add patch move-error-report-out-of-atomic-context

[ext4-patch-queue.git] / implement-the-ext4-encryption-write-path

ext4: implement the EXT4 encryption write path

From: Michael Halcrow <mhalcrow@google.com>

Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
 fs/ext4/ext4.h    |   5 ++
 fs/ext4/inode.c   |   5 +-
 fs/ext4/namei.c   |  11 +++-
 fs/ext4/page-io.c | 180 +++++++++++++++++++++++++++++++++++++++++++-----------
 4 files changed, 161 insertions(+), 40 deletions(-)

diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index ef89b61..ca27a7f 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -2807,6 +2807,11 @@ struct page *ext4_encrypt(struct ext4_crypto_ctx *ctx,
 int ext4_decrypt(struct ext4_crypto_ctx *ctx, struct page *page);
 int ext4_get_crypto_key(const struct file *file);
 int ext4_set_crypto_key(struct dentry *dentry);
+static inline bool ext4_is_encryption_enabled(struct ext4_inode_info *ei)
+{
+       return ei->i_encryption_key.mode != EXT4_ENCRYPTION_MODE_INVALID;
+}
+
 
 /*
  * Disable DIO read nolock optimization, so new dioreaders will be forced
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 8a06473..42385c9 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -2431,6 +2431,7 @@ static int ext4_writepages(struct address_space *mapping,
        handle_t *handle = NULL;
        struct mpage_da_data mpd;
        struct inode *inode = mapping->host;
+       struct ext4_inode_info *ei = EXT4_I(inode);
        int needed_blocks, rsv_blocks = 0, ret = 0;
        struct ext4_sb_info *sbi = EXT4_SB(mapping->host->i_sb);
        bool done;
@@ -2447,7 +2448,7 @@ static int ext4_writepages(struct address_space *mapping,
        if (!mapping->nrpages || !mapping_tagged(mapping, PAGECACHE_TAG_DIRTY))
                goto out_writepages;
 
-       if (ext4_should_journal_data(inode)) {
+       if (ext4_should_journal_data(inode) || ext4_is_encryption_enabled(ei)) {
                struct blk_plug plug;
 
                blk_start_plug(&plug);
@@ -3097,6 +3098,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
 {
        struct file *file = iocb->ki_filp;
        struct inode *inode = file->f_mapping->host;
+       struct ext4_inode_info *ei = EXT4_I(inode);
        ssize_t ret;
        size_t count = iov_iter_count(iter);
        int overwrite = 0;
@@ -3173,6 +3175,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
                get_block_func = ext4_get_block_write;
                dio_flags = DIO_LOCKING;
        }
+       BUG_ON(ext4_is_encryption_enabled(ei));
        ret = __blockdev_direct_IO(rw, iocb, inode,
                                   inode->i_sb->s_bdev, iter,
                                   offset,
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 3520ab8..a8ed5d6 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -2238,6 +2238,7 @@ static int ext4_create(struct inode *dir, struct dentry *dentry, umode_t mode,
 {
        handle_t *handle;
        struct inode *inode;
+       struct ext4_sb_info *sbi = EXT4_SB(dir->i_sb);
        int err, credits, retries = 0;
 
        dquot_initialize(dir);
@@ -2254,8 +2255,14 @@ retry:
                inode->i_fop = &ext4_file_operations;
                ext4_set_aops(inode);
                err = ext4_add_nondir(handle, dentry, inode);
-               if (!err && IS_DIRSYNC(dir))
-                       ext4_handle_sync(handle);
+               if (!err) {
+                       if (sbi->s_default_encryption_mode !=
+                           EXT4_ENCRYPTION_MODE_INVALID) {
+                               ext4_set_crypto_key(dentry);
+                       }
+                       if (IS_DIRSYNC(dir))
+                               ext4_handle_sync(handle);
+               }
        }
        if (handle)
                ext4_journal_stop(handle);
diff --git a/fs/ext4/page-io.c b/fs/ext4/page-io.c
index b24a254..872503d 100644
--- a/fs/ext4/page-io.c
+++ b/fs/ext4/page-io.c
@@ -61,6 +61,25 @@ static void buffer_io_error(struct buffer_head *bh)
                        (unsigned long long)bh->b_blocknr);
 }
 
+static void ext4_restore_control_page(struct page *data_page)
+{
+       struct page *control_page = NULL;
+       struct ext4_crypto_ctx *ctx = NULL;
+
+       BUG_ON(!PagePrivate(data_page));
+       ctx = (struct ext4_crypto_ctx *)page_private(data_page);
+       BUG_ON(!ctx);
+       control_page = ctx->control_page;
+       BUG_ON(!control_page);
+       BUG_ON(!page_buffers(control_page));
+       set_bh_to_page(page_buffers(control_page), control_page);
+       set_page_private(data_page, (unsigned long)NULL);
+       ClearPagePrivate(data_page);
+       BUG_ON(!PageLocked(data_page));
+       unlock_page(data_page);
+       ext4_release_crypto_ctx(ctx);
+}
+
 static void ext4_finish_bio(struct bio *bio)
 {
        int i;
@@ -69,6 +88,8 @@ static void ext4_finish_bio(struct bio *bio)
 
        bio_for_each_segment_all(bvec, bio, i) {
                struct page *page = bvec->bv_page;
+               struct page *data_page = NULL;
+               struct ext4_crypto_ctx *ctx = NULL;
                struct buffer_head *bh, *head;
                unsigned bio_start = bvec->bv_offset;
                unsigned bio_end = bio_start + bvec->bv_len;
@@ -78,6 +99,22 @@ static void ext4_finish_bio(struct bio *bio)
                if (!page)
                        continue;
 
+               if (!page->mapping) {
+                       /* The bounce data pages are unmapped. */
+                       data_page = page;
+                       BUG_ON(!PagePrivate(data_page));
+                       ctx = (struct ext4_crypto_ctx *)page_private(data_page);
+                       BUG_ON(!ctx);
+                       page = ctx->control_page;
+                       BUG_ON(!page);
+               } else {
+                       /* TODO(mhalcrow): Remove this else{} for release */
+                       struct inode *inode = page->mapping->host;
+                       struct ext4_inode_info *ei = EXT4_I(inode);
+
+                       BUG_ON(ext4_is_encryption_enabled(ei));
+               }
+
                if (error) {
                        SetPageError(page);
                        set_bit(AS_EIO, &page->mapping->flags);
@@ -102,8 +139,11 @@ static void ext4_finish_bio(struct bio *bio)
                } while ((bh = bh->b_this_page) != head);
                bit_spin_unlock(BH_Uptodate_Lock, &head->b_state);
                local_irq_restore(flags);
-               if (!under_io)
+               if (!under_io) {
+                       if (ctx)
+                               ext4_restore_control_page(data_page);
                        end_page_writeback(page);
+               }
        }
 }
 
@@ -398,40 +438,29 @@ submit_and_retry:
        return 0;
 }
 
-int ext4_bio_write_page(struct ext4_io_submit *io,
-                       struct page *page,
-                       int len,
-                       struct writeback_control *wbc,
-                       bool keep_towrite)
-{
+static void ext4_abort_bio_write(struct page *page,
+                                struct writeback_control *wbc) {
+       struct buffer_head *bh, *head;
+
+       redirty_page_for_writepage(wbc, page);
+       bh = head = page_buffers(page);
+       do {
+               clear_buffer_async_write(bh);
+               bh = bh->b_this_page;
+       } while (bh != head);
+}
+
+static int ext4_bio_write_buffers(struct ext4_io_submit *io,
+                                 struct page *page,
+                                 struct page *data_page,
+                                 int len,
+                                 struct writeback_control *wbc) {
        struct inode *inode = page->mapping->host;
-       unsigned block_start, blocksize;
+       unsigned block_start;
        struct buffer_head *bh, *head;
        int ret = 0;
        int nr_submitted = 0;
 
-       blocksize = 1 << inode->i_blkbits;
-
-       BUG_ON(!PageLocked(page));
-       BUG_ON(PageWriteback(page));
-
-       if (keep_towrite)
-               set_page_writeback_keepwrite(page);
-       else
-               set_page_writeback(page);
-       ClearPageError(page);
-
-       /*
-        * Comments copied from block_write_full_page:
-        *
-        * The page straddles i_size.  It must be zeroed out on each and every
-        * writepage invocation because it may be mmapped.  "A file is mapped
-        * in multiples of the page size.  For a file that is not a multiple of
-        * the page size, the remaining memory is zeroed when mapped, and
-        * writes to that region are not written out to the file."
-        */
-       if (len < PAGE_CACHE_SIZE)
-               zero_user_segment(page, len, PAGE_CACHE_SIZE);
        /*
         * In the first loop we prepare and mark buffers to submit. We have to
         * mark all buffers in the page before submitting so that
@@ -449,7 +478,12 @@ int ext4_bio_write_page(struct ext4_io_submit *io,
                }
                if (!buffer_dirty(bh) || buffer_delay(bh) ||
                    !buffer_mapped(bh) || buffer_unwritten(bh)) {
-                       /* A hole? We can safely clear the dirty bit */
+                       /* A hole? We can safely clear the dirty bit,
+                        * so long as we're not encrypting */
+                       if (data_page) {
+                               BUG_ON(!buffer_dirty(bh));
+                               BUG_ON(!buffer_mapped(bh));
+                       }
                        if (!buffer_mapped(bh))
                                clear_buffer_dirty(bh);
                        if (io->io_bio)
@@ -475,7 +509,6 @@ int ext4_bio_write_page(struct ext4_io_submit *io,
                         * we can do but mark the page as dirty, and
                         * better luck next time.
                         */
-                       redirty_page_for_writepage(wbc, page);
                        break;
                }
                nr_submitted++;
@@ -484,14 +517,87 @@ int ext4_bio_write_page(struct ext4_io_submit *io,
 
        /* Error stopped previous loop? Clean up buffers... */
        if (ret) {
-               do {
-                       clear_buffer_async_write(bh);
-                       bh = bh->b_this_page;
-               } while (bh != head);
+               printk_ratelimited(KERN_ERR "%s: ret = [%d]\n", __func__, ret);
+               ext4_abort_bio_write(page, wbc);
        }
        unlock_page(page);
        /* Nothing submitted - we have to end page writeback */
-       if (!nr_submitted)
+       if (!nr_submitted) {
+               if (data_page)
+                       ext4_restore_control_page(data_page);
                end_page_writeback(page);
+       }
+       return ret;
+}
+
+static int ext4_bio_encrypt_and_write(struct ext4_io_submit *io,
+                                     struct page *control_page,
+                                     struct writeback_control *wbc) {
+       struct page *data_page = NULL;
+       struct ext4_crypto_ctx *ctx = NULL;
+       struct inode *inode = control_page->mapping->host;
+       struct ext4_inode_info *ei = EXT4_I(inode);
+       int res = 0;
+
+       BUG_ON(!ext4_is_encryption_enabled(ei));
+       ctx = ext4_get_crypto_ctx(true, &ei->i_encryption_key);
+       if (IS_ERR(ctx)) {
+               res = PTR_ERR(ctx);
+               goto fail;
+       }
+       data_page = ext4_encrypt(ctx, control_page);
+       if (IS_ERR(data_page)) {
+               res = PTR_ERR(data_page);
+               printk_ratelimited(KERN_ERR
+                                  "%s: ext4_encrypt() returned %d\n",
+                                  __func__, res);
+               goto free_ctx_and_fail;
+       }
+       BUG_ON(PageLocked(data_page));
+       lock_page(data_page);
+       return ext4_bio_write_buffers(io, control_page, data_page,
+                                     PAGE_CACHE_SIZE, wbc);
+free_ctx_and_fail:
+       ext4_release_crypto_ctx(ctx);
+fail:
+       ext4_abort_bio_write(control_page, wbc);
+       end_page_writeback(control_page);
+       return res;
+}
+
+int ext4_bio_write_page(struct ext4_io_submit *io,
+                       struct page *page,
+                       int len,
+                       struct writeback_control *wbc,
+                       bool keep_towrite)
+{
+       struct ext4_inode_info *ei = EXT4_I(page->mapping->host);
+       int ret = 0;
+
+       BUG_ON(!PageLocked(page));
+       BUG_ON(PageWriteback(page));
+       if (keep_towrite)
+               set_page_writeback_keepwrite(page);
+       else
+               set_page_writeback(page);
+       ClearPageError(page);
+
+       /*
+        * Comments copied from block_write_full_page_endio:
+        *
+        * The page straddles i_size.  It must be zeroed out on each and every
+        * writepage invocation because it may be mmapped.  "A file is mapped
+        * in multiples of the page size.  For a file that is not a multiple of
+        * the page size, the remaining memory is zeroed when mapped, and
+        * writes to that region are not written out to the file."
+        */
+       if (len < PAGE_CACHE_SIZE)
+               zero_user_segment(page, len, PAGE_CACHE_SIZE);
+
+       if (ext4_is_encryption_enabled(ei))
+               ret = ext4_bio_encrypt_and_write(io, page, wbc);
+       else
+               ret = ext4_bio_write_buffers(io, page, NULL, len, wbc);
+       unlock_page(page);
        return ret;
 }
-- 
2.1.0.rc2.206.gedb03e5