From: Josef Bacik <josef@toxicpanda.com>
To: linux-btrfs@vger.kernel.org, kernel-team@fb.com,
ebiggers@kernel.org, linux-fscrypt@vger.kernel.org,
ngompa13@gmail.com
Subject: [PATCH 25/35] btrfs: add an optional encryption context to the end of file extents
Date: Tue, 26 Sep 2023 14:01:51 -0400 [thread overview]
Message-ID: <80494ada394d2a9ffeee2e4864cea194d9a75d9b.1695750478.git.josef@toxicpanda.com> (raw)
In-Reply-To: <cover.1695750478.git.josef@toxicpanda.com>
The fscrypt encryption context can be extended to include different
things in the future. To facilitate future expansion add an optional
btrfs_encryption_info to the end of the file extent. This will hold the
size of the context and then will have the binary context tacked onto
the end of the extent item.
Add the appropriate accessors to make it easy to read this information
if we have encryption set, and then update the tree-checker to validate
that if this is indeed set properly that the size matches properly.
Signed-off-by: Josef Bacik <josef@toxicpanda.com>
---
fs/btrfs/accessors.h | 48 +++++++++++++++++++++++++++
fs/btrfs/tree-checker.c | 58 ++++++++++++++++++++++++++++-----
include/uapi/linux/btrfs_tree.h | 17 +++++++++-
3 files changed, 113 insertions(+), 10 deletions(-)
diff --git a/fs/btrfs/accessors.h b/fs/btrfs/accessors.h
index 5627f13a3d3e..3e6c81449ce7 100644
--- a/fs/btrfs/accessors.h
+++ b/fs/btrfs/accessors.h
@@ -934,6 +934,10 @@ BTRFS_SETGET_STACK_FUNCS(super_uuid_tree_generation, struct btrfs_super_block,
BTRFS_SETGET_STACK_FUNCS(super_nr_global_roots, struct btrfs_super_block,
nr_global_roots, 64);
+/* struct btrfs_file_extent_encryption_info */
+BTRFS_SETGET_FUNCS(encryption_info_size, struct btrfs_encryption_info, size,
+ 32);
+
/* struct btrfs_file_extent_item */
BTRFS_SETGET_STACK_FUNCS(stack_file_extent_type, struct btrfs_file_extent_item,
type, 8);
@@ -975,6 +979,50 @@ BTRFS_SETGET_FUNCS(file_extent_encryption, struct btrfs_file_extent_item,
BTRFS_SETGET_FUNCS(file_extent_other_encoding, struct btrfs_file_extent_item,
other_encoding, 16);
+static inline struct btrfs_encryption_info *btrfs_file_extent_encryption_info(
+ const struct btrfs_file_extent_item *ei)
+{
+ unsigned long offset = (unsigned long)ei;
+
+ offset += offsetof(struct btrfs_file_extent_item, encryption_info);
+ return (struct btrfs_encryption_info *)offset;
+}
+
+static inline unsigned long btrfs_file_extent_encryption_ctx_offset(
+ const struct btrfs_file_extent_item *ei)
+{
+ unsigned long offset = (unsigned long)ei;
+
+ offset += offsetof(struct btrfs_file_extent_item, encryption_info);
+ return offset + offsetof(struct btrfs_encryption_info, context);
+}
+
+static inline u32 btrfs_file_extent_encryption_ctx_size(
+ const struct extent_buffer *eb,
+ const struct btrfs_file_extent_item *ei)
+{
+ return btrfs_encryption_info_size(eb,
+ btrfs_file_extent_encryption_info(ei));
+}
+
+static inline void btrfs_set_file_extent_encryption_ctx_size(
+ const struct extent_buffer *eb,
+ struct btrfs_file_extent_item *ei,
+ u32 val)
+{
+ btrfs_set_encryption_info_size(eb,
+ btrfs_file_extent_encryption_info(ei),
+ val);
+}
+
+static inline u32 btrfs_file_extent_encryption_info_size(
+ const struct extent_buffer *eb,
+ const struct btrfs_file_extent_item *ei)
+{
+ return btrfs_encryption_info_size(eb,
+ btrfs_file_extent_encryption_info(ei));
+}
+
/* btrfs_qgroup_status_item */
BTRFS_SETGET_FUNCS(qgroup_status_generation, struct btrfs_qgroup_status_item,
generation, 64);
diff --git a/fs/btrfs/tree-checker.c b/fs/btrfs/tree-checker.c
index c2afdf65c2bf..7fe6210c243a 100644
--- a/fs/btrfs/tree-checker.c
+++ b/fs/btrfs/tree-checker.c
@@ -211,6 +211,7 @@ static int check_extent_data_item(struct extent_buffer *leaf,
u32 item_size = btrfs_item_size(leaf, slot);
u64 extent_end;
u8 policy;
+ u8 fe_type;
if (unlikely(!IS_ALIGNED(key->offset, sectorsize))) {
file_extent_err(leaf, slot,
@@ -241,12 +242,12 @@ static int check_extent_data_item(struct extent_buffer *leaf,
SZ_4K);
return -EUCLEAN;
}
- if (unlikely(btrfs_file_extent_type(leaf, fi) >=
- BTRFS_NR_FILE_EXTENT_TYPES)) {
+
+ fe_type = btrfs_file_extent_type(leaf, fi);
+ if (unlikely(fe_type >= BTRFS_NR_FILE_EXTENT_TYPES)) {
file_extent_err(leaf, slot,
"invalid type for file extent, have %u expect range [0, %u]",
- btrfs_file_extent_type(leaf, fi),
- BTRFS_NR_FILE_EXTENT_TYPES - 1);
+ fe_type, BTRFS_NR_FILE_EXTENT_TYPES - 1);
return -EUCLEAN;
}
@@ -295,12 +296,51 @@ static int check_extent_data_item(struct extent_buffer *leaf,
return 0;
}
- /* Regular or preallocated extent has fixed item size */
- if (unlikely(item_size != sizeof(*fi))) {
- file_extent_err(leaf, slot,
+ if (policy == BTRFS_ENCRYPTION_FSCRYPT) {
+ size_t fe_size = sizeof(*fi) +
+ sizeof(struct btrfs_encryption_info);
+ u32 ctxsize;
+
+ if (unlikely(item_size < fe_size)) {
+ file_extent_err(leaf, slot,
+ "invalid item size for encrypted file extent, have %u expect = %zu + size of u32",
+ item_size, sizeof(*fi));
+ return -EUCLEAN;
+ }
+
+ ctxsize = btrfs_file_extent_encryption_info_size(leaf, fi);
+ if (unlikely(item_size != (fe_size + ctxsize))) {
+ file_extent_err(leaf, slot,
+ "invalid item size for encrypted file extent, have %u expect = %zu + context of size %u",
+ item_size, fe_size, ctxsize);
+ return -EUCLEAN;
+ }
+
+ if (unlikely(ctxsize > BTRFS_MAX_EXTENT_CTX_SIZE)) {
+ file_extent_err(leaf, slot,
+ "invalid file extent context size, have %u expect a maximum of %u",
+ ctxsize, BTRFS_MAX_EXTENT_CTX_SIZE);
+ return -EUCLEAN;
+ }
+
+ /*
+ * Only regular and prealloc extents should have an encryption
+ * context.
+ */
+ if (unlikely(fe_type != BTRFS_FILE_EXTENT_REG &&
+ fe_type != BTRFS_FILE_EXTENT_PREALLOC)) {
+ file_extent_err(leaf, slot,
+ "invalid type for encrypted file extent, have %u",
+ btrfs_file_extent_type(leaf, fi));
+ return -EUCLEAN;
+ }
+ } else {
+ if (unlikely(item_size != sizeof(*fi))) {
+ file_extent_err(leaf, slot,
"invalid item size for reg/prealloc file extent, have %u expect %zu",
- item_size, sizeof(*fi));
- return -EUCLEAN;
+ item_size, sizeof(*fi));
+ return -EUCLEAN;
+ }
}
if (unlikely(CHECK_FE_ALIGNED(leaf, slot, fi, ram_bytes, sectorsize) ||
CHECK_FE_ALIGNED(leaf, slot, fi, disk_bytenr, sectorsize) ||
diff --git a/include/uapi/linux/btrfs_tree.h b/include/uapi/linux/btrfs_tree.h
index dee650f0082c..5d9563fb6e7f 100644
--- a/include/uapi/linux/btrfs_tree.h
+++ b/include/uapi/linux/btrfs_tree.h
@@ -1067,12 +1067,24 @@ enum {
BTRFS_NR_FILE_EXTENT_TYPES = 3,
};
+/*
+ * Currently just the FSCRYPT_SET_CONTEXT_MAX_SIZE, which is larger than the
+ * current extent context size from fscrypt, so this should give us plenty of
+ * breathing room for expansion later.
+ */
+#define BTRFS_MAX_EXTENT_CTX_SIZE 40
+
enum {
BTRFS_ENCRYPTION_NONE,
BTRFS_ENCRYPTION_FSCRYPT,
BTRFS_NR_ENCRYPTION_TYPES,
};
+struct btrfs_encryption_info {
+ __le32 size;
+ __u8 context[0];
+};
+
struct btrfs_file_extent_item {
/*
* transaction id that created this extent
@@ -1128,7 +1140,10 @@ struct btrfs_file_extent_item {
* always reflects the size uncompressed and without encoding.
*/
__le64 num_bytes;
-
+ /*
+ * the encryption info, if any
+ */
+ struct btrfs_encryption_info encryption_info[0];
} __attribute__ ((__packed__));
struct btrfs_csum_item {
--
2.41.0
next prev parent reply other threads:[~2023-09-26 18:03 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-26 18:01 [PATCH 00/35] btrfs: add fscrypt support Josef Bacik
2023-09-26 18:01 ` [PATCH 01/35] fscrypt: rename fscrypt_info => fscrypt_inode_info Josef Bacik
2023-09-26 18:01 ` [PATCH 02/35] fscrypt: add per-extent encryption support Josef Bacik
2023-09-26 18:01 ` [PATCH 03/35] fscrypt: disable all but standard v2 policies for extent encryption Josef Bacik
2023-09-26 18:01 ` [PATCH 04/35] blk-crypto: add a process bio callback Josef Bacik
2023-09-26 18:01 ` [PATCH 05/35] fscrypt: expose fscrypt_nokey_name Josef Bacik
2023-09-26 18:01 ` [PATCH 06/35] fscrypt: add documentation about extent encryption Josef Bacik
2023-09-26 18:01 ` [PATCH 07/35] btrfs: add infrastructure for safe em freeing Josef Bacik
2023-09-26 18:01 ` [PATCH 08/35] btrfs: disable various operations on encrypted inodes Josef Bacik
2023-09-26 18:01 ` [PATCH 09/35] btrfs: disable verity " Josef Bacik
2023-09-26 18:01 ` [PATCH 10/35] btrfs: start using fscrypt hooks Josef Bacik
2023-09-26 18:01 ` [PATCH 11/35] btrfs: add inode encryption contexts Josef Bacik
2023-09-26 18:01 ` [PATCH 12/35] btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag Josef Bacik
2023-09-26 18:01 ` [PATCH 13/35] btrfs: adapt readdir for encrypted and nokey names Josef Bacik
2023-10-07 1:15 ` kernel test robot
2023-09-26 18:01 ` [PATCH 14/35] btrfs: handle " Josef Bacik
2023-09-26 18:01 ` [PATCH 15/35] btrfs: implement fscrypt ioctls Josef Bacik
2023-09-26 18:01 ` [PATCH 16/35] btrfs: add encryption to CONFIG_BTRFS_DEBUG Josef Bacik
2023-09-26 18:01 ` [PATCH 17/35] btrfs: add get_devices hook for fscrypt Josef Bacik
2023-09-26 18:01 ` [PATCH 18/35] btrfs: turn on inlinecrypt mount option for encrypt Josef Bacik
2023-09-26 18:01 ` [PATCH 19/35] btrfs: set file extent encryption excplicitly Josef Bacik
2023-09-26 18:01 ` [PATCH 20/35] btrfs: add fscrypt_info and encryption_type to extent_map Josef Bacik
2023-09-26 18:01 ` [PATCH 21/35] btrfs: add fscrypt_info and encryption_type to ordered_extent Josef Bacik
2023-09-26 18:01 ` [PATCH 22/35] btrfs: plumb through setting the fscrypt_info for ordered extents Josef Bacik
2023-09-26 18:01 ` [PATCH 23/35] btrfs: populate the ordered_extent with the fscrypt context Josef Bacik
2023-09-26 18:01 ` [PATCH 24/35] btrfs: keep track of fscrypt info and orig_start for dio reads Josef Bacik
2023-09-26 18:01 ` Josef Bacik [this message]
2023-09-26 18:01 ` [PATCH 26/35] btrfs: explicitly track file extent length for replace and drop Josef Bacik
2023-09-26 18:01 ` [PATCH 27/35] btrfs: pass through fscrypt_extent_info to the file extent helpers Josef Bacik
2023-09-26 18:01 ` [PATCH 28/35] btrfs: pass the fscrypt_info through the replace extent infrastructure Josef Bacik
2023-09-26 18:01 ` [PATCH 29/35] btrfs: implement the fscrypt extent encryption hooks Josef Bacik
2023-09-26 18:01 ` [PATCH 30/35] btrfs: setup fscrypt_extent_info for new extents Josef Bacik
2023-09-26 18:01 ` [PATCH 31/35] btrfs: populate ordered_extent with the orig offset Josef Bacik
2023-09-26 18:01 ` [PATCH 32/35] btrfs: set the bio fscrypt context when applicable Josef Bacik
2023-09-26 18:01 ` [PATCH 33/35] btrfs: add a bio argument to btrfs_csum_one_bio Josef Bacik
2023-09-26 18:02 ` [PATCH 34/35] btrfs: add orig_logical to btrfs_bio Josef Bacik
2023-09-26 18:02 ` [PATCH 35/35] btrfs: implement process_bio cb for fscrypt Josef Bacik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=80494ada394d2a9ffeee2e4864cea194d9a75d9b.1695750478.git.josef@toxicpanda.com \
--to=josef@toxicpanda.com \
--cc=ebiggers@kernel.org \
--cc=kernel-team@fb.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=ngompa13@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).