From patchwork Mon Feb 12 09:43:47 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chandan Rajendra <chandan@linux.vnet.ibm.com>
X-Patchwork-Id: 10212055
Return-Path: <linux-fscrypt-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	D62C16055C for <patchwork-linux-fscrypt@patchwork.kernel.org>;
	Mon, 12 Feb 2018 09:43:12 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C71A328334
	for <patchwork-linux-fscrypt@patchwork.kernel.org>;
	Mon, 12 Feb 2018 09:43:12 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id BB72328945; Mon, 12 Feb 2018 09:43:12 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 58BAF288EF
	for <patchwork-linux-fscrypt@patchwork.kernel.org>;
	Mon, 12 Feb 2018 09:43:12 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S933321AbeBLJnL (ORCPT
	<rfc822;patchwork-linux-fscrypt@patchwork.kernel.org>);
	Mon, 12 Feb 2018 04:43:11 -0500
Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:33544 "EHLO
	mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
	by vger.kernel.org with ESMTP id S1753990AbeBLJnI (ORCPT
	<rfc822;linux-fscrypt@vger.kernel.org>);
	Mon, 12 Feb 2018 04:43:08 -0500
Received: from pps.filterd (m0098420.ppops.net [127.0.0.1])
	by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id
	w1C9cwmT079462
	for <linux-fscrypt@vger.kernel.org>; Mon, 12 Feb 2018 04:43:08 -0500
Received: from e37.co.us.ibm.com (e37.co.us.ibm.com [32.97.110.158])
	by mx0b-001b2d01.pphosted.com with ESMTP id 2g32fhbxff-1
	(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)
	for <linux-fscrypt@vger.kernel.org>; Mon, 12 Feb 2018 04:43:07 -0500
Received: from localhost
	by e37.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <linux-fscrypt@vger.kernel.org> from <chandan@linux.vnet.ibm.com>;
	Mon, 12 Feb 2018 02:43:07 -0700
Received: from b03cxnp08028.gho.boulder.ibm.com (9.17.130.20)
	by e37.co.us.ibm.com (192.168.1.137) with IBM ESMTP SMTP Gateway:
	Authorized Use Only! Violators will be prosecuted;
	Mon, 12 Feb 2018 02:43:04 -0700
Received: from b03ledav002.gho.boulder.ibm.com
	(b03ledav002.gho.boulder.ibm.com [9.17.130.233])
	by b03cxnp08028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with
	ESMTP id w1C9h4GS13107688; Mon, 12 Feb 2018 02:43:04 -0700
Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 2AA4D136040;
	Mon, 12 Feb 2018 02:43:04 -0700 (MST)
Received: from localhost.in.ibm.com (unknown [9.124.35.142])
	by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP id
	0416713603A; Mon, 12 Feb 2018 02:43:01 -0700 (MST)
From: Chandan Rajendra <chandan@linux.vnet.ibm.com>
To: linux-ext4@vger.kernel.org
Cc: Chandan Rajendra <chandan@linux.vnet.ibm.com>,
	linux-fsdevel@vger.kernel.org, ebiggers3@gmail.com,
	linux-fscrypt@vger.kernel.org, tytso@mit.edu
Subject: [RFC PATCH V2 11/11] ext4: Enable encryption for blocksize less
	than page size
Date: Mon, 12 Feb 2018 15:13:47 +0530
X-Mailer: git-send-email 2.9.5
In-Reply-To: <20180212094347.22071-1-chandan@linux.vnet.ibm.com>
References: <20180212094347.22071-1-chandan@linux.vnet.ibm.com>
X-TM-AS-GCONF: 00
x-cbid: 18021209-0024-0000-0000-000017EBBFAC
X-IBM-SpamModules-Scores: 
X-IBM-SpamModules-Versions: BY=3.00008521; HX=3.00000241; KW=3.00000007;
	PH=3.00000004; SC=3.00000251; SDB=6.00988574; UDB=6.00501891;
	IPR=6.00767928;
	BA=6.00005825; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;
	ZB=6.00000000;
	ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00019505;
	XFM=3.00000015; UTC=2018-02-12 09:43:07
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 18021209-0025-0000-0000-00004EAE2F5C
Message-Id: <20180212094347.22071-12-chandan@linux.vnet.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, ,
	definitions=2018-02-12_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
	priorityscore=1501
	malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0
	clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0
	classifier=spam adjust=0 reason=mlx scancount=1
	engine=8.0.1-1709140000
	definitions=main-1802120125
Sender: linux-fscrypt-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fscrypt.vger.kernel.org>
X-Mailing-List: linux-fscrypt@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Now that we have all the code to support encryption for block size less
than page size scenario, this commit removes the conditional check in
filesystem mount code.

The commit also changes the support statement in
Documentation/filesystems/fscrypt.rst to reflect the fact that
encryption of filesystems with blocksize less than page size now works.

Signed-off-by: Chandan Rajendra <chandan@linux.vnet.ibm.com>
---
 Documentation/filesystems/fscrypt.rst | 14 +++++++-------
 fs/ext4/super.c                       |  7 -------
 2 files changed, 7 insertions(+), 14 deletions(-)

diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index 776ddc6..2147e53 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -202,13 +202,13 @@ modes are not currently supported because of the difficulty of dealing
 with ciphertext expansion.
 
 For file contents, each filesystem block is encrypted independently.
-Currently, only the case where the filesystem block size is equal to
-the system's page size (usually 4096 bytes) is supported.  With the
-XTS mode of operation (recommended), the logical block number within
-the file is used as the IV.  With the CBC mode of operation (not
-recommended), ESSIV is used; specifically, the IV for CBC is the
-logical block number encrypted with AES-256, where the AES-256 key is
-the SHA-256 hash of the inode's data encryption key.
+Starting from Linux kernel 4.17, encryption of filesystems with block
+size less than system's page size is supported.  With the XTS mode of
+operation (recommended), the logical block number within the file is
+used as the IV.  With the CBC mode of operation (not recommended),
+ESSIV is used; specifically, the IV for CBC is the logical block
+number encrypted with AES-256, where the AES-256 key is the SHA-256
+hash of the inode's data encryption key.
 
 For filenames, the full filename is encrypted at once.  Because of the
 requirements to retain support for efficient directory lookups and
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index ebb7edb..3ec04cc 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -4138,13 +4138,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
 		}
 	}
 
-	if ((DUMMY_ENCRYPTION_ENABLED(sbi) || ext4_has_feature_encrypt(sb)) &&
-	    (blocksize != PAGE_SIZE)) {
-		ext4_msg(sb, KERN_ERR,
-			 "Unsupported blocksize for fs encryption");
-		goto failed_mount_wq;
-	}
-
 	if (DUMMY_ENCRYPTION_ENABLED(sbi) && !sb_rdonly(sb) &&
 	    !ext4_has_feature_encrypt(sb)) {
 		ext4_set_feature_encrypt(sb);