From: Chandan Rajendra <chandan@linux.vnet.ibm.com>
To: linux-fscrypt@vger.kernel.org
Cc: Chandan Rajendra <chandan@linux.vnet.ibm.com>,
ebiggers3@gmail.com, tytso@mit.edu, linux-ext4@vger.kernel.org,
linux-fsdevel@vger.kernel.org
Subject: [RFC PATCH V3 00/12] Ext4 encryption support for blocksize < pagesize
Date: Tue, 22 May 2018 21:30:58 +0530 [thread overview]
Message-ID: <20180522160110.1161-1-chandan@linux.vnet.ibm.com> (raw)
This patchset implements code to support encryption of Ext4 filesystem
instances that have blocksize less than pagesize. Ext4 code with this
patchset has been tested on both ppc64 and x86_64 machines. F2FS and
UBIFS were tested on x86_64.
TODO:
1. generic/233 fails with bigalloc mkfs option. This will be fixed in
the next version of the patchset.
Changelog:
"RFC V2" -> "RFC V3":
1. mpage_readpage[s]() now has arguments to function pointers which
decrypt the data after the read I/O operation gets completed. Due
to these changes the code in fs/ext4/readpage.c isn't required
anymore. Hence this patchset deletes that file.
2. Revert fscrypt_{encrypt,decrypt}_block functions back to
fscrypt_{encrypt,decrypt}_page i.e. These functions now accept a
complete memory page as an argument. But internally these functions
now iterate over all the blocks mapped by the page. Since there
were no changes in prototypes of these fscrypt APIs, there were no
changes made to either F2FS or UBIFS code.
3. Address all the review comments provided by Eric Biggers.
"RFC V1" -> "RFC V2":
1. Ext4's "encryption aware" functionality in fs/ext4/readpage.c has
been moved to fs/crypto/.
2. fscrypt functions have now been renamed to indicate that they work
on blocks rather than pages.
Eric, I have renamed completion_pages() to fscrypt_complete_pages()
rather than to fscrypt_complete_blocks(). This is because we have a
new function fscrypt_complete_block() (which operates on a single
block) and IMHO having the identifier fscrypt_complete_blocks()
which differs from it by just one letter would confuse the reader.
3. ext4_block_write_begin() now clears BH_Uptodate flag when
decryption of boundary blocks fail.
4. fscrypt_encrypt_page() (now renamed to fscrypt_encrypt_block()) is
now split into two functions. fscrypt_prep_ciphertext_page()
allocates and initializes the fscrypt context and the bounce
page. fscrypt_encrypt_block() is limited to encrypting the
filesystem's block.
5. fscrypt_zeroout_range() has been updated to work on blocksize <
pagesize scenario.
6. Documentation/filesystems/fscrypt.rst has been updated to indicate
encryption support for blocksize < pagesize.
Chandan Rajendra (12):
ext4: Clear BH_Uptodate flag on decryption error
Rename fscrypt_do_page_crypto to fscrypt_do_block_crypto
fscrypt_decrypt_page: Decrypt all blocks in a page
__fscrypt_decrypt_bio: Fix page offset and len args to
fscrypt_decrypt_page
ext4: Decrypt all boundary blocks when doing buffered write
ext4: Decrypt the block that needs to be partially zeroed
mpage_readpage[s]: Introduce post process callback parameters
fscrypt_zeroout_range: Encrypt all zeroed out blocks of a page
fscrypt_encrypt_page: Encrypt all blocks mapped by a page
ext4: Fix block number passed to fscrypt_encrypt_page
ext4: Move encryption code into its own function
ext4: Enable encryption for blocksize less than page size
Documentation/filesystems/fscrypt.rst | 14 +-
fs/block_dev.c | 5 +-
fs/buffer.c | 298 ++++++++++++++++++++--------------
fs/crypto/bio.c | 141 ++++++++++++++--
fs/crypto/crypto.c | 44 +++--
fs/crypto/fscrypt_private.h | 2 +-
fs/ext2/inode.c | 4 +-
fs/ext4/Makefile | 2 +-
fs/ext4/inode.c | 55 +++++--
fs/ext4/page-io.c | 43 +++--
fs/ext4/readpage.c | 294 ---------------------------------
fs/ext4/super.c | 7 -
fs/fat/inode.c | 4 +-
fs/isofs/inode.c | 5 +-
fs/mpage.c | 48 +++++-
fs/xfs/xfs_aops.c | 4 +-
include/linux/buffer_head.h | 2 +-
include/linux/fs.h | 4 +
include/linux/fscrypt_notsupp.h | 37 ++++-
include/linux/fscrypt_supp.h | 13 +-
include/linux/mpage.h | 6 +-
21 files changed, 522 insertions(+), 510 deletions(-)
delete mode 100644 fs/ext4/readpage.c
--
2.9.5
next reply other threads:[~2018-05-22 15:59 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-22 16:00 Chandan Rajendra [this message]
2018-05-22 16:00 ` [RFC PATCH V3 01/12] ext4: Clear BH_Uptodate flag on decryption error Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 02/12] Rename fscrypt_do_page_crypto to fscrypt_do_block_crypto Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 03/12] fscrypt_decrypt_page: Decrypt all blocks in a page Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 04/12] __fscrypt_decrypt_bio: Fix page offset and len args to fscrypt_decrypt_page Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 05/12] ext4: Decrypt all boundary blocks when doing buffered write Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 06/12] ext4: Decrypt the block that needs to be partially zeroed Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 07/12] mpage_readpage[s]: Introduce post process callback parameters Chandan Rajendra
2018-05-25 20:01 ` Theodore Y. Ts'o
2018-05-28 5:35 ` Chandan Rajendra
2018-05-28 19:34 ` Theodore Y. Ts'o
2018-05-29 3:04 ` Chandan Rajendra
2018-05-29 17:53 ` Eric Biggers
2018-05-30 3:09 ` Chandan Rajendra
2018-05-30 5:06 ` Theodore Y. Ts'o
2018-05-30 11:33 ` Chandan Rajendra
2018-05-30 16:02 ` Theodore Y. Ts'o
2018-06-04 10:09 ` Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 08/12] fscrypt_zeroout_range: Encrypt all zeroed out blocks of a page Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 09/12] fscrypt_encrypt_page: Encrypt all blocks mapped by " Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 10/12] ext4: Fix block number passed to fscrypt_encrypt_page Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 11/12] ext4: Move encryption code into its own function Chandan Rajendra
2018-05-22 16:01 ` [RFC PATCH V3 12/12] ext4: Enable encryption for blocksize less than page size Chandan Rajendra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180522160110.1161-1-chandan@linux.vnet.ibm.com \
--to=chandan@linux.vnet.ibm.com \
--cc=ebiggers3@gmail.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).