From: Michael Halcrow <mhalcrow@google.com>
To: Michael Halcrow <mhalcrow@google.com>,
"Theodore Y . Ts'o" <tytso@mit.edu>,
Eric Biggers <ebiggers@google.com>,
Jaegeuk Kim <jaegeuk@kernel.org>,
linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-block@vger.kernel.org, dm-devel@redhat.com,
linux-ext4@vger.kernel.org,
Tyler Hicks <tyler.hicks@canonical.com>
Subject: [RFC PATCH 2/4] dm-crypt: Skip encryption of file system-encrypted blocks
Date: Wed, 14 Jun 2017 16:40:38 -0700 [thread overview]
Message-ID: <20170614234040.4326-3-mhalcrow@google.com> (raw)
In-Reply-To: <20170614234040.4326-1-mhalcrow@google.com>
File systems can encrypt some of their data blocks with their own
encryption keys, and for those blocks another round of encryption at
the dm-crypt layer may be redundant, depending on the keys being used.
This patch enables dm-crypt to observe the REQ_NOENCRYPT flag as an
indicator that a bio request should bypass the dm-crypt encryption
queue.
By default dm-crypt will ignore this request flag from the file
system. The user must set the allow_encrypt_override option to enable
this functionality. Once the dm-crypt has been used with the
allow_encrypt_override option for any given block device, it must
continue to be used with the option to avoid the possibility of data
corruption.
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
---
drivers/md/dm-crypt.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index ebf9e72d479b..14ca8a6de3d9 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -125,7 +125,8 @@ struct iv_tcw_private {
* and encrypts / decrypts at the same time.
*/
enum flags { DM_CRYPT_SUSPENDED, DM_CRYPT_KEY_VALID,
- DM_CRYPT_SAME_CPU, DM_CRYPT_NO_OFFLOAD };
+ DM_CRYPT_SAME_CPU, DM_CRYPT_NO_OFFLOAD,
+ DM_CRYPT_ENCRYPT_OVERRIDE };
enum cipher_flags {
CRYPT_MODE_INTEGRITY_AEAD, /* Use authenticated mode for cihper */
@@ -2572,6 +2573,8 @@ static int crypt_ctr_optional(struct dm_target *ti, unsigned int argc, char **ar
cc->sector_shift = __ffs(cc->sector_size) - SECTOR_SHIFT;
} else if (!strcasecmp(opt_string, "iv_large_sectors"))
set_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags);
+ else if (!strcasecmp(opt_string, "allow_encrypt_override"))
+ set_bit(DM_CRYPT_ENCRYPT_OVERRIDE, &cc->flags);
else {
ti->error = "Invalid feature arguments";
return -EINVAL;
@@ -2770,12 +2773,15 @@ static int crypt_map(struct dm_target *ti, struct bio *bio)
struct crypt_config *cc = ti->private;
/*
- * If bio is REQ_PREFLUSH or REQ_OP_DISCARD, just bypass crypt queues.
+ * If bio is REQ_PREFLUSH, REQ_NOENCRYPT, or REQ_OP_DISCARD,
+ * just bypass crypt queues.
* - for REQ_PREFLUSH device-mapper core ensures that no IO is in-flight
* - for REQ_OP_DISCARD caller must use flush if IO ordering matters
*/
- if (unlikely(bio->bi_opf & REQ_PREFLUSH ||
- bio_op(bio) == REQ_OP_DISCARD)) {
+ if (unlikely(bio->bi_opf & REQ_PREFLUSH) ||
+ (unlikely(bio->bi_opf & REQ_NOENCRYPT) &&
+ test_bit(DM_CRYPT_ENCRYPT_OVERRIDE, &cc->flags)) ||
+ bio_op(bio) == REQ_OP_DISCARD) {
bio->bi_bdev = cc->dev->bdev;
if (bio_sectors(bio))
bio->bi_iter.bi_sector = cc->start +
@@ -2862,6 +2868,7 @@ static void crypt_status(struct dm_target *ti, status_type_t type,
num_feature_args += test_bit(DM_CRYPT_NO_OFFLOAD, &cc->flags);
num_feature_args += cc->sector_size != (1 << SECTOR_SHIFT);
num_feature_args += test_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags);
+ num_feature_args += test_bit(DM_CRYPT_ENCRYPT_OVERRIDE, &cc->flags);
if (cc->on_disk_tag_size)
num_feature_args++;
if (num_feature_args) {
@@ -2878,6 +2885,8 @@ static void crypt_status(struct dm_target *ti, status_type_t type,
DMEMIT(" sector_size:%d", cc->sector_size);
if (test_bit(CRYPT_IV_LARGE_SECTORS, &cc->cipher_flags))
DMEMIT(" iv_large_sectors");
+ if (test_bit(DM_CRYPT_ENCRYPT_OVERRIDE, &cc->flags))
+ DMEMIT(" allow_encrypt_override");
}
break;
--
2.13.1.508.gb3defc5cc-goog
next prev parent reply other threads:[~2017-06-14 23:40 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-14 23:40 [RFC PATCH 0/4] Allow file systems to selectively bypass dm-crypt Michael Halcrow
2017-06-14 23:40 ` [RFC PATCH 1/4] block: Add bio req flag to disable encryption in block Michael Halcrow
2017-06-14 23:40 ` Michael Halcrow [this message]
2017-06-14 23:40 ` [RFC PATCH 3/4] ext4: Set the bio REQ_NOENCRYPT flag Michael Halcrow
2017-06-14 23:40 ` [RFC PATCH 4/4] f2fs: " Michael Halcrow
2017-06-15 7:33 ` [RFC PATCH 0/4] Allow file systems to selectively bypass dm-crypt Milan Broz
2017-06-15 17:24 ` Michael Halcrow
2017-06-15 18:17 ` Milan Broz
2017-06-16 18:42 ` Michael Halcrow
2017-06-20 14:44 ` Mike Snitzer
2017-06-16 10:34 ` [dm-crypt] " Daniel P. Berrange
2017-06-16 14:02 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170614234040.4326-3-mhalcrow@google.com \
--to=mhalcrow@google.com \
--cc=dm-devel@redhat.com \
--cc=ebiggers@google.com \
--cc=jaegeuk@kernel.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tyler.hicks@canonical.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox