From: Miklos Szeredi <miklos@szeredi.hu>
To: Chirantan Ekbote <chirantan@chromium.org>
Cc: linux-fsdevel@vger.kernel.org, Dylan Reid <dgreid@chromium.org>,
Suleiman Souhlal <suleiman@chromium.org>,
fuse-devel <fuse-devel@lists.sourceforge.net>,
Eric Biggers <ebiggers@kernel.org>,
linux-fscrypt@vger.kernel.org
Subject: Re: [PATCH v2 2/2] fuse: Support FS_IOC_GET_ENCRYPTION_POLICY_EX
Date: Mon, 15 Feb 2021 15:49:52 +0100 [thread overview]
Message-ID: <CAJfpegtq1fDapizFX3idgrYd3dahtiZ-32F8bvoEMZwGdD43hQ@mail.gmail.com> (raw)
In-Reply-To: <20201208093808.1572227-3-chirantan@chromium.org>
On Tue, Dec 8, 2020 at 10:38 AM Chirantan Ekbote <chirantan@chromium.org> wrote:
>
> Chrome OS would like to support this ioctl when passed through the fuse
> driver. However since it is dynamically sized, we can't rely on the
> length encoded in the command. Instead check the `policy_size` field of
> the user provided parameter to get the max length of the data returned
> by the server.
I'd also maximize the length at sizeof(union fscrypt_policy). I.e.
virtiofs doesn't need to support higher level versions than the client
kernel supports.
Also, I'm thinking about whether it's safe to enable in plain fuse in
addition to virtiofs. I don't see a reason for not doing so, but
maybe it makes sense to keep disabled until a use case comes up.
Thanks,
Miklos
>
> Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
> ---
> fs/fuse/file.c | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
>
> diff --git a/fs/fuse/file.c b/fs/fuse/file.c
> index 69cffb77a0b25..b64ff7f2fe4dd 100644
> --- a/fs/fuse/file.c
> +++ b/fs/fuse/file.c
> @@ -19,6 +19,7 @@
> #include <linux/falloc.h>
> #include <linux/uio.h>
> #include <linux/fs.h>
> +#include <linux/fscrypt.h>
>
> static struct page **fuse_pages_alloc(unsigned int npages, gfp_t flags,
> struct fuse_page_desc **desc)
> @@ -2710,6 +2711,21 @@ static int fuse_get_ioctl_len(unsigned int cmd, unsigned long arg, size_t *len)
> case FS_IOC_SETFLAGS:
> *len = sizeof(int);
> break;
> + case FS_IOC_GET_ENCRYPTION_POLICY_EX: {
> + __u64 policy_size;
> + struct fscrypt_get_policy_ex_arg __user *uarg =
> + (struct fscrypt_get_policy_ex_arg __user *)arg;
> +
> + if (copy_from_user(&policy_size, &uarg->policy_size,
> + sizeof(policy_size)))
> + return -EFAULT;
> +
> + if (policy_size > SIZE_MAX - sizeof(policy_size))
> + return -EINVAL;
> +
> + *len = sizeof(policy_size) + policy_size;
> + break;
> + }
> default:
> *len = _IOC_SIZE(cmd);
> break;
> --
> 2.29.2.576.ga3fc446d84-goog
>
prev parent reply other threads:[~2021-02-15 14:50 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-07 4:03 [PATCH] fuse: Support FS_IOC_GET_ENCRYPTION_POLICY_EX Chirantan Ekbote
2020-12-07 18:01 ` Eric Biggers
2020-12-08 9:38 ` [PATCH v2 0/2] fuse: fscrypt ioctl support Chirantan Ekbote
2020-12-08 9:38 ` [PATCH v2 1/2] fuse: Move ioctl length calculation to a separate function Chirantan Ekbote
2020-12-11 18:11 ` Eric Biggers
2020-12-08 9:38 ` [PATCH v2 2/2] fuse: Support FS_IOC_GET_ENCRYPTION_POLICY_EX Chirantan Ekbote
2020-12-11 18:12 ` Eric Biggers
2021-02-15 14:49 ` Miklos Szeredi [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJfpegtq1fDapizFX3idgrYd3dahtiZ-32F8bvoEMZwGdD43hQ@mail.gmail.com \
--to=miklos@szeredi.hu \
--cc=chirantan@chromium.org \
--cc=dgreid@chromium.org \
--cc=ebiggers@kernel.org \
--cc=fuse-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=suleiman@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).