parameters

----------------

  <dev path> <offset> <up interval> <down interval> \

    [<num_features> [<feature arguments>]]

Mandatory parameters:

    <dev path>: Full pathname to the underlying block-device, or a

                "major:minor" device-number.

    <offset>: Starting sector within the device.

    <up interval>: Number of seconds device is available.

    <down interval>: Number of seconds device returns errors.

Optional feature parameters:

  If no feature parameters are present, during the periods of

  unreliability, all I/O returns errors.

  drop_writes:

	All write I/O is silently ignored.

	Read I/O is handled correctly.

  corrupt_bio_byte <Nth_byte> <direction> <value> <flags>:

	During <down interval>, replace <Nth_byte> of the data of

	each matching bio with <value>.

    <Nth_byte>: The offset of the byte to replace.

		Counting starts at 1, to replace the first byte.

    <direction>: Either 'r' to corrupt reads or 'w' to corrupt writes.

		 'w' is incompatible with drop_writes.

    <value>: The value (from 0-255) to write.

    <flags>: Perform the replacement only if bio->bi_rw has all the

	     selected flags set.

Examples:

  corrupt_bio_byte 32 r 1 0

	- replaces the 32nd byte of READ bios with the value 1

  corrupt_bio_byte 224 w 0 32

	- replaces the 224th byte of REQ_META (=32) bios with the value 0

Device-mapper RAID (dm-raid) is a bridge from DM to MD.  It

provides a way to use device-mapper interfaces to access the MD RAID

drivers.

dm-raid

-------

As with all device-mapper targets, the nominal public interfaces are the

constructor (CTR) tables and the status outputs (both STATUSTYPE_INFO

and STATUSTYPE_TABLE).  The CTR table looks like the following:

The device-mapper RAID (dm-raid) target provides a bridge from DM to MD.

It allows the MD RAID drivers to be accessed using a device-mapper

interface.

The target is named "raid" and it accepts the following parameters:

  <raid_type> <#raid_params> <raid_params> \

    <#raid_devs> <metadata_dev0> <dev0> [.. <metadata_devN> <devN>]

<raid_type>:

  raid1		RAID1 mirroring

  raid4		RAID4 dedicated parity disk

  raid5_la	RAID5 left asymmetric

		- rotating parity 0 with data continuation

  raid5_ra	RAID5 right asymmetric

		- rotating parity N with data continuation

  raid5_ls	RAID5 left symmetric

		- rotating parity 0 with data restart

  raid5_rs 	RAID5 right symmetric

		- rotating parity N with data restart

  raid6_zr	RAID6 zero restart

		- rotating parity zero (left-to-right) with data restart

  raid6_nr	RAID6 N restart

		- rotating parity N (right-to-left) with data restart

  raid6_nc	RAID6 N continue

		- rotating parity N (right-to-left) with data continuation

  Refererence: Chapter 4 of

  http://www.snia.org/sites/default/files/SNIA_DDF_Technical_Position_v2.0.pdf

<#raid_params>: The number of parameters that follow.

<raid_params> consists of

    Mandatory parameters:

        <chunk_size>: Chunk size in sectors.  This parameter is often known as

		      "stripe size".  It is the only mandatory parameter and

		      is placed first.

    followed by optional parameters (in any order):

	[sync|nosync]   Force or prevent RAID initialization.

	[rebuild <idx>]	Rebuild drive number idx (first drive is 0).

	[daemon_sleep <ms>]

		Interval between runs of the bitmap daemon that

		clear bits.  A longer interval means less bitmap I/O but

		resyncing after a failure is likely to take longer.

1: <s> <l> raid \

2:      <raid_type> <#raid_params> <raid_params> \

3:      <#raid_devs> <meta_dev1> <dev1> .. <meta_devN> <devN>

Line 1 contains the standard first three arguments to any device-mapper

target - the start, length, and target type fields.  The target type in

this case is "raid".

Line 2 contains the arguments that define the particular raid

type/personality/level, the required arguments for that raid type, and

any optional arguments.  Possible raid types include: raid4, raid5_la,

raid5_ls, raid5_rs, raid6_zr, raid6_nr, and raid6_nc.  (raid1 is

planned for the future.)  The list of required and optional parameters

is the same for all the current raid types.  The required parameters are

positional, while the optional parameters are given as key/value pairs.

The possible parameters are as follows:

 <chunk_size>           Chunk size in sectors.

 [[no]sync]             Force/Prevent RAID initialization

 [rebuild <idx>]        Rebuild the drive indicated by the index

 [daemon_sleep <ms>]    Time between bitmap daemon work to clear bits

	[min_recovery_rate <kB/sec/disk>]  Throttle RAID initialization

	[max_recovery_rate <kB/sec/disk>]  Throttle RAID initialization

	[write_mostly <idx>]		   Drive index is write-mostly

	[max_write_behind <sectors>]       See '-write-behind=' (man mdadm)

 [stripe_cache <sectors>]               Stripe cache size for higher RAIDs

	[stripe_cache <sectors>]           Stripe cache size (higher RAIDs only)

	[region_size <sectors>]

		The region_size multiplied by the number of regions is the

		logical size of the array.  The bitmap records the device

		synchronisation state for each region.

Line 3 contains the list of devices that compose the array in

metadata/data device pairs.  If the metadata is stored separately, a '-'

is given for the metadata device position.  If a drive has failed or is

missing at creation time, a '-' can be given for both the metadata and

data drives for a given position.

<#raid_devs>: The number of devices composing the array.

	Each device consists of two entries.  The first is the device

	containing the metadata (if any); the second is the one containing the

	data.

NB. Currently all metadata devices must be specified as '-'.

	If a drive has failed or is missing at creation time, a '-' can be

	given for both the metadata and data drives for a given position.

Examples:

# RAID4 - 4 data drives, 1 parity

Example tables

--------------

# RAID4 - 4 data drives, 1 parity (no metadata devices)

# No metadata devices specified to hold superblock/bitmap info

# Chunk size of 1MiB

# (Lines separated for easy reading)

0 1960893648 raid \

        raid4 1 2048 \

        5 - 8:17 - 8:33 - 8:49 - 8:65 - 8:81

# RAID4 - 4 data drives, 1 parity (no metadata devices)

# RAID4 - 4 data drives, 1 parity (with metadata devices)

# Chunk size of 1MiB, force RAID initialization,

#       min recovery rate at 20 kiB/sec/disk

0 1960893648 raid \

        raid4 4 2048 min_recovery_rate 20 sync\

        5 - 8:17 - 8:33 - 8:49 - 8:65 - 8:81

        raid4 4 2048 sync min_recovery_rate 20 \

        5 8:17 8:18 8:33 8:34 8:49 8:50 8:65 8:66 8:81 8:82

Performing a 'dmsetup table' should display the CTR table used to

construct the mapping (with possible reordering of optional

parameters).

'dmsetup table' displays the table used to construct the mapping.

The optional parameters are always printed in the order listed

above with "sync" or "nosync" always output ahead of the other

arguments, regardless of the order used when originally loading the table.

Arguments that can be repeated are ordered by value.

Performing a 'dmsetup status' will yield information on the state and

health of the array.  The output is as follows:

'dmsetup status' yields information on the state and health of the

array.

The output is as follows:

1: <s> <l> raid \

2:      <raid_type> <#devices> <1 health char for each dev> <resync_ratio>

Line 1 is standard DM output.  Line 2 is best shown by example:

Line 1 is the standard output produced by device-mapper.

Line 2 is produced by the raid target, and best explained by example:

        0 1960893648 raid raid4 5 AAAAA 2/490221568

Here we can see the RAID type is raid4, there are 5 devices - all of

which are 'A'live, and the array is 2/490221568 complete with recovery.

Faulty or missing devices are marked 'D'.  Devices that are out-of-sync

are marked 'a'.

         needed for live data migration tools such as 'pvmove'.

config DM_RAID

       tristate "RAID 4/5/6 target (EXPERIMENTAL)"

       tristate "RAID 1/4/5/6 target (EXPERIMENTAL)"

       depends on BLK_DEV_DM && EXPERIMENTAL

       select MD_RAID1

       select MD_RAID456

       select BLK_DEV_MD

       ---help---

	 A dm target that supports RAID4, RAID5 and RAID6 mappings

	 A dm target that supports RAID1, RAID4, RAID5 and RAID6 mappings

	 A RAID-5 set of N drives with a capacity of C MB per drive provides

	 the capacity of C * (N - 1) MB, and protects against a failure

#include <linux/device-mapper.h>

#define DM_MSG_PREFIX "crypt"

#define MESG_STR(x) x, sizeof(x)

/*

 * context holding the current state of a multi-part conversion

			      struct dm_crypt_request *dmreq)

{

	memset(iv, 0, cc->iv_size);

	*(u32 *)iv = cpu_to_le32(dmreq->iv_sector & 0xffffffff);

	*(__le32 *)iv = cpu_to_le32(dmreq->iv_sector & 0xffffffff);

	return 0;

}

				struct dm_crypt_request *dmreq)

{

	memset(iv, 0, cc->iv_size);

	*(u64 *)iv = cpu_to_le64(dmreq->iv_sector);

	*(__le64 *)iv = cpu_to_le64(dmreq->iv_sector);

	return 0;

}

	struct crypto_cipher *essiv_tfm = this_crypt_config(cc)->iv_private;

	memset(iv, 0, cc->iv_size);

	*(u64 *)iv = cpu_to_le64(dmreq->iv_sector);

	*(__le64 *)iv = cpu_to_le64(dmreq->iv_sector);

	crypto_cipher_encrypt_one(essiv_tfm, iv, iv);

	return 0;

static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)

{

	struct crypt_config *cc;

	unsigned int key_size;

	unsigned int key_size, opt_params;

	unsigned long long tmpll;

	int ret;

	struct dm_arg_set as;

	const char *opt_string;

	static struct dm_arg _args[] = {

		{0, 1, "Invalid number of feature args"},

	};

	if (argc != 5) {

	if (argc < 5) {

		ti->error = "Not enough arguments";

		return -EINVAL;

	}

	}

	cc->start = tmpll;

	argv += 5;

	argc -= 5;

	/* Optional parameters */

	if (argc) {

		as.argc = argc;

		as.argv = argv;

		ret = dm_read_arg_group(_args, &as, &opt_params, &ti->error);

		if (ret)

			goto bad;

		opt_string = dm_shift_arg(&as);

		if (opt_params == 1 && opt_string &&

		    !strcasecmp(opt_string, "allow_discards"))

			ti->num_discard_requests = 1;

		else if (opt_params) {

			ret = -EINVAL;

			ti->error = "Invalid feature arguments";

			goto bad;

		}

	}

	ret = -ENOMEM;

	cc->io_queue = alloc_workqueue("kcryptd_io",

				       WQ_NON_REENTRANT|

	struct dm_crypt_io *io;

	struct crypt_config *cc;

	if (bio->bi_rw & REQ_FLUSH) {

	/*

	 * If bio is REQ_FLUSH or REQ_DISCARD, just bypass crypt queues.

	 * - for REQ_FLUSH device-mapper core ensures that no IO is in-flight

	 * - for REQ_DISCARD caller must use flush if IO ordering matters

	 */

	if (unlikely(bio->bi_rw & (REQ_FLUSH | REQ_DISCARD))) {

		cc = ti->private;

		bio->bi_bdev = cc->dev->bdev;

		if (bio_sectors(bio))

			bio->bi_sector = cc->start + dm_target_offset(ti, bio->bi_sector);

		return DM_MAPIO_REMAPPED;

	}

		DMEMIT(" %llu %s %llu", (unsigned long long)cc->iv_offset,

				cc->dev->name, (unsigned long long)cc->start);

		if (ti->num_discard_requests)

			DMEMIT(" 1 allow_discards");

		break;

	}

	return 0;

	if (argc < 2)

		goto error;

	if (!strnicmp(argv[0], MESG_STR("key"))) {

	if (!strcasecmp(argv[0], "key")) {

		if (!test_bit(DM_CRYPT_SUSPENDED, &cc->flags)) {

			DMWARN("not suspended during key manipulation.");

			return -EINVAL;

		}

		if (argc == 3 && !strnicmp(argv[1], MESG_STR("set"))) {

		if (argc == 3 && !strcasecmp(argv[1], "set")) {

			ret = crypt_set_key(cc, argv[2]);

			if (ret)

				return ret;

				ret = cc->iv_gen_ops->init(cc);

			return ret;

		}

		if (argc == 2 && !strnicmp(argv[1], MESG_STR("wipe"))) {

		if (argc == 2 && !strcasecmp(argv[1], "wipe")) {

			if (cc->iv_gen_ops && cc->iv_gen_ops->wipe) {

				ret = cc->iv_gen_ops->wipe(cc);

				if (ret)

static struct target_type crypt_target = {

	.name   = "crypt",

	.version = {1, 10, 0},

	.version = {1, 11, 0},

	.module = THIS_MODULE,

	.ctr    = crypt_ctr,

	.dtr    = crypt_dtr,