* [PATCH 1/4] f2fs crypto: preallocate a tfm for the data path
@ 2015-05-20 0:43 Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 2/4] f2fs crypto: add two spinlocks to avoid data races Jaegeuk Kim
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Jaegeuk Kim @ 2015-05-20 0:43 UTC (permalink / raw)
To: linux-kernel, linux-fsdevel, linux-f2fs-devel; +Cc: Jaegeuk Kim
This patch is to avoid memory allocation during data path for crypto structure
such as tfm.
In order to do that, it introduces f2fs_setup_crypto() which allocates tfm and
generates the key likewise f2fs_setup_fname_crypto().
And, f2fs_setup_crypto is called by user APIs.
Then, in the data path, f2fs_crypto_ctx will be used to allocate pages for
actual crypto stuffs.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/crypto.c | 126 ++++++++++++++++++++------------------------------
fs/f2fs/f2fs.h | 1 +
fs/f2fs/f2fs_crypto.h | 2 -
fs/f2fs/file.c | 20 ++++----
fs/f2fs/segment.c | 3 +-
5 files changed, 64 insertions(+), 88 deletions(-)
diff --git a/fs/f2fs/crypto.c b/fs/f2fs/crypto.c
index c6d1122..c0c5fd2 100644
--- a/fs/f2fs/crypto.c
+++ b/fs/f2fs/crypto.c
@@ -91,8 +91,6 @@ void f2fs_release_crypto_ctx(struct f2fs_crypto_ctx *ctx)
}
ctx->w.control_page = NULL;
if (ctx->flags & F2FS_CTX_REQUIRES_FREE_ENCRYPT_FL) {
- if (ctx->tfm)
- crypto_free_tfm(ctx->tfm);
kmem_cache_free(f2fs_crypto_ctx_cachep, ctx);
} else {
spin_lock_irqsave(&f2fs_crypto_ctx_lock, flags);
@@ -101,6 +99,51 @@ void f2fs_release_crypto_ctx(struct f2fs_crypto_ctx *ctx)
}
}
+int f2fs_setup_crypto(struct inode *inode)
+{
+ struct f2fs_inode_info *fi = F2FS_I(inode);
+ struct f2fs_crypt_info *ci;
+ struct crypto_ablkcipher *ctfm;
+ int res;
+
+ res = f2fs_get_encryption_info(inode);
+ if (res < 0)
+ return res;
+
+ if (!fi->i_crypt_info)
+ return -EACCES;
+
+ ci = fi->i_crypt_info;
+
+ if (ci->ci_data_mode != F2FS_ENCRYPTION_MODE_AES_256_XTS) {
+ printk_once(KERN_WARNING "f2fs: unsupported key mode %d\n",
+ ci->ci_data_mode);
+ return -ENOTSUPP;
+ }
+
+ ctfm = crypto_alloc_ablkcipher("xts(aes)", 0, 0);
+ if (!ctfm || IS_ERR(ctfm)) {
+ res = ctfm ? PTR_ERR(ctfm) : -ENOMEM;
+ printk(KERN_DEBUG "%s: error (%d) allocating crypto tfm\n",
+ __func__, res);
+ return res;
+ }
+
+ BUG_ON(ci->ci_size != f2fs_encryption_key_size(ci->ci_data_mode));
+
+ crypto_ablkcipher_clear_flags(ctfm, ~0);
+ crypto_tfm_set_flags(crypto_ablkcipher_tfm(ctfm),
+ CRYPTO_TFM_REQ_WEAK_KEY);
+
+ res = crypto_ablkcipher_setkey(ctfm, ci->ci_raw, ci->ci_size);
+ if (res) {
+ crypto_free_ablkcipher(ctfm);
+ return -EIO;
+ }
+ ci->ci_ctfm = ctfm;
+ return 0;
+}
+
/**
* f2fs_get_crypto_ctx() - Gets an encryption context
* @inode: The inode for which we are doing the crypto
@@ -113,11 +156,9 @@ void f2fs_release_crypto_ctx(struct f2fs_crypto_ctx *ctx)
struct f2fs_crypto_ctx *f2fs_get_crypto_ctx(struct inode *inode)
{
struct f2fs_crypto_ctx *ctx = NULL;
- int res = 0;
unsigned long flags;
- struct f2fs_crypt_info *ci = F2FS_I(inode)->i_crypt_info;
- if (ci == NULL)
+ if (F2FS_I(inode)->i_crypt_info == NULL)
return ERR_PTR(-EACCES);
/*
@@ -138,56 +179,13 @@ struct f2fs_crypto_ctx *f2fs_get_crypto_ctx(struct inode *inode)
spin_unlock_irqrestore(&f2fs_crypto_ctx_lock, flags);
if (!ctx) {
ctx = kmem_cache_zalloc(f2fs_crypto_ctx_cachep, GFP_NOFS);
- if (!ctx) {
- res = -ENOMEM;
- goto out;
- }
+ if (!ctx)
+ return ERR_PTR(-ENOMEM);
ctx->flags |= F2FS_CTX_REQUIRES_FREE_ENCRYPT_FL;
} else {
ctx->flags &= ~F2FS_CTX_REQUIRES_FREE_ENCRYPT_FL;
}
ctx->flags &= ~F2FS_WRITE_PATH_FL;
-
- /*
- * Allocate a new Crypto API context if we don't already have
- * one or if it isn't the right mode.
- */
- if (ctx->tfm && (ctx->mode != ci->ci_data_mode)) {
- crypto_free_tfm(ctx->tfm);
- ctx->tfm = NULL;
- ctx->mode = F2FS_ENCRYPTION_MODE_INVALID;
- }
- if (!ctx->tfm) {
- switch (ci->ci_data_mode) {
- case F2FS_ENCRYPTION_MODE_AES_256_XTS:
- ctx->tfm = crypto_ablkcipher_tfm(
- crypto_alloc_ablkcipher("xts(aes)", 0, 0));
- break;
- case F2FS_ENCRYPTION_MODE_AES_256_GCM:
- /*
- * TODO(mhalcrow): AEAD w/ gcm(aes);
- * crypto_aead_setauthsize()
- */
- ctx->tfm = ERR_PTR(-ENOTSUPP);
- break;
- default:
- BUG();
- }
- if (IS_ERR_OR_NULL(ctx->tfm)) {
- res = PTR_ERR(ctx->tfm);
- ctx->tfm = NULL;
- goto out;
- }
- ctx->mode = ci->ci_data_mode;
- }
- BUG_ON(ci->ci_size != f2fs_encryption_key_size(ci->ci_data_mode));
-
-out:
- if (res) {
- if (!IS_ERR_OR_NULL(ctx))
- f2fs_release_crypto_ctx(ctx);
- ctx = ERR_PTR(res);
- }
return ctx;
}
@@ -229,11 +227,8 @@ static void f2fs_crypto_destroy(void)
{
struct f2fs_crypto_ctx *pos, *n;
- list_for_each_entry_safe(pos, n, &f2fs_free_crypto_ctxs, free_list) {
- if (pos->tfm)
- crypto_free_tfm(pos->tfm);
+ list_for_each_entry_safe(pos, n, &f2fs_free_crypto_ctxs, free_list)
kmem_cache_free(f2fs_crypto_ctx_cachep, pos);
- }
INIT_LIST_HEAD(&f2fs_free_crypto_ctxs);
if (f2fs_bounce_page_pool)
mempool_destroy(f2fs_bounce_page_pool);
@@ -384,30 +379,9 @@ static int f2fs_page_crypto(struct f2fs_crypto_ctx *ctx,
DECLARE_F2FS_COMPLETION_RESULT(ecr);
struct scatterlist dst, src;
struct f2fs_inode_info *fi = F2FS_I(inode);
- struct crypto_ablkcipher *atfm = __crypto_ablkcipher_cast(ctx->tfm);
+ struct crypto_ablkcipher *atfm = fi->i_crypt_info->ci_ctfm;
int res = 0;
- BUG_ON(!ctx->tfm);
- BUG_ON(ctx->mode != fi->i_crypt_info->ci_data_mode);
-
- if (ctx->mode != F2FS_ENCRYPTION_MODE_AES_256_XTS) {
- printk_ratelimited(KERN_ERR
- "%s: unsupported crypto algorithm: %d\n",
- __func__, ctx->mode);
- return -ENOTSUPP;
- }
-
- crypto_ablkcipher_clear_flags(atfm, ~0);
- crypto_tfm_set_flags(ctx->tfm, CRYPTO_TFM_REQ_WEAK_KEY);
-
- res = crypto_ablkcipher_setkey(atfm, fi->i_crypt_info->ci_raw,
- fi->i_crypt_info->ci_size);
- if (res) {
- printk_ratelimited(KERN_ERR
- "%s: crypto_ablkcipher_setkey() failed\n",
- __func__);
- return res;
- }
req = ablkcipher_request_alloc(atfm, GFP_NOFS);
if (!req) {
printk_ratelimited(KERN_ERR
diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
index 7e93fcf..801afcb 100644
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -2008,6 +2008,7 @@ int f2fs_get_policy(struct inode *, struct f2fs_encryption_policy *);
extern struct kmem_cache *f2fs_crypt_info_cachep;
bool f2fs_valid_contents_enc_mode(uint32_t);
uint32_t f2fs_validate_encryption_key_size(uint32_t, uint32_t);
+int f2fs_setup_crypto(struct inode *);
struct f2fs_crypto_ctx *f2fs_get_crypto_ctx(struct inode *);
void f2fs_release_crypto_ctx(struct f2fs_crypto_ctx *);
struct page *f2fs_encrypt(struct inode *, struct page *);
diff --git a/fs/f2fs/f2fs_crypto.h b/fs/f2fs/f2fs_crypto.h
index e33cec9..6022269 100644
--- a/fs/f2fs/f2fs_crypto.h
+++ b/fs/f2fs/f2fs_crypto.h
@@ -90,7 +90,6 @@ struct f2fs_crypt_info {
#define F2FS_WRITE_PATH_FL 0x00000004
struct f2fs_crypto_ctx {
- struct crypto_tfm *tfm; /* Crypto API context */
union {
struct {
struct page *bounce_page; /* Ciphertext page */
@@ -103,7 +102,6 @@ struct f2fs_crypto_ctx {
struct list_head free_list; /* Free list */
};
char flags; /* Flags */
- char mode; /* Encryption mode for tfm */
};
struct f2fs_completion_result {
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index cb0d6b6..35a3b26 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -411,7 +411,7 @@ static int f2fs_file_mmap(struct file *file, struct vm_area_struct *vma)
struct inode *inode = file_inode(file);
if (f2fs_encrypted_inode(inode)) {
- int err = f2fs_get_encryption_info(inode);
+ int err = f2fs_setup_crypto(inode);
if (err)
return 0;
}
@@ -433,7 +433,7 @@ static int f2fs_file_open(struct inode *inode, struct file *filp)
int ret = generic_file_open(inode, filp);
if (!ret && f2fs_encrypted_inode(inode)) {
- ret = f2fs_get_encryption_info(inode);
+ ret = f2fs_setup_crypto(inode);
if (ret)
ret = -EACCES;
}
@@ -647,9 +647,11 @@ int f2fs_setattr(struct dentry *dentry, struct iattr *attr)
return err;
if (attr->ia_valid & ATTR_SIZE) {
- if (f2fs_encrypted_inode(inode) &&
- f2fs_get_encryption_info(inode))
- return -EACCES;
+ if (f2fs_encrypted_inode(inode)) {
+ err = f2fs_setup_crypto(inode);
+ if (err)
+ return err == -EINVAL ? -EACCES : err;
+ }
if (attr->ia_size != i_size_read(inode)) {
truncate_setsize(inode, attr->ia_size);
@@ -1500,9 +1502,11 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
struct inode *inode = file_inode(iocb->ki_filp);
if (f2fs_encrypted_inode(inode) &&
- !f2fs_has_encryption_key(inode) &&
- f2fs_get_encryption_info(inode))
- return -EACCES;
+ !f2fs_has_encryption_key(inode)) {
+ int err = f2fs_setup_crypto(inode);
+ if (err)
+ return err == -EINVAL ? -EACCES : err;
+ }
return generic_file_write_iter(iocb, from);
}
diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
index 88428e6..59566ae 100644
--- a/fs/f2fs/segment.c
+++ b/fs/f2fs/segment.c
@@ -797,8 +797,7 @@ struct page *get_sum_page(struct f2fs_sb_info *sbi, unsigned int segno)
return get_meta_page(sbi, GET_SUM_BLOCK(sbi, segno));
}
-void update_meta_page(struct f2fs_sb_info *sbi, void *src,
- block_t blk_addr)
+void update_meta_page(struct f2fs_sb_info *sbi, void *src, block_t blk_addr)
{
struct page *page = grab_meta_page(sbi, blk_addr);
void *dst = page_address(page);
--
2.1.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/4] f2fs crypto: add two spinlocks to avoid data races
2015-05-20 0:43 [PATCH 1/4] f2fs crypto: preallocate a tfm for the data path Jaegeuk Kim
@ 2015-05-20 0:43 ` Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 3/4] f2fs crypto: check encryption for tmpfile Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 4/4] f2fs crypto: assign GFP_KERNEL for f2fs_derive_key_aes Jaegeuk Kim
2 siblings, 0 replies; 9+ messages in thread
From: Jaegeuk Kim @ 2015-05-20 0:43 UTC (permalink / raw)
To: linux-kernel, linux-fsdevel, linux-f2fs-devel; +Cc: Jaegeuk Kim
Previoulsy, fi->i_crypt_info and tfm allocation were not covered by any lock,
resulting in memory leak when multiple threads try to allocate at the same time.
=============================================================================
BUG f2fs_crypt_info (Tainted: G O ): Objects remaining in
f2fs_crypt_info on kmem_cache_close()
-----------------------------------------------------------------------------
Disabling lock debugging due to kernel taint
CPU: 3 PID: 26284 Comm: rmmod Tainted: G B O 4.1.0-rc2+ #20
Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
ffff8800376d98c0 ffff88001dd13d38 ffffffff817ffd6a 0000000000000001
ffffea00007d6a80 ffff88001dd13e08 ffffffff81218ac0 ffff880000000020
ffff88001dd13e18 ffff88001dd13dc8 656a624f001a0000 616d657220737463
Call Trace:
[<ffffffff817ffd6a>] dump_stack+0x4f/0x7b
[<ffffffff81218ac0>] slab_err+0xa0/0xb0
[<ffffffff8121c89c>] ? __kmalloc+0x37c/0x3d0
[<ffffffff8121dcd6>] ? __kmem_cache_shutdown+0x126/0x340
[<ffffffff8121dcd6>] ? __kmem_cache_shutdown+0x126/0x340
[<ffffffff8121dcf6>] __kmem_cache_shutdown+0x146/0x340
[<ffffffff811e3079>] ? kmem_cache_destroy+0x39/0x130
[<ffffffff811e30e8>] kmem_cache_destroy+0xa8/0x130
[<ffffffffa03a0801>] f2fs_exit_crypto+0x41/0x50 [f2fs]
[<ffffffffa03a1e2a>] exit_f2fs_fs+0x28/0x1fe [f2fs]
[<ffffffff8113125c>] SyS_delete_module+0x18c/0x210
[<ffffffff8180b532>] system_call_fastpath+0x16/0x7a
INFO: Object 0xffff88001f5ab3e0 @offset=5088
INFO: Allocated in _f2fs_get_encryption_info+0x97/0x260 [f2fs]
__slab_alloc+0x4bd/0x562
kmem_cache_alloc+0x2a4/0x390
_f2fs_get_encryption_info+0x97/0x260 [f2fs]
f2fs_file_open+0x57/0x70 [f2fs]
do_dentry_open+0x257/0x350
vfs_open+0x49/0x50
do_last+0x208/0x13e0
path_openat+0x84/0x660
do_filp_open+0x3a/0x90
do_sys_open+0x128/0x220
SyS_creat+0x1e/0x20
system_call_fastpath+0x16/0x7a
INFO: Freed in f2fs_free_encryption_info+0x52/0x70 [f2fs]
__slab_free+0x39/0x214
kmem_cache_free+0x394/0x3a0
f2fs_free_encryption_info+0x52/0x70 [f2fs]
f2fs_evict_inode+0x15a/0x460 [f2fs]
evict+0xb8/0x190
iput+0x30e/0x3f0
d_delete+0x178/0x1b0
vfs_rmdir+0x122/0x140
do_rmdir+0x1fb/0x220
SyS_rmdir+0x16/0x20
system_call_fastpath+0x16/0x7a
This patch adds one rwlock and one spinlock to avoid leaking objects.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/crypto.c | 11 ++++++++++-
fs/f2fs/crypto_fname.c | 10 +++++++++-
fs/f2fs/crypto_key.c | 32 +++++++++++++++++++++++---------
fs/f2fs/f2fs.h | 2 ++
fs/f2fs/super.c | 2 ++
5 files changed, 46 insertions(+), 11 deletions(-)
diff --git a/fs/f2fs/crypto.c b/fs/f2fs/crypto.c
index c0c5fd2..5a614fe 100644
--- a/fs/f2fs/crypto.c
+++ b/fs/f2fs/crypto.c
@@ -104,6 +104,7 @@ int f2fs_setup_crypto(struct inode *inode)
struct f2fs_inode_info *fi = F2FS_I(inode);
struct f2fs_crypt_info *ci;
struct crypto_ablkcipher *ctfm;
+ bool free = false;
int res;
res = f2fs_get_encryption_info(inode);
@@ -140,7 +141,15 @@ int f2fs_setup_crypto(struct inode *inode)
crypto_free_ablkcipher(ctfm);
return -EIO;
}
- ci->ci_ctfm = ctfm;
+
+ spin_lock(&fi->crypto_tfmlock);
+ if (ci->ci_ctfm)
+ free = true;
+ else
+ ci->ci_ctfm = ctfm;
+ spin_unlock(&fi->crypto_tfmlock);
+ if (free)
+ crypto_free_ablkcipher(ctfm);
return 0;
}
diff --git a/fs/f2fs/crypto_fname.c b/fs/f2fs/crypto_fname.c
index 016c4b6..dd73c81 100644
--- a/fs/f2fs/crypto_fname.c
+++ b/fs/f2fs/crypto_fname.c
@@ -254,6 +254,7 @@ int f2fs_setup_fname_crypto(struct inode *inode)
struct f2fs_inode_info *fi = F2FS_I(inode);
struct f2fs_crypt_info *ci = fi->i_crypt_info;
struct crypto_ablkcipher *ctfm;
+ bool free = false;
int res;
/* Check if the crypto policy is set on the inode */
@@ -291,7 +292,14 @@ int f2fs_setup_fname_crypto(struct inode *inode)
crypto_free_ablkcipher(ctfm);
return -EIO;
}
- ci->ci_ctfm = ctfm;
+ spin_lock(&fi->crypto_tfmlock);
+ if (ci->ci_ctfm)
+ free = true;
+ else
+ ci->ci_ctfm = ctfm;
+ spin_unlock(&fi->crypto_tfmlock);
+ if (free)
+ crypto_free_ablkcipher(ctfm);
return 0;
}
diff --git a/fs/f2fs/crypto_key.c b/fs/f2fs/crypto_key.c
index 8a10569..2f5a45b 100644
--- a/fs/f2fs/crypto_key.c
+++ b/fs/f2fs/crypto_key.c
@@ -114,17 +114,19 @@ int _f2fs_get_encryption_info(struct inode *inode)
struct f2fs_encryption_context ctx;
struct user_key_payload *ukp;
int res;
+ bool drop = false;
res = f2fs_crypto_initialize();
if (res)
return res;
- if (fi->i_crypt_info) {
- if (!fi->i_crypt_info->ci_keyring_key ||
- key_validate(fi->i_crypt_info->ci_keyring_key) == 0)
- return 0;
- f2fs_free_encryption_info(inode);
+ read_lock(&fi->crypto_lock);
+ if (fi->i_crypt_info && (!fi->i_crypt_info->ci_keyring_key ||
+ key_validate(fi->i_crypt_info->ci_keyring_key) == 0)) {
+ read_unlock(&fi->crypto_lock);
+ return 0;
}
+ read_unlock(&fi->crypto_lock);
res = f2fs_getxattr(inode, F2FS_XATTR_INDEX_ENCRYPTION,
F2FS_XATTR_NAME_ENCRYPTION_CONTEXT,
@@ -187,18 +189,30 @@ out:
res = 0;
kmem_cache_free(f2fs_crypt_info_cachep, crypt_info);
} else {
- fi->i_crypt_info = crypt_info;
- crypt_info->ci_keyring_key = keyring_key;
- keyring_key = NULL;
+ write_lock(&fi->crypto_lock);
+ if (fi->i_crypt_info) {
+ drop = true;
+ } else {
+ fi->i_crypt_info = crypt_info;
+ crypt_info->ci_keyring_key = keyring_key;
+ keyring_key = NULL;
+ }
+ write_unlock(&fi->crypto_lock);
}
if (keyring_key)
key_put(keyring_key);
+ if (drop)
+ kmem_cache_free(f2fs_crypt_info_cachep, crypt_info);
return res;
}
int f2fs_has_encryption_key(struct inode *inode)
{
struct f2fs_inode_info *fi = F2FS_I(inode);
+ int ret;
- return (fi->i_crypt_info != NULL);
+ read_lock(&fi->crypto_lock);
+ ret = (fi->i_crypt_info != NULL);
+ read_unlock(&fi->crypto_lock);
+ return ret;
}
diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
index 801afcb..34a968b 100644
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -431,6 +431,8 @@ struct f2fs_inode_info {
#ifdef CONFIG_F2FS_FS_ENCRYPTION
/* Encryption params */
struct f2fs_crypt_info *i_crypt_info;
+ rwlock_t crypto_lock; /* lock for crypt_info */
+ spinlock_t crypto_tfmlock; /* lock for crypto tfm allocation */
#endif
};
diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index bbeb6d7..ae14fc4 100644
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -418,6 +418,8 @@ static struct inode *f2fs_alloc_inode(struct super_block *sb)
#ifdef CONFIG_F2FS_FS_ENCRYPTION
fi->i_crypt_info = NULL;
+ rwlock_init(&fi->crypto_lock);
+ spin_lock_init(&fi->crypto_tfmlock);
#endif
return &fi->vfs_inode;
}
--
2.1.1
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 3/4] f2fs crypto: check encryption for tmpfile
2015-05-20 0:43 [PATCH 1/4] f2fs crypto: preallocate a tfm for the data path Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 2/4] f2fs crypto: add two spinlocks to avoid data races Jaegeuk Kim
@ 2015-05-20 0:43 ` Jaegeuk Kim
2015-05-20 4:46 ` Theodore Ts'o
2015-05-28 10:20 ` Chao Yu
2015-05-20 0:43 ` [PATCH 4/4] f2fs crypto: assign GFP_KERNEL for f2fs_derive_key_aes Jaegeuk Kim
2 siblings, 2 replies; 9+ messages in thread
From: Jaegeuk Kim @ 2015-05-20 0:43 UTC (permalink / raw)
To: linux-kernel, linux-fsdevel, linux-f2fs-devel; +Cc: Jaegeuk Kim
This patch adds to check encryption for tmpfile in early stage.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/namei.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
index dded2b0..47066b0 100644
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@@ -531,6 +531,11 @@ static int __f2fs_tmpfile(struct inode *dir, struct dentry *dentry,
}
f2fs_lock_op(sbi);
+
+ err = f2fs_get_encryption_info(dir);
+ if (err)
+ goto out;
+
err = acquire_orphan_inode(sbi);
if (err)
goto out;
--
2.1.1
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 4/4] f2fs crypto: assign GFP_KERNEL for f2fs_derive_key_aes
2015-05-20 0:43 [PATCH 1/4] f2fs crypto: preallocate a tfm for the data path Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 2/4] f2fs crypto: add two spinlocks to avoid data races Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 3/4] f2fs crypto: check encryption for tmpfile Jaegeuk Kim
@ 2015-05-20 0:43 ` Jaegeuk Kim
2 siblings, 0 replies; 9+ messages in thread
From: Jaegeuk Kim @ 2015-05-20 0:43 UTC (permalink / raw)
To: linux-kernel, linux-fsdevel, linux-f2fs-devel; +Cc: Jaegeuk Kim
The f2fs_derive_key_aes is called not from data path, so we can use GFP_KERNEL.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/crypto_key.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/f2fs/crypto_key.c b/fs/f2fs/crypto_key.c
index 2f5a45b..49f9e31 100644
--- a/fs/f2fs/crypto_key.c
+++ b/fs/f2fs/crypto_key.c
@@ -56,7 +56,7 @@ static int f2fs_derive_key_aes(char deriving_key[F2FS_AES_128_ECB_KEY_SIZE],
goto out;
}
crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
- req = ablkcipher_request_alloc(tfm, GFP_NOFS);
+ req = ablkcipher_request_alloc(tfm, GFP_KERNEL);
if (!req) {
res = -ENOMEM;
goto out;
@@ -137,7 +137,7 @@ int _f2fs_get_encryption_info(struct inode *inode)
return -EINVAL;
res = 0;
- crypt_info = kmem_cache_alloc(f2fs_crypt_info_cachep, GFP_NOFS);
+ crypt_info = kmem_cache_alloc(f2fs_crypt_info_cachep, GFP_KERNEL);
if (!crypt_info)
return -ENOMEM;
--
2.1.1
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 3/4] f2fs crypto: check encryption for tmpfile
2015-05-20 0:43 ` [PATCH 3/4] f2fs crypto: check encryption for tmpfile Jaegeuk Kim
@ 2015-05-20 4:46 ` Theodore Ts'o
2015-05-20 5:01 ` Jaegeuk Kim
2015-05-28 10:20 ` Chao Yu
1 sibling, 1 reply; 9+ messages in thread
From: Theodore Ts'o @ 2015-05-20 4:46 UTC (permalink / raw)
To: Jaegeuk Kim; +Cc: linux-fsdevel, linux-kernel, linux-f2fs-devel
On Tue, May 19, 2015 at 05:43:25PM -0700, Jaegeuk Kim wrote:
> This patch adds to check encryption for tmpfile in early stage.
Don't you also need a call to ext4_inherit_context(dir, inode) here?
(I need to fix this for ext4 as well).
- Ted
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/4] f2fs crypto: check encryption for tmpfile
2015-05-20 4:46 ` Theodore Ts'o
@ 2015-05-20 5:01 ` Jaegeuk Kim
2015-05-20 6:00 ` [f2fs-dev] " Jaegeuk Kim
0 siblings, 1 reply; 9+ messages in thread
From: Jaegeuk Kim @ 2015-05-20 5:01 UTC (permalink / raw)
To: Theodore Ts'o, linux-kernel, linux-fsdevel, linux-f2fs-devel
On Wed, May 20, 2015 at 12:46:04AM -0400, Theodore Ts'o wrote:
> On Tue, May 19, 2015 at 05:43:25PM -0700, Jaegeuk Kim wrote:
> > This patch adds to check encryption for tmpfile in early stage.
>
> Don't you also need a call to ext4_inherit_context(dir, inode) here?
> (I need to fix this for ext4 as well).
Actually this should be:
err = f2fs_get_encryption_info(inode); <- for inode.
if (err)
goto out;
In f2fs, f2fs_do_tmpfile calls f2fs_inherit_context already. :)
>
> - Ted
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [f2fs-dev] [PATCH 3/4] f2fs crypto: check encryption for tmpfile
2015-05-20 5:01 ` Jaegeuk Kim
@ 2015-05-20 6:00 ` Jaegeuk Kim
0 siblings, 0 replies; 9+ messages in thread
From: Jaegeuk Kim @ 2015-05-20 6:00 UTC (permalink / raw)
To: Theodore Ts'o, linux-kernel, linux-fsdevel, linux-f2fs-devel
On Tue, May 19, 2015 at 10:01:25PM -0700, Jaegeuk Kim wrote:
> On Wed, May 20, 2015 at 12:46:04AM -0400, Theodore Ts'o wrote:
> > On Tue, May 19, 2015 at 05:43:25PM -0700, Jaegeuk Kim wrote:
> > > This patch adds to check encryption for tmpfile in early stage.
> >
> > Don't you also need a call to ext4_inherit_context(dir, inode) here?
> > (I need to fix this for ext4 as well).
>
> Actually this should be:
>
> err = f2fs_get_encryption_info(inode); <- for inode.
> if (err)
> goto out;
Sorry Ted,
Please ignore the above; dir was correct.
>
> In f2fs, f2fs_do_tmpfile calls f2fs_inherit_context already. :)
>
> >
> > - Ted
>
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: [f2fs-dev] [PATCH 3/4] f2fs crypto: check encryption for tmpfile
2015-05-20 0:43 ` [PATCH 3/4] f2fs crypto: check encryption for tmpfile Jaegeuk Kim
2015-05-20 4:46 ` Theodore Ts'o
@ 2015-05-28 10:20 ` Chao Yu
2015-05-28 17:01 ` Jaegeuk Kim
1 sibling, 1 reply; 9+ messages in thread
From: Chao Yu @ 2015-05-28 10:20 UTC (permalink / raw)
To: 'Jaegeuk Kim'; +Cc: linux-kernel, linux-fsdevel, linux-f2fs-devel
Hi Jaegeuk,
> -----Original Message-----
> From: Jaegeuk Kim [mailto:jaegeuk@kernel.org]
> Sent: Wednesday, May 20, 2015 8:43 AM
> To: linux-kernel@vger.kernel.org; linux-fsdevel@vger.kernel.org;
> linux-f2fs-devel@lists.sourceforge.net
> Cc: Jaegeuk Kim
> Subject: [f2fs-dev] [PATCH 3/4] f2fs crypto: check encryption for tmpfile
>
> This patch adds to check encryption for tmpfile in early stage.
>
> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> ---
> fs/f2fs/namei.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
> index dded2b0..47066b0 100644
> --- a/fs/f2fs/namei.c
> +++ b/fs/f2fs/namei.c
> @@ -531,6 +531,11 @@ static int __f2fs_tmpfile(struct inode *dir, struct dentry *dentry,
> }
>
> f2fs_lock_op(sbi);
> +
> + err = f2fs_get_encryption_info(dir);
> + if (err)
> + goto out;
> +
> err = acquire_orphan_inode(sbi);
> if (err)
> goto out;
> --
> 2.1.1
I can't find the original thread, so I reply here.
Merged patch in dev branch shows that our code is modified as below:
static int f2fs_tmpfile(struct inode *dir, struct dentry *dentry, umode_t mode)
{
+ int err = f2fs_get_encryption_info(dir);
+ if (err)
+ return err;
+
return __f2fs_tmpfile(dir, dentry, mode, NULL);
}
It seems that, if we try to make a temp file in an unencrypted dir, we will
always fail with -ENODATA in f2fs_get_encryption_info because encryption
context is not exist in xattr.
So we should check dir with f2fs_encrypted_inode() before
f2fs_get_encryption_info() to avoid that.
Thanks,
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/4] f2fs crypto: check encryption for tmpfile
2015-05-28 10:20 ` Chao Yu
@ 2015-05-28 17:01 ` Jaegeuk Kim
0 siblings, 0 replies; 9+ messages in thread
From: Jaegeuk Kim @ 2015-05-28 17:01 UTC (permalink / raw)
To: Chao Yu; +Cc: linux-fsdevel, linux-kernel, linux-f2fs-devel
Hi Chao,
On Thu, May 28, 2015 at 06:20:05PM +0800, Chao Yu wrote:
> Hi Jaegeuk,
>
> > -----Original Message-----
> > From: Jaegeuk Kim [mailto:jaegeuk@kernel.org]
> > Sent: Wednesday, May 20, 2015 8:43 AM
> > To: linux-kernel@vger.kernel.org; linux-fsdevel@vger.kernel.org;
> > linux-f2fs-devel@lists.sourceforge.net
> > Cc: Jaegeuk Kim
> > Subject: [f2fs-dev] [PATCH 3/4] f2fs crypto: check encryption for tmpfile
> >
> > This patch adds to check encryption for tmpfile in early stage.
> >
> > Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> > ---
> > fs/f2fs/namei.c | 5 +++++
> > 1 file changed, 5 insertions(+)
> >
> > diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
> > index dded2b0..47066b0 100644
> > --- a/fs/f2fs/namei.c
> > +++ b/fs/f2fs/namei.c
> > @@ -531,6 +531,11 @@ static int __f2fs_tmpfile(struct inode *dir, struct dentry *dentry,
> > }
> >
> > f2fs_lock_op(sbi);
> > +
> > + err = f2fs_get_encryption_info(dir);
> > + if (err)
> > + goto out;
> > +
> > err = acquire_orphan_inode(sbi);
> > if (err)
> > goto out;
> > --
> > 2.1.1
>
> I can't find the original thread, so I reply here.
> Merged patch in dev branch shows that our code is modified as below:
>
> static int f2fs_tmpfile(struct inode *dir, struct dentry *dentry, umode_t mode)
> {
> + int err = f2fs_get_encryption_info(dir);
> + if (err)
> + return err;
> +
> return __f2fs_tmpfile(dir, dentry, mode, NULL);
> }
>
> It seems that, if we try to make a temp file in an unencrypted dir, we will
> always fail with -ENODATA in f2fs_get_encryption_info because encryption
> context is not exist in xattr.
>
> So we should check dir with f2fs_encrypted_inode() before
> f2fs_get_encryption_info() to avoid that.
Indeed.
Will fix it up.
Thanks,
>
> Thanks,
------------------------------------------------------------------------------
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2015-05-28 17:01 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-05-20 0:43 [PATCH 1/4] f2fs crypto: preallocate a tfm for the data path Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 2/4] f2fs crypto: add two spinlocks to avoid data races Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 3/4] f2fs crypto: check encryption for tmpfile Jaegeuk Kim
2015-05-20 4:46 ` Theodore Ts'o
2015-05-20 5:01 ` Jaegeuk Kim
2015-05-20 6:00 ` [f2fs-dev] " Jaegeuk Kim
2015-05-28 10:20 ` Chao Yu
2015-05-28 17:01 ` Jaegeuk Kim
2015-05-20 0:43 ` [PATCH 4/4] f2fs crypto: assign GFP_KERNEL for f2fs_derive_key_aes Jaegeuk Kim
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).