From patchwork Mon Feb 12 09:43:46 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chandan Rajendra X-Patchwork-Id: 10212061 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id A8B5260601 for ; Mon, 12 Feb 2018 09:43:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9B10228334 for ; Mon, 12 Feb 2018 09:43:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8FE2F28935; Mon, 12 Feb 2018 09:43:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D9D0128334 for ; Mon, 12 Feb 2018 09:43:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933331AbeBLJnU (ORCPT ); Mon, 12 Feb 2018 04:43:20 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:50336 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753976AbeBLJnG (ORCPT ); Mon, 12 Feb 2018 04:43:06 -0500 Received: from pps.filterd (m0098419.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w1C9clbi037704 for ; Mon, 12 Feb 2018 04:43:05 -0500 Received: from e37.co.us.ibm.com (e37.co.us.ibm.com [32.97.110.158]) by mx0b-001b2d01.pphosted.com with ESMTP id 2g3552qg33-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Mon, 12 Feb 2018 04:43:05 -0500 Received: from localhost by e37.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 12 Feb 2018 02:43:03 -0700 Received: from b03cxnp08026.gho.boulder.ibm.com (9.17.130.18) by e37.co.us.ibm.com (192.168.1.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Mon, 12 Feb 2018 02:43:01 -0700 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08026.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w1C9h0KW5505526; Mon, 12 Feb 2018 02:43:00 -0700 Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7FD7B136043; Mon, 12 Feb 2018 02:43:00 -0700 (MST) Received: from localhost.in.ibm.com (unknown [9.124.35.142]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP id 4E87E13603C; Mon, 12 Feb 2018 02:42:58 -0700 (MST) From: Chandan Rajendra To: linux-ext4@vger.kernel.org Cc: Chandan Rajendra , linux-fsdevel@vger.kernel.org, ebiggers3@gmail.com, linux-fscrypt@vger.kernel.org, tytso@mit.edu Subject: [RFC PATCH V2 10/11] Enable writing encrypted files in blocksize less than pagesize setup Date: Mon, 12 Feb 2018 15:13:46 +0530 X-Mailer: git-send-email 2.9.5 In-Reply-To: <20180212094347.22071-1-chandan@linux.vnet.ibm.com> References: <20180212094347.22071-1-chandan@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 18021209-0024-0000-0000-000017EBBFA8 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00008521; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000251; SDB=6.00988574; UDB=6.00501891; IPR=6.00767928; BA=6.00005825; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00019505; XFM=3.00000015; UTC=2018-02-12 09:43:03 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18021209-0025-0000-0000-00004EAE2F53 Message-Id: <20180212094347.22071-11-chandan@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-02-12_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1802120125 Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This commit splits the functionality of fscrypt_encrypt_block(). The allocation of fscrypt context and cipher text page is moved to a new function fscrypt_prep_ciphertext_page(). ext4_bio_write_page() is modified to appropriately make use of the above two functions. Signed-off-by: Chandan Rajendra --- fs/crypto/crypto.c | 71 +++++++++++++++++++++-------------------- fs/ext4/page-io.c | 34 +++++++++++++------- include/linux/fscrypt_notsupp.h | 16 +++++++--- include/linux/fscrypt_supp.h | 9 ++++-- 4 files changed, 75 insertions(+), 55 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index 24e3796..8fb27ee 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -195,6 +195,35 @@ struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx, return ctx->w.bounce_page; } +struct page *fscrypt_prep_ciphertext_page(struct inode *inode, + struct page *page, + gfp_t gfp_flags) +{ + struct page *ciphertext_page; + struct fscrypt_ctx *ctx; + + BUG_ON(!PageLocked(page)); + + ctx = fscrypt_get_ctx(inode, gfp_flags); + if (IS_ERR(ctx)) + return ERR_CAST(ctx); + + ctx->w.control_page = page; + + ciphertext_page = fscrypt_alloc_bounce_page(ctx, gfp_flags); + if (IS_ERR(ciphertext_page)) { + fscrypt_release_ctx(ctx); + return ERR_CAST(ciphertext_page); + } + + SetPagePrivate(ciphertext_page); + set_page_private(ciphertext_page, (unsigned long)ctx); + lock_page(ciphertext_page); + + return ciphertext_page; +} +EXPORT_SYMBOL(fscrypt_prep_ciphertext_page); + /** * fscypt_encrypt_page() - Encrypts a page * @inode: The inode for which the encryption should take place @@ -226,15 +255,11 @@ struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx, * Return: A page with the encrypted content on success. Else, an * error value or NULL. */ -struct page *fscrypt_encrypt_block(const struct inode *inode, - struct page *page, - unsigned int len, - unsigned int offs, - u64 lblk_num, gfp_t gfp_flags) - +int fscrypt_encrypt_block(const struct inode *inode, + struct page *page, struct page *ciphertext_page, + unsigned int len, unsigned int offs, + u64 lblk_num, gfp_t gfp_flags) { - struct fscrypt_ctx *ctx; - struct page *ciphertext_page = page; int err; BUG_ON(len % FS_CRYPTO_BLOCK_SIZE != 0); @@ -242,41 +267,17 @@ struct page *fscrypt_encrypt_block(const struct inode *inode, if (inode->i_sb->s_cop->flags & FS_CFLG_OWN_PAGES) { /* with inplace-encryption we just encrypt the page */ err = fscrypt_do_block_crypto(inode, FS_ENCRYPT, lblk_num, page, - ciphertext_page, len, offs, - gfp_flags); - if (err) - return ERR_PTR(err); - - return ciphertext_page; + page, len, offs, gfp_flags); + return err; } BUG_ON(!PageLocked(page)); - ctx = fscrypt_get_ctx(inode, gfp_flags); - if (IS_ERR(ctx)) - return (struct page *)ctx; - - /* The encryption operation will require a bounce page. */ - ciphertext_page = fscrypt_alloc_bounce_page(ctx, gfp_flags); - if (IS_ERR(ciphertext_page)) - goto errout; - - ctx->w.control_page = page; err = fscrypt_do_block_crypto(inode, FS_ENCRYPT, lblk_num, page, ciphertext_page, len, offs, gfp_flags); - if (err) { - ciphertext_page = ERR_PTR(err); - goto errout; - } - SetPagePrivate(ciphertext_page); - set_page_private(ciphertext_page, (unsigned long)ctx); - lock_page(ciphertext_page); - return ciphertext_page; + return err; -errout: - fscrypt_release_ctx(ctx); - return ciphertext_page; } EXPORT_SYMBOL(fscrypt_encrypt_block); diff --git a/fs/ext4/page-io.c b/fs/ext4/page-io.c index 0a4a1e7..1e869d5 100644 --- a/fs/ext4/page-io.c +++ b/fs/ext4/page-io.c @@ -419,9 +419,12 @@ int ext4_bio_write_page(struct ext4_io_submit *io, struct inode *inode = page->mapping->host; unsigned block_start; struct buffer_head *bh, *head; + u64 blk_nr; + gfp_t gfp_flags = GFP_NOFS; int ret = 0; int nr_submitted = 0; int nr_to_submit = 0; + int blocksize = (1 << inode->i_blkbits); BUG_ON(!PageLocked(page)); BUG_ON(PageWriteback(page)); @@ -475,15 +478,11 @@ int ext4_bio_write_page(struct ext4_io_submit *io, nr_to_submit++; } while ((bh = bh->b_this_page) != head); - bh = head = page_buffers(page); - - if (ext4_encrypted_inode(inode) && S_ISREG(inode->i_mode) && - nr_to_submit) { - gfp_t gfp_flags = GFP_NOFS; - - retry_encrypt: - data_page = fscrypt_encrypt_block(inode, page, PAGE_SIZE, 0, - page->index, gfp_flags); + if (ext4_encrypted_inode(inode) && S_ISREG(inode->i_mode) + && nr_to_submit) { + retry_prep_ciphertext_page: + data_page = fscrypt_prep_ciphertext_page(inode, page, + gfp_flags); if (IS_ERR(data_page)) { ret = PTR_ERR(data_page); if (ret == -ENOMEM && wbc->sync_mode == WB_SYNC_ALL) { @@ -492,17 +491,28 @@ int ext4_bio_write_page(struct ext4_io_submit *io, congestion_wait(BLK_RW_ASYNC, HZ/50); } gfp_flags |= __GFP_NOFAIL; - goto retry_encrypt; + goto retry_prep_ciphertext_page; } data_page = NULL; goto out; } } + blk_nr = page->index << (PAGE_SHIFT - inode->i_blkbits); + /* Now submit buffers to write */ + bh = head = page_buffers(page); do { if (!buffer_async_write(bh)) continue; + + if (ext4_encrypted_inode(inode) && S_ISREG(inode->i_mode)) { + ret = fscrypt_encrypt_block(inode, page, data_page, blocksize, + bh_offset(bh), blk_nr, gfp_flags); + if (ret) + break; + } + ret = io_submit_add_bh(io, inode, data_page ? data_page : page, bh); if (ret) { @@ -515,12 +525,12 @@ int ext4_bio_write_page(struct ext4_io_submit *io, } nr_submitted++; clear_buffer_dirty(bh); - } while ((bh = bh->b_this_page) != head); + } while (++blk_nr, (bh = bh->b_this_page) != head); /* Error stopped previous loop? Clean up buffers... */ if (ret) { out: - if (data_page) + if (data_page && bh == head) fscrypt_restore_control_page(data_page); printk_ratelimited(KERN_ERR "%s: ret = %d\n", __func__, ret); redirty_page_for_writepage(wbc, page); diff --git a/include/linux/fscrypt_notsupp.h b/include/linux/fscrypt_notsupp.h index aeb6b6d..3b0a53b 100644 --- a/include/linux/fscrypt_notsupp.h +++ b/include/linux/fscrypt_notsupp.h @@ -26,15 +26,21 @@ static inline void fscrypt_release_ctx(struct fscrypt_ctx *ctx) return; } -static inline struct page *fscrypt_encrypt_page(const struct inode *inode, - struct page *page, - unsigned int len, - unsigned int offs, - u64 lblk_num, gfp_t gfp_flags) +static inline struct page *fscrypt_prep_ciphertext_page(struct inode *inode, + struct page *page, + gfp_t gfp_flags) { return ERR_PTR(-EOPNOTSUPP); } +static inline int fscrypt_encrypt_block(const struct inode *inode, + struct page *page, struct page *ciphertext_page, + unsigned int len, unsigned int offs, + u64 lblk_num, gfp_t gfp_flags) +{ + return -EOPNOTSUPP; +} + static inline int fscrypt_decrypt_block(const struct inode *inode, struct page *page, unsigned int len, unsigned int offs, diff --git a/include/linux/fscrypt_supp.h b/include/linux/fscrypt_supp.h index b4c5231..68a5e91 100644 --- a/include/linux/fscrypt_supp.h +++ b/include/linux/fscrypt_supp.h @@ -15,9 +15,12 @@ extern struct kmem_cache *fscrypt_info_cachep; extern struct fscrypt_ctx *fscrypt_get_ctx(const struct inode *, gfp_t); extern void fscrypt_release_ctx(struct fscrypt_ctx *); -extern struct page *fscrypt_encrypt_block(const struct inode *, struct page *, - unsigned int, unsigned int, - u64, gfp_t); +extern struct page *fscrypt_prep_ciphertext_page(struct inode *, struct page *, + gfp_t); +extern int fscrypt_encrypt_block(const struct inode *inode, + struct page *page, struct page *ciphertext_page, + unsigned int len, unsigned int offs, + u64 lblk_num, gfp_t gfp_flags); extern int fscrypt_decrypt_block(const struct inode *, struct page *, unsigned int, unsigned int, u64); extern void fscrypt_restore_control_page(struct page *);