From patchwork Sun May 15 06:37:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Ritesh Harjani (IBM)" X-Patchwork-Id: 12849989 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8193C433FE for ; Sun, 15 May 2022 06:38:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235781AbiEOGiE (ORCPT ); Sun, 15 May 2022 02:38:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49974 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235796AbiEOGiB (ORCPT ); Sun, 15 May 2022 02:38:01 -0400 Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 92BDA18E37; Sat, 14 May 2022 23:38:00 -0700 (PDT) Received: by mail-pg1-x531.google.com with SMTP id h24so5969783pgh.12; Sat, 14 May 2022 23:38:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Ct6F/dfWJeudSBuTPTnxPoMb/5nXxCK1YzRP7KmUU6k=; b=Xtf2tMNyKm0JaKFzDoYnpGoNFDTEp5GGYTTtOjmu5htNAUXLV2rVZU8ytA3Hm3JqDO 7SQPjqlk+53Y6tzeAAtXbD/M7lp3TBBG2vGj/vtn66zAxj4NUDSE2Ad2gdKqjxNfJ0iN L+pXY19EHH4vosTWidsOWsnVyI+YB/AgNkGaPTolBBA/yiP+n1Vnx2BiJU5zQE7iZHeK IVTnPeAILEHjWD0xaV/r5nTotUasoRO6G+1kKPyRnhazfCeZ0nSRm8SYhQExBfiH7NIq KHKCEpmON1EqZlmTb/eJXzsPWmC3QVmVWx1rat5D0uefRtjnSx27N58tY0m4jFGNl6u7 UxFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Ct6F/dfWJeudSBuTPTnxPoMb/5nXxCK1YzRP7KmUU6k=; b=peXL50O6WFUW7alZdAH1BKdEniFMms556ocdBtWcBlh25Yy78WjEQlvfYGYAnXik9F GGc0po3UQIEXYGRbIGchBcrLsL3UngWPQkhDHn/D5Dz29B6fgu2JAABMGGyEkpEX3XKu xWZF8T//v47sWJV9IQTvJaVzah2g/SBICX6md5Kyb8/VHFKww2qtY10IB43sRz4BEFo3 NBpmIqJjgmX/qSxqrbqKTakqUTMBRuoz6wTQAMnxR7J3VcHwvjxD9kFDxbBVdee2W1SZ ik2W9c9MUYfwhYvIIuBRLCP+uZjv+KKyaYJLYy5EbjxGZ2owCjNMHbXRPDewf7SJuC8/ 4K/A== X-Gm-Message-State: AOAM530qaMeuZ1Ah64qWM6XM5KQvyVjIIvC/6JYsa3VXz+xccMD+chZ/ Kjhd9O5KMhtit2Xv3aLDkU0Uc1Nuzi8= X-Google-Smtp-Source: ABdhPJzJDI5uTwmhNk4u5sovhhva4gw4i89GDUo17+JzParOcvC3v0a6wztQRtNA6/arF+/ANIMn9A== X-Received: by 2002:aa7:88d1:0:b0:510:3ee2:3f25 with SMTP id k17-20020aa788d1000000b005103ee23f25mr12037356pff.41.1652596680019; Sat, 14 May 2022 23:38:00 -0700 (PDT) Received: from localhost ([2406:7400:63:532d:c4bb:97f7:b03d:2c53]) by smtp.gmail.com with ESMTPSA id q17-20020a656851000000b003e4580cf645sm2632579pgt.17.2022.05.14.23.37.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 May 2022 23:37:59 -0700 (PDT) From: Ritesh Harjani To: linux-ext4@vger.kernel.org Cc: linux-fscrypt@vger.kernel.org, Theodore Ts'o , Eric Biggers , Jan Kara , Ritesh Harjani , Eric Biggers Subject: [PATCHv3 1/3] ext4: Move ext4 crypto code to its own file crypto.c Date: Sun, 15 May 2022 12:07:46 +0530 Message-Id: <7d637e093cbc34d727397e8d41a53a1b9ca7d7a4.1652595565.git.ritesh.list@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org This is to cleanup super.c file which has grown quite large. So, start moving ext4 crypto related code to where it should be in the first place i.e. fs/ext4/crypto.c Reviewed-by: Eric Biggers Signed-off-by: Ritesh Harjani --- fs/ext4/Makefile | 1 + fs/ext4/crypto.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++ fs/ext4/ext4.h | 3 ++ fs/ext4/super.c | 122 --------------------------------------------- 4 files changed, 131 insertions(+), 122 deletions(-) create mode 100644 fs/ext4/crypto.c diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile index 7d89142e1421..72206a292676 100644 --- a/fs/ext4/Makefile +++ b/fs/ext4/Makefile @@ -17,3 +17,4 @@ ext4-$(CONFIG_EXT4_FS_SECURITY) += xattr_security.o ext4-inode-test-objs += inode-test.o obj-$(CONFIG_EXT4_KUNIT_TESTS) += ext4-inode-test.o ext4-$(CONFIG_FS_VERITY) += verity.o +ext4-$(CONFIG_FS_ENCRYPTION) += crypto.o diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c new file mode 100644 index 000000000000..e5413c0970ee --- /dev/null +++ b/fs/ext4/crypto.c @@ -0,0 +1,127 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include + +#include "ext4.h" +#include "xattr.h" +#include "ext4_jbd2.h" + +static int ext4_get_context(struct inode *inode, void *ctx, size_t len) +{ + return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION, + EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len); +} + +static int ext4_set_context(struct inode *inode, const void *ctx, size_t len, + void *fs_data) +{ + handle_t *handle = fs_data; + int res, res2, credits, retries = 0; + + /* + * Encrypting the root directory is not allowed because e2fsck expects + * lost+found to exist and be unencrypted, and encrypting the root + * directory would imply encrypting the lost+found directory as well as + * the filename "lost+found" itself. + */ + if (inode->i_ino == EXT4_ROOT_INO) + return -EPERM; + + if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode))) + return -EINVAL; + + if (ext4_test_inode_flag(inode, EXT4_INODE_DAX)) + return -EOPNOTSUPP; + + res = ext4_convert_inline_data(inode); + if (res) + return res; + + /* + * If a journal handle was specified, then the encryption context is + * being set on a new inode via inheritance and is part of a larger + * transaction to create the inode. Otherwise the encryption context is + * being set on an existing inode in its own transaction. Only in the + * latter case should the "retry on ENOSPC" logic be used. + */ + + if (handle) { + res = ext4_xattr_set_handle(handle, inode, + EXT4_XATTR_INDEX_ENCRYPTION, + EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, + ctx, len, 0); + if (!res) { + ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); + ext4_clear_inode_state(inode, + EXT4_STATE_MAY_INLINE_DATA); + /* + * Update inode->i_flags - S_ENCRYPTED will be enabled, + * S_DAX may be disabled + */ + ext4_set_inode_flags(inode, false); + } + return res; + } + + res = dquot_initialize(inode); + if (res) + return res; +retry: + res = ext4_xattr_set_credits(inode, len, false /* is_create */, + &credits); + if (res) + return res; + + handle = ext4_journal_start(inode, EXT4_HT_MISC, credits); + if (IS_ERR(handle)) + return PTR_ERR(handle); + + res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION, + EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, + ctx, len, 0); + if (!res) { + ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); + /* + * Update inode->i_flags - S_ENCRYPTED will be enabled, + * S_DAX may be disabled + */ + ext4_set_inode_flags(inode, false); + res = ext4_mark_inode_dirty(handle, inode); + if (res) + EXT4_ERROR_INODE(inode, "Failed to mark inode dirty"); + } + res2 = ext4_journal_stop(handle); + + if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) + goto retry; + if (!res) + res = res2; + return res; +} + +static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb) +{ + return EXT4_SB(sb)->s_dummy_enc_policy.policy; +} + +static bool ext4_has_stable_inodes(struct super_block *sb) +{ + return ext4_has_feature_stable_inodes(sb); +} + +static void ext4_get_ino_and_lblk_bits(struct super_block *sb, + int *ino_bits_ret, int *lblk_bits_ret) +{ + *ino_bits_ret = 8 * sizeof(EXT4_SB(sb)->s_es->s_inodes_count); + *lblk_bits_ret = 8 * sizeof(ext4_lblk_t); +} + +const struct fscrypt_operations ext4_cryptops = { + .key_prefix = "ext4:", + .get_context = ext4_get_context, + .set_context = ext4_set_context, + .get_dummy_policy = ext4_get_dummy_policy, + .empty_dir = ext4_empty_dir, + .has_stable_inodes = ext4_has_stable_inodes, + .get_ino_and_lblk_bits = ext4_get_ino_and_lblk_bits, +}; diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index a743b1e3b89e..95d87641ad87 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -2731,7 +2731,10 @@ extern int ext4_fname_setup_ci_filename(struct inode *dir, struct ext4_filename *fname); #endif +/* ext4 encryption related stuff goes here crypto.c */ #ifdef CONFIG_FS_ENCRYPTION +extern const struct fscrypt_operations ext4_cryptops; + static inline void ext4_fname_from_fscrypt_name(struct ext4_filename *dst, const struct fscrypt_name *src) { diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 1847b46af808..e6cfd338712c 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -1492,128 +1492,6 @@ static int ext4_nfs_commit_metadata(struct inode *inode) return ext4_write_inode(inode, &wbc); } -#ifdef CONFIG_FS_ENCRYPTION -static int ext4_get_context(struct inode *inode, void *ctx, size_t len) -{ - return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION, - EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len); -} - -static int ext4_set_context(struct inode *inode, const void *ctx, size_t len, - void *fs_data) -{ - handle_t *handle = fs_data; - int res, res2, credits, retries = 0; - - /* - * Encrypting the root directory is not allowed because e2fsck expects - * lost+found to exist and be unencrypted, and encrypting the root - * directory would imply encrypting the lost+found directory as well as - * the filename "lost+found" itself. - */ - if (inode->i_ino == EXT4_ROOT_INO) - return -EPERM; - - if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode))) - return -EINVAL; - - if (ext4_test_inode_flag(inode, EXT4_INODE_DAX)) - return -EOPNOTSUPP; - - res = ext4_convert_inline_data(inode); - if (res) - return res; - - /* - * If a journal handle was specified, then the encryption context is - * being set on a new inode via inheritance and is part of a larger - * transaction to create the inode. Otherwise the encryption context is - * being set on an existing inode in its own transaction. Only in the - * latter case should the "retry on ENOSPC" logic be used. - */ - - if (handle) { - res = ext4_xattr_set_handle(handle, inode, - EXT4_XATTR_INDEX_ENCRYPTION, - EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, - ctx, len, 0); - if (!res) { - ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); - ext4_clear_inode_state(inode, - EXT4_STATE_MAY_INLINE_DATA); - /* - * Update inode->i_flags - S_ENCRYPTED will be enabled, - * S_DAX may be disabled - */ - ext4_set_inode_flags(inode, false); - } - return res; - } - - res = dquot_initialize(inode); - if (res) - return res; -retry: - res = ext4_xattr_set_credits(inode, len, false /* is_create */, - &credits); - if (res) - return res; - - handle = ext4_journal_start(inode, EXT4_HT_MISC, credits); - if (IS_ERR(handle)) - return PTR_ERR(handle); - - res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION, - EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, - ctx, len, 0); - if (!res) { - ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); - /* - * Update inode->i_flags - S_ENCRYPTED will be enabled, - * S_DAX may be disabled - */ - ext4_set_inode_flags(inode, false); - res = ext4_mark_inode_dirty(handle, inode); - if (res) - EXT4_ERROR_INODE(inode, "Failed to mark inode dirty"); - } - res2 = ext4_journal_stop(handle); - - if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) - goto retry; - if (!res) - res = res2; - return res; -} - -static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb) -{ - return EXT4_SB(sb)->s_dummy_enc_policy.policy; -} - -static bool ext4_has_stable_inodes(struct super_block *sb) -{ - return ext4_has_feature_stable_inodes(sb); -} - -static void ext4_get_ino_and_lblk_bits(struct super_block *sb, - int *ino_bits_ret, int *lblk_bits_ret) -{ - *ino_bits_ret = 8 * sizeof(EXT4_SB(sb)->s_es->s_inodes_count); - *lblk_bits_ret = 8 * sizeof(ext4_lblk_t); -} - -static const struct fscrypt_operations ext4_cryptops = { - .key_prefix = "ext4:", - .get_context = ext4_get_context, - .set_context = ext4_set_context, - .get_dummy_policy = ext4_get_dummy_policy, - .empty_dir = ext4_empty_dir, - .has_stable_inodes = ext4_has_stable_inodes, - .get_ino_and_lblk_bits = ext4_get_ino_and_lblk_bits, -}; -#endif - #ifdef CONFIG_QUOTA static const char * const quotatypes[] = INITQFNAMES; #define QTYPE2NAME(t) (quotatypes[t]) From patchwork Sun May 15 06:37:47 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Ritesh Harjani (IBM)" X-Patchwork-Id: 12849990 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 43D2BC433FE for ; Sun, 15 May 2022 06:38:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235812AbiEOGiM (ORCPT ); Sun, 15 May 2022 02:38:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50086 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235796AbiEOGiG (ORCPT ); Sun, 15 May 2022 02:38:06 -0400 Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AAED18E32; Sat, 14 May 2022 23:38:05 -0700 (PDT) Received: by mail-pj1-x102c.google.com with SMTP id gg20so1520495pjb.1; Sat, 14 May 2022 23:38:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=q6y+0lX759c+2WJjjX/nFBkDj4oS0A4V3jBwi0l0tSI=; b=N82Y3juMSkceUBHwtluXMWplKjj5Yl9CFAnUZHHK8YYwFrGzwjcUAo7FfK573klkHn YGnPOV0lGIIAOUSTztjVMnYnSyPUZ/AsR5G9CEgxsJw09qwsPHPafkKJZMklyrbW0hL1 /epCG8vVtw8uWaD/Gs98V2TUIKfUbpro28LyN1vorKdfovyvtRZKMUnT2EWoMUaPAc1p 92Cv6e+wPAvD96UCkJsviXs3D1oYZLDAI6PWAvdEllDjtSsfu5jjIzdCcPHuFcKSPdOV jLFNYiwxDjl5Wq7ETzVpxQYgMgk+EZGm+7a4sT05iDohjracr3VnnD/n43Hfp/pRWmJl 6FFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=q6y+0lX759c+2WJjjX/nFBkDj4oS0A4V3jBwi0l0tSI=; b=BQo2hgaTkty/9tLf+jr74R8xFNwpIFNxkvgbbxafOluOHQCxKaa0cNMSCm/H+ODopK f8UeNXKE3by+7aHf2TWiSqDfvoteeFN8EOa8A141Bf0B05WtQh3l9vxt1rrwdzUdcp5b fqe+ZE+5wI54dZ2VCTMf+Pg6rqI4cE+d2Kit3slN/8QncXnTaRdE6Pmu7u80ufmc5VLc eWYFrYFAqzBdlwq+1Ga2ZSCQU/1WNx0Ua1Q1zM4X8rwSiH1hSRblVlZ2yeaWISNXwgdt rtAFOMUIjCT5cq5vbbiK6/3K0Dg4LAnGmINm34dEdRvxdXb8d2nGt/DndZxWTomMRZFV XylQ== X-Gm-Message-State: AOAM530bTZboA0JFGWwmnaQzovGHyMYlovd7EY2iiPn0eTGUOVO0pYRs 3PPg4HLrrbkrThot0Axrt5sA2h0T4j4= X-Google-Smtp-Source: ABdhPJxjecJGMuY/H3MnDdEN89qRiR7j45XHY6o3OHgC+CuKa4a//fPQFqYg7C6eHLkiJyhGsmatxw== X-Received: by 2002:a17:90a:d3d2:b0:1dd:30bb:6a45 with SMTP id d18-20020a17090ad3d200b001dd30bb6a45mr24894782pjw.206.1652596684912; Sat, 14 May 2022 23:38:04 -0700 (PDT) Received: from localhost ([2406:7400:63:532d:c4bb:97f7:b03d:2c53]) by smtp.gmail.com with ESMTPSA id h31-20020a63f91f000000b003c14af50621sm4390092pgi.57.2022.05.14.23.38.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 May 2022 23:38:04 -0700 (PDT) From: Ritesh Harjani To: linux-ext4@vger.kernel.org Cc: linux-fscrypt@vger.kernel.org, Theodore Ts'o , Eric Biggers , Jan Kara , Ritesh Harjani , Eric Biggers Subject: [PATCHv3 2/3] ext4: Cleanup function defs from ext4.h into crypto.c Date: Sun, 15 May 2022 12:07:47 +0530 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org Some of these functions when CONFIG_FS_ENCRYPTION is enabled are not really inline (let compiler be the best judge of it). Remove inline and move them into crypto.c where they should be present. Reviewed-by: Eric Biggers Signed-off-by: Ritesh Harjani --- fs/ext4/crypto.c | 65 +++++++++++++++++++++++++++++++++++++++++++++ fs/ext4/ext4.h | 69 ++++-------------------------------------------- 2 files changed, 70 insertions(+), 64 deletions(-) diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c index e5413c0970ee..f8333927f0f6 100644 --- a/fs/ext4/crypto.c +++ b/fs/ext4/crypto.c @@ -6,6 +6,71 @@ #include "xattr.h" #include "ext4_jbd2.h" +static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst, + const struct fscrypt_name *src) +{ + memset(dst, 0, sizeof(*dst)); + + dst->usr_fname = src->usr_fname; + dst->disk_name = src->disk_name; + dst->hinfo.hash = src->hash; + dst->hinfo.minor_hash = src->minor_hash; + dst->crypto_buf = src->crypto_buf; +} + +int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname, + int lookup, struct ext4_filename *fname) +{ + struct fscrypt_name name; + int err; + + err = fscrypt_setup_filename(dir, iname, lookup, &name); + if (err) + return err; + + ext4_fname_from_fscrypt_name(fname, &name); + +#if IS_ENABLED(CONFIG_UNICODE) + err = ext4_fname_setup_ci_filename(dir, iname, fname); +#endif + return err; +} + +int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry, + struct ext4_filename *fname) +{ + struct fscrypt_name name; + int err; + + err = fscrypt_prepare_lookup(dir, dentry, &name); + if (err) + return err; + + ext4_fname_from_fscrypt_name(fname, &name); + +#if IS_ENABLED(CONFIG_UNICODE) + err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname); +#endif + return err; +} + +void ext4_fname_free_filename(struct ext4_filename *fname) +{ + struct fscrypt_name name; + + name.crypto_buf = fname->crypto_buf; + fscrypt_free_filename(&name); + + fname->crypto_buf.name = NULL; + fname->usr_fname = NULL; + fname->disk_name.name = NULL; + +#if IS_ENABLED(CONFIG_UNICODE) + kfree(fname->cf_name.name); + fname->cf_name.name = NULL; +#endif +} + static int ext4_get_context(struct inode *inode, void *ctx, size_t len) { return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION, diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 95d87641ad87..3c474c9623af 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -2735,73 +2735,14 @@ extern int ext4_fname_setup_ci_filename(struct inode *dir, #ifdef CONFIG_FS_ENCRYPTION extern const struct fscrypt_operations ext4_cryptops; -static inline void ext4_fname_from_fscrypt_name(struct ext4_filename *dst, - const struct fscrypt_name *src) -{ - memset(dst, 0, sizeof(*dst)); - - dst->usr_fname = src->usr_fname; - dst->disk_name = src->disk_name; - dst->hinfo.hash = src->hash; - dst->hinfo.minor_hash = src->minor_hash; - dst->crypto_buf = src->crypto_buf; -} - -static inline int ext4_fname_setup_filename(struct inode *dir, - const struct qstr *iname, - int lookup, - struct ext4_filename *fname) -{ - struct fscrypt_name name; - int err; +int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname, + int lookup, struct ext4_filename *fname); - err = fscrypt_setup_filename(dir, iname, lookup, &name); - if (err) - return err; +int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry, + struct ext4_filename *fname); - ext4_fname_from_fscrypt_name(fname, &name); +void ext4_fname_free_filename(struct ext4_filename *fname); -#if IS_ENABLED(CONFIG_UNICODE) - err = ext4_fname_setup_ci_filename(dir, iname, fname); -#endif - return err; -} - -static inline int ext4_fname_prepare_lookup(struct inode *dir, - struct dentry *dentry, - struct ext4_filename *fname) -{ - struct fscrypt_name name; - int err; - - err = fscrypt_prepare_lookup(dir, dentry, &name); - if (err) - return err; - - ext4_fname_from_fscrypt_name(fname, &name); - -#if IS_ENABLED(CONFIG_UNICODE) - err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname); -#endif - return err; -} - -static inline void ext4_fname_free_filename(struct ext4_filename *fname) -{ - struct fscrypt_name name; - - name.crypto_buf = fname->crypto_buf; - fscrypt_free_filename(&name); - - fname->crypto_buf.name = NULL; - fname->usr_fname = NULL; - fname->disk_name.name = NULL; - -#if IS_ENABLED(CONFIG_UNICODE) - kfree(fname->cf_name.name); - fname->cf_name.name = NULL; -#endif -} #else /* !CONFIG_FS_ENCRYPTION */ static inline int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname, From patchwork Sun May 15 06:37:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Ritesh Harjani (IBM)" X-Patchwork-Id: 12849991 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E331DC433F5 for ; Sun, 15 May 2022 06:38:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235823AbiEOGiM (ORCPT ); Sun, 15 May 2022 02:38:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50208 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235807AbiEOGiL (ORCPT ); Sun, 15 May 2022 02:38:11 -0400 Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 30AA218E37; Sat, 14 May 2022 23:38:10 -0700 (PDT) Received: by mail-pj1-x1035.google.com with SMTP id pt3-20020a17090b3d0300b001df448c8d79so330123pjb.5; Sat, 14 May 2022 23:38:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=LwYuF5xIH53xMVZydLNJzfYcgCPRV/iJZtHYFDn0/eE=; b=S4KvdvVHGltI+dF9SV3qEFGN39uTF/Qcvxbrr0ZO2KExIYLts3iuPKbdO2XBrRoIlG O45g+hMi6RM4ffvn9HKYWlGgK6bd8D2ouhDu0Zoz8rUt3bdv6oZINyNEjqrpN34q4wqP 9qcDWEK1T5y3QnTl66WFNONw6+m9kw0PgyrB4JVtwt18PVi+qXKcXAXrqAeqL1Zhw1kR FP1xTuoNwYtbjBW6q1XjzUqR4fsYi+fjIRPDAaFKhCtpHiyFaUyriHzFD31G/Pha8Ubb FmE1L3XhYBAXhGT8Uk+xPXAlPDzbdRJePxhWful7YDDq/6FWOK70sAb8nVWqcfnRhk10 LWDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=LwYuF5xIH53xMVZydLNJzfYcgCPRV/iJZtHYFDn0/eE=; b=3MRdOYIRA17CLOmLbH3+FU1e505P9GLrBi8Sm577by1RxWMfTYo/EuAo/Al1AnmUcj wOIW4i3gFuT+X4NJKrdwUMVit9PHSgXJ/dyl0FtywdSJc/23nJig92wboRFXrzVrCKQa wl1xGqo+Yoxim/Np6klXHNayNNVOOtV4QZBtSidqBPh4DDpoYdP6VdNPWCQjv4LqNCBj 3Pg3AfkvW7dVSu+IzPzQVSpLTqkIXSGzDGBf2SGMsIZf/afi65ei3CiR6fs8XmV7kyu+ AWZDbnckxMV/s99rR3YNR6jHZdzHe5lFGGkdsxGhv5HoR4RXM2rQ0075TXcQHRr7UpEX Bm7g== X-Gm-Message-State: AOAM530SiC0fzfiPxfA9/7ExkiUwV1EHgAQoj4dY82SnYVivyAVMGKI/ lGxdsXzRjjuQ2Ny8bMVDJlgbc8ovhyI= X-Google-Smtp-Source: ABdhPJzMMGuOgG1LyAvsj2OXWLJWekiaS1E0cCV6o+DN9n+gbkcC80DSQEflAC3cK+Odl4cqmA5JgA== X-Received: by 2002:a17:902:ed82:b0:158:fef8:b501 with SMTP id e2-20020a170902ed8200b00158fef8b501mr11830702plj.47.1652596689735; Sat, 14 May 2022 23:38:09 -0700 (PDT) Received: from localhost ([2406:7400:63:532d:c4bb:97f7:b03d:2c53]) by smtp.gmail.com with ESMTPSA id n10-20020aa7984a000000b0050dc76281d1sm4636246pfq.171.2022.05.14.23.38.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 May 2022 23:38:09 -0700 (PDT) From: Ritesh Harjani To: linux-ext4@vger.kernel.org Cc: linux-fscrypt@vger.kernel.org, Theodore Ts'o , Eric Biggers , Jan Kara , Ritesh Harjani , Eric Biggers Subject: [PATCHv3 3/3] ext4: Refactor and move ext4_ioctl_get_encryption_pwsalt() Date: Sun, 15 May 2022 12:07:48 +0530 Message-Id: <5af98b17152a96b245b4f7d2dfb8607fc93e36aa.1652595565.git.ritesh.list@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-fscrypt@vger.kernel.org This patch move code for FS_IOC_GET_ENCRYPTION_PWSALT case into ext4's crypto.c file, i.e. ext4_ioctl_get_encryption_pwsalt() and uuid_is_zero(). This is mostly refactoring logic and should not affect any functionality change. Suggested-by: Eric Biggers Reviewed-by: Eric Biggers Signed-off-by: Ritesh Harjani --- fs/ext4/crypto.c | 54 ++++++++++++++++++++++++++++++++++++++++++++ fs/ext4/ext4.h | 8 +++++++ fs/ext4/ioctl.c | 59 ++---------------------------------------------- 3 files changed, 64 insertions(+), 57 deletions(-) -- 2.31.1 diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c index f8333927f0f6..e20ac0654b3f 100644 --- a/fs/ext4/crypto.c +++ b/fs/ext4/crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 #include +#include #include "ext4.h" #include "xattr.h" @@ -71,6 +72,59 @@ void ext4_fname_free_filename(struct ext4_filename *fname) #endif } +static bool uuid_is_zero(__u8 u[16]) +{ + int i; + + for (i = 0; i < 16; i++) + if (u[i]) + return false; + return true; +} + +int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg) +{ + struct super_block *sb = file_inode(filp)->i_sb; + struct ext4_sb_info *sbi = EXT4_SB(sb); + int err, err2; + handle_t *handle; + + if (!ext4_has_feature_encrypt(sb)) + return -EOPNOTSUPP; + + if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) { + err = mnt_want_write_file(filp); + if (err) + return err; + handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); + if (IS_ERR(handle)) { + err = PTR_ERR(handle); + goto pwsalt_err_exit; + } + err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh, + EXT4_JTR_NONE); + if (err) + goto pwsalt_err_journal; + lock_buffer(sbi->s_sbh); + generate_random_uuid(sbi->s_es->s_encrypt_pw_salt); + ext4_superblock_csum_set(sb); + unlock_buffer(sbi->s_sbh); + err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh); +pwsalt_err_journal: + err2 = ext4_journal_stop(handle); + if (err2 && !err) + err = err2; +pwsalt_err_exit: + mnt_drop_write_file(filp); + if (err) + return err; + } + + if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16)) + return -EFAULT; + return 0; +} + static int ext4_get_context(struct inode *inode, void *ctx, size_t len) { return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION, diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 3c474c9623af..ec859b42dafd 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -2743,6 +2743,8 @@ int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry, void ext4_fname_free_filename(struct ext4_filename *fname); +int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg); + #else /* !CONFIG_FS_ENCRYPTION */ static inline int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname, @@ -2775,6 +2777,12 @@ static inline void ext4_fname_free_filename(struct ext4_filename *fname) fname->cf_name.name = NULL; #endif } + +static inline int ext4_ioctl_get_encryption_pwsalt(struct file *filp, + void __user *arg) +{ + return -EOPNOTSUPP; +} #endif /* !CONFIG_FS_ENCRYPTION */ /* dir.c */ diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index ba44fa1be70a..d8639aaed3f6 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -16,7 +16,6 @@ #include #include #include -#include #include #include #include @@ -504,18 +503,6 @@ static long swap_inode_boot_loader(struct super_block *sb, return err; } -#ifdef CONFIG_FS_ENCRYPTION -static int uuid_is_zero(__u8 u[16]) -{ - int i; - - for (i = 0; i < 16; i++) - if (u[i]) - return 0; - return 1; -} -#endif - /* * If immutable is set and we are not clearing it, we're not allowed to change * anything else in the inode. Don't error out if we're only trying to set @@ -1432,51 +1419,9 @@ static long __ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) return -EOPNOTSUPP; return fscrypt_ioctl_set_policy(filp, (const void __user *)arg); - case FS_IOC_GET_ENCRYPTION_PWSALT: { -#ifdef CONFIG_FS_ENCRYPTION - int err, err2; - struct ext4_sb_info *sbi = EXT4_SB(sb); - handle_t *handle; + case FS_IOC_GET_ENCRYPTION_PWSALT: + return ext4_ioctl_get_encryption_pwsalt(filp, (void __user *)arg); - if (!ext4_has_feature_encrypt(sb)) - return -EOPNOTSUPP; - if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) { - err = mnt_want_write_file(filp); - if (err) - return err; - handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); - if (IS_ERR(handle)) { - err = PTR_ERR(handle); - goto pwsalt_err_exit; - } - err = ext4_journal_get_write_access(handle, sb, - sbi->s_sbh, - EXT4_JTR_NONE); - if (err) - goto pwsalt_err_journal; - lock_buffer(sbi->s_sbh); - generate_random_uuid(sbi->s_es->s_encrypt_pw_salt); - ext4_superblock_csum_set(sb); - unlock_buffer(sbi->s_sbh); - err = ext4_handle_dirty_metadata(handle, NULL, - sbi->s_sbh); - pwsalt_err_journal: - err2 = ext4_journal_stop(handle); - if (err2 && !err) - err = err2; - pwsalt_err_exit: - mnt_drop_write_file(filp); - if (err) - return err; - } - if (copy_to_user((void __user *) arg, - sbi->s_es->s_encrypt_pw_salt, 16)) - return -EFAULT; - return 0; -#else - return -EOPNOTSUPP; -#endif - } case FS_IOC_GET_ENCRYPTION_POLICY: if (!ext4_has_feature_encrypt(sb)) return -EOPNOTSUPP;