From patchwork Tue May 22 16:00:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chandan Rajendra X-Patchwork-Id: 918415 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.vnet.ibm.com Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 40r0jm5gZmz9s0y for ; Wed, 23 May 2018 02:00:44 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751599AbeEVQAJ (ORCPT ); Tue, 22 May 2018 12:00:09 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:47174 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751582AbeEVQAI (ORCPT ); Tue, 22 May 2018 12:00:08 -0400 Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w4MFxvRY103003 for ; Tue, 22 May 2018 12:00:07 -0400 Received: from e31.co.us.ibm.com (e31.co.us.ibm.com [32.97.110.149]) by mx0b-001b2d01.pphosted.com with ESMTP id 2j4mhexbch-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 22 May 2018 12:00:03 -0400 Received: from localhost by e31.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 22 May 2018 09:59:44 -0600 Received: from b03cxnp07028.gho.boulder.ibm.com (9.17.130.15) by e31.co.us.ibm.com (192.168.1.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Tue, 22 May 2018 09:59:41 -0600 Received: from b03ledav003.gho.boulder.ibm.com (b03ledav003.gho.boulder.ibm.com [9.17.130.234]) by b03cxnp07028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w4MFxf5V11731300; Tue, 22 May 2018 08:59:41 -0700 Received: from b03ledav003.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 09A0D6A041; Tue, 22 May 2018 09:59:41 -0600 (MDT) Received: from localhost.localdomain.com (unknown [9.85.71.81]) by b03ledav003.gho.boulder.ibm.com (Postfix) with ESMTP id C9D436A047; Tue, 22 May 2018 09:59:38 -0600 (MDT) From: Chandan Rajendra To: linux-fscrypt@vger.kernel.org Cc: Chandan Rajendra , ebiggers3@gmail.com, tytso@mit.edu, linux-ext4@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [RFC PATCH V3 00/12] Ext4 encryption support for blocksize < pagesize Date: Tue, 22 May 2018 21:30:58 +0530 X-Mailer: git-send-email 2.9.5 X-TM-AS-GCONF: 00 x-cbid: 18052215-8235-0000-0000-00000D8C433A X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00009066; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000261; SDB=6.01036072; UDB=6.00529991; IPR=6.00815201; MB=3.00021242; MTD=3.00000008; XFM=3.00000015; UTC=2018-05-22 15:59:43 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18052215-8236-0000-0000-000041151BCE Message-Id: <20180522160110.1161-1-chandan@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-05-22_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1805220177 Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org This patchset implements code to support encryption of Ext4 filesystem instances that have blocksize less than pagesize. Ext4 code with this patchset has been tested on both ppc64 and x86_64 machines. F2FS and UBIFS were tested on x86_64. TODO: 1. generic/233 fails with bigalloc mkfs option. This will be fixed in the next version of the patchset. Changelog: "RFC V2" -> "RFC V3": 1. mpage_readpage[s]() now has arguments to function pointers which decrypt the data after the read I/O operation gets completed. Due to these changes the code in fs/ext4/readpage.c isn't required anymore. Hence this patchset deletes that file. 2. Revert fscrypt_{encrypt,decrypt}_block functions back to fscrypt_{encrypt,decrypt}_page i.e. These functions now accept a complete memory page as an argument. But internally these functions now iterate over all the blocks mapped by the page. Since there were no changes in prototypes of these fscrypt APIs, there were no changes made to either F2FS or UBIFS code. 3. Address all the review comments provided by Eric Biggers. "RFC V1" -> "RFC V2": 1. Ext4's "encryption aware" functionality in fs/ext4/readpage.c has been moved to fs/crypto/. 2. fscrypt functions have now been renamed to indicate that they work on blocks rather than pages. Eric, I have renamed completion_pages() to fscrypt_complete_pages() rather than to fscrypt_complete_blocks(). This is because we have a new function fscrypt_complete_block() (which operates on a single block) and IMHO having the identifier fscrypt_complete_blocks() which differs from it by just one letter would confuse the reader. 3. ext4_block_write_begin() now clears BH_Uptodate flag when decryption of boundary blocks fail. 4. fscrypt_encrypt_page() (now renamed to fscrypt_encrypt_block()) is now split into two functions. fscrypt_prep_ciphertext_page() allocates and initializes the fscrypt context and the bounce page. fscrypt_encrypt_block() is limited to encrypting the filesystem's block. 5. fscrypt_zeroout_range() has been updated to work on blocksize < pagesize scenario. 6. Documentation/filesystems/fscrypt.rst has been updated to indicate encryption support for blocksize < pagesize. Chandan Rajendra (12): ext4: Clear BH_Uptodate flag on decryption error Rename fscrypt_do_page_crypto to fscrypt_do_block_crypto fscrypt_decrypt_page: Decrypt all blocks in a page __fscrypt_decrypt_bio: Fix page offset and len args to fscrypt_decrypt_page ext4: Decrypt all boundary blocks when doing buffered write ext4: Decrypt the block that needs to be partially zeroed mpage_readpage[s]: Introduce post process callback parameters fscrypt_zeroout_range: Encrypt all zeroed out blocks of a page fscrypt_encrypt_page: Encrypt all blocks mapped by a page ext4: Fix block number passed to fscrypt_encrypt_page ext4: Move encryption code into its own function ext4: Enable encryption for blocksize less than page size Documentation/filesystems/fscrypt.rst | 14 +- fs/block_dev.c | 5 +- fs/buffer.c | 298 ++++++++++++++++++++-------------- fs/crypto/bio.c | 141 ++++++++++++++-- fs/crypto/crypto.c | 44 +++-- fs/crypto/fscrypt_private.h | 2 +- fs/ext2/inode.c | 4 +- fs/ext4/Makefile | 2 +- fs/ext4/inode.c | 55 +++++-- fs/ext4/page-io.c | 43 +++-- fs/ext4/readpage.c | 294 --------------------------------- fs/ext4/super.c | 7 - fs/fat/inode.c | 4 +- fs/isofs/inode.c | 5 +- fs/mpage.c | 48 +++++- fs/xfs/xfs_aops.c | 4 +- include/linux/buffer_head.h | 2 +- include/linux/fs.h | 4 + include/linux/fscrypt_notsupp.h | 37 ++++- include/linux/fscrypt_supp.h | 13 +- include/linux/mpage.h | 6 +- 21 files changed, 522 insertions(+), 510 deletions(-) delete mode 100644 fs/ext4/readpage.c