On Fri, Dec 18, 2020 at 09:06:00AM +0800, Chao Yu wrote: > On 2020/12/17 23:10, Satya Tangirala via Linux-f2fs-devel wrote: > > Introduce native metadata encryption support for f2fs. All blocks > > other than the super block (and its redundant copy) are encrypted with the > > specified metadata encryption key and algorithm. The IV for each block is > > its block number in the filesystem. > > The same question as kernel side patchset, for node block, why not using its > nid as IV value? > I addressed this on the kernel side patchset too (because the reason is kernel related) at https://lore.kernel.org/linux-fscrypt/x9t8y3relyapc...@google.com/
But in summary, I think using nid as the IV value would have been good if we had the ability to specify the IV for each data unit in a bio independently of all the other data units in the bio. However, we can only specify the DUN of the first data unit in each bio with the bi_crypt_context, so it's better to make physically contiguous data units also have contiguous DUNs, which won't be the case if the DUN is not related to the physical block address (I'm not familiar with nids, but it sounds like nids are independent of block address). Does that make sense or is there something I'm missing? > Thanks, _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
