From: Eric Biggers <ebiggers3@gmail.com>
To: linux-fscrypt@vger.kernel.org
Cc: "Theodore Y . Ts'o" <tytso@mit.edu>,
Eric Biggers <ebiggers@google.com>,
linux-f2fs-devel@lists.sourceforge.net,
linux-mtd@lists.infradead.org, Jaegeuk Kim <jaegeuk@kernel.org>,
linux-ext4@vger.kernel.org
Subject: [PATCH 11/24] fscrypt: new helper function - fscrypt_get_symlink()
Date: Fri, 15 Dec 2017 09:42:12 -0800 [thread overview]
Message-ID: <20171215174225.31583-12-ebiggers3@gmail.com> (raw)
In-Reply-To: <20171215174225.31583-1-ebiggers3@gmail.com>
From: Eric Biggers <ebiggers@google.com>
Filesystems also have duplicate code to support ->get_link() on
encrypted symlinks. Factor it out into a new function
fscrypt_get_symlink(). It takes in the contents of the encrypted
symlink on-disk and provides the target (decrypted or encoded) that
should be returned from ->get_link().
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
fs/crypto/hooks.c | 73 +++++++++++++++++++++++++++++++++++++++++
include/linux/fscrypt_notsupp.h | 8 +++++
include/linux/fscrypt_supp.h | 3 ++
3 files changed, 84 insertions(+)
diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index 483e87d40f03..0f103a5cb1aa 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -196,3 +196,76 @@ int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
return 0;
}
EXPORT_SYMBOL_GPL(__fscrypt_encrypt_symlink);
+
+/**
+ * fscrypt_get_symlink - get the target of an encrypted symlink
+ * @inode: the symlink inode
+ * @caddr: the on-disk contents of the symlink
+ * @max_size: size of @caddr buffer
+ * @done: if successful, will be set up to free the returned target
+ *
+ * If the symlink's encryption key is available, we decrypt its target.
+ * Otherwise, we encode its target for presentation.
+ *
+ * This may sleep, so the filesystem must have dropped out of RCU mode already.
+ *
+ * Return: the presentable symlink target or an ERR_PTR()
+ */
+const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
+ unsigned int max_size,
+ struct delayed_call *done)
+{
+ const struct fscrypt_symlink_data *sd;
+ struct fscrypt_str cstr, pstr;
+ int err;
+
+ /* This is for encrypted symlinks only */
+ if (WARN_ON(!IS_ENCRYPTED(inode)))
+ return ERR_PTR(-EINVAL);
+
+ /*
+ * Try to set up the symlink's encryption key, but we can continue
+ * regardless of whether the key is available or not.
+ */
+ err = fscrypt_get_encryption_info(inode);
+ if (err)
+ return ERR_PTR(err);
+
+ /*
+ * For historical reasons, encrypted symlink targets are prefixed with
+ * the ciphertext length, even though this is redundant with i_size.
+ */
+
+ if (max_size < sizeof(*sd))
+ return ERR_PTR(-EUCLEAN);
+ sd = caddr;
+ cstr.name = (unsigned char *)sd->encrypted_path;
+ cstr.len = le16_to_cpu(sd->len);
+
+ if (cstr.len == 0)
+ return ERR_PTR(-EUCLEAN);
+
+ if (cstr.len + sizeof(*sd) - 1 > max_size)
+ return ERR_PTR(-EUCLEAN);
+
+ err = fscrypt_fname_alloc_buffer(inode, cstr.len, &pstr);
+ if (err)
+ return ERR_PTR(err);
+
+ err = fscrypt_fname_disk_to_usr(inode, 0, 0, &cstr, &pstr);
+ if (err)
+ goto err_kfree;
+
+ err = -EUCLEAN;
+ if (pstr.name[0] == '\0')
+ goto err_kfree;
+
+ pstr.name[pstr.len] = '\0';
+ set_delayed_call(done, kfree_link, pstr.name);
+ return pstr.name;
+
+err_kfree:
+ kfree(pstr.name);
+ return ERR_PTR(err);
+}
+EXPORT_SYMBOL_GPL(fscrypt_get_symlink);
diff --git a/include/linux/fscrypt_notsupp.h b/include/linux/fscrypt_notsupp.h
index 02ec0aa894d8..dd106640c6ea 100644
--- a/include/linux/fscrypt_notsupp.h
+++ b/include/linux/fscrypt_notsupp.h
@@ -239,4 +239,12 @@ static inline int __fscrypt_encrypt_symlink(struct inode *inode,
return -EOPNOTSUPP;
}
+static inline const char *fscrypt_get_symlink(struct inode *inode,
+ const void *caddr,
+ unsigned int max_size,
+ struct delayed_call *done)
+{
+ return ERR_PTR(-EOPNOTSUPP);
+}
+
#endif /* _LINUX_FSCRYPT_NOTSUPP_H */
diff --git a/include/linux/fscrypt_supp.h b/include/linux/fscrypt_supp.h
index 7e0b67ccd816..dc2babf3f7d3 100644
--- a/include/linux/fscrypt_supp.h
+++ b/include/linux/fscrypt_supp.h
@@ -211,5 +211,8 @@ extern int __fscrypt_prepare_symlink(struct inode *dir, unsigned int len,
extern int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
unsigned int len,
struct fscrypt_str *disk_link);
+extern const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
+ unsigned int max_size,
+ struct delayed_call *done);
#endif /* _LINUX_FSCRYPT_SUPP_H */
--
2.15.1
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
next prev parent reply other threads:[~2017-12-15 17:42 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-15 17:42 [PATCH 00/24] fscrypt: symlink helpers and fscrypt.h cleanup Eric Biggers
2017-12-15 17:42 ` [PATCH 01/24] fscrypt: move fscrypt_has_encryption_key() to supp/notsupp headers Eric Biggers
2017-12-15 17:42 ` [PATCH 02/24] fscrypt: move fscrypt_control_page() " Eric Biggers
2017-12-15 17:42 ` [PATCH 03/24] fscrypt: move fscrypt_info_cachep declaration to fscrypt_private.h Eric Biggers
2017-12-15 17:42 ` [PATCH 04/24] fscrypt: move fscrypt_ctx declaration to fscrypt_supp.h Eric Biggers
2017-12-15 17:42 ` [PATCH 05/24] fscrypt: split fscrypt_dummy_context_enabled() into supp/notsupp versions Eric Biggers
2017-12-15 17:42 ` [PATCH 06/24] fscrypt: move fscrypt_operations declaration to fscrypt_supp.h Eric Biggers
2017-12-15 17:42 ` [PATCH 07/24] fscrypt: move fscrypt_valid_enc_modes() to fscrypt_private.h Eric Biggers
2017-12-15 17:42 ` [PATCH 08/24] fscrypt: move fscrypt_is_dot_dotdot() to fs/crypto/fname.c Eric Biggers
2017-12-15 17:42 ` [PATCH 09/24] fscrypt: trim down fscrypt.h includes Eric Biggers
2017-12-15 17:42 ` [PATCH 10/24] fscrypt: new helper functions for ->symlink() Eric Biggers
2017-12-15 17:42 ` Eric Biggers [this message]
2017-12-15 17:42 ` [PATCH 12/24] ext4: switch to fscrypt ->symlink() helper functions Eric Biggers
2017-12-15 17:42 ` [PATCH 13/24] ext4: switch to fscrypt_get_symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 14/24] f2fs: switch to fscrypt ->symlink() helper functions Eric Biggers
2017-12-15 17:42 ` [PATCH 15/24] f2fs: switch to fscrypt_get_symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 16/24] ubifs: free the encrypted symlink target Eric Biggers
2017-12-15 17:42 ` [PATCH 17/24] ubifs: switch to fscrypt ->symlink() helper functions Eric Biggers
2017-12-15 17:42 ` [PATCH 18/24] ubifs: switch to fscrypt_get_symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 19/24] fscrypt: remove fscrypt_fname_usr_to_disk() Eric Biggers
2017-12-15 17:42 ` [PATCH 20/24] fscrypt: move fscrypt_symlink_data to fscrypt_private.h Eric Biggers
2017-12-15 17:42 ` [PATCH 21/24] fscrypt: calculate NUL-padding length in one place only Eric Biggers
2017-12-15 17:42 ` [PATCH 22/24] fscrypt: define fscrypt_fname_alloc_buffer() to be for presented names Eric Biggers
2017-12-15 17:42 ` [PATCH 23/24] fscrypt: fix up fscrypt_fname_encrypted_size() for internal use Eric Biggers
2017-12-15 17:42 ` [PATCH 24/24] fscrypt: document symlink length restriction Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171215174225.31583-12-ebiggers3@gmail.com \
--to=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=jaegeuk@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).