Linux-ext4 Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 0/9] Allow deleting files with unsupported encryption policy
@ 2020-11-25  0:23 Eric Biggers
  2020-11-25  0:23 ` [PATCH 1/9] ext4: remove ext4_dir_open() Eric Biggers
                   ` (9 more replies)
  0 siblings, 10 replies; 22+ messages in thread
From: Eric Biggers @ 2020-11-25  0:23 UTC (permalink / raw)
  To: linux-fscrypt; +Cc: linux-ext4, linux-f2fs-devel, linux-mtd, linux-fsdevel

Currently it's impossible to delete files that use an unsupported
encryption policy, as the kernel will just return an error when
performing any operation on the top-level encrypted directory, even just
a path lookup into the directory or opening the directory for readdir.

It's desirable to return errors for most operations on files that use an
unsupported encryption policy, but the current behavior is too strict.
We need to allow enough to delete files, so that people can't be stuck
with undeletable files when downgrading kernel versions.  That includes
allowing directories to be listed and allowing dentries to be looked up.

This series fixes this (on ext4, f2fs, and ubifs) by treating an
unsupported encryption policy in the same way as "key unavailable" in
the cases that are required for a recursive delete to work.

The actual fix is in patch 9, so see that for more details.

Patches 1-8 are cleanups that prepare for the actual fix by removing
direct use of fscrypt_get_encryption_info() by filesystems.

This patchset applies to branch "master" (commit 4a4b8721f1a5) of
https://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git.

Eric Biggers (9):
  ext4: remove ext4_dir_open()
  f2fs: remove f2fs_dir_open()
  ubifs: remove ubifs_dir_open()
  ext4: don't call fscrypt_get_encryption_info() from dx_show_leaf()
  fscrypt: introduce fscrypt_prepare_readdir()
  fscrypt: move body of fscrypt_prepare_setattr() out-of-line
  fscrypt: move fscrypt_require_key() to fscrypt_private.h
  fscrypt: unexport fscrypt_get_encryption_info()
  fscrypt: allow deleting files with unsupported encryption policy

 fs/crypto/fname.c           |  8 +++-
 fs/crypto/fscrypt_private.h | 28 ++++++++++++++
 fs/crypto/hooks.c           | 16 +++++++-
 fs/crypto/keysetup.c        | 20 ++++++++--
 fs/crypto/policy.c          | 22 +++++++----
 fs/ext4/dir.c               | 16 ++------
 fs/ext4/namei.c             | 10 +----
 fs/f2fs/dir.c               | 10 +----
 fs/ubifs/dir.c              | 11 +-----
 include/linux/fscrypt.h     | 75 +++++++++++++++++++------------------
 10 files changed, 126 insertions(+), 90 deletions(-)


base-commit: 4a4b8721f1a5e4b01e45b3153c68d5a1014b25de
-- 
2.29.2


^ permalink raw reply	[flat|nested] 22+ messages in thread

end of thread, back to index

Thread overview: 22+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-25  0:23 [PATCH 0/9] Allow deleting files with unsupported encryption policy Eric Biggers
2020-11-25  0:23 ` [PATCH 1/9] ext4: remove ext4_dir_open() Eric Biggers
2020-12-02 22:47   ` Andreas Dilger
2020-11-25  0:23 ` [PATCH 2/9] f2fs: remove f2fs_dir_open() Eric Biggers
2020-11-26  7:04   ` Chao Yu
2020-12-01 23:00     ` Eric Biggers
2020-11-25  0:23 ` [PATCH 3/9] ubifs: remove ubifs_dir_open() Eric Biggers
2020-11-25  0:23 ` [PATCH 4/9] ext4: don't call fscrypt_get_encryption_info() from dx_show_leaf() Eric Biggers
2020-12-02 22:48   ` Andreas Dilger
2020-11-25  0:23 ` [PATCH 5/9] fscrypt: introduce fscrypt_prepare_readdir() Eric Biggers
2020-12-02 22:52   ` Andreas Dilger
2020-12-02 22:52   ` Andreas Dilger
2020-11-25  0:23 ` [PATCH 6/9] fscrypt: move body of fscrypt_prepare_setattr() out-of-line Eric Biggers
2020-12-02 22:53   ` Andreas Dilger
2020-11-25  0:23 ` [PATCH 7/9] fscrypt: move fscrypt_require_key() to fscrypt_private.h Eric Biggers
2020-12-02 22:54   ` Andreas Dilger
2020-11-25  0:23 ` [PATCH 8/9] fscrypt: unexport fscrypt_get_encryption_info() Eric Biggers
2020-12-02 22:55   ` Andreas Dilger
2020-11-25  0:23 ` [PATCH 9/9] fscrypt: allow deleting files with unsupported encryption policy Eric Biggers
2020-12-02 22:57   ` Andreas Dilger
2020-12-02 21:07 ` [PATCH 0/9] Allow " Eric Biggers
2020-12-02 22:25   ` Andreas Dilger

Linux-ext4 Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-ext4/0 linux-ext4/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-ext4 linux-ext4/ https://lore.kernel.org/linux-ext4 \
		linux-ext4@vger.kernel.org
	public-inbox-index linux-ext4

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-ext4


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git