From patchwork Mon Oct 9 19:15:44 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 9994097 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 495FA60223 for ; Mon, 9 Oct 2017 19:19:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3E57D284AA for ; Mon, 9 Oct 2017 19:19:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 333E7286D2; Mon, 9 Oct 2017 19:19:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D9C21284AA for ; Mon, 9 Oct 2017 19:19:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755081AbdJITTQ (ORCPT ); Mon, 9 Oct 2017 15:19:16 -0400 Received: from mail-pf0-f196.google.com ([209.85.192.196]:36089 "EHLO mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754962AbdJITTM (ORCPT ); Mon, 9 Oct 2017 15:19:12 -0400 Received: by mail-pf0-f196.google.com with SMTP id z11so12492108pfk.3; Mon, 09 Oct 2017 12:19:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=MPOPGjF3y0uBJ9sffhpGUHrATZ5LMTP+wi1hmVzD8Dg=; b=BbemtTrutCcH7jQ3Z7LWQEcNJkEGK6ZQZCVInuFdVClkc+xKsT0PMl+GlTui26xe1P YFOQAbLyKOVl1EyHpUhMsOcYYj8N2DENORvZME+YqowQJqeZDFzLpOpGRWmhU8ScGFuh k/Ptpl7GYqdjT05x3Lm8HUTJ7O7iPIhlYixgrLM8gc/xi5bxHAOzKhk8YI0MSZoLWN6Q /Ro7QU3bM/J9sLqrZANW+yb2CD+1CwS8fHww/bh5n+CacS61HTJI/adn6Ix1GBSdhGxo MIHEqiyjlz9JPxaurrZkduh7pFUBgf+dBthbiag0E28CEMhUjrXM91RxGp14EsnaBsC+ FgoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=MPOPGjF3y0uBJ9sffhpGUHrATZ5LMTP+wi1hmVzD8Dg=; b=qd9deRnGl2DHDwbzRKmBnnBhf9uiyzwXQZfjNGYOrwB/i+sLL/ajW846kfkC33McX9 KCzvBekAyL4cxoDwJK6tnnN70gjEgL6A4XnsgTAjSwssGmVQse46C53dTIFSr7PuCdYm mhZYT/NT5eJuFkuUeF/tzcIBvLq/FzlIVnLYXXo9rPAXOiEBpdyb1mMzMqAhK2bYYiLV d1rPXz+/OvRmZIPm1PcDUnlmDkw62bSko11e0gxD0HW6b09VfZO8rdxuq0ufkKGUU4d1 mU07I+YTQqwNQyRmkdr2q4qmfCo79fSNI4kwcclDLH62tcZEJldFeADC7x6jBnUClRe3 e8UQ== X-Gm-Message-State: AMCzsaVInzLX3WiJ8P8hLCXgYr1N0aL/jXe7NkubQkCRjflIYIgcyQax Z51tUEbhVQouJGgYtk1KR/IyZb0o X-Google-Smtp-Source: AOwi7QD7yuugVLvBhVlXZRWqDOMVEVc25HUQgG2VSTZBwm+Jjo5olEvvHSbpLC08jv5dComaA5TDGQ== X-Received: by 10.84.129.70 with SMTP id 64mr9818378plb.287.1507576751881; Mon, 09 Oct 2017 12:19:11 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([100.66.174.81]) by smtp.gmail.com with ESMTPSA id n29sm17039819pgf.44.2017.10.09.12.19.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 09 Oct 2017 12:19:11 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: Jaegeuk Kim , linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Eric Biggers Subject: [PATCH v2 11/11] fscrypt: new helper function - fscrypt_prepare_setattr() Date: Mon, 9 Oct 2017 12:15:44 -0700 Message-Id: <20171009191544.43656-12-ebiggers3@gmail.com> X-Mailer: git-send-email 2.14.2.920.gcf0c67979c-goog In-Reply-To: <20171009191544.43656-1-ebiggers3@gmail.com> References: <20171009191544.43656-1-ebiggers3@gmail.com> Sender: linux-fscrypt-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Eric Biggers Introduce a helper function for filesystems to call when processing ->setattr() on a possibly-encrypted inode. It handles enforcing that an encrypted file can only be truncated if its encryption key is available. Acked-by: Dave Chinner Signed-off-by: Eric Biggers --- include/linux/fscrypt.h | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h index 2327859c8cd2..53437bfdfcbc 100644 --- a/include/linux/fscrypt.h +++ b/include/linux/fscrypt.h @@ -265,4 +265,29 @@ static inline int fscrypt_prepare_lookup(struct inode *dir, return 0; } +/** + * fscrypt_prepare_setattr - prepare to change a possibly-encrypted inode's attributes + * @dentry: dentry through which the inode is being changed + * @attr: attributes to change + * + * Prepare for ->setattr() on a possibly-encrypted inode. On an encrypted file, + * most attribute changes are allowed even without the encryption key. However, + * without the encryption key we do have to forbid truncates. This is needed + * because the size being truncated to may not be a multiple of the filesystem + * block size, and in that case we'd have to decrypt the final block, zero the + * portion past i_size, and re-encrypt it. (We *could* allow truncating to a + * filesystem block boundary, but it's simpler to just forbid all truncates --- + * and we already forbid all other contents modifications without the key.) + * + * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code + * if a problem occurred while setting up the encryption key. + */ +static inline int fscrypt_prepare_setattr(struct dentry *dentry, + struct iattr *attr) +{ + if (attr->ia_valid & ATTR_SIZE) + return fscrypt_require_key(d_inode(dentry)); + return 0; +} + #endif /* _LINUX_FSCRYPT_H */