From: Eric Biggers via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
To: Mikulas Patocka <mpatocka@redhat.com>
Cc: dm-devel@lists.linux.dev, Israel Rukshin <israelr@nvidia.com>,
linux-kernel@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-block@vger.kernel.org, linux-fscrypt@vger.kernel.org,
Adrian Vovk <adrianvovk@gmail.com>,
Md Sadre Alam <quic_mdalam@quicinc.com>,
linux-ext4@vger.kernel.org, Milan Broz <gmazyland@gmail.com>
Subject: Re: [f2fs-dev] [RFC PATCH 2/4] block: add the bi_skip_dm_default_key flag
Date: Mon, 21 Oct 2024 19:02:49 +0000 [thread overview]
Message-ID: <20241021190249.GA1395714@google.com> (raw)
In-Reply-To: <2caf648d-73cf-9436-2af4-ad530a966592@redhat.com>
On Mon, Oct 21, 2024 at 01:11:36PM +0200, Mikulas Patocka wrote:
> Hi
>
> What about using the REQ_META flag (it is set on metadata bios and cleared
> on data bios), instead of adding a new flag with the same meaning?
>
> Mikulas
REQ_META is a hint and is not used for all metadata.
And while metadata is the main point, more precisely the goal is to encrypt
every block that isn't already encrypted. That means that the contents of files
that are unencrypted at the filesystem layer are encrypted by dm-default-key
too. So technically it's more than just metadata.
To avoid recurring "oops, we forgot to encrypt this" bugs, the right model is
really an opt-out flag, not opt-in. And especially not opt-in via something
that is currently just a hint and is used as such.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2024-10-21 19:03 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-18 18:43 [f2fs-dev] [RFC PATCH 0/4] dm-default-key: target for filesystem metadata encryption Eric Biggers via Linux-f2fs-devel
2024-10-18 18:43 ` [f2fs-dev] [RFC PATCH 1/4] block: export blk-crypto symbols required by dm-default-key Eric Biggers via Linux-f2fs-devel
2024-10-18 18:43 ` [f2fs-dev] [RFC PATCH 2/4] block: add the bi_skip_dm_default_key flag Eric Biggers via Linux-f2fs-devel
2024-10-21 11:11 ` Mikulas Patocka
2024-10-21 19:02 ` Eric Biggers via Linux-f2fs-devel [this message]
2024-10-18 18:43 ` [f2fs-dev] [RFC PATCH 3/4] dm-default-key: add target for filesystem metadata encryption Eric Biggers via Linux-f2fs-devel
2024-10-18 18:43 ` [f2fs-dev] [RFC PATCH 4/4] ext4, f2fs: support metadata encryption via dm-default-key Eric Biggers via Linux-f2fs-devel
2024-10-21 11:52 ` [f2fs-dev] [RFC PATCH 0/4] dm-default-key: target for filesystem metadata encryption Mikulas Patocka
2024-10-21 19:10 ` Eric Biggers via Linux-f2fs-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241021190249.GA1395714@google.com \
--to=linux-f2fs-devel@lists.sourceforge.net \
--cc=adrianvovk@gmail.com \
--cc=dm-devel@lists.linux.dev \
--cc=ebiggers@kernel.org \
--cc=gmazyland@gmail.com \
--cc=israelr@nvidia.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mpatocka@redhat.com \
--cc=quic_mdalam@quicinc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).