Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp927922ybl; Tue, 28 Jan 2020 15:05:30 -0800 (PST) X-Google-Smtp-Source: APXvYqyhUAseQ7zeb4+Po/JprZlq5t3WKxLhUckmYjDvaD88Tua5bECHtcU0fyzJ8lY8sJ2EYSfu X-Received: by 2002:aca:6542:: with SMTP id j2mr4584847oiw.69.1580252730203; Tue, 28 Jan 2020 15:05:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580252730; cv=none; d=google.com; s=arc-20160816; b=1AAIlXpIikmBx326GnQK4mgZhArH4+kVEzJfBCc874bQ464pJbuiP4CRefsYRbTwyX gtEb7xT1v2CzJIRNtDnQ7dDw2I+bfaU/xmuhgKTmnje6oV/REFOnAeE7kxkeUzXPqkgj VCn0noTffjv5RmpkALSsML2re+OXySrIOd2hEGdT6xKN2TLXNxVvf9zjEET5050tvQ1M Y2ioYhCkNL7UY4BLIdGDSVnkMBio/8kkjOxdfaOTRAOvRC7KfyC58R2G2Nsi86bqWzW4 NAzEirOoNOFVfZImG1WuMmtT2KDIe/wa+RR4ORwibnIxB24mx+SXskdSWvky6/ryte0V Gh6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:mime-version :message-id:date:dkim-signature; bh=4wthl79HWP0T/o9zvBpWHIzpNLIBPxOPJx5PymHVG6Q=; b=xKiJGqDA1Z3G86XZ0PR1kv808GP37/itiOOX8uJT157TU7sNhJ1msdOhreNmRA/BrA mZw+aETUdEBmknMqLdZeObw37UKOvOzpnS0gNXX7cwnXC9RiyPWFSt3lMD3ZJcWsmS/J +9LsxCt61JHhnoTwVN/Puk8icy/Ufel+rNBB3F+MI2IJqv2RDOsqfFbI371hQMre4I09 FttLw17CcYFP6IvPzhxBVSIjwbc7Als0vfqJl6XMy6yYuFo2pTWOxfrWYDFJR2hPJyVF YxqUvM/i/ieXYzlU4S3uhtj1AFuiPfD1mAePuuQavYNKCT5BK8J9w0KmEyPo6nMslwh7 ECRg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="GDX/C/OS"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e192si137621oib.82.2020.01.28.15.05.18; Tue, 28 Jan 2020 15:05:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="GDX/C/OS"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726540AbgA1XEX (ORCPT + 99 others); Tue, 28 Jan 2020 18:04:23 -0500 Received: from mail-pf1-f202.google.com ([209.85.210.202]:48633 "EHLO mail-pf1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726442AbgA1XEX (ORCPT ); Tue, 28 Jan 2020 18:04:23 -0500 Received: by mail-pf1-f202.google.com with SMTP id u13so9519315pfl.15 for ; Tue, 28 Jan 2020 15:04:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=4wthl79HWP0T/o9zvBpWHIzpNLIBPxOPJx5PymHVG6Q=; b=GDX/C/OSuHuMeBJ1ahgPZL1VVGEdTJy/yP3LL9+inyqMwkRHK7dFp/+xG9iD5I3Wye R8FtJLFJ0eV70EjeSjg0U5qKk8bSzCa1QbG+lL0sub2v+jXGlXmnUJiDQTieWdmoJRZV aEnhZYhnDWVpjcVBM8BKswB2TVHRR/Zw2QhMO3zPPcBHrLgbdTdvsKjAa5dI1XUBjCHL spmbAHxV0hBMSAK/CaKKdUNumnezHwIPqNO1a9JQZ9rUo5YhVBh1WYO9WyquZ7bULg08 P/qSWjuqXIzcKanpjDIRuMerEfswNe+d9wkqs/hJKIaTCfLoyJCRVC1TZ7x8bQnI9TV9 rJQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=4wthl79HWP0T/o9zvBpWHIzpNLIBPxOPJx5PymHVG6Q=; b=Dq8Qg4dSf77YOutgGfj07Onr9JBd/OSZ4uDOhjpcMoFV3wsengqxDx8RvA6pZ432Or Cjt4NeJiB8kmAqfBq4OCzXLv4d9C7EQwhtgTQ0Yk37VgKnU1BnbPAqCDSeB0DMNkLStO kK+MgLHLkn6v20TqJabWFp4mn23t/uPE8F+GeMme8E26Vqn8zzQ8Jc40gY/ITObNVXax 6tuPkYeHRvk9jKKZxESAEGKUJsTNwqz7Edun3g6hTpXdFCMC73RFa6qo0EY1zjzp0Kdi fQTbVNp4sO5r2fEcc0tfmlZXhg7EKud2TUbioEOhr3qknUknsS9QI0kLEGn7gl+4J9tz oTiQ== X-Gm-Message-State: APjAAAUEKyfpkFZETJINGxGP4KJ0N9lKVLco0ZPYK4ElBy4ribcpd1JY M6QLlZJ8O1apoTbZFw98XN/fzVvHfo0= X-Received: by 2002:a63:1c1d:: with SMTP id c29mr27636876pgc.14.1580252662083; Tue, 28 Jan 2020 15:04:22 -0800 (PST) Date: Tue, 28 Jan 2020 15:03:23 -0800 Message-Id: <20200128230328.183524-1-drosen@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.25.0.341.g760bfbb309-goog Subject: [PATCH v6 0/5] Support fof Casefolding and Encryption From: Daniel Rosenberg To: "Theodore Ts'o" , linux-ext4@vger.kernel.org, Jaegeuk Kim , Chao Yu , linux-f2fs-devel@lists.sourceforge.net, Eric Biggers , linux-fscrypt@vger.kernel.org, Alexander Viro , Richard Weinberger Cc: linux-mtd@lists.infradead.org, Andreas Dilger , Jonathan Corbet , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Gabriel Krisman Bertazi , kernel-team@android.com, Daniel Rosenberg Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org These patches are all on top of fscrypt's development branch Ext4 and F2FS currently both support casefolding and encryption, but not at the same time. These patches aim to rectify that. I moved the identical casefolding dcache operations for ext4 and f2fs into fs/unicode, as all filesystems using casefolded names will want them. I've also adjust fscrypt to not set it's d_revalidate operation during it's prepare lookup, instead having the calling filesystem set it up. This is done to that the filesystem may have it's own dentry_operations. For Ext4, since the hash for encrypted casefolded directory names cannot be computed without the key, we need to store the hash on disk. We only do so for encrypted and casefolded directories to avoid on disk format changes. Previously encryption and casefolding could not be on the same filesystem, and we're relaxing that requirement. F2fs is a bit more straightforward since it already stores hashes on disk. I've updated the related tools with just enough to enable the feature. I still need to adjust ext4's fsck's, although without access to the keys, neither fsck will be able to verify the hashes of casefolded and encrypted names. v6 changes: Went back to using dentry_operations for casefolding. Provided standard implementations in fs/unicode, avoiding extra allocation in d_hash op. Moved fscrypt d_ops setting to be filesystem's responsibility to maintain compatibility with casefolding and overlayfs if casefolding is not used fixes some f2fs error handling v4-5: patches submitted on fscrypt v3 changes: fscrypt patch only creates hash key if it will be needed. Rebased on top of fscrypt branch, reconstified match functions in ext4/f2fs v2 changes: fscrypt moved to separate thread to rebase on fscrypt dev branch addressed feedback, plus some minor fixes Daniel Rosenberg (5): unicode: Add standard casefolded d_ops fscrypt: Have filesystems handle their d_ops f2fs: Handle casefolding with Encryption ext4: Hande casefolding with encryption ext4: Optimize match for casefolded encrypted dirs Documentation/filesystems/ext4/directory.rst | 27 ++ fs/crypto/fname.c | 7 +- fs/crypto/fscrypt_private.h | 1 - fs/crypto/hooks.c | 1 - fs/ext4/dir.c | 102 +++--- fs/ext4/ext4.h | 86 +++-- fs/ext4/hash.c | 26 +- fs/ext4/ialloc.c | 5 +- fs/ext4/inline.c | 41 ++- fs/ext4/namei.c | 325 ++++++++++++------- fs/ext4/super.c | 21 +- fs/f2fs/dir.c | 151 +++++---- fs/f2fs/f2fs.h | 16 +- fs/f2fs/hash.c | 25 +- fs/f2fs/inline.c | 9 +- fs/f2fs/namei.c | 1 + fs/f2fs/super.c | 17 +- fs/f2fs/sysfs.c | 8 +- fs/ubifs/dir.c | 18 + fs/unicode/utf8-core.c | 61 ++++ include/linux/fs.h | 10 + include/linux/fscrypt.h | 6 +- include/linux/unicode.h | 17 + 23 files changed, 644 insertions(+), 337 deletions(-) -- 2.25.0.341.g760bfbb309-goog