From: Liao Yuanhong <[email protected]> Document the F2FS encrypted_inline_data feature, including the on-disk feature requirement, the CONFIG_F2FS_FS_ENCRYPTED_INLINE_DATA dependency, how inline payloads are encrypted and decrypted, and the truncate behavior.
Also list encrypted_inline_data in the supported F2FS feature sysfs documentation. Signed-off-by: Liao Yuanhong <[email protected]> --- Documentation/ABI/testing/sysfs-fs-f2fs | 5 +++-- Documentation/filesystems/f2fs.rst | 27 +++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/Documentation/ABI/testing/sysfs-fs-f2fs b/Documentation/ABI/testing/sysfs-fs-f2fs index 27d5e88facbe..dad483fb2fc1 100644 --- a/Documentation/ABI/testing/sysfs-fs-f2fs +++ b/Documentation/ABI/testing/sysfs-fs-f2fs @@ -258,7 +258,8 @@ Description: Expand /sys/fs/f2fs/<disk>/features to meet sysfs rule. encryption, block_zoned (aka blkzoned), extra_attr, project_quota (aka projquota), inode_checksum, flexible_inline_xattr, quota_ino, inode_crtime, lost_found, - verity, sb_checksum, casefold, readonly, compression. + verity, sb_checksum, casefold, readonly, compression, + encrypted_inline_data. Note that, pin_file is moved into /sys/fs/f2fs/features/. What: /sys/fs/f2fs/features/ @@ -271,7 +272,7 @@ Description: Shows all enabled kernel features. inode_crtime, lost_found, verity, sb_checksum, casefold, readonly, compression, test_dummy_encryption_v2, atomic_write, pin_file, encrypted_casefold, linear_lookup, - fserror. + fserror, encrypted_inline_data. What: /sys/fs/f2fs/<disk>/inject_rate Date: May 2016 diff --git a/Documentation/filesystems/f2fs.rst b/Documentation/filesystems/f2fs.rst index 5bc37a1c4e51..1f3e02352dd1 100644 --- a/Documentation/filesystems/f2fs.rst +++ b/Documentation/filesystems/f2fs.rst @@ -420,6 +420,33 @@ lookup_mode=%s Control the directory lookup behavior for casefolded ================== ======================================== ======================== ============================================================ +Encrypted inline data +===================== + +F2FS normally disables inline data for encrypted regular files, since inline +data is stored inside the inode block and does not pass through the regular +block I/O path. When a filesystem is formatted with the encrypted_inline_data +feature, encrypted regular files may keep small file contents in the inode +block. The inline payload is encrypted with fscrypt contents-key semantics +before it is written to the inode, and it is decrypted back to page-cache +plaintext when it is read. + +This feature requires the encrypt feature on disk and kernel support for +CONFIG_F2FS_FS_ENCRYPTED_INLINE_DATA. It is intended to be used together with +the inline_data mount option. When the normal encrypted file contents path uses +blk-crypto, fscrypt also prepares a software contents-key transform for the +filesystem-managed inline payload. + +Encrypted inline data is stored in fscrypt contents-aligned units. Therefore, +the maximum plaintext size that can stay inline may be slightly smaller than the +ordinary inline data capacity. If an encrypted inline-data file is truncated +from a non-zero offset, F2FS first converts the inline payload to normal data +blocks and then applies the truncate operation. + +Recovery copies inline payloads as on-disk bytes. Encryption and decryption are +performed only when moving data between the inode inline area and page-cache +plaintext. + Debugfs Entries =============== -- 2.34.1 _______________________________________________ Linux-f2fs-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
