From nobody Tue Oct 7 11:43:20 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFECF288518; Thu, 10 Jul 2025 06:10:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127804; cv=none; b=aN0v8wtha1Vese5opVhhHgmSRRcp7z7YQ08nY7M5lF4N7S1IlU2d2TiVe0JIB77HwDby4mym2EAl2tn9vuYBvn7g4lJMYgEvypCFqav5ZPVVcjdF102ov+VkQXZ1AOlmPQuazbqtqkpw6sITslgs0C5E2D3Rr4zhZIwABX7Z9YQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127804; c=relaxed/simple; bh=zLqHswEdALQQG33DjYXOoqtVVEv8AVXTJwVwIILDSgQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=WEpT4WNS+EBs/KUxNNbxBPLXk6MvmHEwusIQe6cJmCPSQ6Vf5WSjtHsER0eH+hogba5PUAJ0+YgIENk4ulv2VVonFoda8z75hw9lODYagVgc9FuDdvdivU0AsUmov/Hgxd83tv6ZHFtkT0ib9PlEExFrBMk1MRRJaI0tL3ttqK4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kgGrS5ze; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kgGrS5ze" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3253FC4CEF4; Thu, 10 Jul 2025 06:10:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752127804; bh=zLqHswEdALQQG33DjYXOoqtVVEv8AVXTJwVwIILDSgQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kgGrS5zek5qD/iR7/psHqKB/OndvNlcjgJ/MERuR412fdLN75FF3xKUO0bmKRedcM QIF6gwPeOIJyTFZcD8Zt2cy+LSuO5+rmuBs1c8xeUWffPL5sTyq4rIiRzKhkzFQTpr jQ2s0TuDSI0CXiOkePRtXW7vdK5sckp+AdvBSfMmC2VcgWfG2DEcJP5fpSURqyeMu1 edqIixSuORVy+IRgP+SNTr6pHQ8cNLPS7JjF/r/CrMe57kk/KcR5RNuLzb66ClCEM3 D0uD4hGD0NeGLI99WwdFzbHCZUCrf9TywadcqopBiPDnE67he/r1bWn4jqHxMxgLif tA99asZ+BaPQg== From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: linux-crypto@vger.kernel.org, Yuwen Chen , linux-mtd@lists.infradead.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v2 1/6] fscrypt: Don't use asynchronous CryptoAPI algorithms Date: Wed, 9 Jul 2025 23:07:48 -0700 Message-ID: <20250710060754.637098-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250710060754.637098-1-ebiggers@kernel.org> References: <20250710060754.637098-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that fscrypt's incomplete support for non-inline crypto engines has been removed, and none of the CPU-based algorithms have the CRYPTO_ALG_ASYNC flag set anymore, there is no need to accommodate asynchronous algorithms. Therefore, explicitly allocate only synchronous algorithms. Then, remove the code that handled waiting for asynchronous en/decryption operations to complete. This commit should *not* be backported to kernels that lack commit 0ba6ec5b2972 ("crypto: x86/aes - stop using the SIMD helper"), as then it would disable the use of the optimized AES code on x86. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 7 +++---- fs/crypto/fname.c | 18 ++++++++---------- fs/crypto/fscrypt_private.h | 5 +++-- fs/crypto/keysetup_v1.c | 9 ++++----- 4 files changed, 18 insertions(+), 21 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index ddf6991d46da2..43d1658e07cec 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -113,11 +113,10 @@ int fscrypt_crypt_data_unit(const struct fscrypt_inod= e_info *ci, unsigned int len, unsigned int offs, gfp_t gfp_flags) { union fscrypt_iv iv; struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); struct scatterlist dst, src; struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; int res =3D 0; =20 if (WARN_ON_ONCE(len <=3D 0)) @@ -131,21 +130,21 @@ int fscrypt_crypt_data_unit(const struct fscrypt_inod= e_info *ci, if (!req) return -ENOMEM; =20 skcipher_request_set_callback( req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + NULL, NULL); =20 sg_init_table(&dst, 1); sg_set_page(&dst, dest_page, len, offs); sg_init_table(&src, 1); sg_set_page(&src, src_page, len, offs); skcipher_request_set_crypt(req, &src, &dst, len, &iv); if (rw =3D=3D FS_DECRYPT) - res =3D crypto_wait_req(crypto_skcipher_decrypt(req), &wait); + res =3D crypto_skcipher_decrypt(req); else - res =3D crypto_wait_req(crypto_skcipher_encrypt(req), &wait); + res =3D crypto_skcipher_encrypt(req); skcipher_request_free(req); if (res) { fscrypt_err(ci->ci_inode, "%scryption failed for data unit %llu: %d", (rw =3D=3D FS_DECRYPT ? "De" : "En"), index, res); diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index fb01dde0f2e55..17edc24ccd42f 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -93,11 +93,10 @@ static inline bool fscrypt_is_dot_dotdot(const struct q= str *str) */ int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *in= ame, u8 *out, unsigned int olen) { struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); const struct fscrypt_inode_info *ci =3D inode->i_crypt_info; struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; union fscrypt_iv iv; struct scatterlist sg; int res; @@ -116,18 +115,18 @@ int fscrypt_fname_encrypt(const struct inode *inode, = const struct qstr *iname, =20 /* Set up the encryption request */ req =3D skcipher_request_alloc(tfm, GFP_NOFS); if (!req) return -ENOMEM; - skcipher_request_set_callback(req, - CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + skcipher_request_set_callback( + req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, + NULL, NULL); sg_init_one(&sg, out, olen); skcipher_request_set_crypt(req, &sg, &sg, olen, &iv); =20 /* Do the encryption */ - res =3D crypto_wait_req(crypto_skcipher_encrypt(req), &wait); + res =3D crypto_skcipher_encrypt(req); skcipher_request_free(req); if (res < 0) { fscrypt_err(inode, "Filename encryption failed: %d", res); return res; } @@ -149,33 +148,32 @@ EXPORT_SYMBOL_GPL(fscrypt_fname_encrypt); static int fname_decrypt(const struct inode *inode, const struct fscrypt_str *iname, struct fscrypt_str *oname) { struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); struct scatterlist src_sg, dst_sg; const struct fscrypt_inode_info *ci =3D inode->i_crypt_info; struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; union fscrypt_iv iv; int res; =20 /* Allocate request */ req =3D skcipher_request_alloc(tfm, GFP_NOFS); if (!req) return -ENOMEM; - skcipher_request_set_callback(req, - CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + skcipher_request_set_callback( + req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, + NULL, NULL); =20 /* Initialize IV */ fscrypt_generate_iv(&iv, 0, ci); =20 /* Create decryption request */ sg_init_one(&src_sg, iname->name, iname->len); sg_init_one(&dst_sg, oname->name, oname->len); skcipher_request_set_crypt(req, &src_sg, &dst_sg, iname->len, &iv); - res =3D crypto_wait_req(crypto_skcipher_decrypt(req), &wait); + res =3D crypto_skcipher_decrypt(req); skcipher_request_free(req); if (res < 0) { fscrypt_err(inode, "Filename decryption failed: %d", res); return res; } diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 6e7164530a1e2..06fa8f2b2d081 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -57,12 +57,13 @@ * Adiantum is faster still, and is the recommended option on such platfor= ms...) * * Note that fscrypt also supports inline crypto engines. Those don't use= the * Crypto API and work much better than the old-style (non-inline) engines. */ -#define FSCRYPT_CRYPTOAPI_MASK \ - (CRYPTO_ALG_ALLOCATES_MEMORY | CRYPTO_ALG_KERN_DRIVER_ONLY) +#define FSCRYPT_CRYPTOAPI_MASK \ + (CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY | \ + CRYPTO_ALG_KERN_DRIVER_ONLY) =20 #define FSCRYPT_CONTEXT_V1 1 #define FSCRYPT_CONTEXT_V2 2 =20 /* Keep this in sync with include/uapi/linux/fscrypt.h */ diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c index 158ceae8a5bce..3fdf174384f3d 100644 --- a/fs/crypto/keysetup_v1.c +++ b/fs/crypto/keysetup_v1.c @@ -48,11 +48,10 @@ static int derive_key_aes(const u8 *master_key, const u8 nonce[FSCRYPT_FILE_NONCE_SIZE], u8 *derived_key, unsigned int derived_keysize) { int res =3D 0; struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); struct scatterlist src_sg, dst_sg; struct crypto_skcipher *tfm =3D crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK); =20 if (IS_ERR(tfm)) { @@ -64,22 +63,22 @@ static int derive_key_aes(const u8 *master_key, req =3D skcipher_request_alloc(tfm, GFP_KERNEL); if (!req) { res =3D -ENOMEM; goto out; } - skcipher_request_set_callback(req, - CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + skcipher_request_set_callback( + req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, + NULL, NULL); res =3D crypto_skcipher_setkey(tfm, nonce, FSCRYPT_FILE_NONCE_SIZE); if (res < 0) goto out; =20 sg_init_one(&src_sg, master_key, derived_keysize); sg_init_one(&dst_sg, derived_key, derived_keysize); skcipher_request_set_crypt(req, &src_sg, &dst_sg, derived_keysize, NULL); - res =3D crypto_wait_req(crypto_skcipher_encrypt(req), &wait); + res =3D crypto_skcipher_encrypt(req); out: skcipher_request_free(req); crypto_free_skcipher(tfm); return res; } --=20 2.50.1 From nobody Tue Oct 7 11:43:20 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EFBCE28C5A1; Thu, 10 Jul 2025 06:10:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127805; cv=none; b=tJgrI3Nlu5lm4HkpO/SVy5iqTHmGvEcuFrSpRodyhY60cOupa/FH4FwuptcfHr2R6VLBTsAkXVZ4w6KXnZ3FxcTQsetChJNc+nHNdcTNnawKXBFQLK6fPC2fUUwsVvCxOR0prgDfUVazKUbKEQK3gcokD5f+nIee0kzxx6qEAHk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127805; c=relaxed/simple; bh=c0LblWZjHtA+pSM3OGRGzXlBbR2Gy8KHxtMN1dzIorg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=W0Wfitqp6ks+4ZtoPZOAveC3YDR6rDczy6z1V9ne8E/nmu4HJNOQsWFruIK699ODY2+jxIq0R28ZtmT/mDcfbzJrmNcUTobIFCCq06Lp7Vv6IrBpUIZV1U4T2zV3fiThMykWiJxNa0MCqftNkjrW5Zb7kxzpSMj20CQyOUF4Cko= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=gooy9tEn; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="gooy9tEn" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8A372C4CEF7; Thu, 10 Jul 2025 06:10:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752127804; bh=c0LblWZjHtA+pSM3OGRGzXlBbR2Gy8KHxtMN1dzIorg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gooy9tEnWaUjAMYDxpZ1+MvVzB2Bl/WqS7VxX2kK5a4rhcDe9g2c9LPur896JqQGM Q8pv+24fuPNDwojiVqYEnPDCe8W+zZ8gF4ASRIkhQjZQwYNCwLI6HJO80iU4dwrs2/ RrCsJN/+uCheB1eygag4QHchL1Nt+XDk7PBsAWzOsPTEi1xyX+fXlgU76g0Q0Q2Nyp huB4eTNiObsmAuv/KSBxND1pVqKke1J6BEccZSbuMRUhdBOSVwfnXp1J3nAh3MgQ+D XcWzwk1EPhFois5+o38tvnnb8kvkZPWKQ7e9n9EVqbKWweKlaNIafpN+AN3g4q9Y1L a/tfsbLCWpMuw== From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: linux-crypto@vger.kernel.org, Yuwen Chen , linux-mtd@lists.infradead.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v2 2/6] fscrypt: Drop FORBID_WEAK_KEYS flag for AES-ECB Date: Wed, 9 Jul 2025 23:07:49 -0700 Message-ID: <20250710060754.637098-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250710060754.637098-1-ebiggers@kernel.org> References: <20250710060754.637098-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This flag only has an effect for DES, 3DES, and XTS mode. It does nothing for AES-ECB, as there is no concept of weak keys for AES. Signed-off-by: Eric Biggers --- fs/crypto/keysetup_v1.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c index 3fdf174384f3d..75b0f1211a1e6 100644 --- a/fs/crypto/keysetup_v1.c +++ b/fs/crypto/keysetup_v1.c @@ -57,11 +57,10 @@ static int derive_key_aes(const u8 *master_key, if (IS_ERR(tfm)) { res =3D PTR_ERR(tfm); tfm =3D NULL; goto out; } - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); req =3D skcipher_request_alloc(tfm, GFP_KERNEL); if (!req) { res =3D -ENOMEM; goto out; } --=20 2.50.1 From nobody Tue Oct 7 11:43:20 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AC21928E56B; Thu, 10 Jul 2025 06:10:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127805; cv=none; b=WnDhwMNM0aaECNIWvkfIaNDaSSdwmTKBXahNMqfIF5xXSFcIYPU8vu6b32CwBvcfMqGNPa3rqJ3SAdptYIyvGB6aUwHH0sD18PabULaI1MfaSuVPaHP1tOlG9ZxNO2srzH99PdDnRxTrNcTPjkW3oMDbK1DT/tSmQtAcmSCwG4k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127805; c=relaxed/simple; bh=J7UXOFxzMEHRI0EFzXWqDcw9MtzAeL4sqY2rV62CUrU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=IBSxxkMOemxbZ4ANppEY1XXK7JJafxuY1DgwYxB2WZ14KgTP+jv5Qxx4XmZPT8AKnyvMZQ0EsP0jmQW1hjejDMjyF7DZFdSzd4I6HEAmdc7qmYIXsrs6BgWUsOipHNabNgwRw+vo4erP+q0/1Mrb7xKXlCILsKUMmagRwwBj5o8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=OXCDP/iP; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="OXCDP/iP" Received: by smtp.kernel.org (Postfix) with ESMTPSA id EB9D9C4CEF6; Thu, 10 Jul 2025 06:10:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752127805; bh=J7UXOFxzMEHRI0EFzXWqDcw9MtzAeL4sqY2rV62CUrU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OXCDP/iP5bueZ7g3NdjPK6P78g6x/kZDkLvDK9yW1q/TJ5vR0rP0U0085Sevdv48t b7jVx7ynyycIWtNxyt6E60ja4QYufaxzQ1SAeTohn8o5SzHDr8RW1wHCaF8n9uUnor Tz837h3QZkcaGlRtYNLm3otwrkubn2iesFWHayMP5L4g3Y3QI3aIWQI1w54xk3K1Q9 fhfX5oawb44BllsNjyqgqLcEOoulAMSFOqdz4Jlx+MlJfKK5sFIxTAIYrCgyBOQlL/ Nvgp8b2+zPXH/Ov0iOQx0fjiRi32nDy0hzL/hMdbUXj6AhuEZsVCu2tx7NgiA2GEor MTqApSqUrd5AA== From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: linux-crypto@vger.kernel.org, Yuwen Chen , linux-mtd@lists.infradead.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v2 3/6] fscrypt: Switch to sync_skcipher and on-stack requests Date: Wed, 9 Jul 2025 23:07:50 -0700 Message-ID: <20250710060754.637098-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250710060754.637098-1-ebiggers@kernel.org> References: <20250710060754.637098-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that fscrypt uses only synchronous skciphers, switch to the actual sync_skcipher API and the corresponding on-stack requests. This eliminates a heap allocation per en/decryption operation. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 24 ++++++----------- fs/crypto/fname.c | 53 ++++++++++++------------------------ fs/crypto/fscrypt_private.h | 2 +- fs/crypto/keysetup.c | 23 ++++++++-------- fs/crypto/keysetup_v1.c | 54 ++++++++++++++++--------------------- 5 files changed, 61 insertions(+), 95 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index 43d1658e07cec..646b1831e6831 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -111,48 +111,40 @@ int fscrypt_crypt_data_unit(const struct fscrypt_inod= e_info *ci, fscrypt_direction_t rw, u64 index, struct page *src_page, struct page *dest_page, unsigned int len, unsigned int offs, gfp_t gfp_flags) { + struct crypto_sync_skcipher *tfm =3D ci->ci_enc_key.tfm; + SYNC_SKCIPHER_REQUEST_ON_STACK(req, tfm); union fscrypt_iv iv; - struct skcipher_request *req =3D NULL; struct scatterlist dst, src; - struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; - int res =3D 0; + int err; =20 if (WARN_ON_ONCE(len <=3D 0)) return -EINVAL; if (WARN_ON_ONCE(len % FSCRYPT_CONTENTS_ALIGNMENT !=3D 0)) return -EINVAL; =20 fscrypt_generate_iv(&iv, index, ci); =20 - req =3D skcipher_request_alloc(tfm, gfp_flags); - if (!req) - return -ENOMEM; - skcipher_request_set_callback( req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); - sg_init_table(&dst, 1); sg_set_page(&dst, dest_page, len, offs); sg_init_table(&src, 1); sg_set_page(&src, src_page, len, offs); skcipher_request_set_crypt(req, &src, &dst, len, &iv); if (rw =3D=3D FS_DECRYPT) - res =3D crypto_skcipher_decrypt(req); + err =3D crypto_skcipher_decrypt(req); else - res =3D crypto_skcipher_encrypt(req); - skcipher_request_free(req); - if (res) { + err =3D crypto_skcipher_encrypt(req); + if (err) fscrypt_err(ci->ci_inode, "%scryption failed for data unit %llu: %d", - (rw =3D=3D FS_DECRYPT ? "De" : "En"), index, res); - return res; - } - return 0; + (rw =3D=3D FS_DECRYPT ? "De" : "En"), index, err); + return err; } =20 /** * fscrypt_encrypt_pagecache_blocks() - Encrypt data from a pagecache folio * @folio: the locked pagecache folio containing the data to encrypt diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 17edc24ccd42f..f9f6713e144f7 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -92,48 +92,37 @@ static inline bool fscrypt_is_dot_dotdot(const struct q= str *str) * Return: 0 on success, -errno on failure */ int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *in= ame, u8 *out, unsigned int olen) { - struct skcipher_request *req =3D NULL; const struct fscrypt_inode_info *ci =3D inode->i_crypt_info; - struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; + struct crypto_sync_skcipher *tfm =3D ci->ci_enc_key.tfm; + SYNC_SKCIPHER_REQUEST_ON_STACK(req, tfm); union fscrypt_iv iv; struct scatterlist sg; - int res; + int err; =20 /* * Copy the filename to the output buffer for encrypting in-place and * pad it with the needed number of NUL bytes. */ if (WARN_ON_ONCE(olen < iname->len)) return -ENOBUFS; memcpy(out, iname->name, iname->len); memset(out + iname->len, 0, olen - iname->len); =20 - /* Initialize the IV */ fscrypt_generate_iv(&iv, 0, ci); =20 - /* Set up the encryption request */ - req =3D skcipher_request_alloc(tfm, GFP_NOFS); - if (!req) - return -ENOMEM; skcipher_request_set_callback( req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); sg_init_one(&sg, out, olen); skcipher_request_set_crypt(req, &sg, &sg, olen, &iv); - - /* Do the encryption */ - res =3D crypto_skcipher_encrypt(req); - skcipher_request_free(req); - if (res < 0) { - fscrypt_err(inode, "Filename encryption failed: %d", res); - return res; - } - - return 0; + err =3D crypto_skcipher_encrypt(req); + if (err) + fscrypt_err(inode, "Filename encryption failed: %d", err); + return err; } EXPORT_SYMBOL_GPL(fscrypt_fname_encrypt); =20 /** * fname_decrypt() - decrypt a filename @@ -147,37 +136,29 @@ EXPORT_SYMBOL_GPL(fscrypt_fname_encrypt); */ static int fname_decrypt(const struct inode *inode, const struct fscrypt_str *iname, struct fscrypt_str *oname) { - struct skcipher_request *req =3D NULL; - struct scatterlist src_sg, dst_sg; const struct fscrypt_inode_info *ci =3D inode->i_crypt_info; - struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; + struct crypto_sync_skcipher *tfm =3D ci->ci_enc_key.tfm; + SYNC_SKCIPHER_REQUEST_ON_STACK(req, tfm); union fscrypt_iv iv; - int res; + struct scatterlist src_sg, dst_sg; + int err; + + fscrypt_generate_iv(&iv, 0, ci); =20 - /* Allocate request */ - req =3D skcipher_request_alloc(tfm, GFP_NOFS); - if (!req) - return -ENOMEM; skcipher_request_set_callback( req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); - - /* Initialize IV */ - fscrypt_generate_iv(&iv, 0, ci); - - /* Create decryption request */ sg_init_one(&src_sg, iname->name, iname->len); sg_init_one(&dst_sg, oname->name, oname->len); skcipher_request_set_crypt(req, &src_sg, &dst_sg, iname->len, &iv); - res =3D crypto_skcipher_decrypt(req); - skcipher_request_free(req); - if (res < 0) { - fscrypt_err(inode, "Filename decryption failed: %d", res); - return res; + err =3D crypto_skcipher_decrypt(req); + if (err) { + fscrypt_err(inode, "Filename decryption failed: %d", err); + return err; } =20 oname->len =3D strnlen(oname->name, iname->len); return 0; } diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 06fa8f2b2d081..bffeb14501fd0 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -237,11 +237,11 @@ struct fscrypt_symlink_data { * @blk_key: key for blk-crypto * * Normally only one of the fields will be non-NULL. */ struct fscrypt_prepared_key { - struct crypto_skcipher *tfm; + struct crypto_sync_skcipher *tfm; #ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT struct blk_crypto_key *blk_key; #endif }; =20 diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c index 74d4a2e1ad23a..4f3b9ecbfe4e6 100644 --- a/fs/crypto/keysetup.c +++ b/fs/crypto/keysetup.c @@ -95,19 +95,19 @@ select_encryption_mode(const union fscrypt_policy *poli= cy, inode->i_ino, (inode->i_mode & S_IFMT)); return ERR_PTR(-EINVAL); } =20 /* Create a symmetric cipher object for the given encryption mode and key = */ -static struct crypto_skcipher * +static struct crypto_sync_skcipher * fscrypt_allocate_skcipher(struct fscrypt_mode *mode, const u8 *raw_key, const struct inode *inode) { - struct crypto_skcipher *tfm; + struct crypto_sync_skcipher *tfm; int err; =20 - tfm =3D crypto_alloc_skcipher(mode->cipher_str, 0, - FSCRYPT_CRYPTOAPI_MASK); + tfm =3D crypto_alloc_sync_skcipher(mode->cipher_str, 0, + FSCRYPT_CRYPTOAPI_MASK); if (IS_ERR(tfm)) { if (PTR_ERR(tfm) =3D=3D -ENOENT) { fscrypt_warn(inode, "Missing crypto API support for %s (API name: \"%s\")", mode->friendly_name, mode->cipher_str); @@ -123,25 +123,26 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, = const u8 *raw_key, * crypto algorithm implementation is used. Help people debug * performance problems by logging the ->cra_driver_name the * first time a mode is used. */ pr_info("fscrypt: %s using implementation \"%s\"\n", - mode->friendly_name, crypto_skcipher_driver_name(tfm)); + mode->friendly_name, + crypto_skcipher_driver_name(&tfm->base)); } - if (WARN_ON_ONCE(crypto_skcipher_ivsize(tfm) !=3D mode->ivsize)) { + if (WARN_ON_ONCE(crypto_sync_skcipher_ivsize(tfm) !=3D mode->ivsize)) { err =3D -EINVAL; goto err_free_tfm; } - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); - err =3D crypto_skcipher_setkey(tfm, raw_key, mode->keysize); + crypto_sync_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); + err =3D crypto_sync_skcipher_setkey(tfm, raw_key, mode->keysize); if (err) goto err_free_tfm; =20 return tfm; =20 err_free_tfm: - crypto_free_skcipher(tfm); + crypto_free_sync_skcipher(tfm); return ERR_PTR(err); } =20 /* * Prepare the crypto transform object or blk-crypto key in @prep_key, giv= en the @@ -150,11 +151,11 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, = const u8 *raw_key, * and IV generation method (@ci->ci_policy.flags). */ int fscrypt_prepare_key(struct fscrypt_prepared_key *prep_key, const u8 *raw_key, const struct fscrypt_inode_info *ci) { - struct crypto_skcipher *tfm; + struct crypto_sync_skcipher *tfm; =20 if (fscrypt_using_inline_encryption(ci)) return fscrypt_prepare_inline_crypt_key(prep_key, raw_key, ci->ci_mode->keysize, false, ci); @@ -174,11 +175,11 @@ int fscrypt_prepare_key(struct fscrypt_prepared_key *= prep_key, =20 /* Destroy a crypto transform object and/or blk-crypto key. */ void fscrypt_destroy_prepared_key(struct super_block *sb, struct fscrypt_prepared_key *prep_key) { - crypto_free_skcipher(prep_key->tfm); + crypto_free_sync_skcipher(prep_key->tfm); fscrypt_destroy_inline_crypt_key(sb, prep_key); memzero_explicit(prep_key, sizeof(*prep_key)); } =20 /* Given a per-file encryption key, set up the file's crypto transform obj= ect */ diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c index 75b0f1211a1e6..c4d05168522b0 100644 --- a/fs/crypto/keysetup_v1.c +++ b/fs/crypto/keysetup_v1.c @@ -46,42 +46,34 @@ static DEFINE_SPINLOCK(fscrypt_direct_keys_lock); */ static int derive_key_aes(const u8 *master_key, const u8 nonce[FSCRYPT_FILE_NONCE_SIZE], u8 *derived_key, unsigned int derived_keysize) { - int res =3D 0; - struct skcipher_request *req =3D NULL; - struct scatterlist src_sg, dst_sg; - struct crypto_skcipher *tfm =3D - crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK); - - if (IS_ERR(tfm)) { - res =3D PTR_ERR(tfm); - tfm =3D NULL; - goto out; - } - req =3D skcipher_request_alloc(tfm, GFP_KERNEL); - if (!req) { - res =3D -ENOMEM; - goto out; - } - skcipher_request_set_callback( - req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - NULL, NULL); - res =3D crypto_skcipher_setkey(tfm, nonce, FSCRYPT_FILE_NONCE_SIZE); - if (res < 0) - goto out; + struct crypto_sync_skcipher *tfm; + int err; =20 - sg_init_one(&src_sg, master_key, derived_keysize); - sg_init_one(&dst_sg, derived_key, derived_keysize); - skcipher_request_set_crypt(req, &src_sg, &dst_sg, derived_keysize, - NULL); - res =3D crypto_skcipher_encrypt(req); -out: - skcipher_request_free(req); - crypto_free_skcipher(tfm); - return res; + tfm =3D crypto_alloc_sync_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK); + if (IS_ERR(tfm)) + return PTR_ERR(tfm); + + err =3D crypto_sync_skcipher_setkey(tfm, nonce, FSCRYPT_FILE_NONCE_SIZE); + if (err =3D=3D 0) { + SYNC_SKCIPHER_REQUEST_ON_STACK(req, tfm); + struct scatterlist src_sg, dst_sg; + + skcipher_request_set_callback(req, + CRYPTO_TFM_REQ_MAY_BACKLOG | + CRYPTO_TFM_REQ_MAY_SLEEP, + NULL, NULL); + sg_init_one(&src_sg, master_key, derived_keysize); + sg_init_one(&dst_sg, derived_key, derived_keysize); + skcipher_request_set_crypt(req, &src_sg, &dst_sg, + derived_keysize, NULL); + err =3D crypto_skcipher_encrypt(req); + } + crypto_free_sync_skcipher(tfm); + return err; } =20 /* * Search the current task's subscribed keyrings for a "logon" key with * description prefix:descriptor, and if found acquire a read lock on it a= nd --=20 2.50.1 From nobody Tue Oct 7 11:43:20 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EBC0328EA5A; Thu, 10 Jul 2025 06:10:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127806; cv=none; b=AFcWYeuZjrbmBNjDzvWLN4pTQRZ5HkTOuRv0CAsGyrvfM6vJ1A8wn4yJFUd6+xHY8JinagY1f2cHRb15ttN3yCAKOQTBYUXABAIfGC8GcjM9yGq8fmn1PJ5TEGMdkzPp7Llyv+yX8MH3XCtvI+XCM5PDWrLUUrXcOpcZeqxXnPM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127806; c=relaxed/simple; bh=qDZA3q6MtJW6bQsPm9daCNoU1IFqN8412dZMoCnn0Nc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uKOsmfV/1RBtFqapdck7GGjgFvmRkQjgj6lEyJKjd8lPKRc17vmj0kH3OjZqz9UuNxGgrPSICEIEumLOPt4QsNa/ChS0klPz7hfM221huALaLZ2JjUzZdDGtEdPBB8Lsdr0NfrkWZn3IyD9Fl9/t4SPNMRL1P8A3kGW6zmKJ+ns= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=TNn2rCNH; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="TNn2rCNH" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 51EA1C4CEF7; Thu, 10 Jul 2025 06:10:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752127805; bh=qDZA3q6MtJW6bQsPm9daCNoU1IFqN8412dZMoCnn0Nc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=TNn2rCNHY0NRRm1MIqGuPjwXrcH5FXxY27IDshq9VsRnJdBWbB/ZAj8iZwoOsexLh VbKneDzh4Ggfq30V0oCFgLPSUY7YiBkKNxBy7z8LC463pGS5vMXvfgopgj/DqkGmbc xQSTO9QIi1cevXJVksNpcRmPMOFaj0mvNSIMO60rjeEfKN7HlA8kTS0voOSsRhHWGJ 6VIyQD7waoS5wiRl9frOl4GczOLR+mCezepQvGDFQAOs5EMej4c9jp6SBpQEvQCBAx 2aKzO+7+Qo5OgQrkjgGSSMP/Y46E1B35NCkAu+WSlzH4FANfyPLkB2x2QijZcIF5BK +prBB4Nl0q/Ng== From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: linux-crypto@vger.kernel.org, Yuwen Chen , linux-mtd@lists.infradead.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v2 4/6] fscrypt: Remove gfp_t argument from fscrypt_crypt_data_unit() Date: Wed, 9 Jul 2025 23:07:51 -0700 Message-ID: <20250710060754.637098-5-ebiggers@kernel.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250710060754.637098-1-ebiggers@kernel.org> References: <20250710060754.637098-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This argument is no longer used, so remove it. Signed-off-by: Eric Biggers --- fs/crypto/bio.c | 3 +-- fs/crypto/crypto.c | 14 +++++--------- fs/crypto/fscrypt_private.h | 3 +-- 3 files changed, 7 insertions(+), 13 deletions(-) diff --git a/fs/crypto/bio.c b/fs/crypto/bio.c index 13ad2dd771b64..486fcb2ecf13e 100644 --- a/fs/crypto/bio.c +++ b/fs/crypto/bio.c @@ -165,12 +165,11 @@ int fscrypt_zeroout_range(const struct inode *inode, = pgoff_t lblk, i =3D 0; offset =3D 0; do { err =3D fscrypt_crypt_data_unit(ci, FS_ENCRYPT, du_index, ZERO_PAGE(0), pages[i], - du_size, offset, - GFP_NOFS); + du_size, offset); if (err) goto out; du_index++; sector +=3D 1U << (du_bits - SECTOR_SHIFT); du_remaining--; diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index 646b1831e6831..bab0aacd4da36 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -108,12 +108,11 @@ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 in= dex, =20 /* Encrypt or decrypt a single "data unit" of file contents. */ int fscrypt_crypt_data_unit(const struct fscrypt_inode_info *ci, fscrypt_direction_t rw, u64 index, struct page *src_page, struct page *dest_page, - unsigned int len, unsigned int offs, - gfp_t gfp_flags) + unsigned int len, unsigned int offs) { struct crypto_sync_skcipher *tfm =3D ci->ci_enc_key.tfm; SYNC_SKCIPHER_REQUEST_ON_STACK(req, tfm); union fscrypt_iv iv; struct scatterlist dst, src; @@ -195,11 +194,11 @@ struct page *fscrypt_encrypt_pagecache_blocks(struct = folio *folio, return ERR_PTR(-ENOMEM); =20 for (i =3D offs; i < offs + len; i +=3D du_size, index++) { err =3D fscrypt_crypt_data_unit(ci, FS_ENCRYPT, index, &folio->page, ciphertext_page, - du_size, i, gfp_flags); + du_size, i); if (err) { fscrypt_free_bounce_page(ciphertext_page); return ERR_PTR(err); } } @@ -233,12 +232,11 @@ int fscrypt_encrypt_block_inplace(const struct inode = *inode, struct page *page, u64 lblk_num, gfp_t gfp_flags) { if (WARN_ON_ONCE(inode->i_sb->s_cop->supports_subblock_data_units)) return -EOPNOTSUPP; return fscrypt_crypt_data_unit(inode->i_crypt_info, FS_ENCRYPT, - lblk_num, page, page, len, offs, - gfp_flags); + lblk_num, page, page, len, offs); } EXPORT_SYMBOL(fscrypt_encrypt_block_inplace); =20 /** * fscrypt_decrypt_pagecache_blocks() - Decrypt data from a pagecache folio @@ -274,12 +272,11 @@ int fscrypt_decrypt_pagecache_blocks(struct folio *fo= lio, size_t len, =20 for (i =3D offs; i < offs + len; i +=3D du_size, index++) { struct page *page =3D folio_page(folio, i >> PAGE_SHIFT); =20 err =3D fscrypt_crypt_data_unit(ci, FS_DECRYPT, index, page, - page, du_size, i & ~PAGE_MASK, - GFP_NOFS); + page, du_size, i & ~PAGE_MASK); if (err) return err; } return 0; } @@ -308,12 +305,11 @@ int fscrypt_decrypt_block_inplace(const struct inode = *inode, struct page *page, u64 lblk_num) { if (WARN_ON_ONCE(inode->i_sb->s_cop->supports_subblock_data_units)) return -EOPNOTSUPP; return fscrypt_crypt_data_unit(inode->i_crypt_info, FS_DECRYPT, - lblk_num, page, page, len, offs, - GFP_NOFS); + lblk_num, page, page, len, offs); } EXPORT_SYMBOL(fscrypt_decrypt_block_inplace); =20 /** * fscrypt_initialize() - allocate major buffers for fs encryption. diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index bffeb14501fd0..d8b485b9881c5 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -335,12 +335,11 @@ typedef enum { extern struct kmem_cache *fscrypt_inode_info_cachep; int fscrypt_initialize(struct super_block *sb); int fscrypt_crypt_data_unit(const struct fscrypt_inode_info *ci, fscrypt_direction_t rw, u64 index, struct page *src_page, struct page *dest_page, - unsigned int len, unsigned int offs, - gfp_t gfp_flags); + unsigned int len, unsigned int offs); struct page *fscrypt_alloc_bounce_page(gfp_t gfp_flags); =20 void __printf(3, 4) __cold fscrypt_msg(const struct inode *inode, const char *level, const char *fmt,= ...); =20 --=20 2.50.1 From nobody Tue Oct 7 11:43:20 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 11DBF28F527; Thu, 10 Jul 2025 06:10:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127806; cv=none; b=lA8wsjIsDXWbA9OFl5nhsEsgJIHORj65063vw4xP7s23wcd5OOY6tBR782TDT5C2cYg6EODEEMbmJMNTqifPNxcUPcIkf35q+ubSde1fSQ+wPooFtqpC0/aIWuJQ4b0pLvYDvhVlFKfjSGifv3zof+W4mCzPxSb+xuldbCkOKvI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127806; c=relaxed/simple; bh=rxPyY/T+UiU1XFDx1UIdsdBoQBGeiEvi+e66q05QgMI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=AW5xanP+4Rr8v7HrpXPMWeJ/Xu79WeSzhVY6Ufu6KldgLRqx9mYjp1teTsJzDOetEMYqTsXrsCFSz1uvgTEfz5UK+GpqsSFd3wnr1nCF0zC4Fp42F4CT2/7/vCwYN5IRsPQAkmqtiPR8BN/tt8paXfZeaNjQ5atc1GBLI9lbfgs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=DLQ2tnzf; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="DLQ2tnzf" Received: by smtp.kernel.org (Postfix) with ESMTPSA id ABB96C4CEFE; Thu, 10 Jul 2025 06:10:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752127805; bh=rxPyY/T+UiU1XFDx1UIdsdBoQBGeiEvi+e66q05QgMI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=DLQ2tnzf0j5AB+ktyie53hSM7Vn0K0RU3O8yVIY1lRhX2YUV36H0Am6AR+O+g9cTk vzIHITOndLhr0vcWN2Rbl+CC6Sgnk045fNoHw6uW7h0aRGo3/wvX8E8fNks2PRPAWs XGIsWz6XqvESW//al3nR5uasGT9S5LSbuMhDUZofIHcAZmXeJWf5TzEmUGQ0t2cf54 5X8iHIAQfxO+EoBZKnJmVtUZXIa33MYsrZc5h+Ij8Ib5PGbh5bauPpqTBvAr47tl2l nYkUQrvPcAkhi8JvrudnADYUvdT+xp9pMR1eBrsdaBszqY/oXF+NNPKRf7BWWHx6Xj +vBsy/dj6RxFQ== From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: linux-crypto@vger.kernel.org, Yuwen Chen , linux-mtd@lists.infradead.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v2 5/6] fscrypt: Remove gfp_t argument from fscrypt_encrypt_block_inplace() Date: Wed, 9 Jul 2025 23:07:52 -0700 Message-ID: <20250710060754.637098-6-ebiggers@kernel.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250710060754.637098-1-ebiggers@kernel.org> References: <20250710060754.637098-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This argument is no longer used, so remove it. Signed-off-by: Eric Biggers Reviewed-by: Alex Markuze amarkuze@redhat.com --- fs/ceph/crypto.c | 3 +-- fs/crypto/crypto.c | 3 +-- fs/ubifs/crypto.c | 2 +- include/linux/fscrypt.h | 5 ++--- 4 files changed, 5 insertions(+), 8 deletions(-) diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c index 3b3c4d8d401ec..6d04d528ed038 100644 --- a/fs/ceph/crypto.c +++ b/fs/ceph/crypto.c @@ -521,12 +521,11 @@ int ceph_fscrypt_encrypt_block_inplace(const struct i= node *inode, { struct ceph_client *cl =3D ceph_inode_to_client(inode); =20 doutc(cl, "%p %llx.%llx len %u offs %u blk %llu\n", inode, ceph_vinop(inode), len, offs, lblk_num); - return fscrypt_encrypt_block_inplace(inode, page, len, offs, lblk_num, - gfp_flags); + return fscrypt_encrypt_block_inplace(inode, page, len, offs, lblk_num); } =20 /** * ceph_fscrypt_decrypt_pages - decrypt an array of pages * @inode: pointer to inode associated with these pages diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index bab0aacd4da36..b6ccab524fdef 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -215,11 +215,10 @@ EXPORT_SYMBOL(fscrypt_encrypt_pagecache_blocks); * @len: Size of block to encrypt. This must be a multiple of * FSCRYPT_CONTENTS_ALIGNMENT. * @offs: Byte offset within @page at which the block to encrypt begi= ns * @lblk_num: Filesystem logical block number of the block, i.e. the 0-ba= sed * number of the block within the file - * @gfp_flags: Memory allocation flags * * Encrypt a possibly-compressed filesystem block that is located in an * arbitrary page, not necessarily in the original pagecache page. The @i= node * and @lblk_num must be specified, as they can't be determined from @page. * @@ -227,11 +226,11 @@ EXPORT_SYMBOL(fscrypt_encrypt_pagecache_blocks); * * Return: 0 on success; -errno on failure */ int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *= page, unsigned int len, unsigned int offs, - u64 lblk_num, gfp_t gfp_flags) + u64 lblk_num) { if (WARN_ON_ONCE(inode->i_sb->s_cop->supports_subblock_data_units)) return -EOPNOTSUPP; return fscrypt_crypt_data_unit(inode->i_crypt_info, FS_ENCRYPT, lblk_num, page, page, len, offs); diff --git a/fs/ubifs/crypto.c b/fs/ubifs/crypto.c index 921f9033d0d2d..fb5ac358077b1 100644 --- a/fs/ubifs/crypto.c +++ b/fs/ubifs/crypto.c @@ -49,11 +49,11 @@ int ubifs_encrypt(const struct inode *inode, struct ubi= fs_data_node *dn, /* pad to full block cipher length */ if (pad_len !=3D in_len) memset(p + in_len, 0, pad_len - in_len); =20 err =3D fscrypt_encrypt_block_inplace(inode, virt_to_page(p), pad_len, - offset_in_page(p), block, GFP_NOFS); + offset_in_page(p), block); if (err) { ubifs_err(c, "fscrypt_encrypt_block_inplace() failed: %d", err); return err; } *out_len =3D pad_len; diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h index 56fad33043d53..8d0e3ad89b940 100644 --- a/include/linux/fscrypt.h +++ b/include/linux/fscrypt.h @@ -312,11 +312,11 @@ void fscrypt_enqueue_decrypt_work(struct work_struct = *); =20 struct page *fscrypt_encrypt_pagecache_blocks(struct folio *folio, size_t len, size_t offs, gfp_t gfp_flags); int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *= page, unsigned int len, unsigned int offs, - u64 lblk_num, gfp_t gfp_flags); + u64 lblk_num); =20 int fscrypt_decrypt_pagecache_blocks(struct folio *folio, size_t len, size_t offs); int fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *= page, unsigned int len, unsigned int offs, @@ -485,12 +485,11 @@ static inline struct page *fscrypt_encrypt_pagecache_= blocks(struct folio *folio, } =20 static inline int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page, unsigned int len, - unsigned int offs, u64 lblk_num, - gfp_t gfp_flags) + unsigned int offs, u64 lblk_num) { return -EOPNOTSUPP; } =20 static inline int fscrypt_decrypt_pagecache_blocks(struct folio *folio, --=20 2.50.1 From nobody Tue Oct 7 11:43:20 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A8C192900A0; Thu, 10 Jul 2025 06:10:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127806; cv=none; b=BI7gJZzNyOYaD0H6x4HIeiKdbi72lfImofzS41xPHonOVtQ8iclgJMx2uRK2132cluAHRESEw/0c28uxF/TUFok0kgb2h3HaMk+5kv8toRd3b1AVgHxgIfqJ9kCgZAG9wGFF+bZSe79fl+cUQlEFgNmS8VGAEEMR9LArifcBVtI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127806; c=relaxed/simple; bh=ISOZqqMIoJ6Bo5XTcKQL1qoCe0p7TsANa33nW9/riCk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=g9IT1n2qmGRYtH+NVjIJsUpOR+jva02GvnZ5a1UnLvz1B9f4si617msRQLJmfQjjO602KW//ivN949nJesPneF17une3sUVWRFJ//Vwo625WyJ+ShmPfLbWX0ZZJ0iSXGDji1VYQfERVoSsljaO8AKeaMuJpDv+4pKhbT26+/Bg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=PYovnpkz; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="PYovnpkz" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 117B6C4CEF5; Thu, 10 Jul 2025 06:10:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752127806; bh=ISOZqqMIoJ6Bo5XTcKQL1qoCe0p7TsANa33nW9/riCk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=PYovnpkzkt5PCA7vwOfL7C9eve152diJJlXfQx15ECLzlSRHlPsJXGI7QIgDzWuoP KudQTYDaakvkIV42pmfVyvPlJa9ZF74H5TewLj2ilLCEeTo3pna7RkK0mGcIk6yvvo 5FxRLBVr6R79yOMb1tCqOk6u+95B63IVaZeFE/rwBYd1ch+ESB5jj1VHX08Y4jhOBH 59teAf9H1O4Ztnx0cJeZWnu+2mUyKUeAvwwofKB9C4FLCdRinGdO5fULHMSzLgu93W p7TdAuxyh4mVuB10S9v+8y+T03k3vfl/ITOeeGJufJA03zOH7HGV8ORpz3aoe4a4ca hJl5D/+QR0cJw== From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: linux-crypto@vger.kernel.org, Yuwen Chen , linux-mtd@lists.infradead.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v2 6/6] ceph: Remove gfp_t argument from ceph_fscrypt_encrypt_*() Date: Wed, 9 Jul 2025 23:07:53 -0700 Message-ID: <20250710060754.637098-7-ebiggers@kernel.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250710060754.637098-1-ebiggers@kernel.org> References: <20250710060754.637098-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This argument is no longer used, so remove it. Signed-off-by: Eric Biggers Reviewed-by: Alex Markuze amarkuze@redhat.com --- fs/ceph/crypto.c | 10 ++++------ fs/ceph/crypto.h | 10 ++++------ fs/ceph/file.c | 3 +-- fs/ceph/inode.c | 3 +-- 4 files changed, 10 insertions(+), 16 deletions(-) diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c index 6d04d528ed038..91e62db0c2050 100644 --- a/fs/ceph/crypto.c +++ b/fs/ceph/crypto.c @@ -514,12 +514,11 @@ int ceph_fscrypt_decrypt_block_inplace(const struct i= node *inode, return fscrypt_decrypt_block_inplace(inode, page, len, offs, lblk_num); } =20 int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page, unsigned int len, - unsigned int offs, u64 lblk_num, - gfp_t gfp_flags) + unsigned int offs, u64 lblk_num) { struct ceph_client *cl =3D ceph_inode_to_client(inode); =20 doutc(cl, "%p %llx.%llx len %u offs %u blk %llu\n", inode, ceph_vinop(inode), len, offs, lblk_num); @@ -639,21 +638,20 @@ int ceph_fscrypt_decrypt_extents(struct inode *inode,= struct page **page, * ceph_fscrypt_encrypt_pages - encrypt an array of pages * @inode: pointer to inode associated with these pages * @page: pointer to page array * @off: offset into the file that the data starts * @len: max length to encrypt - * @gfp: gfp flags to use for allocation * - * Decrypt an array of cleartext pages and return the amount of + * Encrypt an array of cleartext pages and return the amount of * data encrypted. Any data in the page prior to the start of the * first complete block in the read is ignored. Any incomplete * crypto blocks at the end of the array are ignored. * * Returns the length of the encrypted data or a negative errno. */ int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u6= 4 off, - int len, gfp_t gfp) + int len) { int i, num_blocks; u64 baseblk =3D off >> CEPH_FSCRYPT_BLOCK_SHIFT; int ret =3D 0; =20 @@ -670,11 +668,11 @@ int ceph_fscrypt_encrypt_pages(struct inode *inode, s= truct page **page, u64 off, unsigned int pgoffs =3D offset_in_page(blkoff); int fret; =20 fret =3D ceph_fscrypt_encrypt_block_inplace(inode, page[pgidx], CEPH_FSCRYPT_BLOCK_SIZE, pgoffs, - baseblk + i, gfp); + baseblk + i); if (fret < 0) { if (ret =3D=3D 0) ret =3D fret; break; } diff --git a/fs/ceph/crypto.h b/fs/ceph/crypto.h index d0768239a1c9c..6db28464ff803 100644 --- a/fs/ceph/crypto.h +++ b/fs/ceph/crypto.h @@ -153,19 +153,18 @@ static inline void ceph_fscrypt_adjust_off_and_len(st= ruct inode *inode, int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *page, unsigned int len, unsigned int offs, u64 lblk_num); int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page, unsigned int len, - unsigned int offs, u64 lblk_num, - gfp_t gfp_flags); + unsigned int offs, u64 lblk_num); int ceph_fscrypt_decrypt_pages(struct inode *inode, struct page **page, u64 off, int len); int ceph_fscrypt_decrypt_extents(struct inode *inode, struct page **page, u64 off, struct ceph_sparse_extent *map, u32 ext_cnt); int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u6= 4 off, - int len, gfp_t gfp); + int len); =20 static inline struct page *ceph_fscrypt_pagecache_page(struct page *page) { return fscrypt_is_bounce_page(page) ? fscrypt_pagecache_page(page) : page; } @@ -244,12 +243,11 @@ static inline int ceph_fscrypt_decrypt_block_inplace(= const struct inode *inode, return 0; } =20 static inline int ceph_fscrypt_encrypt_block_inplace(const struct inode *i= node, struct page *page, unsigned int len, - unsigned int offs, u64 lblk_num, - gfp_t gfp_flags) + unsigned int offs, u64 lblk_num) { return 0; } =20 static inline int ceph_fscrypt_decrypt_pages(struct inode *inode, @@ -267,11 +265,11 @@ static inline int ceph_fscrypt_decrypt_extents(struct= inode *inode, return 0; } =20 static inline int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u64 off, - int len, gfp_t gfp) + int len) { return 0; } =20 static inline struct page *ceph_fscrypt_pagecache_page(struct page *page) diff --git a/fs/ceph/file.c b/fs/ceph/file.c index a7254cab44cc2..9b79da6d1aee7 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -1990,12 +1990,11 @@ ceph_sync_write(struct kiocb *iocb, struct iov_iter= *from, loff_t pos, break; } =20 if (IS_ENCRYPTED(inode)) { ret =3D ceph_fscrypt_encrypt_pages(inode, pages, - write_pos, write_len, - GFP_KERNEL); + write_pos, write_len); if (ret < 0) { doutc(cl, "encryption failed with %d\n", ret); ceph_release_page_vector(pages, num_pages); break; } diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index 06cd2963e41ee..fc543075b827a 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -2434,12 +2434,11 @@ static int fill_fscrypt_truncate(struct inode *inod= e, memset(iov.iov_base + boff, 0, PAGE_SIZE - boff); =20 /* encrypt the last block */ ret =3D ceph_fscrypt_encrypt_block_inplace(inode, page, CEPH_FSCRYPT_BLOCK_SIZE, - 0, block, - GFP_KERNEL); + 0, block); if (ret) goto out; } =20 /* Insert the header */ --=20 2.50.1