Merge tag 'trace-v5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt...

[linux-2.6-microblaze.git] / drivers / md / dm-crypt.c

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 5a55617..11c105e 100644 (file)
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -37,6 +37,7 @@
 #include <linux/key-type.h>
 #include <keys/user-type.h>
 #include <keys/encrypted-type.h>
+#include <keys/trusted-type.h>
 
 #include <linux/device-mapper.h>
 
@@ -133,7 +134,7 @@ enum flags { DM_CRYPT_SUSPENDED, DM_CRYPT_KEY_VALID,
             DM_CRYPT_WRITE_INLINE };
 
 enum cipher_flags {
-       CRYPT_MODE_INTEGRITY_AEAD,      /* Use authenticated mode for cihper */
+       CRYPT_MODE_INTEGRITY_AEAD,      /* Use authenticated mode for cipher */
        CRYPT_IV_LARGE_SECTORS,         /* Calculate IV from sector_size, not 512B sectors */
        CRYPT_ENCRYPT_PREPROCESS,       /* Must preprocess data for encryption (elephant) */
 };
@@ -2436,7 +2437,6 @@ static int set_key_user(struct crypt_config *cc, struct key *key)
        return 0;
 }
 
-#if defined(CONFIG_ENCRYPTED_KEYS) || defined(CONFIG_ENCRYPTED_KEYS_MODULE)
 static int set_key_encrypted(struct crypt_config *cc, struct key *key)
 {
        const struct encrypted_key_payload *ekp;
@@ -2452,7 +2452,22 @@ static int set_key_encrypted(struct crypt_config *cc, struct key *key)
 
        return 0;
 }
-#endif /* CONFIG_ENCRYPTED_KEYS */
+
+static int set_key_trusted(struct crypt_config *cc, struct key *key)
+{
+       const struct trusted_key_payload *tkp;
+
+       tkp = key->payload.data[0];
+       if (!tkp)
+               return -EKEYREVOKED;
+
+       if (cc->key_size != tkp->key_len)
+               return -EINVAL;
+
+       memcpy(cc->key, tkp->key, cc->key_size);
+
+       return 0;
+}
 
 static int crypt_set_keyring_key(struct crypt_config *cc, const char *key_string)
 {
@@ -2482,11 +2497,14 @@ static int crypt_set_keyring_key(struct crypt_config *cc, const char *key_string
        } else if (!strncmp(key_string, "user:", key_desc - key_string + 1)) {
                type = &key_type_user;
                set_key = set_key_user;
-#if defined(CONFIG_ENCRYPTED_KEYS) || defined(CONFIG_ENCRYPTED_KEYS_MODULE)
-       } else if (!strncmp(key_string, "encrypted:", key_desc - key_string + 1)) {
+       } else if (IS_ENABLED(CONFIG_ENCRYPTED_KEYS) &&
+                  !strncmp(key_string, "encrypted:", key_desc - key_string + 1)) {
                type = &key_type_encrypted;
                set_key = set_key_encrypted;
-#endif
+       } else if (IS_ENABLED(CONFIG_TRUSTED_KEYS) &&
+                  !strncmp(key_string, "trusted:", key_desc - key_string + 1)) {
+               type = &key_type_trusted;
+               set_key = set_key_trusted;
        } else {
                return -EINVAL;
        }
@@ -3116,7 +3134,6 @@ static int crypt_ctr_optional(struct dm_target *ti, unsigned int argc, char **ar
 }
 
 #ifdef CONFIG_BLK_DEV_ZONED
-
 static int crypt_report_zones(struct dm_target *ti,
                struct dm_report_zones_args *args, unsigned int nr_zones)
 {
@@ -3127,7 +3144,8 @@ static int crypt_report_zones(struct dm_target *ti,
        return blkdev_report_zones(cc->dev->bdev, sector, nr_zones,
                                   dm_report_zones_cb, args);
 }
-
+#else
+#define crypt_report_zones NULL
 #endif
 
 /*
@@ -3324,6 +3342,7 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
        wake_up_process(cc->write_thread);
 
        ti->num_flush_bios = 1;
+       ti->limit_swap_bios = true;
 
        return 0;
 
@@ -3558,14 +3577,12 @@ static void crypt_io_hints(struct dm_target *ti, struct queue_limits *limits)
 
 static struct target_type crypt_target = {
        .name   = "crypt",
-       .version = {1, 22, 0},
+       .version = {1, 23, 0},
        .module = THIS_MODULE,
        .ctr    = crypt_ctr,
        .dtr    = crypt_dtr,
-#ifdef CONFIG_BLK_DEV_ZONED
        .features = DM_TARGET_ZONED_HM,
        .report_zones = crypt_report_zones,
-#endif
        .map    = crypt_map,
        .status = crypt_status,
        .postsuspend = crypt_postsuspend,