From: Eric Biggers <ebiggers@kernel.org>
To: Satya Tangirala <satyat@google.com>
Cc: linux-block@vger.kernel.org, linux-scsi@vger.kernel.org,
linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-ext4@vger.kernel.org,
Barani Muthukumaran <bmuthuku@qti.qualcomm.com>,
Kuohong Wang <kuohong.wang@mediatek.com>,
Kim Boojin <boojin.kim@samsung.com>
Subject: Re: [PATCH v9 09/11] fscrypt: add inline encryption support
Date: Wed, 25 Mar 2020 22:45:36 -0700 [thread overview]
Message-ID: <20200326054536.GD858@sol.localdomain> (raw)
In-Reply-To: <20200326030702.223233-10-satyat@google.com>
On Wed, Mar 25, 2020 at 08:07:00PM -0700, Satya Tangirala wrote:
> +/* Enable inline encryption for this file if supported. */
> +void fscrypt_select_encryption_impl(struct fscrypt_info *ci)
> +{
> + const struct inode *inode = ci->ci_inode;
> + struct super_block *sb = inode->i_sb;
> +
> + /* The file must need contents encryption, not filenames encryption */
> + if (!fscrypt_needs_contents_encryption(inode))
> + return;
> +
> + /* blk-crypto must implement the needed encryption algorithm */
> + if (ci->ci_mode->blk_crypto_mode == BLK_ENCRYPTION_MODE_INVALID)
> + return;
> +
> + /* The filesystem must be mounted with -o inlinecrypt */
> + if (!(sb->s_flags & SB_INLINECRYPT))
> + return;
> +
> + ci->ci_inlinecrypt = true;
> +}
A bug I came across last week when writing a new test is that '-o inlinecrypt'
can break some fscrypt settings because it enables blk-crypto even when
CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK is unset and the hardware doesn't support
the algorithm. For example, adding '-o inlinecrypt' can make Adiantum-encrypted
files stop working, due to the hardware only supporting AES-XTS.
That's undesirable. Adding '-o inlinecrypt' should just make inline encryption
be used where it can, and not break anything.
To fix this, we should make fscrypt_select_encryption_impl() only set
->ci_inlinecrypt if either blk-crypto-fallback is enabled or if all the
filesystem's devices support the algorithm.
In v7+ of this patchset, this is a bit tricky because now
blk_ksm_crypto_key_supported() takes in a 'struct blk_crypto_key', which
fscrypt_select_encryption_impl() doesn't have available yet. Perhaps make
blk_ksm_crypto_key_supported() a wrapper around a function like
blk_ksm_crypto_setting_supported() that takes a new struct:
struct blk_crypto_setting {
enum blk_crypto_mode_num crypto_mode;
unsigned int data_unit_size;
unsigned int dun_bytes;
};
Then maybe add blk_crypto_setting_supported() which returns true if either
blk_ksm_crypto_key_supported() *or* blk-crypto-fallback is enabled.
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Satya Tangirala <satyat@google.com>
Cc: linux-scsi@vger.kernel.org, Kim Boojin <boojin.kim@samsung.com>,
Kuohong Wang <kuohong.wang@mediatek.com>,
Barani Muthukumaran <bmuthuku@qti.qualcomm.com>,
linux-f2fs-devel@lists.sourceforge.net,
linux-block@vger.kernel.org, linux-fscrypt@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org
Subject: Re: [f2fs-dev] [PATCH v9 09/11] fscrypt: add inline encryption support
Date: Wed, 25 Mar 2020 22:45:36 -0700 [thread overview]
Message-ID: <20200326054536.GD858@sol.localdomain> (raw)
In-Reply-To: <20200326030702.223233-10-satyat@google.com>
On Wed, Mar 25, 2020 at 08:07:00PM -0700, Satya Tangirala wrote:
> +/* Enable inline encryption for this file if supported. */
> +void fscrypt_select_encryption_impl(struct fscrypt_info *ci)
> +{
> + const struct inode *inode = ci->ci_inode;
> + struct super_block *sb = inode->i_sb;
> +
> + /* The file must need contents encryption, not filenames encryption */
> + if (!fscrypt_needs_contents_encryption(inode))
> + return;
> +
> + /* blk-crypto must implement the needed encryption algorithm */
> + if (ci->ci_mode->blk_crypto_mode == BLK_ENCRYPTION_MODE_INVALID)
> + return;
> +
> + /* The filesystem must be mounted with -o inlinecrypt */
> + if (!(sb->s_flags & SB_INLINECRYPT))
> + return;
> +
> + ci->ci_inlinecrypt = true;
> +}
A bug I came across last week when writing a new test is that '-o inlinecrypt'
can break some fscrypt settings because it enables blk-crypto even when
CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK is unset and the hardware doesn't support
the algorithm. For example, adding '-o inlinecrypt' can make Adiantum-encrypted
files stop working, due to the hardware only supporting AES-XTS.
That's undesirable. Adding '-o inlinecrypt' should just make inline encryption
be used where it can, and not break anything.
To fix this, we should make fscrypt_select_encryption_impl() only set
->ci_inlinecrypt if either blk-crypto-fallback is enabled or if all the
filesystem's devices support the algorithm.
In v7+ of this patchset, this is a bit tricky because now
blk_ksm_crypto_key_supported() takes in a 'struct blk_crypto_key', which
fscrypt_select_encryption_impl() doesn't have available yet. Perhaps make
blk_ksm_crypto_key_supported() a wrapper around a function like
blk_ksm_crypto_setting_supported() that takes a new struct:
struct blk_crypto_setting {
enum blk_crypto_mode_num crypto_mode;
unsigned int data_unit_size;
unsigned int dun_bytes;
};
Then maybe add blk_crypto_setting_supported() which returns true if either
blk_ksm_crypto_key_supported() *or* blk-crypto-fallback is enabled.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-03-26 5:45 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-26 3:06 [PATCH v9 00/11] Inline Encryption Support Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 3:06 ` [PATCH v9 01/11] block: Keyslot Manager for Inline Encryption Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 6:22 ` Eric Biggers
2020-03-26 6:22 ` [f2fs-dev] " Eric Biggers
2020-03-27 17:00 ` Christoph Hellwig
2020-03-27 17:00 ` [f2fs-dev] " Christoph Hellwig
2020-03-26 3:06 ` [PATCH v9 02/11] block: Inline encryption support for blk-mq Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 20:05 ` Eric Biggers
2020-03-26 20:05 ` [f2fs-dev] " Eric Biggers
2020-03-27 17:05 ` Christoph Hellwig
2020-03-27 17:05 ` [f2fs-dev] " Christoph Hellwig
2020-03-26 3:06 ` [PATCH v9 03/11] block: Make blk-integrity preclude hardware inline encryption Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 3:06 ` [PATCH v9 04/11] block: blk-crypto-fallback for Inline Encryption Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 20:28 ` Eric Biggers
2020-03-26 20:28 ` [f2fs-dev] " Eric Biggers
2020-03-26 3:06 ` [PATCH v9 05/11] scsi: ufs: UFS driver v2.1 spec crypto additions Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 3:06 ` [PATCH v9 06/11] scsi: ufs: UFS crypto API Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 5:07 ` Eric Biggers
2020-03-26 5:07 ` [f2fs-dev] " Eric Biggers
2020-03-26 3:06 ` [PATCH v9 07/11] scsi: ufs: Add inline encryption support to UFS Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 5:09 ` Eric Biggers
2020-03-26 5:09 ` [f2fs-dev] " Eric Biggers
2020-03-26 3:06 ` [PATCH v9 08/11] fs: introduce SB_INLINECRYPT Satya Tangirala
2020-03-26 3:06 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 5:56 ` Eric Biggers
2020-03-26 5:56 ` [f2fs-dev] " Eric Biggers
2020-03-26 3:07 ` [PATCH v9 09/11] fscrypt: add inline encryption support Satya Tangirala
2020-03-26 3:07 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 5:45 ` Eric Biggers [this message]
2020-03-26 5:45 ` Eric Biggers
2020-03-26 3:07 ` [PATCH v9 10/11] f2fs: " Satya Tangirala
2020-03-26 3:07 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 3:07 ` [PATCH v9 11/11] ext4: " Satya Tangirala
2020-03-26 3:07 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-26 3:32 ` [PATCH v9 00/11] Inline Encryption Support Eric Biggers
2020-03-26 3:32 ` [f2fs-dev] " Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200326054536.GD858@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=bmuthuku@qti.qualcomm.com \
--cc=boojin.kim@samsung.com \
--cc=kuohong.wang@mediatek.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=satyat@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.