1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * bio-integrity.c - bio data integrity extensions
4 *
5 * Copyright (C) 2007, 2008, 2009 Oracle Corporation
6 * Written by: Martin K. Petersen <martin.petersen@oracle.com>
7 */
8
9 #include <linux/blk-integrity.h>
10 #include <linux/mempool.h>
11 #include <linux/export.h>
12 #include <linux/bio.h>
13 #include <linux/workqueue.h>
14 #include <linux/slab.h>
15 #include "blk.h"
16
17 static struct kmem_cache *bip_slab;
18 static struct workqueue_struct *kintegrityd_wq;
19
blk_flush_integrity(void)20 void blk_flush_integrity(void)
21 {
22 flush_workqueue(kintegrityd_wq);
23 }
24
__bio_integrity_free(struct bio_set * bs,struct bio_integrity_payload * bip)25 static void __bio_integrity_free(struct bio_set *bs,
26 struct bio_integrity_payload *bip)
27 {
28 if (bs && mempool_initialized(&bs->bio_integrity_pool)) {
29 if (bip->bip_vec)
30 bvec_free(&bs->bvec_integrity_pool, bip->bip_vec,
31 bip->bip_max_vcnt);
32 mempool_free(bip, &bs->bio_integrity_pool);
33 } else {
34 kfree(bip);
35 }
36 }
37
38 /**
39 * bio_integrity_alloc - Allocate integrity payload and attach it to bio
40 * @bio: bio to attach integrity metadata to
41 * @gfp_mask: Memory allocation mask
42 * @nr_vecs: Number of integrity metadata scatter-gather elements
43 *
44 * Description: This function prepares a bio for attaching integrity
45 * metadata. nr_vecs specifies the maximum number of pages containing
46 * integrity metadata that can be attached.
47 */
bio_integrity_alloc(struct bio * bio,gfp_t gfp_mask,unsigned int nr_vecs)48 struct bio_integrity_payload *bio_integrity_alloc(struct bio *bio,
49 gfp_t gfp_mask,
50 unsigned int nr_vecs)
51 {
52 struct bio_integrity_payload *bip;
53 struct bio_set *bs = bio->bi_pool;
54 unsigned inline_vecs;
55
56 if (WARN_ON_ONCE(bio_has_crypt_ctx(bio)))
57 return ERR_PTR(-EOPNOTSUPP);
58
59 if (!bs || !mempool_initialized(&bs->bio_integrity_pool)) {
60 bip = kmalloc(struct_size(bip, bip_inline_vecs, nr_vecs), gfp_mask);
61 inline_vecs = nr_vecs;
62 } else {
63 bip = mempool_alloc(&bs->bio_integrity_pool, gfp_mask);
64 inline_vecs = BIO_INLINE_VECS;
65 }
66
67 if (unlikely(!bip))
68 return ERR_PTR(-ENOMEM);
69
70 memset(bip, 0, sizeof(*bip));
71
72 if (nr_vecs > inline_vecs) {
73 bip->bip_max_vcnt = nr_vecs;
74 bip->bip_vec = bvec_alloc(&bs->bvec_integrity_pool,
75 &bip->bip_max_vcnt, gfp_mask);
76 if (!bip->bip_vec)
77 goto err;
78 } else {
79 bip->bip_vec = bip->bip_inline_vecs;
80 bip->bip_max_vcnt = inline_vecs;
81 }
82
83 bip->bip_bio = bio;
84 bio->bi_integrity = bip;
85 bio->bi_opf |= REQ_INTEGRITY;
86
87 return bip;
88 err:
89 __bio_integrity_free(bs, bip);
90 return ERR_PTR(-ENOMEM);
91 }
92 EXPORT_SYMBOL(bio_integrity_alloc);
93
94 /**
95 * bio_integrity_free - Free bio integrity payload
96 * @bio: bio containing bip to be freed
97 *
98 * Description: Used to free the integrity portion of a bio. Usually
99 * called from bio_free().
100 */
bio_integrity_free(struct bio * bio)101 void bio_integrity_free(struct bio *bio)
102 {
103 struct bio_integrity_payload *bip = bio_integrity(bio);
104 struct bio_set *bs = bio->bi_pool;
105
106 if (bip->bip_flags & BIP_BLOCK_INTEGRITY)
107 kfree(bvec_virt(bip->bip_vec));
108
109 __bio_integrity_free(bs, bip);
110 bio->bi_integrity = NULL;
111 bio->bi_opf &= ~REQ_INTEGRITY;
112 }
113
114 /**
115 * bio_integrity_add_page - Attach integrity metadata
116 * @bio: bio to update
117 * @page: page containing integrity metadata
118 * @len: number of bytes of integrity metadata in page
119 * @offset: start offset within page
120 *
121 * Description: Attach a page containing integrity metadata to bio.
122 */
bio_integrity_add_page(struct bio * bio,struct page * page,unsigned int len,unsigned int offset)123 int bio_integrity_add_page(struct bio *bio, struct page *page,
124 unsigned int len, unsigned int offset)
125 {
126 struct request_queue *q = bdev_get_queue(bio->bi_bdev);
127 struct bio_integrity_payload *bip = bio_integrity(bio);
128
129 if (((bip->bip_iter.bi_size + len) >> SECTOR_SHIFT) >
130 queue_max_hw_sectors(q))
131 return 0;
132
133 if (bip->bip_vcnt > 0) {
134 struct bio_vec *bv = &bip->bip_vec[bip->bip_vcnt - 1];
135 bool same_page = false;
136
137 if (bvec_try_merge_hw_page(q, bv, page, len, offset,
138 &same_page)) {
139 bip->bip_iter.bi_size += len;
140 return len;
141 }
142
143 if (bip->bip_vcnt >=
144 min(bip->bip_max_vcnt, queue_max_integrity_segments(q)))
145 return 0;
146
147 /*
148 * If the queue doesn't support SG gaps and adding this segment
149 * would create a gap, disallow it.
150 */
151 if (bvec_gap_to_prev(&q->limits, bv, offset))
152 return 0;
153 }
154
155 bvec_set_page(&bip->bip_vec[bip->bip_vcnt], page, len, offset);
156 bip->bip_vcnt++;
157 bip->bip_iter.bi_size += len;
158
159 return len;
160 }
161 EXPORT_SYMBOL(bio_integrity_add_page);
162
163 /**
164 * bio_integrity_process - Process integrity metadata for a bio
165 * @bio: bio to generate/verify integrity metadata for
166 * @proc_iter: iterator to process
167 * @proc_fn: Pointer to the relevant processing function
168 */
bio_integrity_process(struct bio * bio,struct bvec_iter * proc_iter,integrity_processing_fn * proc_fn)169 static blk_status_t bio_integrity_process(struct bio *bio,
170 struct bvec_iter *proc_iter, integrity_processing_fn *proc_fn)
171 {
172 struct blk_integrity *bi = blk_get_integrity(bio->bi_bdev->bd_disk);
173 struct blk_integrity_iter iter;
174 struct bvec_iter bviter;
175 struct bio_vec bv;
176 struct bio_integrity_payload *bip = bio_integrity(bio);
177 blk_status_t ret = BLK_STS_OK;
178
179 iter.disk_name = bio->bi_bdev->bd_disk->disk_name;
180 iter.interval = 1 << bi->interval_exp;
181 iter.tuple_size = bi->tuple_size;
182 iter.seed = proc_iter->bi_sector;
183 iter.prot_buf = bvec_virt(bip->bip_vec);
184
185 __bio_for_each_segment(bv, bio, bviter, *proc_iter) {
186 void *kaddr = bvec_kmap_local(&bv);
187
188 iter.data_buf = kaddr;
189 iter.data_size = bv.bv_len;
190 ret = proc_fn(&iter);
191 kunmap_local(kaddr);
192
193 if (ret)
194 break;
195
196 }
197 return ret;
198 }
199
200 /**
201 * bio_integrity_prep - Prepare bio for integrity I/O
202 * @bio: bio to prepare
203 *
204 * Description: Checks if the bio already has an integrity payload attached.
205 * If it does, the payload has been generated by another kernel subsystem,
206 * and we just pass it through. Otherwise allocates integrity payload.
207 * The bio must have data direction, target device and start sector set priot
208 * to calling. In the WRITE case, integrity metadata will be generated using
209 * the block device's integrity function. In the READ case, the buffer
210 * will be prepared for DMA and a suitable end_io handler set up.
211 */
bio_integrity_prep(struct bio * bio)212 bool bio_integrity_prep(struct bio *bio)
213 {
214 struct bio_integrity_payload *bip;
215 struct blk_integrity *bi = blk_get_integrity(bio->bi_bdev->bd_disk);
216 void *buf;
217 unsigned long start, end;
218 unsigned int len, nr_pages;
219 unsigned int bytes, offset, i;
220 gfp_t gfp = GFP_NOIO;
221
222 if (!bi)
223 return true;
224
225 if (bio_op(bio) != REQ_OP_READ && bio_op(bio) != REQ_OP_WRITE)
226 return true;
227
228 if (!bio_sectors(bio))
229 return true;
230
231 /* Already protected? */
232 if (bio_integrity(bio))
233 return true;
234
235 if (bio_data_dir(bio) == READ) {
236 if (!bi->profile->verify_fn ||
237 !(bi->flags & BLK_INTEGRITY_VERIFY))
238 return true;
239 } else {
240 if (!bi->profile->generate_fn ||
241 !(bi->flags & BLK_INTEGRITY_GENERATE))
242 return true;
243
244 /*
245 * Zero the memory allocated to not leak uninitialized kernel
246 * memory to disk. For PI this only affects the app tag, but
247 * for non-integrity metadata it affects the entire metadata
248 * buffer.
249 */
250 gfp |= __GFP_ZERO;
251 }
252
253 /* Allocate kernel buffer for protection data */
254 len = bio_integrity_bytes(bi, bio_sectors(bio));
255 buf = kmalloc(len, gfp);
256 if (unlikely(buf == NULL)) {
257 printk(KERN_ERR "could not allocate integrity buffer\n");
258 goto err_end_io;
259 }
260
261 end = (((unsigned long) buf) + len + PAGE_SIZE - 1) >> PAGE_SHIFT;
262 start = ((unsigned long) buf) >> PAGE_SHIFT;
263 nr_pages = end - start;
264
265 /* Allocate bio integrity payload and integrity vectors */
266 bip = bio_integrity_alloc(bio, GFP_NOIO, nr_pages);
267 if (IS_ERR(bip)) {
268 printk(KERN_ERR "could not allocate data integrity bioset\n");
269 kfree(buf);
270 goto err_end_io;
271 }
272
273 bip->bip_flags |= BIP_BLOCK_INTEGRITY;
274 bip_set_seed(bip, bio->bi_iter.bi_sector);
275
276 if (bi->flags & BLK_INTEGRITY_IP_CHECKSUM)
277 bip->bip_flags |= BIP_IP_CHECKSUM;
278
279 /* Map it */
280 offset = offset_in_page(buf);
281 for (i = 0; i < nr_pages && len > 0; i++) {
282 bytes = PAGE_SIZE - offset;
283
284 if (bytes > len)
285 bytes = len;
286
287 if (bio_integrity_add_page(bio, virt_to_page(buf),
288 bytes, offset) < bytes) {
289 printk(KERN_ERR "could not attach integrity payload\n");
290 goto err_end_io;
291 }
292
293 buf += bytes;
294 len -= bytes;
295 offset = 0;
296 }
297
298 /* Auto-generate integrity metadata if this is a write */
299 if (bio_data_dir(bio) == WRITE) {
300 bio_integrity_process(bio, &bio->bi_iter,
301 bi->profile->generate_fn);
302 } else {
303 bip->bio_iter = bio->bi_iter;
304 }
305 return true;
306
307 err_end_io:
308 bio->bi_status = BLK_STS_RESOURCE;
309 bio_endio(bio);
310 return false;
311 }
312 EXPORT_SYMBOL(bio_integrity_prep);
313
314 /**
315 * bio_integrity_verify_fn - Integrity I/O completion worker
316 * @work: Work struct stored in bio to be verified
317 *
318 * Description: This workqueue function is called to complete a READ
319 * request. The function verifies the transferred integrity metadata
320 * and then calls the original bio end_io function.
321 */
bio_integrity_verify_fn(struct work_struct * work)322 static void bio_integrity_verify_fn(struct work_struct *work)
323 {
324 struct bio_integrity_payload *bip =
325 container_of(work, struct bio_integrity_payload, bip_work);
326 struct bio *bio = bip->bip_bio;
327 struct blk_integrity *bi = blk_get_integrity(bio->bi_bdev->bd_disk);
328
329 /*
330 * At the moment verify is called bio's iterator was advanced
331 * during split and completion, we need to rewind iterator to
332 * it's original position.
333 */
334 bio->bi_status = bio_integrity_process(bio, &bip->bio_iter,
335 bi->profile->verify_fn);
336 bio_integrity_free(bio);
337 bio_endio(bio);
338 }
339
340 /**
341 * __bio_integrity_endio - Integrity I/O completion function
342 * @bio: Protected bio
343 *
344 * Description: Completion for integrity I/O
345 *
346 * Normally I/O completion is done in interrupt context. However,
347 * verifying I/O integrity is a time-consuming task which must be run
348 * in process context. This function postpones completion
349 * accordingly.
350 */
__bio_integrity_endio(struct bio * bio)351 bool __bio_integrity_endio(struct bio *bio)
352 {
353 struct blk_integrity *bi = blk_get_integrity(bio->bi_bdev->bd_disk);
354 struct bio_integrity_payload *bip = bio_integrity(bio);
355
356 if (bio_op(bio) == REQ_OP_READ && !bio->bi_status &&
357 (bip->bip_flags & BIP_BLOCK_INTEGRITY) && bi->profile->verify_fn) {
358 INIT_WORK(&bip->bip_work, bio_integrity_verify_fn);
359 queue_work(kintegrityd_wq, &bip->bip_work);
360 return false;
361 }
362
363 bio_integrity_free(bio);
364 return true;
365 }
366
367 /**
368 * bio_integrity_advance - Advance integrity vector
369 * @bio: bio whose integrity vector to update
370 * @bytes_done: number of data bytes that have been completed
371 *
372 * Description: This function calculates how many integrity bytes the
373 * number of completed data bytes correspond to and advances the
374 * integrity vector accordingly.
375 */
bio_integrity_advance(struct bio * bio,unsigned int bytes_done)376 void bio_integrity_advance(struct bio *bio, unsigned int bytes_done)
377 {
378 struct bio_integrity_payload *bip = bio_integrity(bio);
379 struct blk_integrity *bi = blk_get_integrity(bio->bi_bdev->bd_disk);
380 unsigned bytes = bio_integrity_bytes(bi, bytes_done >> 9);
381
382 bip->bip_iter.bi_sector += bio_integrity_intervals(bi, bytes_done >> 9);
383 bvec_iter_advance(bip->bip_vec, &bip->bip_iter, bytes);
384 }
385
386 /**
387 * bio_integrity_trim - Trim integrity vector
388 * @bio: bio whose integrity vector to update
389 *
390 * Description: Used to trim the integrity vector in a cloned bio.
391 */
bio_integrity_trim(struct bio * bio)392 void bio_integrity_trim(struct bio *bio)
393 {
394 struct bio_integrity_payload *bip = bio_integrity(bio);
395 struct blk_integrity *bi = blk_get_integrity(bio->bi_bdev->bd_disk);
396
397 bip->bip_iter.bi_size = bio_integrity_bytes(bi, bio_sectors(bio));
398 }
399 EXPORT_SYMBOL(bio_integrity_trim);
400
401 /**
402 * bio_integrity_clone - Callback for cloning bios with integrity metadata
403 * @bio: New bio
404 * @bio_src: Original bio
405 * @gfp_mask: Memory allocation mask
406 *
407 * Description: Called to allocate a bip when cloning a bio
408 */
bio_integrity_clone(struct bio * bio,struct bio * bio_src,gfp_t gfp_mask)409 int bio_integrity_clone(struct bio *bio, struct bio *bio_src,
410 gfp_t gfp_mask)
411 {
412 struct bio_integrity_payload *bip_src = bio_integrity(bio_src);
413 struct bio_integrity_payload *bip;
414
415 BUG_ON(bip_src == NULL);
416
417 bip = bio_integrity_alloc(bio, gfp_mask, bip_src->bip_vcnt);
418 if (IS_ERR(bip))
419 return PTR_ERR(bip);
420
421 memcpy(bip->bip_vec, bip_src->bip_vec,
422 bip_src->bip_vcnt * sizeof(struct bio_vec));
423
424 bip->bip_vcnt = bip_src->bip_vcnt;
425 bip->bip_iter = bip_src->bip_iter;
426 bip->bip_flags = bip_src->bip_flags & ~BIP_BLOCK_INTEGRITY;
427
428 return 0;
429 }
430
bioset_integrity_create(struct bio_set * bs,int pool_size)431 int bioset_integrity_create(struct bio_set *bs, int pool_size)
432 {
433 if (mempool_initialized(&bs->bio_integrity_pool))
434 return 0;
435
436 if (mempool_init_slab_pool(&bs->bio_integrity_pool,
437 pool_size, bip_slab))
438 return -1;
439
440 if (biovec_init_pool(&bs->bvec_integrity_pool, pool_size)) {
441 mempool_exit(&bs->bio_integrity_pool);
442 return -1;
443 }
444
445 return 0;
446 }
447 EXPORT_SYMBOL(bioset_integrity_create);
448
bioset_integrity_free(struct bio_set * bs)449 void bioset_integrity_free(struct bio_set *bs)
450 {
451 mempool_exit(&bs->bio_integrity_pool);
452 mempool_exit(&bs->bvec_integrity_pool);
453 }
454
bio_integrity_init(void)455 void __init bio_integrity_init(void)
456 {
457 /*
458 * kintegrityd won't block much but may burn a lot of CPU cycles.
459 * Make it highpri CPU intensive wq with max concurrency of 1.
460 */
461 kintegrityd_wq = alloc_workqueue("kintegrityd", WQ_MEM_RECLAIM |
462 WQ_HIGHPRI | WQ_CPU_INTENSIVE, 1);
463 if (!kintegrityd_wq)
464 panic("Failed to create kintegrityd\n");
465
466 bip_slab = kmem_cache_create("bio_integrity_payload",
467 sizeof(struct bio_integrity_payload) +
468 sizeof(struct bio_vec) * BIO_INLINE_VECS,
469 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
470 }
471