| Message ID | 20220606231233.165860-1-ebiggers@kernel.org (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [5.10] ext4: only allow test_dummy_encryption when supported | expand |
On Mon, Jun 06, 2022 at 04:12:33PM -0700, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > commit 5f41fdaea63ddf96d921ab36b2af4a90ccdb5744 upstream. > > Make the test_dummy_encryption mount option require that the encrypt > feature flag be already enabled on the filesystem, rather than > automatically enabling it. Practically, this means that "-O encrypt" > will need to be included in MKFS_OPTIONS when running xfstests with the > test_dummy_encryption mount option. (ext4/053 also needs an update.) > > Moreover, as long as the preconditions for test_dummy_encryption are > being tightened anyway, take the opportunity to start rejecting it when > !CONFIG_FS_ENCRYPTION rather than ignoring it. > > The motivation for requiring the encrypt feature flag is that: > > - Having the filesystem auto-enable feature flags is problematic, as it > bypasses the usual sanity checks. The specific issue which came up > recently is that in kernel versions where ext4 supports casefold but > not encrypt+casefold (v5.1 through v5.10), the kernel will happily add > the encrypt flag to a filesystem that has the casefold flag, making it > unmountable -- but only for subsequent mounts, not the initial one. > This confused the casefold support detection in xfstests, causing > generic/556 to fail rather than be skipped. > > - The xfstests-bld test runners (kvm-xfstests et al.) already use the > required mkfs flag, so they will not be affected by this change. Only > users of test_dummy_encryption alone will be affected. But, this > option has always been for testing only, so it should be fine to > require that the few users of this option update their test scripts. > > - f2fs already requires it (for its equivalent feature flag). > > Signed-off-by: Eric Biggers <ebiggers@google.com> > Reviewed-by: Gabriel Krisman Bertazi <krisman@collabora.com> > Link: https://lore.kernel.org/r/20220519204437.61645-1-ebiggers@kernel.org > Signed-off-by: Theodore Ts'o <tytso@mit.edu> Both now queued up, thanks. greg k-h
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 8329961546b58..4ad1c3ce9398a 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -1419,12 +1419,6 @@ struct ext4_super_block { #ifdef __KERNEL__ -#ifdef CONFIG_FS_ENCRYPTION -#define DUMMY_ENCRYPTION_ENABLED(sbi) ((sbi)->s_dummy_enc_policy.policy != NULL) -#else -#define DUMMY_ENCRYPTION_ENABLED(sbi) (0) -#endif - /* Number of quota types we support */ #define EXT4_MAXQUOTAS 3 diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 3e26edeca8c73..46007d0177e00 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -2083,6 +2083,12 @@ static int ext4_set_test_dummy_encryption(struct super_block *sb, struct ext4_sb_info *sbi = EXT4_SB(sb); int err; + if (!ext4_has_feature_encrypt(sb)) { + ext4_msg(sb, KERN_WARNING, + "test_dummy_encryption requires encrypt feature"); + return -1; + } + /* * This mount option is just for testing, and it's not worthwhile to * implement the extra complexity (e.g. RCU protection) that would be @@ -2110,11 +2116,13 @@ static int ext4_set_test_dummy_encryption(struct super_block *sb, return -1; } ext4_msg(sb, KERN_WARNING, "Test dummy encryption mode enabled"); + return 1; #else ext4_msg(sb, KERN_WARNING, - "Test dummy encryption mount option ignored"); + "test_dummy_encryption option not supported"); + return -1; + #endif - return 1; } static int handle_mount_opt(struct super_block *sb, char *opt, int token, @@ -4928,12 +4936,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) goto failed_mount_wq; } - if (DUMMY_ENCRYPTION_ENABLED(sbi) && !sb_rdonly(sb) && - !ext4_has_feature_encrypt(sb)) { - ext4_set_feature_encrypt(sb); - ext4_commit_super(sb, 1); - } - /* * Get the # of file system overhead blocks from the * superblock if present.