ext4: Enable encryption for subpage-sized blocks

Now that we have the code to support encryption for subpage-sized blocks, this commit removes the conditional check in filesystem mount code. The commit also changes the support statement in Documentation/filesystems/fscrypt.rst to reflect the fact that encryption on filesystems with blocksize less than page size now works. [EB: Tested with 'gce-xfstests -c ext4/encrypt_1k -g auto', using the new "encrypt_1k" config I created. All tests pass except for those that already fail or are excluded with the encrypt or 1k configs, and 2 tests that try to create 1023-byte symlinks which fails since encrypted symlinks are limited to blocksize-3 bytes. Also ran the dedicated encryption tests using 'kvm-xfstests -c ext4/1k -g encrypt'; all pass, including the on-disk ciphertext verification tests.] Signed-off-by: N Chandan Rajendra <chandan@linux.ibm.com> Signed-off-by: N Eric Biggers <ebiggers@google.com> Link: https://lore.kernel.org/r/20191023033312.361355-3-ebiggers@kernel.orgSigned-off-by: N Theodore Ts'o <tytso@mit.edu>

ext4: Enable encryption for subpage-sized blocks
Now that we have the code to support encryption for subpage-sized blocks, this commit removes the conditional check in filesystem mount code. The commit also changes the support statement in Documentation/filesystems/fscrypt.rst to reflect the fact that encryption on filesystems with blocksize less than page size now works. [EB: Tested with 'gce-xfstests -c ext4/encrypt_1k -g auto', using the new "encrypt_1k" config I created. All tests pass except for those that already fail or are excluded with the encrypt or 1k configs, and 2 tests that try to create 1023-byte symlinks which fails since encrypted symlinks are limited to blocksize-3 bytes. Also ran the dedicated encryption tests using 'kvm-xfstests -c ext4/1k -g encrypt'; all pass, including the on-disk ciphertext verification tests.] Signed-off-by: N Chandan Rajendra <chandan@linux.ibm.com> Signed-off-by: N Eric Biggers <ebiggers@google.com> Link: https://lore.kernel.org/r/20191023033312.361355-3-ebiggers@kernel.orgSigned-off-by: N Theodore Ts'o <tytso@mit.edu>
196624e1 · Chandan Rajendra · Theodore Ts'o · 31fb992c · 196624e1 · 196624e1
隐藏空白更改
内联并排

Showing with 2 addition and 9 deletion

Documentation/filesystems/fscrypt.rst Documentation/filesystems/fscrypt.rst +2 -2

fs/ext4/super.c fs/ext4/super.c +0 -7

未找到文件。
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -331,8 +331,8 @@ Contents encryption
 -------------------

 For file contents, each filesystem block is encrypted independently.
-Currently, only the case where the filesystem block size is equal to
-the system's page size (usually 4096 bytes) is supported.
+Starting from Linux kernel 5.5, encryption of filesystems with block
+size less than system's page size is supported.

 Each block's IV is set to the logical block number within the file as
 a little endian number, except that:

--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -4429,13 +4429,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
 		}
 	}

-	if ((DUMMY_ENCRYPTION_ENABLED(sbi) || ext4_has_feature_encrypt(sb)) &&
-	    (blocksize != PAGE_SIZE)) {
-		ext4_msg(sb, KERN_ERR,
-			 "Unsupported blocksize for fs encryption");
-		goto failed_mount_wq;
-	}
-
 	if (ext4_has_feature_verity(sb) && blocksize != PAGE_SIZE) {
 		ext4_msg(sb, KERN_ERR, "Unsupported blocksize for fs-verity");
 		goto failed_mount_wq;