| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <F996D2F5-8821-4C8E-B9A7-0017B8F70D6D@dilger.ca>
Date: Wed, 2 Dec 2020 15:54:38 -0700
From: Andreas Dilger <adilger@...ger.ca>
To: Eric Biggers <ebiggers@...nel.org>
Cc: linux-fscrypt@...r.kernel.org, linux-ext4@...r.kernel.org,
linux-f2fs-devel@...ts.sourceforge.net,
linux-mtd@...ts.infradead.org, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH 7/9] fscrypt: move fscrypt_require_key() to
fscrypt_private.h
> On Nov 24, 2020, at 5:23 PM, Eric Biggers <ebiggers@...nel.org> wrote:
>
> From: Eric Biggers <ebiggers@...gle.com>
>
> fscrypt_require_key() is now only used by files in fs/crypto/. So
> reduce its visibility to fscrypt_private.h. This is also a prerequsite
> for unexporting fscrypt_get_encryption_info().
>
> Signed-off-by: Eric Biggers <ebiggers@...gle.com>
Reviewed-by: Andreas Dilger <adilger@...ger.ca>
> ---
> fs/crypto/fscrypt_private.h | 26 ++++++++++++++++++++++++++
> include/linux/fscrypt.h | 26 --------------------------
> 2 files changed, 26 insertions(+), 26 deletions(-)
>
> diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
> index a61d4dbf0a0b..16dd55080127 100644
> --- a/fs/crypto/fscrypt_private.h
> +++ b/fs/crypto/fscrypt_private.h
> @@ -571,6 +571,32 @@ int fscrypt_derive_dirhash_key(struct fscrypt_info *ci,
> void fscrypt_hash_inode_number(struct fscrypt_info *ci,
> const struct fscrypt_master_key *mk);
>
> +/**
> + * fscrypt_require_key() - require an inode's encryption key
> + * @inode: the inode we need the key for
> + *
> + * If the inode is encrypted, set up its encryption key if not already done.
> + * Then require that the key be present and return -ENOKEY otherwise.
> + *
> + * No locks are needed, and the key will live as long as the struct inode --- so
> + * it won't go away from under you.
> + *
> + * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
> + * if a problem occurred while setting up the encryption key.
> + */
> +static inline int fscrypt_require_key(struct inode *inode)
> +{
> + if (IS_ENCRYPTED(inode)) {
> + int err = fscrypt_get_encryption_info(inode);
> +
> + if (err)
> + return err;
> + if (!fscrypt_has_encryption_key(inode))
> + return -ENOKEY;
> + }
> + return 0;
> +}
> +
> /* keysetup_v1.c */
>
> void fscrypt_put_direct_key(struct fscrypt_direct_key *dk);
> diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
> index b20900bb829f..a07610f27926 100644
> --- a/include/linux/fscrypt.h
> +++ b/include/linux/fscrypt.h
> @@ -688,32 +688,6 @@ static inline bool fscrypt_has_encryption_key(const struct inode *inode)
> return fscrypt_get_info(inode) != NULL;
> }
>
> -/**
> - * fscrypt_require_key() - require an inode's encryption key
> - * @inode: the inode we need the key for
> - *
> - * If the inode is encrypted, set up its encryption key if not already done.
> - * Then require that the key be present and return -ENOKEY otherwise.
> - *
> - * No locks are needed, and the key will live as long as the struct inode --- so
> - * it won't go away from under you.
> - *
> - * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
> - * if a problem occurred while setting up the encryption key.
> - */
> -static inline int fscrypt_require_key(struct inode *inode)
> -{
> - if (IS_ENCRYPTED(inode)) {
> - int err = fscrypt_get_encryption_info(inode);
> -
> - if (err)
> - return err;
> - if (!fscrypt_has_encryption_key(inode))
> - return -ENOKEY;
> - }
> - return 0;
> -}
> -
> /**
> * fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted
> * directory
> --
> 2.29.2
>
Cheers, Andreas
Download attachment "signature.asc" of type "application/pgp-signature" (874 bytes)
Powered by blists - more mailing lists