From: Eric Biggers <ebiggers@kernel.org>
To: Jan Prusakowski <jprusakowski@google.com>
Cc: Zorro Lang <zlang@kernel.org>, Chao Yu <chao@kernel.org>,
fstests@vger.kernel.org, jaegeuk@kernel.org,
linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [PATCH v2 1/1] common/encrypt: Do not run _verify_ciphertext_for_encryption_policy on compressed FS
Date: Fri, 3 Oct 2025 09:42:27 -0700 [thread overview]
Message-ID: <20251003164227.GA1649@quark> (raw)
In-Reply-To: <CAHwWncjUFzByau+oWh--Q3t-w6FjQ8kWG_fiOyEzLB=HHfdAsg@mail.gmail.com>
On Tue, Sep 16, 2025 at 02:13:39PM +0200, Jan Prusakowski wrote:
> On Mon, Sep 15, 2025 at 4:40 PM Eric Biggers <ebiggers@kernel.org> wrote:
> >
> > On Mon, Sep 15, 2025 at 12:04:51PM +0200, Jan Prusakowski wrote:
> > > common/encrypt: Do not run _verify_ciphertext_for_encryption_policy on compressed FS
> >
> > A better title would be something like
> > "common/encrypt: Explicitly set the test file to uncompressed".
>
> Agreed, will fix that in v3.
>
> > > @@ -790,6 +790,13 @@ _do_verify_ciphertext_for_encryption_policy()
> > > _set_encpolicy $dir $keyspec $set_encpolicy_args -f $policy_flags
> > > for src in $tmp.testfile_*; do
> > > dst=$dir/${src##*.}
> > > + # To make sure the test file is not compressed we create an empty one
> > > + # and disable compression first (F2FS won't allow resetting the
> > > + # compression flag if the file has data already in it).
> > > + touch $dst
> > > + if lsattr $dst | grep -qE ".+c.+ $dst" ; then
> > > + chattr -c $dst
> > > + fi
> > > cp $src $dst
> > > inode=$(stat -c %i $dst)
> > > blocklist=$(_get_ciphertext_block_list $dst)
> >
> > Is adding 'm' (FS_NOCOMP_FL) needed too? If not, why does it exist?
>
> In my setup files created have FS_COMPR_FL set from the start. Just clearing
> FS_COMPR_FL appears to help as now all the tests using
> _verify_ciphertext_for_encryption_policy
> pass when I run them on f2fs with "-o compress_extension=*".
>
> Do you think we should add 'm' (FS_NOCOMP_FL) as well just in case some other FS
> behaves differently? Do you have any ideas on what other FS I should check?
I think so. It doesn't look like f2fs does anything with FS_NOCOMP_FL,
other than enforce that it's mutually exclusive with FS_COMPR_FL. But
there could be filesystems where 0 gives the default behavior (which
could be compress) and FS_NOCOMP_FL is needed to disable compression.
btrfs might do that, actually. It doesn't support encryption yet,
though, so these tests can't be run on btrfs.
I would just add FS_NOCOMP_FL and make sure it still works on f2fs.
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
To: Jan Prusakowski <jprusakowski@google.com>
Cc: jaegeuk@kernel.org, Zorro Lang <zlang@kernel.org>,
fstests@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [f2fs-dev] [PATCH v2 1/1] common/encrypt: Do not run _verify_ciphertext_for_encryption_policy on compressed FS
Date: Fri, 3 Oct 2025 09:42:27 -0700 [thread overview]
Message-ID: <20251003164227.GA1649@quark> (raw)
In-Reply-To: <CAHwWncjUFzByau+oWh--Q3t-w6FjQ8kWG_fiOyEzLB=HHfdAsg@mail.gmail.com>
On Tue, Sep 16, 2025 at 02:13:39PM +0200, Jan Prusakowski wrote:
> On Mon, Sep 15, 2025 at 4:40 PM Eric Biggers <ebiggers@kernel.org> wrote:
> >
> > On Mon, Sep 15, 2025 at 12:04:51PM +0200, Jan Prusakowski wrote:
> > > common/encrypt: Do not run _verify_ciphertext_for_encryption_policy on compressed FS
> >
> > A better title would be something like
> > "common/encrypt: Explicitly set the test file to uncompressed".
>
> Agreed, will fix that in v3.
>
> > > @@ -790,6 +790,13 @@ _do_verify_ciphertext_for_encryption_policy()
> > > _set_encpolicy $dir $keyspec $set_encpolicy_args -f $policy_flags
> > > for src in $tmp.testfile_*; do
> > > dst=$dir/${src##*.}
> > > + # To make sure the test file is not compressed we create an empty one
> > > + # and disable compression first (F2FS won't allow resetting the
> > > + # compression flag if the file has data already in it).
> > > + touch $dst
> > > + if lsattr $dst | grep -qE ".+c.+ $dst" ; then
> > > + chattr -c $dst
> > > + fi
> > > cp $src $dst
> > > inode=$(stat -c %i $dst)
> > > blocklist=$(_get_ciphertext_block_list $dst)
> >
> > Is adding 'm' (FS_NOCOMP_FL) needed too? If not, why does it exist?
>
> In my setup files created have FS_COMPR_FL set from the start. Just clearing
> FS_COMPR_FL appears to help as now all the tests using
> _verify_ciphertext_for_encryption_policy
> pass when I run them on f2fs with "-o compress_extension=*".
>
> Do you think we should add 'm' (FS_NOCOMP_FL) as well just in case some other FS
> behaves differently? Do you have any ideas on what other FS I should check?
I think so. It doesn't look like f2fs does anything with FS_NOCOMP_FL,
other than enforce that it's mutually exclusive with FS_COMPR_FL. But
there could be filesystems where 0 gives the default behavior (which
could be compress) and FS_NOCOMP_FL is needed to disable compression.
btrfs might do that, actually. It doesn't support encryption yet,
though, so these tests can't be run on btrfs.
I would just add FS_NOCOMP_FL and make sure it still works on f2fs.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2025-10-03 16:42 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-15 10:04 [PATCH v2 0/1] Do not run _verify_ciphertext_for_encryption_policy on compressed FS Jan Prusakowski
2025-09-15 10:04 ` [f2fs-dev] " Jan Prusakowski via Linux-f2fs-devel
2025-09-15 10:04 ` [PATCH v2 1/1] common/encrypt: " Jan Prusakowski
2025-09-15 10:04 ` [f2fs-dev] " Jan Prusakowski via Linux-f2fs-devel
2025-09-15 14:39 ` Eric Biggers
2025-09-15 14:39 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
2025-09-16 12:13 ` Jan Prusakowski
2025-09-16 12:13 ` [f2fs-dev] " Jan Prusakowski via Linux-f2fs-devel
2025-10-03 16:42 ` Eric Biggers [this message]
2025-10-03 16:42 ` Eric Biggers via Linux-f2fs-devel
2025-09-15 14:34 ` [PATCH v2 0/1] " Eric Biggers
2025-09-15 14:34 ` [f2fs-dev] " Eric Biggers via Linux-f2fs-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251003164227.GA1649@quark \
--to=ebiggers@kernel.org \
--cc=chao@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=jaegeuk@kernel.org \
--cc=jprusakowski@google.com \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=zlang@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.