From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 17459C28D13 for ; Sat, 20 Aug 2022 00:50:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245663AbiHTAuj (ORCPT ); Fri, 19 Aug 2022 20:50:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37724 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236835AbiHTAui (ORCPT ); Fri, 19 Aug 2022 20:50:38 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ADACC1022BC; Fri, 19 Aug 2022 17:50:37 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 356ED618FF; Sat, 20 Aug 2022 00:50:37 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 51F8AC433C1; Sat, 20 Aug 2022 00:50:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1660956636; bh=U0F0zSPNKxuAY6JOls6jvQa4zk4uPZ2rC67A6ackKBE=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ME/DzJnEsxK2YAl9iK6ao7UeCItu3b1qrVgFrl0XQ/mQrtocWYNjCfX0l6xdSBsuH Hq5L8CfZGP0vos/Au1tZUXs00oaV1xGtPaZWQMtAfhVSGZTz4V3ZjXwVvj54bUbL9a DfqDHffqHpoO3zUR3qNWg9Btp+l9/nQiGwHx1DASERd08lu8QcT1fbjtlSzD/c5sFk 7nT5MGhxT4CbY8Q0BAUhSC+VsKgbQEhuvQHggMcZM5Pd1bj7l8jFRwikxoyRJiB/3a lXHypQ+nUctz66s69PGdaWA2YfHqdRJ9sJ3yRD8hKlcOUxQXBHf734Wm5QLYp2jR+R yzTb8d5Sx49xw== Date: Fri, 19 Aug 2022 17:50:34 -0700 From: Eric Biggers To: Sweet Tea Dorminy Cc: Chris Mason , Josef Bacik , David Sterba , "Theodore Y . Ts'o" , Jaegeuk Kim , linux-fscrypt@vger.kernel.org, linux-btrfs@vger.kernel.org, kernel-team@fb.com Subject: Re: [PATCH 05/21] fscrypt: add new encryption policy for btrfs. Message-ID: References: <66fcd64620c0c0711bbe80aa85e92f04d539bd83.1660744500.git.sweettea-kernel@dorminy.me> <89d9ff01-c405-ec25-736a-bfba4c03e72c@dorminy.me> <80a2e21a-0835-6a7e-d8b6-9c1ca4ae157c@dorminy.me> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <80a2e21a-0835-6a7e-d8b6-9c1ca4ae157c@dorminy.me> Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org On Thu, Aug 18, 2022 at 08:22:53PM -0400, Sweet Tea Dorminy wrote: > > > On 8/18/22 18:07, Eric Biggers wrote: > > On Wed, Aug 17, 2022 at 11:54:56AM -0400, Sweet Tea Dorminy wrote: > > > > > > > > > On 8/17/22 10:49, Sweet Tea Dorminy wrote: > > > > Encryption for btrfs must be extent-based, rather than fscrypt's > > > > inode-based IV generation policies. In particular, btrfs can have > > > > multiple inodes referencing a single block of data, and moves logical > > > > data blocks to different physical locations on disk; these two features > > > > mean inode or physical-location-based IV generation policies will not > > > > work for btrfs. Instead, btrfs can store an IV per extent, generated by > > > > fscrypt and iterated per block within the extent, and provide that IV to > > > > fscrypt for encryption/decryption. > > > > > > > > Plumbing filesystem internals into fscrypt for IV generation would be > > > > ungainly and fragile. Thus, this change adds a new policy, IV_FROM_FS, > > > > and a new operation function pointer, get_fs_derived_iv. btrfs will > > > > require this policy to be used, and implements get_fs_derived_iv by > > > > getting the IV stored with the relevant file extent and iterating the IV > > > > to the appropriate block number. Thus, each individual block has its own > > > > IV, but all blocks within a file extent have iterated IVs according to > > > > their block number, similarly to the IV_INO_LBLK* policy iterating IVs > > > > for a given inode by lblk number. > > > > > > > > The IV buffer passed to get_fs_derived_iv() is pre-populated with the > > > > inode contexts' nonce, as not all data to be encrypted is associated > > > > with a file extent: for btrfs, this is used for filename encryption. > > > > > > > > Filesystems implementing this policy are expected to be incompatible > > > > with existing IV generation policies, so if the function pointer is set, > > > > only dummy or IV_FROM_FS policies are permitted. If there is a > > > > filesystem which allows other policies as well as IV_FROM_FS, it may be > > > > better to expose the policy to filesystems, so they can determine > > > > whether any given policy is compatible with their operation. > > > > > > > > Signed-off-by: Sweet Tea Dorminy > > > > --- > > > > > > I realized after sending that this doesn't have Documentation/ updates for > > > the new policy, still; apologies, and it remains on my queue. > > > > It looks like you also didn't address my feedback about IV_FROM_FS at > > https://lore.kernel.org/linux-fscrypt/YuBAiRg9K8IrlCqV@gmail.com ? > > Apologies; I must not have grasped what you were requesting fully. Should I > change the name from IV_FROM_FS to IV_PER_EXTENT? Yes, though IV_RAND_PER_EXTENT would probably be even better. I am asking for a proper name that expresses how the cryptography works in your scheme... And for a slightly different way of thinking about your scheme in general, where the way the cryptography works is a first class citizen of what your new flag means, rather than some abstract fs-specific thing that you are trying to hide from the UAPI and the fs/crypto/ library. - Eric