From patchwork Fri Jul 17 01:35:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11668657 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C0CC31751 for ; Fri, 17 Jul 2020 01:35:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A340F20691 for ; Fri, 17 Jul 2020 01:35:30 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="rNcJ1z/h" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726856AbgGQBf3 (ORCPT ); Thu, 16 Jul 2020 21:35:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37752 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726809AbgGQBf2 (ORCPT ); Thu, 16 Jul 2020 21:35:28 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3A392C08C5CE for ; Thu, 16 Jul 2020 18:35:28 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id e80so5792893pfh.13 for ; Thu, 16 Jul 2020 18:35:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=B0x0K0LAx9+Y7Q8FXBFUwx+eU4+ad8NV7ubLsxeFaf4=; b=rNcJ1z/hk3b1nlQcOK344BBKSaTZD0FO1lc1KBwd0QAUCl8LAzorkSchCeJV+hqxco VxZdkX7BuCr07mM59e6rfOF9TcpZ2NNNqjgG1ix7aij9jNjawUvA6ftvYtPvlKxkQrCb r1Du7ASXNCYSpyLj9txeDB4id+SBLeq+zfMufpbluvu3wACCfzpcjItXMleC2WhSNMK4 5mGgzVaRaRBvczOOazdepqhiP4UyFot3XBcOUh37HxRuiDjpZ0OzsgmD8XQaggV9gneU lAJiuyQYhik+85aksvgSo7vrHofshzMnswjyCii7OnIWl5oEpf0m6JssM590tZE6J/pU U6Dw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=B0x0K0LAx9+Y7Q8FXBFUwx+eU4+ad8NV7ubLsxeFaf4=; b=C0HCTz1Nb68bBzYgfT8I3qlnhoNczLgBX3nkpGMNqXnI+Pyk+Zz7bty98s1l4s5E6K WAYVkJvkMg5YUHj5efo6bz4sW1FIwN0LJgmNujN7lwBTjR4ke5eqCGHwY022wkD40gBN BfVKdJ0KAGGhk6GUYG4BunVmCasrPfY5worgPxvM9AAZ0WV6yv11gooPCpNn1o2uY1xT vAZnS+kYHECMtmcgT0EK1j0HTVhlQco+wpXJUEKo1WGA64px1zjY1G9jzsxdPTlcmpTK rO4sB2nfS0rw7Jmj+9+3z7546WhIBimadU0Fc17ZkpgDdroSD74fGcEGCFz/WmA3SKco gtUQ== X-Gm-Message-State: AOAM531QhecpBUvTgoUulXMxYMr2JHi4GeTaU7LgRK/AM6+IrHS7hnUs eGEFomGe9nqXUP8TTmM03xqWab9WkYv+XIX5uwjTncG3+Bsu6X8EKIdSdnKsX7TIXCFeQuONHxP GjW9wIYGu6lL8lnezdugKexBznWkXaO4HP7XJiR74JR0ZwoVFEFcgYiPJ5WdiWIC8x7nDJtE= X-Google-Smtp-Source: ABdhPJxPTXctCC0zB+2Aag+2QZjZh13xx8lZoFZnZfaqM8dqP3fwqUDr7MTFN8aR7cvnb4Uu0xvaMjfWhvM= X-Received: by 2002:a17:90a:1fcb:: with SMTP id z11mr2171503pjz.1.1594949727176; Thu, 16 Jul 2020 18:35:27 -0700 (PDT) Date: Fri, 17 Jul 2020 01:35:12 +0000 In-Reply-To: <20200717013518.59219-1-satyat@google.com> Message-Id: <20200717013518.59219-2-satyat@google.com> Mime-Version: 1.0 References: <20200717013518.59219-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog Subject: [PATCH v2 1/7] fscrypt: Add functions for direct I/O support From: Satya Tangirala To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Eric Biggers , Satya Tangirala Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers Introduce fscrypt_dio_supported() to check whether a direct I/O request is unsupported due to encryption constraints, and fscrypt_limit_io_pages() to check how many pages may be added to a bio being prepared for direct I/O. The IV_INO_LBLK_32 fscrypt policy introduced the possibility that DUNs in logically continuous file blocks might wrap from 0xffffffff to 0. Since this was particularly difficult to handle when block_size != PAGE_SIZE, fscrypt only supports blk-crypto en/decryption with the IV_INO_LBLK_32 policy when block_size == PAGE_SIZE, and ensures that the DUN never wraps around within any submitted bio. fscrypt_limit_io_pages() can be used to determine the number of logically contiguous blocks/pages that may be added to the bio without causing the DUN to wrap around within the bio. This is an alternative to calling fscrypt_mergeable_bio() on each page in a range of logically contiguous pages. Signed-off-by: Eric Biggers Co-developed-by: Satya Tangirala Signed-off-by: Satya Tangirala --- fs/crypto/crypto.c | 8 ++++ fs/crypto/inline_crypt.c | 80 ++++++++++++++++++++++++++++++++++++++++ include/linux/fscrypt.h | 19 ++++++++++ 3 files changed, 107 insertions(+) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index a52cf32733ab..fb34364360b3 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -69,6 +69,14 @@ void fscrypt_free_bounce_page(struct page *bounce_page) } EXPORT_SYMBOL(fscrypt_free_bounce_page); +/* + * Generate the IV for the given logical block number within the given file. + * For filenames encryption, lblk_num == 0. + * + * Keep this in sync with fscrypt_limit_io_pages(). fscrypt_limit_io_pages() + * needs to know about any IV generation methods where the low bits of IV don't + * simply contain the lblk_num (e.g., IV_INO_LBLK_32). + */ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 lblk_num, const struct fscrypt_info *ci) { diff --git a/fs/crypto/inline_crypt.c b/fs/crypto/inline_crypt.c index d7aecadf33c1..f5af6a63e04c 100644 --- a/fs/crypto/inline_crypt.c +++ b/fs/crypto/inline_crypt.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "fscrypt_private.h" @@ -362,3 +363,82 @@ bool fscrypt_mergeable_bio_bh(struct bio *bio, return fscrypt_mergeable_bio(bio, inode, next_lblk); } EXPORT_SYMBOL_GPL(fscrypt_mergeable_bio_bh); + +/** + * fscrypt_dio_supported() - check whether a direct I/O request is unsupported + * due to encryption constraints + * @iocb: the file and position the I/O is targeting + * @iter: the I/O data segment(s) + * + * Return: true if direct I/O is supported + */ +bool fscrypt_dio_supported(struct kiocb *iocb, struct iov_iter *iter) +{ + const struct inode *inode = file_inode(iocb->ki_filp); + const unsigned int blocksize = i_blocksize(inode); + + /* If the file is unencrypted, no veto from us. */ + if (!fscrypt_needs_contents_encryption(inode)) + return true; + + /* We only support direct I/O with inline crypto, not fs-layer crypto */ + if (!fscrypt_inode_uses_inline_crypto(inode)) + return false; + + /* + * Since the granularity of encryption is filesystem blocks, the I/O + * must be block aligned -- not just disk sector aligned. + */ + if (!IS_ALIGNED(iocb->ki_pos | iov_iter_alignment(iter), blocksize)) + return false; + + return true; +} +EXPORT_SYMBOL_GPL(fscrypt_dio_supported); + +/** + * fscrypt_limit_io_pages() - limit I/O pages to avoid discontiguous DUNs + * @inode: the file on which I/O is being done + * @pos: the file position (in bytes) at which the I/O is being done + * @nr_pages: the number of pages we want to submit starting at @pos + * + * Determine the limit to the number of pages that can be submitted in the bio + * targeting @pos without causing a data unit number (DUN) discontinuity. + * + * For IV generation methods that can't cause DUN wraparounds + * within logically continuous data blocks, the maximum number of pages is + * simply @nr_pages. For those IV generation methods that *might* cause DUN + * wraparounds, the returned number of pages is the largest possible number of + * pages (less than @nr_pages) that can be added to the bio without causing a + * DUN wraparound within the bio. + * + * Return: the actual number of pages that can be submitted + */ +int fscrypt_limit_io_pages(const struct inode *inode, loff_t pos, int nr_pages) +{ + const struct fscrypt_info *ci = inode->i_crypt_info; + u32 dun; + + if (!fscrypt_inode_uses_inline_crypto(inode)) + return nr_pages; + + if (nr_pages <= 1) + return nr_pages; + + if (!(fscrypt_policy_flags(&ci->ci_policy) & + FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)) + return nr_pages; + + /* + * fscrypt_select_encryption_impl() ensures that block_size == PAGE_SIZE + * when using FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32. + */ + if (WARN_ON_ONCE(i_blocksize(inode) != PAGE_SIZE)) + return 1; + + /* With IV_INO_LBLK_32, the DUN can wrap around from U32_MAX to 0. */ + + dun = ci->ci_hashed_ino + (pos >> inode->i_blkbits); + + return min_t(u64, nr_pages, (u64)U32_MAX + 1 - dun); +} diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h index bb257411365f..c205c214b35e 100644 --- a/include/linux/fscrypt.h +++ b/include/linux/fscrypt.h @@ -559,6 +559,11 @@ bool fscrypt_mergeable_bio(struct bio *bio, const struct inode *inode, bool fscrypt_mergeable_bio_bh(struct bio *bio, const struct buffer_head *next_bh); +bool fscrypt_dio_supported(struct kiocb *iocb, struct iov_iter *iter); + +int fscrypt_limit_io_pages(const struct inode *inode, loff_t pos, + int nr_pages); + #else /* CONFIG_FS_ENCRYPTION_INLINE_CRYPT */ static inline bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode) @@ -587,6 +592,20 @@ static inline bool fscrypt_mergeable_bio_bh(struct bio *bio, { return true; } + +static inline bool fscrypt_dio_supported(struct kiocb *iocb, + struct iov_iter *iter) +{ + const struct inode *inode = file_inode(iocb->ki_filp); + + return !fscrypt_needs_contents_encryption(inode); +} + +static inline int fscrypt_limit_io_pages(const struct inode *inode, loff_t pos, + int nr_pages) +{ + return nr_pages; +} #endif /* !CONFIG_FS_ENCRYPTION_INLINE_CRYPT */ /** From patchwork Fri Jul 17 01:35:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11668665 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0C95317CF for ; Fri, 17 Jul 2020 01:35:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E84DF20691 for ; Fri, 17 Jul 2020 01:35:32 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="EcPT5iw6" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726907AbgGQBfc (ORCPT ); Thu, 16 Jul 2020 21:35:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37768 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726401AbgGQBfa (ORCPT ); Thu, 16 Jul 2020 21:35:30 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9730C08C5DB for ; Thu, 16 Jul 2020 18:35:29 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id i203so9509983yba.9 for ; Thu, 16 Jul 2020 18:35:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=zp9IyNE/WOqMjmmUo5OQb7An9Jck4EABFW2ZtXIp0J8=; b=EcPT5iw6xeAfEjdlPbda6DoINJs/j9jKP2TGre8RBeZXNcyIRuqos8GS/JPjNxyyMj aARz+rkyGL52RWpzFM5BJ3zkR/4wfsdnrw+1luAFREm/VEQT+l2s5cpIKsr+5uKeFMH4 WY51ds7oCW7o+7bxVZeVdvBRNakPa9eZZmcbTSZ4YdYGuLV6Q/SugNCpoAJkT93/jfJb IGJddYgCOXxJUJ+GqNK5dO62cUYyve5r5yM+KtVqyAb2Zs2BUOSmw7Fs3p41vxvgdu5b 24MANUxf9LZQryIjThNYfZtFGr6rsTY31QgdC5WUa3iwxTm6vikksUZPQJEA49/6nHBM jWDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=zp9IyNE/WOqMjmmUo5OQb7An9Jck4EABFW2ZtXIp0J8=; b=M6x/TAtc5bBrOCFSZ7HN28ZQOUQwULHHicIJQqgwLzPHN/Eh68YrkaYLaEBWjt5h/5 EsIkyaFeCfHYN7+qJEKkKDBZid5FpAfJorWc26LyAe1S/eF3UUTIi/o54q3kAO02vSdd gn9ZfAnkX5T24Jbvt/cyIIPAH0MA9kdz995ob0BBfa9m8r+Gqam3zPgriFHBXpCgbbJ2 NoZA2n6kViOklcHDXZfUPAtA9SOv3DlGVUgCL7kjNJCBAHRjAKLjEkQl2Q+vkFR8kHoe M0KNs2+a+GDUuJL9KDEdNuu5GDPs2CKF1TQM2ucR4U7exP5xfkQIVYPXpdlpIefpG+Bi 8ung== X-Gm-Message-State: AOAM530HbDUBWyWn1sj1IPpPAAxqZ7dEl+kRzsFV+WEtQeyRmTlwOJyQ iksXnOHNJ5K16/HlACZkzrAO2WMKhRTdC5WcVnH8BiKGMTYMgmiaAhPkLvrNkT5k43W4/KU1TBp 9S/XnPxTYbSBxcVbrA2/FQjq866TdflMdfQSrnmOGWpOs3nWnDKsxUHXoTuzJ4Q2UyBc5BcM= X-Google-Smtp-Source: ABdhPJxs8eFAsth37g1R47hI62Mpm1RAZyjhJ4mmlKAvDAiqG/78AzVwzEyzIKJIVFj3OeeEfj/R+GGoZ6o= X-Received: by 2002:a25:e481:: with SMTP id b123mr9697382ybh.126.1594949728932; Thu, 16 Jul 2020 18:35:28 -0700 (PDT) Date: Fri, 17 Jul 2020 01:35:13 +0000 In-Reply-To: <20200717013518.59219-1-satyat@google.com> Message-Id: <20200717013518.59219-3-satyat@google.com> Mime-Version: 1.0 References: <20200717013518.59219-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog Subject: [PATCH v2 2/7] direct-io: add support for fscrypt using blk-crypto From: Satya Tangirala To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Eric Biggers , Satya Tangirala Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers Set bio crypt contexts on bios by calling into fscrypt when required, and explicitly check for DUN continuity when adding pages to the bio. (While DUN continuity is usually implied by logical block contiguity, this is not the case when using certain fscrypt IV generation methods like IV_INO_LBLK_32). Signed-off-by: Eric Biggers Co-developed-by: Satya Tangirala Signed-off-by: Satya Tangirala --- fs/direct-io.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/fs/direct-io.c b/fs/direct-io.c index 6d5370eac2a8..f27f7e3780ee 100644 --- a/fs/direct-io.c +++ b/fs/direct-io.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include @@ -411,6 +412,7 @@ dio_bio_alloc(struct dio *dio, struct dio_submit *sdio, sector_t first_sector, int nr_vecs) { struct bio *bio; + struct inode *inode = dio->inode; /* * bio_alloc() is guaranteed to return a bio when allowed to sleep and @@ -418,6 +420,9 @@ dio_bio_alloc(struct dio *dio, struct dio_submit *sdio, */ bio = bio_alloc(GFP_KERNEL, nr_vecs); + fscrypt_set_bio_crypt_ctx(bio, inode, + sdio->cur_page_fs_offset >> inode->i_blkbits, + GFP_KERNEL); bio_set_dev(bio, bdev); bio->bi_iter.bi_sector = first_sector; bio_set_op_attrs(bio, dio->op, dio->op_flags); @@ -782,9 +787,17 @@ static inline int dio_send_cur_page(struct dio *dio, struct dio_submit *sdio, * current logical offset in the file does not equal what would * be the next logical offset in the bio, submit the bio we * have. + * + * When fscrypt inline encryption is used, data unit number + * (DUN) contiguity is also required. Normally that's implied + * by logical contiguity. However, certain IV generation + * methods (e.g. IV_INO_LBLK_32) don't guarantee it. So, we + * must explicitly check fscrypt_mergeable_bio() too. */ if (sdio->final_block_in_bio != sdio->cur_page_block || - cur_offset != bio_next_offset) + cur_offset != bio_next_offset || + !fscrypt_mergeable_bio(sdio->bio, dio->inode, + cur_offset >> dio->inode->i_blkbits)) dio_bio_submit(dio, sdio); } From patchwork Fri Jul 17 01:35:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11668669 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BDA581751 for ; Fri, 17 Jul 2020 01:35:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A290A20578 for ; Fri, 17 Jul 2020 01:35:34 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="S9hUMdzt" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726893AbgGQBfe (ORCPT ); Thu, 16 Jul 2020 21:35:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37780 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726894AbgGQBfb (ORCPT ); Thu, 16 Jul 2020 21:35:31 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A69FC08C5C0 for ; Thu, 16 Jul 2020 18:35:31 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id j9so6805997pgm.8 for ; Thu, 16 Jul 2020 18:35:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=+UBFxrt4pNJbQqfKhET/4plBmEv6gpLPjB+6J7RRg5k=; b=S9hUMdztXXvOY4ssFaJ9x50x8aFoXJPR1Ord6CgvNBpR6vnJ1HcxEp+eSdaGY2wu49 f3fn0Te4kWifwbc6OZ2yWU1j5vyM+/dIh9NQBMQelj7AihRRtRxZWdcI+Qm/qQb+JSZ1 4vatdj6y/6H9IPDw31RFvJBnXZAEWZbrTIeQ4n+CYYf5Ls9iTkaDeHulKw5UxKN3y0t7 zfn3cXRsUyUuNwYuMX4HUH1SILLzTcAjK5hnXBz6/fju1dXdZTfC0wUHMfBLejmNNWiV 2zSjQ0QinEPAhWayJplF9JFzkA1NeMZT/PHLH5AVbbg/wAeJA+k9Fp7jqWMsVvb0ahs1 nmew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=+UBFxrt4pNJbQqfKhET/4plBmEv6gpLPjB+6J7RRg5k=; b=AZrsRjwT+sPCDZgmEJnZAT2lCwCWBK5fQM0e9YyTOkT9dikDcO7vfPQgTY0YHMuJCD dywQEGXevFV45ZjFQLAWCWcd0imFzS+mdxfwJb8UdqTzsuZyDCAM7gNIiq9rEHRNj+7z jubMs4IQpad2M9sB+uZZTQiwsKI4XxNfXNICB0z/98+eaa7nctR8NiqblnJSI93UBK0T L0jRAinP9y+j9kLd0/6HEOEZAr0TzwKtAXpqNmC8O5cCR/CcnFMJ1cqn0yrzzV206xAT G57E/napOgxg2k7K+cwGyFWli/l/UjC5DTM06i6dMa7UD7hqckbwNlZvnnj0BtoUsGLN GTvA== X-Gm-Message-State: AOAM531YAY/RiU0/Epydq50ZgRlqQYCYo5+jMOpl9HCxVqTzJ3siSHBk hBG1pOMYa7HLCYExMi2TqT+kHlI2ZYIp2Op/qfGDbe3nITf7GdCoosE+1wD2v49ifdm8k2B0Vig MhY8dZpBKXoRVssT+utWX8WfKksa+pn0q7N/bnkp2NkuI3jHlwXngYT2H3Zl9xiEWLo6VOSE= X-Google-Smtp-Source: ABdhPJyUKbNKbPD52mHlMT2ZSrU8LempwbQ8BXLBZXihRGAVepOXrVcw0EfQ5Li0VQYXBx83T3iUPhq+8QI= X-Received: by 2002:a17:90a:1fcb:: with SMTP id z11mr2171526pjz.1.1594949730708; Thu, 16 Jul 2020 18:35:30 -0700 (PDT) Date: Fri, 17 Jul 2020 01:35:14 +0000 In-Reply-To: <20200717013518.59219-1-satyat@google.com> Message-Id: <20200717013518.59219-4-satyat@google.com> Mime-Version: 1.0 References: <20200717013518.59219-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog Subject: [PATCH v2 3/7] iomap: support direct I/O with fscrypt using blk-crypto From: Satya Tangirala To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Eric Biggers , Satya Tangirala Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers Wire up iomap direct I/O with the fscrypt additions for direct I/O, and set bio crypt contexts on bios when appropriate. Make iomap_dio_bio_actor() call fscrypt_limit_io_pages() to ensure that DUNs remain contiguous within a bio, since it works directly with logical ranges and can't call fscrypt_mergeable_bio() on each page. Signed-off-by: Eric Biggers Co-developed-by: Satya Tangirala Signed-off-by: Satya Tangirala --- fs/iomap/direct-io.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fs/iomap/direct-io.c b/fs/iomap/direct-io.c index ec7b78e6feca..4507dc16dbe5 100644 --- a/fs/iomap/direct-io.c +++ b/fs/iomap/direct-io.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include @@ -183,11 +184,14 @@ static void iomap_dio_zero(struct iomap_dio *dio, struct iomap *iomap, loff_t pos, unsigned len) { + struct inode *inode = file_inode(dio->iocb->ki_filp); struct page *page = ZERO_PAGE(0); int flags = REQ_SYNC | REQ_IDLE; struct bio *bio; bio = bio_alloc(GFP_KERNEL, 1); + fscrypt_set_bio_crypt_ctx(bio, inode, pos >> inode->i_blkbits, + GFP_KERNEL); bio_set_dev(bio, iomap->bdev); bio->bi_iter.bi_sector = iomap_sector(iomap, pos); bio->bi_private = dio; @@ -253,6 +257,7 @@ iomap_dio_bio_actor(struct inode *inode, loff_t pos, loff_t length, ret = nr_pages; goto out; } + nr_pages = fscrypt_limit_io_pages(inode, pos, nr_pages); if (need_zeroout) { /* zero out from the start of the block to the write offset */ @@ -270,6 +275,8 @@ iomap_dio_bio_actor(struct inode *inode, loff_t pos, loff_t length, } bio = bio_alloc(GFP_KERNEL, nr_pages); + fscrypt_set_bio_crypt_ctx(bio, inode, pos >> inode->i_blkbits, + GFP_KERNEL); bio_set_dev(bio, iomap->bdev); bio->bi_iter.bi_sector = iomap_sector(iomap, pos); bio->bi_write_hint = dio->iocb->ki_hint; @@ -307,6 +314,7 @@ iomap_dio_bio_actor(struct inode *inode, loff_t pos, loff_t length, copied += n; nr_pages = iov_iter_npages(dio->submit.iter, BIO_MAX_PAGES); + nr_pages = fscrypt_limit_io_pages(inode, pos, nr_pages); iomap_dio_submit_bio(dio, iomap, bio, pos); pos += n; } while (nr_pages); From patchwork Fri Jul 17 01:35:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11668673 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 84EA2161F for ; Fri, 17 Jul 2020 01:35:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6A66020691 for ; Fri, 17 Jul 2020 01:35:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ZcYDTvcf" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726962AbgGQBfg (ORCPT ); Thu, 16 Jul 2020 21:35:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37786 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726928AbgGQBfd (ORCPT ); Thu, 16 Jul 2020 21:35:33 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 40C0CC08C5DC for ; Thu, 16 Jul 2020 18:35:33 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id d67so5784102pfd.4 for ; Thu, 16 Jul 2020 18:35:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=E/vVSGidxRNqfgFvT7W0V9puYBqKI9SZ+5JR8j0m+58=; b=ZcYDTvcfLLpu/jhtpmOZTX1yip7PM/LKW+mqaazTmFRD19tgdynOHn3dvFmYrGW/EU 3OGE6491fFJOHWChT38oVFGgJgqcZ1z9qC05QU8JraayXUwgfZmczmipgbR37elMel8Z zNb7TYC+lWvWJJ6SnDNsPiAtosseBQpBY7N1qfVzLHJNWx+JNLHhks/B90rtrKlzTw2Q QdJ4Rgwpk7ZYwleZwGq00b+zq66rjpmtFE10TZhsYG25d9JTk8G6JQVQC1rLY+/3pY2o 8blcSeqgKqhLSzrKduWn3JF/DTEgh0C9d7W/d32ySDrix8TvV4yJXo/ftZgek76k0P/c Y1Lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=E/vVSGidxRNqfgFvT7W0V9puYBqKI9SZ+5JR8j0m+58=; b=Rn82UqhIDs8S211oa8kEpnkivISRqRlnwJrDrKn7ZjEbiEX2d3j4NHhS51p0aZ2eo8 atyZU7P7/qS/ijGuRG7conTPBv3Ek/MA9ovoIGtawaJgTHqFAjI1bBm5I0HX3ILJSPxN Sn/mq4jbpWeobYA3SXuMSxm9PW48TCUPJTEDBKbhY7PPuAJHM3uYIH1YanXBSMgyoyjw U2FAQafDax99EzlnDOH2t/HYb4C7Yf8n/0QOcVQnc2F6wi+Q6WlnKFhkK1amuClQWhus 6frDF2Ps3ebH+FgbA4o+5iCOyGM+y4mUZnBHAOGEgI4D6N3cJbPB7+FGM6FYaaob+Jen 1qqA== X-Gm-Message-State: AOAM530OyrVaMh4rizS7G/TkqPGryhgMEucjYEnpqp/qXgcI1hz7sf/g EnxHYY85kKOUaSlXqhIO69oZ2czL2xlVUinCaUFd8E383heBdyF+mpztSNGVwCFrMUBohYaxjy9 eEBZRYOsDueGApINsCnT9Mbd30u5O013BNyj0EoBKgB4xnvF6k9+84rshneU479SY6o+ydD0= X-Google-Smtp-Source: ABdhPJxblkVinfK9/GjEu/MeJLy/xcw1zo2TEXIQwGlWkq0fWav4MrbEVMKPE2WnLaQ1sWXSffDb1SKbb/Q= X-Received: by 2002:a63:225d:: with SMTP id t29mr6933840pgm.374.1594949732647; Thu, 16 Jul 2020 18:35:32 -0700 (PDT) Date: Fri, 17 Jul 2020 01:35:15 +0000 In-Reply-To: <20200717013518.59219-1-satyat@google.com> Message-Id: <20200717013518.59219-5-satyat@google.com> Mime-Version: 1.0 References: <20200717013518.59219-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog Subject: [PATCH v2 4/7] ext4: support direct I/O with fscrypt using blk-crypto From: Satya Tangirala To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Eric Biggers , Satya Tangirala Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers Wire up ext4 with fscrypt direct I/O support. direct I/O with fscrypt is only supported through blk-crypto (i.e. CONFIG_BLK_INLINE_ENCRYPTION must have been enabled, the 'inlinecrypt' mount option must have been specified, and either hardware inline encryption support must be present or CONFIG_BLK_INLINE_ENCYRPTION_FALLBACK must have been enabled). Further, direct I/O on encrypted files is only supported when I/O is aligned to the filesystem block size (which is *not* necessarily the same as the block device's block size). Signed-off-by: Eric Biggers Co-developed-by: Satya Tangirala Signed-off-by: Satya Tangirala --- fs/ext4/file.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/fs/ext4/file.c b/fs/ext4/file.c index 2a01e31a032c..d534f72675d9 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -36,9 +36,11 @@ #include "acl.h" #include "truncate.h" -static bool ext4_dio_supported(struct inode *inode) +static bool ext4_dio_supported(struct kiocb *iocb, struct iov_iter *iter) { - if (IS_ENABLED(CONFIG_FS_ENCRYPTION) && IS_ENCRYPTED(inode)) + struct inode *inode = file_inode(iocb->ki_filp); + + if (!fscrypt_dio_supported(iocb, iter)) return false; if (fsverity_active(inode)) return false; @@ -61,7 +63,7 @@ static ssize_t ext4_dio_read_iter(struct kiocb *iocb, struct iov_iter *to) inode_lock_shared(inode); } - if (!ext4_dio_supported(inode)) { + if (!ext4_dio_supported(iocb, to)) { inode_unlock_shared(inode); /* * Fallback to buffered I/O if the operation being performed on @@ -490,7 +492,7 @@ static ssize_t ext4_dio_write_iter(struct kiocb *iocb, struct iov_iter *from) } /* Fallback to buffered I/O if the inode does not support direct I/O. */ - if (!ext4_dio_supported(inode)) { + if (!ext4_dio_supported(iocb, from)) { if (ilock_shared) inode_unlock_shared(inode); else From patchwork Fri Jul 17 01:35:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11668693 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3FC25161F for ; Fri, 17 Jul 2020 01:35:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2422120691 for ; Fri, 17 Jul 2020 01:35:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="oxCwlxw8" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726238AbgGQBfo (ORCPT ); Thu, 16 Jul 2020 21:35:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37800 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726954AbgGQBff (ORCPT ); Thu, 16 Jul 2020 21:35:35 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5E166C08C5DD for ; Thu, 16 Jul 2020 18:35:35 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id z7so9547816ybz.1 for ; Thu, 16 Jul 2020 18:35:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ORAQciKgJGVxLPMl88O8FRaS7Y2vfgBBYDIN8L834Cw=; b=oxCwlxw8hiOmpc9dDE5VHP0nyw8uhX2w43IaKudLEwrXxdgnP120llEreKyOOyh1yb 1WL8Dz+vf62oDSYhDCJMemrgkfz8WYWqfwvE/k3RuBACwKsg9UN/b/70jtV8Bh5s5ZUl WrqxtcHQKHwvgHTdS5R/09Di9WRfeq7aFwIAp6PB4QWEH0TDZQQYq6ccRf0UpNNMbFFl k4ZGdek4wV3r5+sTAIYfuP/jWrOw9Pbl+P1VkdzDRNqXM7DL0BJSJwO91JPyC0vA5ApC ngAIgB1BKgaFCSFN5dAUqxUK11W1Cw9dSBzo0il3J6r3PmLNgtmOY/hVfrka9zORhpXj ZLCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ORAQciKgJGVxLPMl88O8FRaS7Y2vfgBBYDIN8L834Cw=; b=Uxc/Zef3M0qVDht6GIyzK1hgSvWQ93r7xt+kSFEukSVFP9b7E/xP5M1PFDS/wG5XT9 v5T8Y36cmXpl0kBfSa6opbij2bS4FyHQEraszdlP8LCx9FY4OJwn7+dBBsgxUoNH5m/I 0lmBc3K3Bm2EOL1Jpb2QZTFQcIFwe6TwaXHg2u8bsHSigl0krRypQM7KkcVEXTLdhXr+ 1ejLN1WxS0MNMDIbG3bYWG5+HYeI2L0wj+2pBedz3HIG5H9xifNPj7KXwz6H0mAF63FO tUOaZcorsDceomXE3cvgv7e1W/eWb/akjN8cMpOVDUI/UTYbYlyGKPygjF1ZjX6Wu6wt 5Ewg== X-Gm-Message-State: AOAM5303nit6v4HAcyxOhbjurgbqIwA+Rbk0O5Cga0mmVlbYYiQ2Uh5Z DEbr3/xNPYC/fbpJFYn7a1kBgkwZPDajJYufA0w7JkIrcQn3iXLZ8Yp3AVEsQbKipZuNaHT3cXA L50BgC48wd1IHJOR60QwqppbVJffD2UjwwWuNRIEyRp/jFy/v3uiC9K7XPWbvz/q/7ZlZ2u0= X-Google-Smtp-Source: ABdhPJwyL6R46WRxWnDIfZEHMgiK0bcZUjuux5QdiBW2epiAYbnHUX5h5wXX6tXlXwwrx+N2jIvS0DNsy54= X-Received: by 2002:a25:e790:: with SMTP id e138mr11127098ybh.114.1594949734407; Thu, 16 Jul 2020 18:35:34 -0700 (PDT) Date: Fri, 17 Jul 2020 01:35:16 +0000 In-Reply-To: <20200717013518.59219-1-satyat@google.com> Message-Id: <20200717013518.59219-6-satyat@google.com> Mime-Version: 1.0 References: <20200717013518.59219-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog Subject: [PATCH v2 5/7] f2fs: support direct I/O with fscrypt using blk-crypto From: Satya Tangirala To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Eric Biggers , Satya Tangirala Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org From: Eric Biggers Wire up f2fs with fscrypt direct I/O support. direct I/O with fscrypt is only supported through blk-crypto (i.e. CONFIG_BLK_INLINE_ENCRYPTION must have been enabled, the 'inlinecrypt' mount option must have been specified, and either hardware inline encryption support must be present or CONFIG_BLK_INLINE_ENCYRPTION_FALLBACK must have been enabled). Further, direct I/O on encrypted files is only supported when I/O is aligned to the filesystem block size (which is *not* necessarily the same as the block device's block size). Signed-off-by: Eric Biggers Co-developed-by: Satya Tangirala Signed-off-by: Satya Tangirala --- fs/f2fs/f2fs.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index b35a50f4953c..978130b5a195 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -4082,7 +4082,11 @@ static inline bool f2fs_force_buffered_io(struct inode *inode, struct f2fs_sb_info *sbi = F2FS_I_SB(inode); int rw = iov_iter_rw(iter); - if (f2fs_post_read_required(inode)) + if (!fscrypt_dio_supported(iocb, iter)) + return true; + if (fsverity_active(inode)) + return true; + if (f2fs_compressed_file(inode)) return true; if (f2fs_is_multi_device(sbi)) return true; From patchwork Fri Jul 17 01:35:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11668683 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 15E441751 for ; Fri, 17 Jul 2020 01:35:41 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F075B2070E for ; Fri, 17 Jul 2020 01:35:40 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ScOd4eVd" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726973AbgGQBfk (ORCPT ); Thu, 16 Jul 2020 21:35:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37816 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726974AbgGQBfg (ORCPT ); Thu, 16 Jul 2020 21:35:36 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CBD91C08C5C0 for ; Thu, 16 Jul 2020 18:35:36 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id s1so6813388pge.16 for ; Thu, 16 Jul 2020 18:35:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=M2BARCIgcttWxNELPw4zNOFpxD9+a8coXLhy2/p7EJA=; b=ScOd4eVdydlkWQWlLKjntUWKsksUG68MvUJTiQKD/1j4ez9IPtZHneB7t7Ah8qMNyc MHTRFtyHLSVQuzXvDGfcq1tmzfAdCtLSmZIu8QiLrxTH5oPYRpc6Xm8acH/i/frdbEfg qAGhkmd5lTbDuYireEzW2VFzMdyc3o3Ix94XFQPXLGMjKcpyqYukSAR/2bsRkAy9pBhB 04thfYfEh36yMRz9fE7EiL6Rb5v/6cBI7oGtqnFqKH9w4ZHgI7/tLWdLQ9a6EuFnbIRP YWzo3NcnvBJXf0IanbogryzR0zhzkrtHOFHVCRcHUwUgvU/7rQQ2KBsuYyow/vQSkZkO l60g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=M2BARCIgcttWxNELPw4zNOFpxD9+a8coXLhy2/p7EJA=; b=jiIJSepXQrIl8t8B8lp7VsNTW6UjTs76Cbm0ugyQ5VlM+S4Gg5lUyMD0XwRG0Qj90p SJaAnksUT8/07uSB1ZtT92MJtahXStVaUhz6fj5nkcSryl+DONCe0WDY5GjywoNukusG n7OLdM0/GruNKoV/uFABmG0uJaV4n6xqhyYGpl9PsDaN4xDBWPO6d7r4VFliDj4J/v0h H/IMAffnghMdELHkRodWiGRi1PN5F2ez8wSlyI0hrcpFRgkHjAk/oc9BgnUGOiWiFWwS yOImmcAigi7t/sNViMOpH1CbiAtyoYCWnn9Xq2NvEtGzI+iw+2JlNXnGuFlc9xVvkcIY XNVQ== X-Gm-Message-State: AOAM530WntTq0RbYrNUhLI9Euu4bry++7H7Bb47BsrLynQnF/W46cxjq wSd3gQAO4O0O63P5vtDX3NUgXO6Uku5iCtldLpd8zcSckdq/vP7zjW5FtTGXO7YJ1rG5o7PQw+R A+cIXj1+Zs+MEA+F9uxzlBc3oPbP2k7fkaulikuhsrmwI9/eSromEV5+S1zuRimw85NUyKUo= X-Google-Smtp-Source: ABdhPJwgAFskhvgfu4vtFSTvQKdAqkDng2ZY6RLfUv2eaMhfxGJSBKlELwg44/Lye+vEDWsHb/qZyTbtD8k= X-Received: by 2002:a17:902:7008:: with SMTP id y8mr5639281plk.85.1594949736186; Thu, 16 Jul 2020 18:35:36 -0700 (PDT) Date: Fri, 17 Jul 2020 01:35:17 +0000 In-Reply-To: <20200717013518.59219-1-satyat@google.com> Message-Id: <20200717013518.59219-7-satyat@google.com> Mime-Version: 1.0 References: <20200717013518.59219-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog Subject: [PATCH v2 6/7] fscrypt: document inline encryption support From: Satya Tangirala To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Satya Tangirala Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org Update the fscrypt documentation file for inline encryption support. Signed-off-by: Satya Tangirala --- Documentation/filesystems/fscrypt.rst | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index f5d8b0303ddf..f3d87a1a0a7f 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -1204,6 +1204,18 @@ buffer. Some filesystems, such as UBIFS, already use temporary buffers regardless of encryption. Other filesystems, such as ext4 and F2FS, have to allocate bounce pages specially for encryption. +Fscrypt is also able to use inline encryption hardware instead of the +kernel crypto API for en/decryption of file contents. When possible, and +if directed to do so (by specifying the 'inlinecrypt' mount option for +an ext4/F2FS filesystem), it adds encryption contexts to bios and +uses blk-crypto to perform the en/decryption instead of making use +of the above read/write path changes. Of course, even if directed to make +use of inline encryption, fscrypt will only be able to do so if either +hardware inline encryption support is available for the selected encryption +algorithm or CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK is selected. If neither +is the case, fscrypt will fall back to using the above mentioned read/write +path changes for en/decryption. + Filename hashing and encoding ----------------------------- @@ -1250,7 +1262,9 @@ Tests To test fscrypt, use xfstests, which is Linux's de facto standard filesystem test suite. First, run all the tests in the "encrypt" -group on the relevant filesystem(s). For example, to test ext4 and +group on the relevant filesystem(s). One can also run the tests +with the 'inlinecrypt' mount option to test the implementation for +inline encryption support. For example, to test ext4 and f2fs encryption using `kvm-xfstests `_:: From patchwork Fri Jul 17 01:35:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satya Tangirala X-Patchwork-Id: 11668691 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8F95B161F for ; Fri, 17 Jul 2020 01:35:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7663120691 for ; Fri, 17 Jul 2020 01:35:44 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="tlDHCdVZ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726968AbgGQBfl (ORCPT ); Thu, 16 Jul 2020 21:35:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37824 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726989AbgGQBfi (ORCPT ); Thu, 16 Jul 2020 21:35:38 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 88F77C08C5DF for ; Thu, 16 Jul 2020 18:35:38 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id gp8so6654831pjb.9 for ; Thu, 16 Jul 2020 18:35:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=zr1haxdG39xCeCSCxAtAF/uCJ0PriAfrFWPYdcjKJpg=; b=tlDHCdVZLG0m6L9levsiz5n7YIyjIML7yueebl4I+pd4oD2GbC2//CVbku08QwfyVK Io6VHBtaFJ92KS1ZOJeZ+gL4I3EE9eCj84H9hWFhQZqN8fQQ85l7TS5gW7erlfNnkmzA h57MTGXvkvtREa2Qo1rEyo9lXW31xuTk1ugMXZ6T1CiepMhKbsP1mrjdiKiW3/Rvmu6c SZPzhAwx7+ulPeallP3vNIjd8m2ACUMFu9PQZzGNoethIWi21ML/Bzl/g8EenyLMa7F8 oq0OBvD9rkYG9V07cK0ln918JiY2QNGYAxh/nFT9nNV7Px5YVBoGsAhCgLPzOODa5J1Q a24Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=zr1haxdG39xCeCSCxAtAF/uCJ0PriAfrFWPYdcjKJpg=; b=q098+99N563UoCqScq1n4ogw2VmnDtHbVejJdgReCPmn3k1yCWctHSiDogszt0AmGB u2sSlTqXwiZEilwm4fpDc5kn0IysmajS/GWsxmDiaKKONAtWsEkvXb2XkO2imFfyy6Ds ozt1gNJFw52qEP0NNAm77GrNO5Vvw1EVrIdsf3WZR70SRseMpprKgpfdDnLp0Tm+In75 iLC3YRsDvWIA+/nZp2rC+7hRaLPDLyHFsGYf5rlztDidu9+p5CmFLmPXB8zvI77Dd/uc euQX0Y2cDO38H9dPPEKp44NBzWcDyE3hmzswS/0kfTzboTkYlCoLrm0h0oVv+ZA67LQs UJTQ== X-Gm-Message-State: AOAM530xdBnxnWY/YK2r52DX94rfACa+mJXiqB0yIbDjA/5x7Sae4my2 zB3v4Sy2ADixIXZo6utsIOubKVtYqjTue5zOGQ93gYKWevxr8HEFgoG7rgG1Gq0rb73DcAehScI gPtSYlxjtwW0goXclmQpeTJ1RxPxA4OInMPHwzOYs3Q7ApzObJeVfNMQ3zG2RvimBbiYKGx8= X-Google-Smtp-Source: ABdhPJzDMFCY+G8Oa8F4K0HKeSD+Xc66nsFn69r8yuQKIuJ5CCaPUQ42wZhUaa7Xlm1W8gsHMjhI0okL6Kg= X-Received: by 2002:a17:902:b706:: with SMTP id d6mr5918685pls.266.1594949737873; Thu, 16 Jul 2020 18:35:37 -0700 (PDT) Date: Fri, 17 Jul 2020 01:35:18 +0000 In-Reply-To: <20200717013518.59219-1-satyat@google.com> Message-Id: <20200717013518.59219-8-satyat@google.com> Mime-Version: 1.0 References: <20200717013518.59219-1-satyat@google.com> X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog Subject: [PATCH v2 7/7] fscrypt: update documentation for direct I/O support From: Satya Tangirala To: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org Cc: linux-xfs@vger.kernel.org, Satya Tangirala Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org Update fscrypt documentation to reflect the addition of direct I/O support and document the necessary conditions for direct I/O on encrypted files. Signed-off-by: Satya Tangirala --- Documentation/filesystems/fscrypt.rst | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index f3d87a1a0a7f..95c76a5f0567 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -1049,8 +1049,10 @@ astute users may notice some differences in behavior: may be used to overwrite the source files but isn't guaranteed to be effective on all filesystems and storage devices. -- Direct I/O is not supported on encrypted files. Attempts to use - direct I/O on such files will fall back to buffered I/O. +- Direct I/O is supported on encrypted files only under some circumstances + (see `Direct I/O support`_ for details). When these circumstances are not + met, attempts to use direct I/O on such files will fall back to buffered + I/O. - The fallocate operations FALLOC_FL_COLLAPSE_RANGE and FALLOC_FL_INSERT_RANGE are not supported on encrypted files and will @@ -1257,6 +1259,20 @@ without the key is subject to change in the future. It is only meant as a way to temporarily present valid filenames so that commands like ``rm -r`` work as expected on encrypted directories. +Direct I/O support +------------------ + +Direct I/O on encrypted files is supported through blk-crypto. In +particular, this means the kernel must have CONFIG_BLK_INLINE_ENCRYPTION +enabled, the filesystem must have had the 'inlinecrypt' mount option +specified, and either hardware inline encryption must be present, or +CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK must have been enabled. Further, +any I/O must be aligned to the filesystem block size (*not* necessarily +the same as the block device's block size) - in particular, any userspace +buffer into which data is read/written from must also be aligned to the +filesystem block size. If any of these conditions isn't met, attempts to do +direct I/O on an encrypted file will fall back to buffered I/O. + Tests =====