From: Eric Biggers <ebiggers@kernel.org>
To: Mikulas Patocka <mpatocka@redhat.com>
Cc: LongPing Wei <weilongping@oppo.com>,
dm-devel@lists.linux.dev, guoweichao@oppo.com,
snitzer@kernel.org
Subject: Re: [PATCH] dm: set DM_TARGET_PASSES_CRYPTO feature for dm-thin
Date: Thu, 31 Jul 2025 11:30:20 -0700 [thread overview]
Message-ID: <20250731183020.GA1312@quark> (raw)
In-Reply-To: <99a2ab74-55f3-5609-c887-e6c2d5df6228@redhat.com>
On Thu, Jul 31, 2025 at 06:04:52PM +0200, Mikulas Patocka wrote:
>
>
> On Wed, 30 Jul 2025, LongPing Wei wrote:
>
> > Hi, Mikulas
> >
> > For example:
> >
> > F2FS/EXT4
> > ----
> > dm-thin
> > ----
> > dm-thin-pool
> > ----
> > pool data
> >
> > 1. There is a block of testfile in F2FS/EXT4.
> > 2. The offset of this block is n.
> > 3. The position in the dm-thin device is m.
> > 4. The position in the pool data is x.
> >
> > The IV is only be affectted by offset in file and the ino of this file.
> >
> > Even if we change m by defrag or change x by COW, IV won't changed.
> >
> > The upper layer will only read the decrypted blocks with the same key and
> > continous IV in one bio.
> >
> > If the upper layer read the full chunk with mixed blocks for GC purpose, key
> > and IV won't be passed in. Then the upper layer just get the encrypted blocks.
> >
> > LongPing Wei
>
> Yes - so if the IV is calculated from inode and offset, it seems safe to
> support it on dm-thin. So, I accepted the patch (and increased the target
> version).
>
> BTW. what happens if someone uses FALLOC_FL_COLLAPSE_RANGE or
> FALLOC_FL_INSERT_RANGE on a file with inline encryption? That changes file
> offsets of existing data, so it should be disallowed when using inline
> encryption - but I don't see a test for this in the functions
> ext4_collapse_range and ext4_insert_range.
This seems to be a question about fscrypt, not about inline encryption
per se. FALLOC_FL_COLLAPSE_RANGE and FALLOC_FL_INSERT_RANGE fail with
EOPNOTSUPP on encrypted files, as is documented in
Documentation/filesystems/fscrypt.rst. For ext4, the check happens at
the beginning of ext4_fallocate().
- Eric
next prev parent reply other threads:[~2025-07-31 18:30 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-30 6:17 [PATCH] dm: set DM_TARGET_PASSES_CRYPTO feature for dm-thin LongPing Wei
2025-07-30 10:46 ` Mikulas Patocka
2025-07-30 11:59 ` LongPing Wei
2025-07-30 12:27 ` Mikulas Patocka
2025-07-30 13:08 ` LongPing Wei
2025-07-31 16:04 ` Mikulas Patocka
2025-07-31 18:30 ` Eric Biggers [this message]
2025-08-01 1:31 ` LongPing Wei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250731183020.GA1312@quark \
--to=ebiggers@kernel.org \
--cc=dm-devel@lists.linux.dev \
--cc=guoweichao@oppo.com \
--cc=mpatocka@redhat.com \
--cc=snitzer@kernel.org \
--cc=weilongping@oppo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.