F2FS currently disables inline data for encrypted regular files because the inline payload is stored in the inode block and does not go through the regular bio-based fscrypt path. This wastes space for small encrypted files on Android devices using F2FS inlinecrypt.
This series adds an encrypted_inline_data on-disk feature for F2FS. With this feature enabled, encrypted regular files may keep small contents in the inode block. The inline payload is encrypted before being stored in the inode and decrypted back into page-cache plaintext on read. The fscrypt changes are scoped to filesystem-managed data-unit crypto. F2FS first asks fscrypt whether the inode's key/policy supports this path. It prepares the software transform only when encrypted inline payloads are read or written. Inlinecrypt support is limited to v2 IV_INO_LBLK_64 and IV_INO_LBLK_32 policies, including the hardware-wrapped key configurations supported by fscrypt. Per-file inlinecrypt keys and DIRECT_KEY policies are not supported for encrypted inline data. The basic encrypted inline-data tests pass. The test creates encrypted small files and verifies that they retain inline data. It also checks normal read/write correctness and confirms from the raw inode block that the inline payload does not contain plaintext. Changes in v3: - Support fscrypt's v2 IV_INO_LBLK_64/32 hardware-wrapped key configurations. - Drop DIRECT_KEY support for encrypted inline data. - Refresh comments and documentation for the updated key support matrix. LiaoYuanhong-vivo (3): fscrypt: prepare software keys for filesystem-managed data units f2fs: support encrypted inline data Documentation: f2fs: document encrypted inline data Documentation/ABI/testing/sysfs-fs-f2fs | 5 +- Documentation/filesystems/f2fs.rst | 30 ++++ fs/crypto/crypto.c | 47 +++++++ fs/crypto/fscrypt_private.h | 3 +- fs/crypto/keysetup.c | 174 ++++++++++++++++++++++++ fs/f2fs/Kconfig | 14 ++ fs/f2fs/data.c | 8 +- fs/f2fs/f2fs.h | 37 ++++- fs/f2fs/file.c | 24 +++- fs/f2fs/inline.c | 134 ++++++++++++++++-- fs/f2fs/super.c | 12 ++ fs/f2fs/sysfs.c | 8 ++ include/linux/fscrypt.h | 24 ++++ 13 files changed, 497 insertions(+), 23 deletions(-) -- 2.34.1
