From: David Sterba <dsterba@suse.cz>
To: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
Eric Biggers <ebiggers@kernel.org>, Chris Mason <clm@fb.com>,
Josef Bacik <josef@toxicpanda.com>,
David Sterba <dsterba@suse.com>,
linux-fscrypt@vger.kernel.org, linux-btrfs@vger.kernel.org,
kernel-team@fb.com, Omar Sandoval <osandov@osandov.com>
Subject: Re: [PATCH v2 11/20] btrfs: disable various operations on encrypted inodes
Date: Wed, 7 Sep 2022 22:11:34 +0200 [thread overview]
Message-ID: <20220907201133.GJ32411@twin.jikos.cz> (raw)
In-Reply-To: <927dbeab576537ac0e4c954a8c3d13b148cd6a26.1662420176.git.sweettea-kernel@dorminy.me>
On Mon, Sep 05, 2022 at 08:35:26PM -0400, Sweet Tea Dorminy wrote:
> --- a/fs/btrfs/file.c
> +++ b/fs/btrfs/file.c
> @@ -1895,7 +1895,7 @@ static ssize_t btrfs_direct_write(struct kiocb *iocb, struct iov_iter *from)
> goto relock;
> }
>
> - if (check_direct_IO(fs_info, from, pos)) {
> + if (IS_ENCRYPTED(inode) || check_direct_IO(fs_info, from, pos)) {
I'm not sure if we want the IS_ENCRYPTED as an explicit check or put it
to check_direct_IO, but probably to make it obvious that direct io does
not work with it a separate check is ok.
> btrfs_inode_unlock(inode, ilock_flags);
> goto buffered;
> }
> @@ -3729,7 +3729,7 @@ static ssize_t btrfs_direct_read(struct kiocb *iocb, struct iov_iter *to)
> ssize_t read = 0;
> ssize_t ret;
>
> - if (fsverity_active(inode))
> + if (IS_ENCRYPTED(inode) || fsverity_active(inode))
Yeah as we have something similar for verity.
> return 0;
>
> if (check_direct_read(btrfs_sb(inode->i_sb), to, iocb->ki_pos))
> diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
> index 482c5b3d9e70..fea48c12a33a 100644
> --- a/fs/btrfs/inode.c
> +++ b/fs/btrfs/inode.c
> @@ -409,7 +409,8 @@ static noinline int cow_file_range_inline(struct btrfs_inode *inode, u64 size,
> * compressed) data fits in a leaf and the configured maximum inline
> * size.
> */
> - if (size < i_size_read(&inode->vfs_inode) ||
> + if (IS_ENCRYPTED(&inode->vfs_inode) ||
> + size < i_size_read(&inode->vfs_inode) ||
> size > fs_info->sectorsize ||
> data_len > BTRFS_MAX_INLINE_DATA_SIZE(fs_info) ||
> data_len > fs_info->max_inline)
> diff --git a/fs/btrfs/reflink.c b/fs/btrfs/reflink.c
> index 9acf47b11fe6..d22086e1cbc8 100644
> --- a/fs/btrfs/reflink.c
> +++ b/fs/btrfs/reflink.c
> @@ -805,6 +805,13 @@ static int btrfs_remap_file_range_prep(struct file *file_in, loff_t pos_in,
> ASSERT(inode_in->i_sb == inode_out->i_sb);
> }
>
> + /*
> + * Can only reflink encrypted files if both files are encrypted.
> + */
The comment fits on one line (and slight 80 chars overflow is ok).
> + if (!fscrypt_have_same_policy(inode_in, inode_out)) {
> + return -EINVAL;
Single statements don't need the { }
> + }
> +
next prev parent reply other threads:[~2022-09-07 20:17 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-06 0:35 [PATCH v2 00/20] btrfs: add fscrypt integration Sweet Tea Dorminy
2022-09-06 0:35 ` [PATCH v2 01/20] fscrypt: expose fscrypt_nokey_name Sweet Tea Dorminy
2022-09-08 13:41 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 02/20] fscrypt: add flag allowing partially-encrypted directories Sweet Tea Dorminy
2022-09-08 13:43 ` Josef Bacik
2022-09-12 1:42 ` Eric Biggers
2022-09-15 18:58 ` Sweet Tea Dorminy
2022-09-13 10:07 ` Anand Jain
2022-09-13 11:02 ` Neal Gompa
2022-09-06 0:35 ` [PATCH v2 03/20] fscrypt: add fscrypt_have_same_policy() to check inode compatibility Sweet Tea Dorminy
2022-09-08 13:53 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 04/20] fscrypt: allow fscrypt_generate_iv() to distinguish filenames Sweet Tea Dorminy
2022-09-08 14:01 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 05/20] fscrypt: add extent-based encryption Sweet Tea Dorminy
2022-09-07 19:59 ` Omar Sandoval
2022-09-08 15:33 ` Josef Bacik
2022-09-10 18:53 ` kernel test robot
2022-09-12 1:34 ` Eric Biggers
2022-09-06 0:35 ` [PATCH v2 06/20] fscrypt: document btrfs' fscrypt quirks Sweet Tea Dorminy
2022-09-08 15:34 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 07/20] btrfs: store directory's encryption state Sweet Tea Dorminy
2022-09-08 15:37 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 08/20] btrfs: use fscrypt_names instead of name/len everywhere Sweet Tea Dorminy
2022-09-07 20:04 ` David Sterba
2022-09-06 0:35 ` [PATCH v2 09/20] btrfs: setup fscrypt_names from dentrys using helper Sweet Tea Dorminy
2022-09-08 19:11 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 10/20] btrfs: factor a fscrypt_name matching method Sweet Tea Dorminy
2022-09-08 19:27 ` Josef Bacik
2022-09-09 10:15 ` David Sterba
2022-09-09 13:00 ` Christoph Hellwig
2022-09-09 13:34 ` David Sterba
2022-09-16 22:18 ` J Lovejoy
2022-09-19 2:00 ` Bradley M. Kuhn
2022-09-19 17:20 ` David Sterba
2022-09-19 16:52 ` David Sterba
2022-09-09 13:41 ` Chris Mason
2022-09-06 0:35 ` [PATCH v2 11/20] btrfs: disable various operations on encrypted inodes Sweet Tea Dorminy
2022-09-06 6:36 ` kernel test robot
2022-09-07 20:11 ` David Sterba [this message]
2022-09-06 0:35 ` [PATCH v2 12/20] btrfs: start using fscrypt hooks Sweet Tea Dorminy
2022-09-07 20:17 ` David Sterba
2022-09-07 20:42 ` Sweet Tea Dorminy
2022-09-12 1:50 ` Eric Biggers
2022-09-08 19:42 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 13/20] btrfs: add fscrypt_context items Sweet Tea Dorminy
2022-09-07 20:43 ` David Sterba
2022-09-08 20:06 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 14/20] btrfs: translate btrfs encryption flags and encrypted inode flag Sweet Tea Dorminy
2022-09-08 20:07 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 15/20] btrfs: store a fscrypt extent context per normal file extent Sweet Tea Dorminy
2022-09-07 21:10 ` David Sterba
2022-09-07 21:39 ` Sweet Tea Dorminy
2022-09-09 10:04 ` David Sterba
2022-09-06 0:35 ` [PATCH v2 16/20] btrfs: Add new FEATURE_INCOMPAT_FSCRYPT feature flag Sweet Tea Dorminy
2022-09-09 11:35 ` David Sterba
2022-09-12 1:36 ` Eric Biggers
2022-09-06 0:35 ` [PATCH v2 17/20] btrfs: reuse encrypted filename hash when possible Sweet Tea Dorminy
2022-09-07 21:24 ` David Sterba
2022-09-06 0:35 ` [PATCH v2 18/20] btrfs: adapt directory read and lookup to potentially encrypted filenames Sweet Tea Dorminy
2022-09-08 20:15 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 19/20] btrfs: encrypt normal file extent data if appropriate Sweet Tea Dorminy
2022-09-08 20:19 ` Josef Bacik
2022-09-06 0:35 ` [PATCH v2 20/20] btrfs: implement fscrypt ioctls Sweet Tea Dorminy
2022-09-07 21:33 ` David Sterba
2022-09-06 22:35 ` [PATCH v2 00/20] btrfs: add fscrypt integration Eric Biggers
2022-09-06 23:01 ` Sweet Tea Dorminy
2022-09-06 23:10 ` Eric Biggers
2022-09-07 0:01 ` Sweet Tea Dorminy
2022-09-07 19:38 ` David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220907201133.GJ32411@twin.jikos.cz \
--to=dsterba@suse.cz \
--cc=clm@fb.com \
--cc=dsterba@suse.com \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=josef@toxicpanda.com \
--cc=kernel-team@fb.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=osandov@osandov.com \
--cc=sweettea-kernel@dorminy.me \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.