| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Aug 2019 18:55:35 +0530
From: Chandan Rajendra <chandan@...ux.ibm.com>
To: linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org,
linux-fscrypt@...r.kernel.org
Cc: Chandan Rajendra <chandan@...ux.ibm.com>, tytso@....edu,
adilger.kernel@...ger.ca, ebiggers@...nel.org, hch@...radead.org,
chandanrlinux@...il.com
Subject: [PATCH V5 0/7] Consolidate FS read I/O callbacks code
This patchset moves the "FS read I/O callbacks" code into a file of its
own (i.e. fs/read_callbacks.c) and modifies the generic
do_mpage_readpge() to make use of the functionality provided.
"FS read I/O callbacks" code implements the state machine that needs
to be executed after reading data from files that are encrypted and/or
have verity metadata associated with them.
With these changes in place, the patchset changes Ext4 to use
mpage_readpage[s] instead of its own custom ext4_readpage[s]()
functions. This is done to reduce duplication of code across
filesystems. Also, "FS read I/O callbacks" source files will be built
only if CONFIG_FS_ENCRYPTION is enabled.
The patchset also modifies fs/buffer.c to get file
encryption/decryption to work with subpage-sized blocks.
The patches can also be obtained from
https://github.com/chandanr/linux.git at branch subpage-encryption-v5.
Changelog:
V4 -> V5:
1. Since F2FS uses its own workqueue and also since its
decompression logic isn't an fs independent entity like fscrypt or
fsverity, this patchset drops support for F2FS.
The patchset still helps in removing a copy of
do_mpage_readpage() from Ext4 (i.e. ext4_readpage()) and also
prevents a copy of block_read_full_page() from being added into
Ext4 by adding support to "read callbacks" API invocations into
block_read_full_page().
V3 -> V4:
1. A new buffer_head flag (i.e. BH_Read_Cb) is introduced to reliably
check if a buffer head's content has to be decrypted.
2. Fix layering violation. Now the code flow for decryption happens as shown below,
FS => read callbacks => fscrypt
3. Select FS_READ_CALLBACKS from FS specific kconfig file if FS_ENCRYPTION
is enabled.
4. Make 'struct read_callbacks_ctx' an opaque structure.
5. Make use of FS' endio function rather than implementing one in read
callbacks.
6. Make read_callbacks.h self-contained.
7. Split patchset to separate out ext4 and f2fs changes.
V2 -> V3:
1. Split the V2 patch "Consolidate 'read callbacks' into a new file" into
three patches,
- Introduce the read_callbacks functionality.
- Convert encryption to use read_callbacks.
- Remove union from struct fscrypt_context.
2. fs/Kconfig
Do not explicitly set the default value of 'n' for FS_READ_CALLBACKS.
3. fs/crypto/Kconfig
Select CONFIG_FS_READ_CALLBACKS only if CONFIG_BLOCK is selected.
4. Remove verity associated code in read_callbacks code.
5. Introduce a callback argument to read_callbacks_setup() function
which gets invoked for each page for bio. F2FS uses this to perform
custom operations like decrementing the value of f2fs_sb_info->nr_pages[].
6. Encapsulate the details of "read callbacks" (e.g. Usage of "struct
read_callbacks *ctx") within its own functions. When CONFIG_FS_READ_CALLBACKS
is set to 'n', the corresponding stub functions return approriate error
values.
7. Split fscrypt_decrypt() function into fscrypt_decrypt_bio() and
fscrypt_decrypt_bh().
8. Split end_read_callbacks() function into end_read_callbacks_bio() and
end_read_callbacks_bh().
V1 -> V2:
1. Removed the phrase "post_read_process" from file names and
functions. Instead we now use the phrase "read_callbacks" in its
place.
2. When performing changes associated with (1), the changes made by
the patch "Remove the term 'bio' from post read processing" are
made in the earlier patch "Consolidate 'read callbacks' into a new
file". Hence the patch "Remove the term 'bio' from post read
processing" is removed from the patchset.
RFC V2 -> V1:
1. Test and verify FS_CFLG_OWN_PAGES subset of fscrypt_encrypt_page()
code by executing fstests on UBIFS.
2. Implement F2fs function call back to check if the contents of a
page holding a verity file's data needs to be verified.
RFC V1 -> RFC V2:
1. Describe the purpose of "Post processing code" in the cover letter.
2. Fix build errors when CONFIG_FS_VERITY is enabled.
Chandan Rajendra (7):
buffer_head: Introduce BH_Read_Cb flag
FS: Introduce read callbacks
fs/mpage.c: Integrate read callbacks
fs/buffer.c: add decryption support via read_callbacks
ext4: Wire up ext4_readpage[s] to use mpage_readpage[s]
ext4: Enable encryption for subpage-sized blocks
fscrypt: remove struct fscrypt_ctx
Documentation/filesystems/fscrypt.rst | 4 +-
fs/Kconfig | 3 +
fs/Makefile | 1 +
fs/buffer.c | 33 ++-
fs/crypto/bio.c | 18 --
fs/crypto/crypto.c | 89 +-------
fs/crypto/fscrypt_private.h | 3 -
fs/ext4/Kconfig | 1 +
fs/ext4/Makefile | 2 +-
fs/ext4/inode.c | 5 +-
fs/ext4/readpage.c | 295 --------------------------
fs/ext4/super.c | 7 -
fs/f2fs/Kconfig | 1 +
fs/mpage.c | 24 ++-
fs/read_callbacks.c | 285 +++++++++++++++++++++++++
include/linux/buffer_head.h | 2 +
include/linux/fscrypt.h | 32 ---
include/linux/read_callbacks.h | 48 +++++
18 files changed, 391 insertions(+), 462 deletions(-)
delete mode 100644 fs/ext4/readpage.c
create mode 100644 fs/read_callbacks.c
create mode 100644 include/linux/read_callbacks.h
--
2.19.1
Powered by blists - more mailing lists