From: Eric Biggers <ebiggers@kernel.org>
To: Christoph Hellwig <hch@lst.de>
Cc: Jens Axboe <axboe@kernel.dk>, Vlastimil Babka <vbabka@suse.cz>,
Andrew Morton <akpm@linux-foundation.org>,
Christoph Lameter <cl@gentwo.org>,
David Rientjes <rientjes@google.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Harry Yoo <harry.yoo@oracle.com>,
linux-block@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-fscrypt@vger.kernel.org, linux-mm@kvack.org
Subject: Re: [PATCH 8/9] blk-crypto: use on-stack skciphers for fallback en/decryption
Date: Thu, 13 Nov 2025 16:32:00 -0800 [thread overview]
Message-ID: <20251114003200.GB30712@quark> (raw)
In-Reply-To: <20251031093517.1603379-9-hch@lst.de>
On Fri, Oct 31, 2025 at 10:34:38AM +0100, Christoph Hellwig wrote:
> Allocating a skcipher dynamically can deadlock or cause unexpected
> I/O failures when called from writeback context. Sidestep the
> allocation by using on-stack skciphers, similar to what the non
> blk-crypto fscrypt already does.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
skcipher => skcipher request
> @@ -238,12 +223,12 @@ static void blk_crypto_dun_to_iv(const u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE],
> * encryption, encrypts the input bio using crypto API and submits the bounce
> * bio.
> */
> -void blk_crypto_fallback_encrypt_bio(struct bio *src_bio)
The above comment needs to be updated too. Maybe leave the static
function __blk_crypto_fallback_encrypt_bio() uncommented, and write an
updated comment for the global function
blk_crypto_fallback_encrypt_bio(). Maybe something like this:
/*
* blk-crypto-fallback's encryption routine. Encrypts the source bio's data
* into a sequence of bounce bios (usually 1, but there can be multiple if there
* are more than BIO_MAX_VECS pages). Submits the bounce bios, then completes
* the source bio once all the bounce bios are done. This takes ownership of
* the source bio, i.e. the caller mustn't continue with submission.
*/
But really that ought to go in the previous commit, not this one.
> +static void blk_crypto_fallback_decrypt_bio(struct work_struct *work)
> +{
> + struct bio_fallback_crypt_ctx *f_ctx =
> + container_of(work, struct bio_fallback_crypt_ctx, work);
> + struct bio *bio = f_ctx->bio;
> + struct bio_crypt_ctx *bc = &f_ctx->crypt_ctx;
> + struct blk_crypto_keyslot *slot;
> + blk_status_t status;
> +
> + status = blk_crypto_get_keyslot(blk_crypto_fallback_profile,
> + bc->bc_key, &slot);
> + if (status == BLK_STS_OK) {
> + status = __blk_crypto_fallback_decrypt_bio(f_ctx->bio,
> + &f_ctx->crypt_ctx, f_ctx->crypt_iter,
> + blk_crypto_fallback_tfm(slot));
> + blk_crypto_put_keyslot(slot);
> + }
This is referencing f_ctx->bio and f_ctx->crypt_ctx when they were
already loaded into local variables. Either the local variables should
be used, or they should be removed and the fields always used.
- Eric
next prev parent reply other threads:[~2025-11-14 0:32 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-31 9:34 move blk-crypto-fallback to sit above the block layer Christoph Hellwig
2025-10-31 9:34 ` [PATCH 1/9] mempool: update kerneldoc comments Christoph Hellwig
2025-11-05 14:02 ` Vlastimil Babka
2025-11-05 14:14 ` Vlastimil Babka
2025-11-07 3:26 ` Eric Biggers
2025-11-07 12:02 ` Christoph Hellwig
2025-10-31 9:34 ` [PATCH 2/9] mempool: add error injection support Christoph Hellwig
2025-11-05 14:04 ` Vlastimil Babka
2025-11-07 3:29 ` Eric Biggers
2025-11-07 12:04 ` Christoph Hellwig
2025-10-31 9:34 ` [PATCH 3/9] mempool: add mempool_{alloc,free}_bulk Christoph Hellwig
2025-11-05 15:04 ` Vlastimil Babka
2025-11-06 14:13 ` Christoph Hellwig
2025-11-06 14:27 ` Vlastimil Babka
2025-11-06 14:48 ` Christoph Hellwig
2025-11-06 14:57 ` Vlastimil Babka
2025-11-06 15:00 ` Christoph Hellwig
2025-11-06 15:09 ` Vlastimil Babka
2025-11-07 3:52 ` Eric Biggers
2025-11-07 12:06 ` Christoph Hellwig
2025-10-31 9:34 ` [PATCH 4/9] fscrypt: pass a real sector_t to fscrypt_zeroout_range_inline_crypt Christoph Hellwig
2025-11-07 3:55 ` Eric Biggers
2025-11-07 12:07 ` Christoph Hellwig
2025-10-31 9:34 ` [PATCH 5/9] fscrypt: keep multiple bios in flight in fscrypt_zeroout_range_inline_crypt Christoph Hellwig
2025-11-07 4:06 ` Eric Biggers
2025-10-31 9:34 ` [PATCH 6/9] blk-crypto: optimize bio splitting in blk_crypto_fallback_encrypt_bio Christoph Hellwig
2025-11-14 0:22 ` Eric Biggers
2025-11-14 5:56 ` Christoph Hellwig
2025-10-31 9:34 ` [PATCH 7/9] blk-crypto: handle the fallback above the block layer Christoph Hellwig
2025-11-07 4:42 ` Eric Biggers
2025-11-07 12:10 ` Christoph Hellwig
2025-11-14 0:37 ` Eric Biggers
2025-11-14 5:56 ` Christoph Hellwig
2025-10-31 9:34 ` [PATCH 8/9] blk-crypto: use on-stack skciphers for fallback en/decryption Christoph Hellwig
2025-11-07 4:18 ` Eric Biggers
2025-11-07 12:10 ` Christoph Hellwig
2025-11-14 0:32 ` Eric Biggers [this message]
2025-11-14 5:57 ` Christoph Hellwig
2025-10-31 9:34 ` [PATCH 9/9] blk-crypto: use mempool_alloc_bulk for encrypted bio page allocation Christoph Hellwig
2025-11-05 15:12 ` Vlastimil Babka
2025-11-06 14:01 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251114003200.GB30712@quark \
--to=ebiggers@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=axboe@kernel.dk \
--cc=cl@gentwo.org \
--cc=harry.yoo@oracle.com \
--cc=hch@lst.de \
--cc=linux-block@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox