From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56D90C43381 for ; Wed, 13 Mar 2019 12:58:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 219A12177E for ; Wed, 13 Mar 2019 12:58:29 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="key not found in DNS" (0-bit key) header.d=szeredi.hu header.i=@szeredi.hu header.b="TylU3TSX" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726167AbfCMM6Y (ORCPT ); Wed, 13 Mar 2019 08:58:24 -0400 Received: from mail-io1-f44.google.com ([209.85.166.44]:44869 "EHLO mail-io1-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725888AbfCMM6Y (ORCPT ); Wed, 13 Mar 2019 08:58:24 -0400 Received: by mail-io1-f44.google.com with SMTP id u12so1533310iop.11 for ; Wed, 13 Mar 2019 05:58:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=9/uuxg0Ww1LkBA+4wwTa5RHHcmft7KfFu7X3tJYUIKU=; b=TylU3TSXQDIvwd/x4usABhfKhm65K0XzvSdU//mY6Q2jO2IMJckTUGwX29pCXuuiQT 9wdrFIXhIdQqmL4+M4lymsECCtWrnJQHnBlgACQ/SGgN/GEM2bNYN7LWxAR2FPa9LJmS eE5+pDaKJS0wZZxOeRKEJo/+3fEC2VBZQr9EQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=9/uuxg0Ww1LkBA+4wwTa5RHHcmft7KfFu7X3tJYUIKU=; b=Ihlhpb0LSkTIOL/EWJbmBX4aMkLYXOu3ZnNCNt4X21JhpVAtCo9be3FmAle3DO8Jv+ Uqsi0z1/BEXYB6yufBkynyOtMkw39yjyDH9CTG/y6C2jbYQVp1KzGN4g/xl6A5xbLHSk pmxhagGbtZvwtPEeeMbZeE8XmYExZkHL0m0TD1oJqZmAPLp+W459MZuo5xeSUe0Yvlsw CZ9fjKwH5NtRP9tGRku9yyat9G6Np8DNwP8uf29ejF6q98Oa1E3nOWe8Op272mjeG7BI Ul9PdMks8bW3elHS89n7hXeL+NZS9/mBc/WzSv/jWiP4Sk6ZmS+54umCAwNC897X6T0l GACw== X-Gm-Message-State: APjAAAVA4nQvC4H/WA65sjCkiZVEd1vQNgw9AXWU7CTyeW0MSOjvk4FP fT5lcKF6iqACQPjTJDATaRB7lUHwo/Bxxy8piPSlGA== X-Google-Smtp-Source: APXvYqxhFwwMWcWZGNlOS4WnQZhsxjMAOUNDycCD5SoizkfWDZVaHfwiwYjeiG3TeuJwTb9c5uCmEHedPtiZtGZxytg= X-Received: by 2002:a5e:d803:: with SMTP id l3mr19229267iok.144.1552481902632; Wed, 13 Mar 2019 05:58:22 -0700 (PDT) MIME-Version: 1.0 References: <4603533.ZIfxmiEf7K@blindfold> <1852545.qrIQg0rEWx@blindfold> In-Reply-To: <1852545.qrIQg0rEWx@blindfold> From: Miklos Szeredi Date: Wed, 13 Mar 2019 13:58:11 +0100 Message-ID: Subject: Re: overlayfs vs. fscrypt To: Richard Weinberger Cc: linux-fsdevel@vger.kernel.org, linux-fscrypt@vger.kernel.org, overlayfs , linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On Wed, Mar 13, 2019 at 1:47 PM Richard Weinberger wrote: > > Am Mittwoch, 13. M=C3=A4rz 2019, 13:36:02 CET schrieb Miklos Szeredi: > > I don't get it. Does fscrypt try to check permissions via > > ->d_revalidate? Why is it not doing that via ->permission()? > > Please let me explain. Suppose we have a fscrypto directory /mnt and > I *don't* have the key. > > When reading the directory contents of /mnt will return an encrypted file= name. > e.g. > # ls /mnt > +mcQ46ne5Y8U6JMV9Wdq2C Why does showing the encrypted contents make any sense? It could just return -EPERM on all operations? Thanks, Miklos