From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 27AF6C433DB for ; Thu, 21 Jan 2021 23:24:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D7CF22087E for ; Thu, 21 Jan 2021 23:24:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726229AbhAUXXg (ORCPT ); Thu, 21 Jan 2021 18:23:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50748 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726241AbhAUXGb (ORCPT ); Thu, 21 Jan 2021 18:06:31 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 33C18C061A29 for ; Thu, 21 Jan 2021 15:03:55 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id 127so3695660ybn.5 for ; Thu, 21 Jan 2021 15:03:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=CZMyGWlKFZQTRektdrF/slvssAIzMQGtBohXi2xlJZo=; b=rrCQEqKVW1ZDhW4+xC0fjbzkbeY/JM71fiwBKXHsmFH4bwE2GxtDFk+U88/SUhdZrf m7wzzh7s3pqKnNjd10foCZJDNdK/vkuuRpPD69ujIVZe3eifyns8biUA8hZoFwPNKnDb Ba3v3G79vllZnXC34ggan7U2sUksnH545H+f+6bih9NuBbW12SjTSwsWplttdtVyg536 GP0pN9LaqdE82PHlByUSvgve2pSMZuoQ6XfZu6yXARBBw+19h3asuK13j5tmK1ncQkcY r6k+aHDCwUHG8X/Lo9Rh9plI3yOEJxIzYYGPgdsvlhvIGQPysaEunA99fEdDpORoP0Ww T1lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=CZMyGWlKFZQTRektdrF/slvssAIzMQGtBohXi2xlJZo=; b=DO7Revl4q7DKHXkXy4uqY0aaG6GfBkzWpXLBS2/Hseh0zOlEtyq5z52UpcehS3xT9p V7rRgbwZV+I58eNccUR66MZgBPw6WqlJ8TVtw0qM0a1X0sEACP6PG3Eo8CsiBxYhI4kM 4F1VHl1Dq+BPUr8YO/cQ2ldXhfKuKogCDzPvTIF19QCxczHN4+MDA38pVKFn6o14/Zpy Q8AMHwHpAvqh4Jl5zLHUqQ0ADyxTjDNkY4o79+AK/DsEaX19GpBDBdBShkCXPep2B1x8 WyoGgWHZRLzZbxD5H84My4n+6k6cSCxU4VyKQegcKcbBdxfcQqVDxeFC7agg4PGtw5Rb rLrA== X-Gm-Message-State: AOAM533Ayr7cd5/cUHVNxGoPw8nWSRWZ3S5CeLPJk9mjFCzti9lcPad3 iLuN85zlfzugCJqYdtmQows/rAYyXL8= X-Google-Smtp-Source: ABdhPJwB0G5OeVzx657WHRwvKU6JZee+AtLxAL7APPuuacdYF8k9c5jXPavHspxiawBp2gvtwJK1mN7H78c= Sender: "satyat via sendgmr" X-Received: from satyaprateek.c.googlers.com ([fda3:e722:ac3:10:24:72f4:c0a8:1092]) (user=satyat job=sendgmr) by 2002:a25:61c2:: with SMTP id v185mr2563181ybb.378.1611270234438; Thu, 21 Jan 2021 15:03:54 -0800 (PST) Date: Thu, 21 Jan 2021 23:03:36 +0000 In-Reply-To: <20210121230336.1373726-1-satyat@google.com> Message-Id: <20210121230336.1373726-9-satyat@google.com> Mime-Version: 1.0 References: <20210121230336.1373726-1-satyat@google.com> X-Mailer: git-send-email 2.30.0.280.ga3ce27912f-goog Subject: [PATCH v8 8/8] fscrypt: update documentation for direct I/O support From: Satya Tangirala To: "Theodore Y . Ts'o" , Jaegeuk Kim , Eric Biggers , Chao Yu , Jens Axboe , "Darrick J . Wong" Cc: linux-kernel@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-xfs@vger.kernel.org, linux-block@vger.kernel.org, linux-ext4@vger.kernel.org, Satya Tangirala , Eric Biggers Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org Update fscrypt documentation to reflect the addition of direct I/O support and document the necessary conditions for direct I/O on encrypted files. Signed-off-by: Satya Tangirala Reviewed-by: Eric Biggers Reviewed-by: Jaegeuk Kim --- Documentation/filesystems/fscrypt.rst | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index 44b67ebd6e40..c0c1747fa2fb 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -1047,8 +1047,10 @@ astute users may notice some differences in behavior: may be used to overwrite the source files but isn't guaranteed to be effective on all filesystems and storage devices. -- Direct I/O is not supported on encrypted files. Attempts to use - direct I/O on such files will fall back to buffered I/O. +- Direct I/O is supported on encrypted files only under some + circumstances (see `Direct I/O support`_ for details). When these + circumstances are not met, attempts to use direct I/O on encrypted + files will fall back to buffered I/O. - The fallocate operations FALLOC_FL_COLLAPSE_RANGE and FALLOC_FL_INSERT_RANGE are not supported on encrypted files and will @@ -1121,6 +1123,21 @@ It is not currently possible to backup and restore encrypted files without the encryption key. This would require special APIs which have not yet been implemented. +Direct I/O support +================== + +Direct I/O on encrypted files is supported through blk-crypto. In +particular, this means the kernel must have CONFIG_BLK_INLINE_ENCRYPTION +enabled, the filesystem must have had the 'inlinecrypt' mount option +specified, and either hardware inline encryption must be present, or +CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK must have been enabled. Further, +the starting position in the file and the length of any I/O must be aligned +to the filesystem block size (*not* necessarily the same as the block +device's block size). If any of these conditions isn't met, attempts to do +direct I/O on an encrypted file will fall back to buffered I/O. However, +there aren't any additional requirements on user buffer alignment (apart +from those already present when using direct I/O on unencrypted files). + Encryption policy enforcement ============================= -- 2.30.0.280.ga3ce27912f-goog From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.9 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CE528C433E9 for ; Thu, 21 Jan 2021 23:06:32 +0000 (UTC) Received: from lists.sourceforge.net (lists.sourceforge.net [216.105.38.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7B72423A3A for ; Thu, 21 Jan 2021 23:06:32 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7B72423A3A Authentication-Results: mail.kernel.org; dmarc=pass (p=none dis=none) header.from=lists.sourceforge.net Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linux-f2fs-devel-bounces@lists.sourceforge.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc: Reply-To:From:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Subject:To:References:Mime-Version:Message-Id: In-Reply-To:Date:Sender:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=is1QNjyDpKhh+66nfH6LBbhf5ODWMK16GZ773OuElA8=; b=RLNUS424jOFGEG1e2uKiJ+3Fp OTotFYRqTuF7HqagWo667DPpZoAnCiXZ2ofu+nchONxLyLSPuXfssiUi6WFCi86VbCOCwsjn2rA1W eJDeOf4qXvaSjtA33GQU+oWyn1QeQocINgBwcZepWQYq1Xrf1a/c82831Udm2Qv8tXs5Q=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1l2j28-0005j3-0Q; Thu, 21 Jan 2021 23:06:32 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from <3WggKYAYKAJkL3MR3M9HH9E7.5HF@flex--satyat.bounces.google.com>) id 1l2j1y-0005eh-62 for linux-f2fs-devel@lists.sourceforge.net; Thu, 21 Jan 2021 23:06:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Cc:To:From:Subject:References: Mime-Version:Message-Id:In-Reply-To:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=CZMyGWlKFZQTRektdrF/slvssAIzMQGtBohXi2xlJZo=; b=hxPJ28JG9FaHy7+WU8Xz/CPPI tcOnCskv+pilOX2VCgsKBmTtvZxUCmx7iSMTH7E43mhz/Cz0rGLfEkmnJfFV7RDmeuOfBwWX+wKX/ Kf2x9DNkRedvDo4GscQAILsqRjAbQAbhS8MCiZMJsNYUTtWVMvFZCLhuNeNbT5y50T4ZM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Cc:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=CZMyGWlKFZQTRektdrF/slvssAIzMQGtBohXi2xlJZo=; b=X0LIhv8UTmtyUUEZkcSfZsb1Fr GsxlSoEHxlj0T54tCOSGh1S6LqQQ3W5TQFjWWOqs/bG/iLqfkBl9Oln+vmzTsVK8HdilUV9rcfDoC AyGLog4/fAfysfeubJVay5GC/ngzuj22UtxlAwWnzSnuOTKX2rInaLRrHVGEgjyPaRTQ=; Received: from mail-yb1-f201.google.com ([209.85.219.201]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.2) id 1l2izn-006HhU-CD for linux-f2fs-devel@lists.sourceforge.net; Thu, 21 Jan 2021 23:04:13 +0000 Received: by mail-yb1-f201.google.com with SMTP id b131so3705818ybc.3 for ; Thu, 21 Jan 2021 15:04:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=CZMyGWlKFZQTRektdrF/slvssAIzMQGtBohXi2xlJZo=; b=rrCQEqKVW1ZDhW4+xC0fjbzkbeY/JM71fiwBKXHsmFH4bwE2GxtDFk+U88/SUhdZrf m7wzzh7s3pqKnNjd10foCZJDNdK/vkuuRpPD69ujIVZe3eifyns8biUA8hZoFwPNKnDb Ba3v3G79vllZnXC34ggan7U2sUksnH545H+f+6bih9NuBbW12SjTSwsWplttdtVyg536 GP0pN9LaqdE82PHlByUSvgve2pSMZuoQ6XfZu6yXARBBw+19h3asuK13j5tmK1ncQkcY r6k+aHDCwUHG8X/Lo9Rh9plI3yOEJxIzYYGPgdsvlhvIGQPysaEunA99fEdDpORoP0Ww T1lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=CZMyGWlKFZQTRektdrF/slvssAIzMQGtBohXi2xlJZo=; b=VW9mHkMae9Sjc3kQpkourrmpjxdlhNi8zB0J8k25kk3xzDeMRGUy8RUSxCD+DyiyiV Vn+VyJiUM72YsIEwDn/0NEuhPKmjR2IH2KdWqpJyLyHBksz1fDvdMqfKmh/WXhI+HGWW SmX8xEiLo1c3LmjJxtArKm9ebiW2PjzBmqsLUQ/uhSn5cnV8nGLtY/STtnsB0i98n6YA aau59faMpYB+x/CZJTJofCLEnS3wKMBjMlzgRPTzhGli9L579WsYySMhIFK0YpzvSrZZ dTE8Tv/0tRT3WqlzaLKjVYNGaEpxF0Qd5Q9FvuAPxcSNpVEyReqeXfx58d4RHghSSScJ yu9g== X-Gm-Message-State: AOAM533z40Y2d5g/Qh8t2YcEfyvCQkueU6MidMeOF1VFj2gx2AlJgxwy YJOhcrJ/JRiMYtdlC8GnYd5/6RSbaPo= X-Google-Smtp-Source: ABdhPJwB0G5OeVzx657WHRwvKU6JZee+AtLxAL7APPuuacdYF8k9c5jXPavHspxiawBp2gvtwJK1mN7H78c= X-Received: from satyaprateek.c.googlers.com ([fda3:e722:ac3:10:24:72f4:c0a8:1092]) (user=satyat job=sendgmr) by 2002:a25:61c2:: with SMTP id v185mr2563181ybb.378.1611270234438; Thu, 21 Jan 2021 15:03:54 -0800 (PST) Date: Thu, 21 Jan 2021 23:03:36 +0000 In-Reply-To: <20210121230336.1373726-1-satyat@google.com> Message-Id: <20210121230336.1373726-9-satyat@google.com> Mime-Version: 1.0 References: <20210121230336.1373726-1-satyat@google.com> X-Mailer: git-send-email 2.30.0.280.ga3ce27912f-goog To: "Theodore Y . Ts'o" , Jaegeuk Kim , Eric Biggers , Chao Yu , Jens Axboe , "Darrick J . Wong" X-Headers-End: 1l2izn-006HhU-CD Subject: [f2fs-dev] [PATCH v8 8/8] fscrypt: update documentation for direct I/O support X-BeenThere: linux-f2fs-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Satya Tangirala via Linux-f2fs-devel Reply-To: Satya Tangirala Cc: linux-block@vger.kernel.org, Eric Biggers , linux-kernel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-xfs@vger.kernel.org, linux-fscrypt@vger.kernel.org, Satya Tangirala , linux-ext4@vger.kernel.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: linux-f2fs-devel-bounces@lists.sourceforge.net Update fscrypt documentation to reflect the addition of direct I/O support and document the necessary conditions for direct I/O on encrypted files. Signed-off-by: Satya Tangirala Reviewed-by: Eric Biggers Reviewed-by: Jaegeuk Kim --- Documentation/filesystems/fscrypt.rst | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index 44b67ebd6e40..c0c1747fa2fb 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -1047,8 +1047,10 @@ astute users may notice some differences in behavior: may be used to overwrite the source files but isn't guaranteed to be effective on all filesystems and storage devices. -- Direct I/O is not supported on encrypted files. Attempts to use - direct I/O on such files will fall back to buffered I/O. +- Direct I/O is supported on encrypted files only under some + circumstances (see `Direct I/O support`_ for details). When these + circumstances are not met, attempts to use direct I/O on encrypted + files will fall back to buffered I/O. - The fallocate operations FALLOC_FL_COLLAPSE_RANGE and FALLOC_FL_INSERT_RANGE are not supported on encrypted files and will @@ -1121,6 +1123,21 @@ It is not currently possible to backup and restore encrypted files without the encryption key. This would require special APIs which have not yet been implemented. +Direct I/O support +================== + +Direct I/O on encrypted files is supported through blk-crypto. In +particular, this means the kernel must have CONFIG_BLK_INLINE_ENCRYPTION +enabled, the filesystem must have had the 'inlinecrypt' mount option +specified, and either hardware inline encryption must be present, or +CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK must have been enabled. Further, +the starting position in the file and the length of any I/O must be aligned +to the filesystem block size (*not* necessarily the same as the block +device's block size). If any of these conditions isn't met, attempts to do +direct I/O on an encrypted file will fall back to buffered I/O. However, +there aren't any additional requirements on user buffer alignment (apart +from those already present when using direct I/O on unencrypted files). + Encryption policy enforcement ============================= -- 2.30.0.280.ga3ce27912f-goog _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel