From patchwork Wed Sep 20 22:45:49 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eric Biggers <ebiggers3@gmail.com>
X-Patchwork-Id: 9962849
Return-Path: <linux-fsdevel-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	155B760208 for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Wed, 20 Sep 2017 22:49:31 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 06ED328925
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Wed, 20 Sep 2017 22:49:31 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id EFEFA2924A; Wed, 20 Sep 2017 22:49:30 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.5 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI,
	RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7ACB928925
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Wed, 20 Sep 2017 22:49:30 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752239AbdITWt2 (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Wed, 20 Sep 2017 18:49:28 -0400
Received: from mail-pg0-f66.google.com ([74.125.83.66]:33728 "EHLO
	mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751930AbdITWrC (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Wed, 20 Sep 2017 18:47:02 -0400
Received: by mail-pg0-f66.google.com with SMTP id i130so2381394pgc.0;
	Wed, 20 Sep 2017 15:47:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=5C3TQyQ+3QBQNEZR0/tVKjPvU5CaNMNmDDtFsBid8wA=;
	b=faGvskiNBidGagoduCB1+QEWOKuGXaQ9OPBYeBmc/8YGmpX+bG16k9E6QN619pZ07l
	16iSe0bRWgrfONCrGIfXJvaK+LfC4lZzzbdgNH2lctat3ZnwXf92A3THZ5vVpc057Ozh
	xkqMdQm9v05eOwoRtO7PZREG1tbH3Nw3tYfEfCIblcSVo6Jjco1ktJYVR5mtQ6HGsKaz
	YXDE6DIAgKa9KM0uHiw6F8OII/tKYhCPu4ra16EodwpH7HbdbpIL8EAf9xTc9IIrdWUb
	3eubRS5uDYIxrT0Y367+jX7/XyimGJilYNkgs97VYejT9kHkV1XSkvWeDpM3LgA4U1UD
	jr/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=5C3TQyQ+3QBQNEZR0/tVKjPvU5CaNMNmDDtFsBid8wA=;
	b=IdaLpkoObLA15ykDVMW/DKuW1clftyDz75IUDvKB3ruEJOxqlLq6FTRK46rSIctw3q
	Qz12nTm6lKbzE5o8vbnCiWh+OkZK+xbqPepp0YrSq4hHBe694GZeQbcG2rvZVdcne3V6
	n5z3ALxhkS2w6bgcbODwk9PZ05tWSXdjwCb/w7am4mb0bIEaB9bUluZp4Whym51htphZ
	rhGKQE97wV7SoaTlkhs8hz4vL/eiAVn3kDIkwmuRfedZPyrTUi8rr8gJW/QzYtmMjF97
	idm7bBji6sRklYYukj74p5XPQ8nM/IkWUz2MxahGINMCPvtf0tHh7effKEhSf5vq8n30
	agcg==
X-Gm-Message-State: AHPjjUgOO3xhTID2R/SvPTS6lnTeK2rC0d9aTunGGP1qY3beYgWmlmt4
	QTMDFHVkYBCJnlDR1diKcnwaQlrGeTk=
X-Google-Smtp-Source: 
 AOwi7QDHsUQw62RhFIHlUuu9xsYjJMkap/OruMuQMOSA65UmJjeiQ3SPam+ez8Ci+uKnCc5mfLrDOA==
X-Received: by 10.159.246.2 with SMTP id b2mr3523853pls.85.1505947621357;
	Wed, 20 Sep 2017 15:47:01 -0700 (PDT)
Received: from ebiggers-linuxstation.kir.corp.google.com ([100.66.174.81])
	by smtp.gmail.com with ESMTPSA id j2sm6249pgn.26.2017.09.20.15.47.00
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Wed, 20 Sep 2017 15:47:00 -0700 (PDT)
From: Eric Biggers <ebiggers3@gmail.com>
To: linux-fscrypt@vger.kernel.org
Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-mtd@lists.infradead.org, "Theodore Y . Ts'o" <tytso@mit.edu>,
	Jaegeuk Kim <jaegeuk@kernel.org>, Michael Halcrow <mhalcrow@google.com>,
	Eric Biggers <ebiggers@google.com>
Subject: [PATCH 09/25] fscrypt: new helper function -
	fscrypt_prepare_lookup()
Date: Wed, 20 Sep 2017 15:45:49 -0700
Message-Id: <20170920224605.22030-10-ebiggers3@gmail.com>
X-Mailer: git-send-email 2.14.1.821.g8fa685d3b7-goog
In-Reply-To: <20170920224605.22030-1-ebiggers3@gmail.com>
References: <20170920224605.22030-1-ebiggers3@gmail.com>
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Eric Biggers <ebiggers@google.com>

Introduce a helper function which prepares to look up the given dentry
in the given directory.  If the directory is encrypted, it handles
loading the directory's encryption key, setting the dentry's ->d_op to
fscrypt_d_ops, and setting DCACHE_ENCRYPTED_WITH_KEY if the directory's
encryption key is available.

Note: once all filesystems switch over to this, we'll be able to move
fscrypt_d_ops and fscrypt_set_encrypted_dentry() to fscrypt_private.h.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 fs/crypto/hooks.c               | 18 ++++++++++++++++++
 include/linux/fscrypt_notsupp.h |  9 +++++++++
 include/linux/fscrypt_supp.h    | 30 ++++++++++++++++++++++++++++++
 3 files changed, 57 insertions(+)

diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index 822cb78f9b45..9f5fb2eb9cf7 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -92,3 +92,21 @@ int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
 	return 0;
 }
 EXPORT_SYMBOL_GPL(__fscrypt_prepare_rename);
+
+int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry)
+{
+	int err = fscrypt_get_encryption_info(dir);
+
+	if (err)
+		return err;
+
+	if (fscrypt_has_encryption_key(dir)) {
+		spin_lock(&dentry->d_lock);
+		dentry->d_flags |= DCACHE_ENCRYPTED_WITH_KEY;
+		spin_unlock(&dentry->d_lock);
+	}
+
+	d_set_d_op(dentry, &fscrypt_d_ops);
+	return 0;
+}
+EXPORT_SYMBOL_GPL(__fscrypt_prepare_lookup);
diff --git a/include/linux/fscrypt_notsupp.h b/include/linux/fscrypt_notsupp.h
index a88a2959cd8c..e9b437605f9c 100644
--- a/include/linux/fscrypt_notsupp.h
+++ b/include/linux/fscrypt_notsupp.h
@@ -209,4 +209,13 @@ static inline int fscrypt_prepare_rename(struct inode *old_dir,
 	return 0;
 }
 
+static inline int fscrypt_prepare_lookup(struct inode *dir,
+					 struct dentry *dentry,
+					 unsigned int flags)
+{
+	if (IS_ENCRYPTED(dir))
+		return -EOPNOTSUPP;
+	return 0;
+}
+
 #endif	/* _LINUX_FSCRYPT_NOTSUPP_H */
diff --git a/include/linux/fscrypt_supp.h b/include/linux/fscrypt_supp.h
index fa062d41b39a..2b99bc01c59b 100644
--- a/include/linux/fscrypt_supp.h
+++ b/include/linux/fscrypt_supp.h
@@ -240,4 +240,34 @@ static inline int fscrypt_prepare_rename(struct inode *old_dir,
 	return 0;
 }
 
+extern int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry);
+
+/**
+ * fscrypt_prepare_lookup - prepare to lookup a name in a possibly-encrypted directory
+ * @dir: directory being searched
+ * @dentry: filename being looked up
+ * @flags: lookup flags
+ *
+ * Prepare for ->lookup() in a directory which may be encrypted.  Lookups can be
+ * done with or without the directory's encryption key; without the key,
+ * filenames are presented in encrypted form.  Therefore, we'll try to set up
+ * the directory's encryption key, but even without it the lookup can continue.
+ *
+ * To allow invalidating stale dentries if the directory's encryption key is
+ * added later, we also install a custom ->d_revalidate() method and use the
+ * DCACHE_ENCRYPTED_WITH_KEY flag to indicate whether a given dentry is a
+ * plaintext name (flag set) or a ciphertext name (flag cleared).
+ *
+ * Return: 0 on success, -errno if a problem occurred while setting up the
+ * encryption key
+ */
+static inline int fscrypt_prepare_lookup(struct inode *dir,
+					 struct dentry *dentry,
+					 unsigned int flags)
+{
+	if (IS_ENCRYPTED(dir))
+		return __fscrypt_prepare_lookup(dir, dentry);
+	return 0;
+}
+
 #endif	/* _LINUX_FSCRYPT_SUPP_H */