[f2fs-dev] [PATCH 06/10] fs crypto: add Makefile and Kconfig

[Jaegeuk Kim]

This patch adds a facility to enable per-file encryption.

Arnd fixes a missing CONFIG_BLOCK check in the original patch.
"The newly added generic crypto abstraction for file systems operates
on 'struct bio' objects, which do not exist when CONFIG_BLOCK is
disabled:

fs/crypto/crypto.c: In function 'fscrypt_zeroout_range':
fs/crypto/crypto.c:308:9: error: implicit declaration of function 'bio_alloc' 
[-Werror=implicit-function-declaration]

This adds a Kconfig dependency that prevents FS_ENCRYPTION from being
enabled without BLOCK."

Signed-off-by: Arnd Bergmann 
Signed-off-by: Jaegeuk Kim 
---
 fs/Kconfig |  2 ++
 fs/Makefile|  1 +
 fs/crypto/Kconfig  | 18 ++
 fs/crypto/Makefile |  3 +++
 4 files changed, 24 insertions(+)
 create mode 100644 fs/crypto/Kconfig
 create mode 100644 fs/crypto/Makefile

diff --git a/fs/Kconfig b/fs/Kconfig
index 9adee0d..9d75767 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -84,6 +84,8 @@ config MANDATORY_FILE_LOCKING
 
  To the best of my knowledge this is dead code that no one cares about.
 
+source "fs/crypto/Kconfig"
+
 source "fs/notify/Kconfig"
 
 source "fs/quota/Kconfig"
diff --git a/fs/Makefile b/fs/Makefile
index 79f5225..252c968 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -30,6 +30,7 @@ obj-$(CONFIG_EVENTFD) += eventfd.o
 obj-$(CONFIG_USERFAULTFD)  += userfaultfd.o
 obj-$(CONFIG_AIO)   += aio.o
 obj-$(CONFIG_FS_DAX)   += dax.o
+obj-$(CONFIG_FS_ENCRYPTION)+= crypto/
 obj-$(CONFIG_FILE_LOCKING)  += locks.o
 obj-$(CONFIG_COMPAT)   += compat.o compat_ioctl.o
 obj-$(CONFIG_BINFMT_AOUT)  += binfmt_aout.o
diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
new file mode 100644
index 000..92348fa
--- /dev/null
+++ b/fs/crypto/Kconfig
@@ -0,0 +1,18 @@
+config FS_ENCRYPTION
+   tristate "FS Encryption (Per-file encryption)"
+   depends on BLOCK
+   select CRYPTO
+   select CRYPTO_AES
+   select CRYPTO_CBC
+   select CRYPTO_ECB
+   select CRYPTO_XTS
+   select CRYPTO_CTS
+   select CRYPTO_CTR
+   select CRYPTO_SHA256
+   select KEYS
+   select ENCRYPTED_KEYS
+   help
+ Enable encryption of files and directories.  This
+ feature is similar to ecryptfs, but it is more memory
+ efficient since it avoids caching the encrypted and
+ decrypted pages in the page cache.
diff --git a/fs/crypto/Makefile b/fs/crypto/Makefile
new file mode 100644
index 000..f17684c
--- /dev/null
+++ b/fs/crypto/Makefile
@@ -0,0 +1,3 @@
+obj-$(CONFIG_FS_ENCRYPTION)+= fscrypto.o
+
+fscrypto-y := crypto.o fname.o policy.o keyinfo.o
-- 
2.6.3


--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151=/4140
___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

Re: [f2fs-dev] [PATCH 06/10] fs crypto: add Makefile and Kconfig

[Randy Dunlap]

On 02/29/16 18:04, Jaegeuk Kim wrote:
> On Sun, Feb 28, 2016 at 09:39:39PM -0800, Randy Dunlap wrote:
>> On 02/25/16 11:26, Jaegeuk Kim wrote:
>>> This patch adds a facility to enable per-file encryption.
>>>
>>> Arnd fixes a missing CONFIG_BLOCK check in the original patch.
>>> "The newly added generic crypto abstraction for file systems operates
>>> on 'struct bio' objects, which do not exist when CONFIG_BLOCK is
>>> disabled:
>>>
>>> fs/crypto/crypto.c: In function 'fscrypt_zeroout_range':
>>> fs/crypto/crypto.c:308:9: error: implicit declaration of function 
>>> 'bio_alloc' [-Werror=implicit-function-declaration]
>>>
>>> This adds a Kconfig dependency that prevents FS_ENCRYPTION from being
>>> enabled without BLOCK."
>>>
>>> Signed-off-by: Arnd Bergmann 
>>> Signed-off-by: Jaegeuk Kim 
>>> ---
>>>  fs/Kconfig |  2 ++
>>>  fs/Makefile|  1 +
>>>  fs/crypto/Kconfig  | 17 +
>>>  fs/crypto/Makefile |  2 ++
>>>  4 files changed, 22 insertions(+)
>>>  create mode 100644 fs/crypto/Kconfig
>>>  create mode 100644 fs/crypto/Makefile
>>>
>>> diff --git a/fs/Kconfig b/fs/Kconfig
>>> index 9adee0d..9d75767 100644
>>> --- a/fs/Kconfig
>>> +++ b/fs/Kconfig
>>> @@ -84,6 +84,8 @@ config MANDATORY_FILE_LOCKING
>>>  
>>>   To the best of my knowledge this is dead code that no one cares about.
>>>  
>>> +source "fs/crypto/Kconfig"
>>> +
>>>  source "fs/notify/Kconfig"
>>>  
>>>  source "fs/quota/Kconfig"
>>> diff --git a/fs/Makefile b/fs/Makefile
>>> index 79f5225..47571e2 100644
>>> --- a/fs/Makefile
>>> +++ b/fs/Makefile
>>> @@ -30,6 +30,7 @@ obj-$(CONFIG_EVENTFD) += eventfd.o
>>>  obj-$(CONFIG_USERFAULTFD)  += userfaultfd.o
>>>  obj-$(CONFIG_AIO)   += aio.o
>>>  obj-$(CONFIG_FS_DAX)   += dax.o
>>> +obj-y  += crypto/
>>>  obj-$(CONFIG_FILE_LOCKING)  += locks.o
>>>  obj-$(CONFIG_COMPAT)   += compat.o compat_ioctl.o
>>>  obj-$(CONFIG_BINFMT_AOUT)  += binfmt_aout.o
>>> diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
>>> new file mode 100644
>>> index 000..9bea124e
>>> --- /dev/null
>>> +++ b/fs/crypto/Kconfig
>>> @@ -0,0 +1,17 @@
>>> +config FS_ENCRYPTION
>>> +   bool "FS Encryption (Per-file encryption)"
>>> +   depends on BLOCK
>>
>>  depends on CRYPTO
> 
> This complains recursive dependency limitations, and I checked out that below
> ENCRYPTED_KEYS in security/keys/Kconfig selects CRYPTO.

I guess that this one also needs to select CRYPTO then.

> Thanks,
> 
>> since all of the CRYPTO_xxx below also depend on CRYPTO.
>>
>>> +   select CRYPTO_AES
>>> +   select CRYPTO_CBC
>>> +   select CRYPTO_ECB
>>> +   select CRYPTO_XTS
>>> +   select CRYPTO_CTS
>>> +   select CRYPTO_CTR
>>> +   select CRYPTO_SHA256
>>> +   select KEYS
>>> +   select ENCRYPTED_KEYS
>>> +   help
>>> + Enable encryption of files and directories.  This
>>> + feature is similar to ecryptfs, but it is more memory
>>> + efficient since it avoids caching the encrypted and
>>> + decrypted pages in the page cache.
>>> diff --git a/fs/crypto/Makefile b/fs/crypto/Makefile
>>> new file mode 100644
>>> index 000..f9f68cd
>>> --- /dev/null
>>> +++ b/fs/crypto/Makefile
>>> @@ -0,0 +1,2 @@
>>> +obj-y += fname.o
>>> +obj-$(CONFIG_FS_ENCRYPTION)+= crypto.o policy.o keyinfo.o
>>>
>>
>>
>> -- 
>> ~Randy


-- 
~Randy

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151=/4140
___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

Re: [f2fs-dev] [PATCH 06/10] fs crypto: add Makefile and Kconfig

[Jaegeuk Kim]

On Sun, Feb 28, 2016 at 09:39:39PM -0800, Randy Dunlap wrote:
> On 02/25/16 11:26, Jaegeuk Kim wrote:
> > This patch adds a facility to enable per-file encryption.
> > 
> > Arnd fixes a missing CONFIG_BLOCK check in the original patch.
> > "The newly added generic crypto abstraction for file systems operates
> > on 'struct bio' objects, which do not exist when CONFIG_BLOCK is
> > disabled:
> > 
> > fs/crypto/crypto.c: In function 'fscrypt_zeroout_range':
> > fs/crypto/crypto.c:308:9: error: implicit declaration of function 
> > 'bio_alloc' [-Werror=implicit-function-declaration]
> > 
> > This adds a Kconfig dependency that prevents FS_ENCRYPTION from being
> > enabled without BLOCK."
> > 
> > Signed-off-by: Arnd Bergmann 
> > Signed-off-by: Jaegeuk Kim 
> > ---
> >  fs/Kconfig |  2 ++
> >  fs/Makefile|  1 +
> >  fs/crypto/Kconfig  | 17 +
> >  fs/crypto/Makefile |  2 ++
> >  4 files changed, 22 insertions(+)
> >  create mode 100644 fs/crypto/Kconfig
> >  create mode 100644 fs/crypto/Makefile
> > 
> > diff --git a/fs/Kconfig b/fs/Kconfig
> > index 9adee0d..9d75767 100644
> > --- a/fs/Kconfig
> > +++ b/fs/Kconfig
> > @@ -84,6 +84,8 @@ config MANDATORY_FILE_LOCKING
> >  
> >   To the best of my knowledge this is dead code that no one cares about.
> >  
> > +source "fs/crypto/Kconfig"
> > +
> >  source "fs/notify/Kconfig"
> >  
> >  source "fs/quota/Kconfig"
> > diff --git a/fs/Makefile b/fs/Makefile
> > index 79f5225..47571e2 100644
> > --- a/fs/Makefile
> > +++ b/fs/Makefile
> > @@ -30,6 +30,7 @@ obj-$(CONFIG_EVENTFD) += eventfd.o
> >  obj-$(CONFIG_USERFAULTFD)  += userfaultfd.o
> >  obj-$(CONFIG_AIO)   += aio.o
> >  obj-$(CONFIG_FS_DAX)   += dax.o
> > +obj-y  += crypto/
> >  obj-$(CONFIG_FILE_LOCKING)  += locks.o
> >  obj-$(CONFIG_COMPAT)   += compat.o compat_ioctl.o
> >  obj-$(CONFIG_BINFMT_AOUT)  += binfmt_aout.o
> > diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
> > new file mode 100644
> > index 000..9bea124e
> > --- /dev/null
> > +++ b/fs/crypto/Kconfig
> > @@ -0,0 +1,17 @@
> > +config FS_ENCRYPTION
> > +   bool "FS Encryption (Per-file encryption)"
> > +   depends on BLOCK
> 
>   depends on CRYPTO

This complains recursive dependency limitations, and I checked out that below
ENCRYPTED_KEYS in security/keys/Kconfig selects CRYPTO.

Thanks,

> since all of the CRYPTO_xxx below also depend on CRYPTO.
> 
> > +   select CRYPTO_AES
> > +   select CRYPTO_CBC
> > +   select CRYPTO_ECB
> > +   select CRYPTO_XTS
> > +   select CRYPTO_CTS
> > +   select CRYPTO_CTR
> > +   select CRYPTO_SHA256
> > +   select KEYS
> > +   select ENCRYPTED_KEYS
> > +   help
> > + Enable encryption of files and directories.  This
> > + feature is similar to ecryptfs, but it is more memory
> > + efficient since it avoids caching the encrypted and
> > + decrypted pages in the page cache.
> > diff --git a/fs/crypto/Makefile b/fs/crypto/Makefile
> > new file mode 100644
> > index 000..f9f68cd
> > --- /dev/null
> > +++ b/fs/crypto/Makefile
> > @@ -0,0 +1,2 @@
> > +obj-y += fname.o
> > +obj-$(CONFIG_FS_ENCRYPTION)+= crypto.o policy.o keyinfo.o
> > 
> 
> 
> -- 
> ~Randy

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151=/4140
___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

Re: [f2fs-dev] [PATCH 06/10] fs crypto: add Makefile and Kconfig

[Randy Dunlap]

On 02/25/16 11:26, Jaegeuk Kim wrote:
> This patch adds a facility to enable per-file encryption.
> 
> Arnd fixes a missing CONFIG_BLOCK check in the original patch.
> "The newly added generic crypto abstraction for file systems operates
> on 'struct bio' objects, which do not exist when CONFIG_BLOCK is
> disabled:
> 
> fs/crypto/crypto.c: In function 'fscrypt_zeroout_range':
> fs/crypto/crypto.c:308:9: error: implicit declaration of function 'bio_alloc' 
> [-Werror=implicit-function-declaration]
> 
> This adds a Kconfig dependency that prevents FS_ENCRYPTION from being
> enabled without BLOCK."
> 
> Signed-off-by: Arnd Bergmann 
> Signed-off-by: Jaegeuk Kim 
> ---
>  fs/Kconfig |  2 ++
>  fs/Makefile|  1 +
>  fs/crypto/Kconfig  | 17 +
>  fs/crypto/Makefile |  2 ++
>  4 files changed, 22 insertions(+)
>  create mode 100644 fs/crypto/Kconfig
>  create mode 100644 fs/crypto/Makefile
> 
> diff --git a/fs/Kconfig b/fs/Kconfig
> index 9adee0d..9d75767 100644
> --- a/fs/Kconfig
> +++ b/fs/Kconfig
> @@ -84,6 +84,8 @@ config MANDATORY_FILE_LOCKING
>  
> To the best of my knowledge this is dead code that no one cares about.
>  
> +source "fs/crypto/Kconfig"
> +
>  source "fs/notify/Kconfig"
>  
>  source "fs/quota/Kconfig"
> diff --git a/fs/Makefile b/fs/Makefile
> index 79f5225..47571e2 100644
> --- a/fs/Makefile
> +++ b/fs/Makefile
> @@ -30,6 +30,7 @@ obj-$(CONFIG_EVENTFD)   += eventfd.o
>  obj-$(CONFIG_USERFAULTFD)+= userfaultfd.o
>  obj-$(CONFIG_AIO)   += aio.o
>  obj-$(CONFIG_FS_DAX) += dax.o
> +obj-y+= crypto/
>  obj-$(CONFIG_FILE_LOCKING)  += locks.o
>  obj-$(CONFIG_COMPAT) += compat.o compat_ioctl.o
>  obj-$(CONFIG_BINFMT_AOUT)+= binfmt_aout.o
> diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
> new file mode 100644
> index 000..9bea124e
> --- /dev/null
> +++ b/fs/crypto/Kconfig
> @@ -0,0 +1,17 @@
> +config FS_ENCRYPTION
> + bool "FS Encryption (Per-file encryption)"
> + depends on BLOCK

depends on CRYPTO
since all of the CRYPTO_xxx below also depend on CRYPTO.

> + select CRYPTO_AES
> + select CRYPTO_CBC
> + select CRYPTO_ECB
> + select CRYPTO_XTS
> + select CRYPTO_CTS
> + select CRYPTO_CTR
> + select CRYPTO_SHA256
> + select KEYS
> + select ENCRYPTED_KEYS
> + help
> +   Enable encryption of files and directories.  This
> +   feature is similar to ecryptfs, but it is more memory
> +   efficient since it avoids caching the encrypted and
> +   decrypted pages in the page cache.
> diff --git a/fs/crypto/Makefile b/fs/crypto/Makefile
> new file mode 100644
> index 000..f9f68cd
> --- /dev/null
> +++ b/fs/crypto/Makefile
> @@ -0,0 +1,2 @@
> +obj-y += fname.o
> +obj-$(CONFIG_FS_ENCRYPTION)  += crypto.o policy.o keyinfo.o
> 


-- 
~Randy

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151=/4140
___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

[f2fs-dev] [PATCH 06/10] fs crypto: add Makefile and Kconfig

[Jaegeuk Kim]

This patch adds a facility to enable per-file encryption.

Arnd fixes a missing CONFIG_BLOCK check in the original patch.
"The newly added generic crypto abstraction for file systems operates
on 'struct bio' objects, which do not exist when CONFIG_BLOCK is
disabled:

fs/crypto/crypto.c: In function 'fscrypt_zeroout_range':
fs/crypto/crypto.c:308:9: error: implicit declaration of function 'bio_alloc' 
[-Werror=implicit-function-declaration]

This adds a Kconfig dependency that prevents FS_ENCRYPTION from being
enabled without BLOCK."

Signed-off-by: Arnd Bergmann 
Signed-off-by: Jaegeuk Kim 
---
 fs/Kconfig |  2 ++
 fs/Makefile|  1 +
 fs/crypto/Kconfig  | 17 +
 fs/crypto/Makefile |  2 ++
 4 files changed, 22 insertions(+)
 create mode 100644 fs/crypto/Kconfig
 create mode 100644 fs/crypto/Makefile

diff --git a/fs/Kconfig b/fs/Kconfig
index 9adee0d..9d75767 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -84,6 +84,8 @@ config MANDATORY_FILE_LOCKING
 
  To the best of my knowledge this is dead code that no one cares about.
 
+source "fs/crypto/Kconfig"
+
 source "fs/notify/Kconfig"
 
 source "fs/quota/Kconfig"
diff --git a/fs/Makefile b/fs/Makefile
index 79f5225..47571e2 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -30,6 +30,7 @@ obj-$(CONFIG_EVENTFD) += eventfd.o
 obj-$(CONFIG_USERFAULTFD)  += userfaultfd.o
 obj-$(CONFIG_AIO)   += aio.o
 obj-$(CONFIG_FS_DAX)   += dax.o
+obj-y  += crypto/
 obj-$(CONFIG_FILE_LOCKING)  += locks.o
 obj-$(CONFIG_COMPAT)   += compat.o compat_ioctl.o
 obj-$(CONFIG_BINFMT_AOUT)  += binfmt_aout.o
diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
new file mode 100644
index 000..9bea124e
--- /dev/null
+++ b/fs/crypto/Kconfig
@@ -0,0 +1,17 @@
+config FS_ENCRYPTION
+   bool "FS Encryption (Per-file encryption)"
+   depends on BLOCK
+   select CRYPTO_AES
+   select CRYPTO_CBC
+   select CRYPTO_ECB
+   select CRYPTO_XTS
+   select CRYPTO_CTS
+   select CRYPTO_CTR
+   select CRYPTO_SHA256
+   select KEYS
+   select ENCRYPTED_KEYS
+   help
+ Enable encryption of files and directories.  This
+ feature is similar to ecryptfs, but it is more memory
+ efficient since it avoids caching the encrypted and
+ decrypted pages in the page cache.
diff --git a/fs/crypto/Makefile b/fs/crypto/Makefile
new file mode 100644
index 000..f9f68cd
--- /dev/null
+++ b/fs/crypto/Makefile
@@ -0,0 +1,2 @@
+obj-y += fname.o
+obj-$(CONFIG_FS_ENCRYPTION)+= crypto.o policy.o keyinfo.o
-- 
2.6.3


--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151=/4140
___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel