From: Jeff Layton <jlayton@kernel.org>
To: ceph-devel@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org
Subject: [PATCH 05/36] fscrypt: uninline and export fscrypt_require_key
Date: Thu, 9 Dec 2021 10:36:16 -0500 [thread overview]
Message-ID: <20211209153647.58953-6-jlayton@kernel.org> (raw)
In-Reply-To: <20211209153647.58953-1-jlayton@kernel.org>
ceph_atomic_open needs to be able to call this.
Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
fs/crypto/fscrypt_private.h | 26 --------------------------
fs/crypto/keysetup.c | 27 +++++++++++++++++++++++++++
include/linux/fscrypt.h | 5 +++++
3 files changed, 32 insertions(+), 26 deletions(-)
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index 51e42767dbd6..89d5d85afdd5 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -579,32 +579,6 @@ void fscrypt_hash_inode_number(struct fscrypt_info *ci,
int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported);
-/**
- * fscrypt_require_key() - require an inode's encryption key
- * @inode: the inode we need the key for
- *
- * If the inode is encrypted, set up its encryption key if not already done.
- * Then require that the key be present and return -ENOKEY otherwise.
- *
- * No locks are needed, and the key will live as long as the struct inode --- so
- * it won't go away from under you.
- *
- * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
- * if a problem occurred while setting up the encryption key.
- */
-static inline int fscrypt_require_key(struct inode *inode)
-{
- if (IS_ENCRYPTED(inode)) {
- int err = fscrypt_get_encryption_info(inode, false);
-
- if (err)
- return err;
- if (!fscrypt_has_encryption_key(inode))
- return -ENOKEY;
- }
- return 0;
-}
-
/* keysetup_v1.c */
void fscrypt_put_direct_key(struct fscrypt_direct_key *dk);
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index eede186b04ce..7aeb0047d03d 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -792,3 +792,30 @@ int fscrypt_drop_inode(struct inode *inode)
return !is_master_key_secret_present(&mk->mk_secret);
}
EXPORT_SYMBOL_GPL(fscrypt_drop_inode);
+
+/**
+ * fscrypt_require_key() - require an inode's encryption key
+ * @inode: the inode we need the key for
+ *
+ * If the inode is encrypted, set up its encryption key if not already done.
+ * Then require that the key be present and return -ENOKEY otherwise.
+ *
+ * No locks are needed, and the key will live as long as the struct inode --- so
+ * it won't go away from under you.
+ *
+ * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
+ * if a problem occurred while setting up the encryption key.
+ */
+int fscrypt_require_key(struct inode *inode)
+{
+ if (IS_ENCRYPTED(inode)) {
+ int err = fscrypt_get_encryption_info(inode, false);
+
+ if (err)
+ return err;
+ if (!fscrypt_has_encryption_key(inode))
+ return -ENOKEY;
+ }
+ return 0;
+}
+EXPORT_SYMBOL_GPL(fscrypt_require_key);
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index 530433098f82..7d3c670d0c6d 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -334,6 +334,7 @@ bool fscrypt_match_name(const struct fscrypt_name *fname,
const u8 *de_name, u32 de_name_len);
u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name);
int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags);
+int fscrypt_require_key(struct inode *inode);
/* bio.c */
void fscrypt_decrypt_bio(struct bio *bio);
@@ -601,6 +602,10 @@ static inline int fscrypt_d_revalidate(struct dentry *dentry,
return 1;
}
+static inline int fscrypt_require_key(struct inode *inode)
+{
+ return 0;
+}
/* bio.c */
static inline void fscrypt_decrypt_bio(struct bio *bio)
{
--
2.33.1
next prev parent reply other threads:[~2021-12-09 15:37 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-09 15:36 [PATCH 00/36] ceph+fscrypt: context, filename, symlink and size handling support Jeff Layton
2021-12-09 15:36 ` [PATCH 01/36] vfs: export new_inode_pseudo Jeff Layton
2021-12-09 15:36 ` [PATCH 02/36] fscrypt: export fscrypt_base64url_encode and fscrypt_base64url_decode Jeff Layton
2021-12-10 19:10 ` Eric Biggers
2021-12-13 8:17 ` Christoph Hellwig
2021-12-09 15:36 ` [PATCH 03/36] fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size Jeff Layton
2021-12-10 19:32 ` Eric Biggers
2021-12-09 15:36 ` [PATCH 04/36] fscrypt: add fscrypt_context_for_new_inode Jeff Layton
2021-12-10 19:40 ` Eric Biggers
2021-12-09 15:36 ` Jeff Layton [this message]
2021-12-10 19:46 ` [PATCH 05/36] fscrypt: uninline and export fscrypt_require_key Eric Biggers
2021-12-10 20:40 ` Jeff Layton
2021-12-12 19:56 ` Eric Biggers
2021-12-12 20:38 ` Jeff Layton
2021-12-12 21:03 ` Eric Biggers
2021-12-15 12:10 ` Jeff Layton
2021-12-09 15:36 ` [PATCH 06/36] ceph: preallocate inode for ops that may create one Jeff Layton
2021-12-09 15:36 ` [PATCH 07/36] ceph: crypto context handling for ceph Jeff Layton
2021-12-09 15:36 ` [PATCH 08/36] ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces Jeff Layton
2021-12-09 15:36 ` [PATCH 09/36] ceph: add fscrypt_* handling to caps.c Jeff Layton
2021-12-09 15:36 ` [PATCH 10/36] ceph: add ability to set fscrypt_auth via setattr Jeff Layton
2021-12-09 15:36 ` [PATCH 11/36] ceph: implement -o test_dummy_encryption mount option Jeff Layton
2021-12-09 15:36 ` [PATCH 12/36] ceph: decode alternate_name in lease info Jeff Layton
2021-12-09 15:36 ` [PATCH 13/36] ceph: add fscrypt ioctls Jeff Layton
2021-12-09 15:36 ` [PATCH 14/36] ceph: make ceph_msdc_build_path use ref-walk Jeff Layton
2021-12-09 15:36 ` [PATCH 15/36] ceph: add encrypted fname handling to ceph_mdsc_build_path Jeff Layton
2021-12-09 15:36 ` [PATCH 16/36] ceph: send altname in MClientRequest Jeff Layton
2021-12-09 15:36 ` [PATCH 17/36] ceph: encode encrypted name in dentry release Jeff Layton
2021-12-09 15:36 ` [PATCH 18/36] ceph: properly set DCACHE_NOKEY_NAME flag in lookup Jeff Layton
2021-12-09 15:36 ` [PATCH 19/36] ceph: make d_revalidate call fscrypt revalidator for encrypted dentries Jeff Layton
2021-12-09 15:36 ` [PATCH 20/36] ceph: add helpers for converting names for userland presentation Jeff Layton
2021-12-09 15:36 ` [PATCH 21/36] ceph: add fscrypt support to ceph_fill_trace Jeff Layton
2021-12-09 15:36 ` [PATCH 22/36] ceph: add support to readdir for encrypted filenames Jeff Layton
2021-12-09 15:36 ` [PATCH 23/36] ceph: create symlinks with encrypted and base64-encoded targets Jeff Layton
2021-12-09 15:36 ` [PATCH 24/36] ceph: make ceph_get_name decrypt filenames Jeff Layton
2021-12-09 15:36 ` [PATCH 25/36] ceph: add a new ceph.fscrypt.auth vxattr Jeff Layton
2021-12-09 15:36 ` [PATCH 26/36] ceph: add some fscrypt guardrails Jeff Layton
2021-12-09 15:36 ` [PATCH 27/36] ceph: don't allow changing layout on encrypted files/directories Jeff Layton
2021-12-09 15:36 ` [PATCH 28/36] libceph: add CEPH_OSD_OP_ASSERT_VER support Jeff Layton
2021-12-09 15:36 ` [PATCH 29/36] ceph: size handling for encrypted inodes in cap updates Jeff Layton
2021-12-09 15:36 ` [PATCH 30/36] ceph: fscrypt_file field handling in MClientRequest messages Jeff Layton
2021-12-09 15:36 ` [PATCH 31/36] ceph: get file size from fscrypt_file when present in inode traces Jeff Layton
2021-12-09 15:36 ` [PATCH 32/36] ceph: handle fscrypt fields in cap messages from MDS Jeff Layton
2021-12-09 15:36 ` [PATCH 33/36] ceph: add __ceph_get_caps helper support Jeff Layton
2021-12-09 15:36 ` [PATCH 34/36] ceph: add __ceph_sync_read " Jeff Layton
2021-12-09 15:36 ` [PATCH 35/36] ceph: add object version support for sync read Jeff Layton
2021-12-09 15:36 ` [PATCH 36/36] ceph: add truncate size handling support for fscrypt Jeff Layton
2021-12-10 2:47 ` [PATCH 00/36] ceph+fscrypt: context, filename, symlink and size handling support Xiubo Li
2021-12-10 19:33 ` Eric Biggers
2021-12-10 20:09 ` Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211209153647.58953-6-jlayton@kernel.org \
--to=jlayton@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).