From: "Luís Henriques" <lhenriques@suse.de>
To: Eric Biggers <ebiggers@kernel.org>, Xiubo Li <xiubli@redhat.com>,
Jeff Layton <jlayton@kernel.org>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>,
"Jaegeuk Kim" <jaegeuk@kernel.org>,
"Ilya Dryomov" <idryomov@gmail.com>,
linux-fscrypt@vger.kernel.org, ceph-devel@vger.kernel.org,
linux-kernel@vger.kernel.org,
"Luís Henriques" <lhenriques@suse.de>
Subject: [PATCH v2 1/2] fscrypt: new helper function - fscrypt_prepare_atomic_open()
Date: Tue, 14 Mar 2023 10:39:01 +0000 [thread overview]
Message-ID: <20230314103902.32592-2-lhenriques@suse.de> (raw)
In-Reply-To: <20230314103902.32592-1-lhenriques@suse.de>
This patch introduces a new helper function which prepares an atomic_open.
Because atomic open can act as a lookup if handed a dentry that is negative,
we need to set DCACHE_NOKEY_NAME if the key for the parent isn't available.
The reason for getting the encryption info before checking if the directory has
the encryption key is because we may have the key available but the encryption
info isn't yet set (maybe due to a drop_caches). The regular open path will
call fscrypt_file_open() which uses function fscrypt_require_key() for setting
the encryption info if needed. The atomic open needs to do something similar.
Signed-off-by: Luís Henriques <lhenriques@suse.de>
---
fs/crypto/hooks.c | 33 +++++++++++++++++++++++++++++++++
include/linux/fscrypt.h | 7 +++++++
2 files changed, 40 insertions(+)
diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index 7b8c5a1104b5..165ddf01bf9f 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -117,6 +117,39 @@ int __fscrypt_prepare_readdir(struct inode *dir)
}
EXPORT_SYMBOL_GPL(__fscrypt_prepare_readdir);
+/**
+ * fscrypt_prepare_atomic_open() - prepare an atomic open on an encrypted directory
+ * @dir: inode of parent directory
+ * @dentry: dentry being open
+ *
+ * Because atomic open can act as a lookup if handed a dentry that is negative,
+ * we need to set DCACHE_NOKEY_NAME if the key for the parent isn't available.
+ *
+ * The reason for getting the encryption info before checking if the directory
+ * has the encryption key is because the key may be available but the encryption
+ * info isn't yet set (maybe due to a drop_caches). The regular open path will
+ * call fscrypt_file_open() which uses function fscrypt_require_key() for
+ * setting the encryption info if needed. The atomic open needs to do something
+ * similar.
+ *
+ * Return: 0 on success, or an error code if fscrypt_get_encryption_info()
+ * fails.
+ */
+int fscrypt_prepare_atomic_open(struct inode *dir, struct dentry *dentry)
+{
+ int err;
+
+ err = fscrypt_get_encryption_info(dir, true);
+ if (!err && !fscrypt_has_encryption_key(dir)) {
+ spin_lock(&dentry->d_lock);
+ dentry->d_flags |= DCACHE_NOKEY_NAME;
+ spin_unlock(&dentry->d_lock);
+ }
+
+ return err;
+}
+EXPORT_SYMBOL_GPL(fscrypt_prepare_atomic_open);
+
int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr)
{
if (attr->ia_valid & ATTR_SIZE)
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index 4f5f8a651213..c70acb2a737a 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -362,6 +362,7 @@ int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
struct fscrypt_name *fname);
int __fscrypt_prepare_readdir(struct inode *dir);
+int fscrypt_prepare_atomic_open(struct inode *dir, struct dentry *dentry);
int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr);
int fscrypt_prepare_setflags(struct inode *inode,
unsigned int oldflags, unsigned int flags);
@@ -688,6 +689,12 @@ static inline int __fscrypt_prepare_readdir(struct inode *dir)
return -EOPNOTSUPP;
}
+static inline int fscrypt_prepare_atomic_open(struct inode *dir,
+ struct dentry *dentry)
+{
+ return -EOPNOTSUPP;
+}
+
static inline int __fscrypt_prepare_setattr(struct dentry *dentry,
struct iattr *attr)
{
next prev parent reply other threads:[~2023-03-14 10:40 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-14 10:39 [PATCH v2 0/2] ceph: fscrypt: fix atomic open bug for encrypted directories Luís Henriques
2023-03-14 10:39 ` Luís Henriques [this message]
2023-03-14 13:37 ` [PATCH v2 1/2] fscrypt: new helper function - fscrypt_prepare_atomic_open() Xiubo Li
2023-03-14 10:39 ` [PATCH v2 2/2] ceph: switch atomic open to use new fscrypt helper Luís Henriques
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230314103902.32592-2-lhenriques@suse.de \
--to=lhenriques@suse.de \
--cc=ceph-devel@vger.kernel.org \
--cc=ebiggers@kernel.org \
--cc=idryomov@gmail.com \
--cc=jaegeuk@kernel.org \
--cc=jlayton@kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox