From: Jaegeuk Kim <jaegeuk@kernel.org>
To: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net
Cc: Jaegeuk Kim <jaegeuk@kernel.org>
Subject: [PATCH 15/18] f2fs crypto: add filename encryption for roll-forward recovery
Date: Fri, 8 May 2015 21:20:50 -0700 [thread overview]
Message-ID: <1431145253-2019-15-git-send-email-jaegeuk@kernel.org> (raw)
In-Reply-To: <1431145253-2019-1-git-send-email-jaegeuk@kernel.org>
This patch adds a bit flag to indicate whether or not i_name in the inode
is encrypted.
If this name is encrypted, we can't do recover_dentry during roll-forward.
So, f2fs_sync_file() needs to do checkpoint, if this will be needed in future.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/dir.c | 8 +++++++-
fs/f2fs/f2fs.h | 5 ++++-
fs/f2fs/file.c | 4 +++-
fs/f2fs/namei.c | 20 +++++++++++++++-----
fs/f2fs/recovery.c | 13 ++++++++++++-
5 files changed, 41 insertions(+), 9 deletions(-)
diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c
index 5e10d9d..12f6869 100644
--- a/fs/f2fs/dir.c
+++ b/fs/f2fs/dir.c
@@ -314,10 +314,14 @@ static void init_dent_inode(const struct qstr *name, struct page *ipage)
set_page_dirty(ipage);
}
-int update_dent_inode(struct inode *inode, const struct qstr *name)
+int update_dent_inode(struct inode *inode, struct inode *to,
+ const struct qstr *name)
{
struct page *page;
+ if (file_enc_name(to))
+ return 0;
+
page = get_node_page(F2FS_I_SB(inode), inode->i_ino);
if (IS_ERR(page))
return PTR_ERR(page);
@@ -597,6 +601,8 @@ add_dentry:
err = PTR_ERR(page);
goto fail;
}
+ if (f2fs_encrypted_inode(dir))
+ file_set_enc_name(inode);
}
make_dentry_ptr(NULL, &d, (void *)dentry_blk, 1);
diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
index 6898331..fda040b 100644
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -378,6 +378,7 @@ struct f2fs_map_blocks {
#define FADVISE_COLD_BIT 0x01
#define FADVISE_LOST_PINO_BIT 0x02
#define FADVISE_ENCRYPT_BIT 0x04
+#define FADVISE_ENC_NAME_BIT 0x08
#define file_is_cold(inode) is_file(inode, FADVISE_COLD_BIT)
#define file_wrong_pino(inode) is_file(inode, FADVISE_LOST_PINO_BIT)
@@ -388,6 +389,8 @@ struct f2fs_map_blocks {
#define file_is_encrypt(inode) is_file(inode, FADVISE_ENCRYPT_BIT)
#define file_set_encrypt(inode) set_file(inode, FADVISE_ENCRYPT_BIT)
#define file_clear_encrypt(inode) clear_file(inode, FADVISE_ENCRYPT_BIT)
+#define file_enc_name(inode) is_file(inode, FADVISE_ENC_NAME_BIT)
+#define file_set_enc_name(inode) set_file(inode, FADVISE_ENC_NAME_BIT)
/* Encryption algorithms */
#define F2FS_ENCRYPTION_MODE_INVALID 0
@@ -1602,7 +1605,7 @@ struct f2fs_dir_entry *f2fs_parent_dir(struct inode *, struct page **);
ino_t f2fs_inode_by_name(struct inode *, struct qstr *);
void f2fs_set_link(struct inode *, struct f2fs_dir_entry *,
struct page *, struct inode *);
-int update_dent_inode(struct inode *, const struct qstr *);
+int update_dent_inode(struct inode *, struct inode *, const struct qstr *);
void f2fs_update_dentry(nid_t ino, umode_t mode, struct f2fs_dentry_ptr *,
const struct qstr *, f2fs_hash_t , unsigned int);
int __f2fs_add_link(struct inode *, const struct qstr *, struct inode *, nid_t,
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index d7daff8..14eb4f7 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -106,7 +106,7 @@ static int get_parent_ino(struct inode *inode, nid_t *pino)
if (!dentry)
return 0;
- if (update_dent_inode(inode, &dentry->d_name)) {
+ if (update_dent_inode(inode, inode, &dentry->d_name)) {
dput(dentry);
return 0;
}
@@ -123,6 +123,8 @@ static inline bool need_do_checkpoint(struct inode *inode)
if (!S_ISREG(inode->i_mode) || inode->i_nlink != 1)
need_cp = true;
+ else if (file_enc_name(inode) && need_dentry_mark(sbi, inode->i_ino))
+ need_cp = true;
else if (file_wrong_pino(inode))
need_cp = true;
else if (!space_for_roll_forward(sbi))
diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
index bc8992e..c857f82 100644
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@@ -517,7 +517,8 @@ static int f2fs_rename(struct inode *old_dir, struct dentry *old_dentry,
if (err)
goto put_out_dir;
- if (update_dent_inode(old_inode, &new_dentry->d_name)) {
+ if (update_dent_inode(old_inode, new_inode,
+ &new_dentry->d_name)) {
release_orphan_inode(sbi);
goto put_out_dir;
}
@@ -557,6 +558,8 @@ static int f2fs_rename(struct inode *old_dir, struct dentry *old_dentry,
down_write(&F2FS_I(old_inode)->i_sem);
file_lost_pino(old_inode);
+ if (new_inode && file_enc_name(new_inode))
+ file_set_enc_name(old_inode);
up_write(&F2FS_I(old_inode)->i_sem);
old_inode->i_ctime = CURRENT_TIME;
@@ -659,13 +662,17 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
f2fs_lock_op(sbi);
- err = update_dent_inode(old_inode, &new_dentry->d_name);
+ err = update_dent_inode(old_inode, new_inode, &new_dentry->d_name);
if (err)
goto out_unlock;
+ if (file_enc_name(new_inode))
+ file_set_enc_name(old_inode);
- err = update_dent_inode(new_inode, &old_dentry->d_name);
+ err = update_dent_inode(new_inode, old_inode, &old_dentry->d_name);
if (err)
goto out_undo;
+ if (file_enc_name(old_inode))
+ file_set_enc_name(new_inode);
/* update ".." directory entry info of old dentry */
if (old_dir_entry)
@@ -723,8 +730,11 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
f2fs_sync_fs(sbi->sb, 1);
return 0;
out_undo:
- /* Still we may fail to recover name info of f2fs_inode here */
- update_dent_inode(old_inode, &old_dentry->d_name);
+ /*
+ * Still we may fail to recover name info of f2fs_inode here
+ * Drop it, once its name is set as encrypted
+ */
+ update_dent_inode(old_inode, old_inode, &old_dentry->d_name);
out_unlock:
f2fs_unlock_op(sbi);
out_new_dir:
diff --git a/fs/f2fs/recovery.c b/fs/f2fs/recovery.c
index f77a1be..9de2587 100644
--- a/fs/f2fs/recovery.c
+++ b/fs/f2fs/recovery.c
@@ -83,6 +83,11 @@ static int recover_dentry(struct inode *inode, struct page *ipage)
goto out;
}
+ if (file_enc_name(inode)) {
+ iput(dir);
+ return 0;
+ }
+
name.len = le32_to_cpu(raw_inode->i_namelen);
name.name = raw_inode->i_name;
@@ -143,6 +148,7 @@ out:
static void recover_inode(struct inode *inode, struct page *page)
{
struct f2fs_inode *raw = F2FS_INODE(page);
+ char *name;
inode->i_mode = le16_to_cpu(raw->i_mode);
i_size_write(inode, le64_to_cpu(raw->i_size));
@@ -153,8 +159,13 @@ static void recover_inode(struct inode *inode, struct page *page)
inode->i_ctime.tv_nsec = le32_to_cpu(raw->i_ctime_nsec);
inode->i_mtime.tv_nsec = le32_to_cpu(raw->i_mtime_nsec);
+ if (file_enc_name(inode))
+ name = "<encrypted>";
+ else
+ name = F2FS_INODE(page)->i_name;
+
f2fs_msg(inode->i_sb, KERN_NOTICE, "recover_inode: ino = %x, name = %s",
- ino_of_node(page), F2FS_INODE(page)->i_name);
+ ino_of_node(page), name);
}
static int find_fsync_dnodes(struct f2fs_sb_info *sbi, struct list_head *head)
--
2.1.1
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
next prev parent reply other threads:[~2015-05-09 4:20 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-09 4:20 [PATCH 01/18] f2fs: avoid value overflow in showing current status Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 02/18] f2fs: report unwritten area in f2fs_fiemap Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 03/18] f2fs crypto: declare some definitions for f2fs encryption feature Jaegeuk Kim
2015-05-13 2:02 ` Dave Chinner
2015-05-13 2:23 ` nick
2015-05-13 6:48 ` Jaegeuk Kim
2015-05-14 0:37 ` Dave Chinner
2015-05-14 1:56 ` Jaegeuk Kim
2015-05-14 16:50 ` Tom Marshall
2015-05-16 1:14 ` Jaegeuk Kim
2015-05-16 4:47 ` Tom Marshall
2015-05-18 6:24 ` Jaegeuk Kim
2015-05-16 13:24 ` Theodore Ts'o
2015-05-16 17:13 ` Tom Marshall
2015-05-20 17:46 ` fs compression Tom Marshall
2015-05-20 19:50 ` Tom Marshall
2015-05-20 21:36 ` Theodore Ts'o
2015-05-20 22:46 ` Tom Marshall
2015-05-21 4:28 ` Tom Marshall
2015-05-27 18:53 ` Tom Marshall
2015-05-27 23:38 ` Theodore Ts'o
2015-05-28 0:20 ` Tom Marshall
2015-05-28 20:55 ` Tom Marshall
2015-05-29 0:18 ` Tom Marshall
2015-05-29 17:05 ` Tom Marshall
2015-05-29 21:52 ` Tom Marshall
2015-05-09 4:20 ` [PATCH 04/18] f2fs crypto: add f2fs encryption Kconfig Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 05/18] f2fs crypto: add encryption xattr support Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 06/18] f2fs crypto: add encryption policy and password salt support Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 07/18] f2fs crypto: add f2fs encryption facilities Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 08/18] f2fs crypto: add encryption key management facilities Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 09/18] f2fs crypto: filename encryption facilities Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 10/18] f2fs crypto: activate encryption support for fs APIs Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 11/18] f2fs crypto: add encryption support in read/write paths Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 12/18] f2fs crypto: add filename encryption for f2fs_add_link Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 13/18] f2fs crypto: add filename encryption for f2fs_readdir Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 14/18] f2fs crypto: add filename encryption for f2fs_lookup Jaegeuk Kim
2015-05-11 2:52 ` hujianyang
2015-05-11 5:12 ` [f2fs-dev] " Jaegeuk Kim
2015-05-11 6:38 ` hujianyang
2015-05-09 4:20 ` Jaegeuk Kim [this message]
2015-05-09 4:20 ` [PATCH 16/18] f2fs crypto: add symlink encryption Jaegeuk Kim
2015-05-09 4:25 ` Al Viro
2015-05-11 5:15 ` Jaegeuk Kim
2015-05-12 3:48 ` [PATCH 16/18 v2] " Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 17/18] f2fs crypto: fix missing key when reading a page Jaegeuk Kim
2015-05-09 4:20 ` [PATCH 18/18] f2fs crypto: remove checking key context during lookup Jaegeuk Kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1431145253-2019-15-git-send-email-jaegeuk@kernel.org \
--to=jaegeuk@kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).