ext4: Enable encryption for subpage-sized blocks

Now that we have the code to support encryption for subpage-sized
blocks, this commit removes the conditional check in filesystem mount
code.

The commit also changes the support statement in
Documentation/filesystems/fscrypt.rst to reflect the fact that
encryption on filesystems with blocksize less than page size now works.

[EB: Tested with 'gce-xfstests -c ext4/encrypt_1k -g auto', using the
new "encrypt_1k" config I created.  All tests pass except for those that
already fail or are excluded with the encrypt or 1k configs, and 2 tests
that try to create 1023-byte symlinks which fails since encrypted
symlinks are limited to blocksize-3 bytes.  Also ran the dedicated
encryption tests using 'kvm-xfstests -c ext4/1k -g encrypt'; all pass,
including the on-disk ciphertext verification tests.]

Signed-off-by: Chandan Rajendra <chandan@linux.ibm.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20191023033312.361355-3-ebiggers@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
This commit is contained in:
Chandan Rajendra 2019-10-22 20:33:12 -07:00 committed by Theodore Ts'o
parent 31fb992ce6
commit 196624e192
2 changed files with 2 additions and 9 deletions

View File

@ -331,8 +331,8 @@ Contents encryption
------------------- -------------------
For file contents, each filesystem block is encrypted independently. For file contents, each filesystem block is encrypted independently.
Currently, only the case where the filesystem block size is equal to Starting from Linux kernel 5.5, encryption of filesystems with block
the system's page size (usually 4096 bytes) is supported. size less than system's page size is supported.
Each block's IV is set to the logical block number within the file as Each block's IV is set to the logical block number within the file as
a little endian number, except that: a little endian number, except that:

View File

@ -4429,13 +4429,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
} }
} }
if ((DUMMY_ENCRYPTION_ENABLED(sbi) || ext4_has_feature_encrypt(sb)) &&
(blocksize != PAGE_SIZE)) {
ext4_msg(sb, KERN_ERR,
"Unsupported blocksize for fs encryption");
goto failed_mount_wq;
}
if (ext4_has_feature_verity(sb) && blocksize != PAGE_SIZE) { if (ext4_has_feature_verity(sb) && blocksize != PAGE_SIZE) {
ext4_msg(sb, KERN_ERR, "Unsupported blocksize for fs-verity"); ext4_msg(sb, KERN_ERR, "Unsupported blocksize for fs-verity");
goto failed_mount_wq; goto failed_mount_wq;