From: Eric Biggers <ebiggers3@gmail.com>
To: linux-fscrypt@vger.kernel.org
Cc: "Theodore Y . Ts'o" <tytso@mit.edu>,
Eric Biggers <ebiggers@google.com>,
linux-f2fs-devel@lists.sourceforge.net,
linux-mtd@lists.infradead.org, Jaegeuk Kim <jaegeuk@kernel.org>,
linux-ext4@vger.kernel.org
Subject: [PATCH 22/24] fscrypt: define fscrypt_fname_alloc_buffer() to be for presented names
Date: Fri, 15 Dec 2017 09:42:23 -0800 [thread overview]
Message-ID: <20171215174225.31583-23-ebiggers3@gmail.com> (raw)
In-Reply-To: <20171215174225.31583-1-ebiggers3@gmail.com>
From: Eric Biggers <ebiggers@google.com>
Previously fscrypt_fname_alloc_buffer() was used to allocate buffers for
both presented (decrypted or encoded) and encrypted filenames. That was
confusing, because it had to allocate the worst-case size for either,
e.g. including NUL-padding even when it was meaningless.
But now that fscrypt_setup_filename() no longer calls it, it is only
used in the ->get_link() and ->readdir() paths, which specifically want
a buffer for presented filenames. Therefore, switch the behavior over
to allocating the buffer for presented filenames only.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
fs/crypto/fname.c | 29 ++++++++++++++---------------
include/linux/fscrypt_notsupp.h | 2 +-
2 files changed, 15 insertions(+), 16 deletions(-)
diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
index 65424b89a1d1..44ddd094b7c5 100644
--- a/fs/crypto/fname.c
+++ b/fs/crypto/fname.c
@@ -204,37 +204,36 @@ u32 fscrypt_fname_encrypted_size(const struct inode *inode, u32 ilen)
EXPORT_SYMBOL(fscrypt_fname_encrypted_size);
/**
- * fscrypt_fname_crypto_alloc_obuff() -
+ * fscrypt_fname_alloc_buffer - allocate a buffer for presented filenames
*
- * Allocates an output buffer that is sufficient for the crypto operation
- * specified by the context and the direction.
+ * Allocate a buffer that is large enough to hold any decrypted or encoded
+ * filename (null-terminated), for the given maximum encrypted filename length.
+ *
+ * Return: 0 on success, -errno on failure
*/
int fscrypt_fname_alloc_buffer(const struct inode *inode,
- u32 ilen, struct fscrypt_str *crypto_str)
+ u32 max_encrypted_len,
+ struct fscrypt_str *crypto_str)
{
- u32 olen = fscrypt_fname_encrypted_size(inode, ilen);
const u32 max_encoded_len =
max_t(u32, BASE64_CHARS(FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE),
1 + BASE64_CHARS(sizeof(struct fscrypt_digested_name)));
+ u32 max_presented_len;
- crypto_str->len = olen;
- olen = max(olen, max_encoded_len);
+ max_presented_len = max(max_encoded_len, max_encrypted_len);
- /*
- * Allocated buffer can hold one more character to null-terminate the
- * string
- */
- crypto_str->name = kmalloc(olen + 1, GFP_NOFS);
- if (!(crypto_str->name))
+ crypto_str->name = kmalloc(max_presented_len + 1, GFP_NOFS);
+ if (!crypto_str->name)
return -ENOMEM;
+ crypto_str->len = max_presented_len;
return 0;
}
EXPORT_SYMBOL(fscrypt_fname_alloc_buffer);
/**
- * fscrypt_fname_crypto_free_buffer() -
+ * fscrypt_fname_free_buffer - free the buffer for presented filenames
*
- * Frees the buffer allocated for crypto operation.
+ * Free the buffer allocated by fscrypt_fname_alloc_buffer().
*/
void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str)
{
diff --git a/include/linux/fscrypt_notsupp.h b/include/linux/fscrypt_notsupp.h
index 0962f504aa91..c9592e307df5 100644
--- a/include/linux/fscrypt_notsupp.h
+++ b/include/linux/fscrypt_notsupp.h
@@ -140,7 +140,7 @@ static inline u32 fscrypt_fname_encrypted_size(const struct inode *inode,
}
static inline int fscrypt_fname_alloc_buffer(const struct inode *inode,
- u32 ilen,
+ u32 max_encrypted_len,
struct fscrypt_str *crypto_str)
{
return -EOPNOTSUPP;
--
2.15.1
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
next prev parent reply other threads:[~2017-12-15 17:42 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-15 17:42 [PATCH 00/24] fscrypt: symlink helpers and fscrypt.h cleanup Eric Biggers
2017-12-15 17:42 ` [PATCH 01/24] fscrypt: move fscrypt_has_encryption_key() to supp/notsupp headers Eric Biggers
2017-12-15 17:42 ` [PATCH 02/24] fscrypt: move fscrypt_control_page() " Eric Biggers
2017-12-15 17:42 ` [PATCH 03/24] fscrypt: move fscrypt_info_cachep declaration to fscrypt_private.h Eric Biggers
2017-12-15 17:42 ` [PATCH 04/24] fscrypt: move fscrypt_ctx declaration to fscrypt_supp.h Eric Biggers
2017-12-15 17:42 ` [PATCH 05/24] fscrypt: split fscrypt_dummy_context_enabled() into supp/notsupp versions Eric Biggers
2017-12-15 17:42 ` [PATCH 06/24] fscrypt: move fscrypt_operations declaration to fscrypt_supp.h Eric Biggers
2017-12-15 17:42 ` [PATCH 07/24] fscrypt: move fscrypt_valid_enc_modes() to fscrypt_private.h Eric Biggers
2017-12-15 17:42 ` [PATCH 08/24] fscrypt: move fscrypt_is_dot_dotdot() to fs/crypto/fname.c Eric Biggers
2017-12-15 17:42 ` [PATCH 09/24] fscrypt: trim down fscrypt.h includes Eric Biggers
2017-12-15 17:42 ` [PATCH 10/24] fscrypt: new helper functions for ->symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 11/24] fscrypt: new helper function - fscrypt_get_symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 12/24] ext4: switch to fscrypt ->symlink() helper functions Eric Biggers
2017-12-15 17:42 ` [PATCH 13/24] ext4: switch to fscrypt_get_symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 14/24] f2fs: switch to fscrypt ->symlink() helper functions Eric Biggers
2017-12-15 17:42 ` [PATCH 15/24] f2fs: switch to fscrypt_get_symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 16/24] ubifs: free the encrypted symlink target Eric Biggers
2017-12-15 17:42 ` [PATCH 17/24] ubifs: switch to fscrypt ->symlink() helper functions Eric Biggers
2017-12-15 17:42 ` [PATCH 18/24] ubifs: switch to fscrypt_get_symlink() Eric Biggers
2017-12-15 17:42 ` [PATCH 19/24] fscrypt: remove fscrypt_fname_usr_to_disk() Eric Biggers
2017-12-15 17:42 ` [PATCH 20/24] fscrypt: move fscrypt_symlink_data to fscrypt_private.h Eric Biggers
2017-12-15 17:42 ` [PATCH 21/24] fscrypt: calculate NUL-padding length in one place only Eric Biggers
2017-12-15 17:42 ` Eric Biggers [this message]
2017-12-15 17:42 ` [PATCH 23/24] fscrypt: fix up fscrypt_fname_encrypted_size() for internal use Eric Biggers
2017-12-15 17:42 ` [PATCH 24/24] fscrypt: document symlink length restriction Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171215174225.31583-23-ebiggers3@gmail.com \
--to=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=jaegeuk@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).