| Message ID | 1557307654-673-1-git-send-email-hongjiefang@asrmicro.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [V2] fscrypt: don't set policy for a dead directory | expand |
> From: Sasha Levin [mailto:sashal@kernel.org] > Sent: Wednesday, May 08, 2019 11:56 PM > To: Sasha Levin; Fang Hongjie(方洪杰); tytso@mit.edu; jaegeuk@kernel.org; > ebiggers@kernel.org > Cc: linux-fscrypt@vger.kernel.org; stable@vger.kernel.org > Subject: Re: [PATCH V2] fscrypt: don't set policy for a dead directory > > Hi, > > [This is an automated email] > > This commit has been processed because it contains a "Fixes:" tag, > fixing commit: 9bd8212f981e ext4 crypto: add encryption policy and password salt > support. > > The bot has tested the following trees: v5.0.13, v4.19.40, v4.14.116, v4.9.173, v4.4.179. > > v5.0.13: Build OK! > v4.19.40: Build OK! > v4.14.116: Build OK! > v4.9.173: Failed to apply! Possible dependencies: > Unable to calculate > > v4.4.179: Failed to apply! Possible dependencies: > 002ced4be642 ("fscrypto: only allow setting encryption policy on directories") > 0b81d0779072 ("fs crypto: move per-file encryption from f2fs tree to fs/crypto") > 0cab80ee0c9e ("f2fs: fix to convert inline inode in ->setattr") > 0fac2d501b0d ("f2fs crypto: fix spelling typo in comment") > 0fd785eb931d ("f2fs: relocate is_merged_page") > 1dafa51d45c6 ("f2fs crypto: check for too-short encrypted file names") > 36b35a0dbe90 ("f2fs: support data flush in background") > 55d1cdb25a81 ("f2fs: relocate tracepoint of write_checkpoint") > 6b2553918d8b ("replace ->follow_link() with new method that could stay in > RCU mode") > 6beceb5427aa ("f2fs: introduce time and interval facility") > 8dc0d6a11e7d ("f2fs: early check broken symlink length in the encrypted case") > 922ec355f863 ("f2fs crypto: avoid unneeded memory allocation when > {en/de}crypting symlink") > 9e8925b67a80 ("locks: Allow disabling mandatory locking at compile time") > a263669fa18f ("f2fs crypto: sync with ext4's fname padding") > ae1086686487 ("f2fs crypto: handle unexpected lack of encryption keys") > b9d777b85ff1 ("f2fs: check inline_data flag at converting time") > ce855a3bd092 ("f2fs crypto: f2fs_page_crypto() doesn't need a encryption > context") > d0239e1bf520 ("f2fs: detect idle time depending on user behavior") > d323d005ac4a ("f2fs: support file defragment") > dffd0cfa06d4 ("fscrypt: use ENOTDIR when setting encryption policy on > nondirectory") > ed3360abbc04 ("f2fs crypto: make sure the encryption info is initialized on > opendir(2)") > > > How should we proceed with this patch? There is not a "fs/crypto" directory for kernel v4.4.179. Perhaps it is not still necessary to test it on this tree. > > -- > Thanks, > Sasha B&R Hongjie
On Thu, May 09, 2019 at 11:04:50AM +0000, Fang Hongjie(方洪杰) wrote: > > > From: Sasha Levin [mailto:sashal@kernel.org] > > Sent: Wednesday, May 08, 2019 11:56 PM > > To: Sasha Levin; Fang Hongjie(方洪杰); tytso@mit.edu; jaegeuk@kernel.org; > > ebiggers@kernel.org > > Cc: linux-fscrypt@vger.kernel.org; stable@vger.kernel.org > > Subject: Re: [PATCH V2] fscrypt: don't set policy for a dead directory > > > > Hi, > > > > [This is an automated email] > > > > This commit has been processed because it contains a "Fixes:" tag, > > fixing commit: 9bd8212f981e ext4 crypto: add encryption policy and password salt > > support. > > > > The bot has tested the following trees: v5.0.13, v4.19.40, v4.14.116, v4.9.173, v4.4.179. > > > > v5.0.13: Build OK! > > v4.19.40: Build OK! > > v4.14.116: Build OK! > > v4.9.173: Failed to apply! Possible dependencies: > > Unable to calculate > > > > v4.4.179: Failed to apply! Possible dependencies: > > 002ced4be642 ("fscrypto: only allow setting encryption policy on directories") > > 0b81d0779072 ("fs crypto: move per-file encryption from f2fs tree to fs/crypto") > > 0cab80ee0c9e ("f2fs: fix to convert inline inode in ->setattr") > > 0fac2d501b0d ("f2fs crypto: fix spelling typo in comment") > > 0fd785eb931d ("f2fs: relocate is_merged_page") > > 1dafa51d45c6 ("f2fs crypto: check for too-short encrypted file names") > > 36b35a0dbe90 ("f2fs: support data flush in background") > > 55d1cdb25a81 ("f2fs: relocate tracepoint of write_checkpoint") > > 6b2553918d8b ("replace ->follow_link() with new method that could stay in > > RCU mode") > > 6beceb5427aa ("f2fs: introduce time and interval facility") > > 8dc0d6a11e7d ("f2fs: early check broken symlink length in the encrypted case") > > 922ec355f863 ("f2fs crypto: avoid unneeded memory allocation when > > {en/de}crypting symlink") > > 9e8925b67a80 ("locks: Allow disabling mandatory locking at compile time") > > a263669fa18f ("f2fs crypto: sync with ext4's fname padding") > > ae1086686487 ("f2fs crypto: handle unexpected lack of encryption keys") > > b9d777b85ff1 ("f2fs: check inline_data flag at converting time") > > ce855a3bd092 ("f2fs crypto: f2fs_page_crypto() doesn't need a encryption > > context") > > d0239e1bf520 ("f2fs: detect idle time depending on user behavior") > > d323d005ac4a ("f2fs: support file defragment") > > dffd0cfa06d4 ("fscrypt: use ENOTDIR when setting encryption policy on > > nondirectory") > > ed3360abbc04 ("f2fs crypto: make sure the encryption info is initialized on > > opendir(2)") > > > > > > How should we proceed with this patch? > > There is not a "fs/crypto" directory for kernel v4.4.179. > Perhaps it is not still necessary to test it on this tree. > In 4.4 the code was in fs/ext4/ rather than fs/crypto/, so it will need to be backported to there. That's for *after* this patch is applied and reaches mainline, of course. There's nothing to backport before then. - Eric
On Wed, May 08, 2019 at 05:27:34PM +0800, hongjiefang wrote: > the directory maybe has been removed when enter fscrypt_ioctl_set_policy(). > it this case, the empty_dir() check will return error for ext4 file system. > > ext4_rmdir() sets i_size = 0, then ext4_empty_dir() reports an error > because 'inode->i_size < EXT4_DIR_REC_LEN(1) + EXT4_DIR_REC_LEN(2)'. > if the fs is mounted with errors=panic, it will trigger a panic issue. > > add the check IS_DEADDIR() to fix this problem. > > Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt support") > Cc: <stable@vger.kernel.org> # v4.1+ > Signed-off-by: hongjiefang <hongjiefang@asrmicro.com> Reviewed-by: Eric Biggers <ebiggers@google.com> FYI, the part of the Author and Signed-off-by lines outside the email address should be your name properly formatted, not the email address again. I see the following in another kernel commit from you; is it correct? Hongjie Fang <hongjiefang@asrmicro.com> If so, please set user.name accordingly in your .gitconfig. Thanks! - Eric > --- > fs/crypto/policy.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c > index bd7eaf9..a4eca6e 100644 > --- a/fs/crypto/policy.c > +++ b/fs/crypto/policy.c > @@ -81,6 +81,8 @@ int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg) > if (ret == -ENODATA) { > if (!S_ISDIR(inode->i_mode)) > ret = -ENOTDIR; > + else if (IS_DEADDIR(inode)) > + ret = -ENOENT; > else if (!inode->i_sb->s_cop->empty_dir(inode)) > ret = -ENOTEMPTY; > else > -- > 1.9.1 >
> From: Eric Biggers [mailto:ebiggers@kernel.org] > Sent: Friday, May 10, 2019 3:32 AM > To: Fang Hongjie(方洪杰) > Cc: tytso@mit.edu; jaegeuk@kernel.org; linux-fscrypt@vger.kernel.org; > stable@vger.kernel.org > Subject: Re: [PATCH V2] fscrypt: don't set policy for a dead directory > > On Wed, May 08, 2019 at 05:27:34PM +0800, hongjiefang wrote: > > the directory maybe has been removed when enter fscrypt_ioctl_set_policy(). > > it this case, the empty_dir() check will return error for ext4 file system. > > > > ext4_rmdir() sets i_size = 0, then ext4_empty_dir() reports an error > > because 'inode->i_size < EXT4_DIR_REC_LEN(1) + EXT4_DIR_REC_LEN(2)'. > > if the fs is mounted with errors=panic, it will trigger a panic issue. > > > > add the check IS_DEADDIR() to fix this problem. > > > > Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt > support") > > Cc: <stable@vger.kernel.org> # v4.1+ > > Signed-off-by: hongjiefang <hongjiefang@asrmicro.com> > > Reviewed-by: Eric Biggers <ebiggers@google.com> > > FYI, the part of the Author and Signed-off-by lines outside the email address > should be your name properly formatted, not the email address again. I see the > following in another kernel commit from you; is it correct? > > Hongjie Fang <hongjiefang@asrmicro.com> > > If so, please set user.name accordingly in your .gitconfig. Thanks! Thanks for your reminder. I will update them. > > - Eric > > > --- > > fs/crypto/policy.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c > > index bd7eaf9..a4eca6e 100644 > > --- a/fs/crypto/policy.c > > +++ b/fs/crypto/policy.c > > @@ -81,6 +81,8 @@ int fscrypt_ioctl_set_policy(struct file *filp, const void __user > *arg) > > if (ret == -ENODATA) { > > if (!S_ISDIR(inode->i_mode)) > > ret = -ENOTDIR; > > + else if (IS_DEADDIR(inode)) > > + ret = -ENOENT; > > else if (!inode->i_sb->s_cop->empty_dir(inode)) > > ret = -ENOTEMPTY; > > else > > -- > > 1.9.1 > >
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c index bd7eaf9..a4eca6e 100644 --- a/fs/crypto/policy.c +++ b/fs/crypto/policy.c @@ -81,6 +81,8 @@ int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg) if (ret == -ENODATA) { if (!S_ISDIR(inode->i_mode)) ret = -ENOTDIR; + else if (IS_DEADDIR(inode)) + ret = -ENOENT; else if (!inode->i_sb->s_cop->empty_dir(inode)) ret = -ENOTEMPTY; else
the directory maybe has been removed when enter fscrypt_ioctl_set_policy(). it this case, the empty_dir() check will return error for ext4 file system. ext4_rmdir() sets i_size = 0, then ext4_empty_dir() reports an error because 'inode->i_size < EXT4_DIR_REC_LEN(1) + EXT4_DIR_REC_LEN(2)'. if the fs is mounted with errors=panic, it will trigger a panic issue. add the check IS_DEADDIR() to fix this problem. Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt support") Cc: <stable@vger.kernel.org> # v4.1+ Signed-off-by: hongjiefang <hongjiefang@asrmicro.com> --- fs/crypto/policy.c | 2 ++ 1 file changed, 2 insertions(+)