FSCRYPT Inline Encryption Ready To Offer Better Performance On Modern SoCs

Written by Michael Larabel in Linux Storage on 3 August 2020 at 08:00 AM EDT. 11 Comments
After being worked on a number of months, the FSCRYPT file-system encryption framework for the Linux kernel is enabling inline encryption support with the 5.9 kernel.

Inline encryption for FSCRYPT has been in the works for a number of months spanning multiple cycles while now all the stars have aligned for Linux 5.9. Leveraging inline encryption with Linux 5.9 means using the BLK-CRYPTO support merged the previous cycle and in turn being able to benefit from inline encryption hardware found on most mobile SoCs with their UFS/eMMC host controllers.

This FSCRPYT inline encryption support has been worked on by Google presumably with a focus on Android smartphones for better encrypted storage performance.

This blk-crypto-backed inline encryption for FSCRYPT isn't being used by default with Linux 5.9+ but requires setting inlinecrypt as a mount option with F2FS or EXT4 file-systems that utilize FSCRYPT for their optional per-directory data encryption support. Still being addressed is direct I/O on encrypted files.

More details on the changes for Linux 5.9 via this pull request.

On a similar note, already sent in for Linux 5.9 as well are the crypto updates. Linux 5.9's crypto subsystem is seeing support for allocating transforms on a specific NUMA node, a new SHA256 helper, and a number of new crypto and hardware random number generator drivers.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week