From: Christian Brauner <brauner@kernel.org>
To: Jeff Layton <jlayton@kernel.org>, Jan Kara <jack@suse.com>,
Christoph Hellwig <hch@lst.de>, Jens Axboe <axboe@kernel.dk>,
Josef Bacik <josef@toxicpanda.com>
Cc: Christian Brauner <brauner@kernel.org>,
Eric Biggers <ebiggers@kernel.org>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
linux-fsdevel@vger.kernel.org, linux-fscrypt@vger.kernel.org,
fsverity@lists.linux.dev
Subject: [PATCH v4 02/15] fs/crypto: use accessors
Date: Wed, 23 Jul 2025 12:57:40 +0200 [thread overview]
Message-ID: <20250723-work-inode-fscrypt-v4-2-c8e11488a0e6@kernel.org> (raw)
In-Reply-To: <20250723-work-inode-fscrypt-v4-0-c8e11488a0e6@kernel.org>
Use accessor to get and set the fscrypt info from the filesystem.
They can be removed once all filesystems have been converted to make
room for fscrypt info in their own inodes.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/crypto/bio.c | 2 +-
fs/crypto/crypto.c | 8 ++++----
fs/crypto/fname.c | 8 ++++----
fs/crypto/hooks.c | 2 +-
fs/crypto/inline_crypt.c | 10 +++++-----
fs/crypto/keysetup.c | 12 +++++++++---
fs/crypto/policy.c | 6 +++---
include/linux/fscrypt.h | 36 ++++++++++++++++++++++++++++++++++++
8 files changed, 63 insertions(+), 21 deletions(-)
diff --git a/fs/crypto/bio.c b/fs/crypto/bio.c
index 0ad8c30b8fa5..73e46d2af511 100644
--- a/fs/crypto/bio.c
+++ b/fs/crypto/bio.c
@@ -111,7 +111,7 @@ static int fscrypt_zeroout_range_inline_crypt(const struct inode *inode,
int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
sector_t pblk, unsigned int len)
{
- const struct fscrypt_inode_info *ci = inode->i_crypt_info;
+ const struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(inode);
const unsigned int du_bits = ci->ci_data_unit_bits;
const unsigned int du_size = 1U << du_bits;
const unsigned int du_per_page_bits = PAGE_SHIFT - du_bits;
diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index b74b5937e695..c27ea8baaf52 100644
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -181,7 +181,7 @@ struct page *fscrypt_encrypt_pagecache_blocks(struct folio *folio,
size_t len, size_t offs, gfp_t gfp_flags)
{
const struct inode *inode = folio->mapping->host;
- const struct fscrypt_inode_info *ci = inode->i_crypt_info;
+ const struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(inode);
const unsigned int du_bits = ci->ci_data_unit_bits;
const unsigned int du_size = 1U << du_bits;
struct page *ciphertext_page;
@@ -241,7 +241,7 @@ int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page,
{
if (WARN_ON_ONCE(inode->i_sb->s_cop->supports_subblock_data_units))
return -EOPNOTSUPP;
- return fscrypt_crypt_data_unit(inode->i_crypt_info, FS_ENCRYPT,
+ return fscrypt_crypt_data_unit(fscrypt_get_inode_info_raw(inode), FS_ENCRYPT,
lblk_num, page, page, len, offs,
gfp_flags);
}
@@ -265,7 +265,7 @@ int fscrypt_decrypt_pagecache_blocks(struct folio *folio, size_t len,
size_t offs)
{
const struct inode *inode = folio->mapping->host;
- const struct fscrypt_inode_info *ci = inode->i_crypt_info;
+ const struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(inode);
const unsigned int du_bits = ci->ci_data_unit_bits;
const unsigned int du_size = 1U << du_bits;
u64 index = ((u64)folio->index << (PAGE_SHIFT - du_bits)) +
@@ -316,7 +316,7 @@ int fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *page,
{
if (WARN_ON_ONCE(inode->i_sb->s_cop->supports_subblock_data_units))
return -EOPNOTSUPP;
- return fscrypt_crypt_data_unit(inode->i_crypt_info, FS_DECRYPT,
+ return fscrypt_crypt_data_unit(fscrypt_get_inode_info_raw(inode), FS_DECRYPT,
lblk_num, page, page, len, offs,
GFP_NOFS);
}
diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
index 010f9c0a4c2f..674b5fb11ac1 100644
--- a/fs/crypto/fname.c
+++ b/fs/crypto/fname.c
@@ -94,7 +94,7 @@ int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *iname,
{
struct skcipher_request *req = NULL;
DECLARE_CRYPTO_WAIT(wait);
- const struct fscrypt_inode_info *ci = inode->i_crypt_info;
+ const struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(inode);
struct crypto_skcipher *tfm = ci->ci_enc_key.tfm;
union fscrypt_iv iv;
struct scatterlist sg;
@@ -151,7 +151,7 @@ static int fname_decrypt(const struct inode *inode,
struct skcipher_request *req = NULL;
DECLARE_CRYPTO_WAIT(wait);
struct scatterlist src_sg, dst_sg;
- const struct fscrypt_inode_info *ci = inode->i_crypt_info;
+ const struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(inode);
struct crypto_skcipher *tfm = ci->ci_enc_key.tfm;
union fscrypt_iv iv;
int res;
@@ -293,7 +293,7 @@ bool __fscrypt_fname_encrypted_size(const union fscrypt_policy *policy,
bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len,
u32 max_len, u32 *encrypted_len_ret)
{
- return __fscrypt_fname_encrypted_size(&inode->i_crypt_info->ci_policy,
+ return __fscrypt_fname_encrypted_size(&fscrypt_get_inode_info_raw(inode)->ci_policy,
orig_len, max_len,
encrypted_len_ret);
}
@@ -562,7 +562,7 @@ EXPORT_SYMBOL_GPL(fscrypt_match_name);
*/
u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name)
{
- const struct fscrypt_inode_info *ci = dir->i_crypt_info;
+ const struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(dir);
WARN_ON_ONCE(!ci->ci_dirhash_key_initialized);
diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index d8d5049b8fe1..61bbe7d46df4 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -197,7 +197,7 @@ int fscrypt_prepare_setflags(struct inode *inode,
err = fscrypt_require_key(inode);
if (err)
return err;
- ci = inode->i_crypt_info;
+ ci = fscrypt_get_inode_info_raw(inode);
if (ci->ci_policy.version != FSCRYPT_POLICY_V2)
return -EINVAL;
mk = ci->ci_master_key;
diff --git a/fs/crypto/inline_crypt.c b/fs/crypto/inline_crypt.c
index 1d008c440cb6..6c2784b8e67a 100644
--- a/fs/crypto/inline_crypt.c
+++ b/fs/crypto/inline_crypt.c
@@ -262,7 +262,7 @@ int fscrypt_derive_sw_secret(struct super_block *sb,
bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode)
{
- return inode->i_crypt_info->ci_inlinecrypt;
+ return fscrypt_get_inode_info_raw(inode)->ci_inlinecrypt;
}
EXPORT_SYMBOL_GPL(__fscrypt_inode_uses_inline_crypto);
@@ -306,7 +306,7 @@ void fscrypt_set_bio_crypt_ctx(struct bio *bio, const struct inode *inode,
if (!fscrypt_inode_uses_inline_crypto(inode))
return;
- ci = inode->i_crypt_info;
+ ci = fscrypt_get_inode_info_raw(inode);
fscrypt_generate_dun(ci, first_lblk, dun);
bio_crypt_set_ctx(bio, ci->ci_enc_key.blk_key, dun, gfp_mask);
@@ -396,10 +396,10 @@ bool fscrypt_mergeable_bio(struct bio *bio, const struct inode *inode,
* uses the same pointer. I.e., there's currently no need to support
* merging requests where the keys are the same but the pointers differ.
*/
- if (bc->bc_key != inode->i_crypt_info->ci_enc_key.blk_key)
+ if (bc->bc_key != fscrypt_get_inode_info_raw(inode)->ci_enc_key.blk_key)
return false;
- fscrypt_generate_dun(inode->i_crypt_info, next_lblk, next_dun);
+ fscrypt_generate_dun(fscrypt_get_inode_info_raw(inode), next_lblk, next_dun);
return bio_crypt_dun_is_contiguous(bc, bio->bi_iter.bi_size, next_dun);
}
EXPORT_SYMBOL_GPL(fscrypt_mergeable_bio);
@@ -501,7 +501,7 @@ u64 fscrypt_limit_io_blocks(const struct inode *inode, u64 lblk, u64 nr_blocks)
if (nr_blocks <= 1)
return nr_blocks;
- ci = inode->i_crypt_info;
+ ci = fscrypt_get_inode_info_raw(inode);
if (!(fscrypt_policy_flags(&ci->ci_policy) &
FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32))
return nr_blocks;
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index 0d71843af946..8fd89ce0b614 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -644,7 +644,7 @@ fscrypt_setup_encryption_info(struct inode *inode,
* fscrypt_get_inode_info(). I.e., here we publish ->i_crypt_info with
* a RELEASE barrier so that other tasks can ACQUIRE it.
*/
- if (cmpxchg_release(&inode->i_crypt_info, NULL, crypt_info) == NULL) {
+ if (fscrypt_set_inode_info(inode, crypt_info)) {
/*
* We won the race and set ->i_crypt_info to our crypt_info.
* Now link it into the master key's inode list.
@@ -797,8 +797,14 @@ EXPORT_SYMBOL_GPL(fscrypt_prepare_new_inode);
*/
void fscrypt_put_encryption_info(struct inode *inode)
{
- put_crypt_info(inode->i_crypt_info);
- inode->i_crypt_info = NULL;
+ struct fscrypt_inode_info **crypt_info;
+
+ if (inode->i_sb->s_cop->inode_info_offs)
+ crypt_info = fscrypt_addr(inode);
+ else
+ crypt_info = &inode->i_crypt_info;
+ put_crypt_info(*crypt_info);
+ *crypt_info = NULL;
}
EXPORT_SYMBOL(fscrypt_put_encryption_info);
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
index 701259991277..d9fb2898a14a 100644
--- a/fs/crypto/policy.c
+++ b/fs/crypto/policy.c
@@ -725,7 +725,7 @@ const union fscrypt_policy *fscrypt_policy_to_inherit(struct inode *dir)
err = fscrypt_require_key(dir);
if (err)
return ERR_PTR(err);
- return &dir->i_crypt_info->ci_policy;
+ return &fscrypt_get_inode_info_raw(dir)->ci_policy;
}
return fscrypt_get_dummy_policy(dir->i_sb);
@@ -744,7 +744,7 @@ const union fscrypt_policy *fscrypt_policy_to_inherit(struct inode *dir)
*/
int fscrypt_context_for_new_inode(void *ctx, struct inode *inode)
{
- struct fscrypt_inode_info *ci = inode->i_crypt_info;
+ struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(inode);
BUILD_BUG_ON(sizeof(union fscrypt_context) !=
FSCRYPT_SET_CONTEXT_MAX_SIZE);
@@ -769,7 +769,7 @@ EXPORT_SYMBOL_GPL(fscrypt_context_for_new_inode);
*/
int fscrypt_set_context(struct inode *inode, void *fs_data)
{
- struct fscrypt_inode_info *ci = inode->i_crypt_info;
+ struct fscrypt_inode_info *ci = fscrypt_get_inode_info_raw(inode);
union fscrypt_context ctx;
int ctxsize;
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index 0ece9d443c82..123871dd394c 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -200,6 +200,38 @@ struct fscrypt_operations {
int fscrypt_d_revalidate(struct inode *dir, const struct qstr *name,
struct dentry *dentry, unsigned int flags);
+static inline struct fscrypt_inode_info **fscrypt_addr(const struct inode *inode)
+{
+ return ((void *)inode + inode->i_sb->s_cop->inode_info_offs);
+}
+
+static inline bool fscrypt_set_inode_info(struct inode *inode,
+ struct fscrypt_inode_info *crypt_info)
+{
+ void *p;
+
+ /*
+ * For existing inodes, multiple tasks may race to set ->i_crypt_info.
+ * So use cmpxchg_release(). This pairs with the smp_load_acquire() in
+ * fscrypt_get_inode_info(). I.e., here we publish ->i_crypt_info with
+ * a RELEASE barrier so that other tasks can ACQUIRE it.
+ */
+
+ if (inode->i_sb->s_cop->inode_info_offs)
+ p = cmpxchg_release(fscrypt_addr(inode), NULL, crypt_info);
+ else
+ p = cmpxchg_release(&inode->i_crypt_info, NULL, crypt_info);
+ return p == NULL;
+}
+
+static inline struct fscrypt_inode_info *
+fscrypt_get_inode_info_raw(const struct inode *inode)
+{
+ if (inode->i_sb->s_cop->inode_info_offs)
+ return *fscrypt_addr(inode);
+ return inode->i_crypt_info;
+}
+
static inline struct fscrypt_inode_info *
fscrypt_get_inode_info(const struct inode *inode)
{
@@ -209,6 +241,10 @@ fscrypt_get_inode_info(const struct inode *inode)
* a RELEASE barrier. We need to use smp_load_acquire() here to safely
* ACQUIRE the memory the other task published.
*/
+
+ if (inode->i_sb->s_cop->inode_info_offs)
+ return smp_load_acquire(fscrypt_addr(inode));
+
return smp_load_acquire(&inode->i_crypt_info);
}
--
2.47.2
next prev parent reply other threads:[~2025-07-23 10:58 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-15 14:35 [PATCH RFC DRAFT DOESNOTBUILD] inode: free up more space Christian Brauner
2025-07-15 14:52 ` Jeff Layton
2025-07-15 16:09 ` Matthew Wilcox
2025-07-16 12:53 ` Christian Brauner
2025-07-16 13:02 ` Christoph Hellwig
2025-07-17 7:48 ` Christian Brauner
2025-07-17 7:51 ` Christoph Hellwig
2025-07-17 15:55 ` Darrick J. Wong
2025-07-16 9:15 ` Jan Kara
2025-07-16 9:50 ` Christian Brauner
2025-07-16 11:21 ` Christoph Hellwig
2025-07-16 12:19 ` Christian Brauner
2025-07-16 12:38 ` Jeff Layton
2025-07-16 14:08 ` Matthew Wilcox
2025-07-16 14:10 ` Christoph Hellwig
2025-07-17 8:32 ` Christian Brauner
2025-07-17 10:54 ` Jan Kara
2025-07-17 11:40 ` Christian Brauner
2025-07-17 11:43 ` Christoph Hellwig
2025-07-17 12:57 ` Jan Kara
2025-07-18 8:24 ` Christian Brauner
2025-07-18 8:32 ` Christoph Hellwig
2025-07-18 8:58 ` Christian Brauner
2025-07-18 16:04 ` Eric Biggers
2025-07-18 17:11 ` Eric Biggers
2025-07-21 6:14 ` Christoph Hellwig
2025-07-21 23:55 ` Eric Biggers
2025-07-22 5:49 ` Christoph Hellwig
2025-07-22 7:52 ` Jan Kara
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 00/13] Move fscrypt and fsverity out of struct inode Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 01/13] fs: add fscrypt offset Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 02/13] fs/crypto: use accessors Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 03/13] ext4: move fscrypt to filesystem inode Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 04/13] ubifs: " Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 05/13] f2fs: " Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 06/13] ceph: " Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 07/13] fs: drop i_crypt_info from struct inode Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 08/13] fs: add fsverity offset Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 09/13] fs/verity: use accessors Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 10/13] btrfs: move fsverity to filesystem inode Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 11/13] ext4: " Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 12/13] f2fs: " Christian Brauner
2025-07-22 12:57 ` [PATCH RFC DRAFT v2 13/13] fs: drop i_verity_info from struct inode Christian Brauner
2025-07-22 13:09 ` [PATCH RFC DRAFT v2 00/13] Move fscrypt and fsverity out of " Christian Brauner
2025-07-22 19:27 ` [PATCH v3 " Christian Brauner
2025-07-22 19:27 ` [PATCH v3 01/13] fs: add fscrypt offset Christian Brauner
2025-07-22 20:02 ` Eric Biggers
2025-07-23 7:48 ` Christian Brauner
2025-07-23 3:49 ` Al Viro
2025-07-22 19:27 ` [PATCH v3 02/13] fs/crypto: use accessors Christian Brauner
2025-07-22 19:27 ` [PATCH v3 03/13] ext4: move fscrypt to filesystem inode Christian Brauner
2025-07-22 20:07 ` Eric Biggers
2025-07-23 8:59 ` Christian Brauner
2025-07-22 19:27 ` [PATCH v3 04/13] ubifs: " Christian Brauner
2025-07-22 19:27 ` [PATCH v3 05/13] f2fs: " Christian Brauner
2025-07-22 19:27 ` [PATCH v3 06/13] ceph: " Christian Brauner
2025-07-22 20:14 ` Eric Biggers
2025-07-23 8:58 ` Christian Brauner
2025-07-22 19:27 ` [PATCH v3 07/13] fs: drop i_crypt_info from struct inode Christian Brauner
2025-07-22 20:19 ` Eric Biggers
2025-07-23 8:52 ` Christian Brauner
2025-07-22 19:27 ` [PATCH v3 08/13] fs: add fsverity offset Christian Brauner
2025-07-23 3:53 ` Al Viro
2025-07-22 19:27 ` [PATCH v3 09/13] fs/verity: use accessors Christian Brauner
2025-07-22 20:25 ` Eric Biggers
2025-07-23 8:55 ` Christian Brauner
2025-07-22 19:27 ` [PATCH v3 10/13] btrfs: move fsverity to filesystem inode Christian Brauner
2025-07-22 19:27 ` [PATCH v3 11/13] ext4: " Christian Brauner
2025-07-22 19:27 ` [PATCH v3 12/13] f2fs: " Christian Brauner
2025-07-22 19:27 ` [PATCH v3 13/13] fs: drop i_verity_info from struct inode Christian Brauner
2025-07-23 10:57 ` [PATCH v4 00/15] Move fscrypt and fsverity out of " Christian Brauner
2025-07-23 10:57 ` [PATCH v4 01/15] fs: add fscrypt offset Christian Brauner
2025-07-23 10:57 ` Christian Brauner [this message]
2025-07-25 0:29 ` [PATCH v4 02/15] fs/crypto: use accessors Eric Biggers
2025-07-25 4:01 ` Eric Biggers
2025-07-23 10:57 ` [PATCH v4 03/15] ext4: move fscrypt to filesystem inode Christian Brauner
2025-07-25 0:32 ` Eric Biggers
2025-07-23 10:57 ` [PATCH v4 04/15] ubifs: " Christian Brauner
2025-07-23 10:57 ` [PATCH v4 05/15] f2fs: " Christian Brauner
2025-07-23 10:57 ` [PATCH v4 06/15] ceph: " Christian Brauner
2025-07-25 0:34 ` Eric Biggers
2025-07-25 8:15 ` Christian Brauner
2025-07-23 10:57 ` [PATCH v4 07/15] fs: drop i_crypt_info from struct inode Christian Brauner
2025-07-25 0:38 ` Eric Biggers
2025-07-23 10:57 ` [PATCH v4 08/15] fscrypt: rephrase documentation and comments Christian Brauner
2025-07-25 0:35 ` Eric Biggers
2025-07-23 10:57 ` [PATCH v4 09/15] fs: add fsverity offset Christian Brauner
2025-07-25 0:45 ` Eric Biggers
2025-07-23 10:57 ` [PATCH v4 10/15] fs/verity: use accessors Christian Brauner
2025-07-23 10:57 ` [PATCH v4 11/15] btrfs: move fsverity to filesystem inode Christian Brauner
2025-07-23 10:57 ` [PATCH v4 12/15] ext4: " Christian Brauner
2025-07-23 10:57 ` [PATCH v4 13/15] f2fs: " Christian Brauner
2025-07-23 10:57 ` [PATCH v4 14/15] fs: drop i_verity_info from struct inode Christian Brauner
2025-07-25 0:43 ` Eric Biggers
2025-07-23 10:57 ` [PATCH v4 15/15] fsverity: rephrase documentation and comments Christian Brauner
2025-07-22 13:50 ` [PATCH RFC DRAFT v2 00/13] Move fscrypt and fsverity out of struct inode Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250723-work-inode-fscrypt-v4-2-c8e11488a0e6@kernel.org \
--to=brauner@kernel.org \
--cc=axboe@kernel.dk \
--cc=ebiggers@kernel.org \
--cc=fsverity@lists.linux.dev \
--cc=hch@lst.de \
--cc=jack@suse.com \
--cc=jlayton@kernel.org \
--cc=josef@toxicpanda.com \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).