From: Jeff Layton <jlayton@kernel.org>
To: idryomov@gmail.com, xiubli@redhat.com
Cc: ceph-devel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org,
lhenriques@suse.de, Eric Biggers <ebiggers@google.com>
Subject: [PATCH v13 10/59] fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size
Date: Tue, 5 Apr 2022 15:19:41 -0400 [thread overview]
Message-ID: <20220405192030.178326-11-jlayton@kernel.org> (raw)
In-Reply-To: <20220405192030.178326-1-jlayton@kernel.org>
For ceph, we want to use our own scheme for handling filenames that are
are longer than NAME_MAX after encryption and Base64 encoding. This
allows us to have a consistent view of the encrypted filenames for
clients that don't support fscrypt and clients that do but that don't
have the key.
Currently, fs/crypto only supports encrypting filenames using
fscrypt_setup_filename, but that also handles encoding nokey names. Ceph
can't use that because it handles nokey names in a different way.
Export fscrypt_fname_encrypt. Rename fscrypt_fname_encrypted_size to
__fscrypt_fname_encrypted_size and add a new wrapper called
fscrypt_fname_encrypted_size that takes an inode argument rather than a
pointer to a fscrypt_policy union.
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
fs/crypto/fname.c | 36 ++++++++++++++++++++++++++++++------
fs/crypto/fscrypt_private.h | 9 +++------
fs/crypto/hooks.c | 6 +++---
include/linux/fscrypt.h | 4 ++++
4 files changed, 40 insertions(+), 15 deletions(-)
diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
index 1e4233c95005..77d38188a168 100644
--- a/fs/crypto/fname.c
+++ b/fs/crypto/fname.c
@@ -79,7 +79,8 @@ static inline bool fscrypt_is_dot_dotdot(const struct qstr *str)
/**
* fscrypt_fname_encrypt() - encrypt a filename
* @inode: inode of the parent directory (for regular filenames)
- * or of the symlink (for symlink targets)
+ * or of the symlink (for symlink targets). Key must already be
+ * set up.
* @iname: the filename to encrypt
* @out: (output) the encrypted filename
* @olen: size of the encrypted filename. It must be at least @iname->len.
@@ -130,6 +131,7 @@ int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *iname,
return 0;
}
+EXPORT_SYMBOL_GPL(fscrypt_fname_encrypt);
/**
* fname_decrypt() - decrypt a filename
@@ -257,9 +259,9 @@ int fscrypt_base64url_decode(const char *src, int srclen, u8 *dst)
}
EXPORT_SYMBOL_GPL(fscrypt_base64url_decode);
-bool fscrypt_fname_encrypted_size(const union fscrypt_policy *policy,
- u32 orig_len, u32 max_len,
- u32 *encrypted_len_ret)
+bool __fscrypt_fname_encrypted_size(const union fscrypt_policy *policy,
+ u32 orig_len, u32 max_len,
+ u32 *encrypted_len_ret)
{
int padding = 4 << (fscrypt_policy_flags(policy) &
FSCRYPT_POLICY_FLAGS_PAD_MASK);
@@ -273,6 +275,29 @@ bool fscrypt_fname_encrypted_size(const union fscrypt_policy *policy,
return true;
}
+/**
+ * fscrypt_fname_encrypted_size() - calculate length of encrypted filename
+ * @inode: parent inode of dentry name being encrypted. Key must
+ * already be set up.
+ * @orig_len: length of the original filename
+ * @max_len: maximum length to return
+ * @encrypted_len_ret: where calculated length should be returned (on success)
+ *
+ * Filenames that are shorter than the maximum length may have their lengths
+ * increased slightly by encryption, due to padding that is applied.
+ *
+ * Return: false if the orig_len is greater than max_len. Otherwise, true and
+ * fill out encrypted_len_ret with the length (up to max_len).
+ */
+bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len,
+ u32 max_len, u32 *encrypted_len_ret)
+{
+ return __fscrypt_fname_encrypted_size(&inode->i_crypt_info->ci_policy,
+ orig_len, max_len,
+ encrypted_len_ret);
+}
+EXPORT_SYMBOL_GPL(fscrypt_fname_encrypted_size);
+
/**
* fscrypt_fname_alloc_buffer() - allocate a buffer for presented filenames
* @max_encrypted_len: maximum length of encrypted filenames the buffer will be
@@ -428,8 +453,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname,
return ret;
if (fscrypt_has_encryption_key(dir)) {
- if (!fscrypt_fname_encrypted_size(&dir->i_crypt_info->ci_policy,
- iname->len, NAME_MAX,
+ if (!fscrypt_fname_encrypted_size(dir, iname->len, NAME_MAX,
&fname->crypto_buf.len))
return -ENAMETOOLONG;
fname->crypto_buf.name = kmalloc(fname->crypto_buf.len,
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index 5b0a9e6478b5..f3e6e566daff 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -297,14 +297,11 @@ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 lblk_num,
const struct fscrypt_info *ci);
/* fname.c */
-int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *iname,
- u8 *out, unsigned int olen);
-bool fscrypt_fname_encrypted_size(const union fscrypt_policy *policy,
- u32 orig_len, u32 max_len,
- u32 *encrypted_len_ret);
+bool __fscrypt_fname_encrypted_size(const union fscrypt_policy *policy,
+ u32 orig_len, u32 max_len,
+ u32 *encrypted_len_ret);
/* hkdf.c */
-
struct fscrypt_hkdf {
struct crypto_shash *hmac_tfm;
};
diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index af74599ae1cf..7c01025879b3 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -228,9 +228,9 @@ int fscrypt_prepare_symlink(struct inode *dir, const char *target,
* counting it (even though it is meaningless for ciphertext) is simpler
* for now since filesystems will assume it is there and subtract it.
*/
- if (!fscrypt_fname_encrypted_size(policy, len,
- max_len - sizeof(struct fscrypt_symlink_data),
- &disk_link->len))
+ if (!__fscrypt_fname_encrypted_size(policy, len,
+ max_len - sizeof(struct fscrypt_symlink_data),
+ &disk_link->len))
return -ENAMETOOLONG;
disk_link->len += sizeof(struct fscrypt_symlink_data);
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index 629ccd09e095..84b363665162 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -308,8 +308,12 @@ void fscrypt_free_inode(struct inode *inode);
int fscrypt_drop_inode(struct inode *inode);
/* fname.c */
+int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *iname,
+ u8 *out, unsigned int olen);
int fscrypt_base64url_encode(const u8 *src, int len, char *dst);
int fscrypt_base64url_decode(const char *src, int len, u8 *dst);
+bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len,
+ u32 max_len, u32 *encrypted_len_ret);
int fscrypt_setup_filename(struct inode *inode, const struct qstr *iname,
int lookup, struct fscrypt_name *fname);
--
2.35.1
next prev parent reply other threads:[~2022-04-06 5:19 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-05 19:19 [PATCH v13 00/59] ceph+fscrypt: full support Jeff Layton
2022-04-05 19:19 ` [PATCH v13 01/59] libceph: add spinlock around osd->o_requests Jeff Layton
2022-04-05 19:19 ` [PATCH v13 02/59] libceph: define struct ceph_sparse_extent and add some helpers Jeff Layton
2022-04-05 19:19 ` [PATCH v13 03/59] libceph: add sparse read support to msgr2 crc state machine Jeff Layton
2022-04-05 19:19 ` [PATCH v13 04/59] libceph: add sparse read support to OSD client Jeff Layton
2022-04-05 19:19 ` [PATCH v13 05/59] libceph: support sparse reads on msgr2 secure codepath Jeff Layton
2022-04-05 19:19 ` [PATCH v13 06/59] libceph: add sparse read support to msgr1 Jeff Layton
2022-04-05 19:19 ` [PATCH v13 07/59] ceph: add new mount option to enable sparse reads Jeff Layton
2022-04-05 19:19 ` [PATCH v13 08/59] fs: change test in inode_insert5 for adding to the sb list Jeff Layton
2022-04-05 19:19 ` [PATCH v13 09/59] fscrypt: export fscrypt_base64url_encode and fscrypt_base64url_decode Jeff Layton
2022-04-05 19:19 ` Jeff Layton [this message]
2022-04-05 19:19 ` [PATCH v13 11/59] fscrypt: add fscrypt_context_for_new_inode Jeff Layton
2022-04-05 19:19 ` [PATCH v13 12/59] ceph: preallocate inode for ops that may create one Jeff Layton
2022-04-05 19:19 ` [PATCH v13 13/59] ceph: fscrypt_auth handling for ceph Jeff Layton
2022-04-05 19:19 ` [PATCH v13 14/59] ceph: ensure that we accept a new context from MDS for new inodes Jeff Layton
2022-04-05 19:19 ` [PATCH v13 15/59] ceph: add support for fscrypt_auth/fscrypt_file to cap messages Jeff Layton
2022-04-05 19:19 ` [PATCH v13 16/59] ceph: implement -o test_dummy_encryption mount option Jeff Layton
2022-04-05 19:19 ` [PATCH v13 17/59] ceph: decode alternate_name in lease info Jeff Layton
2022-04-05 19:19 ` [PATCH v13 18/59] ceph: add fscrypt ioctls Jeff Layton
2022-04-05 19:19 ` [PATCH v13 19/59] ceph: make the ioctl cmd more readable in debug log Jeff Layton
2022-04-05 19:19 ` [PATCH v13 20/59] ceph: make ceph_msdc_build_path use ref-walk Jeff Layton
2022-04-05 19:19 ` [PATCH v13 21/59] ceph: add encrypted fname handling to ceph_mdsc_build_path Jeff Layton
2022-04-05 19:19 ` [PATCH v13 22/59] ceph: send altname in MClientRequest Jeff Layton
2022-04-05 19:19 ` [PATCH v13 23/59] ceph: encode encrypted name in dentry release Jeff Layton
2022-04-05 19:19 ` [PATCH v13 24/59] ceph: properly set DCACHE_NOKEY_NAME flag in lookup Jeff Layton
2022-04-05 19:19 ` [PATCH v13 25/59] ceph: set DCACHE_NOKEY_NAME in atomic open Jeff Layton
2022-04-05 19:19 ` [PATCH v13 26/59] ceph: make d_revalidate call fscrypt revalidator for encrypted dentries Jeff Layton
2022-04-05 19:19 ` [PATCH v13 27/59] ceph: add helpers for converting names for userland presentation Jeff Layton
2022-04-05 19:19 ` [PATCH v13 28/59] ceph: fix base64 encoded name's length check in ceph_fname_to_usr() Jeff Layton
2022-04-05 19:20 ` [PATCH v13 29/59] ceph: add fscrypt support to ceph_fill_trace Jeff Layton
2022-04-05 19:20 ` [PATCH v13 30/59] ceph: pass the request to parse_reply_info_readdir() Jeff Layton
2022-04-05 19:20 ` [PATCH v13 31/59] ceph: add ceph_encode_encrypted_dname() helper Jeff Layton
2022-04-05 19:20 ` [PATCH v13 32/59] ceph: add support to readdir for encrypted filenames Jeff Layton
2022-04-05 19:20 ` [PATCH v13 33/59] ceph: create symlinks with encrypted and base64-encoded targets Jeff Layton
2022-04-05 19:20 ` [PATCH v13 34/59] ceph: make ceph_get_name decrypt filenames Jeff Layton
2022-04-05 19:20 ` [PATCH v13 35/59] ceph: add a new ceph.fscrypt.auth vxattr Jeff Layton
2022-04-05 19:20 ` [PATCH v13 36/59] ceph: add some fscrypt guardrails Jeff Layton
2022-04-05 19:20 ` [PATCH v13 37/59] ceph: don't allow changing layout on encrypted files/directories Jeff Layton
2022-04-05 19:20 ` [PATCH v13 38/59] libceph: add CEPH_OSD_OP_ASSERT_VER support Jeff Layton
2022-04-05 19:20 ` [PATCH v13 39/59] ceph: size handling for encrypted inodes in cap updates Jeff Layton
2022-04-05 19:20 ` [PATCH v13 40/59] ceph: fscrypt_file field handling in MClientRequest messages Jeff Layton
2022-04-05 19:20 ` [PATCH v13 41/59] ceph: get file size from fscrypt_file when present in inode traces Jeff Layton
2022-04-05 19:20 ` [PATCH v13 42/59] ceph: handle fscrypt fields in cap messages from MDS Jeff Layton
2022-04-05 19:20 ` [PATCH v13 43/59] ceph: update WARN_ON message to pr_warn Jeff Layton
2022-04-05 19:20 ` [PATCH v13 44/59] ceph: add __ceph_get_caps helper support Jeff Layton
2022-04-05 19:20 ` [PATCH v13 45/59] ceph: add __ceph_sync_read " Jeff Layton
2022-04-05 19:20 ` [PATCH v13 46/59] ceph: add object version support for sync read Jeff Layton
2022-04-05 19:20 ` [PATCH v13 47/59] ceph: add infrastructure for file encryption and decryption Jeff Layton
2022-04-05 19:20 ` [PATCH v13 48/59] ceph: add truncate size handling support for fscrypt Jeff Layton
2022-04-05 19:20 ` [PATCH v13 49/59] libceph: allow ceph_osdc_new_request to accept a multi-op read Jeff Layton
2022-04-05 19:20 ` [PATCH v13 50/59] ceph: disable fallocate for encrypted inodes Jeff Layton
2022-04-05 19:20 ` [PATCH v13 51/59] ceph: disable copy offload on " Jeff Layton
2022-04-05 19:20 ` [PATCH v13 52/59] ceph: don't use special DIO path for " Jeff Layton
2022-04-05 19:20 ` [PATCH v13 53/59] ceph: align data in pages in ceph_sync_write Jeff Layton
2022-04-05 19:20 ` [PATCH v13 54/59] ceph: add read/modify/write to ceph_sync_write Jeff Layton
2022-04-05 19:20 ` [PATCH v13 55/59] ceph: plumb in decryption during sync reads Jeff Layton
2022-04-05 19:20 ` [PATCH v13 56/59] ceph: add fscrypt decryption support to ceph_netfs_issue_op Jeff Layton
2022-04-05 19:20 ` [PATCH v13 57/59] ceph: set i_blkbits to crypto block size for encrypted inodes Jeff Layton
2022-04-05 19:20 ` [PATCH v13 58/59] ceph: add encryption support to writepage Jeff Layton
2022-04-05 19:20 ` [PATCH v13 59/59] ceph: fscrypt support for writepages Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220405192030.178326-11-jlayton@kernel.org \
--to=jlayton@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=ebiggers@google.com \
--cc=idryomov@gmail.com \
--cc=lhenriques@suse.de \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.