From: Josef Bacik <josef@toxicpanda.com>
To: linux-fscrypt@vger.kernel.org, ebiggers@kernel.org,
linux-btrfs@vger.kernel.org
Subject: [PATCH v2 31/36] btrfs: setup fscrypt_extent_info for new extents
Date: Tue, 10 Oct 2023 16:40:46 -0400 [thread overview]
Message-ID: <a70ef886566aa8dd52c4c9713f74b632e3e3ea85.1696970227.git.josef@toxicpanda.com> (raw)
In-Reply-To: <cover.1696970227.git.josef@toxicpanda.com>
New extents for encrypted inodes must have a fscrypt_extent_info, which
has the necessary keys and does all the registration at the block layer
for them. This is passed through all of the infrastructure we've
previously added to make sure the context gets saved properly with the
file extents.
Signed-off-by: Josef Bacik <josef@toxicpanda.com>
---
fs/btrfs/inode.c | 39 +++++++++++++++++++++++++++++++++++++--
1 file changed, 37 insertions(+), 2 deletions(-)
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index 4f23c3af60be..b0109b313217 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -7396,7 +7396,20 @@ static struct extent_map *create_io_em(struct btrfs_inode *inode, u64 start,
set_bit(EXTENT_FLAG_COMPRESSED, &em->flags);
em->compress_type = compress_type;
}
- em->encryption_type = BTRFS_ENCRYPTION_NONE;
+
+ if (IS_ENCRYPTED(&inode->vfs_inode)) {
+ struct fscrypt_extent_info *fscrypt_info;
+
+ em->encryption_type = BTRFS_ENCRYPTION_FSCRYPT;
+ fscrypt_info = fscrypt_prepare_new_extent(&inode->vfs_inode);
+ if (IS_ERR(fscrypt_info)) {
+ free_extent_map(em);
+ return ERR_CAST(fscrypt_info);
+ }
+ em->fscrypt_info = fscrypt_info;
+ } else {
+ em->encryption_type = BTRFS_ENCRYPTION_NONE;
+ }
ret = btrfs_replace_extent_map_range(inode, em, true);
if (ret) {
@@ -9785,6 +9798,9 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
if (trans)
own_trans = false;
while (num_bytes > 0) {
+ struct fscrypt_extent_info *fscrypt_info = NULL;
+ int encryption_type = BTRFS_ENCRYPTION_NONE;
+
cur_bytes = min_t(u64, num_bytes, SZ_256M);
cur_bytes = max(cur_bytes, min_size);
/*
@@ -9799,6 +9815,20 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
if (ret)
break;
+ if (IS_ENCRYPTED(inode)) {
+ fscrypt_info = fscrypt_prepare_new_extent(inode);
+ if (IS_ERR(fscrypt_info)) {
+ btrfs_dec_block_group_reservations(fs_info,
+ ins.objectid);
+ btrfs_free_reserved_extent(fs_info,
+ ins.objectid,
+ ins.offset, 0);
+ ret = PTR_ERR(fscrypt_info);
+ break;
+ }
+ encryption_type = BTRFS_ENCRYPTION_FSCRYPT;
+ }
+
/*
* We've reserved this space, and thus converted it from
* ->bytes_may_use to ->bytes_reserved. Any error that happens
@@ -9810,7 +9840,8 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
last_alloc = ins.offset;
trans = insert_prealloc_file_extent(trans, BTRFS_I(inode),
- &ins, NULL, cur_offset);
+ &ins, fscrypt_info,
+ cur_offset);
/*
* Now that we inserted the prealloc extent we can finally
* decrement the number of reservations in the block group.
@@ -9820,6 +9851,7 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
btrfs_dec_block_group_reservations(fs_info, ins.objectid);
if (IS_ERR(trans)) {
ret = PTR_ERR(trans);
+ fscrypt_put_extent_info(fscrypt_info);
btrfs_free_reserved_extent(fs_info, ins.objectid,
ins.offset, 0);
break;
@@ -9827,6 +9859,7 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
em = alloc_extent_map();
if (!em) {
+ fscrypt_put_extent_info(fscrypt_info);
btrfs_drop_extent_map_range(BTRFS_I(inode), cur_offset,
cur_offset + ins.offset - 1, false);
btrfs_set_inode_full_sync(BTRFS_I(inode));
@@ -9842,6 +9875,8 @@ static int __btrfs_prealloc_file_range(struct inode *inode, int mode,
em->ram_bytes = ins.offset;
set_bit(EXTENT_FLAG_PREALLOC, &em->flags);
em->generation = trans->transid;
+ em->fscrypt_info = fscrypt_info;
+ em->encryption_type = encryption_type;
ret = btrfs_replace_extent_map_range(BTRFS_I(inode), em, true);
free_extent_map(em);
--
2.41.0
next prev parent reply other threads:[~2023-10-10 20:42 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-10 20:40 [PATCH v2 00/36] btrfs: add fscrypt support Josef Bacik
2023-10-10 20:40 ` [PATCH v2 01/36] fscrypt: use a flag to indicate that the master key is being evicted Josef Bacik
2023-10-15 6:22 ` Eric Biggers
2023-10-10 20:40 ` [PATCH v2 02/36] fscrypt: don't wipe mk secret until the last active user is gone Josef Bacik
2023-10-15 6:25 ` Eric Biggers
2023-10-10 20:40 ` [PATCH v2 03/36] fscrypt: add per-extent encryption support Josef Bacik
2023-10-15 6:36 ` Eric Biggers
2023-10-10 20:40 ` [PATCH v2 04/36] fscrypt: disable all but standard v2 policies for extent encryption Josef Bacik
2023-10-15 6:27 ` Eric Biggers
2023-10-10 20:40 ` [PATCH v2 05/36] blk-crypto: add a process bio callback Josef Bacik
2023-10-15 6:32 ` Eric Biggers
2023-10-10 20:40 ` [PATCH v2 06/36] fscrypt: expose fscrypt_nokey_name Josef Bacik
2023-10-10 20:40 ` [PATCH v2 07/36] fscrypt: add documentation about extent encryption Josef Bacik
2023-10-10 20:40 ` [PATCH v2 08/36] btrfs: add infrastructure for safe em freeing Josef Bacik
2023-10-10 20:40 ` [PATCH v2 09/36] btrfs: disable various operations on encrypted inodes Josef Bacik
2023-10-10 20:40 ` [PATCH v2 10/36] btrfs: disable verity " Josef Bacik
2023-10-10 20:40 ` [PATCH v2 11/36] btrfs: start using fscrypt hooks Josef Bacik
2023-10-10 20:40 ` [PATCH v2 12/36] btrfs: add inode encryption contexts Josef Bacik
2023-10-10 20:40 ` [PATCH v2 13/36] btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag Josef Bacik
2023-10-10 20:40 ` [PATCH v2 14/36] btrfs: adapt readdir for encrypted and nokey names Josef Bacik
2023-10-10 20:40 ` [PATCH v2 15/36] btrfs: handle " Josef Bacik
2023-10-10 20:40 ` [PATCH v2 16/36] btrfs: implement fscrypt ioctls Josef Bacik
2023-10-10 20:40 ` [PATCH v2 17/36] btrfs: add encryption to CONFIG_BTRFS_DEBUG Josef Bacik
2023-10-10 20:40 ` [PATCH v2 18/36] btrfs: add get_devices hook for fscrypt Josef Bacik
2023-10-10 20:40 ` [PATCH v2 19/36] btrfs: turn on inlinecrypt mount option for encrypt Josef Bacik
2023-10-10 20:40 ` [PATCH v2 20/36] btrfs: set file extent encryption excplicitly Josef Bacik
2023-10-10 20:40 ` [PATCH v2 21/36] btrfs: add fscrypt_info and encryption_type to extent_map Josef Bacik
2023-10-10 20:40 ` [PATCH v2 22/36] btrfs: add fscrypt_info and encryption_type to ordered_extent Josef Bacik
2023-10-10 20:40 ` [PATCH v2 23/36] btrfs: plumb through setting the fscrypt_info for ordered extents Josef Bacik
2023-10-10 20:40 ` [PATCH v2 24/36] btrfs: populate the ordered_extent with the fscrypt context Josef Bacik
2023-10-10 20:40 ` [PATCH v2 25/36] btrfs: keep track of fscrypt info and orig_start for dio reads Josef Bacik
2023-10-10 20:40 ` [PATCH v2 26/36] btrfs: add an optional encryption context to the end of file extents Josef Bacik
2023-10-10 20:40 ` [PATCH v2 27/36] btrfs: explicitly track file extent length for replace and drop Josef Bacik
2023-10-10 20:40 ` [PATCH v2 28/36] btrfs: pass through fscrypt_extent_info to the file extent helpers Josef Bacik
2023-10-10 20:40 ` [PATCH v2 29/36] btrfs: pass the fscrypt_info through the replace extent infrastructure Josef Bacik
2023-10-10 20:40 ` [PATCH v2 30/36] btrfs: implement the fscrypt extent encryption hooks Josef Bacik
2023-10-10 20:40 ` Josef Bacik [this message]
2023-10-10 20:40 ` [PATCH v2 32/36] btrfs: populate ordered_extent with the orig offset Josef Bacik
2023-10-10 20:40 ` [PATCH v2 33/36] btrfs: set the bio fscrypt context when applicable Josef Bacik
2023-10-10 20:40 ` [PATCH v2 34/36] btrfs: add a bio argument to btrfs_csum_one_bio Josef Bacik
2023-10-10 20:40 ` [PATCH v2 35/36] btrfs: add orig_logical to btrfs_bio Josef Bacik
2023-10-10 20:40 ` [PATCH v2 36/36] btrfs: implement process_bio cb for fscrypt Josef Bacik
2023-11-21 23:02 ` [PATCH v2 00/36] btrfs: add fscrypt support Eric Biggers
2023-11-22 13:58 ` Josef Bacik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a70ef886566aa8dd52c4c9713f74b632e3e3ea85.1696970227.git.josef@toxicpanda.com \
--to=josef@toxicpanda.com \
--cc=ebiggers@kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).