diff mbox series

[RFC,v7,06/24] ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces

Message ID 20210625135834.12934-7-jlayton@kernel.org (mailing list archive)
State Not Applicable
Headers show
Series ceph+fscrypt: context, filename and symlink support | expand

Commit Message

Jeff Layton June 25, 2021, 1:58 p.m. UTC
...and store them in the ceph_inode_info.

Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
 fs/ceph/file.c       |  2 ++
 fs/ceph/inode.c      | 18 ++++++++++++++++++
 fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
 fs/ceph/mds_client.h |  4 ++++
 fs/ceph/super.h      |  6 ++++++
 5 files changed, 74 insertions(+)

Comments

Xiubo Li July 7, 2021, 3:53 a.m. UTC | #1
On 6/25/21 9:58 PM, Jeff Layton wrote:
> ...and store them in the ceph_inode_info.
>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
>   fs/ceph/file.c       |  2 ++
>   fs/ceph/inode.c      | 18 ++++++++++++++++++
>   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
>   fs/ceph/mds_client.h |  4 ++++
>   fs/ceph/super.h      |  6 ++++++
>   5 files changed, 74 insertions(+)
>
> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> index 2cda398ba64d..ea0e85075b7b 100644
> --- a/fs/ceph/file.c
> +++ b/fs/ceph/file.c
> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
>   	iinfo.xattr_data = xattr_buf;
>   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
>   
> +	/* FIXME: set fscrypt_auth and fscrypt_file */
> +
>   	in.ino = cpu_to_le64(vino.ino);
>   	in.snapid = cpu_to_le64(CEPH_NOSNAP);
>   	in.version = cpu_to_le64(1);	// ???
> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> index f62785e4dbcb..b620281ea65b 100644
> --- a/fs/ceph/inode.c
> +++ b/fs/ceph/inode.c
> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
>   
>   	ci->i_meta_err = 0;
>   
> +#ifdef CONFIG_FS_ENCRYPTION
> +	ci->fscrypt_auth = NULL;
> +	ci->fscrypt_auth_len = 0;
> +	ci->fscrypt_file = NULL;
> +	ci->fscrypt_file_len = 0;
> +#endif
> +
>   	return &ci->vfs_inode;
>   }
>   
> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
>   	struct ceph_inode_info *ci = ceph_inode(inode);
>   
>   	kfree(ci->i_symlink);
> +#ifdef CONFIG_FS_ENCRYPTION
> +	kfree(ci->fscrypt_auth);
> +#endif
>   	kmem_cache_free(ceph_inode_cachep, ci);
>   }
>   
> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
>   		xattr_blob = NULL;
>   	}
>   
> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
> +		ci->fscrypt_auth = iinfo->fscrypt_auth;
> +		iinfo->fscrypt_auth = NULL;
> +		iinfo->fscrypt_auth_len = 0;
> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
> +	}
> +
>   	/* finally update i_version */
>   	if (le64_to_cpu(info->version) > ci->i_version)
>   		ci->i_version = le64_to_cpu(info->version);
> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
> index 3b3a14024ca0..9c994effc51d 100644
> --- a/fs/ceph/mds_client.c
> +++ b/fs/ceph/mds_client.c
> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,
>   			info->rsnaps = 0;
>   		}
>   
> +		if (struct_v >= 5) {
> +			u32 alen;
> +
> +			ceph_decode_32_safe(p, end, alen, bad);
> +
> +			while (alen--) {
> +				u32 len;
> +
> +				/* key */
> +				ceph_decode_32_safe(p, end, len, bad);
> +				ceph_decode_skip_n(p, end, len, bad);
> +				/* value */
> +				ceph_decode_32_safe(p, end, len, bad);
> +				ceph_decode_skip_n(p, end, len, bad);
> +			}
> +		}
> +
> +		/* fscrypt flag -- ignore */
> +		if (struct_v >= 6)
> +			ceph_decode_skip_8(p, end, bad);
> +
> +		if (struct_v >= 7) {
> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
> +			if (info->fscrypt_auth_len) {
> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
> +				if (!info->fscrypt_auth)
> +					return -ENOMEM;
> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
> +						      info->fscrypt_auth_len, bad);
> +			}
> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
> +			if (info->fscrypt_file_len) {
> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
> +				if (!info->fscrypt_file)
> +					return -ENOMEM;

Should we kfree(info->fscrypt_auth) before return ?

I didn't anywhere is freeing it.

Thanks.


> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,
> +						      info->fscrypt_file_len, bad);
> +			}
> +		}
>   		*p = end;
>   	} else {
> +		/* legacy (unversioned) struct */
>   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
>   			ceph_decode_64_safe(p, end, info->inline_version, bad);
>   			ceph_decode_32_safe(p, end, info->inline_len, bad);
> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
>   
>   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
>   {
> +	kfree(info->diri.fscrypt_auth);
> +	kfree(info->diri.fscrypt_file);
> +	kfree(info->targeti.fscrypt_auth);
> +	kfree(info->targeti.fscrypt_file);
>   	if (!info->dir_entries)
>   		return;
>   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
> index 64ea9d853b8d..0c3cc61fd038 100644
> --- a/fs/ceph/mds_client.h
> +++ b/fs/ceph/mds_client.h
> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {
>   	s32 dir_pin;
>   	struct ceph_timespec btime;
>   	struct ceph_timespec snap_btime;
> +	u8 *fscrypt_auth;
> +	u8 *fscrypt_file;
> +	u32 fscrypt_auth_len;
> +	u32 fscrypt_file_len;
>   	u64 rsnaps;
>   	u64 change_attr;
>   };
> diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> index 0cd94b296f5f..e032737fe472 100644
> --- a/fs/ceph/super.h
> +++ b/fs/ceph/super.h
> @@ -429,6 +429,12 @@ struct ceph_inode_info {
>   
>   #ifdef CONFIG_CEPH_FSCACHE
>   	struct fscache_cookie *fscache;
> +#endif
> +#ifdef CONFIG_FS_ENCRYPTION
> +	u32 fscrypt_auth_len;
> +	u32 fscrypt_file_len;
> +	u8 *fscrypt_auth;
> +	u8 *fscrypt_file;
>   #endif
>   	errseq_t i_meta_err;
>
Luis Henriques July 7, 2021, 10:47 a.m. UTC | #2
On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
> ...and store them in the ceph_inode_info.
> 
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
>  fs/ceph/file.c       |  2 ++
>  fs/ceph/inode.c      | 18 ++++++++++++++++++
>  fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
>  fs/ceph/mds_client.h |  4 ++++
>  fs/ceph/super.h      |  6 ++++++
>  5 files changed, 74 insertions(+)
> 
> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> index 2cda398ba64d..ea0e85075b7b 100644
> --- a/fs/ceph/file.c
> +++ b/fs/ceph/file.c
> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
>  	iinfo.xattr_data = xattr_buf;
>  	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
>  
> +	/* FIXME: set fscrypt_auth and fscrypt_file */
> +
>  	in.ino = cpu_to_le64(vino.ino);
>  	in.snapid = cpu_to_le64(CEPH_NOSNAP);
>  	in.version = cpu_to_le64(1);	// ???
> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> index f62785e4dbcb..b620281ea65b 100644
> --- a/fs/ceph/inode.c
> +++ b/fs/ceph/inode.c
> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
>  
>  	ci->i_meta_err = 0;
>  
> +#ifdef CONFIG_FS_ENCRYPTION
> +	ci->fscrypt_auth = NULL;
> +	ci->fscrypt_auth_len = 0;
> +	ci->fscrypt_file = NULL;
> +	ci->fscrypt_file_len = 0;
> +#endif
> +
>  	return &ci->vfs_inode;
>  }
>  
> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
>  	struct ceph_inode_info *ci = ceph_inode(inode);
>  
>  	kfree(ci->i_symlink);
> +#ifdef CONFIG_FS_ENCRYPTION
> +	kfree(ci->fscrypt_auth);
> +#endif
>  	kmem_cache_free(ceph_inode_cachep, ci);
>  }
>  
> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
>  		xattr_blob = NULL;
>  	}
>  
> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
> +		ci->fscrypt_auth = iinfo->fscrypt_auth;
> +		iinfo->fscrypt_auth = NULL;
> +		iinfo->fscrypt_auth_len = 0;
> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
> +	}

I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
is already set.  Something like:

	if (iinfo->fscrypt_auth_len) {
		if (!ci->fscrypt_auth) {
			...
		} else {
			kfree(iinfo->fscrypt_auth);
			iinfo->fscrypt_auth = NULL;
		}
	}

> +
>  	/* finally update i_version */
>  	if (le64_to_cpu(info->version) > ci->i_version)
>  		ci->i_version = le64_to_cpu(info->version);
> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
> index 3b3a14024ca0..9c994effc51d 100644
> --- a/fs/ceph/mds_client.c
> +++ b/fs/ceph/mds_client.c
> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,
>  			info->rsnaps = 0;
>  		}
>  
> +		if (struct_v >= 5) {
> +			u32 alen;
> +
> +			ceph_decode_32_safe(p, end, alen, bad);
> +
> +			while (alen--) {
> +				u32 len;
> +
> +				/* key */
> +				ceph_decode_32_safe(p, end, len, bad);
> +				ceph_decode_skip_n(p, end, len, bad);
> +				/* value */
> +				ceph_decode_32_safe(p, end, len, bad);
> +				ceph_decode_skip_n(p, end, len, bad);
> +			}
> +		}
> +
> +		/* fscrypt flag -- ignore */
> +		if (struct_v >= 6)
> +			ceph_decode_skip_8(p, end, bad);
> +
> +		if (struct_v >= 7) {
> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
> +			if (info->fscrypt_auth_len) {
> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
> +				if (!info->fscrypt_auth)
> +					return -ENOMEM;
> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
> +						      info->fscrypt_auth_len, bad);
> +			}
> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
> +			if (info->fscrypt_file_len) {
> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
> +				if (!info->fscrypt_file)
> +					return -ENOMEM;

As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing
in this error path.

Cheers,
--
Luís

> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,
> +						      info->fscrypt_file_len, bad);
> +			}
> +		}
>  		*p = end;
>  	} else {
> +		/* legacy (unversioned) struct */
>  		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
>  			ceph_decode_64_safe(p, end, info->inline_version, bad);
>  			ceph_decode_32_safe(p, end, info->inline_len, bad);
> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
>  
>  static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
>  {
> +	kfree(info->diri.fscrypt_auth);
> +	kfree(info->diri.fscrypt_file);
> +	kfree(info->targeti.fscrypt_auth);
> +	kfree(info->targeti.fscrypt_file);
>  	if (!info->dir_entries)
>  		return;
>  	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
> index 64ea9d853b8d..0c3cc61fd038 100644
> --- a/fs/ceph/mds_client.h
> +++ b/fs/ceph/mds_client.h
> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {
>  	s32 dir_pin;
>  	struct ceph_timespec btime;
>  	struct ceph_timespec snap_btime;
> +	u8 *fscrypt_auth;
> +	u8 *fscrypt_file;
> +	u32 fscrypt_auth_len;
> +	u32 fscrypt_file_len;
>  	u64 rsnaps;
>  	u64 change_attr;
>  };
> diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> index 0cd94b296f5f..e032737fe472 100644
> --- a/fs/ceph/super.h
> +++ b/fs/ceph/super.h
> @@ -429,6 +429,12 @@ struct ceph_inode_info {
>  
>  #ifdef CONFIG_CEPH_FSCACHE
>  	struct fscache_cookie *fscache;
> +#endif
> +#ifdef CONFIG_FS_ENCRYPTION
> +	u32 fscrypt_auth_len;
> +	u32 fscrypt_file_len;
> +	u8 *fscrypt_auth;
> +	u8 *fscrypt_file;
>  #endif
>  	errseq_t i_meta_err;
>  
> -- 
> 2.31.1
>
Xiubo Li July 7, 2021, 11:19 a.m. UTC | #3
On 7/7/21 6:47 PM, Luis Henriques wrote:
> On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
>> ...and store them in the ceph_inode_info.
>>
>> Signed-off-by: Jeff Layton <jlayton@kernel.org>
>> ---
>>   fs/ceph/file.c       |  2 ++
>>   fs/ceph/inode.c      | 18 ++++++++++++++++++
>>   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
>>   fs/ceph/mds_client.h |  4 ++++
>>   fs/ceph/super.h      |  6 ++++++
>>   5 files changed, 74 insertions(+)
>>
>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
>> index 2cda398ba64d..ea0e85075b7b 100644
>> --- a/fs/ceph/file.c
>> +++ b/fs/ceph/file.c
>> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
>>   	iinfo.xattr_data = xattr_buf;
>>   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
>>   
>> +	/* FIXME: set fscrypt_auth and fscrypt_file */
>> +
>>   	in.ino = cpu_to_le64(vino.ino);
>>   	in.snapid = cpu_to_le64(CEPH_NOSNAP);
>>   	in.version = cpu_to_le64(1);	// ???
>> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
>> index f62785e4dbcb..b620281ea65b 100644
>> --- a/fs/ceph/inode.c
>> +++ b/fs/ceph/inode.c
>> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
>>   
>>   	ci->i_meta_err = 0;
>>   
>> +#ifdef CONFIG_FS_ENCRYPTION
>> +	ci->fscrypt_auth = NULL;
>> +	ci->fscrypt_auth_len = 0;
>> +	ci->fscrypt_file = NULL;
>> +	ci->fscrypt_file_len = 0;
>> +#endif
>> +
>>   	return &ci->vfs_inode;
>>   }
>>   
>> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
>>   	struct ceph_inode_info *ci = ceph_inode(inode);
>>   
>>   	kfree(ci->i_symlink);
>> +#ifdef CONFIG_FS_ENCRYPTION
>> +	kfree(ci->fscrypt_auth);
>> +#endif
>>   	kmem_cache_free(ceph_inode_cachep, ci);
>>   }
>>   
>> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
>>   		xattr_blob = NULL;
>>   	}
>>   
>> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
>> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
>> +		ci->fscrypt_auth = iinfo->fscrypt_auth;
>> +		iinfo->fscrypt_auth = NULL;
>> +		iinfo->fscrypt_auth_len = 0;
>> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
>> +	}
> I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
> is already set.  Something like:
>
> 	if (iinfo->fscrypt_auth_len) {
> 		if (!ci->fscrypt_auth) {
> 			...
> 		} else {
> 			kfree(iinfo->fscrypt_auth);
> 			iinfo->fscrypt_auth = NULL;
> 		}
> 	}
>
IMO, this should be okay because it will be freed in 
destroy_reply_info() when putting the request.


>> +
>>   	/* finally update i_version */
>>   	if (le64_to_cpu(info->version) > ci->i_version)
>>   		ci->i_version = le64_to_cpu(info->version);
>> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
>> index 3b3a14024ca0..9c994effc51d 100644
>> --- a/fs/ceph/mds_client.c
>> +++ b/fs/ceph/mds_client.c
>> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,
>>   			info->rsnaps = 0;
>>   		}
>>   
>> +		if (struct_v >= 5) {
>> +			u32 alen;
>> +
>> +			ceph_decode_32_safe(p, end, alen, bad);
>> +
>> +			while (alen--) {
>> +				u32 len;
>> +
>> +				/* key */
>> +				ceph_decode_32_safe(p, end, len, bad);
>> +				ceph_decode_skip_n(p, end, len, bad);
>> +				/* value */
>> +				ceph_decode_32_safe(p, end, len, bad);
>> +				ceph_decode_skip_n(p, end, len, bad);
>> +			}
>> +		}
>> +
>> +		/* fscrypt flag -- ignore */
>> +		if (struct_v >= 6)
>> +			ceph_decode_skip_8(p, end, bad);
>> +
>> +		if (struct_v >= 7) {
>> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
>> +			if (info->fscrypt_auth_len) {
>> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
>> +				if (!info->fscrypt_auth)
>> +					return -ENOMEM;
>> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
>> +						      info->fscrypt_auth_len, bad);
>> +			}
>> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
>> +			if (info->fscrypt_file_len) {
>> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
>> +				if (!info->fscrypt_file)
>> +					return -ENOMEM;
> As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing
> in this error path.
>
> Cheers,
> --
> Luís
>
>> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,
>> +						      info->fscrypt_file_len, bad);
>> +			}
>> +		}
>>   		*p = end;
>>   	} else {
>> +		/* legacy (unversioned) struct */
>>   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
>>   			ceph_decode_64_safe(p, end, info->inline_version, bad);
>>   			ceph_decode_32_safe(p, end, info->inline_len, bad);
>> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
>>   
>>   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
>>   {
>> +	kfree(info->diri.fscrypt_auth);
>> +	kfree(info->diri.fscrypt_file);
>> +	kfree(info->targeti.fscrypt_auth);
>> +	kfree(info->targeti.fscrypt_file);
>>   	if (!info->dir_entries)
>>   		return;
>>   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
>> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
>> index 64ea9d853b8d..0c3cc61fd038 100644
>> --- a/fs/ceph/mds_client.h
>> +++ b/fs/ceph/mds_client.h
>> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {
>>   	s32 dir_pin;
>>   	struct ceph_timespec btime;
>>   	struct ceph_timespec snap_btime;
>> +	u8 *fscrypt_auth;
>> +	u8 *fscrypt_file;
>> +	u32 fscrypt_auth_len;
>> +	u32 fscrypt_file_len;
>>   	u64 rsnaps;
>>   	u64 change_attr;
>>   };
>> diff --git a/fs/ceph/super.h b/fs/ceph/super.h
>> index 0cd94b296f5f..e032737fe472 100644
>> --- a/fs/ceph/super.h
>> +++ b/fs/ceph/super.h
>> @@ -429,6 +429,12 @@ struct ceph_inode_info {
>>   
>>   #ifdef CONFIG_CEPH_FSCACHE
>>   	struct fscache_cookie *fscache;
>> +#endif
>> +#ifdef CONFIG_FS_ENCRYPTION
>> +	u32 fscrypt_auth_len;
>> +	u32 fscrypt_file_len;
>> +	u8 *fscrypt_auth;
>> +	u8 *fscrypt_file;
>>   #endif
>>   	errseq_t i_meta_err;
>>   
>> -- 
>> 2.31.1
>>
Jeff Layton July 7, 2021, 12:09 p.m. UTC | #4
On Wed, 2021-07-07 at 11:53 +0800, Xiubo Li wrote:
> On 6/25/21 9:58 PM, Jeff Layton wrote:
> > ...and store them in the ceph_inode_info.
> > 
> > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > ---
> >   fs/ceph/file.c       |  2 ++
> >   fs/ceph/inode.c      | 18 ++++++++++++++++++
> >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
> >   fs/ceph/mds_client.h |  4 ++++
> >   fs/ceph/super.h      |  6 ++++++
> >   5 files changed, 74 insertions(+)
> > 
> > diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> > index 2cda398ba64d..ea0e85075b7b 100644
> > --- a/fs/ceph/file.c
> > +++ b/fs/ceph/file.c
> > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
> >   	iinfo.xattr_data = xattr_buf;
> >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
> >   
> > +	/* FIXME: set fscrypt_auth and fscrypt_file */
> > +
> >   	in.ino = cpu_to_le64(vino.ino);
> >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);
> >   	in.version = cpu_to_le64(1);	// ???
> > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > index f62785e4dbcb..b620281ea65b 100644
> > --- a/fs/ceph/inode.c
> > +++ b/fs/ceph/inode.c
> > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
> >   
> >   	ci->i_meta_err = 0;
> >   
> > +#ifdef CONFIG_FS_ENCRYPTION
> > +	ci->fscrypt_auth = NULL;
> > +	ci->fscrypt_auth_len = 0;
> > +	ci->fscrypt_file = NULL;
> > +	ci->fscrypt_file_len = 0;
> > +#endif
> > +
> >   	return &ci->vfs_inode;
> >   }
> >   
> > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
> >   	struct ceph_inode_info *ci = ceph_inode(inode);
> >   
> >   	kfree(ci->i_symlink);
> > +#ifdef CONFIG_FS_ENCRYPTION
> > +	kfree(ci->fscrypt_auth);
> > +#endif
> >   	kmem_cache_free(ceph_inode_cachep, ci);
> >   }
> >   
> > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
> >   		xattr_blob = NULL;
> >   	}
> >   
> > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
> > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
> > +		ci->fscrypt_auth = iinfo->fscrypt_auth;
> > +		iinfo->fscrypt_auth = NULL;
> > +		iinfo->fscrypt_auth_len = 0;
> > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
> > +	}
> > +
> >   	/* finally update i_version */
> >   	if (le64_to_cpu(info->version) > ci->i_version)
> >   		ci->i_version = le64_to_cpu(info->version);
> > diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
> > index 3b3a14024ca0..9c994effc51d 100644
> > --- a/fs/ceph/mds_client.c
> > +++ b/fs/ceph/mds_client.c
> > @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,
> >   			info->rsnaps = 0;
> >   		}
> >   
> > +		if (struct_v >= 5) {
> > +			u32 alen;
> > +
> > +			ceph_decode_32_safe(p, end, alen, bad);
> > +
> > +			while (alen--) {
> > +				u32 len;
> > +
> > +				/* key */
> > +				ceph_decode_32_safe(p, end, len, bad);
> > +				ceph_decode_skip_n(p, end, len, bad);
> > +				/* value */
> > +				ceph_decode_32_safe(p, end, len, bad);
> > +				ceph_decode_skip_n(p, end, len, bad);
> > +			}
> > +		}
> > +
> > +		/* fscrypt flag -- ignore */
> > +		if (struct_v >= 6)
> > +			ceph_decode_skip_8(p, end, bad);
> > +
> > +		if (struct_v >= 7) {
> > +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
> > +			if (info->fscrypt_auth_len) {
> > +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
> > +				if (!info->fscrypt_auth)
> > +					return -ENOMEM;
> > +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
> > +						      info->fscrypt_auth_len, bad);
> > +			}
> > +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
> > +			if (info->fscrypt_file_len) {
> > +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
> > +				if (!info->fscrypt_file)
> > +					return -ENOMEM;
> 
> Should we kfree(info->fscrypt_auth) before return ?
> 
> I didn't anywhere is freeing it.
> 

It'll get freed in destroy_reply_info(). We could do it here, but it
should be fine to wait until we're tearing the "info" structure down.

> 
> 
> > +				ceph_decode_copy_safe(p, end, info->fscrypt_file,
> > +						      info->fscrypt_file_len, bad);
> > +			}
> > +		}
> >   		*p = end;
> >   	} else {
> > +		/* legacy (unversioned) struct */
> >   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
> >   			ceph_decode_64_safe(p, end, info->inline_version, bad);
> >   			ceph_decode_32_safe(p, end, info->inline_len, bad);
> > @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
> >   
> >   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
> >   {
> > +	kfree(info->diri.fscrypt_auth);
> > +	kfree(info->diri.fscrypt_file);
> > +	kfree(info->targeti.fscrypt_auth);
> > +	kfree(info->targeti.fscrypt_file);
> >   	if (!info->dir_entries)
> >   		return;
> >   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
> > diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
> > index 64ea9d853b8d..0c3cc61fd038 100644
> > --- a/fs/ceph/mds_client.h
> > +++ b/fs/ceph/mds_client.h
> > @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {
> >   	s32 dir_pin;
> >   	struct ceph_timespec btime;
> >   	struct ceph_timespec snap_btime;
> > +	u8 *fscrypt_auth;
> > +	u8 *fscrypt_file;
> > +	u32 fscrypt_auth_len;
> > +	u32 fscrypt_file_len;
> >   	u64 rsnaps;
> >   	u64 change_attr;
> >   };
> > diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> > index 0cd94b296f5f..e032737fe472 100644
> > --- a/fs/ceph/super.h
> > +++ b/fs/ceph/super.h
> > @@ -429,6 +429,12 @@ struct ceph_inode_info {
> >   
> >   #ifdef CONFIG_CEPH_FSCACHE
> >   	struct fscache_cookie *fscache;
> > +#endif
> > +#ifdef CONFIG_FS_ENCRYPTION
> > +	u32 fscrypt_auth_len;
> > +	u32 fscrypt_file_len;
> > +	u8 *fscrypt_auth;
> > +	u8 *fscrypt_file;
> >   #endif
> >   	errseq_t i_meta_err;
> >   
>
Jeff Layton July 7, 2021, 12:19 p.m. UTC | #5
On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:
> On 7/7/21 6:47 PM, Luis Henriques wrote:
> > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
> > > ...and store them in the ceph_inode_info.
> > > 
> > > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > > ---
> > >   fs/ceph/file.c       |  2 ++
> > >   fs/ceph/inode.c      | 18 ++++++++++++++++++
> > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
> > >   fs/ceph/mds_client.h |  4 ++++
> > >   fs/ceph/super.h      |  6 ++++++
> > >   5 files changed, 74 insertions(+)
> > > 
> > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> > > index 2cda398ba64d..ea0e85075b7b 100644
> > > --- a/fs/ceph/file.c
> > > +++ b/fs/ceph/file.c
> > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
> > >   	iinfo.xattr_data = xattr_buf;
> > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
> > >   
> > > +	/* FIXME: set fscrypt_auth and fscrypt_file */
> > > +
> > >   	in.ino = cpu_to_le64(vino.ino);
> > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);
> > >   	in.version = cpu_to_le64(1);	// ???
> > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > > index f62785e4dbcb..b620281ea65b 100644
> > > --- a/fs/ceph/inode.c
> > > +++ b/fs/ceph/inode.c
> > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
> > >   
> > >   	ci->i_meta_err = 0;
> > >   
> > > +#ifdef CONFIG_FS_ENCRYPTION
> > > +	ci->fscrypt_auth = NULL;
> > > +	ci->fscrypt_auth_len = 0;
> > > +	ci->fscrypt_file = NULL;
> > > +	ci->fscrypt_file_len = 0;
> > > +#endif
> > > +
> > >   	return &ci->vfs_inode;
> > >   }
> > >   
> > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
> > >   	struct ceph_inode_info *ci = ceph_inode(inode);
> > >   
> > >   	kfree(ci->i_symlink);
> > > +#ifdef CONFIG_FS_ENCRYPTION
> > > +	kfree(ci->fscrypt_auth);
> > > +#endif
> > >   	kmem_cache_free(ceph_inode_cachep, ci);
> > >   }
> > >   
> > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
> > >   		xattr_blob = NULL;
> > >   	}
> > >   
> > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
> > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
> > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;
> > > +		iinfo->fscrypt_auth = NULL;
> > > +		iinfo->fscrypt_auth_len = 0;
> > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
> > > +	}
> > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
> > is already set.  Something like:
> > 
> > 	if (iinfo->fscrypt_auth_len) {
> > 		if (!ci->fscrypt_auth) {
> > 			...
> > 		} else {
> > 			kfree(iinfo->fscrypt_auth);
> > 			iinfo->fscrypt_auth = NULL;
> > 		}
> > 	}
> > 
> IMO, this should be okay because it will be freed in 
> destroy_reply_info() when putting the request.
> 
> 

Yes. All of that should get cleaned up with the request.

> > > +
> > >   	/* finally update i_version */
> > >   	if (le64_to_cpu(info->version) > ci->i_version)
> > >   		ci->i_version = le64_to_cpu(info->version);
> > > diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
> > > index 3b3a14024ca0..9c994effc51d 100644
> > > --- a/fs/ceph/mds_client.c
> > > +++ b/fs/ceph/mds_client.c
> > > @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,
> > >   			info->rsnaps = 0;
> > >   		}
> > >   
> > > +		if (struct_v >= 5) {
> > > +			u32 alen;
> > > +
> > > +			ceph_decode_32_safe(p, end, alen, bad);
> > > +
> > > +			while (alen--) {
> > > +				u32 len;
> > > +
> > > +				/* key */
> > > +				ceph_decode_32_safe(p, end, len, bad);
> > > +				ceph_decode_skip_n(p, end, len, bad);
> > > +				/* value */
> > > +				ceph_decode_32_safe(p, end, len, bad);
> > > +				ceph_decode_skip_n(p, end, len, bad);
> > > +			}
> > > +		}
> > > +
> > > +		/* fscrypt flag -- ignore */
> > > +		if (struct_v >= 6)
> > > +			ceph_decode_skip_8(p, end, bad);
> > > +
> > > +		if (struct_v >= 7) {
> > > +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
> > > +			if (info->fscrypt_auth_len) {
> > > +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
> > > +				if (!info->fscrypt_auth)
> > > +					return -ENOMEM;
> > > +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
> > > +						      info->fscrypt_auth_len, bad);
> > > +			}
> > > +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
> > > +			if (info->fscrypt_file_len) {
> > > +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
> > > +				if (!info->fscrypt_file)
> > > +					return -ENOMEM;
> > As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing
> > in this error path.
> > 
> > Cheers,
> > --
> > Luís
> > 
> > > +				ceph_decode_copy_safe(p, end, info->fscrypt_file,
> > > +						      info->fscrypt_file_len, bad);
> > > +			}
> > > +		}
> > >   		*p = end;
> > >   	} else {
> > > +		/* legacy (unversioned) struct */
> > >   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
> > >   			ceph_decode_64_safe(p, end, info->inline_version, bad);
> > >   			ceph_decode_32_safe(p, end, info->inline_len, bad);
> > > @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
> > >   
> > >   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
> > >   {
> > > +	kfree(info->diri.fscrypt_auth);
> > > +	kfree(info->diri.fscrypt_file);
> > > +	kfree(info->targeti.fscrypt_auth);
> > > +	kfree(info->targeti.fscrypt_file);
> > >   	if (!info->dir_entries)
> > >   		return;
> > >   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
> > > diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
> > > index 64ea9d853b8d..0c3cc61fd038 100644
> > > --- a/fs/ceph/mds_client.h
> > > +++ b/fs/ceph/mds_client.h
> > > @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {
> > >   	s32 dir_pin;
> > >   	struct ceph_timespec btime;
> > >   	struct ceph_timespec snap_btime;
> > > +	u8 *fscrypt_auth;
> > > +	u8 *fscrypt_file;
> > > +	u32 fscrypt_auth_len;
> > > +	u32 fscrypt_file_len;
> > >   	u64 rsnaps;
> > >   	u64 change_attr;
> > >   };
> > > diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> > > index 0cd94b296f5f..e032737fe472 100644
> > > --- a/fs/ceph/super.h
> > > +++ b/fs/ceph/super.h
> > > @@ -429,6 +429,12 @@ struct ceph_inode_info {
> > >   
> > >   #ifdef CONFIG_CEPH_FSCACHE
> > >   	struct fscache_cookie *fscache;
> > > +#endif
> > > +#ifdef CONFIG_FS_ENCRYPTION
> > > +	u32 fscrypt_auth_len;
> > > +	u32 fscrypt_file_len;
> > > +	u8 *fscrypt_auth;
> > > +	u8 *fscrypt_file;
> > >   #endif
> > >   	errseq_t i_meta_err;
> > >   
> > > -- 
> > > 2.31.1
> > > 
>
Xiubo Li July 7, 2021, 12:46 p.m. UTC | #6
On 7/7/21 8:09 PM, Jeff Layton wrote:
> On Wed, 2021-07-07 at 11:53 +0800, Xiubo Li wrote:
>> On 6/25/21 9:58 PM, Jeff Layton wrote:
>>> ...and store them in the ceph_inode_info.
>>>
>>> Signed-off-by: Jeff Layton <jlayton@kernel.org>
>>> ---
>>>    fs/ceph/file.c       |  2 ++
>>>    fs/ceph/inode.c      | 18 ++++++++++++++++++
>>>    fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
>>>    fs/ceph/mds_client.h |  4 ++++
>>>    fs/ceph/super.h      |  6 ++++++
>>>    5 files changed, 74 insertions(+)
>>>
>>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
>>> index 2cda398ba64d..ea0e85075b7b 100644
>>> --- a/fs/ceph/file.c
>>> +++ b/fs/ceph/file.c
>>> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
>>>    	iinfo.xattr_data = xattr_buf;
>>>    	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
>>>    
>>> +	/* FIXME: set fscrypt_auth and fscrypt_file */
>>> +
>>>    	in.ino = cpu_to_le64(vino.ino);
>>>    	in.snapid = cpu_to_le64(CEPH_NOSNAP);
>>>    	in.version = cpu_to_le64(1);	// ???
>>> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
>>> index f62785e4dbcb..b620281ea65b 100644
>>> --- a/fs/ceph/inode.c
>>> +++ b/fs/ceph/inode.c
>>> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
>>>    
>>>    	ci->i_meta_err = 0;
>>>    
>>> +#ifdef CONFIG_FS_ENCRYPTION
>>> +	ci->fscrypt_auth = NULL;
>>> +	ci->fscrypt_auth_len = 0;
>>> +	ci->fscrypt_file = NULL;
>>> +	ci->fscrypt_file_len = 0;
>>> +#endif
>>> +
>>>    	return &ci->vfs_inode;
>>>    }
>>>    
>>> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
>>>    	struct ceph_inode_info *ci = ceph_inode(inode);
>>>    
>>>    	kfree(ci->i_symlink);
>>> +#ifdef CONFIG_FS_ENCRYPTION
>>> +	kfree(ci->fscrypt_auth);
>>> +#endif
>>>    	kmem_cache_free(ceph_inode_cachep, ci);
>>>    }
>>>    
>>> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
>>>    		xattr_blob = NULL;
>>>    	}
>>>    
>>> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
>>> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
>>> +		ci->fscrypt_auth = iinfo->fscrypt_auth;
>>> +		iinfo->fscrypt_auth = NULL;
>>> +		iinfo->fscrypt_auth_len = 0;
>>> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
>>> +	}
>>> +
>>>    	/* finally update i_version */
>>>    	if (le64_to_cpu(info->version) > ci->i_version)
>>>    		ci->i_version = le64_to_cpu(info->version);
>>> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
>>> index 3b3a14024ca0..9c994effc51d 100644
>>> --- a/fs/ceph/mds_client.c
>>> +++ b/fs/ceph/mds_client.c
>>> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,
>>>    			info->rsnaps = 0;
>>>    		}
>>>    
>>> +		if (struct_v >= 5) {
>>> +			u32 alen;
>>> +
>>> +			ceph_decode_32_safe(p, end, alen, bad);
>>> +
>>> +			while (alen--) {
>>> +				u32 len;
>>> +
>>> +				/* key */
>>> +				ceph_decode_32_safe(p, end, len, bad);
>>> +				ceph_decode_skip_n(p, end, len, bad);
>>> +				/* value */
>>> +				ceph_decode_32_safe(p, end, len, bad);
>>> +				ceph_decode_skip_n(p, end, len, bad);
>>> +			}
>>> +		}
>>> +
>>> +		/* fscrypt flag -- ignore */
>>> +		if (struct_v >= 6)
>>> +			ceph_decode_skip_8(p, end, bad);
>>> +
>>> +		if (struct_v >= 7) {
>>> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
>>> +			if (info->fscrypt_auth_len) {
>>> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
>>> +				if (!info->fscrypt_auth)
>>> +					return -ENOMEM;
>>> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
>>> +						      info->fscrypt_auth_len, bad);
>>> +			}
>>> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
>>> +			if (info->fscrypt_file_len) {
>>> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
>>> +				if (!info->fscrypt_file)
>>> +					return -ENOMEM;
>> Should we kfree(info->fscrypt_auth) before return ?
>>
>> I didn't anywhere is freeing it.
>>
> It'll get freed in destroy_reply_info(). We could do it here, but it
> should be fine to wait until we're tearing the "info" structure down.
>
Yeah, I just missed the destory_reply_info() code that time.



>>
>>> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,
>>> +						      info->fscrypt_file_len, bad);
>>> +			}
>>> +		}
>>>    		*p = end;
>>>    	} else {
>>> +		/* legacy (unversioned) struct */
>>>    		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
>>>    			ceph_decode_64_safe(p, end, info->inline_version, bad);
>>>    			ceph_decode_32_safe(p, end, info->inline_len, bad);
>>> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
>>>    
>>>    static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
>>>    {
>>> +	kfree(info->diri.fscrypt_auth);
>>> +	kfree(info->diri.fscrypt_file);
>>> +	kfree(info->targeti.fscrypt_auth);
>>> +	kfree(info->targeti.fscrypt_file);
>>>    	if (!info->dir_entries)
>>>    		return;
>>>    	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
>>> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
>>> index 64ea9d853b8d..0c3cc61fd038 100644
>>> --- a/fs/ceph/mds_client.h
>>> +++ b/fs/ceph/mds_client.h
>>> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {
>>>    	s32 dir_pin;
>>>    	struct ceph_timespec btime;
>>>    	struct ceph_timespec snap_btime;
>>> +	u8 *fscrypt_auth;
>>> +	u8 *fscrypt_file;
>>> +	u32 fscrypt_auth_len;
>>> +	u32 fscrypt_file_len;
>>>    	u64 rsnaps;
>>>    	u64 change_attr;
>>>    };
>>> diff --git a/fs/ceph/super.h b/fs/ceph/super.h
>>> index 0cd94b296f5f..e032737fe472 100644
>>> --- a/fs/ceph/super.h
>>> +++ b/fs/ceph/super.h
>>> @@ -429,6 +429,12 @@ struct ceph_inode_info {
>>>    
>>>    #ifdef CONFIG_CEPH_FSCACHE
>>>    	struct fscache_cookie *fscache;
>>> +#endif
>>> +#ifdef CONFIG_FS_ENCRYPTION
>>> +	u32 fscrypt_auth_len;
>>> +	u32 fscrypt_file_len;
>>> +	u8 *fscrypt_auth;
>>> +	u8 *fscrypt_file;
>>>    #endif
>>>    	errseq_t i_meta_err;
>>>
Luis Henriques July 7, 2021, 2:32 p.m. UTC | #7
On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:
> On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:
> > On 7/7/21 6:47 PM, Luis Henriques wrote:
> > > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
> > > > ...and store them in the ceph_inode_info.
> > > > 
> > > > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > > > ---
> > > >   fs/ceph/file.c       |  2 ++
> > > >   fs/ceph/inode.c      | 18 ++++++++++++++++++
> > > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
> > > >   fs/ceph/mds_client.h |  4 ++++
> > > >   fs/ceph/super.h      |  6 ++++++
> > > >   5 files changed, 74 insertions(+)
> > > > 
> > > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> > > > index 2cda398ba64d..ea0e85075b7b 100644
> > > > --- a/fs/ceph/file.c
> > > > +++ b/fs/ceph/file.c
> > > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
> > > >   	iinfo.xattr_data = xattr_buf;
> > > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
> > > >   
> > > > +	/* FIXME: set fscrypt_auth and fscrypt_file */
> > > > +
> > > >   	in.ino = cpu_to_le64(vino.ino);
> > > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);
> > > >   	in.version = cpu_to_le64(1);	// ???
> > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > > > index f62785e4dbcb..b620281ea65b 100644
> > > > --- a/fs/ceph/inode.c
> > > > +++ b/fs/ceph/inode.c
> > > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
> > > >   
> > > >   	ci->i_meta_err = 0;
> > > >   
> > > > +#ifdef CONFIG_FS_ENCRYPTION
> > > > +	ci->fscrypt_auth = NULL;
> > > > +	ci->fscrypt_auth_len = 0;
> > > > +	ci->fscrypt_file = NULL;
> > > > +	ci->fscrypt_file_len = 0;
> > > > +#endif
> > > > +
> > > >   	return &ci->vfs_inode;
> > > >   }
> > > >   
> > > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
> > > >   	struct ceph_inode_info *ci = ceph_inode(inode);
> > > >   
> > > >   	kfree(ci->i_symlink);
> > > > +#ifdef CONFIG_FS_ENCRYPTION
> > > > +	kfree(ci->fscrypt_auth);
> > > > +#endif
> > > >   	kmem_cache_free(ceph_inode_cachep, ci);
> > > >   }
> > > >   
> > > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
> > > >   		xattr_blob = NULL;
> > > >   	}
> > > >   
> > > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
> > > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
> > > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;
> > > > +		iinfo->fscrypt_auth = NULL;
> > > > +		iinfo->fscrypt_auth_len = 0;
> > > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
> > > > +	}
> > > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
> > > is already set.  Something like:
> > > 
> > > 	if (iinfo->fscrypt_auth_len) {
> > > 		if (!ci->fscrypt_auth) {
> > > 			...
> > > 		} else {
> > > 			kfree(iinfo->fscrypt_auth);
> > > 			iinfo->fscrypt_auth = NULL;
> > > 		}
> > > 	}
> > > 
> > IMO, this should be okay because it will be freed in 
> > destroy_reply_info() when putting the request.
> > 
> > 
> 
> Yes. All of that should get cleaned up with the request.

Hmm... ok, so maybe I missed something because I *did* saw kmemleak
complaining.  Maybe it was on the READDIR path.  /me goes look again.

Cheers,
--
Luís


> 
> > > > +
> > > >   	/* finally update i_version */
> > > >   	if (le64_to_cpu(info->version) > ci->i_version)
> > > >   		ci->i_version = le64_to_cpu(info->version);
> > > > diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
> > > > index 3b3a14024ca0..9c994effc51d 100644
> > > > --- a/fs/ceph/mds_client.c
> > > > +++ b/fs/ceph/mds_client.c
> > > > @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,
> > > >   			info->rsnaps = 0;
> > > >   		}
> > > >   
> > > > +		if (struct_v >= 5) {
> > > > +			u32 alen;
> > > > +
> > > > +			ceph_decode_32_safe(p, end, alen, bad);
> > > > +
> > > > +			while (alen--) {
> > > > +				u32 len;
> > > > +
> > > > +				/* key */
> > > > +				ceph_decode_32_safe(p, end, len, bad);
> > > > +				ceph_decode_skip_n(p, end, len, bad);
> > > > +				/* value */
> > > > +				ceph_decode_32_safe(p, end, len, bad);
> > > > +				ceph_decode_skip_n(p, end, len, bad);
> > > > +			}
> > > > +		}
> > > > +
> > > > +		/* fscrypt flag -- ignore */
> > > > +		if (struct_v >= 6)
> > > > +			ceph_decode_skip_8(p, end, bad);
> > > > +
> > > > +		if (struct_v >= 7) {
> > > > +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
> > > > +			if (info->fscrypt_auth_len) {
> > > > +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
> > > > +				if (!info->fscrypt_auth)
> > > > +					return -ENOMEM;
> > > > +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
> > > > +						      info->fscrypt_auth_len, bad);
> > > > +			}
> > > > +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
> > > > +			if (info->fscrypt_file_len) {
> > > > +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
> > > > +				if (!info->fscrypt_file)
> > > > +					return -ENOMEM;
> > > As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing
> > > in this error path.
> > > 
> > > Cheers,
> > > --
> > > Luís
> > > 
> > > > +				ceph_decode_copy_safe(p, end, info->fscrypt_file,
> > > > +						      info->fscrypt_file_len, bad);
> > > > +			}
> > > > +		}
> > > >   		*p = end;
> > > >   	} else {
> > > > +		/* legacy (unversioned) struct */
> > > >   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
> > > >   			ceph_decode_64_safe(p, end, info->inline_version, bad);
> > > >   			ceph_decode_32_safe(p, end, info->inline_len, bad);
> > > > @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
> > > >   
> > > >   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
> > > >   {
> > > > +	kfree(info->diri.fscrypt_auth);
> > > > +	kfree(info->diri.fscrypt_file);
> > > > +	kfree(info->targeti.fscrypt_auth);
> > > > +	kfree(info->targeti.fscrypt_file);
> > > >   	if (!info->dir_entries)
> > > >   		return;
> > > >   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
> > > > diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
> > > > index 64ea9d853b8d..0c3cc61fd038 100644
> > > > --- a/fs/ceph/mds_client.h
> > > > +++ b/fs/ceph/mds_client.h
> > > > @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {
> > > >   	s32 dir_pin;
> > > >   	struct ceph_timespec btime;
> > > >   	struct ceph_timespec snap_btime;
> > > > +	u8 *fscrypt_auth;
> > > > +	u8 *fscrypt_file;
> > > > +	u32 fscrypt_auth_len;
> > > > +	u32 fscrypt_file_len;
> > > >   	u64 rsnaps;
> > > >   	u64 change_attr;
> > > >   };
> > > > diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> > > > index 0cd94b296f5f..e032737fe472 100644
> > > > --- a/fs/ceph/super.h
> > > > +++ b/fs/ceph/super.h
> > > > @@ -429,6 +429,12 @@ struct ceph_inode_info {
> > > >   
> > > >   #ifdef CONFIG_CEPH_FSCACHE
> > > >   	struct fscache_cookie *fscache;
> > > > +#endif
> > > > +#ifdef CONFIG_FS_ENCRYPTION
> > > > +	u32 fscrypt_auth_len;
> > > > +	u32 fscrypt_file_len;
> > > > +	u8 *fscrypt_auth;
> > > > +	u8 *fscrypt_file;
> > > >   #endif
> > > >   	errseq_t i_meta_err;
> > > >   
> > > > -- 
> > > > 2.31.1
> > > > 
> > 
> 
> -- 
> Jeff Layton <jlayton@kernel.org>
>
Luis Henriques July 7, 2021, 2:56 p.m. UTC | #8
On Wed, Jul 07, 2021 at 03:32:13PM +0100, Luis Henriques wrote:
> On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:
> > On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:
> > > On 7/7/21 6:47 PM, Luis Henriques wrote:
> > > > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
> > > > > ...and store them in the ceph_inode_info.
> > > > > 
> > > > > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > > > > ---
> > > > >   fs/ceph/file.c       |  2 ++
> > > > >   fs/ceph/inode.c      | 18 ++++++++++++++++++
> > > > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
> > > > >   fs/ceph/mds_client.h |  4 ++++
> > > > >   fs/ceph/super.h      |  6 ++++++
> > > > >   5 files changed, 74 insertions(+)
> > > > > 
> > > > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> > > > > index 2cda398ba64d..ea0e85075b7b 100644
> > > > > --- a/fs/ceph/file.c
> > > > > +++ b/fs/ceph/file.c
> > > > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
> > > > >   	iinfo.xattr_data = xattr_buf;
> > > > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
> > > > >   
> > > > > +	/* FIXME: set fscrypt_auth and fscrypt_file */
> > > > > +
> > > > >   	in.ino = cpu_to_le64(vino.ino);
> > > > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);
> > > > >   	in.version = cpu_to_le64(1);	// ???
> > > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > > > > index f62785e4dbcb..b620281ea65b 100644
> > > > > --- a/fs/ceph/inode.c
> > > > > +++ b/fs/ceph/inode.c
> > > > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
> > > > >   
> > > > >   	ci->i_meta_err = 0;
> > > > >   
> > > > > +#ifdef CONFIG_FS_ENCRYPTION
> > > > > +	ci->fscrypt_auth = NULL;
> > > > > +	ci->fscrypt_auth_len = 0;
> > > > > +	ci->fscrypt_file = NULL;
> > > > > +	ci->fscrypt_file_len = 0;
> > > > > +#endif
> > > > > +
> > > > >   	return &ci->vfs_inode;
> > > > >   }
> > > > >   
> > > > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
> > > > >   	struct ceph_inode_info *ci = ceph_inode(inode);
> > > > >   
> > > > >   	kfree(ci->i_symlink);
> > > > > +#ifdef CONFIG_FS_ENCRYPTION
> > > > > +	kfree(ci->fscrypt_auth);
> > > > > +#endif
> > > > >   	kmem_cache_free(ceph_inode_cachep, ci);
> > > > >   }
> > > > >   
> > > > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
> > > > >   		xattr_blob = NULL;
> > > > >   	}
> > > > >   
> > > > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
> > > > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
> > > > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;
> > > > > +		iinfo->fscrypt_auth = NULL;
> > > > > +		iinfo->fscrypt_auth_len = 0;
> > > > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
> > > > > +	}
> > > > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
> > > > is already set.  Something like:
> > > > 
> > > > 	if (iinfo->fscrypt_auth_len) {
> > > > 		if (!ci->fscrypt_auth) {
> > > > 			...
> > > > 		} else {
> > > > 			kfree(iinfo->fscrypt_auth);
> > > > 			iinfo->fscrypt_auth = NULL;
> > > > 		}
> > > > 	}
> > > > 
> > > IMO, this should be okay because it will be freed in 
> > > destroy_reply_info() when putting the request.
> > > 
> > > 
> > 
> > Yes. All of that should get cleaned up with the request.
> 
> Hmm... ok, so maybe I missed something because I *did* saw kmemleak
> complaining.  Maybe it was on the READDIR path.  /me goes look again.

Ah, that was indeed the problem.  So, here's a quick hack to fix
destroy_reply_info() so that it also frees the extra memory from READDIR:

@@ -686,12 +686,23 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
 
 static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
 {
+	int i = 0;
+
 	kfree(info->diri.fscrypt_auth);
 	kfree(info->diri.fscrypt_file);
 	kfree(info->targeti.fscrypt_auth);
 	kfree(info->targeti.fscrypt_file);
 	if (!info->dir_entries)
 		return;
+
+	for (i = 0; i < info->dir_nr; i++) {
+		struct ceph_mds_reply_dir_entry *rde = info->dir_entries + i;
+		if (rde->inode.fscrypt_auth_len)
+			kfree(rde->inode.fscrypt_auth);
+	}
+	       
 	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
 }
 

Cheers,
--
Luís
Xiubo Li July 8, 2021, 2:56 a.m. UTC | #9
On 7/7/21 10:56 PM, Luis Henriques wrote:
> On Wed, Jul 07, 2021 at 03:32:13PM +0100, Luis Henriques wrote:
>> On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:
>>> On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:
>>>> On 7/7/21 6:47 PM, Luis Henriques wrote:
>>>>> On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
>>>>>> ...and store them in the ceph_inode_info.
>>>>>>
>>>>>> Signed-off-by: Jeff Layton <jlayton@kernel.org>
>>>>>> ---
>>>>>>    fs/ceph/file.c       |  2 ++
>>>>>>    fs/ceph/inode.c      | 18 ++++++++++++++++++
>>>>>>    fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
>>>>>>    fs/ceph/mds_client.h |  4 ++++
>>>>>>    fs/ceph/super.h      |  6 ++++++
>>>>>>    5 files changed, 74 insertions(+)
>>>>>>
>>>>>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
>>>>>> index 2cda398ba64d..ea0e85075b7b 100644
>>>>>> --- a/fs/ceph/file.c
>>>>>> +++ b/fs/ceph/file.c
>>>>>> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
>>>>>>    	iinfo.xattr_data = xattr_buf;
>>>>>>    	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
>>>>>>    
>>>>>> +	/* FIXME: set fscrypt_auth and fscrypt_file */
>>>>>> +
>>>>>>    	in.ino = cpu_to_le64(vino.ino);
>>>>>>    	in.snapid = cpu_to_le64(CEPH_NOSNAP);
>>>>>>    	in.version = cpu_to_le64(1);	// ???
>>>>>> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
>>>>>> index f62785e4dbcb..b620281ea65b 100644
>>>>>> --- a/fs/ceph/inode.c
>>>>>> +++ b/fs/ceph/inode.c
>>>>>> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
>>>>>>    
>>>>>>    	ci->i_meta_err = 0;
>>>>>>    
>>>>>> +#ifdef CONFIG_FS_ENCRYPTION
>>>>>> +	ci->fscrypt_auth = NULL;
>>>>>> +	ci->fscrypt_auth_len = 0;
>>>>>> +	ci->fscrypt_file = NULL;
>>>>>> +	ci->fscrypt_file_len = 0;
>>>>>> +#endif
>>>>>> +
>>>>>>    	return &ci->vfs_inode;
>>>>>>    }
>>>>>>    
>>>>>> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
>>>>>>    	struct ceph_inode_info *ci = ceph_inode(inode);
>>>>>>    
>>>>>>    	kfree(ci->i_symlink);
>>>>>> +#ifdef CONFIG_FS_ENCRYPTION
>>>>>> +	kfree(ci->fscrypt_auth);
>>>>>> +#endif
>>>>>>    	kmem_cache_free(ceph_inode_cachep, ci);
>>>>>>    }
>>>>>>    
>>>>>> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
>>>>>>    		xattr_blob = NULL;
>>>>>>    	}
>>>>>>    
>>>>>> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
>>>>>> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
>>>>>> +		ci->fscrypt_auth = iinfo->fscrypt_auth;
>>>>>> +		iinfo->fscrypt_auth = NULL;
>>>>>> +		iinfo->fscrypt_auth_len = 0;
>>>>>> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
>>>>>> +	}
>>>>> I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
>>>>> is already set.  Something like:
>>>>>
>>>>> 	if (iinfo->fscrypt_auth_len) {
>>>>> 		if (!ci->fscrypt_auth) {
>>>>> 			...
>>>>> 		} else {
>>>>> 			kfree(iinfo->fscrypt_auth);
>>>>> 			iinfo->fscrypt_auth = NULL;
>>>>> 		}
>>>>> 	}
>>>>>
>>>> IMO, this should be okay because it will be freed in
>>>> destroy_reply_info() when putting the request.
>>>>
>>>>
>>> Yes. All of that should get cleaned up with the request.
>> Hmm... ok, so maybe I missed something because I *did* saw kmemleak
>> complaining.  Maybe it was on the READDIR path.  /me goes look again.
> Ah, that was indeed the problem.  So, here's a quick hack to fix
> destroy_reply_info() so that it also frees the extra memory from READDIR:
>
> @@ -686,12 +686,23 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
>   
>   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
>   {
> +	int i = 0;
> +
>   	kfree(info->diri.fscrypt_auth);
>   	kfree(info->diri.fscrypt_file);
>   	kfree(info->targeti.fscrypt_auth);
>   	kfree(info->targeti.fscrypt_file);
>   	if (!info->dir_entries)
>   		return;
> +
> +	for (i = 0; i < info->dir_nr; i++) {
> +		struct ceph_mds_reply_dir_entry *rde = info->dir_entries + i;
> +		if (rde->inode.fscrypt_auth_len)
> +			kfree(rde->inode.fscrypt_auth);
> +	}
> +	
>   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
>   }
>   

Yeah, this looks nice.


> Cheers,
> --
> Luís
>
Jeff Layton July 8, 2021, 11:26 a.m. UTC | #10
On Wed, 2021-07-07 at 15:56 +0100, Luis Henriques wrote:
> On Wed, Jul 07, 2021 at 03:32:13PM +0100, Luis Henriques wrote:
> > On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:
> > > On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:
> > > > On 7/7/21 6:47 PM, Luis Henriques wrote:
> > > > > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
> > > > > > ...and store them in the ceph_inode_info.
> > > > > > 
> > > > > > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > > > > > ---
> > > > > >   fs/ceph/file.c       |  2 ++
> > > > > >   fs/ceph/inode.c      | 18 ++++++++++++++++++
> > > > > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
> > > > > >   fs/ceph/mds_client.h |  4 ++++
> > > > > >   fs/ceph/super.h      |  6 ++++++
> > > > > >   5 files changed, 74 insertions(+)
> > > > > > 
> > > > > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> > > > > > index 2cda398ba64d..ea0e85075b7b 100644
> > > > > > --- a/fs/ceph/file.c
> > > > > > +++ b/fs/ceph/file.c
> > > > > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
> > > > > >   	iinfo.xattr_data = xattr_buf;
> > > > > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
> > > > > >   
> > > > > > +	/* FIXME: set fscrypt_auth and fscrypt_file */
> > > > > > +
> > > > > >   	in.ino = cpu_to_le64(vino.ino);
> > > > > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);
> > > > > >   	in.version = cpu_to_le64(1);	// ???
> > > > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > > > > > index f62785e4dbcb..b620281ea65b 100644
> > > > > > --- a/fs/ceph/inode.c
> > > > > > +++ b/fs/ceph/inode.c
> > > > > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)
> > > > > >   
> > > > > >   	ci->i_meta_err = 0;
> > > > > >   
> > > > > > +#ifdef CONFIG_FS_ENCRYPTION
> > > > > > +	ci->fscrypt_auth = NULL;
> > > > > > +	ci->fscrypt_auth_len = 0;
> > > > > > +	ci->fscrypt_file = NULL;
> > > > > > +	ci->fscrypt_file_len = 0;
> > > > > > +#endif
> > > > > > +
> > > > > >   	return &ci->vfs_inode;
> > > > > >   }
> > > > > >   
> > > > > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)
> > > > > >   	struct ceph_inode_info *ci = ceph_inode(inode);
> > > > > >   
> > > > > >   	kfree(ci->i_symlink);
> > > > > > +#ifdef CONFIG_FS_ENCRYPTION
> > > > > > +	kfree(ci->fscrypt_auth);
> > > > > > +#endif
> > > > > >   	kmem_cache_free(ceph_inode_cachep, ci);
> > > > > >   }
> > > > > >   
> > > > > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,
> > > > > >   		xattr_blob = NULL;
> > > > > >   	}
> > > > > >   
> > > > > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
> > > > > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
> > > > > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;
> > > > > > +		iinfo->fscrypt_auth = NULL;
> > > > > > +		iinfo->fscrypt_auth_len = 0;
> > > > > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
> > > > > > +	}
> > > > > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
> > > > > is already set.  Something like:
> > > > > 
> > > > > 	if (iinfo->fscrypt_auth_len) {
> > > > > 		if (!ci->fscrypt_auth) {
> > > > > 			...
> > > > > 		} else {
> > > > > 			kfree(iinfo->fscrypt_auth);
> > > > > 			iinfo->fscrypt_auth = NULL;
> > > > > 		}
> > > > > 	}
> > > > > 
> > > > IMO, this should be okay because it will be freed in 
> > > > destroy_reply_info() when putting the request.
> > > > 
> > > > 
> > > 
> > > Yes. All of that should get cleaned up with the request.
> > 
> > Hmm... ok, so maybe I missed something because I *did* saw kmemleak
> > complaining.  Maybe it was on the READDIR path.  /me goes look again.
> 
> Ah, that was indeed the problem.  So, here's a quick hack to fix
> destroy_reply_info() so that it also frees the extra memory from READDIR:
> 
> @@ -686,12 +686,23 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
>  
>  static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
>  {
> +	int i = 0;
> +
>  	kfree(info->diri.fscrypt_auth);
>  	kfree(info->diri.fscrypt_file);
>  	kfree(info->targeti.fscrypt_auth);
>  	kfree(info->targeti.fscrypt_file);
>  	if (!info->dir_entries)
>  		return;
> +
> +	for (i = 0; i < info->dir_nr; i++) {
> +		struct ceph_mds_reply_dir_entry *rde = info->dir_entries + i;
> +		if (rde->inode.fscrypt_auth_len)
> +			kfree(rde->inode.fscrypt_auth);
> +	}
> +	       
>  	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
>  }
>  
> 

Well spotted! I'll plan to incorporate a fix like that soon.
diff mbox series

Patch

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index 2cda398ba64d..ea0e85075b7b 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -592,6 +592,8 @@  static int ceph_finish_async_create(struct inode *dir, struct inode *inode,
 	iinfo.xattr_data = xattr_buf;
 	memset(iinfo.xattr_data, 0, iinfo.xattr_len);
 
+	/* FIXME: set fscrypt_auth and fscrypt_file */
+
 	in.ino = cpu_to_le64(vino.ino);
 	in.snapid = cpu_to_le64(CEPH_NOSNAP);
 	in.version = cpu_to_le64(1);	// ???
diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
index f62785e4dbcb..b620281ea65b 100644
--- a/fs/ceph/inode.c
+++ b/fs/ceph/inode.c
@@ -611,6 +611,13 @@  struct inode *ceph_alloc_inode(struct super_block *sb)
 
 	ci->i_meta_err = 0;
 
+#ifdef CONFIG_FS_ENCRYPTION
+	ci->fscrypt_auth = NULL;
+	ci->fscrypt_auth_len = 0;
+	ci->fscrypt_file = NULL;
+	ci->fscrypt_file_len = 0;
+#endif
+
 	return &ci->vfs_inode;
 }
 
@@ -619,6 +626,9 @@  void ceph_free_inode(struct inode *inode)
 	struct ceph_inode_info *ci = ceph_inode(inode);
 
 	kfree(ci->i_symlink);
+#ifdef CONFIG_FS_ENCRYPTION
+	kfree(ci->fscrypt_auth);
+#endif
 	kmem_cache_free(ceph_inode_cachep, ci);
 }
 
@@ -1021,6 +1031,14 @@  int ceph_fill_inode(struct inode *inode, struct page *locked_page,
 		xattr_blob = NULL;
 	}
 
+	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {
+		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;
+		ci->fscrypt_auth = iinfo->fscrypt_auth;
+		iinfo->fscrypt_auth = NULL;
+		iinfo->fscrypt_auth_len = 0;
+		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
+	}
+
 	/* finally update i_version */
 	if (le64_to_cpu(info->version) > ci->i_version)
 		ci->i_version = le64_to_cpu(info->version);
diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
index 3b3a14024ca0..9c994effc51d 100644
--- a/fs/ceph/mds_client.c
+++ b/fs/ceph/mds_client.c
@@ -183,8 +183,48 @@  static int parse_reply_info_in(void **p, void *end,
 			info->rsnaps = 0;
 		}
 
+		if (struct_v >= 5) {
+			u32 alen;
+
+			ceph_decode_32_safe(p, end, alen, bad);
+
+			while (alen--) {
+				u32 len;
+
+				/* key */
+				ceph_decode_32_safe(p, end, len, bad);
+				ceph_decode_skip_n(p, end, len, bad);
+				/* value */
+				ceph_decode_32_safe(p, end, len, bad);
+				ceph_decode_skip_n(p, end, len, bad);
+			}
+		}
+
+		/* fscrypt flag -- ignore */
+		if (struct_v >= 6)
+			ceph_decode_skip_8(p, end, bad);
+
+		if (struct_v >= 7) {
+			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);
+			if (info->fscrypt_auth_len) {
+				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);
+				if (!info->fscrypt_auth)
+					return -ENOMEM;
+				ceph_decode_copy_safe(p, end, info->fscrypt_auth,
+						      info->fscrypt_auth_len, bad);
+			}
+			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);
+			if (info->fscrypt_file_len) {
+				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);
+				if (!info->fscrypt_file)
+					return -ENOMEM;
+				ceph_decode_copy_safe(p, end, info->fscrypt_file,
+						      info->fscrypt_file_len, bad);
+			}
+		}
 		*p = end;
 	} else {
+		/* legacy (unversioned) struct */
 		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {
 			ceph_decode_64_safe(p, end, info->inline_version, bad);
 			ceph_decode_32_safe(p, end, info->inline_len, bad);
@@ -625,6 +665,10 @@  static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
 
 static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
 {
+	kfree(info->diri.fscrypt_auth);
+	kfree(info->diri.fscrypt_file);
+	kfree(info->targeti.fscrypt_auth);
+	kfree(info->targeti.fscrypt_file);
 	if (!info->dir_entries)
 		return;
 	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h
index 64ea9d853b8d..0c3cc61fd038 100644
--- a/fs/ceph/mds_client.h
+++ b/fs/ceph/mds_client.h
@@ -88,6 +88,10 @@  struct ceph_mds_reply_info_in {
 	s32 dir_pin;
 	struct ceph_timespec btime;
 	struct ceph_timespec snap_btime;
+	u8 *fscrypt_auth;
+	u8 *fscrypt_file;
+	u32 fscrypt_auth_len;
+	u32 fscrypt_file_len;
 	u64 rsnaps;
 	u64 change_attr;
 };
diff --git a/fs/ceph/super.h b/fs/ceph/super.h
index 0cd94b296f5f..e032737fe472 100644
--- a/fs/ceph/super.h
+++ b/fs/ceph/super.h
@@ -429,6 +429,12 @@  struct ceph_inode_info {
 
 #ifdef CONFIG_CEPH_FSCACHE
 	struct fscache_cookie *fscache;
+#endif
+#ifdef CONFIG_FS_ENCRYPTION
+	u32 fscrypt_auth_len;
+	u32 fscrypt_file_len;
+	u8 *fscrypt_auth;
+	u8 *fscrypt_file;
 #endif
 	errseq_t i_meta_err;