commit 95e44678cb4b20d999295e13e904d34ba3ea98cb
author Jaegeuk Kim <jaegeuk@google.com> Wed Nov 27 10:59:53 2019 -0800
committer Alexander Martinz <amartinz@shiftphones.com> Tue Dec 13 01:50:26 2022 +0100
tree 7118dfc6c3bb2105a0fba27b4428117e7de64ece
parent 753608de29b465d87ee5772ec92e798e1427f875

f2fs, dm-default-key: should skip dm-default-key only for FBE blocks

GC moves data blocks when they require post_read_process. If the blocks
were encrypted by FBE, we had to skip another encryption by dm-default-key. [1]

Fsverity borrows the above IO flow when moving the blocks, but we missed that
we shoud move plain blocks if they're not FBE blocks, since dm-default-key
will use original LBA for DUN when decrypting the moved block like below.

1. GC w/o this patch (bi_crypt_skip=1)

FS: Verity non-FBE block   LBA#1                 ->    LBA#2
    (block A)
                           Encrypted_DUN(LBA#1)  ->    Encrypted_DUN(LBA#1)
                           |                           |
DM:                        Encrypted_DUN(LBA#1)        Encrypted_DUN(LBA#1)

When reading LBA#2, the block is decrypted by DUN#LAB#1, which is wrong.

2. GC w/ this patch (bi_crypt_skip=0)

FS: Verity non-FBE block   LBA#1                 ->    LBA#2
    (block A)
                           Decrypted(block A)    ->    Decrypted(block A)
                           |                           |
DM:                        Encrypted_DUN(LBA#1)        Encrypted_DUN(LBA#2)

[1] commit af4ef71b89c5 ("dm-default-key, f2fs, ICE: support dm-default-key with f2fs/ICE")

Change-Id: I0ed594749f4037a675e636bdb55a6a318960f44d
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>