From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.9 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 622ECC433E2 for ; Tue, 15 Sep 2020 01:00:11 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1FA06212CC for ; Tue, 15 Sep 2020 01:00:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600131611; bh=IbaPkFrhAxdJSC83VEKLmmgUVkpafpKKB64Q7AESnO4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:List-ID:From; b=nzXOBudnpE8tlSYQ1mxZuyiT545v/PrYDh+6GIsZ2YJacwM82oPIsO546GVR2J243 7eqsDa+NsctoH6wCeWkaJm6R26rlSH9Qzxg/7EOH1UV9MLliO9rm93RpLdauQcbi2X KMVbAxDbH2jl2RBIKHNRjKaFDHN3AV/HoQE1p01c= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726043AbgIOBAK (ORCPT ); Mon, 14 Sep 2020 21:00:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:44832 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725999AbgIOBAJ (ORCPT ); Mon, 14 Sep 2020 21:00:09 -0400 Received: from sol.localdomain (172-10-235-113.lightspeed.sntcca.sbcglobal.net [172.10.235.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 8CFDA20897; Tue, 15 Sep 2020 01:00:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600131608; bh=IbaPkFrhAxdJSC83VEKLmmgUVkpafpKKB64Q7AESnO4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=f2ptrCfeNLPq6LkBx0O4Oe6DsYFsXHzhANeJTQK4cMP12AjNh9VJKpQLxpzcVKUFG A341KcnDaKUXgt0AvDW83AhltbflPiLGxGkxT53aI1tzZ0jkqrFySuX8Jpq0mfzSNX m2V3aGx1x1P3FxJpmHFrMDaekJeRjaE2Yi3qSaII= Date: Mon, 14 Sep 2020 18:00:07 -0700 From: Eric Biggers To: Jeff Layton Cc: ceph-devel@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: Re: [RFC PATCH v3 07/16] ceph: crypto context handling for ceph Message-ID: <20200915010007.GG899@sol.localdomain> References: <20200914191707.380444-1-jlayton@kernel.org> <20200914191707.380444-8-jlayton@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200914191707.380444-8-jlayton@kernel.org> Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org On Mon, Sep 14, 2020 at 03:16:58PM -0400, Jeff Layton wrote: > +static const union fscrypt_context * > +ceph_get_dummy_context(struct super_block *sb) > +{ > + return ceph_sb_to_client(sb)->dummy_enc_ctx.ctx; > +} This hunk needs to go in the patch that adds test_dummy_encryption support. > diff --git a/fs/ceph/crypto.h b/fs/ceph/crypto.h > new file mode 100644 > index 000000000000..b5f38ee80553 > --- /dev/null > +++ b/fs/ceph/crypto.h > @@ -0,0 +1,24 @@ > +// SPDX-License-Identifier: GPL-2.0 checkpatch wants a /* comment */ here, not a // comment. Can you run checkpatch on the whole patchset and fix the warnings? > +/* > + * Ceph fscrypt functionality > + */ > + > +#ifndef _CEPH_CRYPTO_H > +#define _CEPH_CRYPTO_H > + > +#ifdef CONFIG_FS_ENCRYPTION > + > +#define CEPH_XATTR_NAME_ENCRYPTION_CONTEXT "encryption.ctx" > + > +void ceph_fscrypt_set_ops(struct super_block *sb); > + > +#else /* CONFIG_FS_ENCRYPTION */ > + > +static inline int ceph_fscrypt_set_ops(struct super_block *sb) > +{ > + return 0; > +} The !CONFIG_FS_ENCRYPTION version of ceph_fscrypt_set_ops() needs to return void. > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c > index 526faf4778ce..daae18267fd8 100644 > --- a/fs/ceph/inode.c > +++ b/fs/ceph/inode.c > @@ -549,6 +549,7 @@ void ceph_evict_inode(struct inode *inode) > > percpu_counter_dec(&mdsc->metric.total_inodes); > > + fscrypt_put_encryption_info(inode); > truncate_inode_pages_final(&inode->i_data); > clear_inode(inode); Is it correct for fscrypt_put_encryption_info() to go before truncate_inode_pages_final()? The other filesystems call fscrypt_put_encryption_info() later. Note that all I/O needs to be done before calling fscrypt_put_encryption_info(). > diff --git a/fs/ceph/super.c b/fs/ceph/super.c > index b3fc9bb61afc..055180218224 100644 > --- a/fs/ceph/super.c > +++ b/fs/ceph/super.c > @@ -20,6 +20,7 @@ > #include "super.h" > #include "mds_client.h" > #include "cache.h" > +#include "crypto.h" > > #include > #include > @@ -984,6 +985,10 @@ static int ceph_set_super(struct super_block *s, struct fs_context *fc) > s->s_time_min = 0; > s->s_time_max = U32_MAX; > > + ret = ceph_fscrypt_set_ops(s); > + if (ret) > + goto out; > + This part doesn't compile when CONFIG_FS_ENCRYPTION=y. It got fixed in a later patch, but it should be fixed here. > diff --git a/fs/ceph/super.h b/fs/ceph/super.h > index 483a52d281cd..cc39cc36de77 100644 > --- a/fs/ceph/super.h > +++ b/fs/ceph/super.h > @@ -985,6 +985,7 @@ extern ssize_t ceph_listxattr(struct dentry *, char *, size_t); > extern struct ceph_buffer *__ceph_build_xattrs_blob(struct ceph_inode_info *ci); > extern void __ceph_destroy_xattrs(struct ceph_inode_info *ci); > extern const struct xattr_handler *ceph_xattr_handlers[]; > +bool ceph_inode_has_xattr(struct ceph_inode_info *ci, char *name); > > struct ceph_acl_sec_ctx { > #ifdef CONFIG_CEPH_FS_POSIX_ACL > diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c > index 3a733ac33d9b..9dcb060cba9a 100644 > --- a/fs/ceph/xattr.c > +++ b/fs/ceph/xattr.c > @@ -1283,6 +1283,38 @@ void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx) > ceph_pagelist_release(as_ctx->pagelist); > } > > +/* Return true if inode's xattr blob has an xattr named "name" */ > +bool ceph_inode_has_xattr(struct ceph_inode_info *ci, char *name) Use 'const char *' instead of 'char *'? - Eric