From: David Howells <dhowells@redhat.com>
To: Trond Myklebust <trondmy@hammerspace.com>
Cc: dhowells@redhat.com,
"viro@ZenIV.linux.org.uk" <viro@ZenIV.linux.org.uk>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-afs@lists.infradead.org" <linux-afs@lists.infradead.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH 04/10] iov_iter: Add mapping and discard iterator types
Date: Mon, 17 Sep 2018 22:32:44 +0100 [thread overview]
Message-ID: <5764.1537219964@warthog.procyon.org.uk> (raw)
In-Reply-To: <a37220c23479c79239b046e2487cfc95544b8f13.camel@hammerspace.com>
Trond Myklebust <trondmy@hammerspace.com> wrote:
> Another question that is relevant for most networked filesystems
> (including AFS, I believe), is how will you deal with encryption of the
> data you are transmitting? Encrypting and decrypting in-place directly
> in the page cache or in a userspace O_DIRECT mapped buffer might not be
> the best and most secure option, so won't you find yourself wanting to
> copy the data anyway?
For kAFS, the interface between kAFS and AF_RXRPC takes an iterator.
Currently, encryption is done in place on the sk_buffs inside AF_RXRPC, but
the goal I have in mind is to use the crypto operation to replace the copy
between sk_buff and buffer. This is tricky, however, as the encrypted payload
contains metadata as well as data and on reception I have to read the metadata
to find out how much data there actually is.
David
next prev parent reply other threads:[~2018-09-17 21:32 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-13 15:51 [PATCH 00/10] iov_iter: Add new iters and use with AFS David Howells
2018-09-13 15:51 ` [PATCH 01/10] iov_iter: Separate type from direction and use accessor functions David Howells
2018-09-13 15:51 ` [PATCH 02/10] iov_iter: Renumber the ITER_* constants in uio.h David Howells
2018-09-13 15:52 ` [PATCH 03/10] iov_iter: Make count and iov_offset loff_t not size_t David Howells
2018-09-13 15:52 ` [PATCH 04/10] iov_iter: Add mapping and discard iterator types David Howells
2018-09-14 4:18 ` Al Viro
2018-09-14 12:57 ` Trond Myklebust
2018-09-17 21:32 ` David Howells [this message]
2018-09-17 20:58 ` David Howells
2018-09-13 15:52 ` [PATCH 05/10] afs: Better tracing of protocol errors David Howells
2018-09-13 15:52 ` [PATCH 06/10] afs: Set up the iov_iter before calling afs_extract_data() David Howells
2018-09-13 15:52 ` [PATCH 07/10] afs: Use ITER_MAPPING for writing David Howells
2018-09-13 15:52 ` [PATCH 08/10] afs: Add O_DIRECT read support David Howells
2018-09-13 15:52 ` [PATCH 09/10] afs: Add a couple of tracepoints to log I/O errors David Howells
2018-09-13 15:52 ` [PATCH 10/10] afs: Don't invoke the server to read data beyond EOF David Howells
2018-09-13 16:10 ` [PATCH 00/10] iov_iter: Add new iters and use with AFS Matthew Wilcox
2018-09-13 16:18 ` David Howells
2018-09-13 16:43 ` Matthew Wilcox
2018-09-13 17:05 ` David Howells
2018-09-13 17:58 ` Al Viro
-- strict thread matches above, loose matches on Subject: below --
2018-08-06 13:16 David Howells
2018-08-06 13:17 ` [PATCH 04/10] iov_iter: Add mapping and discard iterator types David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5764.1537219964@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=linux-afs@lists.infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=trondmy@hammerspace.com \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.