diff mbox series

[7/9] fscrypt: move fscrypt_require_key() to fscrypt_private.h

Message ID 20201125002336.274045-8-ebiggers@kernel.org (mailing list archive)
State New
Headers show
Series Allow deleting files with unsupported encryption policy | expand

Commit Message

Eric Biggers Nov. 25, 2020, 12:23 a.m. UTC
From: Eric Biggers <ebiggers@google.com>

fscrypt_require_key() is now only used by files in fs/crypto/.  So
reduce its visibility to fscrypt_private.h.  This is also a prerequsite
for unexporting fscrypt_get_encryption_info().

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 fs/crypto/fscrypt_private.h | 26 ++++++++++++++++++++++++++
 include/linux/fscrypt.h     | 26 --------------------------
 2 files changed, 26 insertions(+), 26 deletions(-)

Comments

Andreas Dilger Dec. 2, 2020, 10:54 p.m. UTC | #1
> On Nov 24, 2020, at 5:23 PM, Eric Biggers <ebiggers@kernel.org> wrote:
> 
> From: Eric Biggers <ebiggers@google.com>
> 
> fscrypt_require_key() is now only used by files in fs/crypto/.  So
> reduce its visibility to fscrypt_private.h.  This is also a prerequsite
> for unexporting fscrypt_get_encryption_info().
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>

Reviewed-by: Andreas Dilger <adilger@dilger.ca>

> ---
> fs/crypto/fscrypt_private.h | 26 ++++++++++++++++++++++++++
> include/linux/fscrypt.h     | 26 --------------------------
> 2 files changed, 26 insertions(+), 26 deletions(-)
> 
> diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
> index a61d4dbf0a0b..16dd55080127 100644
> --- a/fs/crypto/fscrypt_private.h
> +++ b/fs/crypto/fscrypt_private.h
> @@ -571,6 +571,32 @@ int fscrypt_derive_dirhash_key(struct fscrypt_info *ci,
> void fscrypt_hash_inode_number(struct fscrypt_info *ci,
> 			       const struct fscrypt_master_key *mk);
> 
> +/**
> + * fscrypt_require_key() - require an inode's encryption key
> + * @inode: the inode we need the key for
> + *
> + * If the inode is encrypted, set up its encryption key if not already done.
> + * Then require that the key be present and return -ENOKEY otherwise.
> + *
> + * No locks are needed, and the key will live as long as the struct inode --- so
> + * it won't go away from under you.
> + *
> + * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
> + * if a problem occurred while setting up the encryption key.
> + */
> +static inline int fscrypt_require_key(struct inode *inode)
> +{
> +	if (IS_ENCRYPTED(inode)) {
> +		int err = fscrypt_get_encryption_info(inode);
> +
> +		if (err)
> +			return err;
> +		if (!fscrypt_has_encryption_key(inode))
> +			return -ENOKEY;
> +	}
> +	return 0;
> +}
> +
> /* keysetup_v1.c */
> 
> void fscrypt_put_direct_key(struct fscrypt_direct_key *dk);
> diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
> index b20900bb829f..a07610f27926 100644
> --- a/include/linux/fscrypt.h
> +++ b/include/linux/fscrypt.h
> @@ -688,32 +688,6 @@ static inline bool fscrypt_has_encryption_key(const struct inode *inode)
> 	return fscrypt_get_info(inode) != NULL;
> }
> 
> -/**
> - * fscrypt_require_key() - require an inode's encryption key
> - * @inode: the inode we need the key for
> - *
> - * If the inode is encrypted, set up its encryption key if not already done.
> - * Then require that the key be present and return -ENOKEY otherwise.
> - *
> - * No locks are needed, and the key will live as long as the struct inode --- so
> - * it won't go away from under you.
> - *
> - * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
> - * if a problem occurred while setting up the encryption key.
> - */
> -static inline int fscrypt_require_key(struct inode *inode)
> -{
> -	if (IS_ENCRYPTED(inode)) {
> -		int err = fscrypt_get_encryption_info(inode);
> -
> -		if (err)
> -			return err;
> -		if (!fscrypt_has_encryption_key(inode))
> -			return -ENOKEY;
> -	}
> -	return 0;
> -}
> -
> /**
>  * fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted
>  *			    directory
> --
> 2.29.2
> 


Cheers, Andreas
diff mbox series

Patch

diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index a61d4dbf0a0b..16dd55080127 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -571,6 +571,32 @@  int fscrypt_derive_dirhash_key(struct fscrypt_info *ci,
 void fscrypt_hash_inode_number(struct fscrypt_info *ci,
 			       const struct fscrypt_master_key *mk);
 
+/**
+ * fscrypt_require_key() - require an inode's encryption key
+ * @inode: the inode we need the key for
+ *
+ * If the inode is encrypted, set up its encryption key if not already done.
+ * Then require that the key be present and return -ENOKEY otherwise.
+ *
+ * No locks are needed, and the key will live as long as the struct inode --- so
+ * it won't go away from under you.
+ *
+ * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
+ * if a problem occurred while setting up the encryption key.
+ */
+static inline int fscrypt_require_key(struct inode *inode)
+{
+	if (IS_ENCRYPTED(inode)) {
+		int err = fscrypt_get_encryption_info(inode);
+
+		if (err)
+			return err;
+		if (!fscrypt_has_encryption_key(inode))
+			return -ENOKEY;
+	}
+	return 0;
+}
+
 /* keysetup_v1.c */
 
 void fscrypt_put_direct_key(struct fscrypt_direct_key *dk);
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index b20900bb829f..a07610f27926 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -688,32 +688,6 @@  static inline bool fscrypt_has_encryption_key(const struct inode *inode)
 	return fscrypt_get_info(inode) != NULL;
 }
 
-/**
- * fscrypt_require_key() - require an inode's encryption key
- * @inode: the inode we need the key for
- *
- * If the inode is encrypted, set up its encryption key if not already done.
- * Then require that the key be present and return -ENOKEY otherwise.
- *
- * No locks are needed, and the key will live as long as the struct inode --- so
- * it won't go away from under you.
- *
- * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
- * if a problem occurred while setting up the encryption key.
- */
-static inline int fscrypt_require_key(struct inode *inode)
-{
-	if (IS_ENCRYPTED(inode)) {
-		int err = fscrypt_get_encryption_info(inode);
-
-		if (err)
-			return err;
-		if (!fscrypt_has_encryption_key(inode))
-			return -ENOKEY;
-	}
-	return 0;
-}
-
 /**
  * fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted
  *			    directory