From: Daniel Rosenberg <drosen@google.com>
To: "Theodore Ts'o" <tytso@mit.edu>,
linux-ext4@vger.kernel.org, Jaegeuk Kim <jaegeuk@kernel.org>,
Chao Yu <chao@kernel.org>,
linux-f2fs-devel@lists.sourceforge.net,
Eric Biggers <ebiggers@kernel.org>,
linux-fscrypt@vger.kernel.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
Richard Weinberger <richard@nod.at>
Cc: linux-mtd@lists.infradead.org,
Andreas Dilger <adilger.kernel@dilger.ca>,
Jonathan Corbet <corbet@lwn.net>,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
Gabriel Krisman Bertazi <krisman@collabora.com>,
kernel-team@android.com, Daniel Rosenberg <drosen@google.com>
Subject: [PATCH v8 0/8] Support for Casefolding and Encryption
Date: Fri, 6 Mar 2020 18:36:03 -0800 [thread overview]
Message-ID: <20200307023611.204708-1-drosen@google.com> (raw)
These patches are all on top of torvalds/master
Ext4 and F2FS currently both support casefolding and encryption, but not at
the same time. These patches aim to rectify that.
I've left off the Ext4 patches that enable casefolding and ecryption from
this revision since they still need some fixups, and I haven't gotten around
to the fsck changes yet.
I moved the identical casefolding dcache operations for ext4 and f2fs into
fs/libfs.c, as all filesystems using casefolded names will want them.
I've also adjust fscrypt to not set it's d_revalidate operation during it's
prepare lookup, instead having the calling filesystem set it up. This is
done to that the filesystem may have it's own dentry_operations. Also added
a helper function in libfs.c that will work for filesystems supporting both
casefolding and fscrypt.
For Ext4, since the hash for encrypted casefolded directory names cannot be
computed without the key, we need to store the hash on disk. We only do so
for encrypted and casefolded directories to avoid on disk format changes.
Previously encryption and casefolding could not be on the same filesystem,
and we're relaxing that requirement. F2fs is a bit more straightforward
since it already stores hashes on disk.
I've updated the related tools with just enough to enable the feature. I
still need to adjust ext4's fsck's, although without access to the keys,
neither fsck will be able to verify the hashes of casefolded and encrypted
names.
v8 changes:
Fixed issue with non-strict_mode fallback for hashing dentry op
Fixed potential RCU/unicode issue in casefolding dentry_ops.
Split "fscrypt: Have filesystems handle their d_ops" into a few smaller patches
Switched ubifs change to also use the dentry op function added in libfs.c
Added hash function in fs/unicode
changed super_block s_encoding_flags to u16. Didn't make unsigned int since
both filesystems using them use them as 16 bits, and want to avoid possible
confusion. Wouldn't really be opposed to that change though
Added kernel doc comments
misc other small adjustments
TODO:
Investigate moving to a dentry flag to check for casefolding, or otherwise
conditionally setting the casefolding dentry ops as needed, like fscrypt.
Currently not done due to some issues with cached negative dentries and
toggling casefolding on an empty directory.
Ext4 fsck changes/debugging ext4 patches
v7 changes:
Moved dentry operations from unicode to libfs, added new iterator function
to unicode to allow this.
Added libfs function for setting dentries to remove code duplication between
ext4 and f2fs.
v6 changes:
Went back to using dentry_operations for casefolding. Provided standard
implementations in fs/unicode, avoiding extra allocation in d_hash op.
Moved fscrypt d_ops setting to be filesystem's responsibility to maintain
compatibility with casefolding and overlayfs if casefolding is not used
fixes some f2fs error handling
v4-5: patches submitted on fscrypt
v3 changes:
fscrypt patch only creates hash key if it will be needed.
Rebased on top of fscrypt branch, reconstified match functions in ext4/f2fs
v2 changes:
fscrypt moved to separate thread to rebase on fscrypt dev branch
addressed feedback, plus some minor fixes
Daniel Rosenberg (8):
unicode: Add utf8_casefold_hash
fs: Add standard casefolding support
f2fs: Use generic casefolding support
ext4: Use generic casefolding support
fscrypt: Export fscrypt_d_revalidate
libfs: Add generic function for setting dentry_ops
fscrypt: Have filesystems handle their d_ops
f2fs: Handle casefolding with Encryption
fs/crypto/fname.c | 7 +-
fs/crypto/fscrypt_private.h | 1 -
fs/crypto/hooks.c | 1 -
fs/ext4/dir.c | 51 -----------
fs/ext4/ext4.h | 16 ----
fs/ext4/hash.c | 2 +-
fs/ext4/namei.c | 21 ++---
fs/ext4/super.c | 15 ++--
fs/f2fs/dir.c | 127 +++++++++++-----------------
fs/f2fs/f2fs.h | 18 +---
fs/f2fs/hash.c | 27 ++++--
fs/f2fs/inline.c | 9 +-
fs/f2fs/namei.c | 1 +
fs/f2fs/super.c | 17 ++--
fs/f2fs/sysfs.c | 10 ++-
fs/libfs.c | 164 ++++++++++++++++++++++++++++++++++++
fs/ubifs/dir.c | 1 +
fs/unicode/utf8-core.c | 23 ++++-
include/linux/f2fs_fs.h | 3 -
include/linux/fs.h | 24 ++++++
include/linux/fscrypt.h | 6 +-
include/linux/unicode.h | 3 +
22 files changed, 321 insertions(+), 226 deletions(-)
--
2.25.1.481.gfbce0eb801-goog
next reply other threads:[~2020-03-07 2:37 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-07 2:36 Daniel Rosenberg [this message]
2020-03-07 2:36 ` [PATCH v8 1/8] unicode: Add utf8_casefold_hash Daniel Rosenberg
2020-03-07 2:36 ` [PATCH v8 2/8] fs: Add standard casefolding support Daniel Rosenberg
2020-03-07 3:48 ` Al Viro
2020-03-12 22:11 ` Daniel Rosenberg
2020-03-07 2:36 ` [PATCH v8 3/8] f2fs: Use generic " Daniel Rosenberg
2020-03-07 2:36 ` [PATCH v8 4/8] ext4: " Daniel Rosenberg
2020-03-07 2:36 ` [PATCH v8 5/8] fscrypt: Export fscrypt_d_revalidate Daniel Rosenberg
2020-03-07 2:36 ` [PATCH v8 6/8] libfs: Add generic function for setting dentry_ops Daniel Rosenberg
2020-03-07 5:41 ` Eric Biggers
2020-03-07 2:36 ` [PATCH v8 7/8] fscrypt: Have filesystems handle their d_ops Daniel Rosenberg
2020-03-07 2:36 ` [PATCH v8 8/8] f2fs: Handle casefolding with Encryption Daniel Rosenberg
2020-03-07 5:24 ` Eric Biggers
2020-03-07 5:08 ` [PATCH v8 0/8] Support for Casefolding and Encryption Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200307023611.204708-1-drosen@google.com \
--to=drosen@google.com \
--cc=adilger.kernel@dilger.ca \
--cc=chao@kernel.org \
--cc=corbet@lwn.net \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=kernel-team@android.com \
--cc=krisman@collabora.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=richard@nod.at \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).