lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 24 Sep 2020 06:57:26 -0400
From:   Jeff Layton <jlayton@...nel.org>
To:     Eric Biggers <ebiggers@...nel.org>, linux-fscrypt@...r.kernel.org
Cc:     linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net,
        ceph-devel@...r.kernel.org, Daniel Rosenberg <drosen@...gle.com>
Subject: Re: [PATCH] fscrypt: export fscrypt_d_revalidate()

On Wed, 2020-09-23 at 22:47 -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@...gle.com>
> 
> Dentries that represent no-key names must have a dentry_operations that
> includes fscrypt_d_revalidate().  Currently, this is handled by
> fscrypt_prepare_lookup() installing fscrypt_d_ops.
> 
> However, ceph support for encryption
> (https://lore.kernel.org/r/20200914191707.380444-1-jlayton@kernel.org)
> can't use fscrypt_d_ops, since ceph already has its own
> dentry_operations.
> 
> Similarly, ext4 and f2fs support for directories that are both encrypted
> and casefolded
> (https://lore.kernel.org/r/20200923010151.69506-1-drosen@google.com)
> can't use fscrypt_d_ops either, since casefolding requires some dentry
> operations too.
> 
> To satisfy both users, we need to move the responsibility of installing
> the dentry_operations to filesystems.
> 
> In preparation for this, export fscrypt_d_revalidate() and give it a
> !CONFIG_FS_ENCRYPTION stub.
> 
> Signed-off-by: Eric Biggers <ebiggers@...gle.com>
> ---
> 
> Compared to the versions of this patch from Jeff and Daniel, I've
> improved the commit message and added a !CONFIG_FS_ENCRYPTION stub,
> which was missing.  I'm planning to apply this for 5.10 in preparation
> for both the ceph patchset and the encrypt+casefold patchset.
> 
> 
>  fs/crypto/fname.c       | 3 ++-
>  include/linux/fscrypt.h | 7 +++++++
>  2 files changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
> index c65979452844..1fbe6c24d705 100644
> --- a/fs/crypto/fname.c
> +++ b/fs/crypto/fname.c
> @@ -530,7 +530,7 @@ EXPORT_SYMBOL_GPL(fscrypt_fname_siphash);
>   * Validate dentries in encrypted directories to make sure we aren't potentially
>   * caching stale dentries after a key has been added.
>   */
> -static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
> +int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
>  {
>  	struct dentry *dir;
>  	int err;
> @@ -569,6 +569,7 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
>  
>  	return valid;
>  }
> +EXPORT_SYMBOL_GPL(fscrypt_d_revalidate);
>  
>  const struct dentry_operations fscrypt_d_ops = {
>  	.d_revalidate = fscrypt_d_revalidate,
> diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
> index f1757e73162d..a8f7a43f031b 100644
> --- a/include/linux/fscrypt.h
> +++ b/include/linux/fscrypt.h
> @@ -197,6 +197,7 @@ int fscrypt_fname_disk_to_usr(const struct inode *inode,
>  bool fscrypt_match_name(const struct fscrypt_name *fname,
>  			const u8 *de_name, u32 de_name_len);
>  u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name);
> +int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags);
>  
>  /* bio.c */
>  void fscrypt_decrypt_bio(struct bio *bio);
> @@ -454,6 +455,12 @@ static inline u64 fscrypt_fname_siphash(const struct inode *dir,
>  	return 0;
>  }
>  
> +static inline int fscrypt_d_revalidate(struct dentry *dentry,
> +				       unsigned int flags)
> +{
> +	return 1;
> +}
> +
>  /* bio.c */
>  static inline void fscrypt_decrypt_bio(struct bio *bio)
>  {

Reviewed-by: Jeff Layton <jlayton@...nel.org>

Powered by blists - more mailing lists