Commit 70493a63 authored by Eric Biggers's avatar Eric Biggers Committed by Jens Axboe

blk-crypto: make blk_crypto_evict_key() return void

blk_crypto_evict_key() is only called in contexts such as inode eviction
where failure is not an option.  So there is nothing the caller can do
with errors except log them.  (dm-table.c does "use" the error code, but
only to pass on to upper layers, so it doesn't really count.)

Just make blk_crypto_evict_key() return void and log errors itself.

Cc: stable@vger.kernel.org
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20230315183907.53675-2-ebiggers@kernel.orgSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent 9cd1e566
...@@ -13,6 +13,7 @@ ...@@ -13,6 +13,7 @@
#include <linux/blkdev.h> #include <linux/blkdev.h>
#include <linux/blk-crypto-profile.h> #include <linux/blk-crypto-profile.h>
#include <linux/module.h> #include <linux/module.h>
#include <linux/ratelimit.h>
#include <linux/slab.h> #include <linux/slab.h>
#include "blk-crypto-internal.h" #include "blk-crypto-internal.h"
...@@ -408,21 +409,18 @@ int blk_crypto_start_using_key(struct block_device *bdev, ...@@ -408,21 +409,18 @@ int blk_crypto_start_using_key(struct block_device *bdev,
* Upper layers (filesystems) must call this function to ensure that a key is * Upper layers (filesystems) must call this function to ensure that a key is
* evicted from any hardware that it might have been programmed into. The key * evicted from any hardware that it might have been programmed into. The key
* must not be in use by any in-flight IO when this function is called. * must not be in use by any in-flight IO when this function is called.
*
* Return: 0 on success or if the key wasn't in any keyslot; -errno on error.
*/ */
int blk_crypto_evict_key(struct block_device *bdev, void blk_crypto_evict_key(struct block_device *bdev,
const struct blk_crypto_key *key) const struct blk_crypto_key *key)
{ {
struct request_queue *q = bdev_get_queue(bdev); struct request_queue *q = bdev_get_queue(bdev);
int err;
if (blk_crypto_config_supported_natively(bdev, &key->crypto_cfg)) if (blk_crypto_config_supported_natively(bdev, &key->crypto_cfg))
return __blk_crypto_evict_key(q->crypto_profile, key); err = __blk_crypto_evict_key(q->crypto_profile, key);
else
/* err = blk_crypto_fallback_evict_key(key);
* If the block_device didn't support the key, then blk-crypto-fallback if (err)
* may have been used, so try to evict the key from blk-crypto-fallback. pr_warn_ratelimited("%pg: error %d evicting key\n", bdev, err);
*/
return blk_crypto_fallback_evict_key(key);
} }
EXPORT_SYMBOL_GPL(blk_crypto_evict_key); EXPORT_SYMBOL_GPL(blk_crypto_evict_key);
...@@ -1202,21 +1202,12 @@ struct dm_crypto_profile { ...@@ -1202,21 +1202,12 @@ struct dm_crypto_profile {
struct mapped_device *md; struct mapped_device *md;
}; };
struct dm_keyslot_evict_args {
const struct blk_crypto_key *key;
int err;
};
static int dm_keyslot_evict_callback(struct dm_target *ti, struct dm_dev *dev, static int dm_keyslot_evict_callback(struct dm_target *ti, struct dm_dev *dev,
sector_t start, sector_t len, void *data) sector_t start, sector_t len, void *data)
{ {
struct dm_keyslot_evict_args *args = data; const struct blk_crypto_key *key = data;
int err;
err = blk_crypto_evict_key(dev->bdev, args->key); blk_crypto_evict_key(dev->bdev, key);
if (!args->err)
args->err = err;
/* Always try to evict the key from all devices. */
return 0; return 0;
} }
...@@ -1229,7 +1220,6 @@ static int dm_keyslot_evict(struct blk_crypto_profile *profile, ...@@ -1229,7 +1220,6 @@ static int dm_keyslot_evict(struct blk_crypto_profile *profile,
{ {
struct mapped_device *md = struct mapped_device *md =
container_of(profile, struct dm_crypto_profile, profile)->md; container_of(profile, struct dm_crypto_profile, profile)->md;
struct dm_keyslot_evict_args args = { key };
struct dm_table *t; struct dm_table *t;
int srcu_idx; int srcu_idx;
...@@ -1242,11 +1232,12 @@ static int dm_keyslot_evict(struct blk_crypto_profile *profile, ...@@ -1242,11 +1232,12 @@ static int dm_keyslot_evict(struct blk_crypto_profile *profile,
if (!ti->type->iterate_devices) if (!ti->type->iterate_devices)
continue; continue;
ti->type->iterate_devices(ti, dm_keyslot_evict_callback, &args); ti->type->iterate_devices(ti, dm_keyslot_evict_callback,
(void *)key);
} }
dm_put_live_table(md, srcu_idx); dm_put_live_table(md, srcu_idx);
return args.err; return 0;
} }
static int static int
......
...@@ -95,8 +95,8 @@ int blk_crypto_init_key(struct blk_crypto_key *blk_key, const u8 *raw_key, ...@@ -95,8 +95,8 @@ int blk_crypto_init_key(struct blk_crypto_key *blk_key, const u8 *raw_key,
int blk_crypto_start_using_key(struct block_device *bdev, int blk_crypto_start_using_key(struct block_device *bdev,
const struct blk_crypto_key *key); const struct blk_crypto_key *key);
int blk_crypto_evict_key(struct block_device *bdev, void blk_crypto_evict_key(struct block_device *bdev,
const struct blk_crypto_key *key); const struct blk_crypto_key *key);
bool blk_crypto_config_supported_natively(struct block_device *bdev, bool blk_crypto_config_supported_natively(struct block_device *bdev,
const struct blk_crypto_config *cfg); const struct blk_crypto_config *cfg);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment