From: David Howells <dhowells@redhat.com>
To: Jeff Layton <jlayton@kernel.org>, Steve French <smfrench@gmail.com>
Cc: David Howells <dhowells@redhat.com>,
Matthew Wilcox <willy@infradead.org>,
Marc Dionne <marc.dionne@auristor.com>,
Paulo Alcantara <pc@manguebit.com>,
Shyam Prasad N <sprasad@microsoft.com>,
Tom Talpey <tom@talpey.com>,
Dominique Martinet <asmadeus@codewreck.org>,
Ilya Dryomov <idryomov@gmail.com>,
Christian Brauner <christian@brauner.io>,
linux-cachefs@redhat.com, linux-afs@lists.infradead.org,
linux-cifs@vger.kernel.org, linux-nfs@vger.kernel.org,
ceph-devel@vger.kernel.org, v9fs@lists.linux.dev,
linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v2 35/51] netfs: Support decryption on ubuffered/DIO read
Date: Fri, 17 Nov 2023 21:15:27 +0000 [thread overview]
Message-ID: <20231117211544.1740466-36-dhowells@redhat.com> (raw)
In-Reply-To: <20231117211544.1740466-1-dhowells@redhat.com>
Support unbuffered and direct I/O reads from an encrypted file. This may
require making a larger read than is required into a bounce buffer and
copying out the required bits. We don't decrypt in-place in the user
buffer lest userspace interfere and muck up the decryption.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Jeff Layton <jlayton@kernel.org>
cc: linux-cachefs@redhat.com
cc: linux-fsdevel@vger.kernel.org
cc: linux-mm@kvack.org
---
fs/netfs/direct_read.c | 10 ++++++++++
fs/netfs/internal.h | 17 +++++++++++++++++
2 files changed, 27 insertions(+)
diff --git a/fs/netfs/direct_read.c b/fs/netfs/direct_read.c
index 52ad8fa66dd5..158719b56900 100644
--- a/fs/netfs/direct_read.c
+++ b/fs/netfs/direct_read.c
@@ -181,6 +181,16 @@ static ssize_t netfs_unbuffered_read_iter_locked(struct kiocb *iocb, struct iov_
iov_iter_advance(iter, orig_count);
}
+ /* If we're going to do decryption or decompression, we're going to
+ * need a bounce buffer - and if the data is misaligned for the crypto
+ * algorithm, we decrypt in place and then copy.
+ */
+ if (test_bit(NETFS_RREQ_CONTENT_ENCRYPTION, &rreq->flags)) {
+ if (!netfs_is_crypto_aligned(rreq, iter))
+ __set_bit(NETFS_RREQ_CRYPT_IN_PLACE, &rreq->flags);
+ __set_bit(NETFS_RREQ_USE_BOUNCE_BUFFER, &rreq->flags);
+ }
+
/* If we're going to use a bounce buffer, we need to set it up. We
* will then need to pad the request out to the minimum block size.
*/
diff --git a/fs/netfs/internal.h b/fs/netfs/internal.h
index fbecfd9b3174..447a67301329 100644
--- a/fs/netfs/internal.h
+++ b/fs/netfs/internal.h
@@ -193,6 +193,23 @@ static inline void netfs_put_group_many(struct netfs_group *netfs_group, int nr)
netfs_group->free(netfs_group);
}
+/*
+ * Check to see if a buffer aligns with the crypto unit block size. If it
+ * doesn't the crypto layer is going to copy all the data - in which case
+ * relying on the crypto op for a free copy is pointless.
+ */
+static inline bool netfs_is_crypto_aligned(struct netfs_io_request *rreq,
+ struct iov_iter *iter)
+{
+ struct netfs_inode *ctx = netfs_inode(rreq->inode);
+ unsigned long align, mask = (1UL << ctx->min_bshift) - 1;
+
+ if (!ctx->min_bshift)
+ return true;
+ align = iov_iter_alignment(iter);
+ return (align & mask) == 0;
+}
+
/*****************************************************************************/
/*
* debug tracing
next prev parent reply other threads:[~2023-11-17 21:18 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-17 21:14 [PATCH v2 00/51] netfs, afs, cifs: Delegate high-level I/O to netfslib David Howells
2023-11-17 21:14 ` [PATCH v2 01/51] netfs: Add a procfile to list in-progress requests David Howells
2023-11-17 21:14 ` [PATCH v2 02/51] netfs: Track the fpos above which the server has no data David Howells
2023-11-17 21:14 ` [PATCH v2 03/51] netfs: Allow the netfs to make the io (sub)request alloc larger David Howells
2023-11-17 21:14 ` [PATCH v2 04/51] netfs: Add a ->free_subrequest() op David Howells
2023-11-17 21:14 ` [PATCH v2 05/51] afs: Don't use folio->private to record partial modification David Howells
2023-11-17 21:14 ` [PATCH v2 06/51] netfs: Provide invalidate_folio and release_folio calls David Howells
2023-11-17 21:14 ` [PATCH v2 07/51] netfs: Implement unbuffered/DIO vs buffered I/O locking David Howells
2023-11-17 21:15 ` [PATCH v2 08/51] netfs: Add iov_iters to (sub)requests to describe various buffers David Howells
2023-11-17 21:15 ` [PATCH v2 09/51] netfs: Add support for DIO buffering David Howells
2023-11-17 21:15 ` [PATCH v2 10/51] netfs: Provide tools to create a buffer in an xarray David Howells
2023-11-17 21:15 ` [PATCH v2 11/51] netfs: Add bounce buffering support David Howells
2023-11-17 21:15 ` [PATCH v2 12/51] netfs: Add func to calculate pagecount/size-limited span of an iterator David Howells
2023-11-17 21:15 ` [PATCH v2 13/51] netfs: Limit subrequest by size or number of segments David Howells
2023-11-17 21:15 ` [PATCH v2 14/51] netfs: Export netfs_put_subrequest() and some tracepoints David Howells
2023-11-17 21:15 ` [PATCH v2 15/51] netfs: Extend the netfs_io_*request structs to handle writes David Howells
2023-11-17 21:15 ` [PATCH v2 16/51] netfs: Add a hook to allow tell the netfs to update its i_size David Howells
2023-11-17 21:15 ` [PATCH v2 17/51] netfs: Make netfs_put_request() handle a NULL pointer David Howells
2023-11-17 21:15 ` [PATCH v2 18/51] fscache: Add a function to begin an cache op from a netfslib request David Howells
2023-11-17 21:15 ` [PATCH v2 19/51] netfs: Make the refcounting of netfs_begin_read() easier to use David Howells
2023-11-17 21:15 ` [PATCH v2 20/51] netfs: Prep to use folio->private for write grouping and streaming write David Howells
2023-11-17 21:15 ` [PATCH v2 21/51] netfs: Dispatch write requests to process a writeback slice David Howells
2023-11-17 21:15 ` [PATCH v2 22/51] netfs: Provide func to copy data to pagecache for buffered write David Howells
2023-11-17 21:15 ` [PATCH v2 23/51] netfs: Make netfs_read_folio() handle streaming-write pages David Howells
2023-11-17 21:15 ` [PATCH v2 24/51] netfs: Allocate multipage folios in the writepath David Howells
2023-11-17 21:15 ` [PATCH v2 25/51] netfs: Implement support for unbuffered/DIO read David Howells
2023-11-17 21:15 ` [PATCH v2 26/51] netfs: Implement unbuffered/DIO write support David Howells
2023-11-17 21:15 ` [PATCH v2 27/51] netfs: Implement buffered write API David Howells
2023-11-17 21:15 ` [PATCH v2 28/51] netfs: Allow buffered shared-writeable mmap through netfs_page_mkwrite() David Howells
2023-11-17 21:15 ` [PATCH v2 29/51] netfs: Provide netfs_file_read_iter() David Howells
2023-11-17 21:15 ` [PATCH v2 30/51] netfs: Provide a writepages implementation David Howells
2023-11-17 21:15 ` [PATCH v2 31/51] netfs: Provide minimum blocksize parameter David Howells
2023-11-17 21:15 ` [PATCH v2 32/51] netfs: Make netfs_skip_folio_read() take account of blocksize David Howells
2023-11-17 21:15 ` [PATCH v2 33/51] netfs: Perform content encryption David Howells
2023-11-17 21:15 ` [PATCH v2 34/51] netfs: Decrypt encrypted content David Howells
2023-11-17 21:15 ` David Howells [this message]
2023-11-17 21:15 ` [PATCH v2 36/51] netfs: Support encryption on Unbuffered/DIO write David Howells
2023-11-17 21:15 ` [PATCH v2 37/51] netfs: Provide a launder_folio implementation David Howells
2023-11-17 21:15 ` [PATCH v2 38/51] netfs: Implement a write-through caching option David Howells
2023-11-17 21:15 ` [PATCH v2 39/51] netfs: Rearrange netfs_io_subrequest to put request pointer first David Howells
2023-11-17 21:15 ` [PATCH v2 40/51] afs: Use the netfs write helpers David Howells
2023-11-17 21:15 ` [PATCH v2 41/51] cifs: Replace cifs_readdata with a wrapper around netfs_io_subrequest David Howells
2023-11-17 21:15 ` [PATCH v2 42/51] cifs: Share server EOF pos with netfslib David Howells
2023-11-17 21:15 ` [PATCH v2 43/51] cifs: Replace cifs_writedata with a wrapper around netfs_io_subrequest David Howells
2023-11-17 21:15 ` [PATCH v2 44/51] cifs: Use more fields from netfs_io_subrequest David Howells
2023-11-17 21:15 ` [PATCH v2 45/51] cifs: Make wait_mtu_credits take size_t args David Howells
2023-11-17 21:15 ` [PATCH v2 46/51] cifs: Implement netfslib hooks David Howells
2023-11-17 21:15 ` [PATCH v2 47/51] cifs: Move cifs_loose_read_iter() and cifs_file_write_iter() to file.c David Howells
2023-11-17 21:15 ` [PATCH v2 48/51] cifs: Cut over to using netfslib David Howells
2023-11-17 21:15 ` [PATCH v2 49/51] cifs: Remove some code that's no longer used, part 1 David Howells
2023-11-17 21:15 ` [PATCH v2 50/51] cifs: Remove some code that's no longer used, part 2 David Howells
2023-11-17 21:15 ` [PATCH v2 51/51] cifs: Remove some code that's no longer used, part 3 David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231117211544.1740466-36-dhowells@redhat.com \
--to=dhowells@redhat.com \
--cc=asmadeus@codewreck.org \
--cc=ceph-devel@vger.kernel.org \
--cc=christian@brauner.io \
--cc=idryomov@gmail.com \
--cc=jlayton@kernel.org \
--cc=linux-afs@lists.infradead.org \
--cc=linux-cachefs@redhat.com \
--cc=linux-cifs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-nfs@vger.kernel.org \
--cc=marc.dionne@auristor.com \
--cc=netdev@vger.kernel.org \
--cc=pc@manguebit.com \
--cc=smfrench@gmail.com \
--cc=sprasad@microsoft.com \
--cc=tom@talpey.com \
--cc=v9fs@lists.linux.dev \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).