| Message ID | 20220418130839.9862-1-lhenriques@suse.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ceph: prevent snapshots to be created in encrypted locked directories | expand |
On Mon, 2022-04-18 at 14:08 +0100, Luís Henriques wrote: > With snapshot names encryption we can not allow snapshots to be created in > locked directories because the names wouldn't be encrypted. This patch > forces the directory to be unlocked to allow a snapshot to be created. > > Signed-off-by: Luís Henriques <lhenriques@suse.de> > --- > fs/ceph/dir.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c > index f48f1ff20927..93e2f08102a1 100644 > --- a/fs/ceph/dir.c > +++ b/fs/ceph/dir.c > @@ -1071,6 +1071,10 @@ static int ceph_mkdir(struct user_namespace *mnt_userns, struct inode *dir, > err = -EDQUOT; > goto out; > } > + if ((op == CEPH_MDS_OP_MKSNAP) && !fscrypt_has_encryption_key(dir)) { > + err = -ENOKEY; > + goto out; > + } > > > req = ceph_mdsc_create_request(mdsc, op, USE_AUTH_MDS); Looks good. I'll pull this and the v4 series into the wip-fscrypt later todat.
On Mon, 2022-04-18 at 09:17 -0400, Jeff Layton wrote: > On Mon, 2022-04-18 at 14:08 +0100, Luís Henriques wrote: > > With snapshot names encryption we can not allow snapshots to be created in > > locked directories because the names wouldn't be encrypted. This patch > > forces the directory to be unlocked to allow a snapshot to be created. > > > > Signed-off-by: Luís Henriques <lhenriques@suse.de> > > --- > > fs/ceph/dir.c | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c > > index f48f1ff20927..93e2f08102a1 100644 > > --- a/fs/ceph/dir.c > > +++ b/fs/ceph/dir.c > > @@ -1071,6 +1071,10 @@ static int ceph_mkdir(struct user_namespace *mnt_userns, struct inode *dir, > > err = -EDQUOT; > > goto out; > > } > > + if ((op == CEPH_MDS_OP_MKSNAP) && !fscrypt_has_encryption_key(dir)) { > > + err = -ENOKEY; > > + goto out; > > + } > > > > > > req = ceph_mdsc_create_request(mdsc, op, USE_AUTH_MDS); > > Looks good. I'll pull this and the v4 series into the wip-fscrypt later > todat. Actually, I take it back... This check doesn't test whether the parent is encrypted. Doesn't it need to do that too before checking for the key?
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index f48f1ff20927..93e2f08102a1 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1071,6 +1071,10 @@ static int ceph_mkdir(struct user_namespace *mnt_userns, struct inode *dir, err = -EDQUOT; goto out; } + if ((op == CEPH_MDS_OP_MKSNAP) && !fscrypt_has_encryption_key(dir)) { + err = -ENOKEY; + goto out; + } req = ceph_mdsc_create_request(mdsc, op, USE_AUTH_MDS);
With snapshot names encryption we can not allow snapshots to be created in locked directories because the names wouldn't be encrypted. This patch forces the directory to be unlocked to allow a snapshot to be created. Signed-off-by: Luís Henriques <lhenriques@suse.de> --- fs/ceph/dir.c | 4 ++++ 1 file changed, 4 insertions(+)