disk_crypt_resources/
lib.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.

//! Resources for the encrypted disk device.

use mesh::MeshPayload;
use vm_resource::Resource;
use vm_resource::ResourceId;
use vm_resource::kind::DiskHandleKind;

/// A handle to an encrypted disk.
#[derive(MeshPayload)]
pub struct DiskCryptHandle {
    /// The inner disk.
    pub disk: Resource<DiskHandleKind>,
    /// The cipher to use for encryption.
    pub cipher: Cipher,
    /// The key. This must be appropriately sized for the cipher.
    pub key: Vec<u8>,
}

impl ResourceId<DiskHandleKind> for DiskCryptHandle {
    const ID: &'static str = "crypt";
}

/// The cipher to use to encrypt the payload.
#[derive(MeshPayload)]
pub enum Cipher {
    /// XTS-AES-256, using the disk sector number as the tweak value (equivalent
    /// to and compatible with dm-crypt's "aes-xts-plain64").
    ///
    /// This requires a 512-bit key.
    XtsAes256,
}