ext4 crypto: add ext4 encryption facilities
authorMichael Halcrow <mhalcrow@google.com>
Wed, 15 Apr 2015 00:44:49 +0000 (20:44 -0400)
committerIan Chang <ianc@nvidia.com>
Wed, 1 Jun 2016 05:00:00 +0000 (13:00 +0800)
commit52f3670415e81d5e35b906badab04f70f752c104
tree760aab105ddad83e0cc77bcb034a0a164c36608e
parentacbb7c3afca18b71ed9a6b84f28de8aaa352e64d
ext4 crypto: add ext4 encryption facilities

On encrypt, we will re-assign the buffer_heads to point to a bounce
page rather than the control_page (which is the original page to write
that contains the plaintext). The block I/O occurs against the bounce
page.  On write completion, we re-assign the buffer_heads to the
original plaintext page.

On decrypt, we will attach a read completion callback to the bio
struct. This read completion will decrypt the read contents in-place
prior to setting the page up-to-date.

The current encryption mode, AES-256-XTS, lacks cryptographic
integrity. AES-256-GCM is in-plan, but we will need to devise a
mechanism for handling the integrity data.

Change-Id: I6e0569c9f19a82c75f4b545ad04ff7fdd1908d74
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Ildar Muslukhov <ildarm@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Theodore Ts'o <tytso@google.com>
fs/ext4/Makefile
fs/ext4/crypto.c [new file with mode: 0644]
fs/ext4/crypto_policy.c
fs/ext4/ext4.h
fs/ext4/ext4_crypto.h
fs/ext4/super.c