On Fri, Oct 21, 2016 at 06:24:00AM -0700, Christoph Hellwig wrote: > > Another reason why I did the buffer functions is because fscrypt_encrypt_page() > > always allocates a bounce page as temporary memory. For ext4 this is needed, > > for UBIFS not. > > UBIFS has already a construction buffer, especially since it also does compression. > > We should defintively find a way to avoid that, but it's a separate > issue from adding another API just to pass buffers. Hmm, one approach we could use is to avoid allocating a bounce page if the passed-in plaintext_page has the PageSlab flag set. That would work for ubifs, but if there are file systems that are using get_free_page() for their particular construction buffer. it wouldn't work for them. Perhaps more importantly, are you planning on making compression + encryption work? Some security purists will say that compression + encryption will leak some information about the plaintext (which is technically true, but it's much like the people who don't want make it easy to discard + encrypt, which Linus recently railed against). So my take is that as long as users understand that there are minor leakage issues with compression + encryption, we should let them do that --- and that would be an argument for supporting buffer operations, and only requiring that the buffer size must be a multiple of the underlying encryption block size. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
