Message ID | 20200914191707.380444-8-jlayton@kernel.org (mailing list archive) |
---|---|
State | Not Applicable |
Headers | show |
Series | ceph+fscrypt: context, filename and symlink support | expand |
On Mon, Sep 14, 2020 at 03:16:58PM -0400, Jeff Layton wrote: > +static const union fscrypt_context * > +ceph_get_dummy_context(struct super_block *sb) > +{ > + return ceph_sb_to_client(sb)->dummy_enc_ctx.ctx; > +} This hunk needs to go in the patch that adds test_dummy_encryption support. > diff --git a/fs/ceph/crypto.h b/fs/ceph/crypto.h > new file mode 100644 > index 000000000000..b5f38ee80553 > --- /dev/null > +++ b/fs/ceph/crypto.h > @@ -0,0 +1,24 @@ > +// SPDX-License-Identifier: GPL-2.0 checkpatch wants a /* comment */ here, not a // comment. Can you run checkpatch on the whole patchset and fix the warnings? > +/* > + * Ceph fscrypt functionality > + */ > + > +#ifndef _CEPH_CRYPTO_H > +#define _CEPH_CRYPTO_H > + > +#ifdef CONFIG_FS_ENCRYPTION > + > +#define CEPH_XATTR_NAME_ENCRYPTION_CONTEXT "encryption.ctx" > + > +void ceph_fscrypt_set_ops(struct super_block *sb); > + > +#else /* CONFIG_FS_ENCRYPTION */ > + > +static inline int ceph_fscrypt_set_ops(struct super_block *sb) > +{ > + return 0; > +} The !CONFIG_FS_ENCRYPTION version of ceph_fscrypt_set_ops() needs to return void. > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c > index 526faf4778ce..daae18267fd8 100644 > --- a/fs/ceph/inode.c > +++ b/fs/ceph/inode.c > @@ -549,6 +549,7 @@ void ceph_evict_inode(struct inode *inode) > > percpu_counter_dec(&mdsc->metric.total_inodes); > > + fscrypt_put_encryption_info(inode); > truncate_inode_pages_final(&inode->i_data); > clear_inode(inode); Is it correct for fscrypt_put_encryption_info() to go before truncate_inode_pages_final()? The other filesystems call fscrypt_put_encryption_info() later. Note that all I/O needs to be done before calling fscrypt_put_encryption_info(). > diff --git a/fs/ceph/super.c b/fs/ceph/super.c > index b3fc9bb61afc..055180218224 100644 > --- a/fs/ceph/super.c > +++ b/fs/ceph/super.c > @@ -20,6 +20,7 @@ > #include "super.h" > #include "mds_client.h" > #include "cache.h" > +#include "crypto.h" > > #include <linux/ceph/ceph_features.h> > #include <linux/ceph/decode.h> > @@ -984,6 +985,10 @@ static int ceph_set_super(struct super_block *s, struct fs_context *fc) > s->s_time_min = 0; > s->s_time_max = U32_MAX; > > + ret = ceph_fscrypt_set_ops(s); > + if (ret) > + goto out; > + This part doesn't compile when CONFIG_FS_ENCRYPTION=y. It got fixed in a later patch, but it should be fixed here. > diff --git a/fs/ceph/super.h b/fs/ceph/super.h > index 483a52d281cd..cc39cc36de77 100644 > --- a/fs/ceph/super.h > +++ b/fs/ceph/super.h > @@ -985,6 +985,7 @@ extern ssize_t ceph_listxattr(struct dentry *, char *, size_t); > extern struct ceph_buffer *__ceph_build_xattrs_blob(struct ceph_inode_info *ci); > extern void __ceph_destroy_xattrs(struct ceph_inode_info *ci); > extern const struct xattr_handler *ceph_xattr_handlers[]; > +bool ceph_inode_has_xattr(struct ceph_inode_info *ci, char *name); > > struct ceph_acl_sec_ctx { > #ifdef CONFIG_CEPH_FS_POSIX_ACL > diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c > index 3a733ac33d9b..9dcb060cba9a 100644 > --- a/fs/ceph/xattr.c > +++ b/fs/ceph/xattr.c > @@ -1283,6 +1283,38 @@ void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx) > ceph_pagelist_release(as_ctx->pagelist); > } > > +/* Return true if inode's xattr blob has an xattr named "name" */ > +bool ceph_inode_has_xattr(struct ceph_inode_info *ci, char *name) Use 'const char *' instead of 'char *'? - Eric
diff --git a/fs/ceph/Makefile b/fs/ceph/Makefile index 50c635dc7f71..1f77ca04c426 100644 --- a/fs/ceph/Makefile +++ b/fs/ceph/Makefile @@ -12,3 +12,4 @@ ceph-y := super.o inode.o dir.o file.o locks.o addr.o ioctl.o \ ceph-$(CONFIG_CEPH_FSCACHE) += cache.o ceph-$(CONFIG_CEPH_FS_POSIX_ACL) += acl.o +ceph-$(CONFIG_FS_ENCRYPTION) += crypto.o diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c new file mode 100644 index 000000000000..74f07d44dbe9 --- /dev/null +++ b/fs/ceph/crypto.c @@ -0,0 +1,49 @@ +// SPDX-License-Identifier: GPL-2.0 +#include <linux/ceph/ceph_debug.h> +#include <linux/xattr.h> +#include <linux/fscrypt.h> + +#include "super.h" +#include "crypto.h" + +static int ceph_crypt_get_context(struct inode *inode, void *ctx, size_t len) +{ + return __ceph_getxattr(inode, CEPH_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len); +} + +static int ceph_crypt_set_context(struct inode *inode, const void *ctx, size_t len, void *fs_data) +{ + int ret; + + WARN_ON_ONCE(fs_data); + ret = __ceph_setxattr(inode, CEPH_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len, XATTR_CREATE); + if (ret == 0) + inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED); + return ret; +} + +static bool ceph_crypt_empty_dir(struct inode *inode) +{ + struct ceph_inode_info *ci = ceph_inode(inode); + + return ci->i_rsubdirs + ci->i_rfiles == 1; +} + +static const union fscrypt_context * +ceph_get_dummy_context(struct super_block *sb) +{ + return ceph_sb_to_client(sb)->dummy_enc_ctx.ctx; +} + +static struct fscrypt_operations ceph_fscrypt_ops = { + .get_context = ceph_crypt_get_context, + .set_context = ceph_crypt_set_context, + .get_dummy_context = ceph_get_dummy_context, + .empty_dir = ceph_crypt_empty_dir, + .max_namelen = NAME_MAX, +}; + +void ceph_fscrypt_set_ops(struct super_block *sb) +{ + fscrypt_set_ops(sb, &ceph_fscrypt_ops); +} diff --git a/fs/ceph/crypto.h b/fs/ceph/crypto.h new file mode 100644 index 000000000000..b5f38ee80553 --- /dev/null +++ b/fs/ceph/crypto.h @@ -0,0 +1,24 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Ceph fscrypt functionality + */ + +#ifndef _CEPH_CRYPTO_H +#define _CEPH_CRYPTO_H + +#ifdef CONFIG_FS_ENCRYPTION + +#define CEPH_XATTR_NAME_ENCRYPTION_CONTEXT "encryption.ctx" + +void ceph_fscrypt_set_ops(struct super_block *sb); + +#else /* CONFIG_FS_ENCRYPTION */ + +static inline int ceph_fscrypt_set_ops(struct super_block *sb) +{ + return 0; +} + +#endif /* CONFIG_FS_ENCRYPTION */ + +#endif diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index 526faf4778ce..daae18267fd8 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -549,6 +549,7 @@ void ceph_evict_inode(struct inode *inode) percpu_counter_dec(&mdsc->metric.total_inodes); + fscrypt_put_encryption_info(inode); truncate_inode_pages_final(&inode->i_data); clear_inode(inode); @@ -912,6 +913,9 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page, ceph_forget_all_cached_acls(inode); ceph_security_invalidate_secctx(inode); xattr_blob = NULL; + if ((inode->i_state & I_NEW) && + ceph_inode_has_xattr(ci, CEPH_XATTR_NAME_ENCRYPTION_CONTEXT)) + inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED); } /* finally update i_version */ diff --git a/fs/ceph/super.c b/fs/ceph/super.c index b3fc9bb61afc..055180218224 100644 --- a/fs/ceph/super.c +++ b/fs/ceph/super.c @@ -20,6 +20,7 @@ #include "super.h" #include "mds_client.h" #include "cache.h" +#include "crypto.h" #include <linux/ceph/ceph_features.h> #include <linux/ceph/decode.h> @@ -984,6 +985,10 @@ static int ceph_set_super(struct super_block *s, struct fs_context *fc) s->s_time_min = 0; s->s_time_max = U32_MAX; + ret = ceph_fscrypt_set_ops(s); + if (ret) + goto out; + ret = set_anon_super_fc(s, fc); if (ret != 0) fsc->sb = NULL; diff --git a/fs/ceph/super.h b/fs/ceph/super.h index 483a52d281cd..cc39cc36de77 100644 --- a/fs/ceph/super.h +++ b/fs/ceph/super.h @@ -985,6 +985,7 @@ extern ssize_t ceph_listxattr(struct dentry *, char *, size_t); extern struct ceph_buffer *__ceph_build_xattrs_blob(struct ceph_inode_info *ci); extern void __ceph_destroy_xattrs(struct ceph_inode_info *ci); extern const struct xattr_handler *ceph_xattr_handlers[]; +bool ceph_inode_has_xattr(struct ceph_inode_info *ci, char *name); struct ceph_acl_sec_ctx { #ifdef CONFIG_CEPH_FS_POSIX_ACL diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c index 3a733ac33d9b..9dcb060cba9a 100644 --- a/fs/ceph/xattr.c +++ b/fs/ceph/xattr.c @@ -1283,6 +1283,38 @@ void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx) ceph_pagelist_release(as_ctx->pagelist); } +/* Return true if inode's xattr blob has an xattr named "name" */ +bool ceph_inode_has_xattr(struct ceph_inode_info *ci, char *name) +{ + void *p, *end; + u32 numattr; + size_t namelen; + + lockdep_assert_held(&ci->i_ceph_lock); + + if (!ci->i_xattrs.blob || ci->i_xattrs.blob->vec.iov_len <= 4) + return false; + + namelen = strlen(name); + p = ci->i_xattrs.blob->vec.iov_base; + end = p + ci->i_xattrs.blob->vec.iov_len; + ceph_decode_32_safe(&p, end, numattr, bad); + + while (numattr--) { + u32 len; + + ceph_decode_32_safe(&p, end, len, bad); + ceph_decode_need(&p, end, len, bad); + if (len == namelen && !memcmp(p, name, len)) + return true; + p += len; + ceph_decode_32_safe(&p, end, len, bad); + ceph_decode_skip_n(&p, end, len, bad); + } +bad: + return false; +} + /* * List of handlers for synthetic system.* attributes. Other * attributes are handled directly.
Store the fscrypt context for an inode as an encryption.ctx xattr. When we get a new inode in a trace, set the S_ENCRYPTED bit if the xattr blob has an encryption.ctx xattr. Signed-off-by: Jeff Layton <jlayton@kernel.org> --- fs/ceph/Makefile | 1 + fs/ceph/crypto.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++++ fs/ceph/crypto.h | 24 ++++++++++++++++++++++++ fs/ceph/inode.c | 4 ++++ fs/ceph/super.c | 5 +++++ fs/ceph/super.h | 1 + fs/ceph/xattr.c | 32 +++++++++++++++++++++++++++++++ 7 files changed, 116 insertions(+) create mode 100644 fs/ceph/crypto.c create mode 100644 fs/ceph/crypto.h