xref: /openbmc/qemu/block/crypto.c (revision d74523a3)
1 /*
2  * QEMU block full disk encryption
3  *
4  * Copyright (c) 2015-2016 Red Hat, Inc.
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #include "qemu/osdep.h"
22 
23 #include "block/block_int.h"
24 #include "block/qdict.h"
25 #include "sysemu/block-backend.h"
26 #include "crypto/block.h"
27 #include "qapi/opts-visitor.h"
28 #include "qapi/qapi-visit-crypto.h"
29 #include "qapi/qobject-input-visitor.h"
30 #include "qapi/error.h"
31 #include "qemu/module.h"
32 #include "qemu/option.h"
33 #include "qemu/cutils.h"
34 #include "qemu/memalign.h"
35 #include "crypto.h"
36 
37 typedef struct BlockCrypto BlockCrypto;
38 
39 struct BlockCrypto {
40     QCryptoBlock *block;
41     bool updating_keys;
42     BdrvChild *header;  /* Reference to the detached LUKS header */
43 };
44 
45 
46 static int block_crypto_probe_generic(QCryptoBlockFormat format,
47                                       const uint8_t *buf,
48                                       int buf_size,
49                                       const char *filename)
50 {
51     if (qcrypto_block_has_format(format, buf, buf_size)) {
52         return 100;
53     } else {
54         return 0;
55     }
56 }
57 
58 
59 static int block_crypto_read_func(QCryptoBlock *block,
60                                   size_t offset,
61                                   uint8_t *buf,
62                                   size_t buflen,
63                                   void *opaque,
64                                   Error **errp)
65 {
66     BlockDriverState *bs = opaque;
67     BlockCrypto *crypto = bs->opaque;
68     ssize_t ret;
69 
70     GLOBAL_STATE_CODE();
71     GRAPH_RDLOCK_GUARD_MAINLOOP();
72 
73     ret = bdrv_pread(crypto->header ? crypto->header : bs->file,
74                      offset, buflen, buf, 0);
75     if (ret < 0) {
76         error_setg_errno(errp, -ret, "Could not read encryption header");
77         return ret;
78     }
79     return 0;
80 }
81 
82 static int block_crypto_write_func(QCryptoBlock *block,
83                                    size_t offset,
84                                    const uint8_t *buf,
85                                    size_t buflen,
86                                    void *opaque,
87                                    Error **errp)
88 {
89     BlockDriverState *bs = opaque;
90     BlockCrypto *crypto = bs->opaque;
91     ssize_t ret;
92 
93     GLOBAL_STATE_CODE();
94     GRAPH_RDLOCK_GUARD_MAINLOOP();
95 
96     ret = bdrv_pwrite(crypto->header ? crypto->header : bs->file,
97                       offset, buflen, buf, 0);
98     if (ret < 0) {
99         error_setg_errno(errp, -ret, "Could not write encryption header");
100         return ret;
101     }
102     return 0;
103 }
104 
105 
106 struct BlockCryptoCreateData {
107     BlockBackend *blk;
108     uint64_t size;
109     PreallocMode prealloc;
110 };
111 
112 
113 static int coroutine_fn GRAPH_UNLOCKED
114 block_crypto_create_write_func(QCryptoBlock *block, size_t offset,
115                                const uint8_t *buf, size_t buflen, void *opaque,
116                                Error **errp)
117 {
118     struct BlockCryptoCreateData *data = opaque;
119     ssize_t ret;
120 
121     ret = blk_pwrite(data->blk, offset, buflen, buf, 0);
122     if (ret < 0) {
123         error_setg_errno(errp, -ret, "Could not write encryption header");
124         return ret;
125     }
126     return 0;
127 }
128 
129 static int coroutine_fn GRAPH_UNLOCKED
130 block_crypto_create_init_func(QCryptoBlock *block, size_t headerlen,
131                               void *opaque, Error **errp)
132 {
133     struct BlockCryptoCreateData *data = opaque;
134     Error *local_error = NULL;
135     int ret;
136 
137     if (data->size > INT64_MAX || headerlen > INT64_MAX - data->size) {
138         ret = -EFBIG;
139         goto error;
140     }
141 
142     /* User provided size should reflect amount of space made
143      * available to the guest, so we must take account of that
144      * which will be used by the crypto header
145      */
146     ret = blk_truncate(data->blk, data->size + headerlen, false,
147                        data->prealloc, 0, &local_error);
148 
149     if (ret >= 0) {
150         return 0;
151     }
152 
153 error:
154     if (ret == -EFBIG) {
155         /* Replace the error message with a better one */
156         error_free(local_error);
157         error_setg(errp, "The requested file size is too large");
158     } else {
159         error_propagate(errp, local_error);
160     }
161 
162     return ret;
163 }
164 
165 
166 static QemuOptsList block_crypto_runtime_opts_luks = {
167     .name = "crypto",
168     .head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head),
169     .desc = {
170         BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
171         { /* end of list */ }
172     },
173 };
174 
175 
176 static QemuOptsList block_crypto_create_opts_luks = {
177     .name = "crypto",
178     .head = QTAILQ_HEAD_INITIALIZER(block_crypto_create_opts_luks.head),
179     .desc = {
180         {
181             .name = BLOCK_OPT_SIZE,
182             .type = QEMU_OPT_SIZE,
183             .help = "Virtual disk size"
184         },
185         BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
186         BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(""),
187         BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(""),
188         BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(""),
189         BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(""),
190         BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(""),
191         BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""),
192         { /* end of list */ }
193     },
194 };
195 
196 
197 static QemuOptsList block_crypto_amend_opts_luks = {
198     .name = "crypto",
199     .head = QTAILQ_HEAD_INITIALIZER(block_crypto_create_opts_luks.head),
200     .desc = {
201         BLOCK_CRYPTO_OPT_DEF_LUKS_STATE(""),
202         BLOCK_CRYPTO_OPT_DEF_LUKS_KEYSLOT(""),
203         BLOCK_CRYPTO_OPT_DEF_LUKS_OLD_SECRET(""),
204         BLOCK_CRYPTO_OPT_DEF_LUKS_NEW_SECRET(""),
205         BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""),
206         { /* end of list */ }
207     },
208 };
209 
210 QCryptoBlockOpenOptions *
211 block_crypto_open_opts_init(QDict *opts, Error **errp)
212 {
213     Visitor *v;
214     QCryptoBlockOpenOptions *ret;
215 
216     v = qobject_input_visitor_new_flat_confused(opts, errp);
217     if (!v) {
218         return NULL;
219     }
220 
221     visit_type_QCryptoBlockOpenOptions(v, NULL, &ret, errp);
222 
223     visit_free(v);
224     return ret;
225 }
226 
227 
228 QCryptoBlockCreateOptions *
229 block_crypto_create_opts_init(QDict *opts, Error **errp)
230 {
231     Visitor *v;
232     QCryptoBlockCreateOptions *ret;
233 
234     v = qobject_input_visitor_new_flat_confused(opts, errp);
235     if (!v) {
236         return NULL;
237     }
238 
239     visit_type_QCryptoBlockCreateOptions(v, NULL, &ret, errp);
240 
241     visit_free(v);
242     return ret;
243 }
244 
245 QCryptoBlockAmendOptions *
246 block_crypto_amend_opts_init(QDict *opts, Error **errp)
247 {
248     Visitor *v;
249     QCryptoBlockAmendOptions *ret;
250 
251     v = qobject_input_visitor_new_flat_confused(opts, errp);
252     if (!v) {
253         return NULL;
254     }
255 
256     visit_type_QCryptoBlockAmendOptions(v, NULL, &ret, errp);
257 
258     visit_free(v);
259     return ret;
260 }
261 
262 
263 static int block_crypto_open_generic(QCryptoBlockFormat format,
264                                      QemuOptsList *opts_spec,
265                                      BlockDriverState *bs,
266                                      QDict *options,
267                                      int flags,
268                                      Error **errp)
269 {
270     ERRP_GUARD();
271 
272     BlockCrypto *crypto = bs->opaque;
273     QemuOpts *opts = NULL;
274     int ret;
275     QCryptoBlockOpenOptions *open_opts = NULL;
276     unsigned int cflags = 0;
277     QDict *cryptoopts = NULL;
278 
279     GLOBAL_STATE_CODE();
280 
281     ret = bdrv_open_file_child(NULL, options, "file", bs, errp);
282     if (ret < 0) {
283         return ret;
284     }
285 
286     crypto->header = bdrv_open_child(NULL, options, "header", bs,
287                                      &child_of_bds, BDRV_CHILD_METADATA,
288                                      true, errp);
289     if (*errp != NULL) {
290         return -EINVAL;
291     }
292 
293     GRAPH_RDLOCK_GUARD_MAINLOOP();
294 
295     bs->supported_write_flags = BDRV_REQ_FUA &
296         bs->file->bs->supported_write_flags;
297 
298     opts = qemu_opts_create(opts_spec, NULL, 0, &error_abort);
299     if (!qemu_opts_absorb_qdict(opts, options, errp)) {
300         ret = -EINVAL;
301         goto cleanup;
302     }
303 
304     cryptoopts = qemu_opts_to_qdict(opts, NULL);
305     qdict_put_str(cryptoopts, "format", QCryptoBlockFormat_str(format));
306 
307     open_opts = block_crypto_open_opts_init(cryptoopts, errp);
308     if (!open_opts) {
309         ret = -EINVAL;
310         goto cleanup;
311     }
312 
313     if (flags & BDRV_O_NO_IO) {
314         cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
315     }
316     if (crypto->header != NULL) {
317         cflags |= QCRYPTO_BLOCK_OPEN_DETACHED;
318     }
319     crypto->block = qcrypto_block_open(open_opts, NULL,
320                                        block_crypto_read_func,
321                                        bs,
322                                        cflags,
323                                        1,
324                                        errp);
325 
326     if (!crypto->block) {
327         ret = -EIO;
328         goto cleanup;
329     }
330 
331     bs->encrypted = true;
332 
333     ret = 0;
334  cleanup:
335     qobject_unref(cryptoopts);
336     qapi_free_QCryptoBlockOpenOptions(open_opts);
337     return ret;
338 }
339 
340 
341 static int coroutine_fn GRAPH_UNLOCKED
342 block_crypto_co_create_generic(BlockDriverState *bs, int64_t size,
343                                QCryptoBlockCreateOptions *opts,
344                                PreallocMode prealloc, Error **errp)
345 {
346     int ret;
347     BlockBackend *blk;
348     QCryptoBlock *crypto = NULL;
349     struct BlockCryptoCreateData data;
350 
351     blk = blk_co_new_with_bs(bs, BLK_PERM_WRITE | BLK_PERM_RESIZE, BLK_PERM_ALL,
352                              errp);
353     if (!blk) {
354         ret = -EPERM;
355         goto cleanup;
356     }
357 
358     if (prealloc == PREALLOC_MODE_METADATA) {
359         prealloc = PREALLOC_MODE_OFF;
360     }
361 
362     data = (struct BlockCryptoCreateData) {
363         .blk = blk,
364         .size = size,
365         .prealloc = prealloc,
366     };
367 
368     crypto = qcrypto_block_create(opts, NULL,
369                                   block_crypto_create_init_func,
370                                   block_crypto_create_write_func,
371                                   &data,
372                                   0,
373                                   errp);
374 
375     if (!crypto) {
376         ret = -EIO;
377         goto cleanup;
378     }
379 
380     ret = 0;
381  cleanup:
382     qcrypto_block_free(crypto);
383     blk_co_unref(blk);
384     return ret;
385 }
386 
387 static int coroutine_fn GRAPH_RDLOCK
388 block_crypto_co_truncate(BlockDriverState *bs, int64_t offset, bool exact,
389                          PreallocMode prealloc, BdrvRequestFlags flags,
390                          Error **errp)
391 {
392     BlockCrypto *crypto = bs->opaque;
393     uint64_t payload_offset =
394         qcrypto_block_get_payload_offset(crypto->block);
395 
396     if (payload_offset > INT64_MAX - offset) {
397         error_setg(errp, "The requested file size is too large");
398         return -EFBIG;
399     }
400 
401     offset += payload_offset;
402 
403     return bdrv_co_truncate(bs->file, offset, exact, prealloc, 0, errp);
404 }
405 
406 static void block_crypto_close(BlockDriverState *bs)
407 {
408     BlockCrypto *crypto = bs->opaque;
409     qcrypto_block_free(crypto->block);
410 }
411 
412 static int block_crypto_reopen_prepare(BDRVReopenState *state,
413                                        BlockReopenQueue *queue, Error **errp)
414 {
415     /* nothing needs checking */
416     return 0;
417 }
418 
419 /*
420  * 1 MB bounce buffer gives good performance / memory tradeoff
421  * when using cache=none|directsync.
422  */
423 #define BLOCK_CRYPTO_MAX_IO_SIZE (1024 * 1024)
424 
425 static int coroutine_fn GRAPH_RDLOCK
426 block_crypto_co_preadv(BlockDriverState *bs, int64_t offset, int64_t bytes,
427                        QEMUIOVector *qiov, BdrvRequestFlags flags)
428 {
429     BlockCrypto *crypto = bs->opaque;
430     uint64_t cur_bytes; /* number of bytes in current iteration */
431     uint64_t bytes_done = 0;
432     uint8_t *cipher_data = NULL;
433     QEMUIOVector hd_qiov;
434     int ret = 0;
435     uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block);
436     uint64_t payload_offset = qcrypto_block_get_payload_offset(crypto->block);
437 
438     assert(payload_offset < INT64_MAX);
439     assert(QEMU_IS_ALIGNED(offset, sector_size));
440     assert(QEMU_IS_ALIGNED(bytes, sector_size));
441 
442     qemu_iovec_init(&hd_qiov, qiov->niov);
443 
444     /* Bounce buffer because we don't wish to expose cipher text
445      * in qiov which points to guest memory.
446      */
447     cipher_data =
448         qemu_try_blockalign(bs->file->bs, MIN(BLOCK_CRYPTO_MAX_IO_SIZE,
449                                               qiov->size));
450     if (cipher_data == NULL) {
451         ret = -ENOMEM;
452         goto cleanup;
453     }
454 
455     while (bytes) {
456         cur_bytes = MIN(bytes, BLOCK_CRYPTO_MAX_IO_SIZE);
457 
458         qemu_iovec_reset(&hd_qiov);
459         qemu_iovec_add(&hd_qiov, cipher_data, cur_bytes);
460 
461         ret = bdrv_co_preadv(bs->file, payload_offset + offset + bytes_done,
462                              cur_bytes, &hd_qiov, 0);
463         if (ret < 0) {
464             goto cleanup;
465         }
466 
467         if (qcrypto_block_decrypt(crypto->block, offset + bytes_done,
468                                   cipher_data, cur_bytes, NULL) < 0) {
469             ret = -EIO;
470             goto cleanup;
471         }
472 
473         qemu_iovec_from_buf(qiov, bytes_done, cipher_data, cur_bytes);
474 
475         bytes -= cur_bytes;
476         bytes_done += cur_bytes;
477     }
478 
479  cleanup:
480     qemu_iovec_destroy(&hd_qiov);
481     qemu_vfree(cipher_data);
482 
483     return ret;
484 }
485 
486 
487 static int coroutine_fn GRAPH_RDLOCK
488 block_crypto_co_pwritev(BlockDriverState *bs, int64_t offset, int64_t bytes,
489                         QEMUIOVector *qiov, BdrvRequestFlags flags)
490 {
491     BlockCrypto *crypto = bs->opaque;
492     uint64_t cur_bytes; /* number of bytes in current iteration */
493     uint64_t bytes_done = 0;
494     uint8_t *cipher_data = NULL;
495     QEMUIOVector hd_qiov;
496     int ret = 0;
497     uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block);
498     uint64_t payload_offset = qcrypto_block_get_payload_offset(crypto->block);
499 
500     flags &= ~BDRV_REQ_REGISTERED_BUF;
501 
502     assert(payload_offset < INT64_MAX);
503     assert(QEMU_IS_ALIGNED(offset, sector_size));
504     assert(QEMU_IS_ALIGNED(bytes, sector_size));
505 
506     qemu_iovec_init(&hd_qiov, qiov->niov);
507 
508     /* Bounce buffer because we're not permitted to touch
509      * contents of qiov - it points to guest memory.
510      */
511     cipher_data =
512         qemu_try_blockalign(bs->file->bs, MIN(BLOCK_CRYPTO_MAX_IO_SIZE,
513                                               qiov->size));
514     if (cipher_data == NULL) {
515         ret = -ENOMEM;
516         goto cleanup;
517     }
518 
519     while (bytes) {
520         cur_bytes = MIN(bytes, BLOCK_CRYPTO_MAX_IO_SIZE);
521 
522         qemu_iovec_to_buf(qiov, bytes_done, cipher_data, cur_bytes);
523 
524         if (qcrypto_block_encrypt(crypto->block, offset + bytes_done,
525                                   cipher_data, cur_bytes, NULL) < 0) {
526             ret = -EIO;
527             goto cleanup;
528         }
529 
530         qemu_iovec_reset(&hd_qiov);
531         qemu_iovec_add(&hd_qiov, cipher_data, cur_bytes);
532 
533         ret = bdrv_co_pwritev(bs->file, payload_offset + offset + bytes_done,
534                               cur_bytes, &hd_qiov, flags);
535         if (ret < 0) {
536             goto cleanup;
537         }
538 
539         bytes -= cur_bytes;
540         bytes_done += cur_bytes;
541     }
542 
543  cleanup:
544     qemu_iovec_destroy(&hd_qiov);
545     qemu_vfree(cipher_data);
546 
547     return ret;
548 }
549 
550 static void block_crypto_refresh_limits(BlockDriverState *bs, Error **errp)
551 {
552     BlockCrypto *crypto = bs->opaque;
553     uint64_t sector_size = qcrypto_block_get_sector_size(crypto->block);
554     bs->bl.request_alignment = sector_size; /* No sub-sector I/O */
555 }
556 
557 
558 static int64_t coroutine_fn GRAPH_RDLOCK
559 block_crypto_co_getlength(BlockDriverState *bs)
560 {
561     BlockCrypto *crypto = bs->opaque;
562     int64_t len = bdrv_co_getlength(bs->file->bs);
563 
564     uint64_t offset = qcrypto_block_get_payload_offset(crypto->block);
565     assert(offset < INT64_MAX);
566 
567     if (offset > len) {
568         return -EIO;
569     }
570 
571     len -= offset;
572 
573     return len;
574 }
575 
576 
577 static BlockMeasureInfo *block_crypto_measure(QemuOpts *opts,
578                                               BlockDriverState *in_bs,
579                                               Error **errp)
580 {
581     g_autoptr(QCryptoBlockCreateOptions) create_opts = NULL;
582     Error *local_err = NULL;
583     BlockMeasureInfo *info;
584     uint64_t size;
585     size_t luks_payload_size;
586     QDict *cryptoopts;
587 
588     /*
589      * Preallocation mode doesn't affect size requirements but we must consume
590      * the option.
591      */
592     g_free(qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC));
593 
594     size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
595 
596     if (in_bs) {
597         int64_t ssize = bdrv_getlength(in_bs);
598 
599         if (ssize < 0) {
600             error_setg_errno(&local_err, -ssize,
601                              "Unable to get image virtual_size");
602             goto err;
603         }
604 
605         size = ssize;
606     }
607 
608     cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL,
609             &block_crypto_create_opts_luks, true);
610     qdict_put_str(cryptoopts, "format", "luks");
611     create_opts = block_crypto_create_opts_init(cryptoopts, &local_err);
612     qobject_unref(cryptoopts);
613     if (!create_opts) {
614         goto err;
615     }
616 
617     if (!qcrypto_block_calculate_payload_offset(create_opts, NULL,
618                                                 &luks_payload_size,
619                                                 &local_err)) {
620         goto err;
621     }
622 
623     /*
624      * Unallocated blocks are still encrypted so allocation status makes no
625      * difference to the file size.
626      */
627     info = g_new0(BlockMeasureInfo, 1);
628     info->fully_allocated = luks_payload_size + size;
629     info->required = luks_payload_size + size;
630     return info;
631 
632 err:
633     error_propagate(errp, local_err);
634     return NULL;
635 }
636 
637 
638 static int block_crypto_probe_luks(const uint8_t *buf,
639                                    int buf_size,
640                                    const char *filename) {
641     return block_crypto_probe_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS,
642                                       buf, buf_size, filename);
643 }
644 
645 static int block_crypto_open_luks(BlockDriverState *bs,
646                                   QDict *options,
647                                   int flags,
648                                   Error **errp)
649 {
650     return block_crypto_open_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS,
651                                      &block_crypto_runtime_opts_luks,
652                                      bs, options, flags, errp);
653 }
654 
655 static int coroutine_fn GRAPH_UNLOCKED
656 block_crypto_co_create_luks(BlockdevCreateOptions *create_options, Error **errp)
657 {
658     BlockdevCreateOptionsLUKS *luks_opts;
659     BlockDriverState *bs = NULL;
660     QCryptoBlockCreateOptions create_opts;
661     PreallocMode preallocation = PREALLOC_MODE_OFF;
662     int ret;
663 
664     assert(create_options->driver == BLOCKDEV_DRIVER_LUKS);
665     luks_opts = &create_options->u.luks;
666 
667     if (luks_opts->file == NULL) {
668         error_setg(errp, "Formatting LUKS disk requires parameter 'file'");
669         return -EINVAL;
670     }
671 
672     create_opts = (QCryptoBlockCreateOptions) {
673         .format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
674         .u.luks = *qapi_BlockdevCreateOptionsLUKS_base(luks_opts),
675     };
676 
677     if (luks_opts->has_preallocation) {
678         preallocation = luks_opts->preallocation;
679     }
680 
681     if (luks_opts->file) {
682         bs = bdrv_co_open_blockdev_ref(luks_opts->file, errp);
683         if (bs == NULL) {
684             return -EIO;
685         }
686 
687         ret = block_crypto_co_create_generic(bs, luks_opts->size, &create_opts,
688                                              preallocation, errp);
689         if (ret < 0) {
690             goto fail;
691         }
692     }
693 
694     ret = 0;
695 fail:
696     bdrv_co_unref(bs);
697     return ret;
698 }
699 
700 static int coroutine_fn GRAPH_UNLOCKED
701 block_crypto_co_create_opts_luks(BlockDriver *drv, const char *filename,
702                                  QemuOpts *opts, Error **errp)
703 {
704     QCryptoBlockCreateOptions *create_opts = NULL;
705     BlockDriverState *bs = NULL;
706     QDict *cryptoopts;
707     PreallocMode prealloc;
708     char *buf = NULL;
709     int64_t size;
710     int ret;
711     Error *local_err = NULL;
712 
713     /* Parse options */
714     size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
715 
716     buf = qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC);
717     prealloc = qapi_enum_parse(&PreallocMode_lookup, buf,
718                                PREALLOC_MODE_OFF, &local_err);
719     g_free(buf);
720     if (local_err) {
721         error_propagate(errp, local_err);
722         return -EINVAL;
723     }
724 
725     cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL,
726                                              &block_crypto_create_opts_luks,
727                                              true);
728 
729     qdict_put_str(cryptoopts, "format", "luks");
730     create_opts = block_crypto_create_opts_init(cryptoopts, errp);
731     if (!create_opts) {
732         ret = -EINVAL;
733         goto fail;
734     }
735 
736     /* Create protocol layer */
737     ret = bdrv_co_create_file(filename, opts, errp);
738     if (ret < 0) {
739         goto fail;
740     }
741 
742     bs = bdrv_co_open(filename, NULL, NULL,
743                       BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, errp);
744     if (!bs) {
745         ret = -EINVAL;
746         goto fail;
747     }
748 
749     /* Create format layer */
750     ret = block_crypto_co_create_generic(bs, size, create_opts, prealloc, errp);
751     if (ret < 0) {
752         goto fail;
753     }
754 
755     ret = 0;
756 fail:
757     /*
758      * If an error occurred, delete 'filename'. Even if the file existed
759      * beforehand, it has been truncated and corrupted in the process.
760      */
761     if (ret) {
762         bdrv_graph_co_rdlock();
763         bdrv_co_delete_file_noerr(bs);
764         bdrv_graph_co_rdunlock();
765     }
766 
767     bdrv_co_unref(bs);
768     qapi_free_QCryptoBlockCreateOptions(create_opts);
769     qobject_unref(cryptoopts);
770     return ret;
771 }
772 
773 static int coroutine_fn GRAPH_RDLOCK
774 block_crypto_co_get_info_luks(BlockDriverState *bs, BlockDriverInfo *bdi)
775 {
776     BlockDriverInfo subbdi;
777     int ret;
778 
779     ret = bdrv_co_get_info(bs->file->bs, &subbdi);
780     if (ret != 0) {
781         return ret;
782     }
783 
784     bdi->cluster_size = subbdi.cluster_size;
785 
786     return 0;
787 }
788 
789 static ImageInfoSpecific *
790 block_crypto_get_specific_info_luks(BlockDriverState *bs, Error **errp)
791 {
792     BlockCrypto *crypto = bs->opaque;
793     ImageInfoSpecific *spec_info;
794     QCryptoBlockInfo *info;
795 
796     info = qcrypto_block_get_info(crypto->block, errp);
797     if (!info) {
798         return NULL;
799     }
800     assert(info->format == Q_CRYPTO_BLOCK_FORMAT_LUKS);
801 
802     spec_info = g_new(ImageInfoSpecific, 1);
803     spec_info->type = IMAGE_INFO_SPECIFIC_KIND_LUKS;
804     spec_info->u.luks.data = g_new(QCryptoBlockInfoLUKS, 1);
805     *spec_info->u.luks.data = info->u.luks;
806 
807     /* Blank out pointers we've just stolen to avoid double free */
808     memset(&info->u.luks, 0, sizeof(info->u.luks));
809 
810     qapi_free_QCryptoBlockInfo(info);
811 
812     return spec_info;
813 }
814 
815 static int GRAPH_RDLOCK
816 block_crypto_amend_prepare(BlockDriverState *bs, Error **errp)
817 {
818     BlockCrypto *crypto = bs->opaque;
819     int ret;
820 
821     /* apply for exclusive read/write permissions to the underlying file */
822     crypto->updating_keys = true;
823     ret = bdrv_child_refresh_perms(bs, bs->file, errp);
824     if (ret < 0) {
825         /* Well, in this case we will not be updating any keys */
826         crypto->updating_keys = false;
827     }
828     return ret;
829 }
830 
831 static void GRAPH_RDLOCK
832 block_crypto_amend_cleanup(BlockDriverState *bs)
833 {
834     BlockCrypto *crypto = bs->opaque;
835     Error *errp = NULL;
836 
837     /* release exclusive read/write permissions to the underlying file */
838     crypto->updating_keys = false;
839     bdrv_child_refresh_perms(bs, bs->file, &errp);
840 
841     if (errp) {
842         error_report_err(errp);
843     }
844 }
845 
846 static int
847 block_crypto_amend_options_generic_luks(BlockDriverState *bs,
848                                         QCryptoBlockAmendOptions *amend_options,
849                                         bool force,
850                                         Error **errp)
851 {
852     BlockCrypto *crypto = bs->opaque;
853 
854     assert(crypto);
855     assert(crypto->block);
856 
857     return qcrypto_block_amend_options(crypto->block,
858                                        block_crypto_read_func,
859                                        block_crypto_write_func,
860                                        bs,
861                                        amend_options,
862                                        force,
863                                        errp);
864 }
865 
866 static int GRAPH_RDLOCK
867 block_crypto_amend_options_luks(BlockDriverState *bs,
868                                 QemuOpts *opts,
869                                 BlockDriverAmendStatusCB *status_cb,
870                                 void *cb_opaque,
871                                 bool force,
872                                 Error **errp)
873 {
874     BlockCrypto *crypto = bs->opaque;
875     QDict *cryptoopts = NULL;
876     QCryptoBlockAmendOptions *amend_options = NULL;
877     int ret = -EINVAL;
878 
879     assert(crypto);
880     assert(crypto->block);
881 
882     cryptoopts = qemu_opts_to_qdict(opts, NULL);
883     qdict_put_str(cryptoopts, "format", "luks");
884     amend_options = block_crypto_amend_opts_init(cryptoopts, errp);
885     qobject_unref(cryptoopts);
886     if (!amend_options) {
887         goto cleanup;
888     }
889 
890     ret = block_crypto_amend_prepare(bs, errp);
891     if (ret) {
892         goto perm_cleanup;
893     }
894     ret = block_crypto_amend_options_generic_luks(bs, amend_options,
895                                                   force, errp);
896 
897 perm_cleanup:
898     block_crypto_amend_cleanup(bs);
899 cleanup:
900     qapi_free_QCryptoBlockAmendOptions(amend_options);
901     return ret;
902 }
903 
904 static int
905 coroutine_fn block_crypto_co_amend_luks(BlockDriverState *bs,
906                                         BlockdevAmendOptions *opts,
907                                         bool force,
908                                         Error **errp)
909 {
910     QCryptoBlockAmendOptions amend_opts;
911 
912     amend_opts = (QCryptoBlockAmendOptions) {
913         .format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
914         .u.luks = *qapi_BlockdevAmendOptionsLUKS_base(&opts->u.luks),
915     };
916     return block_crypto_amend_options_generic_luks(bs, &amend_opts,
917                                                    force, errp);
918 }
919 
920 static void
921 block_crypto_child_perms(BlockDriverState *bs, BdrvChild *c,
922                          const BdrvChildRole role,
923                          BlockReopenQueue *reopen_queue,
924                          uint64_t perm, uint64_t shared,
925                          uint64_t *nperm, uint64_t *nshared)
926 {
927 
928     BlockCrypto *crypto = bs->opaque;
929 
930     bdrv_default_perms(bs, c, role, reopen_queue, perm, shared, nperm, nshared);
931 
932     /*
933      * For backward compatibility, manually share the write
934      * and resize permission
935      */
936     *nshared |= shared & (BLK_PERM_WRITE | BLK_PERM_RESIZE);
937     /*
938      * Since we are not fully a format driver, don't always request
939      * the read/resize permission but only when explicitly
940      * requested
941      */
942     *nperm &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
943     *nperm |= perm & (BLK_PERM_WRITE | BLK_PERM_RESIZE);
944 
945     /*
946      * This driver doesn't modify LUKS metadata except
947      * when updating the encryption slots.
948      * Thus unlike a proper format driver we don't ask for
949      * shared write/read permission. However we need it
950      * when we are updating the keys, to ensure that only we
951      * have access to the device.
952      *
953      * Encryption update will set the crypto->updating_keys
954      * during that period and refresh permissions
955      *
956      */
957     if (crypto->updating_keys) {
958         /* need exclusive write access for header update */
959         *nperm |= BLK_PERM_WRITE;
960         /* unshare read and write permission */
961         *nshared &= ~(BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE);
962     }
963 }
964 
965 
966 static const char *const block_crypto_strong_runtime_opts[] = {
967     BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET,
968 
969     NULL
970 };
971 
972 static BlockDriver bdrv_crypto_luks = {
973     .format_name        = "luks",
974     .instance_size      = sizeof(BlockCrypto),
975     .bdrv_probe         = block_crypto_probe_luks,
976     .bdrv_open          = block_crypto_open_luks,
977     .bdrv_close         = block_crypto_close,
978     .bdrv_child_perm    = block_crypto_child_perms,
979     .bdrv_co_create     = block_crypto_co_create_luks,
980     .bdrv_co_create_opts = block_crypto_co_create_opts_luks,
981     .bdrv_co_truncate   = block_crypto_co_truncate,
982     .create_opts        = &block_crypto_create_opts_luks,
983     .amend_opts         = &block_crypto_amend_opts_luks,
984 
985     .bdrv_reopen_prepare = block_crypto_reopen_prepare,
986     .bdrv_refresh_limits = block_crypto_refresh_limits,
987     .bdrv_co_preadv     = block_crypto_co_preadv,
988     .bdrv_co_pwritev    = block_crypto_co_pwritev,
989     .bdrv_co_getlength  = block_crypto_co_getlength,
990     .bdrv_measure       = block_crypto_measure,
991     .bdrv_co_get_info   = block_crypto_co_get_info_luks,
992     .bdrv_get_specific_info = block_crypto_get_specific_info_luks,
993     .bdrv_amend_options = block_crypto_amend_options_luks,
994     .bdrv_co_amend      = block_crypto_co_amend_luks,
995     .bdrv_amend_pre_run = block_crypto_amend_prepare,
996     .bdrv_amend_clean   = block_crypto_amend_cleanup,
997 
998     .is_format          = true,
999 
1000     .strong_runtime_opts = block_crypto_strong_runtime_opts,
1001 };
1002 
1003 static void block_crypto_init(void)
1004 {
1005     bdrv_register(&bdrv_crypto_luks);
1006 }
1007 
1008 block_init(block_crypto_init);
1009