From patchwork Tue Sep 6 00:01:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sweet Tea Dorminy X-Patchwork-Id: 12966634 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 08046ECAAD3 for ; Tue, 6 Sep 2022 00:01:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232392AbiIFAB1 (ORCPT ); Mon, 5 Sep 2022 20:01:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33060 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231154AbiIFABY (ORCPT ); Mon, 5 Sep 2022 20:01:24 -0400 Received: from box.fidei.email (box.fidei.email [71.19.144.250]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F6D167445 for ; Mon, 5 Sep 2022 17:01:22 -0700 (PDT) Received: from authenticated-user (box.fidei.email [71.19.144.250]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by box.fidei.email (Postfix) with ESMTPSA id A8DCD80C62; Mon, 5 Sep 2022 20:01:21 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dorminy.me; s=mail; t=1662422482; bh=JFniCN5L1K8BAzx5WOxarzXXm+YmrtDsHgkeQBt40Bw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Gu01ywtIJeHajuTOKJ+aeXdjbdexUgqymjKXUmrG+hY7/WQ02qT7vbEPBlwGSUYFI IJZ4uqsKv1JDyhyQdMqquaJYl/VxDQ3+WdZCebvpqlF+yVtYjo72FUFXWUkVSjpJTj qoNePX8L+DXkhDfrSX8Axl0sOJSoIenj3+tNvwBtrIB27nFGG5oDyumM5xpH+JC2e3 Hgl3ffVCZtlGcgvSxtS0Lk6AK6UhJF73jQG18oikunaAqOdZwROejQOk6oxupCjX1P ibHh17erivP65w2Ew1uKGuLTc5pMVQQb1YZvwW0mFb3p0gWdX3gEtQqtqS7YkgI/jt 9K2d7lA/gexgg== From: Sweet Tea Dorminy To: linux-btrfs@vger.kernel.org, kernel-team@fb.com Cc: Sweet Tea Dorminy Subject: [PATCH 1/6] btrfs-progs: add fscrypt support to mkfs. Date: Mon, 5 Sep 2022 20:01:02 -0400 Message-Id: <1c087f585f2a82b295587ae37931714578cf2514.1662417859.git.sweettea-kernel@dorminy.me> In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Add a new experimental option to allow use of encryption. Arguably, since older kernels can technically read non-encrypted parts of an encrypted filesystem, perhaps this doesn't need to be an incompat feature. Signed-off-by: Sweet Tea Dorminy --- common/fsfeatures.c | 10 ++++++++++ kernel-shared/ctree.h | 4 +++- libbtrfsutil/btrfs.h | 2 ++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/common/fsfeatures.c b/common/fsfeatures.c index 90704959..ea185a3c 100644 --- a/common/fsfeatures.c +++ b/common/fsfeatures.c @@ -143,6 +143,16 @@ static const struct btrfs_feature mkfs_features[] = { .desc = "new extent tree format" }, #endif + { + .name = "encrypt", + .flag = BTRFS_FEATURE_INCOMPAT_FSCRYPT, + .sysfs_name = "fscrypt", + VERSION_TO_STRING2(compat, 5,19), + VERSION_NULL(safe), + VERSION_NULL(default), + .desc = "fs-level encryption" + }, + /* Keep this one last */ { .name = "list-all", diff --git a/kernel-shared/ctree.h b/kernel-shared/ctree.h index be39448f..e464f399 100644 --- a/kernel-shared/ctree.h +++ b/kernel-shared/ctree.h @@ -515,6 +515,7 @@ BUILD_ASSERT(sizeof(struct btrfs_super_block) == BTRFS_SUPER_INFO_SIZE); #define BTRFS_FEATURE_INCOMPAT_RAID1C34 (1ULL << 11) #define BTRFS_FEATURE_INCOMPAT_ZONED (1ULL << 12) #define BTRFS_FEATURE_INCOMPAT_EXTENT_TREE_V2 (1ULL << 13) +#define BTRFS_FEATURE_INCOMPAT_FSCRYPT (1ULL << 14) #define BTRFS_FEATURE_COMPAT_SUPP 0ULL @@ -544,7 +545,8 @@ BUILD_ASSERT(sizeof(struct btrfs_super_block) == BTRFS_SUPER_INFO_SIZE); BTRFS_FEATURE_INCOMPAT_RAID1C34 | \ BTRFS_FEATURE_INCOMPAT_METADATA_UUID | \ BTRFS_FEATURE_INCOMPAT_ZONED | \ - BTRFS_FEATURE_INCOMPAT_EXTENT_TREE_V2) + BTRFS_FEATURE_INCOMPAT_EXTENT_TREE_V2 | \ + BTRFS_FEATURE_INCOMPAT_FSCRYPT) #else #define BTRFS_FEATURE_INCOMPAT_SUPP \ (BTRFS_FEATURE_INCOMPAT_MIXED_BACKREF | \ diff --git a/libbtrfsutil/btrfs.h b/libbtrfsutil/btrfs.h index 0d863d58..3d67f251 100644 --- a/libbtrfsutil/btrfs.h +++ b/libbtrfsutil/btrfs.h @@ -277,6 +277,8 @@ struct btrfs_ioctl_fs_info_args { #define BTRFS_FEATURE_INCOMPAT_RAID1C34 (1ULL << 11) #define BTRFS_FEATURE_INCOMPAT_ZONED (1ULL << 12) +#define BTRFS_FEATURE_INCOMPAT_FSCRYPT (1ULL << 14) + struct btrfs_ioctl_feature_flags { __u64 compat_flags; __u64 compat_ro_flags; From patchwork Tue Sep 6 00:01:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sweet Tea Dorminy X-Patchwork-Id: 12966635 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36DB8C54EE9 for ; Tue, 6 Sep 2022 00:01:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232516AbiIFAB3 (ORCPT ); Mon, 5 Sep 2022 20:01:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33074 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232432AbiIFAB1 (ORCPT ); Mon, 5 Sep 2022 20:01:27 -0400 Received: from box.fidei.email (box.fidei.email [IPv6:2605:2700:0:2:a800:ff:feba:dc44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D20367445 for ; Mon, 5 Sep 2022 17:01:25 -0700 (PDT) Received: from authenticated-user (box.fidei.email [71.19.144.250]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by box.fidei.email (Postfix) with ESMTPSA id 9F37680C62; Mon, 5 Sep 2022 20:01:24 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dorminy.me; s=mail; t=1662422485; bh=z2B3cii6hw+ERAyyUNCqfqyLqoTQK7FKC+76yIbqfdU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=PLUlIHz68WE+Hnc/L7gZ72bgB8AXdVumkpRML/jQpfiBFm3mVAD212k9AkYymIK3s wB4DK1ouJB9mKxsEodEfy/AmYIzG+CwSkk9BSuLfTq3CdqX4lUvAChU0HfLs9TTQU6 xcoMKlsdT7qfQGFyfq1V5i3unN0A8F72pnYyF6FE39pE+k57QYAdoj9jHEQb6r69GM jdsKRqGJdkhw9g2jGARjdQlBbTjy9dqSUsIe8//kMGqU2IfisIr7ZIBt5/xYfIPQRC 42w7wXLQwlPfFIDKo+S19V3JwLL94VLq0mtetWlhvki6Q6P8zlI5727xwf1JErpwUF vkYfjRfDBbtZA== From: Sweet Tea Dorminy To: linux-btrfs@vger.kernel.org, kernel-team@fb.com Cc: Sweet Tea Dorminy Subject: [PATCH 2/6] btrfs-progs: update to match renamed dir_type Date: Mon, 5 Sep 2022 20:01:03 -0400 Message-Id: In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org For directories with encrypted files/filenames, we store a flag indicating this fact in the top bit of dir_type. Since it's now a combination of type and flags, we rename it to dir_flags to reflect its new usage. The new flag, FT_FSCRYPT, indicates a (perhaps partially) encrypted directory, which is orthogonal to file type; therefore, add the new flag, and make conversion from directory type to file type strip the flag. Signed-off-by: Sweet Tea Dorminy --- check/main.c | 4 ++-- check/mode-common.c | 4 ++-- check/mode-lowmem.c | 6 +++--- cmds/restore.c | 2 +- common/fsfeatures.c | 2 +- kernel-shared/ctree.h | 21 ++++++++++++++++++--- kernel-shared/dir-item.c | 8 ++++---- kernel-shared/inode.c | 4 +++- kernel-shared/print-tree.c | 2 +- libbtrfsutil/btrfs_tree.h | 3 +++ 10 files changed, 38 insertions(+), 18 deletions(-) diff --git a/check/main.c b/check/main.c index c3359574..3b133105 100644 --- a/check/main.c +++ b/check/main.c @@ -1421,7 +1421,7 @@ static int process_dir_item(struct extent_buffer *eb, btrfs_dir_item_key_to_cpu(eb, di, &location); name_len = btrfs_dir_name_len(eb, di); data_len = btrfs_dir_data_len(eb, di); - filetype = btrfs_dir_type(eb, di); + filetype = btrfs_dir_flags_to_ftype(btrfs_dir_flags(eb, di)); rec->found_size += name_len; if (cur + sizeof(*di) + name_len > total || @@ -2125,7 +2125,7 @@ static int add_missing_dir_index(struct btrfs_root *root, disk_key.offset = 0; btrfs_set_dir_item_key(leaf, dir_item, &disk_key); - btrfs_set_dir_type(leaf, dir_item, imode_to_type(rec->imode)); + btrfs_set_dir_flags(leaf, dir_item, imode_to_type(rec->imode)); btrfs_set_dir_data_len(leaf, dir_item, 0); btrfs_set_dir_name_len(leaf, dir_item, backref->namelen); name_ptr = (unsigned long)(dir_item + 1); diff --git a/check/mode-common.c b/check/mode-common.c index b867c350..0c5c7d6d 100644 --- a/check/mode-common.c +++ b/check/mode-common.c @@ -754,7 +754,7 @@ static int find_file_type_dir_index(struct btrfs_root *root, u64 ino, u64 dirid, if (location.objectid != ino || location.type != BTRFS_INODE_ITEM_KEY || location.offset != 0) goto out; - filetype = btrfs_dir_type(path.nodes[0], di); + filetype = btrfs_dir_flags_to_ftype(btrfs_dir_flags(path.nodes[0], di)); if (filetype >= BTRFS_FT_MAX || filetype == BTRFS_FT_UNKNOWN) goto out; len = min_t(u32, BTRFS_NAME_LEN, @@ -813,7 +813,7 @@ static int find_file_type_dir_item(struct btrfs_root *root, u64 ino, u64 dirid, location.type != BTRFS_INODE_ITEM_KEY || location.offset != 0) continue; - filetype = btrfs_dir_type(path.nodes[0], di); + filetype = btrfs_dir_flags_to_ftype(btrfs_dir_flags(path.nodes[0], di)); if (filetype >= BTRFS_FT_MAX || filetype == BTRFS_FT_UNKNOWN) continue; len = min_t(u32, BTRFS_NAME_LEN, diff --git a/check/mode-lowmem.c b/check/mode-lowmem.c index db650ae7..6ab709ea 100644 --- a/check/mode-lowmem.c +++ b/check/mode-lowmem.c @@ -857,7 +857,7 @@ loop: location.offset != 0) goto next; - filetype = btrfs_dir_type(node, di); + filetype = btrfs_dir_flags_to_ftype(btrfs_dir_flags(node, di)); if (file_type != filetype) goto next; @@ -955,7 +955,7 @@ static int find_dir_item(struct btrfs_root *root, struct btrfs_key *key, location.offset != location_key->offset) goto next; - filetype = btrfs_dir_type(node, di); + filetype = btrfs_dir_flags_to_ftype(btrfs_dir_flags(node, di)); if (file_type != filetype) goto next; @@ -1745,7 +1745,7 @@ begin: (*size) += name_len; read_extent_buffer(node, namebuf, (unsigned long)(di + 1), len); - filetype = btrfs_dir_type(node, di); + filetype = btrfs_dir_flags_to_ftype(btrfs_dir_flags(node, di)); if (di_key->type == BTRFS_DIR_ITEM_KEY && di_key->offset != btrfs_name_hash(namebuf, len)) { diff --git a/cmds/restore.c b/cmds/restore.c index b517c30c..84cc0724 100644 --- a/cmds/restore.c +++ b/cmds/restore.c @@ -991,7 +991,7 @@ static int search_dir(struct btrfs_root *root, struct btrfs_key *key, name_len = btrfs_dir_name_len(leaf, dir_item); read_extent_buffer(leaf, filename, name_ptr, name_len); filename[name_len] = '\0'; - type = btrfs_dir_type(leaf, dir_item); + type = btrfs_dir_flags_to_ftype(btrfs_dir_flags(leaf, dir_item)); btrfs_dir_item_key_to_cpu(leaf, dir_item, &location); /* full path from root of btrfs being restored */ diff --git a/common/fsfeatures.c b/common/fsfeatures.c index ea185a3c..cc143026 100644 --- a/common/fsfeatures.c +++ b/common/fsfeatures.c @@ -147,7 +147,7 @@ static const struct btrfs_feature mkfs_features[] = { .name = "encrypt", .flag = BTRFS_FEATURE_INCOMPAT_FSCRYPT, .sysfs_name = "fscrypt", - VERSION_TO_STRING2(compat, 5,19), + VERSION_TO_STRING2(compat, 5, 19), VERSION_NULL(safe), VERSION_NULL(default), .desc = "fs-level encryption" diff --git a/kernel-shared/ctree.h b/kernel-shared/ctree.h index e464f399..d8f81610 100644 --- a/kernel-shared/ctree.h +++ b/kernel-shared/ctree.h @@ -176,6 +176,14 @@ enum btrfs_csum_type { #define BTRFS_FT_XATTR 8 #define BTRFS_FT_MAX 9 +/* Name is encrypted */ +#define BTRFS_FT_FSCRYPT_NAME 0x80 + +static inline __u8 btrfs_dir_flags_to_ftype(__u8 flags) +{ + return flags & ~BTRFS_FT_FSCRYPT_NAME; +} + #define BTRFS_ROOT_SUBVOL_RDONLY (1ULL << 0) /* @@ -561,7 +569,8 @@ BUILD_ASSERT(sizeof(struct btrfs_super_block) == BTRFS_SUPER_INFO_SIZE); BTRFS_FEATURE_INCOMPAT_NO_HOLES | \ BTRFS_FEATURE_INCOMPAT_RAID1C34 | \ BTRFS_FEATURE_INCOMPAT_METADATA_UUID | \ - BTRFS_FEATURE_INCOMPAT_ZONED) + BTRFS_FEATURE_INCOMPAT_ZONED| \ + BTRFS_FEATURE_INCOMPAT_FSCRYPT) #endif /* @@ -2059,15 +2068,21 @@ BTRFS_SETGET_STACK_FUNCS(stack_root_ref_name_len, struct btrfs_root_ref, name_le /* struct btrfs_dir_item */ BTRFS_SETGET_FUNCS(dir_data_len, struct btrfs_dir_item, data_len, 16); -BTRFS_SETGET_FUNCS(dir_type, struct btrfs_dir_item, type, 8); +BTRFS_SETGET_FUNCS(dir_flags, struct btrfs_dir_item, type, 8); BTRFS_SETGET_FUNCS(dir_name_len, struct btrfs_dir_item, name_len, 16); BTRFS_SETGET_FUNCS(dir_transid, struct btrfs_dir_item, transid, 64); BTRFS_SETGET_STACK_FUNCS(stack_dir_data_len, struct btrfs_dir_item, data_len, 16); -BTRFS_SETGET_STACK_FUNCS(stack_dir_type, struct btrfs_dir_item, type, 8); +BTRFS_SETGET_STACK_FUNCS(stack_dir_flags, struct btrfs_dir_item, type, 8); BTRFS_SETGET_STACK_FUNCS(stack_dir_name_len, struct btrfs_dir_item, name_len, 16); BTRFS_SETGET_STACK_FUNCS(stack_dir_transid, struct btrfs_dir_item, transid, 64); +static inline __u8 btrfs_dir_ftype(const struct extent_buffer *eb, + const struct btrfs_dir_item *item) +{ + return btrfs_dir_flags_to_ftype(btrfs_dir_flags(eb, item)); +} + static inline void btrfs_dir_item_key(struct extent_buffer *eb, struct btrfs_dir_item *item, struct btrfs_disk_key *key) diff --git a/kernel-shared/dir-item.c b/kernel-shared/dir-item.c index 27dfb362..27cf459d 100644 --- a/kernel-shared/dir-item.c +++ b/kernel-shared/dir-item.c @@ -89,7 +89,7 @@ int btrfs_insert_xattr_item(struct btrfs_trans_handle *trans, leaf = path->nodes[0]; btrfs_cpu_key_to_disk(&disk_key, &location); btrfs_set_dir_item_key(leaf, dir_item, &disk_key); - btrfs_set_dir_type(leaf, dir_item, BTRFS_FT_XATTR); + btrfs_set_dir_flags(leaf, dir_item, BTRFS_FT_XATTR); btrfs_set_dir_name_len(leaf, dir_item, name_len); btrfs_set_dir_data_len(leaf, dir_item, data_len); name_ptr = (unsigned long)(dir_item + 1); @@ -141,7 +141,7 @@ int btrfs_insert_dir_item(struct btrfs_trans_handle *trans, struct btrfs_root leaf = path->nodes[0]; btrfs_cpu_key_to_disk(&disk_key, location); btrfs_set_dir_item_key(leaf, dir_item, &disk_key); - btrfs_set_dir_type(leaf, dir_item, type); + btrfs_set_dir_flags(leaf, dir_item, type); btrfs_set_dir_data_len(leaf, dir_item, 0); btrfs_set_dir_name_len(leaf, dir_item, name_len); name_ptr = (unsigned long)(dir_item + 1); @@ -170,7 +170,7 @@ insert: leaf = path->nodes[0]; btrfs_cpu_key_to_disk(&disk_key, location); btrfs_set_dir_item_key(leaf, dir_item, &disk_key); - btrfs_set_dir_type(leaf, dir_item, type); + btrfs_set_dir_flags(leaf, dir_item, type); btrfs_set_dir_data_len(leaf, dir_item, 0); btrfs_set_dir_name_len(leaf, dir_item, name_len); name_ptr = (unsigned long)(dir_item + 1); @@ -292,7 +292,7 @@ static int verify_dir_item(struct btrfs_root *root, struct btrfs_dir_item *dir_item) { u16 namelen = BTRFS_NAME_LEN; - u8 type = btrfs_dir_type(leaf, dir_item); + u8 type = btrfs_dir_flags_to_ftype(btrfs_dir_flags(leaf, dir_item)); if (type == BTRFS_FT_XATTR) namelen = XATTR_NAME_MAX; diff --git a/kernel-shared/inode.c b/kernel-shared/inode.c index 8dfe5b0d..66c16a98 100644 --- a/kernel-shared/inode.c +++ b/kernel-shared/inode.c @@ -541,6 +541,7 @@ int btrfs_mkdir(struct btrfs_trans_handle *trans, struct btrfs_root *root, if (dir_item) { struct btrfs_key found_key; + u8 type; /* * Already have conflicting name, check if it is a dir. @@ -548,7 +549,8 @@ int btrfs_mkdir(struct btrfs_trans_handle *trans, struct btrfs_root *root, */ btrfs_dir_item_key_to_cpu(path->nodes[0], dir_item, &found_key); ret_ino = found_key.objectid; - if (btrfs_dir_type(path->nodes[0], dir_item) != BTRFS_FT_DIR) + type = btrfs_dir_flags_to_ftype(btrfs_dir_flags(path->nodes[0], dir_item)); + if (type != BTRFS_FT_DIR) ret = -EEXIST; goto out; } diff --git a/kernel-shared/print-tree.c b/kernel-shared/print-tree.c index fc4711b1..48028299 100644 --- a/kernel-shared/print-tree.c +++ b/kernel-shared/print-tree.c @@ -31,7 +31,7 @@ static void print_dir_item_type(struct extent_buffer *eb, struct btrfs_dir_item *di) { - u8 type = btrfs_dir_type(eb, di); + u8 type = btrfs_dir_flags_to_ftype(btrfs_dir_flags(eb, di)); static const char* dir_item_str[] = { [BTRFS_FT_REG_FILE] = "FILE", [BTRFS_FT_DIR] = "DIR", diff --git a/libbtrfsutil/btrfs_tree.h b/libbtrfsutil/btrfs_tree.h index 1df9efd6..fbe25037 100644 --- a/libbtrfsutil/btrfs_tree.h +++ b/libbtrfsutil/btrfs_tree.h @@ -322,6 +322,9 @@ #define BTRFS_FT_XATTR 8 #define BTRFS_FT_MAX 9 +/* Name is encrypted */ +#define BTRFS_FT_FSCRYPT_NAME 0x80 + /* * The key defines the order in the tree, and so it also defines (optimal) * block layout. From patchwork Tue Sep 6 00:01:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sweet Tea Dorminy X-Patchwork-Id: 12966636 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 86CE7ECAAD3 for ; Tue, 6 Sep 2022 00:01:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232524AbiIFABb (ORCPT ); Mon, 5 Sep 2022 20:01:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33082 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231154AbiIFAB2 (ORCPT ); Mon, 5 Sep 2022 20:01:28 -0400 Received: from box.fidei.email (box.fidei.email [71.19.144.250]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3739F6715C for ; Mon, 5 Sep 2022 17:01:26 -0700 (PDT) Received: from authenticated-user (box.fidei.email [71.19.144.250]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by box.fidei.email (Postfix) with ESMTPSA id 7A71180E05; Mon, 5 Sep 2022 20:01:26 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dorminy.me; s=mail; t=1662422486; bh=BhHU9vZWm1tTEBPFb9W/L3DJ7IxuSdGT3ZArT1QJ7pg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Qnl5KBtdyOxqeRfFH//DrVKYBwj/M6FDLWPmsB/x0NiKB68EDlq8JR93T0C+K+KeH T5+BacxbCeJIZg2aIgcOggz0v1HdTA576l9DiIU8f7uSiUxOb/mWPzisMHFz60s5eB uSVztBLZ4Ctk9FwEbXYZL3tiFcVR4UA8lkYZz+rJP1gtH+Q5LdFIU6gnlUcV3An+nv dqsNkV/kha9q0ijC8bgSvQ8fy2HQxYev6A8ODJxNVdK5uVem1Av7Pxn8qVr26etRbo jJGqK9szWPlAu6L2p1J+GLJ2E0rL4aZ4twCVImEvB0N8EpvEHfDN0Ao49PfZsMRmiq kwZWEEH4XwysQ== From: Sweet Tea Dorminy To: linux-btrfs@vger.kernel.org, kernel-team@fb.com Cc: Sweet Tea Dorminy Subject: [PATCH 3/6] btrfs-progs: interpret encrypted file extents. Date: Mon, 5 Sep 2022 20:01:04 -0400 Message-Id: In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Encrypted file extents now have the 'encryption' field set to a encryption type plus a context length, and have an extent context appended to the item. This necessitates adjusting the struct to have a variable-length fscrypt_context member at the end, and printing contexts if one is provided. Signed-off-by: Sweet Tea Dorminy --- check/main.c | 4 +++- kernel-shared/ctree.h | 24 +++++++++++++++++++++++- kernel-shared/fscrypt.h | 27 +++++++++++++++++++++++++++ kernel-shared/print-tree.c | 25 +++++++++++++++++++++++++ 4 files changed, 78 insertions(+), 2 deletions(-) create mode 100644 kernel-shared/fscrypt.h diff --git a/check/main.c b/check/main.c index 3b133105..be9b0134 100644 --- a/check/main.c +++ b/check/main.c @@ -6565,6 +6565,7 @@ static int run_next_block(struct btrfs_root *root, for (i = 0; i < nritems; i++) { struct btrfs_file_extent_item *fi; unsigned long inline_offset; + u8 ctxsize; inline_offset = offsetof(struct btrfs_file_extent_item, disk_bytenr); @@ -6700,8 +6701,9 @@ static int run_next_block(struct btrfs_root *root, continue; /* Prealloc/regular extent must have fixed item size */ + ctxsize = btrfs_file_extent_encryption_ctxsize(buf, fi); if (btrfs_item_size(buf, i) != - sizeof(struct btrfs_file_extent_item)) { + sizeof(struct btrfs_file_extent_item) + ctxsize) { ret = -EUCLEAN; error( "invalid file extent item size, have %u expect %zu", diff --git a/kernel-shared/ctree.h b/kernel-shared/ctree.h index d8f81610..4392393d 100644 --- a/kernel-shared/ctree.h +++ b/kernel-shared/ctree.h @@ -25,6 +25,7 @@ #include "kerncompat.h" #include "common/extent-cache.h" #include "kernel-shared/extent_io.h" +#include "kernel-shared/fscrypt.h" #include "ioctl.h" struct btrfs_root; @@ -998,7 +999,11 @@ struct btrfs_file_extent_item { * uncompressed and without encoding. */ __le64 num_bytes; - + /* + * Fscrypt extent encryption context. Only present if extent is + * encrypted (stored in the encryption field). + */ + __u8 fscrypt_context[0]; } __attribute__ ((__packed__)); struct btrfs_dev_stats_item { @@ -2449,6 +2454,23 @@ BTRFS_SETGET_FUNCS(file_extent_encryption, struct btrfs_file_extent_item, encryption, 8); BTRFS_SETGET_FUNCS(file_extent_other_encoding, struct btrfs_file_extent_item, other_encoding, 16); +static inline u8 +btrfs_file_extent_encryption_ctxsize(const struct extent_buffer *eb, + struct btrfs_file_extent_item *e) +{ + u8 ctxsize; + btrfs_unpack_encryption(btrfs_file_extent_encryption(eb, e), + NULL, &ctxsize); + return ctxsize; +} + +static inline u8 +btrfs_file_extent_ctxsize_from_item(const struct extent_buffer *leaf, + const struct btrfs_path *path) +{ + return (btrfs_item_size(leaf, path->slots[0]) - + sizeof(struct btrfs_file_extent_item)); +} /* btrfs_qgroup_status_item */ BTRFS_SETGET_FUNCS(qgroup_status_version, struct btrfs_qgroup_status_item, diff --git a/kernel-shared/fscrypt.h b/kernel-shared/fscrypt.h new file mode 100644 index 00000000..015c2d41 --- /dev/null +++ b/kernel-shared/fscrypt.h @@ -0,0 +1,27 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#ifndef BTRFS_FSCRYPT_H +#define BTRFS_FSCRYPT_H + +#define BTRFS_ENCRYPTION_POLICY_MASK 0x03 +#define BTRFS_ENCRYPTION_CTXSIZE_MASK 0xfc + +/* Actually from include/linux/fscrypt.h */ +#define FSCRYPT_EXTENT_CONTEXT_MAX_SIZE 33 + +static inline void btrfs_unpack_encryption(u8 encryption, + u8 *policy, + u8 *ctxsize) +{ + if (policy) + *policy = encryption & BTRFS_ENCRYPTION_POLICY_MASK; + if (ctxsize) + *ctxsize = (encryption & BTRFS_ENCRYPTION_CTXSIZE_MASK) >> 2; +} + +static inline u8 btrfs_pack_encryption(u8 policy, u8 ctxsize) +{ + return policy | (ctxsize << 2); +} + +#endif // BTRFS_FSCRYPT_H diff --git a/kernel-shared/print-tree.c b/kernel-shared/print-tree.c index 48028299..bb8db45c 100644 --- a/kernel-shared/print-tree.c +++ b/kernel-shared/print-tree.c @@ -354,6 +354,26 @@ static void compress_type_to_str(u8 compress_type, char *ret) } } +static void generate_encryption_string(struct extent_buffer *leaf, + struct btrfs_file_extent_item *fi, + char *ret) +{ + u8 encryption = btrfs_file_extent_encryption(leaf, fi); + u8 policy, ctxsize; + u8 ctx[FSCRYPT_EXTENT_CONTEXT_MAX_SIZE]; + btrfs_unpack_encryption(encryption, &policy, &ctxsize); + if (ctxsize) + read_extent_buffer(leaf, ctx, + (unsigned long)fi->fscrypt_context, ctxsize); + ret += sprintf(ret, "%hhu, %hhu", policy, ctxsize); + if (ctxsize) { + int i; + ret += sprintf(ret, ": context "); + for (i = 0; i < ctxsize; i++) + ret += sprintf(ret, "%02hhx", ctx[i]); + } +} + static const char* file_extent_type_to_str(u8 type) { switch (type) { @@ -370,9 +390,11 @@ static void print_file_extent_item(struct extent_buffer *eb, { unsigned char extent_type = btrfs_file_extent_type(eb, fi); char compress_str[16]; + char encrypt_str[16]; compress_type_to_str(btrfs_file_extent_compression(eb, fi), compress_str); + generate_encryption_string(eb, fi, encrypt_str); printf("\t\tgeneration %llu type %hhu (%s)\n", btrfs_file_extent_generation(eb, fi), @@ -405,6 +427,9 @@ static void print_file_extent_item(struct extent_buffer *eb, printf("\t\textent compression %hhu (%s)\n", btrfs_file_extent_compression(eb, fi), compress_str); + printf("\t\textent encryption %hhu (%s)\n", + btrfs_file_extent_encryption(eb, fi), + encrypt_str); } /* Caller should ensure sizeof(*ret) >= 16("DATA|TREE_BLOCK") */ From patchwork Tue Sep 6 00:01:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sweet Tea Dorminy X-Patchwork-Id: 12966637 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 31199C54EE9 for ; Tue, 6 Sep 2022 00:01:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232575AbiIFABd (ORCPT ); Mon, 5 Sep 2022 20:01:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33100 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232455AbiIFAB3 (ORCPT ); Mon, 5 Sep 2022 20:01:29 -0400 Received: from box.fidei.email (box.fidei.email [71.19.144.250]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C3E4652E47 for ; Mon, 5 Sep 2022 17:01:28 -0700 (PDT) Received: from authenticated-user (box.fidei.email [71.19.144.250]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by box.fidei.email (Postfix) with ESMTPSA id 3BBEE80C62; Mon, 5 Sep 2022 20:01:28 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dorminy.me; s=mail; t=1662422488; bh=2Vz/3GvrxiKaPAr5G7cYeDJPqNrHRDLmOcXksq3eZ+U=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=tgwQpacZqtuGg/gicyZ0YO2hXO8GzTjccKdBC71wCDQJ+CZO9uE7W3lSTefPMMjHt 8eOsRaCidYdVcrXR8zfvGjYepCQ+J2hj8t4fwMdc+J36bCrSTSLwxqCWJZj/MAeWw5 tvR6loeDOagK9euV7LMoJ2OKdPuSYj7mM3W327LeHYu7TXGgbP4JmIDHm/VovdtsgD t8F6gd0SApnxSyducz3cgxAQ0v6v9gVvl8zQ/vPOx037fQbIxT+c6OkDqH9epf9E2E zqt6TtmzZ7SrRptlet5gHKcI3arRlII6CKrT1s1auQsL8I25LlmUWzNOiW6PsJu434 duEBWt03d0xqQ== From: Sweet Tea Dorminy To: linux-btrfs@vger.kernel.org, kernel-team@fb.com Cc: Sweet Tea Dorminy Subject: [PATCH 4/6] btrfs-progs: handle fscrypt context items Date: Mon, 5 Sep 2022 20:01:05 -0400 Message-Id: In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org Encrypted inodes have a new associated item, the fscrypt context, which can be printed as a pure hex string in dump-tree. Signed-off-by: Sweet Tea Dorminy --- kernel-shared/ctree.h | 2 ++ kernel-shared/print-tree.c | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/kernel-shared/ctree.h b/kernel-shared/ctree.h index 4392393d..2541a102 100644 --- a/kernel-shared/ctree.h +++ b/kernel-shared/ctree.h @@ -1397,6 +1397,8 @@ static inline u32 BTRFS_MAX_XATTR_SIZE(const struct btrfs_fs_info *info) #define BTRFS_VERITY_DESC_ITEM_KEY 36 #define BTRFS_VERITY_MERKLE_ITEM_KEY 37 +#define BTRFS_FSCRYPT_CTXT_ITEM_KEY 41 + #define BTRFS_ORPHAN_ITEM_KEY 48 #define BTRFS_DIR_LOG_ITEM_KEY 60 diff --git a/kernel-shared/print-tree.c b/kernel-shared/print-tree.c index bb8db45c..2163f833 100644 --- a/kernel-shared/print-tree.c +++ b/kernel-shared/print-tree.c @@ -97,6 +97,20 @@ static void print_dir_item(struct extent_buffer *eb, u32 size, } } +static void print_fscrypt_context(struct extent_buffer *eb, int slot) +{ + int i; + unsigned long ptr = btrfs_item_ptr_offset(eb, slot); + u32 item_size = btrfs_item_size(eb, slot); + u8 ctx_buf[item_size]; + + read_extent_buffer(eb, ctx_buf, ptr, item_size); + printf("\t\tvalue: "); + for(i = 0; i < item_size; i++) + printf("%02x", ctx_buf[i]); + printf("\n"); +} + static void print_inode_extref_item(struct extent_buffer *eb, u32 size, struct btrfs_inode_extref *extref) { @@ -671,6 +685,7 @@ void print_key_type(FILE *stream, u64 objectid, u8 type) [BTRFS_DIR_LOG_ITEM_KEY] = "DIR_LOG_ITEM", [BTRFS_DIR_LOG_INDEX_KEY] = "DIR_LOG_INDEX", [BTRFS_XATTR_ITEM_KEY] = "XATTR_ITEM", + [BTRFS_FSCRYPT_CTXT_ITEM_KEY] = "FSCRYPT_CTXT_ITEM", [BTRFS_VERITY_DESC_ITEM_KEY] = "VERITY_DESC_ITEM", [BTRFS_VERITY_MERKLE_ITEM_KEY] = "VERITY_MERKLE_ITEM", [BTRFS_ORPHAN_ITEM_KEY] = "ORPHAN_ITEM", @@ -1378,6 +1393,9 @@ void btrfs_print_leaf(struct extent_buffer *eb, unsigned int mode) case BTRFS_XATTR_ITEM_KEY: print_dir_item(eb, item_size, ptr); break; + case BTRFS_FSCRYPT_CTXT_ITEM_KEY: + print_fscrypt_context(eb, i); + break; case BTRFS_DIR_LOG_INDEX_KEY: case BTRFS_DIR_LOG_ITEM_KEY: { struct btrfs_dir_log_item *dlog; From patchwork Tue Sep 6 00:01:06 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sweet Tea Dorminy X-Patchwork-Id: 12966638 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C9FDECAAA1 for ; Tue, 6 Sep 2022 00:01:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232634AbiIFABf (ORCPT ); Mon, 5 Sep 2022 20:01:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33116 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230347AbiIFABb (ORCPT ); Mon, 5 Sep 2022 20:01:31 -0400 Received: from box.fidei.email (box.fidei.email [IPv6:2605:2700:0:2:a800:ff:feba:dc44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6D51B52E47 for ; Mon, 5 Sep 2022 17:01:30 -0700 (PDT) Received: from authenticated-user (box.fidei.email [71.19.144.250]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by box.fidei.email (Postfix) with ESMTPSA id E55FE80E05; Mon, 5 Sep 2022 20:01:29 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dorminy.me; s=mail; t=1662422490; bh=IttONbvphVIkopPhjOSpLTVvRVbkNnzCrnnJ1Poj8ns=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=V1zEMh8pG0YYa2n9tOuaaI+o8u4n4q8YVhK0Djksd0W0aYRAA7aLEBq/ni1U8HEdS W5iO4X3KCPkR1FiZbJWTIY5S5xGuoh26cB5DHPw30Fc9qoEQYuLxqTr17msQqY6aM+ R3t99uW0lvbGYt0737Kwm2uyTFY1LuEE6kz6U7vg1wNmG1r3Rs8BOufmy4VsqN2E0s zzx4zAJOk9hC2/emZj7esgrBb9cipBzQ1EbpyEndEwIcQX7QeYCc0WKammTvG12AhD g9r3/JqZC6lrukz8TdNiUnzrrcE9CwJ/uhDbDq3fy4j1qU5I1fRls2X6lutVx7ixih AWaEU2gmEdcFA== From: Sweet Tea Dorminy To: linux-btrfs@vger.kernel.org, kernel-team@fb.com Cc: Sweet Tea Dorminy Subject: [PATCH 5/6] btrfs-progs: escape unprintable characters in names Date: Mon, 5 Sep 2022 20:01:06 -0400 Message-Id: <95f07a265f40797ba81d3125364492f17e3b8780.1662417859.git.sweettea-kernel@dorminy.me> In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org There are several item types which have an associated name: inode refs and dir items. While they could always be unprintable, the advent of encryption makes it much more likely that the names contain characters outside the normal ASCII range. As such, it's useful to print the characters outside normal ASCII in hex format. Signed-off-by: Sweet Tea Dorminy --- kernel-shared/print-tree.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/kernel-shared/print-tree.c b/kernel-shared/print-tree.c index 2163f833..6365d961 100644 --- a/kernel-shared/print-tree.c +++ b/kernel-shared/print-tree.c @@ -28,6 +28,19 @@ #include "kernel-shared/volumes.h" #include "common/utils.h" +static void print_name(const char *buf, size_t len) +{ + size_t i; + printf("name: "); + for(i = 0; i < len; i++) { + if (buf[i] >= ' ' && buf[i] <= '~') + printf("%c", buf[i]); + else + printf("\\x%02hhx", buf[i]); + } + printf("\n"); +} + static void print_dir_item_type(struct extent_buffer *eb, struct btrfs_dir_item *di) { @@ -77,7 +90,7 @@ static void print_dir_item(struct extent_buffer *eb, u32 size, } else { read_extent_buffer(eb, namebuf, (unsigned long)(di + 1), len); - printf("\t\tname: %.*s\n", len, namebuf); + print_name(namebuf, len); } if (data_len) { @@ -135,7 +148,7 @@ static void print_inode_extref_item(struct extent_buffer *eb, u32 size, } else { read_extent_buffer(eb, namebuf, (unsigned long)extref->name, len); - printf("name: %.*s\n", len, namebuf); + print_name(namebuf, len); } len = sizeof(*extref) + name_len; @@ -165,7 +178,7 @@ static void print_inode_ref_item(struct extent_buffer *eb, u32 size, } else { read_extent_buffer(eb, namebuf, (unsigned long)(ref + 1), len); - printf("name: %.*s\n", len, namebuf); + print_name(namebuf, len); } len = sizeof(*ref) + name_len; ref = (struct btrfs_inode_ref *)((char *)ref + len); From patchwork Tue Sep 6 00:01:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sweet Tea Dorminy X-Patchwork-Id: 12966639 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1ED27ECAAD3 for ; Tue, 6 Sep 2022 00:01:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232650AbiIFABg (ORCPT ); Mon, 5 Sep 2022 20:01:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33138 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232606AbiIFABe (ORCPT ); Mon, 5 Sep 2022 20:01:34 -0400 Received: from box.fidei.email (box.fidei.email [71.19.144.250]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9C54D52E47 for ; Mon, 5 Sep 2022 17:01:32 -0700 (PDT) Received: from authenticated-user (box.fidei.email [71.19.144.250]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by box.fidei.email (Postfix) with ESMTPSA id DAA3F80C62; Mon, 5 Sep 2022 20:01:31 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dorminy.me; s=mail; t=1662422492; bh=oD4DapS1KZRP9/Db6zooV26L1WOCdxIdtO+uiwaRRok=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UX+Xh8YdXwXM6yHhMRCJ+XgnFSjSLzTy43oba2tcwb6f+AMXvwKNHOB0PdzsdE7NZ ndNF+Lufv1prBEv/aoQzTq5iWC8KE0w3LCtKNFGB8juFMy2J7KWouCCOv+fiYLBQ/T lGXQhwEzb9dgGYuYJTLUChjoa7G0jyYSIxLLvApjCgHsRgeYID8pvk/0rjVy1R8gl8 AjaCXE8uFUFbLSci18WQbFa5JPkgtWAVz1BQ1o7BajSzJU2WyNZ7mEUUf+DoiK/F+q 0f0POEyAXHS+FnWhvbwKxTUSaj7MyboVAkX0rnNXDtsgKmJgBQEi7m7nUE8Fyp3HWt IIvodZ+iZOiDA== From: Sweet Tea Dorminy To: linux-btrfs@vger.kernel.org, kernel-team@fb.com Cc: Sweet Tea Dorminy Subject: [PATCH 6/6] btrfs-progs: check: update inline extent length checking Date: Mon, 5 Sep 2022 20:01:07 -0400 Message-Id: <4ec822ef3b3a6be3cbf07a878d475b273094795c.1662417859.git.sweettea-kernel@dorminy.me> In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org As part of the encryption changes, encrypted inline file extents record their actual data length in ram_bytes, like compressed inline file extents, while the item's length records the actual size. As such, encrypted inline extents must be treated like compressed ones for inode length consistency checking. Signed-off-by: Sweet Tea Dorminy --- check/main.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/check/main.c b/check/main.c index be9b0134..5466f45d 100644 --- a/check/main.c +++ b/check/main.c @@ -1626,7 +1626,7 @@ static int process_file_extent(struct btrfs_root *root, u64 mask = gfs_info->sectorsize - 1; u32 max_inline_size = min_t(u32, mask, BTRFS_MAX_INLINE_DATA_SIZE(gfs_info)); - u8 compression; + u8 compression, encryption; int extent_type; int ret; @@ -1651,25 +1651,25 @@ static int process_file_extent(struct btrfs_root *root, fi = btrfs_item_ptr(eb, slot, struct btrfs_file_extent_item); extent_type = btrfs_file_extent_type(eb, fi); compression = btrfs_file_extent_compression(eb, fi); + encryption = btrfs_file_extent_encryption(eb, fi); if (extent_type == BTRFS_FILE_EXTENT_INLINE) { - num_bytes = btrfs_file_extent_ram_bytes(eb, fi); - if (num_bytes == 0) + u64 num_decoded_bytes = btrfs_file_extent_ram_bytes(eb, fi); + u64 num_disk_bytes = btrfs_file_extent_inline_item_len(eb, slot); + if (num_decoded_bytes == 0) rec->errors |= I_ERR_BAD_FILE_EXTENT; - if (compression) { - if (btrfs_file_extent_inline_item_len(eb, slot) > - max_inline_size || - num_bytes > gfs_info->sectorsize) + if (compression || encryption) { + if (num_disk_bytes > max_inline_size || + num_decoded_bytes > gfs_info->sectorsize) rec->errors |= I_ERR_FILE_EXTENT_TOO_LARGE; } else { - if (num_bytes > max_inline_size) + if (num_decoded_bytes > max_inline_size) rec->errors |= I_ERR_FILE_EXTENT_TOO_LARGE; - if (btrfs_file_extent_inline_item_len(eb, slot) != - num_bytes) + if (num_disk_bytes != num_decoded_bytes) rec->errors |= I_ERR_INLINE_RAM_BYTES_WRONG; } - rec->found_size += num_bytes; - num_bytes = (num_bytes + mask) & ~mask; + rec->found_size += num_decoded_bytes; + num_bytes = (num_decoded_bytes + mask) & ~mask; } else if (extent_type == BTRFS_FILE_EXTENT_REG || extent_type == BTRFS_FILE_EXTENT_PREALLOC) { num_bytes = btrfs_file_extent_num_bytes(eb, fi);