From 919f37117fe6255d502eb303b92d1e6582053c67 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Tue, 9 Apr 2024 16:11:58 +0200 Subject: [PATCH] WIP: Add support for high-priority dm-crypt flag. --- lib/libcryptsetup.h | 2 ++ lib/libdevmapper.c | 20 ++++++++++++++++++-- lib/luks2/luks2_json_metadata.c | 1 + lib/utils_dm.h | 1 + man/common_options.adoc | 11 +++++++++++ src/cryptsetup.c | 8 +++++--- src/cryptsetup_arg_list.h | 2 ++ src/utils_arg_names.h | 1 + src/utils_luks.c | 3 +++ tests/device-test | 28 +++++++++++++++++++++++++--- 10 files changed, 69 insertions(+), 8 deletions(-) Index: cryptsetup-2.3.7/lib/libcryptsetup.h =================================================================== --- cryptsetup-2.3.7.orig/lib/libcryptsetup.h +++ cryptsetup-2.3.7/lib/libcryptsetup.h @@ -1113,6 +1113,11 @@ int crypt_keyslot_destroy(struct crypt_d #define CRYPT_ACTIVATE_NO_READ_WORKQUEUE (1 << 24) /** dm-crypt: bypass internal workqueue and process write requests synchronously. */ #define CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE (1 << 25) +#define CRYPT_ACTIVATE_RECALCULATE_RESET (UINT32_C(1) << 26) +/** dm-verity: try to use tasklets */ +#define CRYPT_ACTIVATE_TASKLETS (UINT32_C(1) << 27) +/** dm-crypt: use high-priority workqueues */ +#define CRYPT_ACTIVATE_HIGH_PRIORITY (UINT32_C(1) << 28) /** * Active device runtime attributes Index: cryptsetup-2.3.7/lib/libdevmapper.c =================================================================== --- cryptsetup-2.3.7.orig/lib/libdevmapper.c +++ cryptsetup-2.3.7/lib/libdevmapper.c @@ -177,6 +177,9 @@ static void _dm_set_crypt_compat(struct if (_dm_satisfies_version(1, 22, 0, crypt_maj, crypt_min, crypt_patch)) _dm_flags |= DM_CRYPT_NO_WORKQUEUE_SUPPORTED; + if (_dm_satisfies_version(1, 26, 0, crypt_maj, crypt_min, crypt_patch)) + _dm_flags |= DM_CRYPT_HIGH_PRIORITY_SUPPORTED; + _dm_crypt_checked = true; } @@ -568,19 +571,22 @@ static char *get_dm_crypt_params(const s num_options++; if (flags & CRYPT_ACTIVATE_IV_LARGE_SECTORS) num_options++; + if (flags & CRYPT_ACTIVATE_HIGH_PRIORITY) + num_options++; if (tgt->u.crypt.integrity) num_options++; if (tgt->u.crypt.sector_size != SECTOR_SIZE) num_options++; - if (num_options) { /* MAX length int32 + 15 + 15 + 23 + 18 + 19 + 17 + 13 + int32 + integrity_str */ - r = snprintf(features, sizeof(features), " %d%s%s%s%s%s%s%s%s", num_options, + if (num_options) { /* MAX length int32 + 15 + 15 + 23 + 18 + 19 + 17 + 14 + 13 + int32 + integrity_str */ + r = snprintf(features, sizeof(features), " %d%s%s%s%s%s%s%s%s%s", num_options, (flags & CRYPT_ACTIVATE_ALLOW_DISCARDS) ? " allow_discards" : "", (flags & CRYPT_ACTIVATE_SAME_CPU_CRYPT) ? " same_cpu_crypt" : "", (flags & CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS) ? " submit_from_crypt_cpus" : "", (flags & CRYPT_ACTIVATE_NO_READ_WORKQUEUE) ? " no_read_workqueue" : "", (flags & CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE) ? " no_write_workqueue" : "", (flags & CRYPT_ACTIVATE_IV_LARGE_SECTORS) ? " iv_large_sectors" : "", + (flags & CRYPT_ACTIVATE_HIGH_PRIORITY) ? " high_priority" : "", (tgt->u.crypt.sector_size != SECTOR_SIZE) ? _uf(sector_feature, sizeof(sector_feature), "sector_size", tgt->u.crypt.sector_size) : "", integrity_dm); @@ -1586,6 +1592,14 @@ static int check_retry(struct crypt_devi ret = 1; } + /* Drop high-priority workqueue options if not supported */ + if ((*dmd_flags & CRYPT_ACTIVATE_HIGH_PRIORITY) && + !(dmt_flags & DM_CRYPT_HIGH_PRIORITY_SUPPORTED)) { + log_dbg(cd, "dm-crypt does not support high-priority option"); + *dmd_flags = *dmd_flags & ~CRYPT_ACTIVATE_HIGH_PRIORITY; + ret = 1; + } + return ret; } @@ -1941,6 +1955,8 @@ static int _dm_target_query_crypt(struct *act_flags |= CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE; else if (!strcasecmp(arg, "iv_large_sectors")) *act_flags |= CRYPT_ACTIVATE_IV_LARGE_SECTORS; + else if (!strcasecmp(arg, "high_priority")) + *act_flags |= CRYPT_ACTIVATE_HIGH_PRIORITY; else if (sscanf(arg, "integrity:%u:", &val) == 1) { tgt->u.crypt.tag_size = val; rintegrity = strchr(arg + strlen("integrity:"), ':'); Index: cryptsetup-2.3.7/lib/luks2/luks2_json_metadata.c =================================================================== --- cryptsetup-2.3.7.orig/lib/luks2/luks2_json_metadata.c +++ cryptsetup-2.3.7/lib/luks2/luks2_json_metadata.c @@ -1386,6 +1386,7 @@ static const struct { { CRYPT_ACTIVATE_NO_JOURNAL, "no-journal" }, { CRYPT_ACTIVATE_NO_READ_WORKQUEUE, "no-read-workqueue" }, { CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE, "no-write-workqueue" }, + { CRYPT_ACTIVATE_HIGH_PRIORITY, "high_priority" }, { 0, NULL } }; Index: cryptsetup-2.3.7/lib/utils_dm.h =================================================================== --- cryptsetup-2.3.7.orig/lib/utils_dm.h +++ cryptsetup-2.3.7/lib/utils_dm.h @@ -73,6 +73,9 @@ static inline uint32_t act2dmflags(uint3 #define DM_VERITY_PANIC_CORRUPTION_SUPPORTED (1 << 24) /* dm-verity panic on corruption */ #define DM_CRYPT_NO_WORKQUEUE_SUPPORTED (1 << 25) /* dm-crypt suppot for bypassing workqueues */ #define DM_INTEGRITY_FIX_HMAC_SUPPORTED (1 << 26) /* hmac covers also superblock */ +#define DM_INTEGRITY_RESET_RECALC_SUPPORTED (1 << 27) /* dm-integrity automatic recalculation supported */ +#define DM_VERITY_TASKLETS_SUPPORTED (1 << 28) /* dm-verity tasklets supported */ +#define DM_CRYPT_HIGH_PRIORITY_SUPPORTED (1 << 29) /* dm-crypt high priority workqueue flag supported */ typedef enum { DM_CRYPT = 0, DM_VERITY, DM_INTEGRITY, DM_LINEAR, DM_ERROR, DM_ZERO, DM_UNKNOWN } dm_target_type; enum tdirection { TARGET_SET = 1, TARGET_QUERY }; Index: cryptsetup-2.3.7/src/cryptsetup.c =================================================================== --- cryptsetup-2.3.7.orig/src/cryptsetup.c +++ cryptsetup-2.3.7/src/cryptsetup.c @@ -87,6 +87,7 @@ static int opt_perf_same_cpu_crypt = 0; static int opt_perf_submit_from_crypt_cpus = 0; static int opt_perf_no_read_workqueue = 0; static int opt_perf_no_write_workqueue = 0; +static int opt_perf_high_priority = 0; static int opt_test_passphrase = 0; static int opt_tcrypt_hidden = 0; static int opt_tcrypt_system = 0; @@ -219,6 +220,9 @@ static void _set_activation_flags(uint32 if (opt_perf_no_read_workqueue) *flags |= CRYPT_ACTIVATE_NO_READ_WORKQUEUE; + if (opt_perf_high_priority) + *flags |= CRYPT_ACTIVATE_HIGH_PRIORITY; + if (opt_perf_no_write_workqueue) *flags |= CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE; @@ -860,13 +864,15 @@ static int action_status(void) CRYPT_ACTIVATE_SAME_CPU_CRYPT| CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS| CRYPT_ACTIVATE_NO_READ_WORKQUEUE| - CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE)) - log_std(" flags: %s%s%s%s%s\n", + CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE| + CRYPT_ACTIVATE_HIGH_PRIORITY)) + log_std(" flags: %s%s%s%s%s%s\n", (cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS) ? "discards " : "", (cad.flags & CRYPT_ACTIVATE_SAME_CPU_CRYPT) ? "same_cpu_crypt " : "", (cad.flags & CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS) ? "submit_from_crypt_cpus " : "", (cad.flags & CRYPT_ACTIVATE_NO_READ_WORKQUEUE) ? "no_read_workqueue " : "", - (cad.flags & CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE) ? "no_write_workqueue" : ""); + (cad.flags & CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE) ? "no_write_workqueue" : "", + (cad.flags & CRYPT_ACTIVATE_HIGH_PRIORITY) ? "high_priority" : ""); } out: crypt_free(cd); @@ -3712,6 +3718,7 @@ int main(int argc, const char **argv) { "perf-submit_from_crypt_cpus",'\0', POPT_ARG_NONE, &opt_perf_submit_from_crypt_cpus,0,N_("Use dm-crypt submit_from_crypt_cpus performance compatibility option"), NULL }, { "perf-no_read_workqueue",'\0', POPT_ARG_NONE, &opt_perf_no_read_workqueue,0,N_("Bypass dm-crypt workqueue and process read requests synchronously"), NULL }, { "perf-no_write_workqueue",'\0', POPT_ARG_NONE, &opt_perf_no_write_workqueue,0,N_("Bypass dm-crypt workqueue and process write requests synchronously"), NULL }, + { "perf-high_priority", '\0', POPT_ARG_NONE, &opt_perf_high_priority, 0, N_("Set dm-crypt workqueues and the writer thread to high priority"), NULL}, { "deferred", '\0', POPT_ARG_NONE, &opt_deferred_remove, 0, N_("Device removal is deferred until the last user closes it"), NULL }, { "serialize-memory-hard-pbkdf", '\0', POPT_ARG_NONE, &opt_serialize_memory_hard_pbkdf, 0, N_("Use global lock to serialize memory hard PBKDF (OOM workaround)"), NULL }, { "iter-time", 'i', POPT_ARG_INT, &opt_iteration_time, 0, N_("PBKDF iteration time for LUKS (in ms)"), N_("msecs") }, Index: cryptsetup-2.3.7/tests/device-test =================================================================== --- cryptsetup-2.3.7.orig/tests/device-test +++ cryptsetup-2.3.7/tests/device-test @@ -75,6 +75,9 @@ function dm_crypt_features() [ $VER_MIN -lt 22 ] && return DM_PERF_NO_WORKQUEUE=1 + + [ $VER_MIN -lt 26 ] && return + DM_PERF_HIGH_PRIORITY=1 } function dm_crypt_keyring_support() @@ -157,11 +160,17 @@ else $CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt && fail echo -e "$PWD1" | $CRYPTSETUP refresh --hash sha256 $DEV $DEV_NAME2 2>/dev/null && fail if [ -n "$DM_PERF_NO_WORKQUEUE" ]; then - echo -n "no_read_workqueue no_write_workqueue" + echo -n "no_read_workqueue no_write_workqueue " echo -e "$PWD1" | $CRYPTSETUP refresh --hash sha256 -q $DEV_NAME --perf-no_read_workqueue --perf-no_write_workqueue || fail $CRYPTSETUP status $DEV_NAME | grep -q no_read_workqueue || fail $CRYPTSETUP status $DEV_NAME | grep -q no_write_workqueue || fail fi + if [ -n "$DM_PERF_HIGH_PRIORITY" ]; then + echo -n "high_priority " + echo -e "$PWD1" | $CRYPTSETUP refresh --hash sha256 -q $DEV_NAME --perf-high_priority || fail + $CRYPTSETUP status $DEV_NAME | grep -q high_priority || fail + fi + $CRYPTSETUP close $DEV_NAME || fail echo @@ -187,11 +196,16 @@ else $CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt && fail echo -e "$PWD1" | $CRYPTSETUP refresh $DEV $DEV_NAME2 2>/dev/null && fail if [ -n "$DM_PERF_NO_WORKQUEUE" ]; then - echo -n "no_read_workqueue no_write_workqueue" + echo -n "no_read_workqueue no_write_workqueue " echo -e "$PWD1" | $CRYPTSETUP refresh $DEV_NAME --perf-no_read_workqueue --perf-no_write_workqueue || fail $CRYPTSETUP status $DEV_NAME | grep -q no_read_workqueue || fail $CRYPTSETUP status $DEV_NAME | grep -q no_write_workqueue || fail fi + if [ -n "$DM_PERF_HIGH_PRIORITY" ]; then + echo -n "high_priority " + echo -e "$PWD1" | $CRYPTSETUP refresh $DEV_NAME --perf-high_priority || fail + $CRYPTSETUP status $DEV_NAME | grep -q high_priority || fail + fi $CRYPTSETUP close $DEV_NAME || fail echo @@ -249,7 +263,7 @@ else $CRYPTSETUP status $DEV_NAME | grep -q keyring || fail fi if [ -n "$DM_PERF_NO_WORKQUEUE" ]; then - echo -n "no_read_workqueue no_write_workqueue" + echo -n "no_read_workqueue no_write_workqueue " echo -e "$PWD1" | $CRYPTSETUP refresh $DEV $DEV_NAME --perf-no_read_workqueue --perf-no_write_workqueue --persistent || fail $CRYPTSETUP status $DEV_NAME | grep -q no_read_workqueue || fail $CRYPTSETUP status $DEV_NAME | grep -q no_write_workqueue || fail @@ -258,6 +272,14 @@ else $CRYPTSETUP status $DEV_NAME | grep -q no_read_workqueue || fail $CRYPTSETUP status $DEV_NAME | grep -q no_write_workqueue || fail fi + if [ -n "$DM_PERF_HIGH_PRIORITY" ]; then + echo -n "high_priority " + echo -e "$PWD1" | $CRYPTSETUP refresh $DEV $DEV_NAME --perf-high_priority --persistent || fail + $CRYPTSETUP status $DEV_NAME | grep -q high_priority || fail + $CRYPTSETUP close $DEV_NAME || fail + echo -e "$PWD1" | $CRYPTSETUP open $DEV $DEV_NAME || fail + $CRYPTSETUP status $DEV_NAME | grep -q high_priority || fail + fi echo -e "$PWD1" | $CRYPTSETUP refresh $DEV $DEV_NAME2 2>/dev/null && fail $CRYPTSETUP close $DEV_NAME || fail echo