From: Josef Bacik <josef@toxicpanda.com>
To: linux-btrfs@vger.kernel.org, kernel-team@fb.com,
ebiggers@kernel.org, linux-fscrypt@vger.kernel.org,
ngompa13@gmail.com
Subject: [PATCH 00/35] btrfs: add fscrypt support
Date: Tue, 26 Sep 2023 14:01:26 -0400 [thread overview]
Message-ID: <cover.1695750478.git.josef@toxicpanda.com> (raw)
Hello,
This is the newly reworked fscrypt support for btrfs. There have been a few
things changed since Sweet Tea's last post[1], and my RFC[2]. The changes from
Sweet Tea's patchset are mostly related to the fscrypt changes, but I'll detail
them here
- We have a fscrypt_extent_info struct that simply has the blk key in it and a
nonce.
- We have a stripped down on disk context that just has what we need for
extents. At this time we only care about the nonce, everything else is
supposed to match the owning inode.
- I've disabled everything except bog standard v2 policies to limit the
complexity.
- Added the necessary hooks we needed for checksumming the encrypted bios.
- Reworked the on-disk stuff to be better described and accessed through
helpers.
- Plumbed through the fscrypt_extent_info through everything to simplify the
API calls we need from fscrypt.
- Instead of handling async key free'ing in fscrypt, handle the case where we're
freeing extent_maps under the lock in a safe way. This is cleaner than
pushing this into fscrypt.
- Fixed a few things that fsstress uncovered in testing.
Changes to the fscrypt code since my RFC
- Took Eric's advice and added the policy and key to the extent context, this
way if we want to in the future we could handle key changing.
- Added a helper to give us the fscrypt extent info context size. We need the
size ahead of time to setup the item properly.
- Fixed the blk crypto fallback not actually working with our process_bio
callback. Added a policy flag to make sure the checks work properly.
- Added some documentation.
Things left to do
- I still have to update fstests to deal with v2 only policies. I haven't
touched fstests at all yet, I've merely done my own rough testing with
fsstress.
- Update the btrfs-progs patches. This needs to be done to get the fstests
stuff to work as well.
- fsverity still isn't encrypted. I'm going to hit that next, it should be
straightforward enough.
This is based on for-next from Dave's tree [3], but in case that moves between
now and then you can see my current branch here [4]. Thanks,
Josef
[1] https://lore.kernel.org/linux-fscrypt/cover.1693630890.git.sweettea-kernel@dorminy.me/
[2] https://lore.kernel.org/linux-btrfs/cover.1694738282.git.josef@toxicpanda.com/
[3] https://github.com/kdave/btrfs-devel/tree/for-next
[4] https://github.com/josefbacik/linux/tree/fscrypt
Josef Bacik (20):
fscrypt: rename fscrypt_info => fscrypt_inode_info
fscrypt: add per-extent encryption support
fscrypt: disable all but standard v2 policies for extent encryption
blk-crypto: add a process bio callback
fscrypt: add documentation about extent encryption
btrfs: add infrastructure for safe em freeing
btrfs: add fscrypt_info and encryption_type to ordered_extent
btrfs: plumb through setting the fscrypt_info for ordered extents
btrfs: populate the ordered_extent with the fscrypt context
btrfs: keep track of fscrypt info and orig_start for dio reads
btrfs: add an optional encryption context to the end of file extents
btrfs: pass through fscrypt_extent_info to the file extent helpers
btrfs: pass the fscrypt_info through the replace extent infrastructure
btrfs: implement the fscrypt extent encryption hooks
btrfs: setup fscrypt_extent_info for new extents
btrfs: populate ordered_extent with the orig offset
btrfs: set the bio fscrypt context when applicable
btrfs: add a bio argument to btrfs_csum_one_bio
btrfs: add orig_logical to btrfs_bio
btrfs: implement process_bio cb for fscrypt
Omar Sandoval (7):
fscrypt: expose fscrypt_nokey_name
btrfs: disable various operations on encrypted inodes
btrfs: start using fscrypt hooks
btrfs: add inode encryption contexts
btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag
btrfs: adapt readdir for encrypted and nokey names
btrfs: implement fscrypt ioctls
Sweet Tea Dorminy (8):
btrfs: disable verity on encrypted inodes
btrfs: handle nokey names.
btrfs: add encryption to CONFIG_BTRFS_DEBUG
btrfs: add get_devices hook for fscrypt
btrfs: turn on inlinecrypt mount option for encrypt
btrfs: set file extent encryption excplicitly
btrfs: add fscrypt_info and encryption_type to extent_map
btrfs: explicitly track file extent length for replace and drop
Documentation/filesystems/fscrypt.rst | 36 ++
block/blk-crypto-fallback.c | 28 ++
block/blk-crypto-profile.c | 2 +
block/blk-crypto.c | 6 +-
fs/btrfs/Makefile | 1 +
fs/btrfs/accessors.h | 50 +++
fs/btrfs/bio.c | 45 ++-
fs/btrfs/bio.h | 6 +
fs/btrfs/btrfs_inode.h | 3 +-
fs/btrfs/compression.c | 6 +
fs/btrfs/ctree.h | 4 +
fs/btrfs/defrag.c | 10 +-
fs/btrfs/delayed-inode.c | 29 +-
fs/btrfs/delayed-inode.h | 6 +-
fs/btrfs/dir-item.c | 108 +++++-
fs/btrfs/dir-item.h | 11 +-
fs/btrfs/extent_io.c | 81 ++++-
fs/btrfs/extent_io.h | 3 +
fs/btrfs/extent_map.c | 106 +++++-
fs/btrfs/extent_map.h | 12 +
fs/btrfs/file-item.c | 17 +-
fs/btrfs/file-item.h | 7 +-
fs/btrfs/file.c | 16 +-
fs/btrfs/fs.h | 3 +-
fs/btrfs/fscrypt.c | 326 ++++++++++++++++++
fs/btrfs/fscrypt.h | 95 +++++
fs/btrfs/inode.c | 476 ++++++++++++++++++++------
fs/btrfs/ioctl.c | 41 ++-
fs/btrfs/ordered-data.c | 26 +-
fs/btrfs/ordered-data.h | 21 +-
fs/btrfs/reflink.c | 8 +
fs/btrfs/root-tree.c | 8 +-
fs/btrfs/root-tree.h | 2 +-
fs/btrfs/super.c | 17 +
fs/btrfs/sysfs.c | 6 +
fs/btrfs/tree-checker.c | 66 +++-
fs/btrfs/tree-log.c | 26 +-
fs/btrfs/verity.c | 3 +
fs/crypto/crypto.c | 23 +-
fs/crypto/fname.c | 45 +--
fs/crypto/fscrypt_private.h | 87 ++++-
fs/crypto/hooks.c | 2 +-
fs/crypto/inline_crypt.c | 100 +++++-
fs/crypto/keyring.c | 4 +-
fs/crypto/keysetup.c | 190 +++++++++-
fs/crypto/keysetup_v1.c | 14 +-
fs/crypto/policy.c | 70 +++-
include/linux/blk-crypto-profile.h | 7 +
include/linux/blk-crypto.h | 9 +-
include/linux/fs.h | 4 +-
include/linux/fscrypt.h | 123 ++++++-
include/uapi/linux/btrfs.h | 1 +
include/uapi/linux/btrfs_tree.h | 35 +-
53 files changed, 2144 insertions(+), 287 deletions(-)
create mode 100644 fs/btrfs/fscrypt.c
create mode 100644 fs/btrfs/fscrypt.h
--
2.41.0
next reply other threads:[~2023-09-26 18:03 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-26 18:01 Josef Bacik [this message]
2023-09-26 18:01 ` [PATCH 01/35] fscrypt: rename fscrypt_info => fscrypt_inode_info Josef Bacik
2023-09-26 18:01 ` [PATCH 02/35] fscrypt: add per-extent encryption support Josef Bacik
2023-09-26 18:01 ` [PATCH 03/35] fscrypt: disable all but standard v2 policies for extent encryption Josef Bacik
2023-09-26 18:01 ` [PATCH 04/35] blk-crypto: add a process bio callback Josef Bacik
2023-09-26 18:01 ` [PATCH 05/35] fscrypt: expose fscrypt_nokey_name Josef Bacik
2023-09-26 18:01 ` [PATCH 06/35] fscrypt: add documentation about extent encryption Josef Bacik
2023-09-26 18:01 ` [PATCH 07/35] btrfs: add infrastructure for safe em freeing Josef Bacik
2023-09-26 18:01 ` [PATCH 08/35] btrfs: disable various operations on encrypted inodes Josef Bacik
2023-09-26 18:01 ` [PATCH 09/35] btrfs: disable verity " Josef Bacik
2023-09-26 18:01 ` [PATCH 10/35] btrfs: start using fscrypt hooks Josef Bacik
2023-09-26 18:01 ` [PATCH 11/35] btrfs: add inode encryption contexts Josef Bacik
2023-09-26 18:01 ` [PATCH 12/35] btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag Josef Bacik
2023-09-26 18:01 ` [PATCH 13/35] btrfs: adapt readdir for encrypted and nokey names Josef Bacik
2023-10-07 1:15 ` kernel test robot
2023-09-26 18:01 ` [PATCH 14/35] btrfs: handle " Josef Bacik
2023-09-26 18:01 ` [PATCH 15/35] btrfs: implement fscrypt ioctls Josef Bacik
2023-09-26 18:01 ` [PATCH 16/35] btrfs: add encryption to CONFIG_BTRFS_DEBUG Josef Bacik
2023-09-26 18:01 ` [PATCH 17/35] btrfs: add get_devices hook for fscrypt Josef Bacik
2023-09-26 18:01 ` [PATCH 18/35] btrfs: turn on inlinecrypt mount option for encrypt Josef Bacik
2023-09-26 18:01 ` [PATCH 19/35] btrfs: set file extent encryption excplicitly Josef Bacik
2023-09-26 18:01 ` [PATCH 20/35] btrfs: add fscrypt_info and encryption_type to extent_map Josef Bacik
2023-09-26 18:01 ` [PATCH 21/35] btrfs: add fscrypt_info and encryption_type to ordered_extent Josef Bacik
2023-09-26 18:01 ` [PATCH 22/35] btrfs: plumb through setting the fscrypt_info for ordered extents Josef Bacik
2023-09-26 18:01 ` [PATCH 23/35] btrfs: populate the ordered_extent with the fscrypt context Josef Bacik
2023-09-26 18:01 ` [PATCH 24/35] btrfs: keep track of fscrypt info and orig_start for dio reads Josef Bacik
2023-09-26 18:01 ` [PATCH 25/35] btrfs: add an optional encryption context to the end of file extents Josef Bacik
2023-09-26 18:01 ` [PATCH 26/35] btrfs: explicitly track file extent length for replace and drop Josef Bacik
2023-09-26 18:01 ` [PATCH 27/35] btrfs: pass through fscrypt_extent_info to the file extent helpers Josef Bacik
2023-09-26 18:01 ` [PATCH 28/35] btrfs: pass the fscrypt_info through the replace extent infrastructure Josef Bacik
2023-09-26 18:01 ` [PATCH 29/35] btrfs: implement the fscrypt extent encryption hooks Josef Bacik
2023-09-26 18:01 ` [PATCH 30/35] btrfs: setup fscrypt_extent_info for new extents Josef Bacik
2023-09-26 18:01 ` [PATCH 31/35] btrfs: populate ordered_extent with the orig offset Josef Bacik
2023-09-26 18:01 ` [PATCH 32/35] btrfs: set the bio fscrypt context when applicable Josef Bacik
2023-09-26 18:01 ` [PATCH 33/35] btrfs: add a bio argument to btrfs_csum_one_bio Josef Bacik
2023-09-26 18:02 ` [PATCH 34/35] btrfs: add orig_logical to btrfs_bio Josef Bacik
2023-09-26 18:02 ` [PATCH 35/35] btrfs: implement process_bio cb for fscrypt Josef Bacik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1695750478.git.josef@toxicpanda.com \
--to=josef@toxicpanda.com \
--cc=ebiggers@kernel.org \
--cc=kernel-team@fb.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=ngompa13@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).