| Message ID | 20240125044826.1294268-1-xiubli@redhat.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | fscrypt: to make sure the inode->i_blkbits is correctly set | expand |
On Thu, Jan 25, 2024 at 12:48:25PM +0800, xiubli@redhat.com wrote: > From: Xiubo Li <xiubli@redhat.com> > > The inode->i_blkbits should be already set before calling > fscrypt_get_encryption_info() and it will be used this to setup the > ci_data_unit_bits. > > Signed-off-by: Xiubo Li <xiubli@redhat.com> > --- > fs/crypto/keysetup.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c > index d71f7c799e79..909187e52bae 100644 > --- a/fs/crypto/keysetup.c > +++ b/fs/crypto/keysetup.c > @@ -702,6 +702,9 @@ int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported) > /** > * fscrypt_prepare_new_inode() - prepare to create a new inode in a directory > * @dir: a possibly-encrypted directory > * @inode: the new inode. ->i_mode must be set already. > * ->i_ino doesn't need to be set yet. Maybe just change the above to "->i_mode and ->i_blkbits", instead of adding a separate paragraph? > * @encrypt_ret: (output) set to %true if the new inode will be encrypted > * > * If the directory is encrypted, set up its ->i_crypt_info in preparation for > * encrypting the name of the new file. Also, if the new inode will be > * encrypted, set up its ->i_crypt_info and set *encrypt_ret=true. > * > * This isn't %GFP_NOFS-safe, and therefore it should be called before starting > * any filesystem transaction to create the inode. For this reason, ->i_ino > * isn't required to be set yet, as the filesystem may not have set it yet. > * > * This doesn't persist the new inode's encryption context. That still needs to > * be done later by calling fscrypt_set_context(). > * > + * Please note that the inode->i_blkbits should be already set before calling > + * this and later it will be used to setup the ci_data_unit_bits. > + * > * Return: 0 on success, -ENOKEY if the encryption key is missing, or another > * -errno code > */ > @@ -717,6 +720,9 @@ int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode, > if (IS_ERR(policy)) > return PTR_ERR(policy); > > + if (WARN_ON_ONCE(inode->i_blkbits == 0)) > + return -EINVAL; > + Thanks, - Eric
On 1/27/24 14:37, Eric Biggers wrote: > On Thu, Jan 25, 2024 at 12:48:25PM +0800, xiubli@redhat.com wrote: >> From: Xiubo Li <xiubli@redhat.com> >> >> The inode->i_blkbits should be already set before calling >> fscrypt_get_encryption_info() and it will be used this to setup the >> ci_data_unit_bits. >> >> Signed-off-by: Xiubo Li <xiubli@redhat.com> >> --- >> fs/crypto/keysetup.c | 6 ++++++ >> 1 file changed, 6 insertions(+) >> >> diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c >> index d71f7c799e79..909187e52bae 100644 >> --- a/fs/crypto/keysetup.c >> +++ b/fs/crypto/keysetup.c >> @@ -702,6 +702,9 @@ int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported) >> /** >> * fscrypt_prepare_new_inode() - prepare to create a new inode in a directory >> * @dir: a possibly-encrypted directory >> * @inode: the new inode. ->i_mode must be set already. >> * ->i_ino doesn't need to be set yet. > Maybe just change the above to "->i_mode and ->i_blkbits", instead of adding a > separate paragraph? Just back from PTO. Yeah, this sounds much better. I will fix it. Thanks - Xiubo >> * @encrypt_ret: (output) set to %true if the new inode will be encrypted >> * >> * If the directory is encrypted, set up its ->i_crypt_info in preparation for >> * encrypting the name of the new file. Also, if the new inode will be >> * encrypted, set up its ->i_crypt_info and set *encrypt_ret=true. >> * >> * This isn't %GFP_NOFS-safe, and therefore it should be called before starting >> * any filesystem transaction to create the inode. For this reason, ->i_ino >> * isn't required to be set yet, as the filesystem may not have set it yet. >> * >> * This doesn't persist the new inode's encryption context. That still needs to >> * be done later by calling fscrypt_set_context(). >> * >> + * Please note that the inode->i_blkbits should be already set before calling >> + * this and later it will be used to setup the ci_data_unit_bits. >> + * >> * Return: 0 on success, -ENOKEY if the encryption key is missing, or another >> * -errno code >> */ >> @@ -717,6 +720,9 @@ int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode, >> if (IS_ERR(policy)) >> return PTR_ERR(policy); >> >> + if (WARN_ON_ONCE(inode->i_blkbits == 0)) >> + return -EINVAL; >> + > Thanks, > > - Eric >
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c index d71f7c799e79..909187e52bae 100644 --- a/fs/crypto/keysetup.c +++ b/fs/crypto/keysetup.c @@ -702,6 +702,9 @@ int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported) * This doesn't persist the new inode's encryption context. That still needs to * be done later by calling fscrypt_set_context(). * + * Please note that the inode->i_blkbits should be already set before calling + * this and later it will be used to setup the ci_data_unit_bits. + * * Return: 0 on success, -ENOKEY if the encryption key is missing, or another * -errno code */ @@ -717,6 +720,9 @@ int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode, if (IS_ERR(policy)) return PTR_ERR(policy); + if (WARN_ON_ONCE(inode->i_blkbits == 0)) + return -EINVAL; + if (WARN_ON_ONCE(inode->i_mode == 0)) return -EINVAL;