diff mbox series

fscrypt: export fscrypt_d_revalidate()

Message ID 20200924054721.187797-1-ebiggers@kernel.org
State New
Headers show
Series fscrypt: export fscrypt_d_revalidate() | expand

Commit Message

Eric Biggers Sept. 24, 2020, 5:47 a.m. UTC
From: Eric Biggers <ebiggers@google.com>

Dentries that represent no-key names must have a dentry_operations that
includes fscrypt_d_revalidate().  Currently, this is handled by
fscrypt_prepare_lookup() installing fscrypt_d_ops.

However, ceph support for encryption
(https://lore.kernel.org/r/20200914191707.380444-1-jlayton@kernel.org)
can't use fscrypt_d_ops, since ceph already has its own
dentry_operations.

Similarly, ext4 and f2fs support for directories that are both encrypted
and casefolded
(https://lore.kernel.org/r/20200923010151.69506-1-drosen@google.com)
can't use fscrypt_d_ops either, since casefolding requires some dentry
operations too.

To satisfy both users, we need to move the responsibility of installing
the dentry_operations to filesystems.

In preparation for this, export fscrypt_d_revalidate() and give it a
!CONFIG_FS_ENCRYPTION stub.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---

Compared to the versions of this patch from Jeff and Daniel, I've
improved the commit message and added a !CONFIG_FS_ENCRYPTION stub,
which was missing.  I'm planning to apply this for 5.10 in preparation
for both the ceph patchset and the encrypt+casefold patchset.


 fs/crypto/fname.c       | 3 ++-
 include/linux/fscrypt.h | 7 +++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

Comments

Jeff Layton Sept. 24, 2020, 10:57 a.m. UTC | #1
On Wed, 2020-09-23 at 22:47 -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>

> 

> Dentries that represent no-key names must have a dentry_operations that

> includes fscrypt_d_revalidate().  Currently, this is handled by

> fscrypt_prepare_lookup() installing fscrypt_d_ops.

> 

> However, ceph support for encryption

> (https://lore.kernel.org/r/20200914191707.380444-1-jlayton@kernel.org)

> can't use fscrypt_d_ops, since ceph already has its own

> dentry_operations.

> 

> Similarly, ext4 and f2fs support for directories that are both encrypted

> and casefolded

> (https://lore.kernel.org/r/20200923010151.69506-1-drosen@google.com)

> can't use fscrypt_d_ops either, since casefolding requires some dentry

> operations too.

> 

> To satisfy both users, we need to move the responsibility of installing

> the dentry_operations to filesystems.

> 

> In preparation for this, export fscrypt_d_revalidate() and give it a

> !CONFIG_FS_ENCRYPTION stub.

> 

> Signed-off-by: Eric Biggers <ebiggers@google.com>

> ---

> 

> Compared to the versions of this patch from Jeff and Daniel, I've

> improved the commit message and added a !CONFIG_FS_ENCRYPTION stub,

> which was missing.  I'm planning to apply this for 5.10 in preparation

> for both the ceph patchset and the encrypt+casefold patchset.

> 

> 

>  fs/crypto/fname.c       | 3 ++-

>  include/linux/fscrypt.h | 7 +++++++

>  2 files changed, 9 insertions(+), 1 deletion(-)

> 

> diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c

> index c65979452844..1fbe6c24d705 100644

> --- a/fs/crypto/fname.c

> +++ b/fs/crypto/fname.c

> @@ -530,7 +530,7 @@ EXPORT_SYMBOL_GPL(fscrypt_fname_siphash);

>   * Validate dentries in encrypted directories to make sure we aren't potentially

>   * caching stale dentries after a key has been added.

>   */

> -static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)

> +int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)

>  {

>  	struct dentry *dir;

>  	int err;

> @@ -569,6 +569,7 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)

>  

>  	return valid;

>  }

> +EXPORT_SYMBOL_GPL(fscrypt_d_revalidate);

>  

>  const struct dentry_operations fscrypt_d_ops = {

>  	.d_revalidate = fscrypt_d_revalidate,

> diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h

> index f1757e73162d..a8f7a43f031b 100644

> --- a/include/linux/fscrypt.h

> +++ b/include/linux/fscrypt.h

> @@ -197,6 +197,7 @@ int fscrypt_fname_disk_to_usr(const struct inode *inode,

>  bool fscrypt_match_name(const struct fscrypt_name *fname,

>  			const u8 *de_name, u32 de_name_len);

>  u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name);

> +int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags);

>  

>  /* bio.c */

>  void fscrypt_decrypt_bio(struct bio *bio);

> @@ -454,6 +455,12 @@ static inline u64 fscrypt_fname_siphash(const struct inode *dir,

>  	return 0;

>  }

>  

> +static inline int fscrypt_d_revalidate(struct dentry *dentry,

> +				       unsigned int flags)

> +{

> +	return 1;

> +}

> +

>  /* bio.c */

>  static inline void fscrypt_decrypt_bio(struct bio *bio)

>  {


Reviewed-by: Jeff Layton <jlayton@kernel.org>
Eric Biggers Sept. 28, 2020, 9:55 p.m. UTC | #2
On Wed, Sep 23, 2020 at 10:47:21PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>

> 

> Dentries that represent no-key names must have a dentry_operations that

> includes fscrypt_d_revalidate().  Currently, this is handled by

> fscrypt_prepare_lookup() installing fscrypt_d_ops.

> 

> However, ceph support for encryption

> (https://lore.kernel.org/r/20200914191707.380444-1-jlayton@kernel.org)

> can't use fscrypt_d_ops, since ceph already has its own

> dentry_operations.

> 

> Similarly, ext4 and f2fs support for directories that are both encrypted

> and casefolded

> (https://lore.kernel.org/r/20200923010151.69506-1-drosen@google.com)

> can't use fscrypt_d_ops either, since casefolding requires some dentry

> operations too.

> 

> To satisfy both users, we need to move the responsibility of installing

> the dentry_operations to filesystems.

> 

> In preparation for this, export fscrypt_d_revalidate() and give it a

> !CONFIG_FS_ENCRYPTION stub.

> 

> Signed-off-by: Eric Biggers <ebiggers@google.com>

> ---

> 

> Compared to the versions of this patch from Jeff and Daniel, I've

> improved the commit message and added a !CONFIG_FS_ENCRYPTION stub,

> which was missing.  I'm planning to apply this for 5.10 in preparation

> for both the ceph patchset and the encrypt+casefold patchset.

> 

> 

>  fs/crypto/fname.c       | 3 ++-

>  include/linux/fscrypt.h | 7 +++++++

>  2 files changed, 9 insertions(+), 1 deletion(-)


Applied to fscrypt.git#master for 5.10.

- Eric
diff mbox series

Patch

diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
index c65979452844..1fbe6c24d705 100644
--- a/fs/crypto/fname.c
+++ b/fs/crypto/fname.c
@@ -530,7 +530,7 @@  EXPORT_SYMBOL_GPL(fscrypt_fname_siphash);
  * Validate dentries in encrypted directories to make sure we aren't potentially
  * caching stale dentries after a key has been added.
  */
-static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
+int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
 {
 	struct dentry *dir;
 	int err;
@@ -569,6 +569,7 @@  static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
 
 	return valid;
 }
+EXPORT_SYMBOL_GPL(fscrypt_d_revalidate);
 
 const struct dentry_operations fscrypt_d_ops = {
 	.d_revalidate = fscrypt_d_revalidate,
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index f1757e73162d..a8f7a43f031b 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -197,6 +197,7 @@  int fscrypt_fname_disk_to_usr(const struct inode *inode,
 bool fscrypt_match_name(const struct fscrypt_name *fname,
 			const u8 *de_name, u32 de_name_len);
 u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name);
+int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags);
 
 /* bio.c */
 void fscrypt_decrypt_bio(struct bio *bio);
@@ -454,6 +455,12 @@  static inline u64 fscrypt_fname_siphash(const struct inode *dir,
 	return 0;
 }
 
+static inline int fscrypt_d_revalidate(struct dentry *dentry,
+				       unsigned int flags)
+{
+	return 1;
+}
+
 /* bio.c */
 static inline void fscrypt_decrypt_bio(struct bio *bio)
 {