summaryrefslogtreecommitdiffstats
path: root/Documentation/admin-guide/ext4.rst
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2020-07-02 03:56:07 +0200
committerEric Biggers <ebiggers@google.com>2020-07-08 19:29:43 +0200
commit4f74d15fe40833d4fb4f5ead7437aa73840596a5 (patch)
tree355c94ea38587a4033682a744af0ea235eced858 /Documentation/admin-guide/ext4.rst
parentf2fs: add inline encryption support (diff)
downloadlinux-4f74d15fe40833d4fb4f5ead7437aa73840596a5.tar.xz
linux-4f74d15fe40833d4fb4f5ead7437aa73840596a5.zip
ext4: add inline encryption support
Wire up ext4 to support inline encryption via the helper functions which fs/crypto/ now provides. This includes: - Adding a mount option 'inlinecrypt' which enables inline encryption on encrypted files where it can be used. - Setting the bio_crypt_ctx on bios that will be submitted to an inline-encrypted file. Note: submit_bh_wbc() in fs/buffer.c also needed to be patched for this part, since ext4 sometimes uses ll_rw_block() on file data. - Not adding logically discontiguous data to bios that will be submitted to an inline-encrypted file. - Not doing filesystem-layer crypto on inline-encrypted files. Co-developed-by: Satya Tangirala <satyat@google.com> Signed-off-by: Satya Tangirala <satyat@google.com> Reviewed-by: Theodore Ts'o <tytso@mit.edu> Link: https://lore.kernel.org/r/20200702015607.1215430-5-satyat@google.com Signed-off-by: Eric Biggers <ebiggers@google.com>
Diffstat (limited to 'Documentation/admin-guide/ext4.rst')
-rw-r--r--Documentation/admin-guide/ext4.rst7
1 files changed, 7 insertions, 0 deletions
diff --git a/Documentation/admin-guide/ext4.rst b/Documentation/admin-guide/ext4.rst
index 9443fcef1876..2162d7909970 100644
--- a/Documentation/admin-guide/ext4.rst
+++ b/Documentation/admin-guide/ext4.rst
@@ -395,6 +395,13 @@ When mounting an ext4 filesystem, the following option are accepted:
Documentation/filesystems/dax.txt. Note that this option is
incompatible with data=journal.
+ inlinecrypt
+ When possible, encrypt/decrypt the contents of encrypted files using the
+ blk-crypto framework rather than filesystem-layer encryption. This
+ allows the use of inline encryption hardware. The on-disk format is
+ unaffected. For more details, see
+ Documentation/block/inline-encryption.rst.
+
Data Mode
=========
There are 3 different data modes: