lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200722170547.GE3912099@google.com> Date: Wed, 22 Jul 2020 10:05:47 -0700 From: Jaegeuk Kim <jaegeuk@...nel.org> To: Satya Tangirala <satyat@...gle.com> Cc: linux-fscrypt@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net, linux-ext4@...r.kernel.org, linux-xfs@...r.kernel.org, Eric Biggers <ebiggers@...gle.com> Subject: Re: [PATCH v4 2/7] direct-io: add support for fscrypt using blk-crypto On 07/20, Satya Tangirala wrote: > From: Eric Biggers <ebiggers@...gle.com> > > Set bio crypt contexts on bios by calling into fscrypt when required, > and explicitly check for DUN continuity when adding pages to the bio. > (While DUN continuity is usually implied by logical block contiguity, > this is not the case when using certain fscrypt IV generation methods > like IV_INO_LBLK_32). > > Signed-off-by: Eric Biggers <ebiggers@...gle.com> > Co-developed-by: Satya Tangirala <satyat@...gle.com> > Signed-off-by: Satya Tangirala <satyat@...gle.com> Reviwed-by: Jaegeuk Kim <jaegeuk@...nel.org> > --- > fs/direct-io.c | 15 ++++++++++++++- > 1 file changed, 14 insertions(+), 1 deletion(-) > > diff --git a/fs/direct-io.c b/fs/direct-io.c > index 6d5370eac2a8..f27f7e3780ee 100644 > --- a/fs/direct-io.c > +++ b/fs/direct-io.c > @@ -24,6 +24,7 @@ > #include <linux/module.h> > #include <linux/types.h> > #include <linux/fs.h> > +#include <linux/fscrypt.h> > #include <linux/mm.h> > #include <linux/slab.h> > #include <linux/highmem.h> > @@ -411,6 +412,7 @@ dio_bio_alloc(struct dio *dio, struct dio_submit *sdio, > sector_t first_sector, int nr_vecs) > { > struct bio *bio; > + struct inode *inode = dio->inode; > > /* > * bio_alloc() is guaranteed to return a bio when allowed to sleep and > @@ -418,6 +420,9 @@ dio_bio_alloc(struct dio *dio, struct dio_submit *sdio, > */ > bio = bio_alloc(GFP_KERNEL, nr_vecs); > > + fscrypt_set_bio_crypt_ctx(bio, inode, > + sdio->cur_page_fs_offset >> inode->i_blkbits, > + GFP_KERNEL); > bio_set_dev(bio, bdev); > bio->bi_iter.bi_sector = first_sector; > bio_set_op_attrs(bio, dio->op, dio->op_flags); > @@ -782,9 +787,17 @@ static inline int dio_send_cur_page(struct dio *dio, struct dio_submit *sdio, > * current logical offset in the file does not equal what would > * be the next logical offset in the bio, submit the bio we > * have. > + * > + * When fscrypt inline encryption is used, data unit number > + * (DUN) contiguity is also required. Normally that's implied > + * by logical contiguity. However, certain IV generation > + * methods (e.g. IV_INO_LBLK_32) don't guarantee it. So, we > + * must explicitly check fscrypt_mergeable_bio() too. > */ > if (sdio->final_block_in_bio != sdio->cur_page_block || > - cur_offset != bio_next_offset) > + cur_offset != bio_next_offset || > + !fscrypt_mergeable_bio(sdio->bio, dio->inode, > + cur_offset >> dio->inode->i_blkbits)) > dio_bio_submit(dio, sdio); > } > > -- > 2.28.0.rc0.105.gf9edc3c819-goog
Powered by blists - more mailing lists