From: Jeff Layton <jlayton@kernel.org>
To: Eric Biggers <ebiggers@kernel.org>, linux-fscrypt@vger.kernel.org
Cc: ceph-devel@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-mtd@lists.infradead.org,
Daniel Rosenberg <drosen@google.com>,
linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [f2fs-dev] [PATCH v3 00/13] fscrypt: improve file creation flow
Date: Tue, 22 Sep 2020 07:29:45 -0400 [thread overview]
Message-ID: <da7f608e01cd8725d8da668f1c4a847b29b9de68.camel@kernel.org> (raw)
In-Reply-To: <20200921223509.GB844@sol.localdomain>
On Mon, 2020-09-21 at 15:35 -0700, Eric Biggers wrote:
> On Wed, Sep 16, 2020 at 09:11:23PM -0700, Eric Biggers wrote:
> > Hello,
> >
> > This series reworks the implementation of creating new encrypted files
> > by introducing new helper functions that allow filesystems to set up the
> > inodes' keys earlier, prior to taking too many filesystem locks.
> >
> > This fixes deadlocks that are possible during memory reclaim because
> > fscrypt_get_encryption_info() isn't GFP_NOFS-safe, yet it's called
> > during an ext4 transaction or under f2fs_lock_op(). It also fixes a
> > similar deadlock where f2fs can try to recursively lock a page when the
> > test_dummy_encryption mount option is in use.
> >
> > It also solves an ordering problem that the ceph support for fscrypt
> > will have. For more details about this ordering problem, see the
> > discussion on Jeff Layton's RFC patchsets for ceph fscrypt support
> > (v1: https://lkml.kernel.org/linux-fscrypt/20200821182813.52570-1-jlayton@kernel.org/T/#u
> > v2: https://lkml.kernel.org/linux-fscrypt/20200904160537.76663-1-jlayton@kernel.org/T/#u
> > v3: https://lkml.kernel.org/linux-fscrypt/20200914191707.380444-1-jlayton@kernel.org/T/#u)
> > Note that v3 of the ceph patchset is based on v2 of this patchset.
> >
> > Patch 1 adds the above-mentioned new helper functions. Patches 2-5
> > convert ext4, f2fs, and ubifs to use them, and patches 6-9 clean up a
> > few things afterwards.
> >
> > Finally, patches 10-13 change the implementation of
> > test_dummy_encryption to no longer set up an encryption key for
> > unencrypted directories, which was confusing and was causing problems.
> >
> > This patchset applies to the master branch of
> > https://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git.
> > It can also be retrieved from tag "fscrypt-file-creation-v3" of
> > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git.
> >
> > I'm looking to apply this for 5.10; reviews are greatly appreciated!
> >
> > Changed v2 => v3:
> > - Added patch that changes fscrypt_set_test_dummy_encryption() to take
> > a 'const char *'. (Needed by ceph.)
> > - Fixed bug where fscrypt_prepare_new_inode() succeeded even if the
> > new inode's key couldn't be set up.
> > - Fixed bug where fscrypt_prepare_new_inode() wouldn't derive the
> > dirhash key for new casefolded directories.
> > - Made warning messages account for i_ino possibly being 0 now.
> >
> > Changed v1 => v2:
> > - Added mention of another deadlock this fixes.
> > - Added patches to improve the test_dummy_encryption implementation.
> > - Dropped an ext4 cleanup patch that can be done separately later.
> > - Lots of small cleanups, and a couple small fixes.
> >
> > Eric Biggers (13):
> > fscrypt: add fscrypt_prepare_new_inode() and fscrypt_set_context()
> > ext4: factor out ext4_xattr_credits_for_new_inode()
> > ext4: use fscrypt_prepare_new_inode() and fscrypt_set_context()
> > f2fs: use fscrypt_prepare_new_inode() and fscrypt_set_context()
> > ubifs: use fscrypt_prepare_new_inode() and fscrypt_set_context()
> > fscrypt: adjust logging for in-creation inodes
> > fscrypt: remove fscrypt_inherit_context()
> > fscrypt: require that fscrypt_encrypt_symlink() already has key
> > fscrypt: stop pretending that key setup is nofs-safe
> > fscrypt: make "#define fscrypt_policy" user-only
> > fscrypt: move fscrypt_prepare_symlink() out-of-line
> > fscrypt: handle test_dummy_encryption in more logical way
> > fscrypt: make fscrypt_set_test_dummy_encryption() take a 'const char
> > *'
>
> All applied to fscrypt.git#master for 5.10.
>
> I'd still really appreciate more reviews and acks, though.
>
You can add this to all of the fscrypt: patches. I've tested this under
the ceph patchset and it seems to do the right thing:
Acked-by: Jeff Layton <jlayton@kernel.org>
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-09-22 11:30 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-17 4:11 [f2fs-dev] [PATCH v3 00/13] fscrypt: improve file creation flow Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 01/13] fscrypt: add fscrypt_prepare_new_inode() and fscrypt_set_context() Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 02/13] ext4: factor out ext4_xattr_credits_for_new_inode() Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 03/13] ext4: use fscrypt_prepare_new_inode() and fscrypt_set_context() Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 04/13] f2fs: " Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 05/13] ubifs: " Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 06/13] fscrypt: adjust logging for in-creation inodes Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 07/13] fscrypt: remove fscrypt_inherit_context() Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 08/13] fscrypt: require that fscrypt_encrypt_symlink() already has key Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 09/13] fscrypt: stop pretending that key setup is nofs-safe Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 10/13] fscrypt: make "#define fscrypt_policy" user-only Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 11/13] fscrypt: move fscrypt_prepare_symlink() out-of-line Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 12/13] fscrypt: handle test_dummy_encryption in more logical way Eric Biggers
2020-09-17 4:11 ` [f2fs-dev] [PATCH v3 13/13] fscrypt: make fscrypt_set_test_dummy_encryption() take a 'const char *' Eric Biggers
2020-09-17 12:32 ` Jeff Layton
2020-09-17 15:29 ` Eric Biggers
2020-09-17 16:33 ` Jeff Layton
2020-09-21 22:35 ` [f2fs-dev] [PATCH v3 00/13] fscrypt: improve file creation flow Eric Biggers
2020-09-22 11:29 ` Jeff Layton [this message]
2020-09-22 13:50 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=da7f608e01cd8725d8da668f1c4a847b29b9de68.camel@kernel.org \
--to=jlayton@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=drosen@google.com \
--cc=ebiggers@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).