> On Nov 24, 2020, at 5:23 PM, Eric Biggers wrote: > > From: Eric Biggers > > fscrypt_require_key() is now only used by files in fs/crypto/. So > reduce its visibility to fscrypt_private.h. This is also a prerequsite > for unexporting fscrypt_get_encryption_info(). > > Signed-off-by: Eric Biggers Reviewed-by: Andreas Dilger > --- > fs/crypto/fscrypt_private.h | 26 ++++++++++++++++++++++++++ > include/linux/fscrypt.h | 26 -------------------------- > 2 files changed, 26 insertions(+), 26 deletions(-) > > diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h > index a61d4dbf0a0b..16dd55080127 100644 > --- a/fs/crypto/fscrypt_private.h > +++ b/fs/crypto/fscrypt_private.h > @@ -571,6 +571,32 @@ int fscrypt_derive_dirhash_key(struct fscrypt_info *ci, > void fscrypt_hash_inode_number(struct fscrypt_info *ci, > const struct fscrypt_master_key *mk); > > +/** > + * fscrypt_require_key() - require an inode's encryption key > + * @inode: the inode we need the key for > + * > + * If the inode is encrypted, set up its encryption key if not already done. > + * Then require that the key be present and return -ENOKEY otherwise. > + * > + * No locks are needed, and the key will live as long as the struct inode --- so > + * it won't go away from under you. > + * > + * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code > + * if a problem occurred while setting up the encryption key. > + */ > +static inline int fscrypt_require_key(struct inode *inode) > +{ > + if (IS_ENCRYPTED(inode)) { > + int err = fscrypt_get_encryption_info(inode); > + > + if (err) > + return err; > + if (!fscrypt_has_encryption_key(inode)) > + return -ENOKEY; > + } > + return 0; > +} > + > /* keysetup_v1.c */ > > void fscrypt_put_direct_key(struct fscrypt_direct_key *dk); > diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h > index b20900bb829f..a07610f27926 100644 > --- a/include/linux/fscrypt.h > +++ b/include/linux/fscrypt.h > @@ -688,32 +688,6 @@ static inline bool fscrypt_has_encryption_key(const struct inode *inode) > return fscrypt_get_info(inode) != NULL; > } > > -/** > - * fscrypt_require_key() - require an inode's encryption key > - * @inode: the inode we need the key for > - * > - * If the inode is encrypted, set up its encryption key if not already done. > - * Then require that the key be present and return -ENOKEY otherwise. > - * > - * No locks are needed, and the key will live as long as the struct inode --- so > - * it won't go away from under you. > - * > - * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code > - * if a problem occurred while setting up the encryption key. > - */ > -static inline int fscrypt_require_key(struct inode *inode) > -{ > - if (IS_ENCRYPTED(inode)) { > - int err = fscrypt_get_encryption_info(inode); > - > - if (err) > - return err; > - if (!fscrypt_has_encryption_key(inode)) > - return -ENOKEY; > - } > - return 0; > -} > - > /** > * fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted > * directory > -- > 2.29.2 > Cheers, Andreas