Is one of the encryption types able to be hardware accelerated by
newer CPUs, as we do for CRC32c? My recollection is that AES-NI
can be hardware accelerated, but I don't know whether that maps
to the AES-256-{XTS, GCM, CBC} modes that are included with
this patch. It would be worthwhile to confirm this before hard-coding
the supported encryption types in the kernel.
Cheers, Andreas
> On Jan 23, 2015, at 11:36, Theodore Ts'o <tytso@xxxxxxx> wrote:
>
> Signed-off-by: Theodore Ts'o <tytso@xxxxxxx>
> ---
> fs/ext4/ext4.h | 17 +++++++++++++----
> 1 file changed, 13 insertions(+), 4 deletions(-)
>
> diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
> index a75fba6..b7f393d 100644
> --- a/fs/ext4/ext4.h
> +++ b/fs/ext4/ext4.h
> @@ -364,7 +364,8 @@ struct flex_groups {
> #define EXT4_DIRTY_FL 0x00000100
> #define EXT4_COMPRBLK_FL 0x00000200 /* One or more compressed clusters */
> #define EXT4_NOCOMPR_FL 0x00000400 /* Don't compress */
> -#define EXT4_ECOMPR_FL 0x00000800 /* Compression error */
> + /* nb: was previously EXT2_ECOMPR_FL */
> +#define EXT4_ENCRYPT_FL 0x00000800 /* encrypted file */
> /* End compression flags --- maybe not all used */
> #define EXT4_INDEX_FL 0x00001000 /* hash-indexed directory */
> #define EXT4_IMAGIC_FL 0x00002000 /* AFS directory */
> @@ -421,7 +422,7 @@ enum {
> EXT4_INODE_DIRTY = 8,
> EXT4_INODE_COMPRBLK = 9, /* One or more compressed clusters */
> EXT4_INODE_NOCOMPR = 10, /* Don't compress */
> - EXT4_INODE_ECOMPR = 11, /* Compression error */
> + EXT4_INODE_ENCRYPT = 11, /* Compression error */
> /* End compression flags --- maybe not all used */
> EXT4_INODE_INDEX = 12, /* hash-indexed directory */
> EXT4_INODE_IMAGIC = 13, /* AFS directory */
> @@ -466,7 +467,7 @@ static inline void ext4_check_flag_values(void)
> CHECK_FLAG_VALUE(DIRTY);
> CHECK_FLAG_VALUE(COMPRBLK);
> CHECK_FLAG_VALUE(NOCOMPR);
> - CHECK_FLAG_VALUE(ECOMPR);
> + CHECK_FLAG_VALUE(ENCRYPT);
> CHECK_FLAG_VALUE(INDEX);
> CHECK_FLAG_VALUE(IMAGIC);
> CHECK_FLAG_VALUE(JOURNAL_DATA);
> @@ -1043,6 +1044,12 @@ extern void ext4_set_bits(void *bm, int cur, int len);
> /* Metadata checksum algorithm codes */
> #define EXT4_CRC32C_CHKSUM 1
>
> +/* Encryption algorithms */
> +#define EXT4_ENCRYPTION_MODE_INVALID 0
> +#define EXT4_ENCRYPTION_MODE_AES_256_XTS 1
> +#define EXT4_ENCRYPTION_MODE_AES_256_GCM 2
> +#define EXT4_ENCRYPTION_MODE_AES_256_CBC 3
> +
> /*
> * Structure of the super block
> */
> @@ -1156,7 +1163,8 @@ struct ext4_super_block {
> __le32 s_grp_quota_inum; /* inode for tracking group quota */
> __le32 s_overhead_clusters; /* overhead blocks/clusters in fs */
> __le32 s_backup_bgs[2]; /* groups with sparse_super2 SBs */
> - __le32 s_reserved[106]; /* Padding to the end of the block */
> + __u8 s_encrypt_algos[4]; /* Encryption algorithms in use */
> + __le32 s_reserved[105]; /* Padding to the end of the block */
> __le32 s_checksum; /* crc32c(superblock) */
> };
>
> @@ -1537,6 +1545,7 @@ static inline void ext4_clear_state_flags(struct ext4_inode_info *ei)
> #define EXT4_FEATURE_INCOMPAT_BG_USE_META_CSUM 0x2000 /* use crc32c for bg */
> #define EXT4_FEATURE_INCOMPAT_LARGEDIR 0x4000 /* >2GB or 3-lvl htree */
> #define EXT4_FEATURE_INCOMPAT_INLINE_DATA 0x8000 /* data in inode */
> +#define EXT4_FEATURE_INCOMPAT_ENCRYPT 0x10000
>
> #define EXT2_FEATURE_COMPAT_SUPP EXT4_FEATURE_COMPAT_EXT_ATTR
> #define EXT2_FEATURE_INCOMPAT_SUPP (EXT4_FEATURE_INCOMPAT_FILETYPE| \
> --
> 2.1.0
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
