From patchwork Fri Dec 15 17:42:23 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 10115717 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id F2C9B6019C for ; Fri, 15 Dec 2017 17:47:20 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DCCB929EE1 for ; Fri, 15 Dec 2017 17:47:20 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D02C32A024; Fri, 15 Dec 2017 17:47:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 69C4529EE1 for ; Fri, 15 Dec 2017 17:47:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756143AbdLORrS (ORCPT ); Fri, 15 Dec 2017 12:47:18 -0500 Received: from mail-pf0-f195.google.com ([209.85.192.195]:36590 "EHLO mail-pf0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755684AbdLORrE (ORCPT ); Fri, 15 Dec 2017 12:47:04 -0500 Received: by mail-pf0-f195.google.com with SMTP id p84so6639844pfd.3; Fri, 15 Dec 2017 09:47:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=89rqkgVHxCJ0stdUoPFyfXy6IwBQu3MvnIJK8pfaeD4=; b=Hfr9xPVfQJKLzZEDrNeFs1czZwDaVBahTY/gHAXgZERNP2AQKvuQxRpK85gJcePSIP tgWl2TTagwycdy7kupN8R9zMSa6GJyDoOWzhHqAcdykN2oBbVAT8m9PyfLMiowWS5+hY lAzHToODALPPRQqk/3mSFZqCjGFR2o5RZJahOgnF1hwFd7svXe2stfFFFP0IX7huOfP3 ZJzL6De/oU7dUP0jhg5+1LBaQ067oUh+n3JPzkiniQXln9XLkNP9uMCcdZ0WfL3qOwTy /gL+xP5pXxQuktLF8M+VU8OxyuUIpPeCOf9cyPIcaEz5vpiesXori9Xpm6eBdjQEqBnY OaTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=89rqkgVHxCJ0stdUoPFyfXy6IwBQu3MvnIJK8pfaeD4=; b=iF0Xrcqd0YZevE20HcuZD9VNT2huZ7+1Rf1eAPej4RE44ACbjAr75Hp+S+NmGqud3J KGyKaeFVIW40tEKzV/DR26CYzRI3eZUvTzIPuk0Op0d1wuoRpvJoSZFtI7Arkf1KAcEX 2XidviA4Wrj9jmbQu3sJZGAKNRqr1gUvtz/+2uSf4VJpXwhRv1hSzrBnd0vbW9+Q2qUE RDTxjuYoyDPDh8xQ4u7UDzF3MD4KCeTeCKAKUKHG6Wq/cxSso+MTnUwYMNFkYq4qXqzx LbrevLLTiP9o5h0+UVwCVCLA9L5HIPz3q91OoxsKqi/BQT+2uW7eyP452LF/k3ytRTaL FGhA== X-Gm-Message-State: AKGB3mK5RMAxQ8Jx1C0YdrusYzhtAYLr1aowhPWg2i41vY2jwEmzqTFC b4TB8n/q2GckzNGRG6S20Bhl58T88ZE= X-Google-Smtp-Source: ACJfBouj8lDMz83Xmwzq6QMBwAlccFqadVl5kS3ZebHVleyvxuBO7oUtJoYMlmsZfDyBQhCADn8naQ== X-Received: by 10.84.202.12 with SMTP id w12mr13964271pld.107.1513360022997; Fri, 15 Dec 2017 09:47:02 -0800 (PST) Received: from zzz.localdomain (c-67-185-97-198.hsd1.wa.comcast.net. [67.185.97.198]) by smtp.gmail.com with ESMTPSA id j62sm12980149pfc.18.2017.12.15.09.47.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 15 Dec 2017 09:47:02 -0800 (PST) From: Eric Biggers To: linux-fscrypt@vger.kernel.org Cc: "Theodore Y . Ts'o" , Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Eric Biggers Subject: [PATCH 22/24] fscrypt: define fscrypt_fname_alloc_buffer() to be for presented names Date: Fri, 15 Dec 2017 09:42:23 -0800 Message-Id: <20171215174225.31583-23-ebiggers3@gmail.com> X-Mailer: git-send-email 2.15.1 In-Reply-To: <20171215174225.31583-1-ebiggers3@gmail.com> References: <20171215174225.31583-1-ebiggers3@gmail.com> Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Eric Biggers Previously fscrypt_fname_alloc_buffer() was used to allocate buffers for both presented (decrypted or encoded) and encrypted filenames. That was confusing, because it had to allocate the worst-case size for either, e.g. including NUL-padding even when it was meaningless. But now that fscrypt_setup_filename() no longer calls it, it is only used in the ->get_link() and ->readdir() paths, which specifically want a buffer for presented filenames. Therefore, switch the behavior over to allocating the buffer for presented filenames only. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 29 ++++++++++++++--------------- include/linux/fscrypt_notsupp.h | 2 +- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 65424b89a1d1..44ddd094b7c5 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -204,37 +204,36 @@ u32 fscrypt_fname_encrypted_size(const struct inode *inode, u32 ilen) EXPORT_SYMBOL(fscrypt_fname_encrypted_size); /** - * fscrypt_fname_crypto_alloc_obuff() - + * fscrypt_fname_alloc_buffer - allocate a buffer for presented filenames * - * Allocates an output buffer that is sufficient for the crypto operation - * specified by the context and the direction. + * Allocate a buffer that is large enough to hold any decrypted or encoded + * filename (null-terminated), for the given maximum encrypted filename length. + * + * Return: 0 on success, -errno on failure */ int fscrypt_fname_alloc_buffer(const struct inode *inode, - u32 ilen, struct fscrypt_str *crypto_str) + u32 max_encrypted_len, + struct fscrypt_str *crypto_str) { - u32 olen = fscrypt_fname_encrypted_size(inode, ilen); const u32 max_encoded_len = max_t(u32, BASE64_CHARS(FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE), 1 + BASE64_CHARS(sizeof(struct fscrypt_digested_name))); + u32 max_presented_len; - crypto_str->len = olen; - olen = max(olen, max_encoded_len); + max_presented_len = max(max_encoded_len, max_encrypted_len); - /* - * Allocated buffer can hold one more character to null-terminate the - * string - */ - crypto_str->name = kmalloc(olen + 1, GFP_NOFS); - if (!(crypto_str->name)) + crypto_str->name = kmalloc(max_presented_len + 1, GFP_NOFS); + if (!crypto_str->name) return -ENOMEM; + crypto_str->len = max_presented_len; return 0; } EXPORT_SYMBOL(fscrypt_fname_alloc_buffer); /** - * fscrypt_fname_crypto_free_buffer() - + * fscrypt_fname_free_buffer - free the buffer for presented filenames * - * Frees the buffer allocated for crypto operation. + * Free the buffer allocated by fscrypt_fname_alloc_buffer(). */ void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str) { diff --git a/include/linux/fscrypt_notsupp.h b/include/linux/fscrypt_notsupp.h index 0962f504aa91..c9592e307df5 100644 --- a/include/linux/fscrypt_notsupp.h +++ b/include/linux/fscrypt_notsupp.h @@ -140,7 +140,7 @@ static inline u32 fscrypt_fname_encrypted_size(const struct inode *inode, } static inline int fscrypt_fname_alloc_buffer(const struct inode *inode, - u32 ilen, + u32 max_encrypted_len, struct fscrypt_str *crypto_str) { return -EOPNOTSUPP;