From: Eric Biggers <ebiggers3@gmail.com>
To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" <tytso@mit.edu>
Cc: Jaegeuk Kim <jaegeuk@kernel.org>,
linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-mtd@lists.infradead.org, Eric Biggers <ebiggers@google.com>
Subject: [PATCH v2 11/11] fscrypt: new helper function - fscrypt_prepare_setattr()
Date: Mon, 9 Oct 2017 12:15:44 -0700 [thread overview]
Message-ID: <20171009191544.43656-12-ebiggers3@gmail.com> (raw)
In-Reply-To: <20171009191544.43656-1-ebiggers3@gmail.com>
From: Eric Biggers <ebiggers@google.com>
Introduce a helper function for filesystems to call when processing
->setattr() on a possibly-encrypted inode. It handles enforcing that an
encrypted file can only be truncated if its encryption key is available.
Acked-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
include/linux/fscrypt.h | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index 2327859c8cd2..53437bfdfcbc 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -265,4 +265,29 @@ static inline int fscrypt_prepare_lookup(struct inode *dir,
return 0;
}
+/**
+ * fscrypt_prepare_setattr - prepare to change a possibly-encrypted inode's attributes
+ * @dentry: dentry through which the inode is being changed
+ * @attr: attributes to change
+ *
+ * Prepare for ->setattr() on a possibly-encrypted inode. On an encrypted file,
+ * most attribute changes are allowed even without the encryption key. However,
+ * without the encryption key we do have to forbid truncates. This is needed
+ * because the size being truncated to may not be a multiple of the filesystem
+ * block size, and in that case we'd have to decrypt the final block, zero the
+ * portion past i_size, and re-encrypt it. (We *could* allow truncating to a
+ * filesystem block boundary, but it's simpler to just forbid all truncates ---
+ * and we already forbid all other contents modifications without the key.)
+ *
+ * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
+ * if a problem occurred while setting up the encryption key.
+ */
+static inline int fscrypt_prepare_setattr(struct dentry *dentry,
+ struct iattr *attr)
+{
+ if (attr->ia_valid & ATTR_SIZE)
+ return fscrypt_require_key(d_inode(dentry));
+ return 0;
+}
+
#endif /* _LINUX_FSCRYPT_H */
--
2.14.2.920.gcf0c67979c-goog
next prev parent reply other threads:[~2017-10-09 19:15 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-09 19:15 [PATCH v2 00/11] fscrypt: add some higher-level helper functions Eric Biggers
2017-10-09 19:15 ` [PATCH v2 01/11] fscrypt: clean up include file mess Eric Biggers
2017-10-09 19:15 ` [PATCH v2 02/11] fs, fscrypt: add an S_ENCRYPTED inode flag Eric Biggers
2017-10-09 19:15 ` Eric Biggers
2017-10-09 19:15 ` [PATCH v2 03/11] fscrypt: switch from ->is_encrypted() to IS_ENCRYPTED() Eric Biggers
2017-10-09 19:15 ` [PATCH v2 04/11] fscrypt: remove ->is_encrypted() Eric Biggers
2017-10-09 19:15 ` [PATCH v2 05/11] fscrypt: remove unneeded empty fscrypt_operations structs Eric Biggers
2017-10-09 19:15 ` [PATCH v2 06/11] fscrypt: new helper function - fscrypt_require_key() Eric Biggers
2017-10-09 19:15 ` [PATCH v2 07/11] fscrypt: new helper function - fscrypt_file_open() Eric Biggers
2017-10-09 19:15 ` Eric Biggers
2017-10-09 19:15 ` [PATCH v2 08/11] fscrypt: new helper function - fscrypt_prepare_link() Eric Biggers
2017-10-09 19:15 ` Eric Biggers
2017-10-09 19:15 ` [PATCH v2 09/11] fscrypt: new helper function - fscrypt_prepare_rename() Eric Biggers
2017-10-09 19:15 ` Eric Biggers
2017-10-09 19:15 ` [PATCH v2 10/11] fscrypt: new helper function - fscrypt_prepare_lookup() Eric Biggers
2017-10-09 19:15 ` Eric Biggers [this message]
2017-10-20 19:44 ` [PATCH v2 00/11] fscrypt: add some higher-level helper functions Theodore Ts'o
2017-10-20 19:44 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171009191544.43656-12-ebiggers3@gmail.com \
--to=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=jaegeuk@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.