From mboxrd@z Thu Jan 1 00:00:00 1970 From: Chandan Rajendra Subject: [PATCH V3 7/7] ext4: Enable encryption for subpage-sized blocks Date: Sun, 16 Jun 2019 21:38:13 +0530 Message-ID: <20190616160813.24464-8-chandan@linux.ibm.com> References: <20190616160813.24464-1-chandan@linux.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1hcXhw-0003OG-CC for linux-f2fs-devel@lists.sourceforge.net; Sun, 16 Jun 2019 16:08:40 +0000 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1hcXhr-00BBkr-J9 for linux-f2fs-devel@lists.sourceforge.net; Sun, 16 Jun 2019 16:08:39 +0000 Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x5GG6SVB087470 for ; Sun, 16 Jun 2019 12:08:30 -0400 Received: from e35.co.us.ibm.com (e35.co.us.ibm.com [32.97.110.153]) by mx0a-001b2d01.pphosted.com with ESMTP id 2t5e12empf-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 16 Jun 2019 12:08:29 -0400 Received: from localhost by e35.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Sun, 16 Jun 2019 17:08:29 +0100 In-Reply-To: <20190616160813.24464-1-chandan@linux.ibm.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: linux-f2fs-devel-bounces@lists.sourceforge.net To: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-fscrypt@vger.kernel.org Cc: hch@infradead.org, tytso@mit.edu, ebiggers@kernel.org, Chandan Rajendra , adilger.kernel@dilger.ca, jaegeuk@kernel.org Now that we have the code to support encryption for subpage-sized blocks, this commit removes the conditional check in filesystem mount code. The commit also changes the support statement in Documentation/filesystems/fscrypt.rst to reflect the fact that encryption of filesystems with blocksize less than page size now works. Signed-off-by: Chandan Rajendra --- Documentation/filesystems/fscrypt.rst | 4 ++-- fs/ext4/super.c | 7 ------- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index 08c23b60e016..c3efe86bf2b2 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -213,8 +213,8 @@ Contents encryption ------------------- For file contents, each filesystem block is encrypted independently. -Currently, only the case where the filesystem block size is equal to -the system's page size (usually 4096 bytes) is supported. +Starting from Linux kernel 5.4, encryption of filesystems with block +size less than system's page size is supported. Each block's IV is set to the logical block number within the file as a little endian number, except that: diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 4079605d437a..63661a86d148 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -4412,13 +4412,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) } } - if ((DUMMY_ENCRYPTION_ENABLED(sbi) || ext4_has_feature_encrypt(sb)) && - (blocksize != PAGE_SIZE)) { - ext4_msg(sb, KERN_ERR, - "Unsupported blocksize for fs encryption"); - goto failed_mount_wq; - } - if (DUMMY_ENCRYPTION_ENABLED(sbi) && !sb_rdonly(sb) && !ext4_has_feature_encrypt(sb)) { ext4_set_feature_encrypt(sb); -- 2.19.1 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.6 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 05D16C31E50 for ; Sun, 16 Jun 2019 16:08:41 +0000 (UTC) Received: from lists.sourceforge.net (lists.sourceforge.net [216.105.38.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CE42E2070B; Sun, 16 Jun 2019 16:08:40 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=sourceforge.net header.i=@sourceforge.net header.b="k1HLKIvj"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=sf.net header.i=@sf.net header.b="gfPU4aaO" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CE42E2070B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linux-f2fs-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1hcXhx-0003Oa-90; Sun, 16 Jun 2019 16:08:41 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1hcXhw-0003OG-CC for linux-f2fs-devel@lists.sourceforge.net; Sun, 16 Jun 2019 16:08:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Message-Id:Content-Transfer-Encoding:MIME-Version: References:In-Reply-To:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=RDZ4XRduwq1Jrz5DEfQaS3SBg+g3ILYZdZmC9JSQGm4=; b=k1HLKIvjSHOnGFPcx0GgbHKQtP dyBFpo/DtSwnh8ZnshNj4g19RF1072/VLrR+12B/p0CL3NGloUf95YHK4nELAvNCXbkspL4K+rFKG EE2P3snj30Vw02Z1P3/33ILyLzdyZ4tbLkGwMznlua0vQlqLPavP2O1E5ICWG/NGqOXI=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Message-Id:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=RDZ4XRduwq1Jrz5DEfQaS3SBg+g3ILYZdZmC9JSQGm4=; b=gfPU4aaOV5tDTcG7e6x9hxLObf 75naU0ES5MBuFMK3pMGrm2xZ48hOHiHiD894I7cO/lxvEwAQVSotoFpO9DgAHylffDAfmYaC6XY2M Ukof6n0llcBKoTISP8S4r90Ty17IK5vydASU5oTrQgaS7Bmpoo/MnV9QvJCv1nx9vfzg=; Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1hcXhr-00BBkr-J9 for linux-f2fs-devel@lists.sourceforge.net; Sun, 16 Jun 2019 16:08:39 +0000 Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x5GG6SVB087470 for ; Sun, 16 Jun 2019 12:08:30 -0400 Received: from e35.co.us.ibm.com (e35.co.us.ibm.com [32.97.110.153]) by mx0a-001b2d01.pphosted.com with ESMTP id 2t5e12empf-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 16 Jun 2019 12:08:29 -0400 Received: from localhost by e35.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Sun, 16 Jun 2019 17:08:29 +0100 Received: from b03cxnp08026.gho.boulder.ibm.com (9.17.130.18) by e35.co.us.ibm.com (192.168.1.135) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Sun, 16 Jun 2019 17:08:26 +0100 Received: from b03ledav001.gho.boulder.ibm.com (b03ledav001.gho.boulder.ibm.com [9.17.130.232]) by b03cxnp08026.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x5GG8PYa35455322 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 16 Jun 2019 16:08:25 GMT Received: from b03ledav001.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C06076E04E; Sun, 16 Jun 2019 16:08:25 +0000 (GMT) Received: from b03ledav001.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C49546E053; Sun, 16 Jun 2019 16:08:21 +0000 (GMT) Received: from localhost.localdomain.com (unknown [9.102.1.181]) by b03ledav001.gho.boulder.ibm.com (Postfix) with ESMTP; Sun, 16 Jun 2019 16:08:21 +0000 (GMT) From: Chandan Rajendra To: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-fscrypt@vger.kernel.org Date: Sun, 16 Jun 2019 21:38:13 +0530 X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190616160813.24464-1-chandan@linux.ibm.com> References: <20190616160813.24464-1-chandan@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19061616-0012-0000-0000-00001744B050 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00011273; HX=3.00000242; KW=3.00000007; PH=3.00000004; SC=3.00000286; SDB=6.01218855; UDB=6.00641061; IPR=6.00999987; MB=3.00027334; MTD=3.00000008; XFM=3.00000015; UTC=2019-06-16 16:08:29 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19061616-0013-0000-0000-000057B6E856 Message-Id: <20190616160813.24464-8-chandan@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-06-16_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1906160155 X-Headers-End: 1hcXhr-00BBkr-J9 Subject: [f2fs-dev] [PATCH V3 7/7] ext4: Enable encryption for subpage-sized blocks X-BeenThere: linux-f2fs-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: hch@infradead.org, tytso@mit.edu, ebiggers@kernel.org, Chandan Rajendra , adilger.kernel@dilger.ca, jaegeuk@kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Errors-To: linux-f2fs-devel-bounces@lists.sourceforge.net Message-ID: <20190616160813.NTHk8hU8vmAIunpLnAMHTx0nyzvuCcbB_Rz8GLkJ58w@z> Now that we have the code to support encryption for subpage-sized blocks, this commit removes the conditional check in filesystem mount code. The commit also changes the support statement in Documentation/filesystems/fscrypt.rst to reflect the fact that encryption of filesystems with blocksize less than page size now works. Signed-off-by: Chandan Rajendra --- Documentation/filesystems/fscrypt.rst | 4 ++-- fs/ext4/super.c | 7 ------- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index 08c23b60e016..c3efe86bf2b2 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -213,8 +213,8 @@ Contents encryption ------------------- For file contents, each filesystem block is encrypted independently. -Currently, only the case where the filesystem block size is equal to -the system's page size (usually 4096 bytes) is supported. +Starting from Linux kernel 5.4, encryption of filesystems with block +size less than system's page size is supported. Each block's IV is set to the logical block number within the file as a little endian number, except that: diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 4079605d437a..63661a86d148 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -4412,13 +4412,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) } } - if ((DUMMY_ENCRYPTION_ENABLED(sbi) || ext4_has_feature_encrypt(sb)) && - (blocksize != PAGE_SIZE)) { - ext4_msg(sb, KERN_ERR, - "Unsupported blocksize for fs encryption"); - goto failed_mount_wq; - } - if (DUMMY_ENCRYPTION_ENABLED(sbi) && !sb_rdonly(sb) && !ext4_has_feature_encrypt(sb)) { ext4_set_feature_encrypt(sb); -- 2.19.1 _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel