From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3CB2BC352A4 for ; Sat, 8 Feb 2020 01:36:22 +0000 (UTC) Received: from lists.sourceforge.net (lists.sourceforge.net [216.105.38.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 0C43720838 for ; Sat, 8 Feb 2020 01:36:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=lists.sourceforge.net header.i=@lists.sourceforge.net header.b="XRLn+F4v"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=sourceforge.net header.i=@sourceforge.net header.b="Ugi7bsK9"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=sf.net header.i=@sf.net header.b="GIOut6iA"; dkim=neutral (0-bit key) header.d=google.com header.i=@google.com header.b="Glmf0tMi" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0C43720838 Authentication-Results: mail.kernel.org; dmarc=pass (p=none dis=none) header.from=lists.sourceforge.net Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linux-f2fs-devel-bounces@lists.sourceforge.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc: Reply-To:From:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Subject:To:References:Mime-Version:Message-Id: In-Reply-To:Date:Sender:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=DZSwZu4I5Z72+z7sloOmAES2v3J+TlX200jdbGkXC3M=; b=XRLn+F4vVaDr5GGsusoNgTgG4 JuJotPCGisxugsRrtaUpwSYHQSGm01FXVgoIPkAgubQDbyu4mZkpCQPYHZm4uNyZtJZMAT9l/q1m1 oarcB2EWh/ONsBMBsm5fo63at4vjpXSAZFPy0qEunmBpx3js7bnkOLl7Y+B4OE70wVCOk=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1j0F2j-0007vC-MX; Sat, 08 Feb 2020 01:36:21 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from <3ixA-XgYKAJw9NKOAJCKKCHA.8KI@flex--drosen.bounces.google.com>) id 1j0F2h-0007ut-8r for linux-f2fs-devel@lists.sourceforge.net; Sat, 08 Feb 2020 01:36:19 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Cc:To:From:Subject:References: Mime-Version:Message-Id:In-Reply-To:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=KqY7J4cXuRqTEcLbJFT150f45aVeLvHvgcriKaj44G0=; b=Ugi7bsK90uJ9CrL17KsIaOBwe K+wkrXEQ4FqALNVpWWC2wz4++aGl3jNRPd5Z8+fDWnehyTUQzUyAAni2EVXEzrKWu1LXbqIS95m8J URWw7Z11giXb9W7oTTJ3kUVzOFtUR96+OUMrcfkl0CISxjftIyuK04dJgGSUiCTE/txJ0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Cc:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=KqY7J4cXuRqTEcLbJFT150f45aVeLvHvgcriKaj44G0=; b=GIOut6iACOqOcgMsCGwAofo3Wc iENMwLc3csYiKK3UT90RCVehgvYjIMDJOErPPCLC46ohzs4Ymlc2ei5o2fq0TCgAzQiKyOszTQNNt Pm2eBdgqAMlX42iN2KGTxLc0ZtmzvyCuyGw88zzvMGGjR/NX/s7dl9akBC7x5bG9WHCk=; Received: from mail-pl1-f202.google.com ([209.85.214.202]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.2) id 1j0F2f-00Dq4E-7Q for linux-f2fs-devel@lists.sourceforge.net; Sat, 08 Feb 2020 01:36:19 +0000 Received: by mail-pl1-f202.google.com with SMTP id k16so627515pls.9 for ; Fri, 07 Feb 2020 17:36:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=KqY7J4cXuRqTEcLbJFT150f45aVeLvHvgcriKaj44G0=; b=Glmf0tMiHv0G9fmcjAX/FOfqRLd1Bv/8QqbcNIHsw+FtQxYpSJGqCrMXk3/XO7+WOD YsF/iJTi43Ei6LSHADvPd3hkaJwkjyDalElpeBfb8ya0ZmuCrwTTFQkIXa8lkX+mNP/5 Fp2+yTqD3qnOxOd73UX3RSItptoq6cCvmATHtArM7oLPVnRcFncw0wva3eTD/qfomK4b 6BlsNaUD6Hr6mOz8KjiUMdKowupa6GP5Vk3Q/vgeagf6lyS8ylrnG0SieVGFEFh3M2Yw lkp9XSRvduZRIasmKmunhk+8MjkMWeDROpxJjMRnNJRj2eJHVOCW7ror5KQ5CUsChDzN mv5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=KqY7J4cXuRqTEcLbJFT150f45aVeLvHvgcriKaj44G0=; b=WhkfWfuQS12mlEoqen7AxiGivfSL4F2srS/LZWTpWlQrQb01RYxLFgKJaF7kTvjIqv ww1NcLNf2nCzi5sI7tPDFh7k0A5VbcYlPlm1doNA3Jg/f849aw+/MGUiWMR51ZQBPVdR l8DTuehJd5gJnSggnMWPAqycISNVF+u5CvNH88e6cswRD04R5sb/4EbJqBOU2VYvqqnE KmPCvYMLDhGC09ZC9SJ9Zwbo7PKN2GbcHzwuE8ECb8liqn16H+rWHO1rpUopeLeB8Whb 07vU5vD3vBWuBOk6ntplhMabhWKDnlxtB+nvLPTu/59ynLFRRmMJ460YqwqI/4Ig989u skCg== X-Gm-Message-State: APjAAAUzY264u/tEV+tbskYvYjYiWCbvg7tJjxZ2Ow6SqWvZewYzKe+/ VmC35oS6BjdJVxqRg+NswiUOa+zflp0= X-Google-Smtp-Source: APXvYqwHKZ/onpyRAVGCp9YhbWd+Z93x0NObRQH/T5/lzM/plIsDJW6R5nNJ19u1ZSS4hLflYxqZTcjXLJk= X-Received: by 2002:a63:28c7:: with SMTP id o190mr2004326pgo.394.1581125771087; Fri, 07 Feb 2020 17:36:11 -0800 (PST) Date: Fri, 7 Feb 2020 17:35:50 -0800 In-Reply-To: <20200208013552.241832-1-drosen@google.com> Message-Id: <20200208013552.241832-7-drosen@google.com> Mime-Version: 1.0 References: <20200208013552.241832-1-drosen@google.com> X-Mailer: git-send-email 2.25.0.341.g760bfbb309-goog To: "Theodore Ts'o" , linux-ext4@vger.kernel.org, Jaegeuk Kim , Chao Yu , linux-f2fs-devel@lists.sourceforge.net, Eric Biggers , linux-fscrypt@vger.kernel.org, Alexander Viro , Richard Weinberger X-Headers-End: 1j0F2f-00Dq4E-7Q Subject: [f2fs-dev] [PATCH v7 6/8] f2fs: Handle casefolding with Encryption X-BeenThere: linux-f2fs-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Daniel Rosenberg via Linux-f2fs-devel Reply-To: Daniel Rosenberg Cc: Daniel Rosenberg , linux-doc@vger.kernel.org, kernel-team@android.com, Jonathan Corbet , linux-kernel@vger.kernel.org, Andreas Dilger , linux-fsdevel@vger.kernel.org, linux-mtd@lists.infradead.org, Gabriel Krisman Bertazi Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: linux-f2fs-devel-bounces@lists.sourceforge.net This expands f2fs's casefolding support to include encrypted directories. For encrypted directories, we use the siphash of the casefolded name. This ensures there is no direct way to go from an unencrypted name to the stored hash on disk without knowledge of the encryption policy keys. Additionally, we switch to using the vfs layer's casefolding support instead of storing this information inside of f2fs's private data. Signed-off-by: Daniel Rosenberg --- fs/f2fs/dir.c | 65 ++++++++++++++++++++++++++++++++---------------- fs/f2fs/f2fs.h | 8 +++--- fs/f2fs/hash.c | 23 +++++++++++------ fs/f2fs/inline.c | 9 ++++--- fs/f2fs/super.c | 6 ----- 5 files changed, 68 insertions(+), 43 deletions(-) diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index 38c0e6d589be4..3517dd4060341 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -112,30 +112,50 @@ static struct f2fs_dir_entry *find_in_block(struct inode *dir, * doesn't match or less than zero on error. */ int f2fs_ci_compare(const struct inode *parent, const struct qstr *name, - const struct qstr *entry, bool quick) + unsigned char *name2, size_t len, bool quick) { const struct super_block *sb = parent->i_sb; const struct unicode_map *um = sb->s_encoding; + const struct fscrypt_str crypt_entry = FSTR_INIT(name2, len); + struct fscrypt_str decrypted_entry; + struct qstr decrypted; + struct qstr entry = QSTR_INIT(name2, len); + struct qstr *tocheck; int ret; + decrypted_entry.name = NULL; + + if (IS_ENCRYPTED(parent) && fscrypt_has_encryption_key(parent)) { + decrypted_entry.name = kmalloc(len, GFP_ATOMIC); + decrypted.name = decrypted_entry.name; + decrypted_entry.len = len; + decrypted.len = len; + if (!decrypted.name) + return -ENOMEM; + ret = fscrypt_fname_disk_to_usr(parent, 0, 0, &crypt_entry, + &decrypted_entry); + if (ret < 0) + goto out; + } + tocheck = decrypted_entry.name ? &decrypted : &entry; + if (quick) - ret = utf8_strncasecmp_folded(um, name, entry); + ret = utf8_strncasecmp_folded(um, name, tocheck); else - ret = utf8_strncasecmp(um, name, entry); - + ret = utf8_strncasecmp(um, name, tocheck); if (ret < 0) { /* Handle invalid character sequence as either an error * or as an opaque byte sequence. */ if (sb_has_enc_strict_mode(sb)) - return -EINVAL; - - if (name->len != entry->len) - return 1; - - return !!memcmp(name->name, entry->name, name->len); + ret = -EINVAL; + else if (name->len != len) + ret = 1; + else + ret = !!memcmp(name->name, tocheck->name, len); } - +out: + kfree(decrypted_entry.name); return ret; } @@ -173,24 +193,24 @@ static inline bool f2fs_match_name(struct f2fs_dentry_ptr *d, { #ifdef CONFIG_UNICODE struct inode *parent = d->inode; - struct super_block *sb = parent->i_sb; - struct qstr entry; + unsigned char *name; + int len; #endif if (de->hash_code != namehash) return false; #ifdef CONFIG_UNICODE - entry.name = d->filename[bit_pos]; - entry.len = de->name_len; + name = d->filename[bit_pos]; + len = de->name_len; - if (sb->s_encoding && IS_CASEFOLDED(parent)) { + if (needs_casefold(parent)) { if (cf_str->name) { struct qstr cf = {.name = cf_str->name, .len = cf_str->len}; - return !f2fs_ci_compare(parent, &cf, &entry, true); + return !f2fs_ci_compare(parent, &cf, name, len, true); } - return !f2fs_ci_compare(parent, fname->usr_fname, &entry, + return !f2fs_ci_compare(parent, fname->usr_fname, name, len, false); } #endif @@ -616,13 +636,13 @@ void f2fs_update_dentry(nid_t ino, umode_t mode, struct f2fs_dentry_ptr *d, int f2fs_add_regular_entry(struct inode *dir, const struct qstr *new_name, const struct qstr *orig_name, + f2fs_hash_t dentry_hash, struct inode *inode, nid_t ino, umode_t mode) { unsigned int bit_pos; unsigned int level; unsigned int current_depth; unsigned long bidx, block; - f2fs_hash_t dentry_hash; unsigned int nbucket, nblock; struct page *dentry_page = NULL; struct f2fs_dentry_block *dentry_blk = NULL; @@ -632,7 +652,6 @@ int f2fs_add_regular_entry(struct inode *dir, const struct qstr *new_name, level = 0; slots = GET_DENTRY_SLOTS(new_name->len); - dentry_hash = f2fs_dentry_hash(dir, new_name, NULL); current_depth = F2FS_I(dir)->i_current_depth; if (F2FS_I(dir)->chash == dentry_hash) { @@ -718,17 +737,19 @@ int f2fs_add_dentry(struct inode *dir, struct fscrypt_name *fname, struct inode *inode, nid_t ino, umode_t mode) { struct qstr new_name; + f2fs_hash_t dentry_hash; int err = -EAGAIN; new_name.name = fname_name(fname); new_name.len = fname_len(fname); if (f2fs_has_inline_dentry(dir)) - err = f2fs_add_inline_entry(dir, &new_name, fname->usr_fname, + err = f2fs_add_inline_entry(dir, &new_name, fname, inode, ino, mode); + dentry_hash = f2fs_dentry_hash(dir, &new_name, fname); if (err == -EAGAIN) err = f2fs_add_regular_entry(dir, &new_name, fname->usr_fname, - inode, ino, mode); + dentry_hash, inode, ino, mode); f2fs_update_time(F2FS_I_SB(dir), REQ_TIME); return err; diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 0fc153b5a5c09..ad8e5fb00372f 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -3075,7 +3075,7 @@ struct dentry *f2fs_get_parent(struct dentry *child); extern int f2fs_ci_compare(const struct inode *parent, const struct qstr *name, - const struct qstr *entry, + unsigned char *name2, size_t len, bool quick); /* @@ -3111,7 +3111,7 @@ void f2fs_update_dentry(nid_t ino, umode_t mode, struct f2fs_dentry_ptr *d, const struct qstr *name, f2fs_hash_t name_hash, unsigned int bit_pos); int f2fs_add_regular_entry(struct inode *dir, const struct qstr *new_name, - const struct qstr *orig_name, + const struct qstr *orig_name, f2fs_hash_t dentry_hash, struct inode *inode, nid_t ino, umode_t mode); int f2fs_add_dentry(struct inode *dir, struct fscrypt_name *fname, struct inode *inode, nid_t ino, umode_t mode); @@ -3144,7 +3144,7 @@ int f2fs_sanity_check_ckpt(struct f2fs_sb_info *sbi); * hash.c */ f2fs_hash_t f2fs_dentry_hash(const struct inode *dir, - const struct qstr *name_info, struct fscrypt_name *fname); + const struct qstr *name_info, const struct fscrypt_name *fname); /* * node.c @@ -3656,7 +3656,7 @@ struct f2fs_dir_entry *f2fs_find_in_inline_dir(struct inode *dir, int f2fs_make_empty_inline_dir(struct inode *inode, struct inode *parent, struct page *ipage); int f2fs_add_inline_entry(struct inode *dir, const struct qstr *new_name, - const struct qstr *orig_name, + const struct fscrypt_name *fname, struct inode *inode, nid_t ino, umode_t mode); void f2fs_delete_inline_entry(struct f2fs_dir_entry *dentry, struct page *page, struct inode *dir, diff --git a/fs/f2fs/hash.c b/fs/f2fs/hash.c index 28acb24e7a7a8..6d7ddf2fd308f 100644 --- a/fs/f2fs/hash.c +++ b/fs/f2fs/hash.c @@ -68,8 +68,9 @@ static void str2hashbuf(const unsigned char *msg, size_t len, *buf++ = pad; } -static f2fs_hash_t __f2fs_dentry_hash(const struct qstr *name_info, - struct fscrypt_name *fname) +static f2fs_hash_t __f2fs_dentry_hash(const struct inode *dir, + const struct qstr *name_info, + const struct fscrypt_name *fname) { __u32 hash; f2fs_hash_t f2fs_hash; @@ -85,6 +86,11 @@ static f2fs_hash_t __f2fs_dentry_hash(const struct qstr *name_info, if (is_dot_dotdot(name_info)) return 0; + if (IS_CASEFOLDED(dir) && IS_ENCRYPTED(dir)) { + f2fs_hash = fscrypt_fname_siphash(dir, name_info); + return f2fs_hash; + } + /* Initialize the default seed for the hash checksum functions */ buf[0] = 0x67452301; buf[1] = 0xefcdab89; @@ -106,7 +112,7 @@ static f2fs_hash_t __f2fs_dentry_hash(const struct qstr *name_info, } f2fs_hash_t f2fs_dentry_hash(const struct inode *dir, - const struct qstr *name_info, struct fscrypt_name *fname) + const struct qstr *name_info, const struct fscrypt_name *fname) { #ifdef CONFIG_UNICODE struct f2fs_sb_info *sbi = F2FS_SB(dir->i_sb); @@ -114,27 +120,30 @@ f2fs_hash_t f2fs_dentry_hash(const struct inode *dir, int r, dlen; unsigned char *buff; struct qstr folded; + const struct qstr *name = fname ? fname->usr_fname : name_info; if (!name_info->len || !IS_CASEFOLDED(dir)) goto opaque_seq; + if (IS_ENCRYPTED(dir) && !fscrypt_has_encryption_key(dir)) + goto opaque_seq; + buff = f2fs_kzalloc(sbi, sizeof(char) * PATH_MAX, GFP_KERNEL); if (!buff) return -ENOMEM; - - dlen = utf8_casefold(um, name_info, buff, PATH_MAX); + dlen = utf8_casefold(um, name, buff, PATH_MAX); if (dlen < 0) { kvfree(buff); goto opaque_seq; } folded.name = buff; folded.len = dlen; - r = __f2fs_dentry_hash(&folded, fname); + r = __f2fs_dentry_hash(dir, &folded, fname); kvfree(buff); return r; opaque_seq: #endif - return __f2fs_dentry_hash(name_info, fname); + return __f2fs_dentry_hash(dir, name_info, fname); } diff --git a/fs/f2fs/inline.c b/fs/f2fs/inline.c index 4167e54081518..4b8fc643df735 100644 --- a/fs/f2fs/inline.c +++ b/fs/f2fs/inline.c @@ -465,8 +465,8 @@ static int f2fs_add_inline_entries(struct inode *dir, void *inline_dentry) ino = le32_to_cpu(de->ino); fake_mode = f2fs_get_de_type(de) << S_SHIFT; - err = f2fs_add_regular_entry(dir, &new_name, NULL, NULL, - ino, fake_mode); + err = f2fs_add_regular_entry(dir, &new_name, NULL, + de->hash_code, NULL, ino, fake_mode); if (err) goto punch_dentry_pages; @@ -578,7 +578,7 @@ int f2fs_try_convert_inline_dir(struct inode *dir, struct dentry *dentry) } int f2fs_add_inline_entry(struct inode *dir, const struct qstr *new_name, - const struct qstr *orig_name, + const struct fscrypt_name *fname, struct inode *inode, nid_t ino, umode_t mode) { struct f2fs_sb_info *sbi = F2FS_I_SB(dir); @@ -589,6 +589,7 @@ int f2fs_add_inline_entry(struct inode *dir, const struct qstr *new_name, struct f2fs_dentry_ptr d; int slots = GET_DENTRY_SLOTS(new_name->len); struct page *page = NULL; + const struct qstr *orig_name = fname->usr_fname; int err = 0; ipage = f2fs_get_node_page(sbi, dir->i_ino); @@ -619,7 +620,7 @@ int f2fs_add_inline_entry(struct inode *dir, const struct qstr *new_name, f2fs_wait_on_page_writeback(ipage, NODE, true, true); - name_hash = f2fs_dentry_hash(dir, new_name, NULL); + name_hash = f2fs_dentry_hash(dir, new_name, fname); f2fs_update_dentry(ino, mode, &d, new_name, name_hash, bit_pos); set_page_dirty(ipage); diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 7520a9c04c75e..b30925a44ac71 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -3228,12 +3228,6 @@ static int f2fs_setup_casefold(struct f2fs_sb_info *sbi) struct unicode_map *encoding; __u16 encoding_flags; - if (f2fs_sb_has_encrypt(sbi)) { - f2fs_err(sbi, - "Can't mount with encoding and encryption"); - return -EINVAL; - } - if (f2fs_sb_read_encoding(sbi->raw_super, &encoding_info, &encoding_flags)) { f2fs_err(sbi, -- 2.25.0.341.g760bfbb309-goog _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel