fscrypt: log when starting to use inline encryption
When inline encryption is used, the usual message "fscrypt: AES-256-XTS using implementation <impl>" doesn't appear in the kernel log. Add a similar message for the blk-crypto case that indicates that inline encryption was used, and whether blk-crypto-fallback was used or not. This can be useful for debugging performance problems. Signed-off-by: Eric Biggers <ebiggers@google.com> Link: https://lore.kernel.org/r/20220414053415.158986-1-ebiggers@kernel.org
This commit is contained in:
parent
63cec1389e
commit
a7a5bc5fe8
|
@ -561,7 +561,9 @@ struct fscrypt_mode {
|
|||
int keysize; /* key size in bytes */
|
||||
int security_strength; /* security strength in bytes */
|
||||
int ivsize; /* IV size in bytes */
|
||||
int logged_impl_name;
|
||||
int logged_cryptoapi_impl;
|
||||
int logged_blk_crypto_native;
|
||||
int logged_blk_crypto_fallback;
|
||||
enum blk_crypto_mode_num blk_crypto_mode;
|
||||
};
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
* provides the key and IV to use.
|
||||
*/
|
||||
|
||||
#include <linux/blk-crypto.h>
|
||||
#include <linux/blk-crypto-profile.h>
|
||||
#include <linux/blkdev.h>
|
||||
#include <linux/buffer_head.h>
|
||||
#include <linux/sched/mm.h>
|
||||
|
@ -64,6 +64,35 @@ static unsigned int fscrypt_get_dun_bytes(const struct fscrypt_info *ci)
|
|||
return DIV_ROUND_UP(lblk_bits, 8);
|
||||
}
|
||||
|
||||
/*
|
||||
* Log a message when starting to use blk-crypto (native) or blk-crypto-fallback
|
||||
* for an encryption mode for the first time. This is the blk-crypto
|
||||
* counterpart to the message logged when starting to use the crypto API for the
|
||||
* first time. A limitation is that these messages don't convey which specific
|
||||
* filesystems or files are using each implementation. However, *usually*
|
||||
* systems use just one implementation per mode, which makes these messages
|
||||
* helpful for debugging problems where the "wrong" implementation is used.
|
||||
*/
|
||||
static void fscrypt_log_blk_crypto_impl(struct fscrypt_mode *mode,
|
||||
struct request_queue **devs,
|
||||
int num_devs,
|
||||
const struct blk_crypto_config *cfg)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < num_devs; i++) {
|
||||
if (!IS_ENABLED(CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK) ||
|
||||
__blk_crypto_cfg_supported(devs[i]->crypto_profile, cfg)) {
|
||||
if (!xchg(&mode->logged_blk_crypto_native, 1))
|
||||
pr_info("fscrypt: %s using blk-crypto (native)\n",
|
||||
mode->friendly_name);
|
||||
} else if (!xchg(&mode->logged_blk_crypto_fallback, 1)) {
|
||||
pr_info("fscrypt: %s using blk-crypto-fallback\n",
|
||||
mode->friendly_name);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Enable inline encryption for this file if supported. */
|
||||
int fscrypt_select_encryption_impl(struct fscrypt_info *ci)
|
||||
{
|
||||
|
@ -117,6 +146,8 @@ int fscrypt_select_encryption_impl(struct fscrypt_info *ci)
|
|||
goto out_free_devs;
|
||||
}
|
||||
|
||||
fscrypt_log_blk_crypto_impl(ci->ci_mode, devs, num_devs, &crypto_cfg);
|
||||
|
||||
ci->ci_inlinecrypt = true;
|
||||
out_free_devs:
|
||||
kfree(devs);
|
||||
|
|
|
@ -94,7 +94,7 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, const u8 *raw_key,
|
|||
mode->cipher_str, PTR_ERR(tfm));
|
||||
return tfm;
|
||||
}
|
||||
if (!xchg(&mode->logged_impl_name, 1)) {
|
||||
if (!xchg(&mode->logged_cryptoapi_impl, 1)) {
|
||||
/*
|
||||
* fscrypt performance can vary greatly depending on which
|
||||
* crypto algorithm implementation is used. Help people debug
|
||||
|
|
Loading…
Reference in New Issue