From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-oi1-f180.google.com (mail-oi1-f180.google.com [209.85.167.180])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E91B975809
	for <linux-kernel@vger.kernel.org>; Wed, 27 May 2026 02:59:18 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.180
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779850760; cv=none; b=e/8j4m1d8LZspcsnSGCod7T/aQaPDJBoTdWD/xMRqCMNMXbFYq1Ncvh6uJu/AK9XlheEL/Vv5gaJmpxqpT3jvPm5FF4q5VN1I5QR9mC97k4yDWpsvsLeHVqxqBoyysl+zEG3z1eQA0qSOQircv5Yheuve/KUj0M4DuvA1l6QPzo=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779850760; c=relaxed/simple;
	bh=YK969zcmEITdi2ESwgUBknPGuyQjoRuk0+gFO2c30mc=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=ZphI2k0JMleHgJqMsXpBL4USJXCGIjHRkxgYRzPFOijb9lzMZ83av6gl3pO5oMfGCsPsXnJN/9W9nT+BmO+xQ1D87EvbYOKeynAurjbcgT6K3cqEsvLJo6eQfuS8LaIm3nvrj+7Fpl4sYbJhM7T0pB4NxG4z13m1FAn9MVheI+Y=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Y5H1cIlF; arc=none smtp.client-ip=209.85.167.180
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Y5H1cIlF"
Received: by mail-oi1-f180.google.com with SMTP id 5614622812f47-47c35be031dso7637811b6e.3
        for <linux-kernel@vger.kernel.org>; Tue, 26 May 2026 19:59:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1779850758; x=1780455558; darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=mj9MCtIAD7d1JSfCaa/HTdSWgA5gV5kV6QttYxTWGWY=;
        b=Y5H1cIlFiUI0fzaw6Kp/bQxzyQYicoM4xjPucITU5kqTsUZY4Kbu6e9gQgPBnbzjc6
         OsXe+cc4KSF4R6ZWX2x8fHNpQofNWKM4hAXBYa7mKDcbPvG8dHe2TYdQJvrZJPwMXSAW
         NjzUt/gc9FtBmN9/GBJjH5dY8aEXKMIGpDuFG7hqBT+4nrun4JFMwC8D0/lX7YpnX15F
         5XT/5leXE2bhlRgfpRLoL8/lCWlboe1Y0vx00D2yjJcD6Edz8JiG/Z3PAJlfEjcN6Vmq
         JXPq1zPnezZoYSKFjkSBP+hofDKNeynISnZiqN6bEt3VxhlXW/rb0Bg6GeLSx5FnUOEP
         YZGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779850758; x=1780455558;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=mj9MCtIAD7d1JSfCaa/HTdSWgA5gV5kV6QttYxTWGWY=;
        b=ObraKHaFXmKH5xgt62+ADeSYHXCAgnyzKUgGoTPZl4Wg/lPItFfyuHblFsIvagYu8r
         GLpcLAdNztA0XQUBX+E6FPVNu1f1IniRXtddwaw5ERGlZOEcp/BtSoR7+RGUfTsBhKB2
         8gW0g7fsaf9RQyt48tMvruNtgQBEPeCfw+FiNCJGjmK2welUM5L5hOObcO4ODabuTx9Y
         RQzhy2u5bQVRNe7TRbZBHxfAH1qI9QQ7f56c56tW/g9oVauBZLKjR4FDKzplzb9OtA6j
         9VYcpEbrkG/bZitiji4E6DwDKur3PDCLZ3gnccDxIvpqq3oLfhGQHmqCUr///xUlHPnk
         DeCw==
X-Forwarded-Encrypted: i=1; AFNElJ9mu7xvWaQu/4sgf3O3m1zjAM5iv+NO0bG00Ask9FsrAXDwsi33Tw7pvuTZ4DqR6tcBflczu36zXmt98II=@vger.kernel.org
X-Gm-Message-State: AOJu0Yz1/FmZWRonYhwxUHu+PHd82ZP5QWit9vNJm9MEWGdq0C98TOU+
	fJfYQaxwpbVJAnZsbYLW2MYknup0Pw6GFA5kSvEzRYKf7HbC+FKWgCOu
X-Gm-Gg: Acq92OGdh5cMxvWaol6Cs+PRe8f5rUA6rvYwFxlAM9F798bFfT6bccRqW9PyDgElbFx
	XU8fQtkYuHNj4ZDL1IMxwcvLi38hpBK94XdO6uZabQGzTr6RLTTh5uarAPDS848wFwEFTZGAFJw
	pcsHZSHDDqZUJNeWj0B9u+7w6hcZd0iHUf59HcUAUgm4NDUBufOYgu2NOtLTfzlSrxIOQPyOllk
	ZbsPOLt1BkA9MQAmnl4J1RgLXQ15ML6e1CeziTtMkP0xDNlEB1RvXg7VFFEcySuPCqJQOEz5d+6
	/i34/u1zKCf9BSq/USJNYNvRmf5PP25WYdsgIGum1E6fL6wHyIanQfnskKO04EN9oAF01wQeBlk
	32sYRdmxK6WioP1f8c3WXhRyfpUSFDVKluk6BNgaN4Rnp6USBBTiL86Fpo4EgnS+Xza81AJASZL
	B84WejbbcjtahTaj9gK6fJGZEQm3E5lvOTORPCU36Ko4GheklnVxkkIRl1+F2XT1aHgVQyPg==
X-Received: by 2002:a05:6808:1644:b0:484:e5e2:6b8c with SMTP id 5614622812f47-4854a243fd2mr12915019b6e.23.1779850757874;
        Tue, 26 May 2026 19:59:17 -0700 (PDT)
Received: from localhost (static-23-234-115-121.cust.tzulo.com. [23.234.115.121])
        by smtp.gmail.com with UTF8SMTPSA id 5614622812f47-48570e55783sm5659554b6e.2.2026.05.26.19.59.15
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 26 May 2026 19:59:17 -0700 (PDT)
From: Sam Edwards <cfsworks@gmail.com>
X-Google-Original-From: Sam Edwards <CFSworks@gmail.com>
To: Ilya Dryomov <idryomov@gmail.com>,
	Alex Markuze <amarkuze@redhat.com>,
	Viacheslav Dubeyko <slava@dubeyko.com>
Cc: Jeff Layton <jlayton@kernel.org>,
	Xiubo Li <xiubli@redhat.com>,
	Milind Changire <mchangir@redhat.com>,
	ceph-devel@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Sam Edwards <CFSworks@gmail.com>
Subject: [PATCH 0/2] Bounce buffer for mds client decryption when vmalloc()
Date: Tue, 26 May 2026 19:58:26 -0700
Message-ID: <20260527025828.5966-1-CFSworks@gmail.com>
X-Mailer: git-send-email 2.53.0
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Hi Ceph maintainers,

This is my proposed patchset after my previous RFC [1]. Apologies for the long
delay, life gets busy (and my Linux hacking time was eaten by trying to stay
patched in the face of the recent flood of LPE vulns), so it took me longer
than usual to get patches written, tested, and cleaned up. Glad to be back! :)

Since Alex pointed out last time that parse_reply_info_trace() has the same
latent bug, and Slava disliked the already-high complexity of
parse_reply_info_readdir(), I opted to resolve the issue in ceph_fname_to_usr()
instead. The purpose of patch #2 is to make ceph_fname_to_usr() explicitly
responsible for handling vmalloc()-backed filename buffers (for base64,
ciphertext, and plaintext), using the `tname` parameter as a bounce buffer
where appropriate (and preserving the allocate-when-needed behavior).

Patch #1 simplifies `struct fscrypt_str *tname` to `unsigned char *tname`, both
in recognition of `tname->len` being unused/unnecessary, and to eliminate the
`tname == NULL` / `tname->name == NULL` confusion.

Cheers,
Sam

[1] https://lore.kernel.org/ceph-devel/CAH5Ym4ga7miUQE0K-cJA93Ya7w62P69MAN27R5cBiYnudoOHdA@mail.gmail.com/T/

Sam Edwards (2):
  ceph: pass fscrypt `tname` buffers directly
  ceph: properly decrypt filenames in vmalloc() buffers

 fs/ceph/crypto.c     | 45 ++++++++++++++++++++++++++++++++------------
 fs/ceph/crypto.h     |  4 ++--
 fs/ceph/mds_client.c | 12 ++++++++----
 3 files changed, 43 insertions(+), 18 deletions(-)

-- 
2.53.0