From: Jeff Layton <jlayton@kernel.org>
To: Luis Henriques <lhenriques@suse.de>
Cc: ceph-devel@vger.kernel.org, xiubli@redhat.com,
linux-fsdevel@vger.kernel.org, linux-fscrypt@vger.kernel.org,
dhowells@redhat.com
Subject: Re: [RFC PATCH v7 11/24] ceph: add routine to create fscrypt context prior to RPC
Date: Wed, 07 Jul 2021 08:29:17 -0400 [thread overview]
Message-ID: <793c1277c2f04eff1537407f873583bc26c5b848.camel@kernel.org> (raw)
In-Reply-To: <YOWGZgcdx/6KcHsx@suse.de>
On Wed, 2021-07-07 at 11:48 +0100, Luis Henriques wrote:
> On Fri, Jun 25, 2021 at 09:58:21AM -0400, Jeff Layton wrote:
> > After pre-creating a new inode, do an fscrypt prepare on it, fetch a
> > new encryption context and then marshal that into the security context
> > to be sent along with the RPC. Call the new function from
> > ceph_new_inode.
> >
> > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > ---
> > fs/ceph/crypto.c | 42 ++++++++++++++++++++++++++++++++++++++++++
> > fs/ceph/crypto.h | 25 +++++++++++++++++++++++++
> > fs/ceph/inode.c | 10 ++++++++--
> > fs/ceph/super.h | 5 +++++
> > fs/ceph/xattr.c | 3 +++
> > 5 files changed, 83 insertions(+), 2 deletions(-)
> >
> > diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c
> > index 997a33e1d59f..675d41fd2eb0 100644
> > --- a/fs/ceph/crypto.c
> > +++ b/fs/ceph/crypto.c
> > @@ -4,6 +4,7 @@
> > #include <linux/fscrypt.h>
> >
> > #include "super.h"
> > +#include "mds_client.h"
> > #include "crypto.h"
> >
> > static int ceph_crypt_get_context(struct inode *inode, void *ctx, size_t len)
> > @@ -86,3 +87,44 @@ void ceph_fscrypt_set_ops(struct super_block *sb)
> > {
> > fscrypt_set_ops(sb, &ceph_fscrypt_ops);
> > }
> > +
> > +int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
> > + struct ceph_acl_sec_ctx *as)
> > +{
> > + int ret, ctxsize;
> > + bool encrypted = false;
> > + struct ceph_inode_info *ci = ceph_inode(inode);
> > +
> > + ret = fscrypt_prepare_new_inode(dir, inode, &encrypted);
> > + if (ret)
> > + return ret;
> > + if (!encrypted)
> > + return 0;
> > +
> > + as->fscrypt_auth = kzalloc(sizeof(*as->fscrypt_auth), GFP_KERNEL);
> > + if (!as->fscrypt_auth)
> > + return -ENOMEM;
> > +
> > + ctxsize = fscrypt_context_for_new_inode(as->fscrypt_auth->cfa_blob, inode);
> > + if (ctxsize < 0)
> > + return ctxsize;
> > +
> > + as->fscrypt_auth->cfa_version = cpu_to_le32(CEPH_FSCRYPT_AUTH_VERSION);
> > + as->fscrypt_auth->cfa_blob_len = cpu_to_le32(ctxsize);
> > +
> > + WARN_ON_ONCE(ci->fscrypt_auth);
> > + kfree(ci->fscrypt_auth);
>
> It's odd to have again a kfree() after a WARN_ON_ONCE() :-)
>
Throw a warning but handle the case sanely? That seems normal to me :)
> > + ci->fscrypt_auth_len = ceph_fscrypt_auth_size(ctxsize);
> > + ci->fscrypt_auth = kmemdup(as->fscrypt_auth, ci->fscrypt_auth_len, GFP_KERNEL);
> > + if (!ci->fscrypt_auth)
> > + return -ENOMEM;
> > +
> > + inode->i_flags |= S_ENCRYPTED;
> > +
> > + return 0;
> > +}
> > +
> > +void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req, struct ceph_acl_sec_ctx *as)
> > +{
> > + swap(req->r_fscrypt_auth, as->fscrypt_auth);
> > +}
>
> This means that req->r_fscrypt_auth will need to be freed in
> ceph_mdsc_release_request(). (I believe you've moved this function to
> some other commit in your experimental branch).
>
Ahh yes. Good catch. I'll fix that up too.
> > diff --git a/fs/ceph/crypto.h b/fs/ceph/crypto.h
> > index d2b1f8e7b300..bdf1ba47db16 100644
> > --- a/fs/ceph/crypto.h
> > +++ b/fs/ceph/crypto.h
> > @@ -11,6 +11,9 @@
> > #define CEPH_XATTR_NAME_ENCRYPTION_CONTEXT "encryption.ctx"
> >
> > #ifdef CONFIG_FS_ENCRYPTION
> > +struct ceph_fs_client;
> > +struct ceph_acl_sec_ctx;
> > +struct ceph_mds_request;
> >
> > #define CEPH_FSCRYPT_AUTH_VERSION 1
> > struct ceph_fscrypt_auth {
> > @@ -19,10 +22,19 @@ struct ceph_fscrypt_auth {
> > u8 cfa_blob[FSCRYPT_SET_CONTEXT_MAX_SIZE];
> > } __packed;
> >
> > +static inline u32 ceph_fscrypt_auth_size(u32 ctxsize)
> > +{
> > + return offsetof(struct ceph_fscrypt_auth, cfa_blob) + ctxsize;
> > +}
> > +
> > void ceph_fscrypt_set_ops(struct super_block *sb);
> >
> > void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc);
> >
> > +int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
> > + struct ceph_acl_sec_ctx *as);
> > +void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req, struct ceph_acl_sec_ctx *as);
> > +
> > #else /* CONFIG_FS_ENCRYPTION */
> >
> > static inline void ceph_fscrypt_set_ops(struct super_block *sb)
> > @@ -32,6 +44,19 @@ static inline void ceph_fscrypt_set_ops(struct super_block *sb)
> > static inline void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc)
> > {
> > }
> > +
> > +static inline int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
> > + struct ceph_acl_sec_ctx *as)
> > +{
> > + if (IS_ENCRYPTED(dir))
> > + return -EOPNOTSUPP;
> > + return 0;
> > +}
> > +
> > +static inline void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
> > + struct ceph_acl_sec_ctx *as_ctx)
> > +{
> > +}
> > #endif /* CONFIG_FS_ENCRYPTION */
> >
> > #endif
> > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > index fba139a4f57b..a0b311195e80 100644
> > --- a/fs/ceph/inode.c
> > +++ b/fs/ceph/inode.c
> > @@ -83,12 +83,17 @@ struct inode *ceph_new_inode(struct inode *dir, struct dentry *dentry,
> > goto out_err;
> > }
> >
> > + inode->i_state = 0;
> > + inode->i_mode = *mode;
> > +
> > err = ceph_security_init_secctx(dentry, *mode, as_ctx);
> > if (err < 0)
> > goto out_err;
> >
> > - inode->i_state = 0;
> > - inode->i_mode = *mode;
> > + err = ceph_fscrypt_prepare_context(dir, inode, as_ctx);
> > + if (err)
> > + goto out_err;
> > +
> > return inode;
> > out_err:
> > iput(inode);
> > @@ -101,6 +106,7 @@ void ceph_as_ctx_to_req(struct ceph_mds_request *req, struct ceph_acl_sec_ctx *a
> > req->r_pagelist = as_ctx->pagelist;
> > as_ctx->pagelist = NULL;
> > }
> > + ceph_fscrypt_as_ctx_to_req(req, as_ctx);
> > }
> >
> > /**
> > diff --git a/fs/ceph/super.h b/fs/ceph/super.h
> > index 534c2a76562d..651d7909a443 100644
> > --- a/fs/ceph/super.h
> > +++ b/fs/ceph/super.h
> > @@ -26,6 +26,8 @@
> > #include <linux/fscache.h>
> > #endif
> >
> > +#include "crypto.h"
> > +
> > /* f_type in struct statfs */
> > #define CEPH_SUPER_MAGIC 0x00c36400
> >
> > @@ -1068,6 +1070,9 @@ struct ceph_acl_sec_ctx {
> > #ifdef CONFIG_CEPH_FS_SECURITY_LABEL
> > void *sec_ctx;
> > u32 sec_ctxlen;
> > +#endif
> > +#ifdef CONFIG_FS_ENCRYPTION
> > + struct ceph_fscrypt_auth *fscrypt_auth;
> > #endif
> > struct ceph_pagelist *pagelist;
> > };
> > diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c
> > index 1242db8d3444..16a62a2bd61e 100644
> > --- a/fs/ceph/xattr.c
> > +++ b/fs/ceph/xattr.c
> > @@ -1362,6 +1362,9 @@ void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx)
> > #endif
> > #ifdef CONFIG_CEPH_FS_SECURITY_LABEL
> > security_release_secctx(as_ctx->sec_ctx, as_ctx->sec_ctxlen);
> > +#endif
> > +#ifdef CONFIG_FS_ENCRYPTION
> > + kfree(as_ctx->fscrypt_auth);
> > #endif
> > if (as_ctx->pagelist)
> > ceph_pagelist_release(as_ctx->pagelist);
> > --
> > 2.31.1
> >
--
Jeff Layton <jlayton@kernel.org>
next prev parent reply other threads:[~2021-07-07 12:29 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-25 13:58 [RFC PATCH v7 00/24] ceph+fscrypt: context, filename and symlink support Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 01/24] vfs: export new_inode_pseudo Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 02/24] fscrypt: export fscrypt_base64_encode and fscrypt_base64_decode Jeff Layton
2021-07-11 17:40 ` Eric Biggers
2021-07-12 11:55 ` Jeff Layton
2021-07-12 14:22 ` Eric Biggers
2021-07-12 14:32 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 03/24] fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size Jeff Layton
2021-07-11 17:43 ` Eric Biggers
2021-06-25 13:58 ` [RFC PATCH v7 04/24] fscrypt: add fscrypt_context_for_new_inode Jeff Layton
2021-07-11 17:44 ` Eric Biggers
2021-06-25 13:58 ` [RFC PATCH v7 05/24] ceph: preallocate inode for ops that may create one Jeff Layton
2021-07-07 3:37 ` Xiubo Li
2021-07-07 12:05 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 06/24] ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces Jeff Layton
2021-07-07 3:53 ` Xiubo Li
2021-07-07 12:09 ` Jeff Layton
2021-07-07 12:46 ` Xiubo Li
2021-07-07 10:47 ` Luis Henriques
2021-07-07 11:19 ` Xiubo Li
2021-07-07 12:19 ` Jeff Layton
2021-07-07 14:32 ` Luis Henriques
2021-07-07 14:56 ` Luis Henriques
2021-07-08 2:56 ` Xiubo Li
2021-07-08 11:26 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 07/24] ceph: add fscrypt_* handling to caps.c Jeff Layton
2021-07-07 7:20 ` Xiubo Li
2021-07-07 12:02 ` Jeff Layton
2021-07-07 12:47 ` Xiubo Li
2021-07-11 23:00 ` Eric Biggers
2021-07-12 13:22 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 08/24] ceph: add ability to set fscrypt_auth via setattr Jeff Layton
2021-07-07 8:11 ` Xiubo Li
2021-07-07 12:10 ` Jeff Layton
2021-07-07 10:47 ` Luis Henriques
2021-07-07 12:25 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 09/24] ceph: crypto context handling for ceph Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 10/24] ceph: implement -o test_dummy_encryption mount option Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 11/24] ceph: add routine to create fscrypt context prior to RPC Jeff Layton
2021-07-07 10:48 ` Luis Henriques
2021-07-07 12:29 ` Jeff Layton [this message]
2021-06-25 13:58 ` [RFC PATCH v7 12/24] ceph: add fscrypt ioctls Jeff Layton
2021-07-08 7:30 ` Xiubo Li
2021-07-08 11:26 ` Jeff Layton
2021-07-08 11:32 ` Xiubo Li
2021-06-25 13:58 ` [RFC PATCH v7 13/24] ceph: decode alternate_name in lease info Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 14/24] ceph: make ceph_msdc_build_path use ref-walk Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 15/24] ceph: add encrypted fname handling to ceph_mdsc_build_path Jeff Layton
2021-07-11 22:53 ` Eric Biggers
2021-07-12 12:36 ` Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 16/24] ceph: send altname in MClientRequest Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 17/24] ceph: properly set DCACHE_NOKEY_NAME flag in lookup Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 18/24] ceph: make d_revalidate call fscrypt revalidator for encrypted dentries Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 19/24] ceph: add helpers for converting names for userland presentation Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 20/24] ceph: add fscrypt support to ceph_fill_trace Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 21/24] ceph: add support to readdir for encrypted filenames Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 22/24] ceph: create symlinks with encrypted and base64-encoded targets Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 23/24] ceph: make ceph_get_name decrypt filenames Jeff Layton
2021-06-25 13:58 ` [RFC PATCH v7 24/24] ceph: add a new ceph.fscrypt.auth vxattr Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=793c1277c2f04eff1537407f873583bc26c5b848.camel@kernel.org \
--to=jlayton@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=dhowells@redhat.com \
--cc=lhenriques@suse.de \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).