From: Milan Broz <firstname.lastname@example.org>
To: Eric Biggers <email@example.com>
Cc: Israel Rukshin <firstname.lastname@example.org>,
Max Gurtovoy <email@example.com>,
dm-devel <firstname.lastname@example.org>, Nitzan Carmi <email@example.com>
Subject: Re: [dm-devel] [RFC PATCH 0/1] Add inline encryption support for dm-crypt
Date: Sat, 15 Jan 2022 10:22:26 +0100 [thread overview]
Message-ID: <firstname.lastname@example.org> (raw)
On 14/01/2022 23:27, Eric Biggers wrote:
> On Fri, Jan 14, 2022 at 09:51:20PM +0100, Milan Broz wrote:
>> On 13/01/2022 19:09, Israel Rukshin wrote:
>>> I am working to add support for inline encryption/decryption
>>> at storage protocols like nvmf over RDMA. The HW that I am
>>> working with is ConnecX-6 Dx, which supports inline crypto
>>> and can send the data on the fabric at the same time.
>> This idea comes from time to time, and it makes dm-crypt bloated,
>> and mainly it moves responsibility for encryption to block layer
>> It adds two completely different sector encryption paths there.
>> Also, see my comments here (for similar patches)
>> I think dm-crypt should stay as SW crypto only (using kernel crypto API,
>> so HW acceleration is done through crypto drivers there).
>> A cleaner solution is to write a much simpler new dm-crypt-inline target,
>> which will implement only inline encryption.
>> (And userspace can decide which target to use.)
>> Code should be just an extension to the dm-linear target, most
>> of dm-crypt complexity is not needed here.
>> Also, please think about configuration - how do you want to configure it?
>> Just my opinion, it is, of course, up to DM maintainer if he takes such patches.
> IMO, adding inline encryption support to dm-crypt would be fine. Normally,
> blk-crypto is just an alternate implementation of encryption/decryption. I'm
> not sure that a separate dm target is warranted just because of a different
> implementation, as opposed to different *behavior*. (Support for wrapped keys
> does complicate things a bit, as they do change behavior.) But, I'd also be
> fine with a separate dm target if the dm maintainers prefer that route.
I would expect some issues with FIPS people here (currently, it is handled
by enabling various crypto API drivers) about crypto boundaries and such stuff.
But it is up to the corporate people, not me.
Sadly, nobody did try to push some device-mapper functionality into the block layer.
Then inline encryption can be just a block device configuration or whatever....
(discussed in 2010 or so... https://lwn.net/Articles/400589/)
I would prefer to separate SW FDE (dm-crypt, as it is) and a target that delegates
encryption to the block layer (inline encryption).
But it is just cryptsetup's maintainer view, as we have already too complex
detection which features can be enabled on various kernel configs, etc.
> Note that in the Android Common Kernels, there is already a dm target called
> "dm-default-key" which uses dm-crypt compatible syntax but uses blk-crypto
> (inline encryption) rather than the crypto API:
Any plans to submit this to mainline? Or it is just too controversial?
> It differs slightly from what is being proposed here in that dm-default-key's
> purpose is to implement filesystem "metadata encryption", so it has logic to
> skip encrypting blocks that have their encryption controlled at the filesystem
> level due to being part of an encrypted file's contents. I expect that logic
> would be unacceptable upstream, as it's a layering violation. (The long-term
> plan is to handle metadata encryption entirely at the filesystem level instead.)
Well, I wish that we have strong authenticated encryption in filesystem even for
metadata, where it fits better in the fist place....
But fscrypt is still not here (or am I mistaken?)
dm-devel mailing list
next prev parent reply other threads:[~2022-01-15 9:22 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-13 18:09 [dm-devel] [RFC PATCH 0/1] Add inline encryption support for dm-crypt Israel Rukshin
2022-01-13 18:09 ` [dm-devel] [PATCH 1/1] dm crypt: Add inline encryption support Israel Rukshin
2022-01-14 8:06 ` Damien Le Moal
2022-01-14 8:14 ` Damien Le Moal
2022-01-16 10:29 ` Israel Rukshin
2022-01-13 21:22 ` [dm-devel] [RFC PATCH 0/1] Add inline encryption support for dm-crypt Bart Van Assche
2022-01-14 20:51 ` Milan Broz
2022-01-14 22:27 ` Eric Biggers
2022-01-15 9:22 ` Milan Broz [this message]
2022-01-18 19:38 ` Eric Biggers
2022-01-19 5:18 ` Christoph Hellwig
2022-01-17 7:52 ` Christoph Hellwig
2022-01-17 10:50 ` Milan Broz
2022-01-17 14:00 ` Israel Rukshin
2022-01-18 16:45 ` Christoph Hellwig
2022-01-18 20:27 ` Eric Biggers
2022-01-19 5:15 ` Christoph Hellwig
2022-01-14 22:49 ` Eric Biggers
2022-01-16 10:15 ` Israel Rukshin
2022-01-18 20:02 ` Eric Biggers
2022-01-19 15:45 ` Israel Rukshin
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.