disk_crypt_resources/
lib.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4//! Resources for the encrypted disk device.
5
6#![forbid(unsafe_code)]
7
8use mesh::MeshPayload;
9use vm_resource::Resource;
10use vm_resource::ResourceId;
11use vm_resource::kind::DiskHandleKind;
12
13/// A handle to an encrypted disk.
14#[derive(MeshPayload)]
15pub struct DiskCryptHandle {
16    /// The inner disk.
17    pub disk: Resource<DiskHandleKind>,
18    /// The cipher to use for encryption.
19    pub cipher: Cipher,
20    /// The key. This must be appropriately sized for the cipher.
21    pub key: Vec<u8>,
22}
23
24impl ResourceId<DiskHandleKind> for DiskCryptHandle {
25    const ID: &'static str = "crypt";
26}
27
28/// The cipher to use to encrypt the payload.
29#[derive(MeshPayload)]
30pub enum Cipher {
31    /// XTS-AES-256, using the disk sector number as the tweak value (equivalent
32    /// to and compatible with dm-crypt's "aes-xts-plain64").
33    ///
34    /// This requires a 512-bit key.
35    XtsAes256,
36}