github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 14:42:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
45a6d3f518
linux/drivers/md
History
Eric Biggers b32863f17f ANDROID: dm: add dm-default-key target for metadata encryption 
Add a device-mapper target "dm-default-key" which assigns an encryption
key to bios that aren't for the contents of an encrypted file.

This ensures that all blocks on-disk will be encrypted with some key,
without the performance hit of file contents being encrypted twice when
fscrypt (File-Based Encryption) is used.

It is only appropriate to use dm-default-key when key configuration is
tightly controlled, like it is in Android, such that all fscrypt keys
are at least as hard to compromise as the default key.

Compared to the original version of dm-default-key, this has been
modified to use the new vendor-independent inline encryption framework
(which works even when no inline encryption hardware is present), the
table syntax has been changed to match dm-crypt, and support for
specifying Adiantum encryption has been added.  These changes also mean
that dm-default-key now always explicitly specifies the DUN (the IV).

Also, to handle f2fs moving blocks of encrypted files around without the
key, and to handle ext4 and f2fs filesystems mounted without
'-o inlinecrypt', the mapping logic is no longer "set a key on the bio
if it doesn't have one already", but rather "set a key on the bio unless
the bio has the bi_skip_dm_default_key flag set".  Filesystems set this
flag on *all* bios for encrypted file contents, regardless of whether
they are encrypting/decrypting the file using inline encryption or the
traditional filesystem-layer encryption, or moving the raw data.

For the bi_skip_dm_default_key flag, a new field in struct bio is used
rather than a bit in bi_opf so that fscrypt_set_bio_crypt_ctx() can set
the flag, minimizing the changes needed to filesystems.  (bi_opf is
usually overwritten after fscrypt_set_bio_crypt_ctx() is called.)

Bug: 137270441
Bug: 147814592
Change-Id: I69c9cd1e968ccf990e4ad96e5115b662237f5095
Signed-off-by: Eric Biggers <ebiggers@google.com>
2020-01-24 10:49:09 -08:00
..
bcache bcache: at least try to shrink 1 node in bch_mca_scan() 2020-01-04 19:12:58 +01:00
persistent-data dm btree: increase rebalance threshold in __rebalance2() 2019-12-21 10:57:41 +01:00
dm-bio-prison-v1.c dm: adjust structure members to improve alignment 2018-06-08 11:53:14 -04:00
dm-bio-prison-v1.h
dm-bio-prison-v2.c dm: adjust structure members to improve alignment 2018-06-08 11:53:14 -04:00
dm-bio-prison-v2.h
dm-bio-record.h block: replace bi_bdev with a gendisk pointer and partitions index 2017-08-23 12:49:55 -06:00
dm-bow.c ANDROID: dm: enable may_passthrough_inline_crypto on some targets 2020-01-24 10:49:09 -08:00
dm-bufio.c UPSTREAM: dm bufio: introduce a global cache replacement 2019-10-31 15:53:20 +01:00
dm-builtin.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dm-cache-background-tracker.c dm cache background tracker: fix sparse warning 2018-04-30 15:40:40 -04:00
dm-cache-background-tracker.h
dm-cache-block-types.h
dm-cache-metadata.c dm cache metadata: Fix loading discard bitset 2019-05-25 18:23:38 +02:00
dm-cache-metadata.h
dm-cache-policy-internal.h
dm-cache-policy-smq.c treewide: Use array_size() in vzalloc() 2018-06-12 16:19:22 -07:00
dm-cache-policy.c
dm-cache-policy.h
dm-cache-target.c dm cache: fix bugs when a GFP_NOWAIT allocation fails 2019-10-29 09:20:03 +01:00
dm-core.h dm: disable DISCARD if the underlying storage no longer supports it 2019-08-25 10:48:01 +02:00
dm-crypt.c This is the 4.19.73 stable release 2019-09-16 09:35:02 +02:00
dm-default-key.c ANDROID: dm: add dm-default-key target for metadata encryption 2020-01-24 10:49:09 -08:00
dm-delay.c dm delay: fix a crash when invalid device is specified 2019-05-25 18:23:39 +02:00
dm-era-target.c dm: allow targets to return output from messages they are sent 2018-04-03 15:04:10 -04:00
dm-exception-store.c
dm-exception-store.h
dm-flakey.c dm flakey: Properly corrupt multi-page bios. 2019-12-05 09:20:36 +01:00
dm-integrity.c dm integrity: fix a crash due to BUG_ON in __journal_read_write() 2019-08-29 08:28:55 +02:00
dm-io.c dm: Use kzalloc for all structs with embedded biosets/mempools 2018-06-05 08:47:43 -06:00
dm-ioctl.c dm ioctl: harden copy_params()'s copy_from_user() from malicious users 2018-11-13 11:08:49 -08:00
dm-kcopyd.c dm kcopyd: always complete failed jobs 2019-08-29 08:28:55 +02:00
dm-linear.c ANDROID: dm: enable may_passthrough_inline_crypto on some targets 2020-01-24 10:49:09 -08:00
dm-log-userspace-base.c dm: convert to bioset_init()/mempool_init() 2018-05-30 15:33:32 -06:00
dm-log-userspace-transfer.c
dm-log-userspace-transfer.h
dm-log-writes.c dm log writes: make sure super sector log updates are written in order 2019-07-03 13:14:45 +02:00
dm-log.c
dm-mpath.c dm mpath: remove harmful bio-based optimization 2019-12-21 10:57:40 +01:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-queue-length.c dm mpath selector: more evenly distribute ties 2018-01-29 13:44:58 -05:00
dm-raid.c dm raid: fix false -EBUSY when handling check/repair message 2019-12-05 09:20:37 +01:00
dm-raid1.c dm: Check for device sector overflow if CONFIG_LBDAF is not set 2019-01-26 09:32:42 +01:00
dm-region-hash.c - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
dm-round-robin.c
dm-rq.c blk-mq: add callback of .cleanup_rq 2019-10-05 13:10:03 +02:00
dm-rq.h dm rq: do not update rq partially in each ending bio 2017-08-28 10:23:28 -04:00
dm-service-time.c dm mpath selector: more evenly distribute ties 2018-01-29 13:44:58 -05:00
dm-snap-persistent.c block: fix an integer overflow in logical block size 2020-01-23 08:21:29 +01:00
dm-snap-transient.c
dm-snap.c dm snapshot: rework COW throttling to fix deadlock 2019-11-06 13:05:11 +01:00
dm-stats.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
dm-stats.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dm-stripe.c dax: Introduce a ->copy_to_iter dax operation 2018-05-22 23:18:31 -07:00
dm-switch.c treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
dm-sysfs.c
dm-table.c ANDROID: dm: add support for passing through inline crypto support 2020-01-24 10:49:09 -08:00
dm-target.c dm mpath: fix missing call of path selector type->end_io 2019-09-16 08:22:12 +02:00
dm-thin-metadata.c dm thin metadata: check if in fail_io mode when setting needs_check 2019-09-16 08:22:21 +02:00
dm-thin-metadata.h dm thin: fix passdown_double_checking_shared_status() 2019-01-31 08:14:38 +01:00
dm-thin.c dm thin: add sanity checks to thin-pool and external snapshot creation 2019-04-05 22:32:59 +02:00
dm-uevent.c
dm-uevent.h
dm-unstripe.c dm: Check for device sector overflow if CONFIG_LBDAF is not set 2019-01-26 09:32:42 +01:00
dm-verity-avb.c ANDROID: AVB error handler to invalidate vbmeta partition. 2018-12-05 09:48:12 -08:00
dm-verity-fec.c Refactors rslib and callers to provide a per-instance allocation area 2018-06-05 10:48:05 -07:00
dm-verity-fec.h dm: convert to bioset_init()/mempool_init() 2018-05-30 15:33:32 -06:00
dm-verity-target.c This is the 4.19.60 stable release 2019-07-22 14:36:16 +02:00
dm-verity.h ANDROID: AVB error handler to invalidate vbmeta partition. 2018-12-05 09:48:12 -08:00
dm-writecache.c dm writecache: handle REQ_FUA 2019-12-17 20:34:52 +01:00
dm-zero.c
dm-zoned-metadata.c dm zoned: reduce overhead of backing device checks 2019-12-17 20:34:53 +01:00
dm-zoned-reclaim.c dm zoned: reduce overhead of backing device checks 2019-12-17 20:34:53 +01:00
dm-zoned-target.c dm zoned: reduce overhead of backing device checks 2019-12-17 20:34:53 +01:00
dm-zoned.h dm zoned: reduce overhead of backing device checks 2019-12-17 20:34:53 +01:00
dm.c ANDROID: dm: add support for passing through inline crypto support 2020-01-24 10:49:09 -08:00
dm.h dm: move dm_table_destroy() to same header as dm_table_create() 2018-01-17 09:16:06 -05:00
Kconfig ANDROID: dm: add dm-default-key target for metadata encryption 2020-01-24 10:49:09 -08:00
Makefile ANDROID: dm: add dm-default-key target for metadata encryption 2020-01-24 10:49:09 -08:00
md-bitmap.c md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit 2019-12-31 16:35:25 +01:00
md-bitmap.h md: Avoid namespace collision with bitmap API 2018-08-01 15:49:39 -07:00
md-cluster.c md-cluster: release RESYNC lock after the last resync message 2018-08-31 17:38:10 -07:00
md-cluster.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
md-faulty.c md: convert to bioset_init()/mempool_init() 2018-05-30 15:33:32 -06:00
md-linear.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 20:34:55 +01:00
md-linear.h Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md 2017-11-14 16:07:26 -08:00
md-multipath.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 20:34:55 +01:00
md-multipath.h md: convert to bioset_init()/mempool_init() 2018-05-30 15:33:32 -06:00
md.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 20:34:55 +01:00
md.h md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 20:34:55 +01:00
raid1-10.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
raid1.c md: raid1: check rdev before reference in raid1_sync_request func 2020-01-09 10:18:57 +01:00
raid1.h md: convert to bioset_init()/mempool_init() 2018-05-30 15:33:32 -06:00
raid5-cache.c md/raid5: fix 'out of memory' during raid cache recovery 2019-02-06 17:30:16 +01:00
raid5-log.h md/raid5-cache: disable reshape completely 2018-08-31 17:38:09 -07:00
raid5-ppl.c md: convert to bioset_init()/mempool_init() 2018-05-30 15:33:32 -06:00
raid5.c raid5: need to set STRIPE_HANDLE for batch head 2019-12-17 20:36:00 +01:00
raid5.h Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md 2018-06-09 12:01:36 -07:00
raid10.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 20:34:55 +01:00
raid10.h md: convert to bioset_init()/mempool_init() 2018-05-30 15:33:32 -06:00
raid0.c block: fix an integer overflow in logical block size 2020-01-23 08:21:29 +01:00
raid0.h md/raid0: avoid RAID0 data corruption due to layout confusion. 2019-10-05 13:10:12 +02:00