From: Jaegeuk Kim <jaegeuk@kernel.org> To: Satya Tangirala <satyat@google.com> Cc: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org, linux-xfs@vger.kernel.org, Eric Biggers <ebiggers@google.com> Subject: Re: [PATCH v4 6/7] fscrypt: document inline encryption support Date: Wed, 22 Jul 2020 10:01:44 -0700 [thread overview] Message-ID: <20200722170144.GC3912099@google.com> (raw) In-Reply-To: <20200720233739.824943-7-satyat@google.com> On 07/20, Satya Tangirala wrote: > Update the fscrypt documentation file for inline encryption support. > > Signed-off-by: Satya Tangirala <satyat@google.com> > Reviewed-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> > --- > Documentation/filesystems/fscrypt.rst | 16 +++++++++++++++- > 1 file changed, 15 insertions(+), 1 deletion(-) > > diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst > index f5d8b0303ddf..ec81598477fc 100644 > --- a/Documentation/filesystems/fscrypt.rst > +++ b/Documentation/filesystems/fscrypt.rst > @@ -1204,6 +1204,18 @@ buffer. Some filesystems, such as UBIFS, already use temporary > buffers regardless of encryption. Other filesystems, such as ext4 and > F2FS, have to allocate bounce pages specially for encryption. > > +Fscrypt is also able to use inline encryption hardware instead of the > +kernel crypto API for en/decryption of file contents. When possible, > +and if directed to do so (by specifying the 'inlinecrypt' mount option > +for an ext4/F2FS filesystem), it adds encryption contexts to bios and > +uses blk-crypto to perform the en/decryption instead of making use of > +the above read/write path changes. Of course, even if directed to > +make use of inline encryption, fscrypt will only be able to do so if > +either hardware inline encryption support is available for the > +selected encryption algorithm or CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK > +is selected. If neither is the case, fscrypt will fall back to using > +the above mentioned read/write path changes for en/decryption. > + > Filename hashing and encoding > ----------------------------- > > @@ -1250,7 +1262,9 @@ Tests > > To test fscrypt, use xfstests, which is Linux's de facto standard > filesystem test suite. First, run all the tests in the "encrypt" > -group on the relevant filesystem(s). For example, to test ext4 and > +group on the relevant filesystem(s). One can also run the tests > +with the 'inlinecrypt' mount option to test the implementation for > +inline encryption support. For example, to test ext4 and > f2fs encryption using `kvm-xfstests > <https://github.com/tytso/xfstests-bld/blob/master/Documentation/kvm-quickstart.md>`_:: > > -- > 2.28.0.rc0.105.gf9edc3c819-goog
WARNING: multiple messages have this Message-ID (diff)
From: Jaegeuk Kim <jaegeuk@kernel.org> To: Satya Tangirala <satyat@google.com> Cc: Eric Biggers <ebiggers@google.com>, linux-f2fs-devel@lists.sourceforge.net, linux-xfs@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org Subject: Re: [f2fs-dev] [PATCH v4 6/7] fscrypt: document inline encryption support Date: Wed, 22 Jul 2020 10:01:44 -0700 [thread overview] Message-ID: <20200722170144.GC3912099@google.com> (raw) In-Reply-To: <20200720233739.824943-7-satyat@google.com> On 07/20, Satya Tangirala wrote: > Update the fscrypt documentation file for inline encryption support. > > Signed-off-by: Satya Tangirala <satyat@google.com> > Reviewed-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> > --- > Documentation/filesystems/fscrypt.rst | 16 +++++++++++++++- > 1 file changed, 15 insertions(+), 1 deletion(-) > > diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst > index f5d8b0303ddf..ec81598477fc 100644 > --- a/Documentation/filesystems/fscrypt.rst > +++ b/Documentation/filesystems/fscrypt.rst > @@ -1204,6 +1204,18 @@ buffer. Some filesystems, such as UBIFS, already use temporary > buffers regardless of encryption. Other filesystems, such as ext4 and > F2FS, have to allocate bounce pages specially for encryption. > > +Fscrypt is also able to use inline encryption hardware instead of the > +kernel crypto API for en/decryption of file contents. When possible, > +and if directed to do so (by specifying the 'inlinecrypt' mount option > +for an ext4/F2FS filesystem), it adds encryption contexts to bios and > +uses blk-crypto to perform the en/decryption instead of making use of > +the above read/write path changes. Of course, even if directed to > +make use of inline encryption, fscrypt will only be able to do so if > +either hardware inline encryption support is available for the > +selected encryption algorithm or CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK > +is selected. If neither is the case, fscrypt will fall back to using > +the above mentioned read/write path changes for en/decryption. > + > Filename hashing and encoding > ----------------------------- > > @@ -1250,7 +1262,9 @@ Tests > > To test fscrypt, use xfstests, which is Linux's de facto standard > filesystem test suite. First, run all the tests in the "encrypt" > -group on the relevant filesystem(s). For example, to test ext4 and > +group on the relevant filesystem(s). One can also run the tests > +with the 'inlinecrypt' mount option to test the implementation for > +inline encryption support. For example, to test ext4 and > f2fs encryption using `kvm-xfstests > <https://github.com/tytso/xfstests-bld/blob/master/Documentation/kvm-quickstart.md>`_:: > > -- > 2.28.0.rc0.105.gf9edc3c819-goog _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-07-22 17:01 UTC|newest] Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-07-20 23:37 [PATCH v4 0/7] add support for direct I/O with fscrypt using blk-crypto Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-20 23:37 ` [PATCH v4 1/7] fscrypt: Add functions for direct I/O support Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:04 ` Jaegeuk Kim 2020-07-22 17:04 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 2/7] direct-io: add support for fscrypt using blk-crypto Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:05 ` Jaegeuk Kim 2020-07-22 17:05 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 3/7] iomap: support direct I/O with " Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:06 ` Jaegeuk Kim 2020-07-22 17:06 ` [f2fs-dev] " Jaegeuk Kim 2020-07-22 21:16 ` Dave Chinner 2020-07-22 21:16 ` [f2fs-dev] " Dave Chinner 2020-07-22 22:34 ` Eric Biggers 2020-07-22 22:34 ` [f2fs-dev] " Eric Biggers 2020-07-22 22:44 ` Matthew Wilcox 2020-07-22 22:44 ` [f2fs-dev] " Matthew Wilcox 2020-07-22 23:12 ` Eric Biggers 2020-07-22 23:12 ` [f2fs-dev] " Eric Biggers 2020-07-22 23:26 ` Eric Biggers 2020-07-22 23:26 ` [f2fs-dev] " Eric Biggers 2020-07-22 23:32 ` Darrick J. Wong 2020-07-22 23:32 ` [f2fs-dev] " Darrick J. Wong 2020-07-22 23:43 ` Eric Biggers 2020-07-22 23:43 ` [f2fs-dev] " Eric Biggers 2020-07-23 22:07 ` Dave Chinner 2020-07-23 22:07 ` [f2fs-dev] " Dave Chinner 2020-07-23 23:03 ` Eric Biggers 2020-07-23 23:03 ` [f2fs-dev] " Eric Biggers 2020-07-24 1:39 ` Dave Chinner 2020-07-24 1:39 ` [f2fs-dev] " Dave Chinner 2020-07-24 3:46 ` Eric Biggers 2020-07-24 3:46 ` [f2fs-dev] " Eric Biggers 2020-07-24 5:31 ` Dave Chinner 2020-07-24 5:31 ` [f2fs-dev] " Dave Chinner 2020-07-24 17:41 ` Eric Biggers 2020-07-24 17:41 ` [f2fs-dev] " Eric Biggers 2020-07-25 23:47 ` Dave Chinner 2020-07-25 23:47 ` [f2fs-dev] " Dave Chinner 2020-07-25 23:59 ` Dave Chinner 2020-07-25 23:59 ` [f2fs-dev] " Dave Chinner 2020-07-26 2:42 ` Eric Biggers 2020-07-26 2:42 ` [f2fs-dev] " Eric Biggers 2020-07-27 17:16 ` Eric Biggers 2020-07-27 17:16 ` [f2fs-dev] " Eric Biggers 2020-07-20 23:37 ` [PATCH v4 4/7] ext4: " Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:07 ` Jaegeuk Kim 2020-07-22 17:07 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 5/7] f2fs: " Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-21 20:11 ` Jaegeuk Kim 2020-07-21 20:11 ` [f2fs-dev] " Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 6/7] fscrypt: document inline encryption support Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-22 17:01 ` Jaegeuk Kim [this message] 2020-07-22 17:01 ` Jaegeuk Kim 2020-07-20 23:37 ` [PATCH v4 7/7] fscrypt: update documentation for direct I/O support Satya Tangirala 2020-07-20 23:37 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel 2020-07-21 0:47 ` Eric Biggers 2020-07-21 0:47 ` [f2fs-dev] " Eric Biggers 2020-07-22 16:57 ` Jaegeuk Kim 2020-07-22 16:57 ` [f2fs-dev] " Jaegeuk Kim 2020-07-21 0:56 ` [PATCH v4 0/7] add support for direct I/O with fscrypt using blk-crypto Eric Biggers 2020-07-21 0:56 ` [f2fs-dev] " Eric Biggers
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200722170144.GC3912099@google.com \ --to=jaegeuk@kernel.org \ --cc=ebiggers@google.com \ --cc=linux-ext4@vger.kernel.org \ --cc=linux-f2fs-devel@lists.sourceforge.net \ --cc=linux-fscrypt@vger.kernel.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-xfs@vger.kernel.org \ --cc=satyat@google.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.