disk_crypt_resources/lib.rs
1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4//! Resources for the encrypted disk device.
5
6#![forbid(unsafe_code)]
7
8use mesh::MeshPayload;
9use vm_resource::Resource;
10use vm_resource::ResourceId;
11use vm_resource::kind::DiskHandleKind;
12
13/// A handle to an encrypted disk.
14#[derive(MeshPayload)]
15pub struct DiskCryptHandle {
16 /// The inner disk.
17 pub disk: Resource<DiskHandleKind>,
18 /// The cipher to use for encryption.
19 pub cipher: Cipher,
20 /// The key. This must be appropriately sized for the cipher.
21 pub key: Vec<u8>,
22}
23
24impl ResourceId<DiskHandleKind> for DiskCryptHandle {
25 const ID: &'static str = "crypt";
26}
27
28/// The cipher to use to encrypt the payload.
29#[derive(MeshPayload)]
30pub enum Cipher {
31 /// XTS-AES-256, using the disk sector number as the tweak value (equivalent
32 /// to and compatible with dm-crypt's "aes-xts-plain64").
33 ///
34 /// This requires a 512-bit key.
35 XtsAes256,
36}