From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AB8AA2010EE; Tue, 2 Jun 2026 02:44:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780368258; cv=none; b=qLUfkQ1OL9IoxbdunsLazmdVaXWwt7570jw454kfsX+HCXEcxQ0k+P8Mbjtf1cF3VtAi9XUNkr18KI8eubYpLtQFRDnlC9JUpVyWk2r4cIcF1C76t7EhVeYwj9u3JZ3Xlwja0R/0T+l51j81YaE4j1yZMi99xYLIQINr1c5T9cg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780368258; c=relaxed/simple; bh=+XmuWlYhTiGmsCI4VothlVzBVtFcGZqioM02u69DrP0=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=oPZIlewKhrTEx6vxEsK4GihzciWfvpfFkWbtewBbSUaZHqyN8zaG2ZPJyktfIXEQxoT9Ep3HdnMn0wivF6Hc50q/PyjergrrzOdQdGwF3wyuh6cqBXPS1Dk+Glp6M4T2riwYHBQalRpmBmTRzKmV8XbViJOsn/3gIX3bLnwA4/Y= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ezJ+I9f+; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ezJ+I9f+" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 048E71F00893; Tue, 2 Jun 2026 02:44:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1780368257; bh=Y4+34rADgxCwFAIURmToK3k1LlbMQhZN2+W42i8hbLs=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=ezJ+I9f+yY5uO9suor+/Yg0R9GFiKd4A8UPK30O7jK+WBDh/uzGqdwf2aBN5L2SR+ LomF5C2oUXergM5ru3hOR+fGEMT02RIFlfJC86wWjagsrfih8lBoEjOG57mE/df8nu O5AP6x5NQtH28FiXFMRHZzbGsCimMF6hcIGRTFunoIu4WDmChZZd0F4Z2piCMuRA11 hcW/NNFQzGxpq5O8WDKJJNrYwn02XmR8wqYB7APGyrzlmygEs5FTtYlfNVmZNF+tAb uQ7jn+RvRURT5TMlnSwaGVuD+EInBAq1Npxmt705Dauvkczup6XFR8NXaqrthnAX1P Na81djBI3fAVQ== Date: Mon, 1 Jun 2026 19:42:53 -0700 From: Eric Biggers To: Daniel Vacek Cc: Chris Mason , Josef Bacik , "Theodore Y. Ts'o" , Jaegeuk Kim , Jens Axboe , David Sterba , linux-block@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v7 36/43] btrfs: deal with encrypted symlinks in send Message-ID: <20260602024253.GD2295@sol> References: <20260513085340.3673127-1-neelx@suse.com> <20260513085340.3673127-37-neelx@suse.com> Precedence: bulk X-Mailing-List: linux-fscrypt@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260513085340.3673127-37-neelx@suse.com> On Wed, May 13, 2026 at 10:53:10AM +0200, Daniel Vacek wrote: > From: Josef Bacik > > Send needs to send the decrypted value of the symlinks, handle the case > where the inode is encrypted and decrypt the symlink name into a buffer > and copy this buffer into our fs_path struct. > > Signed-off-by: Josef Bacik > Signed-off-by: Daniel Vacek > --- > > No changes in v7. > v6 changes: > * read_symlink_encrypted() reworked from using pages to using folios. > v5: https://lore.kernel.org/linux-btrfs/4d97f35d6f85ff041b09bed33b63446a92b7a20c.1706116485.git.josef@toxicpanda.com/ > --- > fs/btrfs/send.c | 45 ++++++++++++++++++++++++++++++++++++++++++--- > 1 file changed, 42 insertions(+), 3 deletions(-) > > diff --git a/fs/btrfs/send.c b/fs/btrfs/send.c > index 89d72d8cb85f..d5256c22fe7a 100644 > --- a/fs/btrfs/send.c > +++ b/fs/btrfs/send.c > @@ -1701,9 +1701,7 @@ static int find_extent_clone(struct send_ctx *sctx, > return ret; > } > > -static int read_symlink(struct btrfs_root *root, > - u64 ino, > - struct fs_path *dest) > +static int read_symlink_unencrypted(struct btrfs_root *root, u64 ino, struct fs_path *dest) > { > int ret; > BTRFS_PATH_AUTO_FREE(path); > @@ -1764,6 +1762,47 @@ static int read_symlink(struct btrfs_root *root, > return fs_path_add_from_extent_buffer(dest, path->nodes[0], off, len); > } > > +static int read_symlink_encrypted(struct btrfs_root *root, u64 ino, struct fs_path *dest) > +{ > + DEFINE_DELAYED_CALL(done); > + const char *buf; > + struct folio *folio; > + struct btrfs_inode *inode; > + int ret = 0; > + > + inode = btrfs_iget(ino, root); > + if (IS_ERR(inode)) > + return PTR_ERR(inode); > + > + folio = read_mapping_folio(inode->vfs_inode.i_mapping, 0, NULL); > + if (IS_ERR(folio)) { > + iput(&inode->vfs_inode); > + return PTR_ERR(folio); > + } > + > + buf = fscrypt_get_symlink(&inode->vfs_inode, folio_address(folio), > + BTRFS_MAX_INLINE_DATA_SIZE(root->fs_info), > + &done); > + folio_put(folio); > + iput(&inode->vfs_inode); > + > + if (IS_ERR(buf)) > + return PTR_ERR(buf); > + > + ret = fs_path_add(dest, buf, strlen(buf)); > + do_delayed_call(&done); > + return ret; > +} > + > + > +static int read_symlink(struct btrfs_root *root, u64 ino, > + struct fs_path *dest) > +{ > + if (btrfs_fs_incompat(root->fs_info, ENCRYPT)) > + return read_symlink_encrypted(root, ino, dest); > + return read_symlink_unencrypted(root, ino, dest); > +} This just assumes that all the symlinks on the filesystem are encrypted, without checking the actual encrypt flag in the inode. Of course, looking at the Sashiko review for this patch, it already found this, as well as a use-after-free. I don't know why I'm even reviewing this. - Eric