From: Xiubo Li <xiubli@redhat.com>
To: "Luís Henriques" <lhenriques@suse.de>,
"Ilya Dryomov" <idryomov@gmail.com>,
"Jeff Layton" <jlayton@kernel.org>
Cc: ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] ceph: make sure directories aren't complete after setting crypt context
Date: Thu, 17 Nov 2022 16:03:35 +0800 [thread overview]
Message-ID: <5de0ae69-5e3d-2ccb-64a3-971db66477f8@redhat.com> (raw)
In-Reply-To: <20221116153703.27292-1-lhenriques@suse.de>
On 16/11/2022 23:37, Luís Henriques wrote:
> When setting a directory's crypt context, __ceph_dir_clear_complete() needs
> to be used otherwise, if it was complete before, any old dentry that's still
> around will be valid.
>
> Signed-off-by: Luís Henriques <lhenriques@suse.de>
> ---
> Hi!
>
> Here's a simple way to trigger the bug this patch is fixing:
>
> # cd /cephfs
> # ls mydir
> nKRhofOAVNsAwVLvDw7a0c9ypsjbZfK3n0Npnmni6j0
> # ls mydir/nKRhofOAVNsAwVLvDw7a0c9ypsjbZfK3n0Npnmni6j0/
> Cyuer5xT+kBlEPgtwAqSj0WK2taEljP5vHZ,D8VXCJ8 u+46b2XVCt7Obpz0gznZyNLRj79Q2l4KmkwbKOzdQKw
> # fscrypt unlock mydir
> # touch /mnt/test/mydir/mysubdir/file
> touch: cannot touch '/mnt/test/mydir/mysubdir/file': No such file or directory
>
> fs/ceph/crypto.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c
> index 35a2ccfe6899..dc1557967032 100644
> --- a/fs/ceph/crypto.c
> +++ b/fs/ceph/crypto.c
> @@ -87,6 +87,10 @@ static int ceph_crypt_get_context(struct inode *inode, void *ctx, size_t len)
> return -ERANGE;
>
> memcpy(ctx, cfa->cfa_blob, ctxlen);
> +
> + /* Directory isn't complete anymore */
> + if (S_ISDIR(inode->i_mode) && __ceph_dir_is_complete(ci))
> + __ceph_dir_clear_complete(ci);
Hi Luis,
Good catch!
BTW, why do this in the ceph_crypt_get_context() ? As my understanding
is that we should mark 'mydir' as incomplete when unlocking it. While as
I remembered the unlock operation will do:
Step1: get_encpolicy via 'mydir' as ctx
Step2: rm_enckey of ctx from the superblock
Since I am still running the test cases for the file lock patches, so I
didn't catch logs to confirm the above steps yet.
If I am right IMO then we should mark the dir as incomplete in the Step2
instead, because for non-unlock operations they may also do the Step1.
Thanks!
- Xiubo
> return ctxlen;
> }
>
>
next prev parent reply other threads:[~2022-11-17 8:05 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-16 15:37 [PATCH] ceph: make sure directories aren't complete after setting crypt context Luís Henriques
2022-11-17 8:03 ` Xiubo Li [this message]
2022-11-17 11:08 ` Xiubo Li
2022-11-17 18:02 ` Luís Henriques
2022-11-18 5:24 ` Xiubo Li
2022-11-18 11:12 ` Luís Henriques
2022-11-21 0:53 ` Xiubo Li
2022-11-21 13:52 ` Luís Henriques
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5de0ae69-5e3d-2ccb-64a3-971db66477f8@redhat.com \
--to=xiubli@redhat.com \
--cc=ceph-devel@vger.kernel.org \
--cc=idryomov@gmail.com \
--cc=jlayton@kernel.org \
--cc=lhenriques@suse.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.