From patchwork Thu Mar 16 18:14:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Luis Henriques X-Patchwork-Id: 13178171 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C930AC76195 for ; Thu, 16 Mar 2023 18:14:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230493AbjCPSOX (ORCPT ); Thu, 16 Mar 2023 14:14:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36376 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229697AbjCPSOV (ORCPT ); Thu, 16 Mar 2023 14:14:21 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C8D7E4EC1; Thu, 16 Mar 2023 11:14:20 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 758D421A3C; Thu, 16 Mar 2023 18:14:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1678990459; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FGdKFa+t9AtyNNL810Ikd5XAxMLxqtaLrVKIwcRi6Ss=; b=17ThrwWhRX1o28X9jR3zdjQiJoykUsAbLq0s9gAY8NBdtXxfDzIYnhMiWp0GRO5jql9Glf FGib2kwWk/lBKpHZpIkY/rIyamU3vHrPnRD1ketPW7qupfyBPCVw0efBI8V00FtX0BHjAK dWGc5/LoK1Z5cDPc/DtjV/slIyCVcXc= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1678990459; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FGdKFa+t9AtyNNL810Ikd5XAxMLxqtaLrVKIwcRi6Ss=; b=ea81TrPKoELSVxzoT3kCQD9E6h7jwVYkfxzQrODPRmnXUBAxfBZFjWS/dg/SPktflJPDSf /hfJmR3hC3+ZpuAA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id CEDDE133E0; Thu, 16 Mar 2023 18:14:18 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id KK1GL3pcE2RtXAAAMHmgww (envelope-from ); Thu, 16 Mar 2023 18:14:18 +0000 Received: from localhost (brahms.olymp [local]) by brahms.olymp (OpenSMTPD) with ESMTPA id 3553fba9; Thu, 16 Mar 2023 18:14:14 +0000 (UTC) From: =?utf-8?q?Lu=C3=ADs_Henriques?= To: Eric Biggers , Xiubo Li , Jeff Layton Cc: "Theodore Y. Ts'o" , Jaegeuk Kim , Ilya Dryomov , linux-fscrypt@vger.kernel.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, =?utf-8?q?Lu?= =?utf-8?q?=C3=ADs_Henriques?= Subject: [PATCH v3 1/3] fscrypt: new helper function - fscrypt_prepare_lookup_partial() Date: Thu, 16 Mar 2023 18:14:11 +0000 Message-Id: <20230316181413.26916-2-lhenriques@suse.de> In-Reply-To: <20230316181413.26916-1-lhenriques@suse.de> References: <20230316181413.26916-1-lhenriques@suse.de> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org This patch introduces a new helper function which can be used both in lookups and in atomic_open operations by filesystems that want to handle filename encryption and no-key dentries themselves. The reason for this function to be used in atomic open is that this operation can act as a lookup if handed a dentry that is negative. And in this case we may need to set DCACHE_NOKEY_NAME. Signed-off-by: Luís Henriques --- fs/crypto/hooks.c | 37 +++++++++++++++++++++++++++++++++++++ include/linux/fscrypt.h | 7 +++++++ 2 files changed, 44 insertions(+) diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c index 7b8c5a1104b5..4bebdeaadc52 100644 --- a/fs/crypto/hooks.c +++ b/fs/crypto/hooks.c @@ -117,6 +117,43 @@ int __fscrypt_prepare_readdir(struct inode *dir) } EXPORT_SYMBOL_GPL(__fscrypt_prepare_readdir); +/** + * fscrypt_prepare_lookup_partial() - prepare lookup without filenames handling + * @dir: inode of parent directory + * @dentry: dentry to lookup + * + * This function can be used by filesystems that want/need to handle filename + * encryption and no-key name encoding themselves, and thus aren't able to use + * function fscrypt_prepare_lookup(). + + * This helper can be called from lookup and atomic open operations. It will + * try to set the encryption info on the in @dir if the key is available and, if + * it isn't, it will also set the @dentry as non-key. + * + * The reason it needs to get the encryption info before checking if the + * directory has the encryption key is because the key may be available but the + * encryption info isn't yet set (maybe due to a drop_caches). The regular open + * path will use fscrypt_prepare_lookup(), but if a filesystem can't use this + * function (because it handles the filename encryption and no-key dentries) the + * atomic_open requires a different approach. + * + * Return: 0 on success, or an error code if fscrypt_get_encryption_info() + * fails. + */ +int fscrypt_prepare_lookup_partial(struct inode *dir, struct dentry *dentry) +{ + int err = fscrypt_get_encryption_info(dir, true); + + if (!err && !fscrypt_has_encryption_key(dir)) { + spin_lock(&dentry->d_lock); + dentry->d_flags |= DCACHE_NOKEY_NAME; + spin_unlock(&dentry->d_lock); + } + + return err; +} +EXPORT_SYMBOL_GPL(fscrypt_prepare_lookup_partial); + int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr) { if (attr->ia_valid & ATTR_SIZE) diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h index 4f5f8a651213..d9a94cd56cda 100644 --- a/include/linux/fscrypt.h +++ b/include/linux/fscrypt.h @@ -362,6 +362,7 @@ int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry, int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry, struct fscrypt_name *fname); int __fscrypt_prepare_readdir(struct inode *dir); +int fscrypt_prepare_lookup_partial(struct inode *dir, struct dentry *dentry); int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr); int fscrypt_prepare_setflags(struct inode *inode, unsigned int oldflags, unsigned int flags); @@ -688,6 +689,12 @@ static inline int __fscrypt_prepare_readdir(struct inode *dir) return -EOPNOTSUPP; } +static inline int fscrypt_prepare_lookup_partial(struct inode *dir, + struct dentry *dentry) +{ + return -EOPNOTSUPP; +} + static inline int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr) { From patchwork Thu Mar 16 18:14:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Luis Henriques X-Patchwork-Id: 13178172 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8B8D6C6FD19 for ; Thu, 16 Mar 2023 18:14:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230209AbjCPSO1 (ORCPT ); Thu, 16 Mar 2023 14:14:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36418 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230193AbjCPSOX (ORCPT ); Thu, 16 Mar 2023 14:14:23 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 31C4544AE; Thu, 16 Mar 2023 11:14:21 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 3D7D121A3D; Thu, 16 Mar 2023 18:14:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1678990460; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ou1/13qoxG1JQp/epUpYkQ70pH9c9U2ESCM5qF4Wi6k=; b=rLznZhUKOkzoRM0gzYCmtCU+4z2usvidg7hnOrhUmwqW59GUBqOL/ehFxjdH1RosPSowNG rXiqaF2co3vs72McrKJloUIWG7t6nNCnIu961cuLaT90QPCS5mT2ByJ+fQ6Gtk4n0SG3+/ LvfcRAAG3i/TqG+sAugYug4JsgREtVI= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1678990460; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ou1/13qoxG1JQp/epUpYkQ70pH9c9U2ESCM5qF4Wi6k=; b=v3EIYhd8A5KaeE6SeYgRGWnU2HNkBTL+CUbZM73+VGmH+qRIZKglisMhsXlc3OyLOZklaB nSPThNEbtXccWcAQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 8B683133E0; Thu, 16 Mar 2023 18:14:19 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id gP+OHntcE2RtXAAAMHmgww (envelope-from ); Thu, 16 Mar 2023 18:14:19 +0000 Received: from localhost (brahms.olymp [local]) by brahms.olymp (OpenSMTPD) with ESMTPA id 2900566f; Thu, 16 Mar 2023 18:14:14 +0000 (UTC) From: =?utf-8?q?Lu=C3=ADs_Henriques?= To: Eric Biggers , Xiubo Li , Jeff Layton Cc: "Theodore Y. Ts'o" , Jaegeuk Kim , Ilya Dryomov , linux-fscrypt@vger.kernel.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, =?utf-8?q?Lu?= =?utf-8?q?=C3=ADs_Henriques?= Subject: [PATCH v3 2/3] ceph: switch ceph_open() to use new fscrypt helper Date: Thu, 16 Mar 2023 18:14:12 +0000 Message-Id: <20230316181413.26916-3-lhenriques@suse.de> In-Reply-To: <20230316181413.26916-1-lhenriques@suse.de> References: <20230316181413.26916-1-lhenriques@suse.de> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org Instead of setting the no-key dentry in ceph_lookup(), use the new fscrypt_prepare_lookup_partial() helper. We still need to mark the directory as incomplete if the directory was just unlocked. Signed-off-by: Luís Henriques --- fs/ceph/dir.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index d8cc6e9d5351..836bc695e2e0 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -784,14 +784,15 @@ static struct dentry *ceph_lookup(struct inode *dir, struct dentry *dentry, return ERR_PTR(-ENAMETOOLONG); if (IS_ENCRYPTED(dir)) { - err = ceph_fscrypt_prepare_readdir(dir); + bool had_key = fscrypt_has_encryption_key(dir); + + err = fscrypt_prepare_lookup_partial(dir, dentry); if (err < 0) return ERR_PTR(err); - if (!fscrypt_has_encryption_key(dir)) { - spin_lock(&dentry->d_lock); - dentry->d_flags |= DCACHE_NOKEY_NAME; - spin_unlock(&dentry->d_lock); - } + + /* mark directory as incomplete if it has been unlocked */ + if (!had_key && fscrypt_has_encryption_key(dir)) + ceph_dir_clear_complete(dir); } /* can we conclude ENOENT locally? */ From patchwork Thu Mar 16 18:14:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Luis Henriques X-Patchwork-Id: 13178173 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46A83C6FD1F for ; Thu, 16 Mar 2023 18:14:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230023AbjCPSOZ (ORCPT ); Thu, 16 Mar 2023 14:14:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36408 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229673AbjCPSOX (ORCPT ); Thu, 16 Mar 2023 14:14:23 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 318C03C29; Thu, 16 Mar 2023 11:14:21 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 5FEB121A3E; Thu, 16 Mar 2023 18:14:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1678990460; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ys7W/BlXDmm4G821Jj5LyZgWOPhf76cJGQQhxQ4c34I=; b=kAQMTgf1sddeWIlVDf3bOv/6ZY7B8wPHVNdWEWzblQm0Pu4DTeRJnr0ksZV6QLqQV/SYFR +YIl0wRkXPHmD/v64a7A3iCQCLQZwMtIdRNANyco4cy85j/JcdVSx1paUlp2sLSPBGrQ2v eSvRW5xCItvoHcry8/EpvksC8imVPQU= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1678990460; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ys7W/BlXDmm4G821Jj5LyZgWOPhf76cJGQQhxQ4c34I=; b=oay+gei83CZIKC6CB+aSWoub6wLIe7wrGA3olEGCmukQGJgp0VLBA+NTRWILb0+PT7Wx5Q I8pm3uruKntyKrDw== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id AD58913A71; Thu, 16 Mar 2023 18:14:19 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id /lyoJntcE2SDXAAAMHmgww (envelope-from ); Thu, 16 Mar 2023 18:14:19 +0000 Received: from localhost (brahms.olymp [local]) by brahms.olymp (OpenSMTPD) with ESMTPA id 04237c26; Thu, 16 Mar 2023 18:14:14 +0000 (UTC) From: =?utf-8?q?Lu=C3=ADs_Henriques?= To: Eric Biggers , Xiubo Li , Jeff Layton Cc: "Theodore Y. Ts'o" , Jaegeuk Kim , Ilya Dryomov , linux-fscrypt@vger.kernel.org, ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, =?utf-8?q?Lu?= =?utf-8?q?=C3=ADs_Henriques?= Subject: [PATCH v3 3/3] ceph: switch ceph_open_atomic() to use the new fscrypt helper Date: Thu, 16 Mar 2023 18:14:13 +0000 Message-Id: <20230316181413.26916-4-lhenriques@suse.de> In-Reply-To: <20230316181413.26916-1-lhenriques@suse.de> References: <20230316181413.26916-1-lhenriques@suse.de> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org Switch ceph_atomic_open() to use new fscrypt helper function fscrypt_prepare_lookup_partial(). This fixes a bug in the atomic open operation where a dentry is incorrectly set with DCACHE_NOKEY_NAME when 'dir' has been evicted but the key is still available (for example, where there's a drop_caches). Signed-off-by: Luís Henriques --- fs/ceph/file.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/fs/ceph/file.c b/fs/ceph/file.c index dee3b445f415..2448d0f1a9ea 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -795,11 +795,9 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, ihold(dir); if (IS_ENCRYPTED(dir)) { set_bit(CEPH_MDS_R_FSCRYPT_FILE, &req->r_req_flags); - if (!fscrypt_has_encryption_key(dir)) { - spin_lock(&dentry->d_lock); - dentry->d_flags |= DCACHE_NOKEY_NAME; - spin_unlock(&dentry->d_lock); - } + err = fscrypt_prepare_lookup_partial(dir, dentry); + if (err < 0) + goto out_req; } if (flags & O_CREAT) {