xref: /openbmc/qemu/block/crypto.c (revision 259ebed4)
1 /*
2  * QEMU block full disk encryption
3  *
4  * Copyright (c) 2015-2016 Red Hat, Inc.
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #include "qemu/osdep.h"
22 
23 #include "block/block_int.h"
24 #include "block/qdict.h"
25 #include "sysemu/block-backend.h"
26 #include "crypto/block.h"
27 #include "qapi/opts-visitor.h"
28 #include "qapi/qapi-visit-crypto.h"
29 #include "qapi/qobject-input-visitor.h"
30 #include "qapi/error.h"
31 #include "qemu/module.h"
32 #include "qemu/option.h"
33 #include "qemu/cutils.h"
34 #include "qemu/memalign.h"
35 #include "crypto.h"
36 
37 typedef struct BlockCrypto BlockCrypto;
38 
39 struct BlockCrypto {
40     QCryptoBlock *block;
41     bool updating_keys;
42 };
43 
44 
45 static int block_crypto_probe_generic(QCryptoBlockFormat format,
46                                       const uint8_t *buf,
47                                       int buf_size,
48                                       const char *filename)
49 {
50     if (qcrypto_block_has_format(format, buf, buf_size)) {
51         return 100;
52     } else {
53         return 0;
54     }
55 }
56 
57 
58 static int block_crypto_read_func(QCryptoBlock *block,
59                                   size_t offset,
60                                   uint8_t *buf,
61                                   size_t buflen,
62                                   void *opaque,
63                                   Error **errp)
64 {
65     BlockDriverState *bs = opaque;
66     ssize_t ret;
67 
68     ret = bdrv_pread(bs->file, offset, buflen, buf, 0);
69     if (ret < 0) {
70         error_setg_errno(errp, -ret, "Could not read encryption header");
71         return ret;
72     }
73     return 0;
74 }
75 
76 static int block_crypto_write_func(QCryptoBlock *block,
77                                    size_t offset,
78                                    const uint8_t *buf,
79                                    size_t buflen,
80                                    void *opaque,
81                                    Error **errp)
82 {
83     BlockDriverState *bs = opaque;
84     ssize_t ret;
85 
86     ret = bdrv_pwrite(bs->file, offset, buflen, buf, 0);
87     if (ret < 0) {
88         error_setg_errno(errp, -ret, "Could not write encryption header");
89         return ret;
90     }
91     return 0;
92 }
93 
94 
95 struct BlockCryptoCreateData {
96     BlockBackend *blk;
97     uint64_t size;
98     PreallocMode prealloc;
99 };
100 
101 
102 static int coroutine_fn GRAPH_UNLOCKED
103 block_crypto_create_write_func(QCryptoBlock *block, size_t offset,
104                                const uint8_t *buf, size_t buflen, void *opaque,
105                                Error **errp)
106 {
107     struct BlockCryptoCreateData *data = opaque;
108     ssize_t ret;
109 
110     ret = blk_pwrite(data->blk, offset, buflen, buf, 0);
111     if (ret < 0) {
112         error_setg_errno(errp, -ret, "Could not write encryption header");
113         return ret;
114     }
115     return 0;
116 }
117 
118 static int coroutine_fn GRAPH_UNLOCKED
119 block_crypto_create_init_func(QCryptoBlock *block, size_t headerlen,
120                               void *opaque, Error **errp)
121 {
122     struct BlockCryptoCreateData *data = opaque;
123     Error *local_error = NULL;
124     int ret;
125 
126     if (data->size > INT64_MAX || headerlen > INT64_MAX - data->size) {
127         ret = -EFBIG;
128         goto error;
129     }
130 
131     /* User provided size should reflect amount of space made
132      * available to the guest, so we must take account of that
133      * which will be used by the crypto header
134      */
135     ret = blk_truncate(data->blk, data->size + headerlen, false,
136                        data->prealloc, 0, &local_error);
137 
138     if (ret >= 0) {
139         return 0;
140     }
141 
142 error:
143     if (ret == -EFBIG) {
144         /* Replace the error message with a better one */
145         error_free(local_error);
146         error_setg(errp, "The requested file size is too large");
147     } else {
148         error_propagate(errp, local_error);
149     }
150 
151     return ret;
152 }
153 
154 
155 static QemuOptsList block_crypto_runtime_opts_luks = {
156     .name = "crypto",
157     .head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head),
158     .desc = {
159         BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
160         { /* end of list */ }
161     },
162 };
163 
164 
165 static QemuOptsList block_crypto_create_opts_luks = {
166     .name = "crypto",
167     .head = QTAILQ_HEAD_INITIALIZER(block_crypto_create_opts_luks.head),
168     .desc = {
169         {
170             .name = BLOCK_OPT_SIZE,
171             .type = QEMU_OPT_SIZE,
172             .help = "Virtual disk size"
173         },
174         BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
175         BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(""),
176         BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(""),
177         BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(""),
178         BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(""),
179         BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(""),
180         BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""),
181         { /* end of list */ }
182     },
183 };
184 
185 
186 static QemuOptsList block_crypto_amend_opts_luks = {
187     .name = "crypto",
188     .head = QTAILQ_HEAD_INITIALIZER(block_crypto_create_opts_luks.head),
189     .desc = {
190         BLOCK_CRYPTO_OPT_DEF_LUKS_STATE(""),
191         BLOCK_CRYPTO_OPT_DEF_LUKS_KEYSLOT(""),
192         BLOCK_CRYPTO_OPT_DEF_LUKS_OLD_SECRET(""),
193         BLOCK_CRYPTO_OPT_DEF_LUKS_NEW_SECRET(""),
194         BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""),
195         { /* end of list */ }
196     },
197 };
198 
199 QCryptoBlockOpenOptions *
200 block_crypto_open_opts_init(QDict *opts, Error **errp)
201 {
202     Visitor *v;
203     QCryptoBlockOpenOptions *ret;
204 
205     v = qobject_input_visitor_new_flat_confused(opts, errp);
206     if (!v) {
207         return NULL;
208     }
209 
210     visit_type_QCryptoBlockOpenOptions(v, NULL, &ret, errp);
211 
212     visit_free(v);
213     return ret;
214 }
215 
216 
217 QCryptoBlockCreateOptions *
218 block_crypto_create_opts_init(QDict *opts, Error **errp)
219 {
220     Visitor *v;
221     QCryptoBlockCreateOptions *ret;
222 
223     v = qobject_input_visitor_new_flat_confused(opts, errp);
224     if (!v) {
225         return NULL;
226     }
227 
228     visit_type_QCryptoBlockCreateOptions(v, NULL, &ret, errp);
229 
230     visit_free(v);
231     return ret;
232 }
233 
234 QCryptoBlockAmendOptions *
235 block_crypto_amend_opts_init(QDict *opts, Error **errp)
236 {
237     Visitor *v;
238     QCryptoBlockAmendOptions *ret;
239 
240     v = qobject_input_visitor_new_flat_confused(opts, errp);
241     if (!v) {
242         return NULL;
243     }
244 
245     visit_type_QCryptoBlockAmendOptions(v, NULL, &ret, errp);
246 
247     visit_free(v);
248     return ret;
249 }
250 
251 
252 static int block_crypto_open_generic(QCryptoBlockFormat format,
253                                      QemuOptsList *opts_spec,
254                                      BlockDriverState *bs,
255                                      QDict *options,
256                                      int flags,
257                                      Error **errp)
258 {
259     BlockCrypto *crypto = bs->opaque;
260     QemuOpts *opts = NULL;
261     int ret;
262     QCryptoBlockOpenOptions *open_opts = NULL;
263     unsigned int cflags = 0;
264     QDict *cryptoopts = NULL;
265 
266     ret = bdrv_open_file_child(NULL, options, "file", bs, errp);
267     if (ret < 0) {
268         return ret;
269     }
270 
271     bs->supported_write_flags = BDRV_REQ_FUA &
272         bs->file->bs->supported_write_flags;
273 
274     opts = qemu_opts_create(opts_spec, NULL, 0, &error_abort);
275     if (!qemu_opts_absorb_qdict(opts, options, errp)) {
276         ret = -EINVAL;
277         goto cleanup;
278     }
279 
280     cryptoopts = qemu_opts_to_qdict(opts, NULL);
281     qdict_put_str(cryptoopts, "format", QCryptoBlockFormat_str(format));
282 
283     open_opts = block_crypto_open_opts_init(cryptoopts, errp);
284     if (!open_opts) {
285         ret = -EINVAL;
286         goto cleanup;
287     }
288 
289     if (flags & BDRV_O_NO_IO) {
290         cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
291     }
292     crypto->block = qcrypto_block_open(open_opts, NULL,
293                                        block_crypto_read_func,
294                                        bs,
295                                        cflags,
296                                        1,
297                                        errp);
298 
299     if (!crypto->block) {
300         ret = -EIO;
301         goto cleanup;
302     }
303 
304     bs->encrypted = true;
305 
306     ret = 0;
307  cleanup:
308     qobject_unref(cryptoopts);
309     qapi_free_QCryptoBlockOpenOptions(open_opts);
310     return ret;
311 }
312 
313 
314 static int coroutine_fn GRAPH_UNLOCKED
315 block_crypto_co_create_generic(BlockDriverState *bs, int64_t size,
316                                QCryptoBlockCreateOptions *opts,
317                                PreallocMode prealloc, Error **errp)
318 {
319     int ret;
320     BlockBackend *blk;
321     QCryptoBlock *crypto = NULL;
322     struct BlockCryptoCreateData data;
323 
324     blk = blk_co_new_with_bs(bs, BLK_PERM_WRITE | BLK_PERM_RESIZE, BLK_PERM_ALL,
325                              errp);
326     if (!blk) {
327         ret = -EPERM;
328         goto cleanup;
329     }
330 
331     if (prealloc == PREALLOC_MODE_METADATA) {
332         prealloc = PREALLOC_MODE_OFF;
333     }
334 
335     data = (struct BlockCryptoCreateData) {
336         .blk = blk,
337         .size = size,
338         .prealloc = prealloc,
339     };
340 
341     crypto = qcrypto_block_create(opts, NULL,
342                                   block_crypto_create_init_func,
343                                   block_crypto_create_write_func,
344                                   &data,
345                                   errp);
346 
347     if (!crypto) {
348         ret = -EIO;
349         goto cleanup;
350     }
351 
352     ret = 0;
353  cleanup:
354     qcrypto_block_free(crypto);
355     blk_co_unref(blk);
356     return ret;
357 }
358 
359 static int coroutine_fn GRAPH_RDLOCK
360 block_crypto_co_truncate(BlockDriverState *bs, int64_t offset, bool exact,
361                          PreallocMode prealloc, BdrvRequestFlags flags,
362                          Error **errp)
363 {
364     BlockCrypto *crypto = bs->opaque;
365     uint64_t payload_offset =
366         qcrypto_block_get_payload_offset(crypto->block);
367 
368     if (payload_offset > INT64_MAX - offset) {
369         error_setg(errp, "The requested file size is too large");
370         return -EFBIG;
371     }
372 
373     offset += payload_offset;
374 
375     return bdrv_co_truncate(bs->file, offset, exact, prealloc, 0, errp);
376 }
377 
378 static void block_crypto_close(BlockDriverState *bs)
379 {
380     BlockCrypto *crypto = bs->opaque;
381     qcrypto_block_free(crypto->block);
382 }
383 
384 static int block_crypto_reopen_prepare(BDRVReopenState *state,
385                                        BlockReopenQueue *queue, Error **errp)
386 {
387     /* nothing needs checking */
388     return 0;
389 }
390 
391 /*
392  * 1 MB bounce buffer gives good performance / memory tradeoff
393  * when using cache=none|directsync.
394  */
395 #define BLOCK_CRYPTO_MAX_IO_SIZE (1024 * 1024)
396 
397 static int coroutine_fn GRAPH_RDLOCK
398 block_crypto_co_preadv(BlockDriverState *bs, int64_t offset, int64_t bytes,
399                        QEMUIOVector *qiov, BdrvRequestFlags flags)
400 {
401     BlockCrypto *crypto = bs->opaque;
402     uint64_t cur_bytes; /* number of bytes in current iteration */
403     uint64_t bytes_done = 0;
404     uint8_t *cipher_data = NULL;
405     QEMUIOVector hd_qiov;
406     int ret = 0;
407     uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block);
408     uint64_t payload_offset = qcrypto_block_get_payload_offset(crypto->block);
409 
410     assert(payload_offset < INT64_MAX);
411     assert(QEMU_IS_ALIGNED(offset, sector_size));
412     assert(QEMU_IS_ALIGNED(bytes, sector_size));
413 
414     qemu_iovec_init(&hd_qiov, qiov->niov);
415 
416     /* Bounce buffer because we don't wish to expose cipher text
417      * in qiov which points to guest memory.
418      */
419     cipher_data =
420         qemu_try_blockalign(bs->file->bs, MIN(BLOCK_CRYPTO_MAX_IO_SIZE,
421                                               qiov->size));
422     if (cipher_data == NULL) {
423         ret = -ENOMEM;
424         goto cleanup;
425     }
426 
427     while (bytes) {
428         cur_bytes = MIN(bytes, BLOCK_CRYPTO_MAX_IO_SIZE);
429 
430         qemu_iovec_reset(&hd_qiov);
431         qemu_iovec_add(&hd_qiov, cipher_data, cur_bytes);
432 
433         ret = bdrv_co_preadv(bs->file, payload_offset + offset + bytes_done,
434                              cur_bytes, &hd_qiov, 0);
435         if (ret < 0) {
436             goto cleanup;
437         }
438 
439         if (qcrypto_block_decrypt(crypto->block, offset + bytes_done,
440                                   cipher_data, cur_bytes, NULL) < 0) {
441             ret = -EIO;
442             goto cleanup;
443         }
444 
445         qemu_iovec_from_buf(qiov, bytes_done, cipher_data, cur_bytes);
446 
447         bytes -= cur_bytes;
448         bytes_done += cur_bytes;
449     }
450 
451  cleanup:
452     qemu_iovec_destroy(&hd_qiov);
453     qemu_vfree(cipher_data);
454 
455     return ret;
456 }
457 
458 
459 static int coroutine_fn GRAPH_RDLOCK
460 block_crypto_co_pwritev(BlockDriverState *bs, int64_t offset, int64_t bytes,
461                         QEMUIOVector *qiov, BdrvRequestFlags flags)
462 {
463     BlockCrypto *crypto = bs->opaque;
464     uint64_t cur_bytes; /* number of bytes in current iteration */
465     uint64_t bytes_done = 0;
466     uint8_t *cipher_data = NULL;
467     QEMUIOVector hd_qiov;
468     int ret = 0;
469     uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block);
470     uint64_t payload_offset = qcrypto_block_get_payload_offset(crypto->block);
471 
472     flags &= ~BDRV_REQ_REGISTERED_BUF;
473 
474     assert(payload_offset < INT64_MAX);
475     assert(QEMU_IS_ALIGNED(offset, sector_size));
476     assert(QEMU_IS_ALIGNED(bytes, sector_size));
477 
478     qemu_iovec_init(&hd_qiov, qiov->niov);
479 
480     /* Bounce buffer because we're not permitted to touch
481      * contents of qiov - it points to guest memory.
482      */
483     cipher_data =
484         qemu_try_blockalign(bs->file->bs, MIN(BLOCK_CRYPTO_MAX_IO_SIZE,
485                                               qiov->size));
486     if (cipher_data == NULL) {
487         ret = -ENOMEM;
488         goto cleanup;
489     }
490 
491     while (bytes) {
492         cur_bytes = MIN(bytes, BLOCK_CRYPTO_MAX_IO_SIZE);
493 
494         qemu_iovec_to_buf(qiov, bytes_done, cipher_data, cur_bytes);
495 
496         if (qcrypto_block_encrypt(crypto->block, offset + bytes_done,
497                                   cipher_data, cur_bytes, NULL) < 0) {
498             ret = -EIO;
499             goto cleanup;
500         }
501 
502         qemu_iovec_reset(&hd_qiov);
503         qemu_iovec_add(&hd_qiov, cipher_data, cur_bytes);
504 
505         ret = bdrv_co_pwritev(bs->file, payload_offset + offset + bytes_done,
506                               cur_bytes, &hd_qiov, flags);
507         if (ret < 0) {
508             goto cleanup;
509         }
510 
511         bytes -= cur_bytes;
512         bytes_done += cur_bytes;
513     }
514 
515  cleanup:
516     qemu_iovec_destroy(&hd_qiov);
517     qemu_vfree(cipher_data);
518 
519     return ret;
520 }
521 
522 static void block_crypto_refresh_limits(BlockDriverState *bs, Error **errp)
523 {
524     BlockCrypto *crypto = bs->opaque;
525     uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block);
526     bs->bl.request_alignment = sector_size; /* No sub-sector I/O */
527 }
528 
529 
530 static int64_t coroutine_fn GRAPH_RDLOCK
531 block_crypto_co_getlength(BlockDriverState *bs)
532 {
533     BlockCrypto *crypto = bs->opaque;
534     int64_t len = bdrv_co_getlength(bs->file->bs);
535 
536     uint64_t offset = qcrypto_block_get_payload_offset(crypto->block);
537     assert(offset < INT64_MAX);
538 
539     if (offset > len) {
540         return -EIO;
541     }
542 
543     len -= offset;
544 
545     return len;
546 }
547 
548 
549 static BlockMeasureInfo *block_crypto_measure(QemuOpts *opts,
550                                               BlockDriverState *in_bs,
551                                               Error **errp)
552 {
553     g_autoptr(QCryptoBlockCreateOptions) create_opts = NULL;
554     Error *local_err = NULL;
555     BlockMeasureInfo *info;
556     uint64_t size;
557     size_t luks_payload_size;
558     QDict *cryptoopts;
559 
560     /*
561      * Preallocation mode doesn't affect size requirements but we must consume
562      * the option.
563      */
564     g_free(qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC));
565 
566     size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
567 
568     if (in_bs) {
569         int64_t ssize = bdrv_getlength(in_bs);
570 
571         if (ssize < 0) {
572             error_setg_errno(&local_err, -ssize,
573                              "Unable to get image virtual_size");
574             goto err;
575         }
576 
577         size = ssize;
578     }
579 
580     cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL,
581             &block_crypto_create_opts_luks, true);
582     qdict_put_str(cryptoopts, "format", "luks");
583     create_opts = block_crypto_create_opts_init(cryptoopts, &local_err);
584     qobject_unref(cryptoopts);
585     if (!create_opts) {
586         goto err;
587     }
588 
589     if (!qcrypto_block_calculate_payload_offset(create_opts, NULL,
590                                                 &luks_payload_size,
591                                                 &local_err)) {
592         goto err;
593     }
594 
595     /*
596      * Unallocated blocks are still encrypted so allocation status makes no
597      * difference to the file size.
598      */
599     info = g_new0(BlockMeasureInfo, 1);
600     info->fully_allocated = luks_payload_size + size;
601     info->required = luks_payload_size + size;
602     return info;
603 
604 err:
605     error_propagate(errp, local_err);
606     return NULL;
607 }
608 
609 
610 static int block_crypto_probe_luks(const uint8_t *buf,
611                                    int buf_size,
612                                    const char *filename) {
613     return block_crypto_probe_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS,
614                                       buf, buf_size, filename);
615 }
616 
617 static int block_crypto_open_luks(BlockDriverState *bs,
618                                   QDict *options,
619                                   int flags,
620                                   Error **errp)
621 {
622     return block_crypto_open_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS,
623                                      &block_crypto_runtime_opts_luks,
624                                      bs, options, flags, errp);
625 }
626 
627 static int coroutine_fn GRAPH_UNLOCKED
628 block_crypto_co_create_luks(BlockdevCreateOptions *create_options, Error **errp)
629 {
630     BlockdevCreateOptionsLUKS *luks_opts;
631     BlockDriverState *bs = NULL;
632     QCryptoBlockCreateOptions create_opts;
633     PreallocMode preallocation = PREALLOC_MODE_OFF;
634     int ret;
635 
636     assert(create_options->driver == BLOCKDEV_DRIVER_LUKS);
637     luks_opts = &create_options->u.luks;
638 
639     bs = bdrv_co_open_blockdev_ref(luks_opts->file, errp);
640     if (bs == NULL) {
641         return -EIO;
642     }
643 
644     create_opts = (QCryptoBlockCreateOptions) {
645         .format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
646         .u.luks = *qapi_BlockdevCreateOptionsLUKS_base(luks_opts),
647     };
648 
649     if (luks_opts->has_preallocation) {
650         preallocation = luks_opts->preallocation;
651     }
652 
653     ret = block_crypto_co_create_generic(bs, luks_opts->size, &create_opts,
654                                          preallocation, errp);
655     if (ret < 0) {
656         goto fail;
657     }
658 
659     ret = 0;
660 fail:
661     bdrv_co_unref(bs);
662     return ret;
663 }
664 
665 static int coroutine_fn GRAPH_UNLOCKED
666 block_crypto_co_create_opts_luks(BlockDriver *drv, const char *filename,
667                                  QemuOpts *opts, Error **errp)
668 {
669     QCryptoBlockCreateOptions *create_opts = NULL;
670     BlockDriverState *bs = NULL;
671     QDict *cryptoopts;
672     PreallocMode prealloc;
673     char *buf = NULL;
674     int64_t size;
675     int ret;
676     Error *local_err = NULL;
677 
678     /* Parse options */
679     size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
680 
681     buf = qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC);
682     prealloc = qapi_enum_parse(&PreallocMode_lookup, buf,
683                                PREALLOC_MODE_OFF, &local_err);
684     g_free(buf);
685     if (local_err) {
686         error_propagate(errp, local_err);
687         return -EINVAL;
688     }
689 
690     cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL,
691                                              &block_crypto_create_opts_luks,
692                                              true);
693 
694     qdict_put_str(cryptoopts, "format", "luks");
695     create_opts = block_crypto_create_opts_init(cryptoopts, errp);
696     if (!create_opts) {
697         ret = -EINVAL;
698         goto fail;
699     }
700 
701     /* Create protocol layer */
702     ret = bdrv_co_create_file(filename, opts, errp);
703     if (ret < 0) {
704         goto fail;
705     }
706 
707     bs = bdrv_co_open(filename, NULL, NULL,
708                       BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, errp);
709     if (!bs) {
710         ret = -EINVAL;
711         goto fail;
712     }
713 
714     /* Create format layer */
715     ret = block_crypto_co_create_generic(bs, size, create_opts, prealloc, errp);
716     if (ret < 0) {
717         goto fail;
718     }
719 
720     ret = 0;
721 fail:
722     /*
723      * If an error occurred, delete 'filename'. Even if the file existed
724      * beforehand, it has been truncated and corrupted in the process.
725      */
726     if (ret) {
727         bdrv_graph_co_rdlock();
728         bdrv_co_delete_file_noerr(bs);
729         bdrv_graph_co_rdunlock();
730     }
731 
732     bdrv_co_unref(bs);
733     qapi_free_QCryptoBlockCreateOptions(create_opts);
734     qobject_unref(cryptoopts);
735     return ret;
736 }
737 
738 static int coroutine_fn GRAPH_RDLOCK
739 block_crypto_co_get_info_luks(BlockDriverState *bs, BlockDriverInfo *bdi)
740 {
741     BlockDriverInfo subbdi;
742     int ret;
743 
744     ret = bdrv_co_get_info(bs->file->bs, &subbdi);
745     if (ret != 0) {
746         return ret;
747     }
748 
749     bdi->cluster_size = subbdi.cluster_size;
750 
751     return 0;
752 }
753 
754 static ImageInfoSpecific *
755 block_crypto_get_specific_info_luks(BlockDriverState *bs, Error **errp)
756 {
757     BlockCrypto *crypto = bs->opaque;
758     ImageInfoSpecific *spec_info;
759     QCryptoBlockInfo *info;
760 
761     info = qcrypto_block_get_info(crypto->block, errp);
762     if (!info) {
763         return NULL;
764     }
765     assert(info->format == Q_CRYPTO_BLOCK_FORMAT_LUKS);
766 
767     spec_info = g_new(ImageInfoSpecific, 1);
768     spec_info->type = IMAGE_INFO_SPECIFIC_KIND_LUKS;
769     spec_info->u.luks.data = g_new(QCryptoBlockInfoLUKS, 1);
770     *spec_info->u.luks.data = info->u.luks;
771 
772     /* Blank out pointers we've just stolen to avoid double free */
773     memset(&info->u.luks, 0, sizeof(info->u.luks));
774 
775     qapi_free_QCryptoBlockInfo(info);
776 
777     return spec_info;
778 }
779 
780 static int GRAPH_RDLOCK
781 block_crypto_amend_prepare(BlockDriverState *bs, Error **errp)
782 {
783     BlockCrypto *crypto = bs->opaque;
784     int ret;
785 
786     /* apply for exclusive read/write permissions to the underlying file */
787     crypto->updating_keys = true;
788     ret = bdrv_child_refresh_perms(bs, bs->file, errp);
789     if (ret < 0) {
790         /* Well, in this case we will not be updating any keys */
791         crypto->updating_keys = false;
792     }
793     return ret;
794 }
795 
796 static void GRAPH_RDLOCK
797 block_crypto_amend_cleanup(BlockDriverState *bs)
798 {
799     BlockCrypto *crypto = bs->opaque;
800     Error *errp = NULL;
801 
802     /* release exclusive read/write permissions to the underlying file */
803     crypto->updating_keys = false;
804     bdrv_child_refresh_perms(bs, bs->file, &errp);
805 
806     if (errp) {
807         error_report_err(errp);
808     }
809 }
810 
811 static int
812 block_crypto_amend_options_generic_luks(BlockDriverState *bs,
813                                         QCryptoBlockAmendOptions *amend_options,
814                                         bool force,
815                                         Error **errp)
816 {
817     BlockCrypto *crypto = bs->opaque;
818 
819     assert(crypto);
820     assert(crypto->block);
821 
822     return qcrypto_block_amend_options(crypto->block,
823                                        block_crypto_read_func,
824                                        block_crypto_write_func,
825                                        bs,
826                                        amend_options,
827                                        force,
828                                        errp);
829 }
830 
831 static int GRAPH_RDLOCK
832 block_crypto_amend_options_luks(BlockDriverState *bs,
833                                 QemuOpts *opts,
834                                 BlockDriverAmendStatusCB *status_cb,
835                                 void *cb_opaque,
836                                 bool force,
837                                 Error **errp)
838 {
839     BlockCrypto *crypto = bs->opaque;
840     QDict *cryptoopts = NULL;
841     QCryptoBlockAmendOptions *amend_options = NULL;
842     int ret = -EINVAL;
843 
844     assert(crypto);
845     assert(crypto->block);
846 
847     cryptoopts = qemu_opts_to_qdict(opts, NULL);
848     qdict_put_str(cryptoopts, "format", "luks");
849     amend_options = block_crypto_amend_opts_init(cryptoopts, errp);
850     qobject_unref(cryptoopts);
851     if (!amend_options) {
852         goto cleanup;
853     }
854 
855     ret = block_crypto_amend_prepare(bs, errp);
856     if (ret) {
857         goto perm_cleanup;
858     }
859     ret = block_crypto_amend_options_generic_luks(bs, amend_options,
860                                                   force, errp);
861 
862 perm_cleanup:
863     block_crypto_amend_cleanup(bs);
864 cleanup:
865     qapi_free_QCryptoBlockAmendOptions(amend_options);
866     return ret;
867 }
868 
869 static int
870 coroutine_fn block_crypto_co_amend_luks(BlockDriverState *bs,
871                                         BlockdevAmendOptions *opts,
872                                         bool force,
873                                         Error **errp)
874 {
875     QCryptoBlockAmendOptions amend_opts;
876 
877     amend_opts = (QCryptoBlockAmendOptions) {
878         .format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
879         .u.luks = *qapi_BlockdevAmendOptionsLUKS_base(&opts->u.luks),
880     };
881     return block_crypto_amend_options_generic_luks(bs, &amend_opts,
882                                                    force, errp);
883 }
884 
885 static void
886 block_crypto_child_perms(BlockDriverState *bs, BdrvChild *c,
887                          const BdrvChildRole role,
888                          BlockReopenQueue *reopen_queue,
889                          uint64_t perm, uint64_t shared,
890                          uint64_t *nperm, uint64_t *nshared)
891 {
892 
893     BlockCrypto *crypto = bs->opaque;
894 
895     bdrv_default_perms(bs, c, role, reopen_queue, perm, shared, nperm, nshared);
896 
897     /*
898      * For backward compatibility, manually share the write
899      * and resize permission
900      */
901     *nshared |= shared & (BLK_PERM_WRITE | BLK_PERM_RESIZE);
902     /*
903      * Since we are not fully a format driver, don't always request
904      * the read/resize permission but only when explicitly
905      * requested
906      */
907     *nperm &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
908     *nperm |= perm & (BLK_PERM_WRITE | BLK_PERM_RESIZE);
909 
910     /*
911      * This driver doesn't modify LUKS metadata except
912      * when updating the encryption slots.
913      * Thus unlike a proper format driver we don't ask for
914      * shared write/read permission. However we need it
915      * when we are updating the keys, to ensure that only we
916      * have access to the device.
917      *
918      * Encryption update will set the crypto->updating_keys
919      * during that period and refresh permissions
920      *
921      */
922     if (crypto->updating_keys) {
923         /* need exclusive write access for header update */
924         *nperm |= BLK_PERM_WRITE;
925         /* unshare read and write permission */
926         *nshared &= ~(BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE);
927     }
928 }
929 
930 
931 static const char *const block_crypto_strong_runtime_opts[] = {
932     BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET,
933 
934     NULL
935 };
936 
937 static BlockDriver bdrv_crypto_luks = {
938     .format_name        = "luks",
939     .instance_size      = sizeof(BlockCrypto),
940     .bdrv_probe         = block_crypto_probe_luks,
941     .bdrv_open          = block_crypto_open_luks,
942     .bdrv_close         = block_crypto_close,
943     .bdrv_child_perm    = block_crypto_child_perms,
944     .bdrv_co_create     = block_crypto_co_create_luks,
945     .bdrv_co_create_opts = block_crypto_co_create_opts_luks,
946     .bdrv_co_truncate   = block_crypto_co_truncate,
947     .create_opts        = &block_crypto_create_opts_luks,
948     .amend_opts         = &block_crypto_amend_opts_luks,
949 
950     .bdrv_reopen_prepare = block_crypto_reopen_prepare,
951     .bdrv_refresh_limits = block_crypto_refresh_limits,
952     .bdrv_co_preadv     = block_crypto_co_preadv,
953     .bdrv_co_pwritev    = block_crypto_co_pwritev,
954     .bdrv_co_getlength  = block_crypto_co_getlength,
955     .bdrv_measure       = block_crypto_measure,
956     .bdrv_co_get_info   = block_crypto_co_get_info_luks,
957     .bdrv_get_specific_info = block_crypto_get_specific_info_luks,
958     .bdrv_amend_options = block_crypto_amend_options_luks,
959     .bdrv_co_amend      = block_crypto_co_amend_luks,
960     .bdrv_amend_pre_run = block_crypto_amend_prepare,
961     .bdrv_amend_clean   = block_crypto_amend_cleanup,
962 
963     .is_format          = true,
964 
965     .strong_runtime_opts = block_crypto_strong_runtime_opts,
966 };
967 
968 static void block_crypto_init(void)
969 {
970     bdrv_register(&bdrv_crypto_luks);
971 }
972 
973 block_init(block_crypto_init);
974