From: Satya Tangirala <satyat@google.com> To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Satya Tangirala <satyat@google.com> Subject: [PATCH v4 7/7] fscrypt: update documentation for direct I/O support Date: Mon, 20 Jul 2020 23:37:39 +0000 [thread overview] Message-ID: <20200720233739.824943-8-satyat@google.com> (raw) In-Reply-To: <20200720233739.824943-1-satyat@google.com> Update fscrypt documentation to reflect the addition of direct I/O support and document the necessary conditions for direct I/O on encrypted files. Signed-off-by: Satya Tangirala <satyat@google.com> --- Documentation/filesystems/fscrypt.rst | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index ec81598477fc..5367c03b17bb 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -1049,8 +1049,10 @@ astute users may notice some differences in behavior: may be used to overwrite the source files but isn't guaranteed to be effective on all filesystems and storage devices. -- Direct I/O is not supported on encrypted files. Attempts to use - direct I/O on such files will fall back to buffered I/O. +- Direct I/O is supported on encrypted files only under some + circumstances (see `Direct I/O support`_ for details). When these + circumstances are not met, attempts to use direct I/O on encrypted + files will fall back to buffered I/O. - The fallocate operations FALLOC_FL_COLLAPSE_RANGE and FALLOC_FL_INSERT_RANGE are not supported on encrypted files and will @@ -1123,6 +1125,20 @@ It is not currently possible to backup and restore encrypted files without the encryption key. This would require special APIs which have not yet been implemented. +Direct I/O support +================== + +Direct I/O on encrypted files is supported through blk-crypto. In +particular, this means the kernel must have CONFIG_BLK_INLINE_ENCRYPTION +enabled, the filesystem must have had the 'inlinecrypt' mount option +specified, and either hardware inline encryption must be present, or +CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK must have been enabled. Further, +any I/O must be aligned to the filesystem block size (*not* necessarily +the same as the block device's block size) - in particular, any userspace +buffer into which data is read/written from must also be aligned to the +filesystem block size. If any of these conditions isn't met, attempts to do +direct I/O on an encrypted file will fall back to buffered I/O. + Encryption policy enforcement ============================= -- 2.28.0.rc0.105.gf9edc3c819-goog
WARNING: multiple messages have this Message-ID (diff)
From: Satya Tangirala via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net> To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Satya Tangirala <satyat@google.com> Subject: [f2fs-dev] [PATCH v4 7/7] fscrypt: update documentation for direct I/O support Date: Mon, 20 Jul 2020 23:37:39 +0000 [thread overview] Message-ID: <20200720233739.824943-8-satyat@google.com> (raw) In-Reply-To: <20200720233739.824943-1-satyat@google.com> Update fscrypt documentation to reflect the addition of direct I/O support and document the necessary conditions for direct I/O on encrypted files. Signed-off-by: Satya Tangirala <satyat@google.com> --- Documentation/filesystems/fscrypt.rst | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index ec81598477fc..5367c03b17bb 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -1049,8 +1049,10 @@ astute users may notice some differences in behavior: may be used to overwrite the source files but isn't guaranteed to be effective on all filesystems and storage devices. -- Direct I/O is not supported on encrypted files. Attempts to use - direct I/O on such files will fall back to buffered I/O. +- Direct I/O is supported on encrypted files only under some + circumstances (see `Direct I/O support`_ for details). When these + circumstances are not met, attempts to use direct I/O on encrypted + files will fall back to buffered I/O. - The fallocate operations FALLOC_FL_COLLAPSE_RANGE and FALLOC_FL_INSERT_RANGE are not supported on encrypted files and will @@ -1123,6 +1125,20 @@ It is not currently possible to backup and restore encrypted files without the encryption key. This would require special APIs which have not yet been implemented. +Direct I/O support +================== + +Direct I/O on encrypted files is supported through blk-crypto. In +particular, this means the kernel must have CONFIG_BLK_INLINE_ENCRYPTION +enabled, the filesystem must have had the 'inlinecrypt' mount option +specified, and either hardware inline encryption must be present, or +CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK must have been enabled. Further, +any I/O must be aligned to the filesystem block size (*not* necessarily +the same as the block device's block size) - in particular, any userspace +buffer into which data is read/written from must also be aligned to the +filesystem block size. If any of these conditions isn't met, attempts to do +direct I/O on an encrypted file will fall back to buffered I/O. + Encryption policy enforcement ============================= -- 2.28.0.rc0.105.gf9edc3c819-goog _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-07-20 23:38 UTC|newest] Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-07-20 23:37 [PATCH v4 0/7] add support for direct I/O with fscrypt using blk-crypto Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-20 23:37 ` [PATCH v4 1/7] fscrypt: Add functions for direct I/O support Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:04 ` Jaegeuk Kim 2020-07-22 17:04 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 2/7] direct-io: add support for fscrypt using blk-crypto Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:05 ` Jaegeuk Kim 2020-07-22 17:05 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 3/7] iomap: support direct I/O with " Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:06 ` Jaegeuk Kim 2020-07-22 17:06 ` [f2fs-dev] " Jaegeuk Kim 2020-07-22 21:16 ` Dave Chinner 2020-07-22 21:16 ` [f2fs-dev] " Dave Chinner 2020-07-22 22:34 ` Eric Biggers 2020-07-22 22:34 ` [f2fs-dev] " Eric Biggers 2020-07-22 22:44 ` Matthew Wilcox 2020-07-22 22:44 ` [f2fs-dev] " Matthew Wilcox 2020-07-22 23:12 ` Eric Biggers 2020-07-22 23:12 ` [f2fs-dev] " Eric Biggers 2020-07-22 23:26 ` Eric Biggers 2020-07-22 23:26 ` [f2fs-dev] " Eric Biggers 2020-07-22 23:32 ` Darrick J. Wong 2020-07-22 23:32 ` [f2fs-dev] " Darrick J. Wong 2020-07-22 23:43 ` Eric Biggers 2020-07-22 23:43 ` [f2fs-dev] " Eric Biggers 2020-07-23 22:07 ` Dave Chinner 2020-07-23 22:07 ` [f2fs-dev] " Dave Chinner 2020-07-23 23:03 ` Eric Biggers 2020-07-23 23:03 ` [f2fs-dev] " Eric Biggers 2020-07-24 1:39 ` Dave Chinner 2020-07-24 1:39 ` [f2fs-dev] " Dave Chinner 2020-07-24 3:46 ` Eric Biggers 2020-07-24 3:46 ` [f2fs-dev] " Eric Biggers 2020-07-24 5:31 ` Dave Chinner 2020-07-24 5:31 ` [f2fs-dev] " Dave Chinner 2020-07-24 17:41 ` Eric Biggers 2020-07-24 17:41 ` [f2fs-dev] " Eric Biggers 2020-07-25 23:47 ` Dave Chinner 2020-07-25 23:47 ` [f2fs-dev] " Dave Chinner 2020-07-25 23:59 ` Dave Chinner 2020-07-25 23:59 ` [f2fs-dev] " Dave Chinner 2020-07-26 2:42 ` Eric Biggers 2020-07-26 2:42 ` [f2fs-dev] " Eric Biggers 2020-07-27 17:16 ` Eric Biggers 2020-07-27 17:16 ` [f2fs-dev] " Eric Biggers 2020-07-20 23:37 ` [PATCH v4 4/7] ext4: " Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:07 ` Jaegeuk Kim 2020-07-22 17:07 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 5/7] f2fs: " Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-21 20:11 ` Jaegeuk Kim 2020-07-21 20:11 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 6/7] fscrypt: document inline encryption support Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:01 ` Jaegeuk Kim 2020-07-22 17:01 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` Satya Tangirala [this message] 2020-07-20 23:37 ` [f2fs-dev] [PATCH v4 7/7] fscrypt: update documentation for direct I/O support Satya Tangirala via Linux-f2fs-devel 2020-07-21 0:47 ` Eric Biggers 2020-07-21 0:47 ` [f2fs-dev] " Eric Biggers 2020-07-22 16:57 ` Jaegeuk Kim 2020-07-22 16:57 ` [f2fs-dev] " Jaegeuk Kim 2020-07-21 0:56 ` [PATCH v4 0/7] add support for direct I/O with fscrypt using blk-crypto Eric Biggers 2020-07-21 0:56 ` [f2fs-dev] " Eric Biggers
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200720233739.824943-8-satyat@google.com \ --to=satyat@google.com \ --cc=linux-ext4@vger.kernel.org \ --cc=linux-f2fs-devel@lists.sourceforge.net \ --cc=linux-fscrypt@vger.kernel.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-xfs@vger.kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.