From: Josef Bacik <josef@toxicpanda.com>
To: linux-btrfs@vger.kernel.org, kernel-team@fb.com
Subject: [PATCH v5 32/52] btrfs: setup fscrypt_extent_info for new extents
Date: Wed, 24 Jan 2024 12:18:54 -0500 [thread overview]
Message-ID: <d8ab016d25f70c9365f508af1d8e0b9ab7c09d76.1706116485.git.josef@toxicpanda.com> (raw)
In-Reply-To: <cover.1706116485.git.josef@toxicpanda.com>
New extents for encrypted inodes must have a fscrypt_extent_info, which
has the necessary keys and does all the registration at the block layer
for them. This is passed through all of the infrastructure we've
previously added to make sure the context gets saved properly with the
file extents.
Signed-off-by: Josef Bacik <josef@toxicpanda.com>
---
fs/btrfs/inode.c | 34 +++++++++++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index 7fa38eaa5afd..71098063bb9f 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -7436,6 +7436,16 @@ static struct extent_map *create_io_em(struct btrfs_inode *inode,
if (fscrypt_info) {
extent_map_set_encryption(em, BTRFS_ENCRYPTION_FSCRYPT);
em->fscrypt_info = fscrypt_get_extent_info(fscrypt_info);
+ } else if (IS_ENCRYPTED(&inode->vfs_inode)) {
+ struct fscrypt_extent_info *fscrypt_info;
+
+ extent_map_set_encryption(em, BTRFS_ENCRYPTION_FSCRYPT);
+ fscrypt_info = fscrypt_prepare_new_extent(&inode->vfs_inode);
+ if (IS_ERR(fscrypt_info)) {
+ free_extent_map(em);
+ return ERR_CAST(fscrypt_info);
+ }
+ em->fscrypt_info = fscrypt_info;
} else {
extent_map_set_encryption(em, BTRFS_ENCRYPTION_NONE);
}
@@ -9858,6 +9868,9 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
if (trans)
own_trans = false;
while (num_bytes > 0) {
+ struct fscrypt_extent_info *fscrypt_info = NULL;
+ int encryption_type = BTRFS_ENCRYPTION_NONE;
+
cur_bytes = min_t(u64, num_bytes, SZ_256M);
cur_bytes = max(cur_bytes, min_size);
/*
@@ -9872,6 +9885,20 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
if (ret)
break;
+ if (IS_ENCRYPTED(inode)) {
+ fscrypt_info = fscrypt_prepare_new_extent(inode);
+ if (IS_ERR(fscrypt_info)) {
+ btrfs_dec_block_group_reservations(fs_info,
+ ins.objectid);
+ btrfs_free_reserved_extent(fs_info,
+ ins.objectid,
+ ins.offset, 0);
+ ret = PTR_ERR(fscrypt_info);
+ break;
+ }
+ encryption_type = BTRFS_ENCRYPTION_FSCRYPT;
+ }
+
/*
* We've reserved this space, and thus converted it from
* ->bytes_may_use to ->bytes_reserved. Any error that happens
@@ -9883,7 +9910,8 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
last_alloc = ins.offset;
trans = insert_prealloc_file_extent(trans, BTRFS_I(inode),
- &ins, NULL, cur_offset);
+ &ins, fscrypt_info,
+ cur_offset);
/*
* Now that we inserted the prealloc extent we can finally
* decrement the number of reservations in the block group.
@@ -9893,6 +9921,7 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
btrfs_dec_block_group_reservations(fs_info, ins.objectid);
if (IS_ERR(trans)) {
ret = PTR_ERR(trans);
+ fscrypt_put_extent_info(fscrypt_info);
btrfs_free_reserved_extent(fs_info, ins.objectid,
ins.offset, 0);
break;
@@ -9900,6 +9929,7 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
em = alloc_extent_map();
if (!em) {
+ fscrypt_put_extent_info(fscrypt_info);
btrfs_drop_extent_map_range(BTRFS_I(inode), cur_offset,
cur_offset + ins.offset - 1, false);
btrfs_set_inode_full_sync(BTRFS_I(inode));
@@ -9915,6 +9945,8 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
em->ram_bytes = ins.offset;
em->flags |= EXTENT_FLAG_PREALLOC;
em->generation = trans->transid;
+ em->fscrypt_info = fscrypt_info;
+ extent_map_set_encryption(em, encryption_type);
ret = btrfs_replace_extent_map_range(BTRFS_I(inode), em, true);
free_extent_map(em);
--
2.43.0
next prev parent reply other threads:[~2024-01-24 17:19 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-24 17:18 [PATCH v5 00/52] btrfs: add fscrypt support Josef Bacik
2024-01-24 17:18 ` [PATCH v5 01/52] fscrypt: add per-extent encryption support Josef Bacik
2024-01-24 17:18 ` [PATCH v5 02/52] fscrypt: allow inline encryption for extent based encryption Josef Bacik
2024-01-24 17:18 ` [PATCH v5 03/52] fscrypt: add a fscrypt_inode_open helper Josef Bacik
2024-01-24 17:18 ` [PATCH v5 04/52] fscrypt: conditionally don't wipe mk secret until the last active user is done Josef Bacik
2024-01-24 17:18 ` [PATCH v5 05/52] blk-crypto: add a process bio callback Josef Bacik
2024-01-24 17:18 ` [PATCH v5 06/52] fscrypt: add a process_bio hook to fscrypt_operations Josef Bacik
2024-01-24 17:18 ` [PATCH v5 07/52] fscrypt: expose fscrypt_nokey_name Josef Bacik
2024-01-24 17:18 ` [PATCH v5 08/52] fscrypt: add documentation about extent encryption Josef Bacik
2024-01-24 17:18 ` [PATCH v5 09/52] btrfs: add infrastructure for safe em freeing Josef Bacik
2024-01-24 19:49 ` Boris Burkov
2024-01-24 17:18 ` [PATCH v5 10/52] btrfs: disable various operations on encrypted inodes Josef Bacik
2024-01-24 19:53 ` Boris Burkov
2024-01-24 17:18 ` [PATCH v5 11/52] btrfs: disable verity " Josef Bacik
2024-01-24 19:53 ` Boris Burkov
2024-01-24 17:18 ` [PATCH v5 12/52] btrfs: start using fscrypt hooks Josef Bacik
2024-01-24 17:18 ` [PATCH v5 13/52] btrfs: add inode encryption contexts Josef Bacik
2024-01-24 17:18 ` [PATCH v5 14/52] btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag Josef Bacik
2024-01-24 17:18 ` [PATCH v5 15/52] btrfs: adapt readdir for encrypted and nokey names Josef Bacik
2024-01-24 17:18 ` [PATCH v5 16/52] btrfs: handle " Josef Bacik
2024-01-24 17:18 ` [PATCH v5 17/52] btrfs: implement fscrypt ioctls Josef Bacik
2024-01-24 17:18 ` [PATCH v5 18/52] btrfs: gate encryption behind BTRFS_DEBUG Josef Bacik
2024-01-24 17:18 ` [PATCH v5 19/52] btrfs: select encryption dependencies if FS_ENCRYPTION Josef Bacik
2024-01-24 17:18 ` [PATCH v5 20/52] btrfs: add get_devices hook for fscrypt Josef Bacik
2024-01-24 17:18 ` [PATCH v5 21/52] btrfs: set file extent encryption excplicitly Josef Bacik
2024-01-24 17:18 ` [PATCH v5 22/52] btrfs: add fscrypt_info and encryption_type to extent_map Josef Bacik
2024-01-24 17:18 ` [PATCH v5 23/52] btrfs: add fscrypt_info and encryption_type to ordered_extent Josef Bacik
2024-01-24 17:18 ` [PATCH v5 24/52] btrfs: plumb through setting the fscrypt_info for ordered extents Josef Bacik
2024-01-24 17:18 ` [PATCH v5 25/52] btrfs: plumb the fscrypt extent context through create_io_em Josef Bacik
2024-01-24 17:18 ` [PATCH v5 26/52] btrfs: populate the ordered_extent with the fscrypt context Josef Bacik
2024-01-24 17:18 ` [PATCH v5 27/52] btrfs: keep track of fscrypt info and orig_start for dio reads Josef Bacik
2024-01-24 17:18 ` [PATCH v5 28/52] btrfs: add an optional encryption context to the end of file extents Josef Bacik
2024-01-24 17:18 ` [PATCH v5 29/52] btrfs: explicitly track file extent length for replace and drop Josef Bacik
2024-01-24 17:18 ` [PATCH v5 30/52] btrfs: pass through fscrypt_extent_info to the file extent helpers Josef Bacik
2024-01-24 17:18 ` [PATCH v5 31/52] btrfs: implement the fscrypt extent encryption hooks Josef Bacik
2024-01-24 17:18 ` Josef Bacik [this message]
2024-01-24 17:18 ` [PATCH v5 33/52] btrfs: populate ordered_extent with the orig offset Josef Bacik
2024-01-24 17:18 ` [PATCH v5 34/52] btrfs: set the bio fscrypt context when applicable Josef Bacik
2024-01-24 17:18 ` [PATCH v5 35/52] btrfs: add a bio argument to btrfs_csum_one_bio Josef Bacik
2024-01-24 17:18 ` [PATCH v5 36/52] btrfs: add orig_logical to btrfs_bio Josef Bacik
2024-01-24 17:18 ` [PATCH v5 37/52] btrfs: limit encrypted writes to 256 segments Josef Bacik
2024-01-24 17:19 ` [PATCH v5 38/52] btrfs: implement process_bio cb for fscrypt Josef Bacik
2024-01-24 17:19 ` [PATCH v5 39/52] btrfs: implement read repair for encryption Josef Bacik
2024-01-24 17:19 ` [PATCH v5 40/52] btrfs: add test_dummy_encryption support Josef Bacik
2024-01-24 17:19 ` [PATCH v5 41/52] btrfs: don't rewrite ret from inode_permission Josef Bacik
2024-01-24 17:19 ` [PATCH v5 42/52] btrfs: move inode_to_path higher in backref.c Josef Bacik
2024-01-24 17:19 ` [PATCH v5 43/52] btrfs: make btrfs_ref_to_path handle encrypted filenames Josef Bacik
2024-01-24 17:19 ` [PATCH v5 44/52] btrfs: don't search back for dir inode item in INO_LOOKUP_USER Josef Bacik
2024-01-24 17:19 ` [PATCH v5 45/52] btrfs: deal with encrypted symlinks in send Josef Bacik
2024-01-24 17:19 ` [PATCH v5 46/52] btrfs: decrypt file names for send Josef Bacik
2024-01-24 17:19 ` [PATCH v5 47/52] btrfs: load the inode context before sending writes Josef Bacik
2024-01-24 17:19 ` [PATCH v5 48/52] btrfs: set the appropriate free space settings in reconfigure Josef Bacik
2024-01-24 17:19 ` [PATCH v5 49/52] btrfs: support encryption with log replay Josef Bacik
2024-01-24 17:19 ` [PATCH v5 50/52] btrfs: disable auto defrag on encrypted files Josef Bacik
2024-01-24 17:19 ` [PATCH v5 51/52] btrfs: disable encryption on RAID5/6 Josef Bacik
2024-01-24 17:19 ` [PATCH v5 52/52] btrfs: disable send if we have encryption enabled Josef Bacik
2024-01-24 19:28 ` Boris Burkov
2024-01-24 19:18 ` [PATCH v5 00/52] btrfs: add fscrypt support Neal Gompa
2024-01-24 19:58 ` Josef Bacik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d8ab016d25f70c9365f508af1d8e0b9ab7c09d76.1706116485.git.josef@toxicpanda.com \
--to=josef@toxicpanda.com \
--cc=kernel-team@fb.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).