android/android_kernel_asus_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2081b666d5
android_kernel_asus_sm8350/drivers/md
History
Eric Biggers 5515324258 ANDROID: dm: add dm-default-key target for metadata encryption 
Add a device-mapper target "dm-default-key" which assigns an encryption
key to bios that aren't for the contents of an encrypted file.

This ensures that all blocks on-disk will be encrypted with some key,
without the performance hit of file contents being encrypted twice when
fscrypt (File-Based Encryption) is used.

It is only appropriate to use dm-default-key when key configuration is
tightly controlled, like it is in Android, such that all fscrypt keys
are at least as hard to compromise as the default key.

Compared to the original version of dm-default-key, this has been
modified to use the new vendor-independent inline encryption framework
(which works even when no inline encryption hardware is present), the
table syntax has been changed to match dm-crypt, and support for
specifying Adiantum encryption has been added.  These changes also mean
that dm-default-key now always explicitly specifies the DUN (the IV).

Also, to handle f2fs moving blocks of encrypted files around without the
key, and to handle ext4 and f2fs filesystems mounted without
'-o inlinecrypt', the mapping logic is no longer "set a key on the bio
if it doesn't have one already", but rather "set a key on the bio unless
the bio has the bi_skip_dm_default_key flag set".  Filesystems set this
flag on *all* bios for encrypted file contents, regardless of whether
they are encrypting/decrypting the file using inline encryption or the
traditional filesystem-layer encryption, or moving the raw data.

For the bi_skip_dm_default_key flag, a new field in struct bio is used
rather than a bit in bi_opf so that fscrypt_set_bio_crypt_ctx() can set
the flag, minimizing the changes needed to filesystems.  (bi_opf is
usually overwritten after fscrypt_set_bio_crypt_ctx() is called.)

Bug: 137270441
Bug: 147814592
Change-Id: I69c9cd1e968ccf990e4ad96e5115b662237f5095
Signed-off-by: Eric Biggers <ebiggers@google.com>
2020-01-24 10:52:54 -08:00
..
bcache bcache: at least try to shrink 1 node in bch_mca_scan() 2020-01-04 19:18:11 +01:00
persistent-data dm btree: increase rebalance threshold in __rebalance2() 2019-12-21 11:04:57 +01:00
dm-bio-prison-v1.c
dm-bio-prison-v1.h
dm-bio-prison-v2.c
dm-bio-prison-v2.h
dm-bio-record.h
dm-bow.c ANDROID: dm: enable may_passthrough_inline_crypto on some targets 2020-01-24 10:52:54 -08:00
dm-bufio.c dm bufio: introduce a global cache replacement 2019-09-13 17:00:21 -04:00
dm-builtin.c
dm-cache-background-tracker.c
dm-cache-background-tracker.h
dm-cache-block-types.h
dm-cache-metadata.c dm cache metadata: Fix loading discard bitset 2019-04-18 16:18:25 -04:00
dm-cache-metadata.h
dm-cache-policy-internal.h
dm-cache-policy-smq.c dm: remove unnecessary unlikely() around WARN_ON_ONCE() 2018-10-16 14:34:59 -04:00
dm-cache-policy.c
dm-cache-policy.h
dm-cache-target.c dm cache: fix bugs when a GFP_NOWAIT allocation fails 2019-10-17 11:13:50 -04:00
dm-clone-metadata.c dm clone metadata: Use a two phase commit 2019-12-21 11:05:00 +01:00
dm-clone-metadata.h dm clone metadata: Use a two phase commit 2019-12-21 11:05:00 +01:00
dm-clone-target.c dm clone: Flush destination device before committing metadata 2019-12-21 11:05:01 +01:00
dm-core.h dm: disable DISCARD if the underlying storage no longer supports it 2019-04-04 15:33:59 -04:00
dm-crypt.c Revert "dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues" 2019-11-29 10:09:44 +01:00
dm-default-key.c ANDROID: dm: add dm-default-key target for metadata encryption 2020-01-24 10:52:54 -08:00
dm-delay.c dm delay: fix a crash when invalid device is specified 2019-04-26 11:29:32 -04:00
dm-dust.c dm dust: use dust block size for badblocklist index 2019-08-21 11:27:17 -04:00
dm-era-target.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
dm-exception-store.c
dm-exception-store.h - Improve DM snapshot target's scalability by using finer grained 2019-05-16 15:55:48 -07:00
dm-flakey.c block: rework zone reporting 2020-01-07 16:02:47 -08:00
dm-init.c docs: device-mapper: move it to the admin-guide 2019-07-15 11:03:01 -03:00
dm-integrity.c block: centralize PI remapping logic to the block layer 2019-09-17 20:03:49 -06:00
dm-io.c
dm-ioctl.c dm: introduce DM_GET_TARGET_VERSION 2019-09-16 10:18:01 -04:00
dm-kcopyd.c dm kcopyd: always complete failed jobs 2019-08-15 15:57:39 -04:00
dm-linear.c ANDROID: dm: enable may_passthrough_inline_crypto on some targets 2020-01-24 10:52:54 -08:00
dm-log-userspace-base.c
dm-log-userspace-transfer.c
dm-log-userspace-transfer.h
dm-log-writes.c dm log writes: fix incorrect comment about the logged sequence example 2019-07-09 14:13:33 -04:00
dm-log.c
dm-mpath.c dm mpath: remove harmful bio-based optimization 2019-12-21 11:04:56 +01:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-queue-length.c
dm-raid1.c dm raid1: use struct_size() with kzalloc() 2019-08-26 11:05:32 -04:00
dm-raid.c dm raid: fix updating of max_discard_sectors limit 2019-09-11 16:18:23 -04:00
dm-region-hash.c - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
dm-round-robin.c
dm-rq.c block: Delay default elevator initialization 2019-09-05 19:52:34 -06:00
dm-rq.h dm: remove unused _rq_tio_cache and _rq_cache 2019-03-05 14:48:50 -05:00
dm-service-time.c
dm-snap-persistent.c block: fix an integer overflow in logical block size 2020-01-23 08:22:32 +01:00
dm-snap-transient.c
dm-snap.c dm snapshot: rework COW throttling to fix deadlock 2019-10-10 09:46:05 -04:00
dm-stats.c dm stats: use struct_size() helper 2019-09-04 09:39:22 -04:00
dm-stats.h
dm-stripe.c
dm-switch.c dm switch: use struct_size() in kzalloc() 2019-03-05 14:48:51 -05:00
dm-sysfs.c dm: remove legacy request-based IO path 2018-10-11 11:36:09 -04:00
dm-table.c ANDROID: dm: add support for passing through inline crypto support 2020-01-24 10:52:54 -08:00
dm-target.c dm mpath: fix missing call of path selector type->end_io 2019-04-25 15:38:52 -04:00
dm-thin-metadata.c dm thin metadata: Add support for a pre-commit callback 2019-12-21 11:05:01 +01:00
dm-thin-metadata.h dm thin metadata: Add support for a pre-commit callback 2019-12-21 11:05:01 +01:00
dm-thin.c dm thin: Flush data device before committing metadata 2019-12-21 11:05:03 +01:00
dm-uevent.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
dm-uevent.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
dm-unstripe.c dm: Check for device sector overflow if CONFIG_LBDAF is not set 2018-12-18 09:02:26 -05:00
dm-verity-avb.c ANDROID: AVB error handler to invalidate vbmeta partition. 2019-05-03 10:40:05 -07:00
dm-verity-fec.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
dm-verity-fec.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
dm-verity-target.c Merge 5.4-rc1-prereleae into android-mainline 2019-09-23 14:14:08 +02:00
dm-verity-verify-sig.c dm verity: add root hash pkcs#7 signature verification 2019-08-23 10:13:14 -04:00
dm-verity-verify-sig.h dm verity: add root hash pkcs#7 signature verification 2019-08-23 10:13:14 -04:00
dm-verity.h Merge 5.4-rc1-prereleae into android-mainline 2019-09-23 14:14:08 +02:00
dm-writecache.c dm writecache: handle REQ_FUA 2019-12-17 19:56:11 +01:00
dm-zero.c
dm-zoned-metadata.c Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-5.4.y' into android-5.4 2020-01-15 16:41:51 -08:00
dm-zoned-reclaim.c dm zoned: reduce overhead of backing device checks 2019-12-17 19:56:12 +01:00
dm-zoned-target.c Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-5.4.y' into android-5.4 2020-01-15 16:41:51 -08:00
dm-zoned.h dm zoned: reduce overhead of backing device checks 2019-12-17 19:56:12 +01:00
dm.c ANDROID: dm: add support for passing through inline crypto support 2020-01-24 10:52:54 -08:00
dm.h dm: make dm_table_find_target return NULL 2019-08-23 10:13:12 -04:00
Kconfig ANDROID: dm: add dm-default-key target for metadata encryption 2020-01-24 10:52:54 -08:00
Makefile ANDROID: dm: add dm-default-key target for metadata encryption 2020-01-24 10:52:54 -08:00
md-bitmap.c md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit 2019-12-31 16:44:20 +01:00
md-bitmap.h md: Avoid namespace collision with bitmap API 2018-08-01 15:49:39 -07:00
md-cluster.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 45 2019-05-24 17:27:12 +02:00
md-cluster.h md-cluster: introduce resync_info_get interface for sanity check 2018-10-18 09:36:35 -07:00
md-faulty.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 47 2019-05-24 17:27:13 +02:00
md-linear.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 19:56:14 +01:00
md-linear.h
md-multipath.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 19:56:14 +01:00
md-multipath.h
md.c md: make sure desc_nr less than MD_SB_DISKS 2020-01-04 19:18:34 +01:00
md.h md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 19:56:14 +01:00
raid0.c block: fix an integer overflow in logical block size 2020-01-23 08:22:32 +01:00
raid0.h md/raid0: avoid RAID0 data corruption due to layout confusion. 2019-09-13 13:10:05 -07:00
raid1-10.c md: raid1-10: Unify r{1,10}bio_pool_free 2019-06-15 01:37:35 -06:00
raid1.c md: raid1: check rdev before reference in raid1_sync_request func 2020-01-09 10:19:48 +01:00
raid1.h
raid5-cache.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
raid5-log.h raid5: set write hint for PPL 2019-03-12 10:15:18 -07:00
raid5-ppl.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
raid5.c raid5: need to set STRIPE_HANDLE for batch head 2020-01-09 10:19:48 +01:00
raid5.h raid5: use bio_end_sector in r5_next_bio 2019-09-13 13:14:43 -07:00
raid10.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-12-17 19:56:14 +01:00
raid10.h