From patchwork Mon Feb 2 17:05:11 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Holler X-Patchwork-Id: 5763221 Return-Path: X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 39FB89F336 for ; Mon, 2 Feb 2015 17:06:12 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 529BB2077D for ; Mon, 2 Feb 2015 17:06:11 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3BE562077C for ; Mon, 2 Feb 2015 17:06:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753545AbbBBRFk (ORCPT ); Mon, 2 Feb 2015 12:05:40 -0500 Received: from h1446028.stratoserver.net ([85.214.92.142]:59992 "EHLO mail.ahsoftware.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752875AbbBBRFd (ORCPT ); Mon, 2 Feb 2015 12:05:33 -0500 Received: by mail.ahsoftware.de (Postfix, from userid 65534) id 2F7F92C9C3E9; Mon, 2 Feb 2015 18:05:30 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 Received: from wandq.ahsoftware (p4FC36183.dip0.t-ipconnect.de [79.195.97.131]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.ahsoftware.de (Postfix) with ESMTPSA id 42F602C9C379; Mon, 2 Feb 2015 18:05:29 +0100 (CET) Received: by wandq.ahsoftware (Postfix, from userid 65534) id A29A11E8280; Mon, 2 Feb 2015 18:05:28 +0100 (CET) Received: from krabat.ahsoftware (unknown [192.168.207.2]) by wandq.ahsoftware (Postfix) with ESMTP id DC6DE1E8270; Mon, 2 Feb 2015 17:05:18 +0000 (UTC) From: Alexander Holler To: linux-fsdevel@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Alexander Holler Subject: [PATCH 3/5] WIP: fs: ext4: support unlinkat_s() for secure deletion of files Date: Mon, 2 Feb 2015 18:05:11 +0100 Message-Id: <1422896713-25367-4-git-send-email-holler@ahsoftware.de> X-Mailer: git-send-email 2.1.0 In-Reply-To: <1422896713-25367-1-git-send-email-holler@ahsoftware.de> References: <1422896713-25367-1-git-send-email-holler@ahsoftware.de> Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Signed-off-by: Alexander Holler --- fs/ext4/ext4.h | 2 ++ fs/ext4/mballoc.c | 25 +++++++++++++++++++++++-- fs/ext4/super.c | 12 ++++++++++++ 3 files changed, 37 insertions(+), 2 deletions(-) diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index c55a1fa..e66507c 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -1342,6 +1342,8 @@ struct ext4_sb_info { struct ratelimit_state s_err_ratelimit_state; struct ratelimit_state s_warning_ratelimit_state; struct ratelimit_state s_msg_ratelimit_state; + + atomic_t secure_delete; /* delete blocks securely? */ }; static inline struct ext4_sb_info *EXT4_SB(struct super_block *sb) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index dbfe15c..f33416f 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -2756,6 +2756,19 @@ static inline int ext4_issue_discard(struct super_block *sb, return sb_issue_discard(sb, discard_block, count, GFP_NOFS, 0); } +static inline int ext4_issue_zeroout(struct super_block *sb, + ext4_group_t block_group, ext4_grpblk_t cluster, int count) +{ + ext4_fsblk_t discard_block; + + discard_block = (EXT4_C2B(EXT4_SB(sb), cluster) + + ext4_group_first_block_no(sb, block_group)); + count = EXT4_C2B(EXT4_SB(sb), count); + //trace_ext4_discard_blocks(sb, + // (unsigned long long) discard_block, count); + return sb_issue_zeroout(sb, discard_block, count, GFP_NOFS); +} + /* * This function is called by the jbd2 layer once the commit has finished, * so we know we can free the blocks that were released with that commit. @@ -2764,6 +2777,7 @@ static void ext4_free_data_callback(struct super_block *sb, struct ext4_journal_cb_entry *jce, int rc) { + struct ext4_sb_info *sbi = EXT4_SB(sb); struct ext4_free_data *entry = (struct ext4_free_data *)jce; struct ext4_buddy e4b; struct ext4_group_info *db; @@ -2772,6 +2786,11 @@ static void ext4_free_data_callback(struct super_block *sb, mb_debug(1, "gonna free %u blocks in group %u (0x%p):", entry->efd_count, entry->efd_group, entry); + + // TODO: + // if (atomic_read(&sbi->secure_delete) && secure_trim_available) + // use secure trim + // else if (test_opt(sb, DISCARD)) { err = ext4_issue_discard(sb, entry->efd_group, entry->efd_start_cluster, @@ -2782,8 +2801,10 @@ static void ext4_free_data_callback(struct super_block *sb, " with %d", entry->efd_group, entry->efd_start_cluster, entry->efd_count, err); - } - + } else if (atomic_read(&sbi->secure_delete)) + ext4_issue_zeroout(sb, entry->efd_group, + entry->efd_start_cluster, + entry->efd_count); err = ext4_mb_load_buddy(sb, entry->efd_group, &e4b); /* we expect to find existing buddy because it's pinned */ BUG_ON(err != 0); diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 2c9e686..f87e3ff 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -1100,6 +1100,17 @@ static const struct quotactl_ops ext4_qctl_sysfile_operations = { }; #endif +static void ext4_set_secure_delete(struct super_block *sb, bool secure) +{ + struct ext4_sb_info *sbi = EXT4_SB(sb); + // TODO: will overflow with a very large number of + // concurrent calls of unlinkat_s(). + if (secure) + atomic_inc(&sbi->secure_delete); + else + atomic_dec(&sbi->secure_delete); +} + static const struct super_operations ext4_sops = { .alloc_inode = ext4_alloc_inode, .destroy_inode = ext4_destroy_inode, @@ -1119,6 +1130,7 @@ static const struct super_operations ext4_sops = { .quota_write = ext4_quota_write, #endif .bdev_try_to_free_page = bdev_try_to_free_page, + .set_secure_delete = ext4_set_secure_delete, }; static const struct export_operations ext4_export_ops = {