From nobody Tue Oct 7 13:33:42 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFECF288518; Thu, 10 Jul 2025 06:10:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127804; cv=none; b=aN0v8wtha1Vese5opVhhHgmSRRcp7z7YQ08nY7M5lF4N7S1IlU2d2TiVe0JIB77HwDby4mym2EAl2tn9vuYBvn7g4lJMYgEvypCFqav5ZPVVcjdF102ov+VkQXZ1AOlmPQuazbqtqkpw6sITslgs0C5E2D3Rr4zhZIwABX7Z9YQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752127804; c=relaxed/simple; bh=zLqHswEdALQQG33DjYXOoqtVVEv8AVXTJwVwIILDSgQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=WEpT4WNS+EBs/KUxNNbxBPLXk6MvmHEwusIQe6cJmCPSQ6Vf5WSjtHsER0eH+hogba5PUAJ0+YgIENk4ulv2VVonFoda8z75hw9lODYagVgc9FuDdvdivU0AsUmov/Hgxd83tv6ZHFtkT0ib9PlEExFrBMk1MRRJaI0tL3ttqK4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kgGrS5ze; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kgGrS5ze" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3253FC4CEF4; Thu, 10 Jul 2025 06:10:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752127804; bh=zLqHswEdALQQG33DjYXOoqtVVEv8AVXTJwVwIILDSgQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kgGrS5zek5qD/iR7/psHqKB/OndvNlcjgJ/MERuR412fdLN75FF3xKUO0bmKRedcM QIF6gwPeOIJyTFZcD8Zt2cy+LSuO5+rmuBs1c8xeUWffPL5sTyq4rIiRzKhkzFQTpr jQ2s0TuDSI0CXiOkePRtXW7vdK5sckp+AdvBSfMmC2VcgWfG2DEcJP5fpSURqyeMu1 edqIixSuORVy+IRgP+SNTr6pHQ8cNLPS7JjF/r/CrMe57kk/KcR5RNuLzb66ClCEM3 D0uD4hGD0NeGLI99WwdFzbHCZUCrf9TywadcqopBiPDnE67he/r1bWn4jqHxMxgLif tA99asZ+BaPQg== From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: linux-crypto@vger.kernel.org, Yuwen Chen , linux-mtd@lists.infradead.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v2 1/6] fscrypt: Don't use asynchronous CryptoAPI algorithms Date: Wed, 9 Jul 2025 23:07:48 -0700 Message-ID: <20250710060754.637098-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250710060754.637098-1-ebiggers@kernel.org> References: <20250710060754.637098-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that fscrypt's incomplete support for non-inline crypto engines has been removed, and none of the CPU-based algorithms have the CRYPTO_ALG_ASYNC flag set anymore, there is no need to accommodate asynchronous algorithms. Therefore, explicitly allocate only synchronous algorithms. Then, remove the code that handled waiting for asynchronous en/decryption operations to complete. This commit should *not* be backported to kernels that lack commit 0ba6ec5b2972 ("crypto: x86/aes - stop using the SIMD helper"), as then it would disable the use of the optimized AES code on x86. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 7 +++---- fs/crypto/fname.c | 18 ++++++++---------- fs/crypto/fscrypt_private.h | 5 +++-- fs/crypto/keysetup_v1.c | 9 ++++----- 4 files changed, 18 insertions(+), 21 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index ddf6991d46da2..43d1658e07cec 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -113,11 +113,10 @@ int fscrypt_crypt_data_unit(const struct fscrypt_inod= e_info *ci, unsigned int len, unsigned int offs, gfp_t gfp_flags) { union fscrypt_iv iv; struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); struct scatterlist dst, src; struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; int res =3D 0; =20 if (WARN_ON_ONCE(len <=3D 0)) @@ -131,21 +130,21 @@ int fscrypt_crypt_data_unit(const struct fscrypt_inod= e_info *ci, if (!req) return -ENOMEM; =20 skcipher_request_set_callback( req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + NULL, NULL); =20 sg_init_table(&dst, 1); sg_set_page(&dst, dest_page, len, offs); sg_init_table(&src, 1); sg_set_page(&src, src_page, len, offs); skcipher_request_set_crypt(req, &src, &dst, len, &iv); if (rw =3D=3D FS_DECRYPT) - res =3D crypto_wait_req(crypto_skcipher_decrypt(req), &wait); + res =3D crypto_skcipher_decrypt(req); else - res =3D crypto_wait_req(crypto_skcipher_encrypt(req), &wait); + res =3D crypto_skcipher_encrypt(req); skcipher_request_free(req); if (res) { fscrypt_err(ci->ci_inode, "%scryption failed for data unit %llu: %d", (rw =3D=3D FS_DECRYPT ? "De" : "En"), index, res); diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index fb01dde0f2e55..17edc24ccd42f 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -93,11 +93,10 @@ static inline bool fscrypt_is_dot_dotdot(const struct q= str *str) */ int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *in= ame, u8 *out, unsigned int olen) { struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); const struct fscrypt_inode_info *ci =3D inode->i_crypt_info; struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; union fscrypt_iv iv; struct scatterlist sg; int res; @@ -116,18 +115,18 @@ int fscrypt_fname_encrypt(const struct inode *inode, = const struct qstr *iname, =20 /* Set up the encryption request */ req =3D skcipher_request_alloc(tfm, GFP_NOFS); if (!req) return -ENOMEM; - skcipher_request_set_callback(req, - CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + skcipher_request_set_callback( + req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, + NULL, NULL); sg_init_one(&sg, out, olen); skcipher_request_set_crypt(req, &sg, &sg, olen, &iv); =20 /* Do the encryption */ - res =3D crypto_wait_req(crypto_skcipher_encrypt(req), &wait); + res =3D crypto_skcipher_encrypt(req); skcipher_request_free(req); if (res < 0) { fscrypt_err(inode, "Filename encryption failed: %d", res); return res; } @@ -149,33 +148,32 @@ EXPORT_SYMBOL_GPL(fscrypt_fname_encrypt); static int fname_decrypt(const struct inode *inode, const struct fscrypt_str *iname, struct fscrypt_str *oname) { struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); struct scatterlist src_sg, dst_sg; const struct fscrypt_inode_info *ci =3D inode->i_crypt_info; struct crypto_skcipher *tfm =3D ci->ci_enc_key.tfm; union fscrypt_iv iv; int res; =20 /* Allocate request */ req =3D skcipher_request_alloc(tfm, GFP_NOFS); if (!req) return -ENOMEM; - skcipher_request_set_callback(req, - CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + skcipher_request_set_callback( + req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, + NULL, NULL); =20 /* Initialize IV */ fscrypt_generate_iv(&iv, 0, ci); =20 /* Create decryption request */ sg_init_one(&src_sg, iname->name, iname->len); sg_init_one(&dst_sg, oname->name, oname->len); skcipher_request_set_crypt(req, &src_sg, &dst_sg, iname->len, &iv); - res =3D crypto_wait_req(crypto_skcipher_decrypt(req), &wait); + res =3D crypto_skcipher_decrypt(req); skcipher_request_free(req); if (res < 0) { fscrypt_err(inode, "Filename decryption failed: %d", res); return res; } diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 6e7164530a1e2..06fa8f2b2d081 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -57,12 +57,13 @@ * Adiantum is faster still, and is the recommended option on such platfor= ms...) * * Note that fscrypt also supports inline crypto engines. Those don't use= the * Crypto API and work much better than the old-style (non-inline) engines. */ -#define FSCRYPT_CRYPTOAPI_MASK \ - (CRYPTO_ALG_ALLOCATES_MEMORY | CRYPTO_ALG_KERN_DRIVER_ONLY) +#define FSCRYPT_CRYPTOAPI_MASK \ + (CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY | \ + CRYPTO_ALG_KERN_DRIVER_ONLY) =20 #define FSCRYPT_CONTEXT_V1 1 #define FSCRYPT_CONTEXT_V2 2 =20 /* Keep this in sync with include/uapi/linux/fscrypt.h */ diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c index 158ceae8a5bce..3fdf174384f3d 100644 --- a/fs/crypto/keysetup_v1.c +++ b/fs/crypto/keysetup_v1.c @@ -48,11 +48,10 @@ static int derive_key_aes(const u8 *master_key, const u8 nonce[FSCRYPT_FILE_NONCE_SIZE], u8 *derived_key, unsigned int derived_keysize) { int res =3D 0; struct skcipher_request *req =3D NULL; - DECLARE_CRYPTO_WAIT(wait); struct scatterlist src_sg, dst_sg; struct crypto_skcipher *tfm =3D crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK); =20 if (IS_ERR(tfm)) { @@ -64,22 +63,22 @@ static int derive_key_aes(const u8 *master_key, req =3D skcipher_request_alloc(tfm, GFP_KERNEL); if (!req) { res =3D -ENOMEM; goto out; } - skcipher_request_set_callback(req, - CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, - crypto_req_done, &wait); + skcipher_request_set_callback( + req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, + NULL, NULL); res =3D crypto_skcipher_setkey(tfm, nonce, FSCRYPT_FILE_NONCE_SIZE); if (res < 0) goto out; =20 sg_init_one(&src_sg, master_key, derived_keysize); sg_init_one(&dst_sg, derived_key, derived_keysize); skcipher_request_set_crypt(req, &src_sg, &dst_sg, derived_keysize, NULL); - res =3D crypto_wait_req(crypto_skcipher_encrypt(req), &wait); + res =3D crypto_skcipher_encrypt(req); out: skcipher_request_free(req); crypto_free_skcipher(tfm); return res; } --=20 2.50.1