From: Eric Biggers <ebiggers3@gmail.com>
To: Jaegeuk Kim <jaegeuk@kernel.org>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
tytso@mit.edu, linux-ext4@vger.kernel.org
Subject: Re: [PATCH] ext4 crypto: migrate into vfs's crypto engine
Date: Fri, 6 May 2016 21:31:02 -0500 [thread overview]
Message-ID: <20160507023102.GB906@zzz> (raw)
In-Reply-To: <1461629736-16523-1-git-send-email-jaegeuk@kernel.org>
Hi Jaegeuk,
On Mon, Apr 25, 2016 at 05:15:36PM -0700, Jaegeuk Kim wrote:
> This patch removes the most parts of internal crypto codes.
> And then, it modifies and adds some ext4-specific crypt codes to use the generic
> facility.
Except for the key name prefix issue that Ted pointed out, this overall seems
good, although I didn't read into every detail and haven't yet tested the code.
A few comments:
There are compiler errors and warnings in the function 'dx_show_leaf()', which
is not compiled by default.
In ext4_lookup():
> /*
> * DCACHE_ENCRYPTED_WITH_KEY is set if the dentry is
> * created while the directory was encrypted and we
> * don't have access to the key.
> */
> if (fscrypt_has_encryption_key(dir))
> fscrypt_set_encrypted_dentry(dentry);
Shouldn't this say "and we have access to the key"? Or is the code wrong?
In ext4_empty_dir():
> bool err = false;
Since this is a bool it should not be called "err". Maybe call it "empty"
instead.
In ext4_finish_bio():
> if (!page->mapping) {
> /* The bounce data pages are unmapped. */
> data_page = page;
> fscrypt_pullback_bio_page(&page, false);
> }
...
>#ifdef CONFIG_EXT4_FS_ENCRYPTION
> if (data_page)
> fscrypt_restore_control_page(data_page);
>#endif
Does this always do the same thing as the previous code? Does !page->mapping
always imply that the page was involved in encrypted I/O?
In ext4_encrypted_get_link():
> if ((cstr.len +
> sizeof(struct fscrypt_symlink_data) - 1) >
> max_size) {
Make this one line?
In ext4_file_mmap()
> int err = fscrypt_get_encryption_info(inode);
> if (err)
> return 0;
Should the error code be propagated to the caller?
In ext4_ioctl():
> case EXT4_IOC_GET_ENCRYPTION_POLICY: {
>#ifdef CONFIG_EXT4_FS_ENCRYPTION
> struct fscrypt_policy policy;
> int err = 0;
>
> if (!ext4_encrypted_inode(inode))
> return -ENOENT;
This is existing code and I do not know if it can be changed, but I feel that
ENOENT is a not good error code here. If the ext4_encrypted_inode() check were
to be removed, the implementation would match f2fs and the error code would be
ENODATA instead.
- Eric
next prev parent reply other threads:[~2016-05-07 2:31 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-26 0:15 [PATCH] ext4 crypto: migrate into vfs's crypto engine Jaegeuk Kim
2016-05-05 3:20 ` Theodore Ts'o
2016-05-05 4:22 ` Jaegeuk Kim
2016-05-05 12:44 ` Theodore Ts'o
2016-05-06 0:25 ` Jaegeuk Kim
2016-05-07 2:31 ` Eric Biggers [this message]
2016-05-07 18:46 ` Jaegeuk Kim
2016-05-07 18:52 ` [PATCH v2] " Jaegeuk Kim
2016-07-15 2:45 ` Theodore Ts'o
2016-07-15 2:53 ` Jaegeuk Kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160507023102.GB906@zzz \
--to=ebiggers3@gmail.com \
--cc=jaegeuk@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).