From: James Simmons <jsimmons@infradead.org>
To: Andreas Dilger <adilger@whamcloud.com>,
Oleg Drokin <green@whamcloud.com>, NeilBrown <neilb@suse.de>
Cc: Lustre Development List <lustre-devel@lists.lustre.org>
Subject: [lustre-devel] [PATCH 07/13] lustre: sec: rework includes for client encryption
Date: Sat, 15 May 2021 09:06:04 -0400 [thread overview]
Message-ID: <1621083970-32463-8-git-send-email-jsimmons@infradead.org> (raw)
In-Reply-To: <1621083970-32463-1-git-send-email-jsimmons@infradead.org>
From: Sebastien Buisson <sbuisson@ddn.com>
Simplify includes for crypto, by not repeating stubs in case
CONFIG_FS_ENCRYPTION is not defined.
Expose encoding routines that are going to be used in the Lustre
code (both client and server sides) with filename encryption.
WC-bug-id: https://jira.whamcloud.com/browse/LU-13717
Lustre-commit: 028281ae195927e9751 ("LU-13717 sec: rework includes for client encryption")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Reviewed-on: https://review.whamcloud.com/43386
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
fs/lustre/include/lustre_crypto.h | 158 +++++++++++++++++++++-----------------
fs/lustre/llite/crypto.c | 6 +-
fs/lustre/llite/dir.c | 20 ++---
fs/lustre/llite/file.c | 22 +++---
fs/lustre/llite/llite_internal.h | 18 +----
fs/lustre/llite/llite_lib.c | 6 +-
fs/lustre/llite/namei.c | 26 +++----
fs/lustre/llite/super25.c | 4 +-
fs/lustre/osc/osc_request.c | 12 +--
9 files changed, 135 insertions(+), 137 deletions(-)
diff --git a/fs/lustre/include/lustre_crypto.h b/fs/lustre/include/lustre_crypto.h
index 01b5e85..b19bb420 100644
--- a/fs/lustre/include/lustre_crypto.h
+++ b/fs/lustre/include/lustre_crypto.h
@@ -30,87 +30,101 @@
#ifndef _LUSTRE_CRYPTO_H_
#define _LUSTRE_CRYPTO_H_
+#include <linux/fscrypt.h>
+
struct ll_sb_info;
+#ifdef CONFIG_FS_ENCRYPTION
int ll_set_encflags(struct inode *inode, void *encctx, u32 encctxlen,
bool preload);
bool ll_sbi_has_test_dummy_encryption(struct ll_sb_info *sbi);
bool ll_sbi_has_encrypt(struct ll_sb_info *sbi);
void ll_sbi_set_encrypt(struct ll_sb_info *sbi, bool set);
+#else
+static inline int ll_set_encflags(struct inode *inode, void *encctx,
+ u32 encctxlen, bool preload)
+{
+ return 0;
+}
-#ifdef CONFIG_FS_ENCRYPTION
-#define __FS_HAS_ENCRYPTION 1
-#include <linux/fscrypt.h>
+static inline bool ll_sbi_has_test_dummy_encryption(struct ll_sb_info *sbi)
+{
+ return false;
+}
-#define llcrypt_operations fscrypt_operations
-#define llcrypt_symlink_data fscrypt_symlink_data
-#define llcrypt_dummy_context_enabled(inode) \
- fscrypt_dummy_context_enabled(inode)
-#define llcrypt_has_encryption_key(inode) fscrypt_has_encryption_key(inode)
-#define llcrypt_encrypt_pagecache_blocks(page, len, offs, gfp_flags) \
- fscrypt_encrypt_pagecache_blocks(page, len, offs, gfp_flags)
-#define llcrypt_encrypt_block_inplace(inode, page, len, offs, lblk, gfp_flags) \
- fscrypt_encrypt_block_inplace(inode, page, len, offs, lblk, gfp_flags)
-#define llcrypt_decrypt_pagecache_blocks(page, len, offs) \
- fscrypt_decrypt_pagecache_blocks(page, len, offs)
-#define llcrypt_decrypt_block_inplace(inode, page, len, offs, lblk_num) \
- fscrypt_decrypt_block_inplace(inode, page, len, offs, lblk_num)
-#define llcrypt_inherit_context(parent, child, fs_data, preload) \
- fscrypt_inherit_context(parent, child, fs_data, preload)
-#define llcrypt_get_encryption_info(inode) fscrypt_get_encryption_info(inode)
-#define llcrypt_put_encryption_info(inode) fscrypt_put_encryption_info(inode)
-#define llcrypt_free_inode(inode) fscrypt_free_inode(inode)
-#define llcrypt_finalize_bounce_page(pagep) fscrypt_finalize_bounce_page(pagep)
-#define llcrypt_file_open(inode, filp) fscrypt_file_open(inode, filp)
-#define llcrypt_ioctl_set_policy(filp, arg) fscrypt_ioctl_set_policy(filp, arg)
-#define llcrypt_ioctl_get_policy_ex(filp, arg) \
- fscrypt_ioctl_get_policy_ex(filp, arg)
-#define llcrypt_ioctl_add_key(filp, arg) fscrypt_ioctl_add_key(filp, arg)
-#define llcrypt_ioctl_remove_key(filp, arg) fscrypt_ioctl_remove_key(filp, arg)
-#define llcrypt_ioctl_remove_key_all_users(filp, arg) \
- fscrypt_ioctl_remove_key_all_users(filp, arg)
-#define llcrypt_ioctl_get_key_status(filp, arg) \
- fscrypt_ioctl_get_key_status(filp, arg)
-#define llcrypt_drop_inode(inode) fscrypt_drop_inode(inode)
-#define llcrypt_prepare_rename(olddir, olddentry, newdir, newdentry, flags) \
- fscrypt_prepare_rename(olddir, olddentry, newdir, newdentry, flags)
-#define llcrypt_prepare_link(old_dentry, dir, dentry) \
- fscrypt_prepare_link(old_dentry, dir, dentry)
-#define llcrypt_prepare_setattr(dentry, attr) \
- fscrypt_prepare_setattr(dentry, attr)
-#define llcrypt_set_ops(sb, cop) fscrypt_set_ops(sb, cop)
-#else /* !CONFIG_FS_ENCRYPTION */
-#undef IS_ENCRYPTED
-#define IS_ENCRYPTED(x) 0
-#define llcrypt_dummy_context_enabled(inode) NULL
-/* copied from include/linux/fscrypt.h */
-#define llcrypt_has_encryption_key(inode) false
-#define llcrypt_encrypt_pagecache_blocks(page, len, offs, gfp_flags) \
- ERR_PTR(-EOPNOTSUPP)
-#define llcrypt_encrypt_block_inplace(inode, page, len, offs, lblk, gfp_flags) \
- -EOPNOTSUPP
-#define llcrypt_decrypt_pagecache_blocks(page, len, offs) -EOPNOTSUPP
-#define llcrypt_decrypt_block_inplace(inode, page, len, offs, lblk_num) \
- -EOPNOTSUPP
-#define llcrypt_inherit_context(parent, child, fs_data, preload) -EOPNOTSUPP
-#define llcrypt_get_encryption_info(inode) -EOPNOTSUPP
-#define llcrypt_put_encryption_info(inode) do {} while (0)
-#define llcrypt_free_inode(inode) do {} while (0)
-#define llcrypt_finalize_bounce_page(pagep) do {} while (0)
-static inline int llcrypt_file_open(struct inode *inode, struct file *filp)
+static inline bool ll_sbi_has_encrypt(struct ll_sb_info *sbi)
{
- return IS_ENCRYPTED(inode) ? -EOPNOTSUPP : 0;
+ return false;
}
-#define llcrypt_ioctl_set_policy(filp, arg) -EOPNOTSUPP
-#define llcrypt_ioctl_get_policy_ex(filp, arg) -EOPNOTSUPP
-#define llcrypt_ioctl_add_key(filp, arg) -EOPNOTSUPP
-#define llcrypt_ioctl_remove_key(filp, arg) -EOPNOTSUPP
-#define llcrypt_ioctl_remove_key_all_users(filp, arg) -EOPNOTSUPP
-#define llcrypt_ioctl_get_key_status(filp, arg) -EOPNOTSUPP
-#define llcrypt_drop_inode(inode) 0
-#define llcrypt_prepare_rename(olddir, olddentry, newdir, newdentry, flags) 0
-#define llcrypt_prepare_link(old_dentry, dir, dentry) 0
-#define llcrypt_prepare_setattr(dentry, attr) 0
-#define llcrypt_set_ops(sb, cop) do {} while (0)
-#endif /* CONFIG_FS_ENCRYPTION */
+
+static inline void ll_sbi_set_encrypt(struct ll_sb_info *sbi, bool set) { }
+#endif
+
+/* Encoding/decoding routines inspired from yEnc principles.
+ * We just take care of a few critical characters:
+ * NULL, LF, CR, /, DEL and =.
+ * If such a char is found, it is replaced with '=' followed by
+ * the char value + 64.
+ * All other chars are left untouched.
+ * Efficiency of this encoding depends on the occurences of the
+ * critical chars, but statistically on binary data it can be much higher
+ * than base64 for instance.
+ */
+static inline int critical_encode(const u8 *src, int len, char *dst)
+{
+ u8 *p = (u8 *)src, *q = dst;
+
+ while (p - src < len) {
+ /* escape NULL, LF, CR, /, DEL and = */
+ if (unlikely(*p == 0x0 || *p == 0xA || *p == 0xD ||
+ *p == '/' || *p == 0x7F || *p == '=')) {
+ *(q++) = '=';
+ *(q++) = *(p++) + 64;
+ } else {
+ *(q++) = *(p++);
+ }
+ }
+
+ return (char *)q - dst;
+}
+
+/* returns the number of chars encoding would produce */
+static inline int critical_chars(const u8 *src, int len)
+{
+ u8 *p = (u8 *)src;
+ int newlen = len;
+
+ while (p - src < len) {
+ /* NULL, LF, CR, /, DEL and = cost an additional '=' */
+ if (unlikely(*p == 0x0 || *p == 0xA || *p == 0xD ||
+ *p == '/' || *p == 0x7F || *p == '='))
+ newlen++;
+ p++;
+ }
+
+ return newlen;
+}
+
+/* decoding routine - returns the number of chars in output */
+static inline int critical_decode(const u8 *src, int len, char *dst)
+{
+ u8 *p = (u8 *)src, *q = dst;
+
+ while (p - src < len) {
+ if (unlikely(*p == '=')) {
+ *(q++) = *(++p) - 64;
+ p++;
+ } else {
+ *(q++) = *(p++);
+ }
+ }
+
+ return (char *)q - dst;
+}
+
+/* Extracts the second-to-last ciphertext block */
+#define LLCRYPT_FNAME_DIGEST(name, len) \
+ ((name) + round_down((len) - FS_CRYPTO_BLOCK_SIZE - 1, \
+ FS_CRYPTO_BLOCK_SIZE))
+#define LLCRYPT_FNAME_DIGEST_SIZE FS_CRYPTO_BLOCK_SIZE
#endif /* _LUSTRE_CRYPTO_H_ */
diff --git a/fs/lustre/llite/crypto.c b/fs/lustre/llite/crypto.c
index 8bbb766..34d0ad1 100644
--- a/fs/lustre/llite/crypto.c
+++ b/fs/lustre/llite/crypto.c
@@ -64,7 +64,7 @@ int ll_set_encflags(struct inode *inode, void *encctx, u32 encctxlen,
if (rc)
return rc;
- return preload ? llcrypt_get_encryption_info(inode) : 0;
+ return preload ? fscrypt_get_encryption_info(inode) : 0;
}
/* ll_set_context has 2 distinct behaviors, depending on the value of inode
@@ -143,7 +143,7 @@ void ll_sbi_set_encrypt(struct ll_sb_info *sbi, bool set)
static bool ll_empty_dir(struct inode *inode)
{
- /* used by llcrypt_ioctl_set_policy(), because a policy can only be set
+ /* used by fscrypt_ioctl_set_policy(), because a policy can only be set
* on an empty dir.
*/
/* Here we choose to return true, meaning we always call .set_context.
@@ -153,7 +153,7 @@ static bool ll_empty_dir(struct inode *inode)
return true;
}
-const struct llcrypt_operations lustre_cryptops = {
+const struct fscrypt_operations lustre_cryptops = {
.key_prefix = "lustre:",
.get_context = ll_get_context,
.set_context = ll_set_context,
diff --git a/fs/lustre/llite/dir.c b/fs/lustre/llite/dir.c
index 06ca329..13676c1 100644
--- a/fs/lustre/llite/dir.c
+++ b/fs/lustre/llite/dir.c
@@ -450,11 +450,11 @@ static int ll_dir_setdirstripe(struct dentry *dparent, struct lmv_user_md *lump,
if (ll_sbi_has_encrypt(sbi) &&
(IS_ENCRYPTED(parent) ||
- unlikely(llcrypt_dummy_context_enabled(parent)))) {
- err = llcrypt_get_encryption_info(parent);
+ unlikely(fscrypt_dummy_context_enabled(parent)))) {
+ err = fscrypt_get_encryption_info(parent);
if (err)
goto out_op_data;
- if (!llcrypt_has_encryption_key(parent)) {
+ if (!fscrypt_has_encryption_key(parent)) {
err = -ENOKEY;
goto out_op_data;
}
@@ -476,7 +476,7 @@ static int ll_dir_setdirstripe(struct dentry *dparent, struct lmv_user_md *lump,
}
if (encrypt) {
- err = llcrypt_inherit_context(parent, NULL, op_data, false);
+ err = fscrypt_inherit_context(parent, NULL, op_data, false);
if (err)
goto out_op_data;
}
@@ -2149,28 +2149,28 @@ static long ll_dir_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
case FS_IOC_SET_ENCRYPTION_POLICY:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_set_policy(file, (const void __user *)arg);
+ return fscrypt_ioctl_set_policy(file, (const void __user *)arg);
case FS_IOC_GET_ENCRYPTION_POLICY_EX:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_get_policy_ex(file, (void __user *)arg);
+ return fscrypt_ioctl_get_policy_ex(file, (void __user *)arg);
case FS_IOC_ADD_ENCRYPTION_KEY:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_add_key(file, (void __user *)arg);
+ return fscrypt_ioctl_add_key(file, (void __user *)arg);
case FS_IOC_REMOVE_ENCRYPTION_KEY:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_remove_key(file, (void __user *)arg);
+ return fscrypt_ioctl_remove_key(file, (void __user *)arg);
case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_remove_key_all_users(file,
+ return fscrypt_ioctl_remove_key_all_users(file,
(void __user *)arg);
case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_get_key_status(file, (void __user *)arg);
+ return fscrypt_ioctl_get_key_status(file, (void __user *)arg);
#endif
default:
return obd_iocontrol(cmd, sbi->ll_dt_exp, 0, NULL,
diff --git a/fs/lustre/llite/file.c b/fs/lustre/llite/file.c
index 78f3469..ffddec6 100644
--- a/fs/lustre/llite/file.c
+++ b/fs/lustre/llite/file.c
@@ -443,7 +443,7 @@ static inline int ll_dom_readpage(void *data, struct page *page)
kunmap_atomic(kaddr);
if (inode && IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode)) {
- if (!llcrypt_has_encryption_key(inode)) {
+ if (!fscrypt_has_encryption_key(inode)) {
CDEBUG(D_SEC, "no enc key for " DFID "\n",
PFID(ll_inode2fid(inode)));
} else {
@@ -456,7 +456,7 @@ static inline int ll_dom_readpage(void *data, struct page *page)
LUSTRE_ENCRYPTION_UNIT_SIZE) == 0)
break;
- rc = llcrypt_decrypt_pagecache_blocks(page,
+ rc = fscrypt_decrypt_pagecache_blocks(page,
LUSTRE_ENCRYPTION_UNIT_SIZE,
0);
if (rc)
@@ -776,7 +776,7 @@ int ll_file_open(struct inode *inode, struct file *file)
file->private_data = NULL; /* prevent ll_local_open assertion */
if (S_ISREG(inode->i_mode)) {
- rc = llcrypt_file_open(inode, file);
+ rc = fscrypt_file_open(inode, file);
if (rc)
goto out_nofiledata;
}
@@ -4063,28 +4063,28 @@ static int ll_heat_set(struct inode *inode, enum lu_heat_flag flags)
case FS_IOC_SET_ENCRYPTION_POLICY:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_set_policy(file, (const void __user *)arg);
+ return fscrypt_ioctl_set_policy(file, (const void __user *)arg);
case FS_IOC_GET_ENCRYPTION_POLICY_EX:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_get_policy_ex(file, (void __user *)arg);
+ return fscrypt_ioctl_get_policy_ex(file, (void __user *)arg);
case FS_IOC_ADD_ENCRYPTION_KEY:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_add_key(file, (void __user *)arg);
+ return fscrypt_ioctl_add_key(file, (void __user *)arg);
case FS_IOC_REMOVE_ENCRYPTION_KEY:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_remove_key(file, (void __user *)arg);
+ return fscrypt_ioctl_remove_key(file, (void __user *)arg);
case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_remove_key_all_users(file,
+ return fscrypt_ioctl_remove_key_all_users(file,
(void __user *)arg);
case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
if (!ll_sbi_has_encrypt(ll_i2sbi(inode)))
return -EOPNOTSUPP;
- return llcrypt_ioctl_get_key_status(file, (void __user *)arg);
+ return fscrypt_ioctl_get_key_status(file, (void __user *)arg);
#endif
case LL_IOC_UNLOCK_FOREIGN: {
@@ -4551,10 +4551,10 @@ int ll_migrate(struct inode *parent, struct file *file, struct lmv_user_md *lum,
}
if (IS_ENCRYPTED(child_inode)) {
- rc = llcrypt_get_encryption_info(child_inode);
+ rc = fscrypt_get_encryption_info(child_inode);
if (rc)
goto out_iput;
- if (!llcrypt_has_encryption_key(child_inode)) {
+ if (!fscrypt_has_encryption_key(child_inode)) {
CDEBUG(D_SEC, "no enc key for "DFID"\n",
PFID(ll_inode2fid(child_inode)));
rc = -ENOKEY;
diff --git a/fs/lustre/llite/llite_internal.h b/fs/lustre/llite/llite_internal.h
index b3e8a96..03d2796 100644
--- a/fs/lustre/llite/llite_internal.h
+++ b/fs/lustre/llite/llite_internal.h
@@ -1681,25 +1681,9 @@ static inline struct pcc_super *ll_info2pccs(struct ll_inode_info *lli)
return ll_i2pccs(ll_info2i(lli));
}
-#ifdef CONFIG_FS_ENCRYPTION
/* crypto.c */
-extern const struct llcrypt_operations lustre_cryptops;
-
-#else /* !CONFIG_FS_ENCRYPTION */
-inline bool ll_sbi_has_test_dummy_encryption(struct ll_sb_info *sbi)
-{
- return false;
-}
+extern const struct fscrypt_operations lustre_cryptops;
-inline bool ll_sbi_has_encrypt(struct ll_sb_info *sbi)
-{
- return false;
-}
-
-inline void ll_sbi_set_encrypt(struct ll_sb_info *sbi, bool set)
-{
-}
-#endif /* !CONFIG_FS_ENCRYPTION */
/* llite/llite_foreign.c */
int ll_manage_foreign(struct inode *inode, struct lustre_md *lmd);
bool ll_foreign_is_openable(struct dentry *dentry, unsigned int flags);
diff --git a/fs/lustre/llite/llite_lib.c b/fs/lustre/llite/llite_lib.c
index 1b3eef0..ada2b625c 100644
--- a/fs/lustre/llite/llite_lib.c
+++ b/fs/lustre/llite/llite_lib.c
@@ -616,8 +616,8 @@ static int client_common_fill_super(struct super_block *sb, char *md, char *dt)
#if THREAD_SIZE >= 8192 /*b=17630*/
sb->s_export_op = &lustre_export_operations;
#endif
- llcrypt_set_ops(sb, &lustre_cryptops);
+ fscrypt_set_ops(sb, &lustre_cryptops);
/* make root inode
* XXX: move this to after cbd setup?
*/
@@ -1682,7 +1682,7 @@ void ll_clear_inode(struct inode *inode)
*/
cl_inode_fini(inode);
- llcrypt_put_encryption_info(inode);
+ fscrypt_put_encryption_info(inode);
}
static int ll_md_setattr(struct dentry *dentry, struct md_op_data *op_data)
@@ -2140,7 +2140,7 @@ int ll_setattr(struct dentry *de, struct iattr *attr)
enum op_xvalid xvalid = 0;
int rc;
- rc = llcrypt_prepare_setattr(de, attr);
+ rc = fscrypt_prepare_setattr(de, attr);
if (rc)
return rc;
diff --git a/fs/lustre/llite/namei.c b/fs/lustre/llite/namei.c
index 2da33d0..658da49 100644
--- a/fs/lustre/llite/namei.c
+++ b/fs/lustre/llite/namei.c
@@ -674,7 +674,7 @@ static int ll_lookup_it_finish(struct ptlrpc_request *request,
ll_i2sbi(inode)->ll_fsname,
PFID(ll_inode2fid(inode)), rc);
} else if (encrypt) {
- rc = llcrypt_get_encryption_info(inode);
+ rc = fscrypt_get_encryption_info(inode);
if (rc)
CDEBUG(D_SEC,
"cannot get enc info for " DFID ": rc = %d\n",
@@ -744,10 +744,10 @@ static int ll_lookup_it_finish(struct ptlrpc_request *request,
d_lustre_revalidate(*de);
if (encrypt) {
- rc = llcrypt_get_encryption_info(inode);
+ rc = fscrypt_get_encryption_info(inode);
if (rc)
goto out;
- if (!llcrypt_has_encryption_key(inode)) {
+ if (!fscrypt_has_encryption_key(inode)) {
rc = -ENOKEY;
goto out;
}
@@ -878,7 +878,7 @@ static struct dentry *ll_lookup_it(struct inode *parent, struct dentry *dentry,
*secctxlen = 0;
}
if (it->it_op & IT_CREAT && encrypt) {
- rc = llcrypt_inherit_context(parent, NULL, op_data, false);
+ rc = fscrypt_inherit_context(parent, NULL, op_data, false);
if (rc) {
retval = ERR_PTR(rc);
goto out;
@@ -1134,11 +1134,11 @@ static int ll_atomic_open(struct inode *dir, struct dentry *dentry,
/* in case of create, this is going to be a regular file because
* we set S_IFREG bit on it->it_create_mode above
*/
- rc = llcrypt_get_encryption_info(dir);
+ rc = fscrypt_get_encryption_info(dir);
if (rc)
goto out_release;
if (open_flags & O_CREAT) {
- if (!llcrypt_has_encryption_key(dir)) {
+ if (!fscrypt_has_encryption_key(dir)) {
rc = -ENOKEY;
goto out_release;
}
@@ -1390,11 +1390,11 @@ static int ll_new_node(struct inode *dir, struct dentry *dentry,
if (ll_sbi_has_encrypt(sbi) &&
((IS_ENCRYPTED(dir) &&
(S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) ||
- (unlikely(llcrypt_dummy_context_enabled(dir)) && S_ISDIR(mode)))) {
- err = llcrypt_get_encryption_info(dir);
+ (unlikely(fscrypt_dummy_context_enabled(dir)) && S_ISDIR(mode)))) {
+ err = fscrypt_get_encryption_info(dir);
if (err)
goto err_exit;
- if (!llcrypt_has_encryption_key(dir)) {
+ if (!fscrypt_has_encryption_key(dir)) {
err = -ENOKEY;
goto err_exit;
}
@@ -1402,7 +1402,7 @@ static int ll_new_node(struct inode *dir, struct dentry *dentry,
}
if (encrypt) {
- err = llcrypt_inherit_context(dir, NULL, op_data, false);
+ err = fscrypt_inherit_context(dir, NULL, op_data, false);
if (err)
goto err_exit;
}
@@ -1504,7 +1504,7 @@ static int ll_new_node(struct inode *dir, struct dentry *dentry,
d_instantiate(dentry, inode);
if (encrypt) {
- err = llcrypt_inherit_context(dir, inode, NULL, true);
+ err = fscrypt_inherit_context(dir, inode, NULL, true);
if (err)
goto err_exit;
}
@@ -1740,7 +1740,7 @@ static int ll_link(struct dentry *old_dentry, struct inode *dir,
PFID(ll_inode2fid(src)), src, PFID(ll_inode2fid(dir)), dir,
new_dentry);
- err = llcrypt_prepare_link(old_dentry, dir, new_dentry);
+ err = fscrypt_prepare_link(old_dentry, dir, new_dentry);
if (err)
return err;
@@ -1785,7 +1785,7 @@ static int ll_rename(struct inode *src, struct dentry *src_dchild,
if (unlikely(d_mountpoint(src_dchild) || d_mountpoint(tgt_dchild)))
return -EBUSY;
- err = llcrypt_prepare_rename(src, src_dchild, tgt, tgt_dchild, flags);
+ err = fscrypt_prepare_rename(src, src_dchild, tgt, tgt_dchild, flags);
if (err)
return err;
diff --git a/fs/lustre/llite/super25.c b/fs/lustre/llite/super25.c
index decfa2f..f50c23a 100644
--- a/fs/lustre/llite/super25.c
+++ b/fs/lustre/llite/super25.c
@@ -63,7 +63,7 @@ static void ll_inode_destroy_callback(struct rcu_head *head)
struct inode *inode = container_of(head, struct inode, i_rcu);
struct ll_inode_info *ptr = ll_i2info(inode);
- llcrypt_free_inode(inode);
+ fscrypt_free_inode(inode);
kmem_cache_free(ll_inode_cachep, ptr);
}
@@ -77,7 +77,7 @@ static int ll_drop_inode(struct inode *inode)
int drop = generic_drop_inode(inode);
if (!drop)
- drop = llcrypt_drop_inode(inode);
+ drop = fscrypt_drop_inode(inode);
return drop;
}
diff --git a/fs/lustre/osc/osc_request.c b/fs/lustre/osc/osc_request.c
index e49d73f..0d590ed 100644
--- a/fs/lustre/osc/osc_request.c
+++ b/fs/lustre/osc/osc_request.c
@@ -1371,11 +1371,11 @@ static inline void osc_release_bounce_pages(struct brw_page **pga,
for (i = 0; i < page_count; i++) {
/* Bounce pages allocated by a call to
- * llcrypt_encrypt_pagecache_blocks() in osc_brw_prep_request()
+ * fscrypt_encrypt_pagecache_blocks() in osc_brw_prep_request()
* are identified thanks to the PageChecked flag.
*/
if (PageChecked(pga[i]->pg))
- llcrypt_finalize_bounce_page(&pga[i]->pg);
+ fscrypt_finalize_bounce_page(&pga[i]->pg);
pga[i]->count -= pga[i]->bp_count_diff;
pga[i]->off += pga[i]->bp_off_diff;
}
@@ -1463,7 +1463,7 @@ static int osc_brw_prep_request(int cmd, struct client_obd *cli,
pg->pg->index = pg->off >> PAGE_SHIFT;
}
data_page =
- llcrypt_encrypt_pagecache_blocks(pg->pg,
+ fscrypt_encrypt_pagecache_blocks(pg->pg,
nunits, 0,
GFP_NOFS);
if (directio) {
@@ -2145,7 +2145,7 @@ static int osc_brw_fini_request(struct ptlrpc_request *req, int rc)
if (inode && IS_ENCRYPTED(inode)) {
int idx;
- if (!llcrypt_has_encryption_key(inode)) {
+ if (!fscrypt_has_encryption_key(inode)) {
CDEBUG(D_SEC, "no enc key for ino %lu\n", inode->i_ino);
goto out;
}
@@ -2181,7 +2181,7 @@ static int osc_brw_fini_request(struct ptlrpc_request *req, int rc)
for (i = offs;
i < offs + LUSTRE_ENCRYPTION_UNIT_SIZE;
i += blocksize, lblk_num++) {
- rc = llcrypt_decrypt_block_inplace(inode,
+ rc = fscrypt_decrypt_block_inplace(inode,
pg->pg,
blocksize, i,
lblk_num);
@@ -2189,7 +2189,7 @@ static int osc_brw_fini_request(struct ptlrpc_request *req, int rc)
break;
}
} else {
- rc = llcrypt_decrypt_pagecache_blocks(pg->pg,
+ rc = fscrypt_decrypt_pagecache_blocks(pg->pg,
LUSTRE_ENCRYPTION_UNIT_SIZE,
offs);
}
--
1.8.3.1
_______________________________________________
lustre-devel mailing list
lustre-devel@lists.lustre.org
http://lists.lustre.org/listinfo.cgi/lustre-devel-lustre.org
next prev parent reply other threads:[~2021-05-15 13:06 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-15 13:05 [lustre-devel] [PATCH 00/13] lustre: sync to OpenSFS tree as of May 14, 2021 James Simmons
2021-05-15 13:05 ` [lustre-devel] [PATCH 01/13] lnet: Allow delayed sends James Simmons
2021-05-15 13:05 ` [lustre-devel] [PATCH 02/13] lustre: lov: correctly handling sub-lock init failure James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 03/13] lnet: Local NI must be on same net as next-hop James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 04/13] lnet: socklnd: add conns_per_peer parameter James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 05/13] lustre: readahead: export pages directly without RA James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 06/13] lustre: readahead: fix reserving for unaliged read James Simmons
2021-05-15 13:06 ` James Simmons [this message]
2021-05-15 13:06 ` [lustre-devel] [PATCH 08/13] lustre: ptlrpc: remove might_sleep() in sptlrpc_gc_del_sec() James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 09/13] lustre; obdclass: server qos penalty miscaculated James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 10/13] lustre: lmv: add default LMV inherit depth James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 11/13] lustre: lmv: qos stay on current MDT if less full James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 12/13] lnet: Correct the router ping interval calculation James Simmons
2021-05-15 13:06 ` [lustre-devel] [PATCH 13/13] lustre: llite: Introduce inode open heat counter James Simmons
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1621083970-32463-8-git-send-email-jsimmons@infradead.org \
--to=jsimmons@infradead.org \
--cc=adilger@whamcloud.com \
--cc=green@whamcloud.com \
--cc=lustre-devel@lists.lustre.org \
--cc=neilb@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).