Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_kernel_shift_sdm845 / 95e44678cb4b20d999295e13e904d34ba3ea98cb^! / .
commit95e44678cb4b20d999295e13e904d34ba3ea98cb[log] [tgz]
authorJaegeuk Kim <jaegeuk@google.com>Wed Nov 27 10:59:53 2019 -0800
committerAlexander Martinz <amartinz@shiftphones.com>Tue Dec 13 01:50:26 2022 +0100
tree7118dfc6c3bb2105a0fba27b4428117e7de64ece
parent753608de29b465d87ee5772ec92e798e1427f875 [diff]
f2fs, dm-default-key: should skip dm-default-key only for FBE blocks

GC moves data blocks when they require post_read_process. If the blocks
were encrypted by FBE, we had to skip another encryption by dm-default-key. [1]

Fsverity borrows the above IO flow when moving the blocks, but we missed that
we shoud move plain blocks if they're not FBE blocks, since dm-default-key
will use original LBA for DUN when decrypting the moved block like below.

1. GC w/o this patch (bi_crypt_skip=1)

FS: Verity non-FBE block   LBA#1                 ->    LBA#2
    (block A)
                           Encrypted_DUN(LBA#1)  ->    Encrypted_DUN(LBA#1)
                           |                           |
DM:                        Encrypted_DUN(LBA#1)        Encrypted_DUN(LBA#1)

When reading LBA#2, the block is decrypted by DUN#LAB#1, which is wrong.

2. GC w/ this patch (bi_crypt_skip=0)

FS: Verity non-FBE block   LBA#1                 ->    LBA#2
    (block A)
                           Decrypted(block A)    ->    Decrypted(block A)
                           |                           |
DM:                        Encrypted_DUN(LBA#1)        Encrypted_DUN(LBA#2)

[1] commit af4ef71b89c5 ("dm-default-key, f2fs, ICE: support dm-default-key with f2fs/ICE")

Change-Id: I0ed594749f4037a675e636bdb55a6a318960f44d
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>

diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c
index 21ce042..058d8b9 100644
--- a/fs/f2fs/data.c
+++ b/fs/f2fs/data.c

@@ -544,7 +544,7 @@ int f2fs_submit_page_bio(struct f2fs_io_info *fio)
 
 	if (f2fs_may_encrypt_bio(inode, fio))
 		fscrypt_set_ice_dun(inode, bio, PG_DUN(inode, fio->page));
-	fscrypt_set_ice_skip(bio, fio->encrypted_page ? 1 : 0);
+	fscrypt_set_ice_skip(bio, f2fs_encrypted_file(inode));
 
 	if (bio_add_page(bio, page, PAGE_SIZE, 0) < PAGE_SIZE) {
 		bio_put(bio);
@@ -744,7 +744,7 @@ int f2fs_merge_page_bio(struct f2fs_io_info *fio)
 
 	inode = fio->page->mapping->host;
 	dun = PG_DUN(inode, fio->page);
-	bi_crypt_skip = fio->encrypted_page ? 1 : 0;
+	bi_crypt_skip = f2fs_encrypted_file(inode);
 	bio_encrypted = f2fs_may_encrypt_bio(inode, fio);
 	fio->op_flags |= fio->encrypted_page ? REQ_NOENCRYPT : 0;
 
@@ -814,7 +814,7 @@ void f2fs_submit_page_write(struct f2fs_io_info *fio)
 
 	inode = fio->page->mapping->host;
 	dun = PG_DUN(inode, fio->page);
-	bi_crypt_skip = fio->encrypted_page ? 1 : 0;
+	bi_crypt_skip = f2fs_encrypted_file(inode);
 	bio_encrypted = f2fs_may_encrypt_bio(inode, fio);
 
 	/* set submitted = true as a return value */