@@ -1047,8 +1047,8 @@ astute users may notice some differences in behavior:
10471047 may be used to overwrite the source files but isn't guaranteed to be
10481048 effective on all filesystems and storage devices.
10491049
1050- - Direct I/O is not supported on encrypted files. Attempts to use
1051- direct I/O on such files will fall back to buffered I/O.
1050+ - Direct I/O is supported on encrypted files only under some
1051+ circumstances. For details, see ` Direct I/O support `_ .
10521052
10531053- The fallocate operations FALLOC_FL_COLLAPSE_RANGE and
10541054 FALLOC_FL_INSERT_RANGE are not supported on encrypted files and will
@@ -1179,6 +1179,27 @@ Inline encryption doesn't affect the ciphertext or other aspects of
11791179the on-disk format, so users may freely switch back and forth between
11801180using "inlinecrypt" and not using "inlinecrypt".
11811181
1182+ Direct I/O support
1183+ ==================
1184+
1185+ For direct I/O on an encrypted file to work, the following conditions
1186+ must be met (in addition to the conditions for direct I/O on an
1187+ unencrypted file):
1188+
1189+ * The file must be using inline encryption. Usually this means that
1190+ the filesystem must be mounted with ``-o inlinecrypt `` and inline
1191+ encryption hardware must be present. However, a software fallback
1192+ is also available. For details, see `Inline encryption support `_.
1193+
1194+ * The I/O request must be fully aligned to the filesystem block size.
1195+ This means that the file position the I/O is targeting, the lengths
1196+ of all I/O segments, and the memory addresses of all I/O buffers
1197+ must be multiples of this value. Note that the filesystem block
1198+ size may be greater than the logical block size of the block device.
1199+
1200+ If either of the above conditions is not met, then direct I/O on the
1201+ encrypted file will fall back to buffered I/O.
1202+
11821203Implementation details
11831204======================
11841205
0 commit comments