From: Richard Weinberger <richard@nod.at>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: linux-fsdevel@vger.kernel.org, linux-fscrypt@vger.kernel.org,
overlayfs <linux-unionfs@vger.kernel.org>,
linux-kernel@vger.kernel.org
Subject: Re: overlayfs vs. fscrypt
Date: Wed, 13 Mar 2019 13:47:40 +0100 [thread overview]
Message-ID: <1852545.qrIQg0rEWx@blindfold> (raw)
In-Reply-To: <CAJfpegsy31D+=VJ+By2a9TLCvZJwvAUpb+_bJ5JVTsmsbZJTKQ@mail.gmail.com>
Am Mittwoch, 13. M�rz 2019, 13:36:02 CET schrieb Miklos Szeredi:
> I don't get it. Does fscrypt try to check permissions via
> ->d_revalidate? Why is it not doing that via ->permission()?
Please let me explain. Suppose we have a fscrypto directory /mnt and
I *don't* have the key.
When reading the directory contents of /mnt will return an encrypted filename.
e.g.
# ls /mnt
+mcQ46ne5Y8U6JMV9Wdq2C
As soon I load my key the real name is shown and I can read the file contents too.
That's why fscrypt has ->d_revalidate(). It checks for the key, if the key is
still not here -> stay with the old encrypted name. If the key is present
-> reveal the real name.
Same happens on the other direction if I unlink my key from the keyring.
> >
> > 2. Teach overlayfs to deal with a upper that has ->d_revalidate().
> > Given the complexity of overlayfs I'm not sure how feasible this is.
> > But I'm no overlayfs expert, maybe I miss something.
>
> I don't think it would be too complex. But first I'd like to
> understand exactly why fscrypt is (ab) using d_revalidate().
I hope my answer makes things more clear.
Thanks,
//richard
WARNING: multiple messages have this Message-ID (diff)
From: Richard Weinberger <richard@nod.at>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: linux-fsdevel@vger.kernel.org, linux-fscrypt@vger.kernel.org,
overlayfs <linux-unionfs@vger.kernel.org>,
linux-kernel@vger.kernel.org
Subject: Re: overlayfs vs. fscrypt
Date: Wed, 13 Mar 2019 13:47:40 +0100 [thread overview]
Message-ID: <1852545.qrIQg0rEWx@blindfold> (raw)
In-Reply-To: <CAJfpegsy31D+=VJ+By2a9TLCvZJwvAUpb+_bJ5JVTsmsbZJTKQ@mail.gmail.com>
Am Mittwoch, 13. März 2019, 13:36:02 CET schrieb Miklos Szeredi:
> I don't get it. Does fscrypt try to check permissions via
> ->d_revalidate? Why is it not doing that via ->permission()?
Please let me explain. Suppose we have a fscrypto directory /mnt and
I *don't* have the key.
When reading the directory contents of /mnt will return an encrypted filename.
e.g.
# ls /mnt
+mcQ46ne5Y8U6JMV9Wdq2C
As soon I load my key the real name is shown and I can read the file contents too.
That's why fscrypt has ->d_revalidate(). It checks for the key, if the key is
still not here -> stay with the old encrypted name. If the key is present
-> reveal the real name.
Same happens on the other direction if I unlink my key from the keyring.
> >
> > 2. Teach overlayfs to deal with a upper that has ->d_revalidate().
> > Given the complexity of overlayfs I'm not sure how feasible this is.
> > But I'm no overlayfs expert, maybe I miss something.
>
> I don't think it would be too complex. But first I'd like to
> understand exactly why fscrypt is (ab) using d_revalidate().
I hope my answer makes things more clear.
Thanks,
//richard
next prev parent reply other threads:[~2019-03-13 12:47 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-13 12:31 overlayfs vs. fscrypt Richard Weinberger
2019-03-13 12:31 ` Richard Weinberger
2019-03-13 12:36 ` Miklos Szeredi
2019-03-13 12:47 ` Richard Weinberger [this message]
2019-03-13 12:47 ` Richard Weinberger
2019-03-13 12:58 ` Miklos Szeredi
2019-03-13 13:00 ` Richard Weinberger
2019-03-13 13:00 ` Richard Weinberger
2019-03-13 13:24 ` Miklos Szeredi
2019-03-13 13:32 ` Richard Weinberger
2019-03-13 13:32 ` Richard Weinberger
2019-03-13 14:26 ` Amir Goldstein
2019-03-13 15:16 ` Theodore Ts'o
2019-03-13 15:30 ` Richard Weinberger
2019-03-13 15:30 ` Richard Weinberger
2019-03-13 15:36 ` James Bottomley
2019-03-13 15:51 ` Eric Biggers
2019-03-13 16:13 ` James Bottomley
2019-03-13 16:24 ` Richard Weinberger
2019-03-13 16:44 ` Theodore Ts'o
2019-03-13 17:45 ` James Bottomley
2019-03-13 18:58 ` Theodore Ts'o
2019-03-13 19:17 ` James Bottomley
2019-03-13 19:57 ` Eric Biggers
2019-03-13 20:06 ` James Bottomley
2019-03-13 20:25 ` Eric Biggers
2019-03-13 21:04 ` James Bottomley
2019-03-13 22:13 ` Eric Biggers
2019-03-13 22:29 ` James Bottomley
2019-03-13 22:58 ` Eric Biggers
2019-03-13 16:06 ` Al Viro
2019-03-13 16:44 ` Eric Biggers
2019-03-13 19:19 ` Al Viro
2019-03-13 19:43 ` Eric Biggers
2019-03-13 15:30 ` Eric Biggers
2019-03-13 15:30 ` Eric Biggers
2019-03-13 20:33 ` Richard Weinberger
2019-03-13 20:33 ` Richard Weinberger
2019-03-13 22:26 ` Eric Biggers
2019-03-13 22:26 ` Eric Biggers
2019-03-13 22:42 ` Richard Weinberger
2019-03-14 7:34 ` Miklos Szeredi
2019-03-14 17:15 ` [RFC] fscrypt_key_required mount option Richard Weinberger
2019-03-14 17:15 ` Richard Weinberger
2019-03-14 17:15 ` [PATCH 1/4] fscrypt: Implement FS_CFLG_OWN_D_OPS Richard Weinberger
2019-03-14 17:15 ` Richard Weinberger
2019-03-14 17:15 ` [PATCH 2/4] fscrypt: Export fscrypt_d_ops Richard Weinberger
2019-03-14 17:15 ` Richard Weinberger
2019-03-14 17:15 ` [PATCH 3/4] ubifs: Simplify fscrypt_get_encryption_info() error handling Richard Weinberger
2019-03-14 17:15 ` Richard Weinberger
2019-03-14 17:15 ` [PATCH 4/4] ubifs: Implement new mount option, fscrypt_key_required Richard Weinberger
2019-03-14 17:15 ` Richard Weinberger
2019-03-14 17:49 ` Eric Biggers
2019-03-14 17:49 ` Eric Biggers
2019-03-14 20:54 ` Richard Weinberger
2019-03-14 20:54 ` Richard Weinberger
2019-03-14 23:07 ` Theodore Ts'o
2019-03-14 23:07 ` Theodore Ts'o
2019-03-15 0:26 ` Unsubscribe Shane Volpe
2019-03-15 7:48 ` [PATCH 4/4] ubifs: Implement new mount option, fscrypt_key_required Richard Weinberger
2019-03-15 7:48 ` Richard Weinberger
2019-03-15 13:51 ` Theodore Ts'o
2019-03-15 13:51 ` Theodore Ts'o
2019-03-15 13:51 ` Theodore Ts'o
2019-03-15 13:59 ` Richard Weinberger
2019-03-15 13:59 ` Richard Weinberger
2019-03-14 23:15 ` James Bottomley
2019-03-14 23:15 ` James Bottomley
2019-03-14 23:42 ` Theodore Ts'o
2019-03-14 23:42 ` Theodore Ts'o
2019-03-14 23:55 ` James Bottomley
2019-03-14 23:55 ` James Bottomley
2019-03-13 15:01 ` overlayfs vs. fscrypt Eric Biggers
2019-03-13 15:01 ` Eric Biggers
2019-03-13 16:11 ` Al Viro
2019-03-13 16:33 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1852545.qrIQg0rEWx@blindfold \
--to=richard@nod.at \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-unionfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.