From: Sam Edwards <cfsworks@gmail.com>
To: Ilya Dryomov <idryomov@gmail.com>,
Alex Markuze <amarkuze@redhat.com>,
Viacheslav Dubeyko <slava@dubeyko.com>
Cc: Jeff Layton <jlayton@kernel.org>, Xiubo Li <xiubli@redhat.com>,
Milind Changire <mchangir@redhat.com>,
ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org,
Sam Edwards <CFSworks@gmail.com>
Subject: [PATCH 0/2] Bounce buffer for mds client decryption when vmalloc()
Date: Tue, 26 May 2026 19:58:26 -0700 [thread overview]
Message-ID: <20260527025828.5966-1-CFSworks@gmail.com> (raw)
Hi Ceph maintainers,
This is my proposed patchset after my previous RFC [1]. Apologies for the long
delay, life gets busy (and my Linux hacking time was eaten by trying to stay
patched in the face of the recent flood of LPE vulns), so it took me longer
than usual to get patches written, tested, and cleaned up. Glad to be back! :)
Since Alex pointed out last time that parse_reply_info_trace() has the same
latent bug, and Slava disliked the already-high complexity of
parse_reply_info_readdir(), I opted to resolve the issue in ceph_fname_to_usr()
instead. The purpose of patch #2 is to make ceph_fname_to_usr() explicitly
responsible for handling vmalloc()-backed filename buffers (for base64,
ciphertext, and plaintext), using the `tname` parameter as a bounce buffer
where appropriate (and preserving the allocate-when-needed behavior).
Patch #1 simplifies `struct fscrypt_str *tname` to `unsigned char *tname`, both
in recognition of `tname->len` being unused/unnecessary, and to eliminate the
`tname == NULL` / `tname->name == NULL` confusion.
Cheers,
Sam
[1] https://lore.kernel.org/ceph-devel/CAH5Ym4ga7miUQE0K-cJA93Ya7w62P69MAN27R5cBiYnudoOHdA@mail.gmail.com/T/
Sam Edwards (2):
ceph: pass fscrypt `tname` buffers directly
ceph: properly decrypt filenames in vmalloc() buffers
fs/ceph/crypto.c | 45 ++++++++++++++++++++++++++++++++------------
fs/ceph/crypto.h | 4 ++--
fs/ceph/mds_client.c | 12 ++++++++----
3 files changed, 43 insertions(+), 18 deletions(-)
--
2.53.0
next reply other threads:[~2026-05-27 2:59 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-27 2:58 Sam Edwards [this message]
2026-05-27 2:58 ` [PATCH 1/2] ceph: pass fscrypt `tname` buffers directly Sam Edwards
2026-05-27 12:00 ` David Laight
2026-05-27 18:06 ` Sam Edwards
2026-05-27 22:13 ` David Laight
2026-05-27 22:44 ` Sam Edwards
2026-05-27 2:58 ` [PATCH 2/2] ceph: properly decrypt filenames in vmalloc() buffers Sam Edwards
2026-05-29 20:50 ` Viacheslav Dubeyko
2026-05-30 0:59 ` Sam Edwards
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260527025828.5966-1-CFSworks@gmail.com \
--to=cfsworks@gmail.com \
--cc=amarkuze@redhat.com \
--cc=ceph-devel@vger.kernel.org \
--cc=idryomov@gmail.com \
--cc=jlayton@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mchangir@redhat.com \
--cc=slava@dubeyko.com \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.