mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
bf54c9e71d
These changes integrate new file encryption framework to use new V2 encryption policies.
These changes were earlier reverted in 'commit 4211691d298c ("Reverting crypto and incrementalfs changes")',
as part of android-4.14.171 merge from Android common kernel. This patch attempts to bring them back
post validation.
commit a9a5450 ANDROID: dm: prevent default-key from being enabled without needed hooks
commit e1a94e6 ANDROID: dm: add dm-default-key target for metadata encryption
commit commit 232fd35 ANDROID: dm: enable may_passthrough_inline_crypto on some targets
commit 53bc059 ANDROID: dm: add support for passing through inline crypto support
commit aeed6db ANDROID: block: Introduce passthrough keyslot manager
commit 4f27c8b ANDROID: ext4, f2fs: enable direct I/O with inline encryption
commit c91db46 BACKPORT: FROMLIST: scsi: ufs: add program_key() variant op
commit f9a8e4a ANDROID: block: export symbols needed for modules to use inline crypto
commit 75fea5f ANDROID: block: fix some inline crypto bugs
commit 2871f73 ANDROID: fscrypt: add support for hardware-wrapped keys
commit bb5a657 ANDROID: block: add KSM op to derive software secret from wrapped key
commit d42ba87 ANDROID: block: provide key size as input to inline crypto APIs
commit 86646eb ANDROID: ufshcd-crypto: export cap find API
commit 83bc20e ANDROID: scsi: ufs-qcom: Enable BROKEN_CRYPTO quirk flag
commit c266a13 ANDROID: scsi: ufs: Add quirk bit for controllers that don't play well with inline crypto
commit ea09b99 ANDROID: cuttlefish_defconfig: Enable blk-crypto fallback
commit e12563c BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series
commit 8e8f55d ANDROID: scsi: ufs: UFS init should not require inline crypto
commit dae9899 ANDROID: scsi: ufs: UFS crypto variant operations API
commit a69516d ANDROID: cuttlefish_defconfig: enable inline encryption
commit b8f7b23 BACKPORT: FROMLIST: ext4: add inline encryption support
commit e64327f BACKPORT: FROMLIST: f2fs: add inline encryption support
commit a0dc8da BACKPORT: FROMLIST: fscrypt: add inline encryption support
commit 19c3c62 BACKPORT: FROMLIST: scsi: ufs: Add inline encryption support to UFS
commit f858a99 BACKPORT: FROMLIST: scsi: ufs: UFS crypto API
commit 011b834 BACKPORT: FROMLIST: scsi: ufs: UFS driver v2.1 spec crypto additions
commit ec0b569 BACKPORT: FROMLIST: block: blk-crypto for Inline Encryption
commit 760b328 ANDROID: block: Fix bio_crypt_should_process WARN_ON
commit 138adbb BACKPORT: FROMLIST: block: Add encryption context to struct bio
commit 66b5609 BACKPORT: FROMLIST: block: Keyslot Manager for Inline Encryption
Git-repo: https://android.googlesource.com/kernel/common/+/refs/heads/android-4.14-stable
Git-commit: a9a545067a93d9821f965989b8eaea6fba7d27f7
Git-commit: e1a94e6b17e2610b56c5740b763df7858dad40f0
Git-commit: 232fd353e45d13576d507a011b5dac17e3c320ab
Git-commit: 53bc059bc6d98631e8936ab9eeb7ac780c9ab2c3
Git-commit: aeed6db424b22148964d9788d4f9abac6e6cd7d8
Git-commit: 4f27c8b90bd223e967c98dc658961e67b9b864ae
Git-commit: c91db466b51479ae761becc233d79c50ca3748a5
Git-commit: f9a8e4a5c5455a6bada70ed6d2f0af8900a872cb
Git-commit: 75fea5f6057df78af1655f2f79a9c66a94bc838f
Git-commit: 2871f731940165ed4042001a36bbe7d58f9d983b
Git-commit: bb5a65771a206ae39086af1a9e78afeaf654cf03
Git-commit: d42ba87e29ab44aac446b5434298d1369c44fe3c
Git-commit: 86646ebb1742a663c4c9c39c06d58dcb3f8f89e5
Git-commit: 83bc20ed4ba7dbf76964fd68905fde591b5de8b2
Git-commit: c266a1311e74b3ae1047a9d6abd6c6044059995c
Git-commit: ea09b9954cc40b3088b8b2778b2daab12820a7e6
Git-commit: e12563c18d484e6379d03105b4565db7bb3a7975
Git-commit: 8e8f55d1a7e865562d2e3e022a7fcf13753a9c8e
Git-commit: dae9899044f320bb119e02b45d816a493b1488ae
Git-commit: a69516d0913e7f2c9bdde17c2ea6a793bb474830
Git-commit: b8f7b236748261bec545b69b39d7fb75e519f4ed
Git-commit: e64327f5719b4a41e0de341ead7d48ed73216a23
Git-commit: a0dc8da519ccf2040af2dbbd6b4f688b50eb1755
Git-commit: 19c3c62836e5dbc9ceb620ecef0aa0c81578ed43
Git-commit: f858a9981a94a4e1d1b77b00bc05ab61b8431bce
Git-commit: 011b8344c36d39255b8057c63d98e593e364ed7f
Git-commit: ec0b569b5cc89391d9d6c90d2f76dc0a4db03e57
Git-commit: 760b3283e8056ffa6382722457c2e0cf08328629
Git-commit: 138adbbe5e4bfb6dee0571261f4d96a98f71d228
Git-commit: 66b5609826d60f80623643f1a7a1d865b5233f19
Change-Id: I171d90de41185824e0c7515f3a3b43ab88f4e058
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>
233 lines
6.7 KiB
Plaintext
233 lines
6.7 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
#
|
|
# Block layer core configuration
|
|
#
|
|
menuconfig BLOCK
|
|
bool "Enable the block layer" if EXPERT
|
|
default y
|
|
select SBITMAP
|
|
select SRCU
|
|
help
|
|
Provide block layer support for the kernel.
|
|
|
|
Disable this option to remove the block layer support from the
|
|
kernel. This may be useful for embedded devices.
|
|
|
|
If this option is disabled:
|
|
|
|
- block device files will become unusable
|
|
- some filesystems (such as ext3) will become unavailable.
|
|
|
|
Also, SCSI character devices and USB storage will be disabled since
|
|
they make use of various block layer definitions and facilities.
|
|
|
|
Say Y here unless you know you really don't want to mount disks and
|
|
suchlike.
|
|
|
|
if BLOCK
|
|
|
|
config LBDAF
|
|
bool "Support for large (2TB+) block devices and files"
|
|
depends on !64BIT
|
|
default y
|
|
help
|
|
Enable block devices or files of size 2TB and larger.
|
|
|
|
This option is required to support the full capacity of large
|
|
(2TB+) block devices, including RAID, disk, Network Block Device,
|
|
Logical Volume Manager (LVM) and loopback.
|
|
|
|
This option also enables support for single files larger than
|
|
2TB.
|
|
|
|
The ext4 filesystem requires that this feature be enabled in
|
|
order to support filesystems that have the huge_file feature
|
|
enabled. Otherwise, it will refuse to mount in the read-write
|
|
mode any filesystems that use the huge_file feature, which is
|
|
enabled by default by mke2fs.ext4.
|
|
|
|
The GFS2 filesystem also requires this feature.
|
|
|
|
If unsure, say Y.
|
|
|
|
config BLK_SCSI_REQUEST
|
|
bool
|
|
|
|
config BLK_DEV_BSG
|
|
bool "Block layer SG support v4"
|
|
default y
|
|
select BLK_SCSI_REQUEST
|
|
help
|
|
Saying Y here will enable generic SG (SCSI generic) v4 support
|
|
for any block device.
|
|
|
|
Unlike SG v3 (aka block/scsi_ioctl.c drivers/scsi/sg.c), SG v4
|
|
can handle complicated SCSI commands: tagged variable length cdbs
|
|
with bidirectional data transfers and generic request/response
|
|
protocols (e.g. Task Management Functions and SMP in Serial
|
|
Attached SCSI).
|
|
|
|
This option is required by recent UDEV versions to properly
|
|
access device serial numbers, etc.
|
|
|
|
If unsure, say Y.
|
|
|
|
config BLK_DEV_BSGLIB
|
|
bool "Block layer SG support v4 helper lib"
|
|
default n
|
|
select BLK_DEV_BSG
|
|
select BLK_SCSI_REQUEST
|
|
help
|
|
Subsystems will normally enable this if needed. Users will not
|
|
normally need to manually enable this.
|
|
|
|
If unsure, say N.
|
|
|
|
config BLK_DEV_INTEGRITY
|
|
bool "Block layer data integrity support"
|
|
select CRC_T10DIF if BLK_DEV_INTEGRITY
|
|
---help---
|
|
Some storage devices allow extra information to be
|
|
stored/retrieved to help protect the data. The block layer
|
|
data integrity option provides hooks which can be used by
|
|
filesystems to ensure better data integrity.
|
|
|
|
Say yes here if you have a storage device that provides the
|
|
T10/SCSI Data Integrity Field or the T13/ATA External Path
|
|
Protection. If in doubt, say N.
|
|
|
|
config BLK_DEV_ZONED
|
|
bool "Zoned block device support"
|
|
---help---
|
|
Block layer zoned block device support. This option enables
|
|
support for ZAC/ZBC host-managed and host-aware zoned block devices.
|
|
|
|
Say yes here if you have a ZAC or ZBC storage device.
|
|
|
|
config BLK_DEV_THROTTLING
|
|
bool "Block layer bio throttling support"
|
|
depends on BLK_CGROUP=y
|
|
default n
|
|
---help---
|
|
Block layer bio throttling support. It can be used to limit
|
|
the IO rate to a device. IO rate policies are per cgroup and
|
|
one needs to mount and use blkio cgroup controller for creating
|
|
cgroups and specifying per device IO rate policies.
|
|
|
|
See Documentation/cgroups/blkio-controller.txt for more information.
|
|
|
|
config BLK_DEV_THROTTLING_LOW
|
|
bool "Block throttling .low limit interface support (EXPERIMENTAL)"
|
|
depends on BLK_DEV_THROTTLING
|
|
default n
|
|
---help---
|
|
Add .low limit interface for block throttling. The low limit is a best
|
|
effort limit to prioritize cgroups. Depending on the setting, the limit
|
|
can be used to protect cgroups in terms of bandwidth/iops and better
|
|
utilize disk resource.
|
|
|
|
Note, this is an experimental interface and could be changed someday.
|
|
|
|
config BLK_CMDLINE_PARSER
|
|
bool "Block device command line partition parser"
|
|
default n
|
|
---help---
|
|
Enabling this option allows you to specify the partition layout from
|
|
the kernel boot args. This is typically of use for embedded devices
|
|
which don't otherwise have any standardized method for listing the
|
|
partitions on a block device.
|
|
|
|
See Documentation/block/cmdline-partition.txt for more information.
|
|
|
|
config BLK_WBT
|
|
bool "Enable support for block device writeback throttling"
|
|
default n
|
|
---help---
|
|
Enabling this option enables the block layer to throttle buffered
|
|
background writeback from the VM, making it more smooth and having
|
|
less impact on foreground operations. The throttling is done
|
|
dynamically on an algorithm loosely based on CoDel, factoring in
|
|
the realtime performance of the disk.
|
|
|
|
config BLK_WBT_SQ
|
|
bool "Single queue writeback throttling"
|
|
default n
|
|
depends on BLK_WBT
|
|
---help---
|
|
Enable writeback throttling by default on legacy single queue devices
|
|
|
|
config BLK_WBT_MQ
|
|
bool "Multiqueue writeback throttling"
|
|
default y
|
|
depends on BLK_WBT
|
|
---help---
|
|
Enable writeback throttling by default on multiqueue devices.
|
|
Multiqueue currently doesn't have support for IO scheduling,
|
|
enabling this option is recommended.
|
|
|
|
config BLK_DEBUG_FS
|
|
bool "Block layer debugging information in debugfs"
|
|
default y
|
|
depends on DEBUG_FS
|
|
---help---
|
|
Include block layer debugging information in debugfs. This information
|
|
is mostly useful for kernel developers, but it doesn't incur any cost
|
|
at runtime.
|
|
|
|
Unless you are building a kernel for a tiny system, you should
|
|
say Y here.
|
|
|
|
config BLK_SED_OPAL
|
|
bool "Logic for interfacing with Opal enabled SEDs"
|
|
---help---
|
|
Builds Logic for interfacing with Opal enabled controllers.
|
|
Enabling this option enables users to setup/unlock/lock
|
|
Locking ranges for SED devices using the Opal protocol.
|
|
|
|
config BLK_INLINE_ENCRYPTION
|
|
bool "Enable inline encryption support in block layer"
|
|
help
|
|
Build the blk-crypto subsystem. Enabling this lets the
|
|
block layer handle encryption, so users can take
|
|
advantage of inline encryption hardware if present.
|
|
|
|
config BLK_INLINE_ENCRYPTION_FALLBACK
|
|
bool "Enable crypto API fallback for blk-crypto"
|
|
depends on BLK_INLINE_ENCRYPTION
|
|
select CRYPTO
|
|
select CRYPTO_BLKCIPHER
|
|
help
|
|
Enabling this lets the block layer handle inline encryption
|
|
by falling back to the kernel crypto API when inline
|
|
encryption hardware is not present.
|
|
|
|
menu "Partition Types"
|
|
|
|
source "block/partitions/Kconfig"
|
|
|
|
endmenu
|
|
|
|
endif # BLOCK
|
|
|
|
config BLOCK_COMPAT
|
|
bool
|
|
depends on BLOCK && COMPAT
|
|
default y
|
|
|
|
config BLK_MQ_PCI
|
|
bool
|
|
depends on BLOCK && PCI
|
|
default y
|
|
|
|
config BLK_MQ_VIRTIO
|
|
bool
|
|
depends on BLOCK && VIRTIO
|
|
default y
|
|
|
|
config BLK_MQ_RDMA
|
|
bool
|
|
depends on BLOCK && INFINIBAND
|
|
default y
|
|
|
|
source block/Kconfig.iosched
|