From: Eric Biggers <ebiggers@kernel.org>
To: Chandan Rajendra <chandan@linux.ibm.com>
Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-fscrypt@vger.kernel.org, tytso@mit.edu,
adilger.kernel@dilger.ca, jaegeuk@kernel.org, yuchao0@huawei.com,
hch@infradead.org
Subject: Re: [PATCH V2 10/13] fscrypt_encrypt_page: Loop across all blocks mapped by a page range
Date: Tue, 30 Apr 2019 10:11:35 -0700 [thread overview]
Message-ID: <20190430171133.GC48973@gmail.com> (raw)
In-Reply-To: <20190428043121.30925-11-chandan@linux.ibm.com>
On Sun, Apr 28, 2019 at 10:01:18AM +0530, Chandan Rajendra wrote:
> For subpage-sized blocks, this commit now encrypts all blocks mapped by
> a page range.
>
> Signed-off-by: Chandan Rajendra <chandan@linux.ibm.com>
> ---
> fs/crypto/crypto.c | 37 +++++++++++++++++++++++++------------
> 1 file changed, 25 insertions(+), 12 deletions(-)
>
> diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
> index 4f0d832cae71..2d65b431563f 100644
> --- a/fs/crypto/crypto.c
> +++ b/fs/crypto/crypto.c
> @@ -242,18 +242,26 @@ struct page *fscrypt_encrypt_page(const struct inode *inode,
Need to update the function comment to clearly explain what this function
actually does now.
> {
> struct fscrypt_ctx *ctx;
> struct page *ciphertext_page = page;
> + int i, page_nr_blks;
> int err;
>
> BUG_ON(len % FS_CRYPTO_BLOCK_SIZE != 0);
>
Make a 'blocksize' variable so you don't have to keep calling i_blocksize().
Also, you need to check whether 'len' and 'offs' are filesystem-block-aligned,
since the code now assumes it.
const unsigned int blocksize = i_blocksize(inode);
if (!IS_ALIGNED(len | offs, blocksize))
return -EINVAL;
However, did you check whether that's always true for ubifs? It looks like it
may expect to encrypt a prefix of a block, that is only padded to the next
16-byte boundary.
> + page_nr_blks = len >> inode->i_blkbits;
> +
> if (inode->i_sb->s_cop->flags & FS_CFLG_OWN_PAGES) {
> /* with inplace-encryption we just encrypt the page */
> - err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num, page,
> - ciphertext_page, len, offs,
> - gfp_flags);
> - if (err)
> - return ERR_PTR(err);
> -
> + for (i = 0; i < page_nr_blks; i++) {
> + err = fscrypt_do_page_crypto(inode, FS_ENCRYPT,
> + lblk_num, page,
> + ciphertext_page,
> + i_blocksize(inode), offs,
> + gfp_flags);
> + if (err)
> + return ERR_PTR(err);
> + ++lblk_num;
> + offs += i_blocksize(inode);
> + }
> return ciphertext_page;
> }
>
> @@ -269,12 +277,17 @@ struct page *fscrypt_encrypt_page(const struct inode *inode,
> goto errout;
>
> ctx->control_page = page;
> - err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
> - page, ciphertext_page, len, offs,
> - gfp_flags);
> - if (err) {
> - ciphertext_page = ERR_PTR(err);
> - goto errout;
> +
> + for (i = 0; i < page_nr_blks; i++) {
> + err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
> + page, ciphertext_page,
> + i_blocksize(inode), offs, gfp_flags);
As I mentioned elsewhere, renaming fscrypt_do_page_crypto() to
fscrypt_crypt_block() would make more sense now.
> + if (err) {
> + ciphertext_page = ERR_PTR(err);
> + goto errout;
> + }
> + ++lblk_num;
> + offs += i_blocksize(inode);
> }
> SetPagePrivate(ciphertext_page);
> set_page_private(ciphertext_page, (unsigned long)ctx);
> --
> 2.19.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Chandan Rajendra <chandan@linux.ibm.com>
Cc: tytso@mit.edu, linux-f2fs-devel@lists.sourceforge.net,
hch@infradead.org, linux-fscrypt@vger.kernel.org,
adilger.kernel@dilger.ca, linux-fsdevel@vger.kernel.org,
jaegeuk@kernel.org, linux-ext4@vger.kernel.org
Subject: Re: [PATCH V2 10/13] fscrypt_encrypt_page: Loop across all blocks mapped by a page range
Date: Tue, 30 Apr 2019 10:11:35 -0700 [thread overview]
Message-ID: <20190430171133.GC48973@gmail.com> (raw)
In-Reply-To: <20190428043121.30925-11-chandan@linux.ibm.com>
On Sun, Apr 28, 2019 at 10:01:18AM +0530, Chandan Rajendra wrote:
> For subpage-sized blocks, this commit now encrypts all blocks mapped by
> a page range.
>
> Signed-off-by: Chandan Rajendra <chandan@linux.ibm.com>
> ---
> fs/crypto/crypto.c | 37 +++++++++++++++++++++++++------------
> 1 file changed, 25 insertions(+), 12 deletions(-)
>
> diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
> index 4f0d832cae71..2d65b431563f 100644
> --- a/fs/crypto/crypto.c
> +++ b/fs/crypto/crypto.c
> @@ -242,18 +242,26 @@ struct page *fscrypt_encrypt_page(const struct inode *inode,
Need to update the function comment to clearly explain what this function
actually does now.
> {
> struct fscrypt_ctx *ctx;
> struct page *ciphertext_page = page;
> + int i, page_nr_blks;
> int err;
>
> BUG_ON(len % FS_CRYPTO_BLOCK_SIZE != 0);
>
Make a 'blocksize' variable so you don't have to keep calling i_blocksize().
Also, you need to check whether 'len' and 'offs' are filesystem-block-aligned,
since the code now assumes it.
const unsigned int blocksize = i_blocksize(inode);
if (!IS_ALIGNED(len | offs, blocksize))
return -EINVAL;
However, did you check whether that's always true for ubifs? It looks like it
may expect to encrypt a prefix of a block, that is only padded to the next
16-byte boundary.
> + page_nr_blks = len >> inode->i_blkbits;
> +
> if (inode->i_sb->s_cop->flags & FS_CFLG_OWN_PAGES) {
> /* with inplace-encryption we just encrypt the page */
> - err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num, page,
> - ciphertext_page, len, offs,
> - gfp_flags);
> - if (err)
> - return ERR_PTR(err);
> -
> + for (i = 0; i < page_nr_blks; i++) {
> + err = fscrypt_do_page_crypto(inode, FS_ENCRYPT,
> + lblk_num, page,
> + ciphertext_page,
> + i_blocksize(inode), offs,
> + gfp_flags);
> + if (err)
> + return ERR_PTR(err);
> + ++lblk_num;
> + offs += i_blocksize(inode);
> + }
> return ciphertext_page;
> }
>
> @@ -269,12 +277,17 @@ struct page *fscrypt_encrypt_page(const struct inode *inode,
> goto errout;
>
> ctx->control_page = page;
> - err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
> - page, ciphertext_page, len, offs,
> - gfp_flags);
> - if (err) {
> - ciphertext_page = ERR_PTR(err);
> - goto errout;
> +
> + for (i = 0; i < page_nr_blks; i++) {
> + err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
> + page, ciphertext_page,
> + i_blocksize(inode), offs, gfp_flags);
As I mentioned elsewhere, renaming fscrypt_do_page_crypto() to
fscrypt_crypt_block() would make more sense now.
> + if (err) {
> + ciphertext_page = ERR_PTR(err);
> + goto errout;
> + }
> + ++lblk_num;
> + offs += i_blocksize(inode);
> }
> SetPagePrivate(ciphertext_page);
> set_page_private(ciphertext_page, (unsigned long)ctx);
> --
> 2.19.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Chandan Rajendra <chandan@linux.ibm.com>
Cc: tytso@mit.edu, linux-f2fs-devel@lists.sourceforge.net,
hch@infradead.org, linux-fscrypt@vger.kernel.org,
adilger.kernel@dilger.ca, linux-fsdevel@vger.kernel.org,
jaegeuk@kernel.org, linux-ext4@vger.kernel.org
Subject: Re: [f2fs-dev] [PATCH V2 10/13] fscrypt_encrypt_page: Loop across all blocks mapped by a page range
Date: Tue, 30 Apr 2019 10:11:35 -0700 [thread overview]
Message-ID: <20190430171133.GC48973@gmail.com> (raw)
In-Reply-To: <20190428043121.30925-11-chandan@linux.ibm.com>
On Sun, Apr 28, 2019 at 10:01:18AM +0530, Chandan Rajendra wrote:
> For subpage-sized blocks, this commit now encrypts all blocks mapped by
> a page range.
>
> Signed-off-by: Chandan Rajendra <chandan@linux.ibm.com>
> ---
> fs/crypto/crypto.c | 37 +++++++++++++++++++++++++------------
> 1 file changed, 25 insertions(+), 12 deletions(-)
>
> diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
> index 4f0d832cae71..2d65b431563f 100644
> --- a/fs/crypto/crypto.c
> +++ b/fs/crypto/crypto.c
> @@ -242,18 +242,26 @@ struct page *fscrypt_encrypt_page(const struct inode *inode,
Need to update the function comment to clearly explain what this function
actually does now.
> {
> struct fscrypt_ctx *ctx;
> struct page *ciphertext_page = page;
> + int i, page_nr_blks;
> int err;
>
> BUG_ON(len % FS_CRYPTO_BLOCK_SIZE != 0);
>
Make a 'blocksize' variable so you don't have to keep calling i_blocksize().
Also, you need to check whether 'len' and 'offs' are filesystem-block-aligned,
since the code now assumes it.
const unsigned int blocksize = i_blocksize(inode);
if (!IS_ALIGNED(len | offs, blocksize))
return -EINVAL;
However, did you check whether that's always true for ubifs? It looks like it
may expect to encrypt a prefix of a block, that is only padded to the next
16-byte boundary.
> + page_nr_blks = len >> inode->i_blkbits;
> +
> if (inode->i_sb->s_cop->flags & FS_CFLG_OWN_PAGES) {
> /* with inplace-encryption we just encrypt the page */
> - err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num, page,
> - ciphertext_page, len, offs,
> - gfp_flags);
> - if (err)
> - return ERR_PTR(err);
> -
> + for (i = 0; i < page_nr_blks; i++) {
> + err = fscrypt_do_page_crypto(inode, FS_ENCRYPT,
> + lblk_num, page,
> + ciphertext_page,
> + i_blocksize(inode), offs,
> + gfp_flags);
> + if (err)
> + return ERR_PTR(err);
> + ++lblk_num;
> + offs += i_blocksize(inode);
> + }
> return ciphertext_page;
> }
>
> @@ -269,12 +277,17 @@ struct page *fscrypt_encrypt_page(const struct inode *inode,
> goto errout;
>
> ctx->control_page = page;
> - err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
> - page, ciphertext_page, len, offs,
> - gfp_flags);
> - if (err) {
> - ciphertext_page = ERR_PTR(err);
> - goto errout;
> +
> + for (i = 0; i < page_nr_blks; i++) {
> + err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
> + page, ciphertext_page,
> + i_blocksize(inode), offs, gfp_flags);
As I mentioned elsewhere, renaming fscrypt_do_page_crypto() to
fscrypt_crypt_block() would make more sense now.
> + if (err) {
> + ciphertext_page = ERR_PTR(err);
> + goto errout;
> + }
> + ++lblk_num;
> + offs += i_blocksize(inode);
> }
> SetPagePrivate(ciphertext_page);
> set_page_private(ciphertext_page, (unsigned long)ctx);
> --
> 2.19.1
>
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2019-04-30 17:11 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-28 4:31 [PATCH V2 00/13] Consolidate FS read I/O callbacks code Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 01/13] ext4: Clear BH_Uptodate flag on decryption error Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 02/13] Consolidate "read callbacks" into a new file Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-30 0:00 ` Eric Biggers
2019-04-30 0:00 ` [f2fs-dev] " Eric Biggers
2019-04-30 0:00 ` Eric Biggers
2019-05-01 12:30 ` Chandan Rajendra
2019-05-01 12:30 ` Chandan Rajendra
2019-04-30 1:37 ` Chao Yu
2019-04-30 1:37 ` Chao Yu
2019-04-30 1:37 ` Chao Yu
2019-05-01 12:31 ` Chandan Rajendra
2019-05-01 12:31 ` Chandan Rajendra
2019-04-30 18:05 ` Eric Biggers
2019-04-30 18:05 ` [f2fs-dev] " Eric Biggers
2019-04-30 18:05 ` Eric Biggers
2019-05-01 12:32 ` Chandan Rajendra
2019-05-01 12:32 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 03/13] fsverity: Add call back to decide if verity check has to be performed Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-30 21:10 ` Jeremy Sowden
2019-05-01 12:33 ` Chandan Rajendra
2019-05-01 12:33 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 04/13] fsverity: Add call back to determine readpage limit Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 05/13] fs/mpage.c: Integrate read callbacks Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 06/13] ext4: Wire up ext4_readpage[s] to use mpage_readpage[s] Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 07/13] Add decryption support for sub-pagesized blocks Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-30 0:38 ` Eric Biggers
2019-04-30 0:38 ` [f2fs-dev] " Eric Biggers
2019-04-30 0:38 ` Eric Biggers
2019-05-01 13:40 ` Chandan Rajendra
2019-05-01 13:40 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 08/13] ext4: Decrypt all boundary blocks when doing buffered write Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 09/13] ext4: Decrypt the block that needs to be partially zeroed Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 10/13] fscrypt_encrypt_page: Loop across all blocks mapped by a page range Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-30 17:11 ` Eric Biggers [this message]
2019-04-30 17:11 ` [f2fs-dev] " Eric Biggers
2019-04-30 17:11 ` Eric Biggers
2019-04-30 23:08 ` [f2fs-dev] " Eric Biggers
2019-04-30 23:08 ` Eric Biggers
2019-05-01 14:49 ` [f2fs-dev] " Chandan Rajendra
2019-05-01 14:49 ` Chandan Rajendra
2019-05-01 22:29 ` [f2fs-dev] " Eric Biggers
2019-05-01 22:29 ` Eric Biggers
2019-05-02 5:52 ` [f2fs-dev] " Chandan Rajendra
2019-05-02 5:52 ` Chandan Rajendra
2019-05-02 18:16 ` [f2fs-dev] " Eric Biggers
2019-05-02 18:16 ` Eric Biggers
2019-04-28 4:31 ` [PATCH V2 11/13] ext4: Compute logical block and the page range to be encrypted Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-30 17:01 ` Eric Biggers
2019-04-30 17:01 ` Eric Biggers
2019-05-01 14:11 ` Chandan Rajendra
2019-05-01 14:11 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 12/13] fscrypt_zeroout_range: Encrypt all zeroed out blocks of a page Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-30 16:51 ` Eric Biggers
2019-04-30 16:51 ` Eric Biggers
2019-05-01 14:22 ` Chandan Rajendra
2019-05-01 14:22 ` Chandan Rajendra
2019-04-28 4:31 ` [PATCH V2 13/13] ext4: Enable encryption for subpage-sized blocks Chandan Rajendra
2019-04-28 4:31 ` Chandan Rajendra
2019-04-30 0:27 ` [PATCH V2 00/13] Consolidate FS read I/O callbacks code Matthew Wilcox
2019-04-30 0:27 ` Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190430171133.GC48973@gmail.com \
--to=ebiggers@kernel.org \
--cc=adilger.kernel@dilger.ca \
--cc=chandan@linux.ibm.com \
--cc=hch@infradead.org \
--cc=jaegeuk@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=yuchao0@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.