From: Daniel Vacek <neelx@suse.com>
To: Chris Mason <clm@fb.com>, Josef Bacik <josef@toxicpanda.com>,
Eric Biggers <ebiggers@kernel.org>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>, Jens Axboe <axboe@kernel.dk>,
David Sterba <dsterba@suse.com>
Cc: linux-block@vger.kernel.org, Daniel Vacek <neelx@suse.com>,
linux-fscrypt@vger.kernel.org, linux-btrfs@vger.kernel.org,
linux-kernel@vger.kernel.org,
Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
Subject: [PATCH v7 19/43] btrfs: add fscrypt_info and encryption_type to extent_map
Date: Wed, 13 May 2026 10:52:53 +0200 [thread overview]
Message-ID: <20260513085340.3673127-20-neelx@suse.com> (raw)
In-Reply-To: <20260513085340.3673127-1-neelx@suse.com>
From: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
Each extent_map will end up with a pointer to its associated
fscrypt_info if any, which should have the same lifetime as the
extent_map. We are also going to need to track the encryption_type
for the file extent items. Add the fscrypt_info to the extent_map and
the subsequent code for transferring it in the split and merge cases
as well as the code necessary to free them. A future patch will add
the code to load them as appropriate.
Signed-off-by: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
Signed-off-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Daniel Vacek <neelx@suse.com>
---
v5: https://lore.kernel.org/linux-btrfs/9818cd4134d048d2d641b9b8ae10be6c6af51956.1706116485.git.josef@toxicpanda.com/
* No significant changes since. Just add some btrfs_ prefixes even
to static functions in extent map header file to match the style.
---
fs/btrfs/extent_map.c | 32 +++++++++++++++++++++++++++++---
fs/btrfs/extent_map.h | 16 ++++++++++++++++
fs/btrfs/file-item.c | 1 +
fs/btrfs/inode.c | 1 +
4 files changed, 47 insertions(+), 3 deletions(-)
diff --git a/fs/btrfs/extent_map.c b/fs/btrfs/extent_map.c
index 61fe262667ee..d13fb42dafab 100644
--- a/fs/btrfs/extent_map.c
+++ b/fs/btrfs/extent_map.c
@@ -59,6 +59,7 @@ struct extent_map *btrfs_alloc_extent_map(void)
static void free_extent_map(struct extent_map *em)
{
+ fscrypt_put_extent_info(em->fscrypt_info);
kmem_cache_free(extent_map_cache, em);
}
@@ -99,12 +100,24 @@ void btrfs_free_extent_map_safe(struct extent_map_tree *tree,
if (!em)
return;
- if (refcount_dec_and_test(&em->refs)) {
- WARN_ON(btrfs_extent_map_in_tree(em));
- WARN_ON(!list_empty(&em->list));
+ if (!refcount_dec_and_test(&em->refs))
+ return;
+
+ WARN_ON(btrfs_extent_map_in_tree(em));
+ WARN_ON(!list_empty(&em->list));
+
+ /*
+ * We could take a lock freeing the fscrypt_info, so add this to the
+ * list of freed_extents to be freed later.
+ */
+ if (em->fscrypt_info) {
list_add_tail(&em->free_list, &tree->freed_extents);
set_bit(EXTENT_MAP_TREE_PENDING_FREES, &tree->flags);
+ return;
}
+
+ /* Nothing scary here, just free the object. */
+ free_extent_map(em);
}
/*
@@ -291,6 +304,10 @@ static bool can_merge_extent_map(const struct extent_map *em)
if (!list_empty(&em->list))
return false;
+ /* We can't merge encrypted extents. */
+ if (em->fscrypt_info)
+ return false;
+
return true;
}
@@ -311,6 +328,10 @@ static bool mergeable_maps(const struct extent_map *prev, const struct extent_ma
if (next->disk_bytenr < EXTENT_MAP_LAST_BYTE - 1)
return btrfs_extent_map_block_start(next) == extent_map_block_end(prev);
+ /* Don't merge adjacent encrypted maps. */
+ if (prev->fscrypt_info || next->fscrypt_info)
+ return false;
+
/* HOLES and INLINE extents. */
return next->disk_bytenr == prev->disk_bytenr;
}
@@ -977,6 +998,7 @@ void btrfs_drop_extent_map_range(struct btrfs_inode *inode, u64 start, u64 end,
split->generation = gen;
split->flags = flags;
+ split->fscrypt_info = fscrypt_get_extent_info(em->fscrypt_info);
replace_extent_mapping(inode, em, split, modified);
btrfs_free_extent_map(split);
split = split2;
@@ -1005,6 +1027,7 @@ void btrfs_drop_extent_map_range(struct btrfs_inode *inode, u64 start, u64 end,
split->ram_bytes = split->len;
}
+ split->fscrypt_info = fscrypt_get_extent_info(em->fscrypt_info);
if (btrfs_extent_map_in_tree(em)) {
replace_extent_mapping(inode, em, split, modified);
} else {
@@ -1163,6 +1186,7 @@ int btrfs_split_extent_map(struct btrfs_inode *inode, u64 start, u64 len, u64 pr
split_pre->ram_bytes = split_pre->len;
split_pre->flags = flags;
split_pre->generation = em->generation;
+ split_pre->fscrypt_info = fscrypt_get_extent_info(em->fscrypt_info);
replace_extent_mapping(inode, em, split_pre, true);
@@ -1180,6 +1204,8 @@ int btrfs_split_extent_map(struct btrfs_inode *inode, u64 start, u64 len, u64 pr
split_mid->ram_bytes = split_mid->len;
split_mid->flags = flags;
split_mid->generation = em->generation;
+ split_mid->fscrypt_info = fscrypt_get_extent_info(em->fscrypt_info);
+
add_extent_mapping(inode, split_mid, true);
/* Once for us */
diff --git a/fs/btrfs/extent_map.h b/fs/btrfs/extent_map.h
index a962012be1c3..a0d5be758e7e 100644
--- a/fs/btrfs/extent_map.h
+++ b/fs/btrfs/extent_map.h
@@ -24,6 +24,7 @@ enum {
ENUM_BIT(EXTENT_FLAG_COMPRESS_ZLIB),
ENUM_BIT(EXTENT_FLAG_COMPRESS_LZO),
ENUM_BIT(EXTENT_FLAG_COMPRESS_ZSTD),
+ ENUM_BIT(EXTENT_FLAG_ENCRYPT_FSCRYPT),
/* pre-allocated extent */
ENUM_BIT(EXTENT_FLAG_PREALLOC),
/* Logging this extent */
@@ -96,6 +97,7 @@ struct extent_map {
u64 generation;
u32 flags;
refcount_t refs;
+ struct fscrypt_extent_info *fscrypt_info;
struct list_head list;
struct list_head free_list;
};
@@ -114,6 +116,20 @@ struct extent_map_tree {
struct btrfs_inode;
+static inline void btrfs_extent_map_set_encryption(struct extent_map *em,
+ enum btrfs_encryption_type type)
+{
+ if (type == BTRFS_ENCRYPTION_FSCRYPT)
+ em->flags |= EXTENT_FLAG_ENCRYPT_FSCRYPT;
+}
+
+static inline enum btrfs_encryption_type btrfs_extent_map_encryption(const struct extent_map *em)
+{
+ if (em->flags & EXTENT_FLAG_ENCRYPT_FSCRYPT)
+ return BTRFS_ENCRYPTION_FSCRYPT;
+ return BTRFS_ENCRYPTION_NONE;
+}
+
static inline void btrfs_extent_map_set_compression(struct extent_map *em,
enum btrfs_compression_type type)
{
diff --git a/fs/btrfs/file-item.c b/fs/btrfs/file-item.c
index d72249390030..020d30709770 100644
--- a/fs/btrfs/file-item.c
+++ b/fs/btrfs/file-item.c
@@ -1364,6 +1364,7 @@ void btrfs_extent_item_to_extent_map(struct btrfs_inode *inode,
if (type == BTRFS_FILE_EXTENT_PREALLOC)
em->flags |= EXTENT_FLAG_PREALLOC;
}
+ btrfs_extent_map_set_encryption(em, btrfs_file_extent_encryption(leaf, fi));
} else if (type == BTRFS_FILE_EXTENT_INLINE) {
/* Tree-checker has ensured this. */
ASSERT(extent_start == 0);
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index bc2460292e43..17e2c77c584a 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -7655,6 +7655,7 @@ struct extent_map *btrfs_create_io_em(struct btrfs_inode *inode, u64 start,
em->flags |= EXTENT_FLAG_PINNED;
if (type == BTRFS_ORDERED_COMPRESSED)
btrfs_extent_map_set_compression(em, file_extent->compression);
+ btrfs_extent_map_set_encryption(em, BTRFS_ENCRYPTION_NONE);
ret = btrfs_replace_extent_map_range(inode, em, true);
if (ret) {
--
2.53.0
next prev parent reply other threads:[~2026-05-13 8:55 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-13 8:52 [PATCH v7 00/43] btrfs: add fscrypt support Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 01/43] fscrypt: add per-extent encryption support Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 02/43] fscrypt: allow inline encryption for extent based encryption Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 03/43] fscrypt: add a __fscrypt_file_open helper Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 04/43] fscrypt: conditionally don't wipe mk secret until the last active user is done Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 05/43] blk-crypto: add a process bio callback Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 06/43] fscrypt: add a process_bio hook to fscrypt_operations Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 07/43] fscrypt: expose fscrypt_nokey_name Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 08/43] fscrypt: add documentation about extent encryption Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 09/43] btrfs: add infrastructure for safe em freeing Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 10/43] btrfs: start using fscrypt hooks Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 11/43] btrfs: add inode encryption contexts Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 12/43] btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 13/43] btrfs: adapt readdir for encrypted and nokey names Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 14/43] btrfs: handle " Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 15/43] btrfs: implement fscrypt ioctls Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 16/43] btrfs: select encryption dependencies if FS_ENCRYPTION Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 17/43] btrfs: add get_devices hook for fscrypt Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 18/43] btrfs: set file extent encryption excplicitly Daniel Vacek
2026-05-13 8:52 ` Daniel Vacek [this message]
2026-05-13 8:52 ` [PATCH v7 20/43] btrfs: add fscrypt_info and encryption_type to ordered_extent Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 21/43] btrfs: plumb through setting the fscrypt_info for ordered extents Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 22/43] btrfs: populate the ordered_extent with the fscrypt context Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 23/43] btrfs: keep track of fscrypt info and orig_start for dio reads Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 24/43] btrfs: add extent encryption context tree item type Daniel Vacek
2026-05-13 8:52 ` [PATCH v7 25/43] btrfs: pass through fscrypt_extent_info to the file extent helpers Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 26/43] btrfs: implement the fscrypt extent encryption hooks Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 27/43] btrfs: setup fscrypt_extent_info for new extents Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 28/43] btrfs: populate ordered_extent with the orig offset Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 29/43] btrfs: set the bio fscrypt context when applicable Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 30/43] btrfs: add a bio argument to btrfs_csum_one_bio Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 31/43] btrfs: limit encrypted writes to 256 segments Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 32/43] btrfs: implement process_bio cb for fscrypt Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 33/43] btrfs: implement read repair for encryption Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 34/43] btrfs: add test_dummy_encryption support Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 35/43] btrfs: make btrfs_ref_to_path handle encrypted filenames Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 36/43] btrfs: deal with encrypted symlinks in send Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 37/43] btrfs: decrypt file names for send Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 38/43] btrfs: load the inode context before sending writes Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 39/43] btrfs: set the appropriate free space settings in reconfigure Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 40/43] btrfs: support encryption with log replay Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 41/43] btrfs: disable auto defrag on encrypted files Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 42/43] btrfs: disable encryption on RAID5/6 Daniel Vacek
2026-05-13 8:53 ` [PATCH v7 43/43] btrfs: disable send if we have encryption enabled Daniel Vacek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260513085340.3673127-20-neelx@suse.com \
--to=neelx@suse.com \
--cc=axboe@kernel.dk \
--cc=clm@fb.com \
--cc=dsterba@suse.com \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=josef@toxicpanda.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sweettea-kernel@dorminy.me \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox