| Message ID | 20220418063312.63181-2-changfengnan@vivo.com |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | [1/3] blk-crypto: introduce blk_crypto_supported | expand |
On Mon, Apr 18, 2022 at 02:33:11PM +0800, Fengnan Chang via Linux-f2fs-devel wrote: > Notify when mount filesystem with -o inlinecrypt option, but the device > not support inlinecrypt. > > Signed-off-by: Fengnan Chang <changfengnan@vivo.com> You didn't include a cover letter in this patchset. Can you explain what problem this patchset is meant to solve? Note that there are multiple factors that affect whether inline encryption can be used with a particular file, such as whether the device supports the required encryption mode, data unit size, and data unit number size. So your warning might not trigger even if inline encryption can't be used. Also, your warning will never trigger if the kernel has CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK=y. I recently sent out a patch that makes fs/crypto/ consistently log a message when starting to use an encryption implementation for the first time: https://lore.kernel.org/r/20220414053415.158986-1-ebiggers@kernel.org. It already did this for the crypto API, but not blk-crypto. Being silent for blk-crypto was somewhat of an oversight. These log messages make it clear which encryption implementations are in use. Does that patch solve the problem you are trying to solve? - Eric
> -----Original Message----- > From: Eric Biggers <ebiggers@kernel.org> > Sent: Monday, April 18, 2022 3:22 PM > To: 常凤楠 <changfengnan@vivo.com> > Cc: jaegeuk@kernel.org; chao@kernel.org; tytso@mit.edu; > adilger.kernel@dilger.ca; axboe@kernel.dk; linux-block@vger.kernel.org; > linux-ext4@vger.kernel.org; linux-f2fs-devel@lists.sourceforge.net > Subject: Re: [PATCH 2/3] f2fs: notify when device not supprt inlinecrypt > > On Mon, Apr 18, 2022 at 02:33:11PM +0800, Fengnan Chang via > Linux-f2fs-devel wrote: > > Notify when mount filesystem with -o inlinecrypt option, but the > > device not support inlinecrypt. > > > > Signed-off-by: Fengnan Chang <changfengnan@vivo.com> > > You didn't include a cover letter in this patchset. Can you explain what > problem this patchset is meant to solve? What I'm try to make is when devices not support inlinecrypt, do not show inlinecrypt in mount option. When I test fscrypt first, it make me confused. Not a real problem, just make this logical more reasonable. Do you think this needs to be revised? > > Note that there are multiple factors that affect whether inline encryption can > be used with a particular file, such as whether the device supports the > required encryption mode, data unit size, and data unit number size. So > your warning might not trigger even if inline encryption can't be used. Also, > your warning will never trigger if the kernel has > CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK=y. I get it. > > I recently sent out a patch that makes fs/crypto/ consistently log a message > when starting to use an encryption implementation for the first time: > https://lore.kernel.org/r/20220414053415.158986-1-ebiggers@kernel.org. > It already did this for the crypto API, but not blk-crypto. Being silent for > blk-crypto was somewhat of an oversight. These log messages make it clear > which encryption implementations are in use. > > Does that patch solve the problem you are trying to solve? I think it's a different point. Thanks. > > - Eric
On Mon, Apr 18, 2022 at 07:34:52AM +0000, 常凤楠 wrote: > > -----Original Message----- > > From: Eric Biggers <ebiggers@kernel.org> > > Sent: Monday, April 18, 2022 3:22 PM > > To: 常凤楠 <changfengnan@vivo.com> > > Cc: jaegeuk@kernel.org; chao@kernel.org; tytso@mit.edu; > > adilger.kernel@dilger.ca; axboe@kernel.dk; linux-block@vger.kernel.org; > > linux-ext4@vger.kernel.org; linux-f2fs-devel@lists.sourceforge.net > > Subject: Re: [PATCH 2/3] f2fs: notify when device not supprt inlinecrypt > > > > On Mon, Apr 18, 2022 at 02:33:11PM +0800, Fengnan Chang via > > Linux-f2fs-devel wrote: > > > Notify when mount filesystem with -o inlinecrypt option, but the > > > device not support inlinecrypt. > > > > > > Signed-off-by: Fengnan Chang <changfengnan@vivo.com> > > > > You didn't include a cover letter in this patchset. Can you explain what > > problem this patchset is meant to solve? > > What I'm try to make is when devices not support inlinecrypt, do not show inlinecrypt in mount option. > When I test fscrypt first, it make me confused. Not a real problem, just make this logical more reasonable. > Do you think this needs to be revised? Well, I'm just not sure we should do this, or at least by itself, given that support for inline encryption is not an either-or thing, and the inlinecrypt mount option is already documented to apply only to files where inline encryption can be used. See Documentation/filesystems/fscrypt.rst: Note that the "inlinecrypt" mount option just specifies to use inline encryption when possible; it doesn't force its use. fscrypt will still fall back to using the kernel crypto API on files where the inline encryption hardware doesn't have the needed crypto capabilities (e.g. support for the needed encryption algorithm and data unit size) and where blk-crypto-fallback is unusable. (For blk-crypto-fallback to be usable, it must be enabled in the kernel configuration with CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK=y.) And Documentation/admin-guide/ext4.rst and Documentation/filesystems/f2fs.rst: When possible, encrypt/decrypt the contents of encrypted files using the blk-crypto framework rather than filesystem-layer encryption. ... If we do want to warn when inlinecrypt is given but inline encryption cannot be used, your patchset isn't enough since it only covers the case where no form of inline encryption is available at all, and not the case where some form of inline encryption is available but the filesystem can't use it. - Eric
On Mon, Apr 18, 2022 at 03:27:16PM -0700, Eric Biggers wrote: > > When I test fscrypt first, it make me confused. Not a real problem, just make this logical more reasonable. > > Do you think this needs to be revised? > > Well, I'm just not sure we should do this, or at least by itself, given that > support for inline encryption is not an either-or thing, and the inlinecrypt > mount option is already documented to apply only to files where inline > encryption can be used. Indeed; some encryption algorithms won't be available because they weren't compiled into the kernel; others because block device for a particular file system doesn't support inline crypto. It seems to me that the test or the test runner should be able to figure this out. It should be able to explicitly try to set a particular policy, and if that policy fails, it should give an intelligent message, e.g., "Skipping this test config because inline-crypto isn't supported." Why can't we fix this in the test runner's scripts? - Ted
> -----Original Message----- > From: Eric Biggers <ebiggers@kernel.org> > Sent: Tuesday, April 19, 2022 6:27 AM > To: 常凤楠 <changfengnan@vivo.com> > Cc: jaegeuk@kernel.org; chao@kernel.org; tytso@mit.edu; > adilger.kernel@dilger.ca; axboe@kernel.dk; linux-block@vger.kernel.org; > linux-ext4@vger.kernel.org; linux-f2fs-devel@lists.sourceforge.net > Subject: Re: [PATCH 2/3] f2fs: notify when device not supprt inlinecrypt > > On Mon, Apr 18, 2022 at 07:34:52AM +0000, 常凤楠 wrote: > > > -----Original Message----- > > > From: Eric Biggers <ebiggers@kernel.org> > > > Sent: Monday, April 18, 2022 3:22 PM > > > To: 常凤楠 <changfengnan@vivo.com> > > > Cc: jaegeuk@kernel.org; chao@kernel.org; tytso@mit.edu; > > > adilger.kernel@dilger.ca; axboe@kernel.dk; > > > linux-block@vger.kernel.org; linux-ext4@vger.kernel.org; > > > linux-f2fs-devel@lists.sourceforge.net > > > Subject: Re: [PATCH 2/3] f2fs: notify when device not supprt > > > inlinecrypt > > > > > > On Mon, Apr 18, 2022 at 02:33:11PM +0800, Fengnan Chang via > > > Linux-f2fs-devel wrote: > > > > Notify when mount filesystem with -o inlinecrypt option, but the > > > > device not support inlinecrypt. > > > > > > > > Signed-off-by: Fengnan Chang <changfengnan@vivo.com> > > > > > > You didn't include a cover letter in this patchset. Can you explain > > > what problem this patchset is meant to solve? > > > > What I'm try to make is when devices not support inlinecrypt, do not show > inlinecrypt in mount option. > > When I test fscrypt first, it make me confused. Not a real problem, just make > this logical more reasonable. > > Do you think this needs to be revised? > > Well, I'm just not sure we should do this, or at least by itself, given that > support for inline encryption is not an either-or thing, and the inlinecrypt > mount option is already documented to apply only to files where inline > encryption can be used. See Documentation/filesystems/fscrypt.rst: > > Note that the "inlinecrypt" mount option just specifies to use inline > encryption when possible; it doesn't force its use. fscrypt will > still fall back to using the kernel crypto API on files where the > inline encryption hardware doesn't have the needed crypto capabilities > (e.g. support for the needed encryption algorithm and data unit size) > and where blk-crypto-fallback is unusable. (For blk-crypto-fallback > to be usable, it must be enabled in the kernel configuration with > CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK=y.) and not for other reasons > > And Documentation/admin-guide/ext4.rst and > Documentation/filesystems/f2fs.rst: > > When possible, encrypt/decrypt the contents of encrypted files using the > blk-crypto framework rather than filesystem-layer encryption. ... > > If we do want to warn when inlinecrypt is given but inline encryption cannot > be used, your patchset isn't enough since it only covers the case where no > form of inline encryption is available at all, and not the case where some form > of inline encryption is available but the filesystem can't use it. Thanks for your explanation, this patchset has too many case to forget to handle... Back to my first thought, maybe there should have one sysfs node to indicate the device support inlinecrypt or not ? So user can know it's device not support inlinecrypt and not for other reasons. Thanks. > > - Eric
On Tue, Apr 19, 2022 at 03:14:51AM +0000, 常凤楠 wrote: > > Thanks for your explanation, this patchset has too many case to forget to handle... > Back to my first thought, maybe there should have one sysfs node to indicate the > device support inlinecrypt or not ? So user can know it's device not support inlinecrypt > and not for other reasons. > Linux v5.18 has that. See https://git.kernel.org/linus/20f01f1632036660 ("blk-crypto: show crypto capabilities in sysfs"). - Eric
> -----Original Message----- > From: Eric Biggers <ebiggers@kernel.org> > Sent: Tuesday, April 19, 2022 11:19 AM > To: 常凤楠 <changfengnan@vivo.com> > Cc: jaegeuk@kernel.org; chao@kernel.org; tytso@mit.edu; > adilger.kernel@dilger.ca; axboe@kernel.dk; linux-block@vger.kernel.org; > linux-ext4@vger.kernel.org; linux-f2fs-devel@lists.sourceforge.net > Subject: Re: [PATCH 2/3] f2fs: notify when device not supprt inlinecrypt > > On Tue, Apr 19, 2022 at 03:14:51AM +0000, 常凤楠 wrote: > > > > Thanks for your explanation, this patchset has too many case to forget to > handle... > > Back to my first thought, maybe there should have one sysfs node to > > indicate the device support inlinecrypt or not ? So user can know it's > > device not support inlinecrypt and not for other reasons. > > > > Linux v5.18 has that. See https://git.kernel.org/linus/20f01f1632036660 > ("blk-crypto: show crypto capabilities in sysfs"). Oh, I see, thanks a lot. > > - Eric
diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 38cbed0f544e..dc27a708c283 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -27,6 +27,7 @@ #include <linux/fscrypt.h> #include <linux/fsverity.h> +#include <linux/blk-crypto.h> struct pagevec; @@ -4395,6 +4396,23 @@ static inline bool f2fs_realtime_discard_enable(struct f2fs_sb_info *sbi) f2fs_hw_should_discard(sbi); } +#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT +static inline bool f2fs_hw_support_crypto(struct f2fs_sb_info *sbi) +{ + int i; + + if (!f2fs_is_multi_device(sbi)) + if (!blk_crypto_supported(bdev_get_queue(sbi->sb->s_bdev))) + return false; + + for (i = 0; i < sbi->s_ndevs; i++) + if (!blk_crypto_supported(bdev_get_queue(FDEV(i).bdev))) + return false; + + return true; +} +#endif + static inline bool f2fs_hw_is_readonly(struct f2fs_sb_info *sbi) { int i; diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 4368f90571bd..624d8791b82d 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -1275,6 +1275,13 @@ static int parse_options(struct super_block *sb, char *options, bool is_remount) } #endif +#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT + if ((sb->s_flags & SB_INLINECRYPT) && !f2fs_hw_support_crypto(sbi)) { + f2fs_info(sbi, "mounting with \"inlinecrypt\" option, but the device does not support inlinecrypt"); + sb->s_flags &= ~SB_INLINECRYPT; + } +#endif + if (F2FS_IO_SIZE_BITS(sbi) && !f2fs_lfs_mode(sbi)) { f2fs_err(sbi, "Should set mode=lfs with %uKB-sized IO", F2FS_IO_SIZE_KB(sbi));
Notify when mount filesystem with -o inlinecrypt option, but the device not support inlinecrypt. Signed-off-by: Fengnan Chang <changfengnan@vivo.com> --- fs/f2fs/f2fs.h | 18 ++++++++++++++++++ fs/f2fs/super.c | 7 +++++++ 2 files changed, 25 insertions(+)