Hello, This is the newly reworked fscrypt support for btrfs. There have been a few things changed since Sweet Tea's last post[1], and my RFC[2]. The changes from Sweet Tea's patchset are mostly related to the fscrypt changes, but I'll detail them here - We have a fscrypt_extent_info struct that simply has the blk key in it and a nonce. - We have a stripped down on disk context that just has what we need for extents. At this time we only care about the nonce, everything else is supposed to match the owning inode. - I've disabled everything except bog standard v2 policies to limit the complexity. - Added the necessary hooks we needed for checksumming the encrypted bios. - Reworked the on-disk stuff to be better described and accessed through helpers. - Plumbed through the fscrypt_extent_info through everything to simplify the API calls we need from fscrypt. - Instead of handling async key free'ing in fscrypt, handle the case where we're freeing extent_maps under the lock in a safe way. This is cleaner than pushing this into fscrypt. - Fixed a few things that fsstress uncovered in testing. Changes to the fscrypt code since my RFC - Took Eric's advice and added the policy and key to the extent context, this way if we want to in the future we could handle key changing. - Added a helper to give us the fscrypt extent info context size. We need the size ahead of time to setup the item properly. - Fixed the blk crypto fallback not actually working with our process_bio callback. Added a policy flag to make sure the checks work properly. - Added some documentation. Things left to do - I still have to update fstests to deal with v2 only policies. I haven't touched fstests at all yet, I've merely done my own rough testing with fsstress. - Update the btrfs-progs patches. This needs to be done to get the fstests stuff to work as well. - fsverity still isn't encrypted. I'm going to hit that next, it should be straightforward enough. This is based on for-next from Dave's tree [3], but in case that moves between now and then you can see my current branch here [4]. Thanks, Josef [1] https://lore.kernel.org/linux-fscrypt/cover.1693630890.git.sweettea-kernel@xxxxxxxxxx/ [2] https://lore.kernel.org/linux-btrfs/cover.1694738282.git.josef@xxxxxxxxxxxxxx/ [3] https://github.com/kdave/btrfs-devel/tree/for-next [4] https://github.com/josefbacik/linux/tree/fscrypt Josef Bacik (20): fscrypt: rename fscrypt_info => fscrypt_inode_info fscrypt: add per-extent encryption support fscrypt: disable all but standard v2 policies for extent encryption blk-crypto: add a process bio callback fscrypt: add documentation about extent encryption btrfs: add infrastructure for safe em freeing btrfs: add fscrypt_info and encryption_type to ordered_extent btrfs: plumb through setting the fscrypt_info for ordered extents btrfs: populate the ordered_extent with the fscrypt context btrfs: keep track of fscrypt info and orig_start for dio reads btrfs: add an optional encryption context to the end of file extents btrfs: pass through fscrypt_extent_info to the file extent helpers btrfs: pass the fscrypt_info through the replace extent infrastructure btrfs: implement the fscrypt extent encryption hooks btrfs: setup fscrypt_extent_info for new extents btrfs: populate ordered_extent with the orig offset btrfs: set the bio fscrypt context when applicable btrfs: add a bio argument to btrfs_csum_one_bio btrfs: add orig_logical to btrfs_bio btrfs: implement process_bio cb for fscrypt Omar Sandoval (7): fscrypt: expose fscrypt_nokey_name btrfs: disable various operations on encrypted inodes btrfs: start using fscrypt hooks btrfs: add inode encryption contexts btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag btrfs: adapt readdir for encrypted and nokey names btrfs: implement fscrypt ioctls Sweet Tea Dorminy (8): btrfs: disable verity on encrypted inodes btrfs: handle nokey names. btrfs: add encryption to CONFIG_BTRFS_DEBUG btrfs: add get_devices hook for fscrypt btrfs: turn on inlinecrypt mount option for encrypt btrfs: set file extent encryption excplicitly btrfs: add fscrypt_info and encryption_type to extent_map btrfs: explicitly track file extent length for replace and drop Documentation/filesystems/fscrypt.rst | 36 ++ block/blk-crypto-fallback.c | 28 ++ block/blk-crypto-profile.c | 2 + block/blk-crypto.c | 6 +- fs/btrfs/Makefile | 1 + fs/btrfs/accessors.h | 50 +++ fs/btrfs/bio.c | 45 ++- fs/btrfs/bio.h | 6 + fs/btrfs/btrfs_inode.h | 3 +- fs/btrfs/compression.c | 6 + fs/btrfs/ctree.h | 4 + fs/btrfs/defrag.c | 10 +- fs/btrfs/delayed-inode.c | 29 +- fs/btrfs/delayed-inode.h | 6 +- fs/btrfs/dir-item.c | 108 +++++- fs/btrfs/dir-item.h | 11 +- fs/btrfs/extent_io.c | 81 ++++- fs/btrfs/extent_io.h | 3 + fs/btrfs/extent_map.c | 106 +++++- fs/btrfs/extent_map.h | 12 + fs/btrfs/file-item.c | 17 +- fs/btrfs/file-item.h | 7 +- fs/btrfs/file.c | 16 +- fs/btrfs/fs.h | 3 +- fs/btrfs/fscrypt.c | 326 ++++++++++++++++++ fs/btrfs/fscrypt.h | 95 +++++ fs/btrfs/inode.c | 476 ++++++++++++++++++++------ fs/btrfs/ioctl.c | 41 ++- fs/btrfs/ordered-data.c | 26 +- fs/btrfs/ordered-data.h | 21 +- fs/btrfs/reflink.c | 8 + fs/btrfs/root-tree.c | 8 +- fs/btrfs/root-tree.h | 2 +- fs/btrfs/super.c | 17 + fs/btrfs/sysfs.c | 6 + fs/btrfs/tree-checker.c | 66 +++- fs/btrfs/tree-log.c | 26 +- fs/btrfs/verity.c | 3 + fs/crypto/crypto.c | 23 +- fs/crypto/fname.c | 45 +-- fs/crypto/fscrypt_private.h | 87 ++++- fs/crypto/hooks.c | 2 +- fs/crypto/inline_crypt.c | 100 +++++- fs/crypto/keyring.c | 4 +- fs/crypto/keysetup.c | 190 +++++++++- fs/crypto/keysetup_v1.c | 14 +- fs/crypto/policy.c | 70 +++- include/linux/blk-crypto-profile.h | 7 + include/linux/blk-crypto.h | 9 +- include/linux/fs.h | 4 +- include/linux/fscrypt.h | 123 ++++++- include/uapi/linux/btrfs.h | 1 + include/uapi/linux/btrfs_tree.h | 35 +- 53 files changed, 2144 insertions(+), 287 deletions(-) create mode 100644 fs/btrfs/fscrypt.c create mode 100644 fs/btrfs/fscrypt.h -- 2.41.0