Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 367c46b1 authored by Shivaprasad Hongal's avatar Shivaprasad Hongal
Browse files

Enable hardware based FBE on f2fs and adapt ext4 fs 



Hardware File Based Encryption (FBE) uses inline crypto
engine to encrypt the user data.
1. security/pfk: changes to support per file
   encryption for f2fs using hardware crypto engine.
2. fs/ext4: adapted crypto APIs for generic crypto layer.
3. fs/f2fs: support hardware crypto engine based per file
   encryption.
4. fs/crypto: export APIs to support hardware crypto
   engine based per file encryption.
5. security/pfe: added wrapped key support based on
   upstream changes.
Other changes made to provide support framework for per
file encryption.

Reverting commit e02a4e21 ("ext4: Add HW File Based
Encryption on ext4 file system") and adding changes to
have FBE in sync with upstream implementation of FBE.

Change-Id: I17f9909c43ba744eb874f6d237745fbf88a2b848
Signed-off-by: default avatarShivaprasad Hongal <shongal@codeaurora.org>
parent 2129ce57

block/bio.c

+9 −0
Original line number Diff line number Diff line
@@ -577,6 +577,14 @@ inline int bio_phys_segments(struct request_queue *q, struct bio *bio) 
}

EXPORT_SYMBOL(bio_phys_segments);



static inline void bio_clone_crypt_key(struct bio *dst, const struct bio *src)

{

#ifdef CONFIG_PFK

	dst->bi_crypt_key = src->bi_crypt_key;

	dst->bi_iter.bi_dun = src->bi_iter.bi_dun;

#endif

}



/**

 * 	__bio_clone_fast - clone a bio that shares the original bio's biovec

 * 	@bio: destination bio
@@ -606,6 +614,7 @@ void __bio_clone_fast(struct bio *bio, struct bio *bio_src) 
	bio->bi_iter = bio_src->bi_iter;

	bio->bi_io_vec = bio_src->bi_io_vec;

	bio->bi_dio_inode = bio_src->bi_dio_inode;

	bio_clone_crypt_key(bio, bio_src);

	bio_clone_blkcg_association(bio, bio_src);

}

EXPORT_SYMBOL(__bio_clone_fast);

block/blk-merge.c

+3 −2
Original line number Diff line number Diff line
@@ -7,9 +7,9 @@ 
#include <linux/bio.h>

#include <linux/blkdev.h>

#include <linux/scatterlist.h>

#include <linux/pfk.h>

#include <trace/events/block.h>



#include <trace/events/block.h>

#include <linux/pfk.h>

#include "blk.h"



static struct bio *blk_bio_discard_split(struct request_queue *q,
@@ -705,6 +705,7 @@ static struct request *attempt_merge(struct request_queue *q, 


	if (crypto_not_mergeable(req->bio, next->bio))

		return 0;



	/*

	 * If we are allowed to merge, then append bio list

	 * from next to rq and release next. merge_requests_fn

block/elevator.c

+5 −3
Original line number Diff line number Diff line
@@ -436,7 +436,7 @@ enum elv_merge elv_merge(struct request_queue *q, struct request **req, 
{

	struct elevator_queue *e = q->elevator;

	struct request *__rq;



	enum elv_merge ret;

	/*

	 * Levels of merges:

	 * 	nomerges:  No merges at all attempted
@@ -449,9 +449,11 @@ enum elv_merge elv_merge(struct request_queue *q, struct request **req, 
	/*

	 * First try one-hit cache.

	 */

	if (q->last_merge && elv_bio_merge_ok(q->last_merge, bio)) {

		enum elv_merge ret = blk_try_merge(q->last_merge, bio);

	if (q->last_merge) {

		if (!elv_bio_merge_ok(q->last_merge, bio))

			return ELEVATOR_NO_MERGE;



		ret = blk_try_merge(q->last_merge, bio);

		if (ret != ELEVATOR_NO_MERGE) {

			*req = q->last_merge;

			return ret;

drivers/crypto/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -773,4 +773,5 @@ config CRYPTO_DEV_ARTPEC6 
if ARCH_QCOM

source drivers/crypto/msm/Kconfig

endif



endif # CRYPTO_HW

drivers/scsi/scsi_lib.c

+2 −0
Original line number Diff line number Diff line
@@ -2159,6 +2159,8 @@ void __scsi_init_queue(struct Scsi_Host *shost, struct request_queue *q) 
	if (!shost->use_clustering)

		q->limits.cluster = 0;



	if (shost->inlinecrypt_support)

		queue_flag_set_unlocked(QUEUE_FLAG_INLINECRYPT, q);

	/*

	 * Set a reasonable default alignment:  The larger of 32-byte (dword),

	 * which is a common minimum for HBAs, and the minimum DMA alignment,