| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200720233739.824943-1-satyat@google.com>
Date: Mon, 20 Jul 2020 23:37:32 +0000
From: Satya Tangirala <satyat@...gle.com>
To: linux-fscrypt@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-f2fs-devel@...ts.sourceforge.net, linux-ext4@...r.kernel.org
Cc: linux-xfs@...r.kernel.org, Satya Tangirala <satyat@...gle.com>
Subject: [PATCH v4 0/7] add support for direct I/O with fscrypt using blk-crypto
This patch series adds support for direct I/O with fscrypt using
blk-crypto. It has been rebased on fscrypt/master.
Patch 1 adds two functions to fscrypt that need to be called to determine
if direct I/O is supported for a request.
Patches 2 and 3 wire up direct-io and iomap respectively with the functions
introduced in Patch 1 and set bio crypt contexts on bios when appropriate
by calling into fscrypt.
Patches 4 and 5 allow ext4 and f2fs direct I/O to support fscrypt without
falling back to buffered I/O.
Patches 6 and 7 update the fscrypt documentation for inline encryption
support and direct I/O. The documentation now notes the required conditions
for inline encryption and direct I/O on encrypted files.
This patch series was tested by running xfstests with test_dummy_encryption
with and without the 'inlinecrypt' mount option, and there were no
meaningful regressions. One regression was for generic/587 on ext4,
but that test isn't compatible with test_dummy_encryption in the first
place, and the test "incorrectly" passes without the 'inlinecrypt' mount
option - a patch will be sent out to exclude that test when
test_dummy_encryption is turned on with ext4 (like the other quota related
tests that use user visible quota files). The other regression was for
generic/252 on ext4, which does direct I/O with a buffer aligned to the
block device's blocksize, but not necessarily aligned to the filesystem's
block size, which direct I/O with fscrypt requires.
Changes v3 => v4:
- Fix bug in iomap_dio_bio_actor() where fscrypt_limit_io_pages() was
being called too early (thanks Eric!)
- Improve comments and fix formatting in documentation
- iomap_dio_zero() is only called to zero out partial blocks, but
direct I/O is only supported on encrypted files when I/O is
blocksize aligned, so it doesn't need to set encryption contexts on
bios. Replace setting the encryption context with a WARN_ON(). (Eric)
Changes v2 => v3:
- add changelog to coverletter
Changes v1 => v2:
- Fix bug in f2fs caused by replacing f2fs_post_read_required() with
!fscrypt_dio_supported() since the latter doesn't check for
compressed inodes unlike the former.
- Add patches 6 and 7 for fscrypt documentation
- cleanups and comments
Eric Biggers (5):
fscrypt: Add functions for direct I/O support
direct-io: add support for fscrypt using blk-crypto
iomap: support direct I/O with fscrypt using blk-crypto
ext4: support direct I/O with fscrypt using blk-crypto
f2fs: support direct I/O with fscrypt using blk-crypto
Satya Tangirala (2):
fscrypt: document inline encryption support
fscrypt: update documentation for direct I/O support
Documentation/filesystems/fscrypt.rst | 36 +++++++++++-
fs/crypto/crypto.c | 8 +++
fs/crypto/inline_crypt.c | 82 +++++++++++++++++++++++++++
fs/direct-io.c | 15 ++++-
fs/ext4/file.c | 10 ++--
fs/f2fs/f2fs.h | 6 +-
fs/iomap/direct-io.c | 12 +++-
include/linux/fscrypt.h | 19 +++++++
8 files changed, 178 insertions(+), 10 deletions(-)
--
2.28.0.rc0.105.gf9edc3c819-goog
Powered by blists - more mailing lists