From: Alexander Holler <holler@ahsoftware.de>
To: linux-fsdevel@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Alexander Holler <holler@ahsoftware.de>
Subject: [PATCH 3/5] WIP: fs: ext4: support unlinkat_s() for secure deletion of files
Date: Mon, 2 Feb 2015 18:05:11 +0100 [thread overview]
Message-ID: <1422896713-25367-4-git-send-email-holler@ahsoftware.de> (raw)
In-Reply-To: <1422896713-25367-1-git-send-email-holler@ahsoftware.de>
Signed-off-by: Alexander Holler <holler@ahsoftware.de>
---
fs/ext4/ext4.h | 2 ++
fs/ext4/mballoc.c | 25 +++++++++++++++++++++++--
fs/ext4/super.c | 12 ++++++++++++
3 files changed, 37 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index c55a1fa..e66507c 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -1342,6 +1342,8 @@ struct ext4_sb_info {
struct ratelimit_state s_err_ratelimit_state;
struct ratelimit_state s_warning_ratelimit_state;
struct ratelimit_state s_msg_ratelimit_state;
+
+ atomic_t secure_delete; /* delete blocks securely? */
};
static inline struct ext4_sb_info *EXT4_SB(struct super_block *sb)
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
index dbfe15c..f33416f 100644
--- a/fs/ext4/mballoc.c
+++ b/fs/ext4/mballoc.c
@@ -2756,6 +2756,19 @@ static inline int ext4_issue_discard(struct super_block *sb,
return sb_issue_discard(sb, discard_block, count, GFP_NOFS, 0);
}
+static inline int ext4_issue_zeroout(struct super_block *sb,
+ ext4_group_t block_group, ext4_grpblk_t cluster, int count)
+{
+ ext4_fsblk_t discard_block;
+
+ discard_block = (EXT4_C2B(EXT4_SB(sb), cluster) +
+ ext4_group_first_block_no(sb, block_group));
+ count = EXT4_C2B(EXT4_SB(sb), count);
+ //trace_ext4_discard_blocks(sb,
+ // (unsigned long long) discard_block, count);
+ return sb_issue_zeroout(sb, discard_block, count, GFP_NOFS);
+}
+
/*
* This function is called by the jbd2 layer once the commit has finished,
* so we know we can free the blocks that were released with that commit.
@@ -2764,6 +2777,7 @@ static void ext4_free_data_callback(struct super_block *sb,
struct ext4_journal_cb_entry *jce,
int rc)
{
+ struct ext4_sb_info *sbi = EXT4_SB(sb);
struct ext4_free_data *entry = (struct ext4_free_data *)jce;
struct ext4_buddy e4b;
struct ext4_group_info *db;
@@ -2772,6 +2786,11 @@ static void ext4_free_data_callback(struct super_block *sb,
mb_debug(1, "gonna free %u blocks in group %u (0x%p):",
entry->efd_count, entry->efd_group, entry);
+
+ // TODO:
+ // if (atomic_read(&sbi->secure_delete) && secure_trim_available)
+ // use secure trim
+ // else
if (test_opt(sb, DISCARD)) {
err = ext4_issue_discard(sb, entry->efd_group,
entry->efd_start_cluster,
@@ -2782,8 +2801,10 @@ static void ext4_free_data_callback(struct super_block *sb,
" with %d", entry->efd_group,
entry->efd_start_cluster,
entry->efd_count, err);
- }
-
+ } else if (atomic_read(&sbi->secure_delete))
+ ext4_issue_zeroout(sb, entry->efd_group,
+ entry->efd_start_cluster,
+ entry->efd_count);
err = ext4_mb_load_buddy(sb, entry->efd_group, &e4b);
/* we expect to find existing buddy because it's pinned */
BUG_ON(err != 0);
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 2c9e686..f87e3ff 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1100,6 +1100,17 @@ static const struct quotactl_ops ext4_qctl_sysfile_operations = {
};
#endif
+static void ext4_set_secure_delete(struct super_block *sb, bool secure)
+{
+ struct ext4_sb_info *sbi = EXT4_SB(sb);
+ // TODO: will overflow with a very large number of
+ // concurrent calls of unlinkat_s().
+ if (secure)
+ atomic_inc(&sbi->secure_delete);
+ else
+ atomic_dec(&sbi->secure_delete);
+}
+
static const struct super_operations ext4_sops = {
.alloc_inode = ext4_alloc_inode,
.destroy_inode = ext4_destroy_inode,
@@ -1119,6 +1130,7 @@ static const struct super_operations ext4_sops = {
.quota_write = ext4_quota_write,
#endif
.bdev_try_to_free_page = bdev_try_to_free_page,
+ .set_secure_delete = ext4_set_secure_delete,
};
static const struct export_operations ext4_export_ops = {
--
2.1.0
next prev parent reply other threads:[~2015-02-02 17:05 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-02 17:05 [PATCH 0/5] RFC: Offer a way for userspace to request real deletion of files Alexander Holler
2015-02-02 17:05 ` [PATCH 1/5] WIP: Add syscall unlinkat_s (currently x86* only) Alexander Holler
2015-02-03 6:05 ` Al Viro
2015-02-03 6:58 ` Alexander Holler
2015-02-03 7:56 ` Al Viro
2015-02-03 8:01 ` Alexander Holler
2015-02-03 8:10 ` Al Viro
2015-02-03 8:17 ` Alexander Holler
2015-02-03 8:51 ` Alexander Holler
2015-02-03 9:23 ` Alexander Holler
2015-02-03 12:48 ` Alexander Holler
2015-02-03 12:54 ` Alexander Holler
2015-02-03 17:48 ` Theodore Ts'o
2015-02-03 18:01 ` Alexander Holler
2015-02-03 23:33 ` Al Viro
2015-02-04 0:18 ` Alex Elsayed
2015-02-04 4:16 ` Andreas Dilger
2015-02-04 10:19 ` Alexander Holler
2015-02-04 12:07 ` Lukáš Czerner
2015-02-04 12:22 ` Alexander Holler
2015-02-04 12:42 ` Alexander Holler
2015-02-04 12:50 ` Alexander Holler
2015-02-04 13:07 ` Alexander Holler
2015-02-04 13:06 ` Michael Kerrisk
2015-02-04 13:21 ` Alexander Holler
2015-02-04 13:29 ` Alexander Holler
2015-02-04 14:19 ` Alexander Holler
2015-02-04 15:00 ` Austin S Hemmelgarn
2015-02-04 14:52 ` Lukáš Czerner
2015-02-04 16:12 ` Alexander Holler
2015-02-04 16:25 ` Lukáš Czerner
2015-02-04 16:45 ` Alexander Holler
2015-02-04 16:53 ` Alexander Holler
2015-02-04 19:33 ` Theodore Ts'o
2015-02-04 19:56 ` Alexander Holler
2015-02-03 7:58 ` Davidlohr Bueso
2015-02-03 7:52 ` Alexander Holler
2015-02-04 8:01 ` Michael Kerrisk
2015-02-02 17:05 ` [PATCH 2/5] WIP: fs: fat: support unlinkat_s() for secure deletion of files Alexander Holler
2015-02-02 17:05 ` Alexander Holler [this message]
2015-02-03 13:50 ` [PATCH 3/5] WIP: fs: ext4: " Lukáš Czerner
2015-02-03 14:50 ` Alexander Holler
2015-02-03 15:13 ` Alexander Holler
2015-02-03 15:24 ` Alexander Holler
2015-02-03 15:41 ` Lukáš Czerner
2015-02-03 15:46 ` Alexander Holler
2015-02-03 16:38 ` Alexander Holler
2015-02-03 18:50 ` Alexander Holler
2015-02-02 17:05 ` [PATCH 4/5] WIP: Add patch for coreutils to support unlinkat_s (x86_64 only) Alexander Holler
2015-02-02 17:05 ` [PATCH 5/5] WIP: Add test for unlinkat_s Alexander Holler
2015-02-03 15:15 ` [PATCH 0/5] RFC: Offer a way for userspace to request real deletion of files One Thousand Gnomes
2015-02-03 15:45 ` Alexander Holler
2015-02-04 8:01 ` Michael Kerrisk
2015-02-06 12:17 ` Alexander Holler
2015-02-07 5:56 ` Russ Dill
2015-03-02 10:03 ` Alexander Holler
2015-03-03 10:36 ` Alexander Holler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1422896713-25367-4-git-send-email-holler@ahsoftware.de \
--to=holler@ahsoftware.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).