linux-dev/fs/crypto, branch linus/masterLinux kernel development work - see feature brancheshttps://git.zx2c4.com/linux-dev/atom/fs/crypto?h=linus%2Fmaster2022-05-09T23:18:54Zfscrypt: add new helper functions for test_dummy_encryption2022-05-09T23:18:54ZEric Biggersebiggers@google.com2022-05-01T05:08:54Zurn:sha1:218d921b581eadf312c8ef0e09113b111f104eeb
Unfortunately the design of fscrypt_set_test_dummy_encryption() doesn't
work properly for the new mount API, as it combines too many steps into
one function:
- Parse the argument to test_dummy_encryption
- Check the setting against the filesystem instance
- Apply the setting to the filesystem instance
The new mount API has split these into separate steps. ext4 partially
worked around this by duplicating some of the logic, but it still had
some bugs. To address this, add some new helper functions that split up
the steps of fscrypt_set_test_dummy_encryption():
- fscrypt_parse_test_dummy_encryption()
- fscrypt_dummy_policies_equal()
- fscrypt_add_test_dummy_key()
While we're add it, also add a function fscrypt_is_dummy_policy_set()
which will be useful to avoid some #ifdef's.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20220501050857.538984-5-ebiggers@kernel.org
fscrypt: factor out fscrypt_policy_to_key_spec()2022-05-09T23:18:54ZEric Biggersebiggers@google.com2022-05-01T05:08:53Zurn:sha1:bfb9700bdf35417454a9bb8b67221d89d7c6e75a
Factor out a function that builds the fscrypt_key_specifier for an
fscrypt_policy. Before this was only needed when finding the key for a
file, but now it will also be needed for test_dummy_encryption support.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20220501050857.538984-4-ebiggers@kernel.org
fscrypt: log when starting to use inline encryption2022-04-14T05:35:25ZEric Biggersebiggers@google.com2022-04-14T05:34:15Zurn:sha1:a7a5bc5fe8acc9381e38a34ef18f1115c5c22079
When inline encryption is used, the usual message "fscrypt: AES-256-XTS
using implementation <impl>" doesn't appear in the kernel log. Add a
similar message for the blk-crypto case that indicates that inline
encryption was used, and whether blk-crypto-fallback was used or not.
This can be useful for debugging performance problems.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20220414053415.158986-1-ebiggers@kernel.org
fscrypt: split up FS_CRYPTO_BLOCK_SIZE2022-04-13T22:03:09ZEric Biggersebiggers@google.com2022-04-05T01:09:14Zurn:sha1:63cec1389e116ae0e2a15e612a5b49651e04be3f
FS_CRYPTO_BLOCK_SIZE is neither the filesystem block size nor the
granularity of encryption. Rather, it defines two logically separate
constraints that both arise from the block size of the AES cipher:
- The alignment required for the lengths of file contents blocks
- The minimum input/output length for the filenames encryption modes
Since there are way too many things called the "block size", and the
connection with the AES block size is not easily understood, split
FS_CRYPTO_BLOCK_SIZE into two constants FSCRYPT_CONTENTS_ALIGNMENT and
FSCRYPT_FNAME_MIN_MSG_LEN that more clearly describe what they are.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20220405010914.18519-1-ebiggers@kernel.org
fs: Remove ->readpages address space operation2022-04-01T17:45:33ZMatthew Wilcox (Oracle)willy@infradead.org2022-03-24T01:29:04Zurn:sha1:704528d895dd3e7b173e672116b4eb2b0a0fceb0
All filesystems have now been converted to use ->readahead, so
remove the ->readpages operation and fix all the comments that
used to refer to it.
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Merge tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt2022-03-22T16:50:16ZLinus Torvaldstorvalds@linux-foundation.org2022-03-22T16:50:16Zurn:sha1:881b568756ae55ce7d87b9f001cbbe9d1289893e
Pull fscrypt updates from Eric Biggers:
"Add support for direct I/O on encrypted files when blk-crypto (inline
encryption) is being used for file contents encryption"
* tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt:
fscrypt: update documentation for direct I/O support
f2fs: support direct I/O with fscrypt using blk-crypto
ext4: support direct I/O with fscrypt using blk-crypto
iomap: support direct I/O with fscrypt using blk-crypto
fscrypt: add functions for direct I/O support
fscrypt: add functions for direct I/O support2022-02-08T19:02:04ZEric Biggersebiggers@google.com2022-01-28T23:39:36Zurn:sha1:c6c89783eba05a5e159b07cfd8c68d841cc5de42
Encrypted files traditionally haven't supported DIO, due to the need to
encrypt/decrypt the data. However, when the encryption is implemented
using inline encryption (blk-crypto) instead of the traditional
filesystem-layer encryption, it is straightforward to support DIO.
In preparation for supporting this, add the following functions:
- fscrypt_dio_supported() checks whether a DIO request is supported as
far as encryption is concerned. Encrypted files will only support DIO
when inline encryption is used and the I/O request is properly
aligned; this function checks these preconditions.
- fscrypt_limit_io_blocks() limits the length of a bio to avoid crossing
a place in the file that a bio with an encryption context cannot
cross due to a DUN discontiguity. This function is needed by
filesystems that use the iomap DIO implementation (which operates
directly on logical ranges, so it won't use fscrypt_mergeable_bio())
and that support FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32.
Co-developed-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Satya Tangirala <satyat@google.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20220128233940.79464-2-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
block: pass a block_device and opf to bio_reset2022-02-02T14:50:00ZChristoph Hellwighch@lst.de2022-01-24T09:11:07Zurn:sha1:a7c50c940477bae89fb2b4f51bd969a2d95d7512
Pass the block_device that we plan to use this bio for and the
operation to bio_reset to optimize the assigment. A NULL block_device
can be passed, both for the passthrough case on a raw request_queue and
to temporarily avoid refactoring some nasty code.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Link: https://lore.kernel.org/r/20220124091107.642561-20-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
block: pass a block_device and opf to bio_alloc2022-02-02T14:49:59ZChristoph Hellwighch@lst.de2022-01-24T09:11:05Zurn:sha1:07888c665b405b1cd3577ddebfeb74f4717a84c4
Pass the block_device and operation that we plan to use this bio for to
bio_alloc to optimize the assignment. NULL/0 can be passed, both for the
passthrough case on a raw request_queue and to temporarily avoid
refactoring some nasty code.
Also move the gfp_mask argument after the nr_vecs argument for a much
more logical calling convention matching what most of the kernel does.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Link: https://lore.kernel.org/r/20220124091107.642561-18-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
fscrypt: improve a few comments2021-10-26T02:11:50ZEric Biggersebiggers@google.com2021-10-26T02:10:42Zurn:sha1:b7e072f9b77f4c516df96e0c22ec09f8b2e76ba1
Improve a few comments. These were extracted from the patch
"fscrypt: add support for hardware-wrapped keys"
(https://lore.kernel.org/r/20211021181608.54127-4-ebiggers@kernel.org).
Link: https://lore.kernel.org/r/20211026021042.6581-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>