F2FS With Linux 5.11 To Support Casefolding With Encryption

Written by Michael Larabel in Linux Storage on 22 November 2020 at 12:04 AM EST. 7 Comments
LINUX STORAGE
For over one year the Flash-Friendly File-System (F2FS) has supported case-folding for optional case-insensitive file/folder support. The past number of years F2FS has also supported FSCRYPT-based file encryption. But now as we roll into 2021, support is finally seemingly ready for mainline in supporting casefolding with encryption enabled.

The combination of having case-folding and encryption on the same data hasn't been supported by F2FS. For the past number of months the FSCRYPT file-system encryption framework leveraged by F2FS and other file-systems has been working on the case-folding with FSCRYPT and ironing out all those details.

Queued now in the F2FS "dev" code and thus likely slated for the upcoming Linux 5.11 kernel barring any last minute issues is casefolding with encryption being wired up for F2FS. This should allow proper case-folding to work on encrypted directories.

"To index casefolded+encrypted directories, we use the SipHash of the casefolded name, keyed by a key derived from the directory's fscrypt master key. This ensures that the dirhash doesn't leak information about the plaintext filenames. Encryption keys are unavailable during roll-forward recovery, so we can't compute the dirhash when recovering a new dentry in an encrypted + casefolded directory. To avoid having to force a checkpoint when a new file is fsync'ed, store the dirhash on-disk appended to i_name." More details in the dev commit.

The Linux 5.11 merge window is opening before Christmas while the stable kernel release should make it out around the end of February.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week