summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-05-08 00:28:04 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2019-05-08 00:28:04 -0400
commita9fbcd6728837268784439ad0b02ede2c024c516 (patch)
tree2a58af9a6f7573617ab482aea0998389d8b956af
parent5abe37954e9a315c35c9490f78d55f307c3c636b (diff)
parent2c58d548f5706d085c4b009f6abb945220460632 (diff)
Merge tag 'fscrypt_for_linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt
Pull fscrypt updates from Ted Ts'o: "Clean up fscrypt's dcache revalidation support, and other miscellaneous cleanups" * tag 'fscrypt_for_linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt: fscrypt: cache decrypted symlink target in ->i_link vfs: use READ_ONCE() to access ->i_link fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext fscrypt: only set dentry_operations on ciphertext dentries fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory fscrypt: fix race allowing rename() and link() of ciphertext dentries fscrypt: clean up and improve dentry revalidation fscrypt: use READ_ONCE() to access ->i_crypt_info fscrypt: remove WARN_ON_ONCE() when decryption fails fscrypt: drop inode argument from fscrypt_get_ctx()
-rw-r--r--fs/crypto/bio.c8
-rw-r--r--fs/crypto/crypto.c74
-rw-r--r--fs/crypto/fname.c5
-rw-r--r--fs/crypto/hooks.c68
-rw-r--r--fs/crypto/keyinfo.c25
-rw-r--r--fs/crypto/policy.c6
-rw-r--r--fs/dcache.c2
-rw-r--r--fs/ext4/ext4.h62
-rw-r--r--fs/ext4/namei.c76
-rw-r--r--fs/ext4/readpage.c2
-rw-r--r--fs/ext4/super.c1
-rw-r--r--fs/f2fs/namei.c17
-rw-r--r--fs/f2fs/super.c1
-rw-r--r--fs/namei.c4
-rw-r--r--fs/ubifs/dir.c8
-rw-r--r--fs/ubifs/super.c3
-rw-r--r--include/linux/dcache.h2
-rw-r--r--include/linux/fscrypt.h74
18 files changed, 294 insertions, 144 deletions
diff --git a/fs/crypto/bio.c b/fs/crypto/bio.c
index 8f3a8bc15d98..b46021ebde85 100644
--- a/fs/crypto/bio.c
+++ b/fs/crypto/bio.c
@@ -36,12 +36,10 @@ static void __fscrypt_decrypt_bio(struct bio *bio, bool done)
36 int ret = fscrypt_decrypt_page(page->mapping->host, page, 36 int ret = fscrypt_decrypt_page(page->mapping->host, page,
37 PAGE_SIZE, 0, page->index); 37 PAGE_SIZE, 0, page->index);
38 38
39 if (ret) { 39 if (ret)
40 WARN_ON_ONCE(1);
41 SetPageError(page); 40 SetPageError(page);
42 } else if (done) { 41 else if (done)
43 SetPageUptodate(page); 42 SetPageUptodate(page);
44 }
45 if (done) 43 if (done)
46 unlock_page(page); 44 unlock_page(page);
47 } 45 }
@@ -103,7 +101,7 @@ int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
103 101
104 BUG_ON(inode->i_sb->s_blocksize != PAGE_SIZE); 102 BUG_ON(inode->i_sb->s_blocksize != PAGE_SIZE);
105 103
106 ctx = fscrypt_get_ctx(inode, GFP_NOFS); 104 ctx = fscrypt_get_ctx(GFP_NOFS);
107 if (IS_ERR(ctx)) 105 if (IS_ERR(ctx))
108 return PTR_ERR(ctx); 106 return PTR_ERR(ctx);
109 107
diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index 4dc788e3bc96..68e2ca4c4af6 100644
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -87,23 +87,17 @@ EXPORT_SYMBOL(fscrypt_release_ctx);
87 87
88/** 88/**
89 * fscrypt_get_ctx() - Gets an encryption context 89 * fscrypt_get_ctx() - Gets an encryption context
90 * @inode: The inode for which we are doing the crypto
91 * @gfp_flags: The gfp flag for memory allocation 90 * @gfp_flags: The gfp flag for memory allocation
92 * 91 *
93 * Allocates and initializes an encryption context. 92 * Allocates and initializes an encryption context.
94 * 93 *
95 * Return: An allocated and initialized encryption context on success; error 94 * Return: A new encryption context on success; an ERR_PTR() otherwise.
96 * value or NULL otherwise.
97 */ 95 */
98struct fscrypt_ctx *fscrypt_get_ctx(const struct inode *inode, gfp_t gfp_flags) 96struct fscrypt_ctx *fscrypt_get_ctx(gfp_t gfp_flags)
99{ 97{
100 struct fscrypt_ctx *ctx = NULL; 98 struct fscrypt_ctx *ctx;
101 struct fscrypt_info *ci = inode->i_crypt_info;
102 unsigned long flags; 99 unsigned long flags;
103 100
104 if (ci == NULL)
105 return ERR_PTR(-ENOKEY);
106
107 /* 101 /*
108 * We first try getting the ctx from a free list because in 102 * We first try getting the ctx from a free list because in
109 * the common case the ctx will have an allocated and 103 * the common case the ctx will have an allocated and
@@ -258,9 +252,9 @@ struct page *fscrypt_encrypt_page(const struct inode *inode,
258 252
259 BUG_ON(!PageLocked(page)); 253 BUG_ON(!PageLocked(page));
260 254
261 ctx = fscrypt_get_ctx(inode, gfp_flags); 255 ctx = fscrypt_get_ctx(gfp_flags);
262 if (IS_ERR(ctx)) 256 if (IS_ERR(ctx))
263 return (struct page *)ctx; 257 return ERR_CAST(ctx);
264 258
265 /* The encryption operation will require a bounce page. */ 259 /* The encryption operation will require a bounce page. */
266 ciphertext_page = fscrypt_alloc_bounce_page(ctx, gfp_flags); 260 ciphertext_page = fscrypt_alloc_bounce_page(ctx, gfp_flags);
@@ -313,45 +307,47 @@ int fscrypt_decrypt_page(const struct inode *inode, struct page *page,
313EXPORT_SYMBOL(fscrypt_decrypt_page); 307EXPORT_SYMBOL(fscrypt_decrypt_page);
314 308
315/* 309/*
316 * Validate dentries for encrypted directories to make sure we aren't 310 * Validate dentries in encrypted directories to make sure we aren't potentially
317 * potentially caching stale data after a key has been added or 311 * caching stale dentries after a key has been added.
318 * removed.
319 */ 312 */
320static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) 313static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
321{ 314{
322 struct dentry *dir; 315 struct dentry *dir;
323 int dir_has_key, cached_with_key; 316 int err;
317 int valid;
318
319 /*
320 * Plaintext names are always valid, since fscrypt doesn't support
321 * reverting to ciphertext names without evicting the directory's inode
322 * -- which implies eviction of the dentries in the directory.
323 */
324 if (!(dentry->d_flags & DCACHE_ENCRYPTED_NAME))
325 return 1;
326
327 /*
328 * Ciphertext name; valid if the directory's key is still unavailable.
329 *
330 * Although fscrypt forbids rename() on ciphertext names, we still must
331 * use dget_parent() here rather than use ->d_parent directly. That's
332 * because a corrupted fs image may contain directory hard links, which
333 * the VFS handles by moving the directory's dentry tree in the dcache
334 * each time ->lookup() finds the directory and it already has a dentry
335 * elsewhere. Thus ->d_parent can be changing, and we must safely grab
336 * a reference to some ->d_parent to prevent it from being freed.
337 */
324 338
325 if (flags & LOOKUP_RCU) 339 if (flags & LOOKUP_RCU)
326 return -ECHILD; 340 return -ECHILD;
327 341
328 dir = dget_parent(dentry); 342 dir = dget_parent(dentry);
329 if (!IS_ENCRYPTED(d_inode(dir))) { 343 err = fscrypt_get_encryption_info(d_inode(dir));
330 dput(dir); 344 valid = !fscrypt_has_encryption_key(d_inode(dir));
331 return 0;
332 }
333
334 spin_lock(&dentry->d_lock);
335 cached_with_key = dentry->d_flags & DCACHE_ENCRYPTED_WITH_KEY;
336 spin_unlock(&dentry->d_lock);
337 dir_has_key = (d_inode(dir)->i_crypt_info != NULL);
338 dput(dir); 345 dput(dir);
339 346
340 /* 347 if (err < 0)
341 * If the dentry was cached without the key, and it is a 348 return err;
342 * negative dentry, it might be a valid name. We can't check 349
343 * if the key has since been made available due to locking 350 return valid;
344 * reasons, so we fail the validation so ext4_lookup() can do
345 * this check.
346 *
347 * We also fail the validation if the dentry was created with
348 * the key present, but we no longer have the key, or vice versa.
349 */
350 if ((!cached_with_key && d_is_negative(dentry)) ||
351 (!cached_with_key && dir_has_key) ||
352 (cached_with_key && !dir_has_key))
353 return 0;
354 return 1;
355} 351}
356 352
357const struct dentry_operations fscrypt_d_ops = { 353const struct dentry_operations fscrypt_d_ops = {
diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
index 7ff40a73dbec..eccea3d8f923 100644
--- a/fs/crypto/fname.c
+++ b/fs/crypto/fname.c
@@ -269,7 +269,7 @@ int fscrypt_fname_disk_to_usr(struct inode *inode,
269 if (iname->len < FS_CRYPTO_BLOCK_SIZE) 269 if (iname->len < FS_CRYPTO_BLOCK_SIZE)
270 return -EUCLEAN; 270 return -EUCLEAN;
271 271
272 if (inode->i_crypt_info) 272 if (fscrypt_has_encryption_key(inode))
273 return fname_decrypt(inode, iname, oname); 273 return fname_decrypt(inode, iname, oname);
274 274
275 if (iname->len <= FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE) { 275 if (iname->len <= FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE) {
@@ -336,7 +336,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname,
336 if (ret) 336 if (ret)
337 return ret; 337 return ret;
338 338
339 if (dir->i_crypt_info) { 339 if (fscrypt_has_encryption_key(dir)) {
340 if (!fscrypt_fname_encrypted_size(dir, iname->len, 340 if (!fscrypt_fname_encrypted_size(dir, iname->len,
341 dir->i_sb->s_cop->max_namelen, 341 dir->i_sb->s_cop->max_namelen,
342 &fname->crypto_buf.len)) 342 &fname->crypto_buf.len))
@@ -356,6 +356,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname,
356 } 356 }
357 if (!lookup) 357 if (!lookup)
358 return -ENOKEY; 358 return -ENOKEY;
359 fname->is_ciphertext_name = true;
359 360
360 /* 361 /*
361 * We don't have the key and we are doing a lookup; decode the 362 * We don't have the key and we are doing a lookup; decode the
diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index 56debb1fcf5e..2dc22549d724 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -49,7 +49,8 @@ int fscrypt_file_open(struct inode *inode, struct file *filp)
49} 49}
50EXPORT_SYMBOL_GPL(fscrypt_file_open); 50EXPORT_SYMBOL_GPL(fscrypt_file_open);
51 51
52int __fscrypt_prepare_link(struct inode *inode, struct inode *dir) 52int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
53 struct dentry *dentry)
53{ 54{
54 int err; 55 int err;
55 56
@@ -57,6 +58,10 @@ int __fscrypt_prepare_link(struct inode *inode, struct inode *dir)
57 if (err) 58 if (err)
58 return err; 59 return err;
59 60
61 /* ... in case we looked up ciphertext name before key was added */
62 if (dentry->d_flags & DCACHE_ENCRYPTED_NAME)
63 return -ENOKEY;
64
60 if (!fscrypt_has_permitted_context(dir, inode)) 65 if (!fscrypt_has_permitted_context(dir, inode))
61 return -EXDEV; 66 return -EXDEV;
62 67
@@ -78,6 +83,11 @@ int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
78 if (err) 83 if (err)
79 return err; 84 return err;
80 85
86 /* ... in case we looked up ciphertext name(s) before key was added */
87 if ((old_dentry->d_flags | new_dentry->d_flags) &
88 DCACHE_ENCRYPTED_NAME)
89 return -ENOKEY;
90
81 if (old_dir != new_dir) { 91 if (old_dir != new_dir) {
82 if (IS_ENCRYPTED(new_dir) && 92 if (IS_ENCRYPTED(new_dir) &&
83 !fscrypt_has_permitted_context(new_dir, 93 !fscrypt_has_permitted_context(new_dir,
@@ -94,21 +104,21 @@ int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
94} 104}
95EXPORT_SYMBOL_GPL(__fscrypt_prepare_rename); 105EXPORT_SYMBOL_GPL(__fscrypt_prepare_rename);
96 106
97int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry) 107int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
108 struct fscrypt_name *fname)
98{ 109{
99 int err = fscrypt_get_encryption_info(dir); 110 int err = fscrypt_setup_filename(dir, &dentry->d_name, 1, fname);
100 111
101 if (err) 112 if (err && err != -ENOENT)
102 return err; 113 return err;
103 114
104 if (fscrypt_has_encryption_key(dir)) { 115 if (fname->is_ciphertext_name) {
105 spin_lock(&dentry->d_lock); 116 spin_lock(&dentry->d_lock);
106 dentry->d_flags |= DCACHE_ENCRYPTED_WITH_KEY; 117 dentry->d_flags |= DCACHE_ENCRYPTED_NAME;
107 spin_unlock(&dentry->d_lock); 118 spin_unlock(&dentry->d_lock);
119 d_set_d_op(dentry, &fscrypt_d_ops);
108 } 120 }
109 121 return err;
110 d_set_d_op(dentry, &fscrypt_d_ops);
111 return 0;
112} 122}
113EXPORT_SYMBOL_GPL(__fscrypt_prepare_lookup); 123EXPORT_SYMBOL_GPL(__fscrypt_prepare_lookup);
114 124
@@ -179,11 +189,9 @@ int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
179 sd->len = cpu_to_le16(ciphertext_len); 189 sd->len = cpu_to_le16(ciphertext_len);
180 190
181 err = fname_encrypt(inode, &iname, sd->encrypted_path, ciphertext_len); 191 err = fname_encrypt(inode, &iname, sd->encrypted_path, ciphertext_len);
182 if (err) { 192 if (err)
183 if (!disk_link->name) 193 goto err_free_sd;
184 kfree(sd); 194
185 return err;
186 }
187 /* 195 /*
188 * Null-terminating the ciphertext doesn't make sense, but we still 196 * Null-terminating the ciphertext doesn't make sense, but we still
189 * count the null terminator in the length, so we might as well 197 * count the null terminator in the length, so we might as well
@@ -191,9 +199,20 @@ int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
191 */ 199 */
192 sd->encrypted_path[ciphertext_len] = '\0'; 200 sd->encrypted_path[ciphertext_len] = '\0';
193 201
202 /* Cache the plaintext symlink target for later use by get_link() */
203 err = -ENOMEM;
204 inode->i_link = kmemdup(target, len + 1, GFP_NOFS);
205 if (!inode->i_link)
206 goto err_free_sd;
207
194 if (!disk_link->name) 208 if (!disk_link->name)
195 disk_link->name = (unsigned char *)sd; 209 disk_link->name = (unsigned char *)sd;
196 return 0; 210 return 0;
211
212err_free_sd:
213 if (!disk_link->name)
214 kfree(sd);
215 return err;
197} 216}
198EXPORT_SYMBOL_GPL(__fscrypt_encrypt_symlink); 217EXPORT_SYMBOL_GPL(__fscrypt_encrypt_symlink);
199 218
@@ -202,7 +221,7 @@ EXPORT_SYMBOL_GPL(__fscrypt_encrypt_symlink);
202 * @inode: the symlink inode 221 * @inode: the symlink inode
203 * @caddr: the on-disk contents of the symlink 222 * @caddr: the on-disk contents of the symlink
204 * @max_size: size of @caddr buffer 223 * @max_size: size of @caddr buffer
205 * @done: if successful, will be set up to free the returned target 224 * @done: if successful, will be set up to free the returned target if needed
206 * 225 *
207 * If the symlink's encryption key is available, we decrypt its target. 226 * If the symlink's encryption key is available, we decrypt its target.
208 * Otherwise, we encode its target for presentation. 227 * Otherwise, we encode its target for presentation.
@@ -217,12 +236,18 @@ const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
217{ 236{
218 const struct fscrypt_symlink_data *sd; 237 const struct fscrypt_symlink_data *sd;
219 struct fscrypt_str cstr, pstr; 238 struct fscrypt_str cstr, pstr;
239 bool has_key;
220 int err; 240 int err;
221 241
222 /* This is for encrypted symlinks only */ 242 /* This is for encrypted symlinks only */
223 if (WARN_ON(!IS_ENCRYPTED(inode))) 243 if (WARN_ON(!IS_ENCRYPTED(inode)))
224 return ERR_PTR(-EINVAL); 244 return ERR_PTR(-EINVAL);
225 245
246 /* If the decrypted target is already cached, just return it. */
247 pstr.name = READ_ONCE(inode->i_link);
248 if (pstr.name)
249 return pstr.name;
250
226 /* 251 /*
227 * Try to set up the symlink's encryption key, but we can continue 252 * Try to set up the symlink's encryption key, but we can continue
228 * regardless of whether the key is available or not. 253 * regardless of whether the key is available or not.
@@ -230,6 +255,7 @@ const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
230 err = fscrypt_get_encryption_info(inode); 255 err = fscrypt_get_encryption_info(inode);
231 if (err) 256 if (err)
232 return ERR_PTR(err); 257 return ERR_PTR(err);
258 has_key = fscrypt_has_encryption_key(inode);
233 259
234 /* 260 /*
235 * For historical reasons, encrypted symlink targets are prefixed with 261 * For historical reasons, encrypted symlink targets are prefixed with
@@ -261,7 +287,17 @@ const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
261 goto err_kfree; 287 goto err_kfree;
262 288
263 pstr.name[pstr.len] = '\0'; 289 pstr.name[pstr.len] = '\0';
264 set_delayed_call(done, kfree_link, pstr.name); 290
291 /*
292 * Cache decrypted symlink targets in i_link for later use. Don't cache
293 * symlink targets encoded without the key, since those become outdated
294 * once the key is added. This pairs with the READ_ONCE() above and in
295 * the VFS path lookup code.
296 */
297 if (!has_key ||
298 cmpxchg_release(&inode->i_link, NULL, pstr.name) != NULL)
299 set_delayed_call(done, kfree_link, pstr.name);
300
265 return pstr.name; 301 return pstr.name;
266 302
267err_kfree: 303err_kfree:
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c
index 2cb4956f8511..dcd91a3fbe49 100644
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -508,7 +508,7 @@ int fscrypt_get_encryption_info(struct inode *inode)
508 u8 *raw_key = NULL; 508 u8 *raw_key = NULL;
509 int res; 509 int res;
510 510
511 if (inode->i_crypt_info) 511 if (fscrypt_has_encryption_key(inode))
512 return 0; 512 return 0;
513 513
514 res = fscrypt_initialize(inode->i_sb->s_cop->flags); 514 res = fscrypt_initialize(inode->i_sb->s_cop->flags);
@@ -572,7 +572,7 @@ int fscrypt_get_encryption_info(struct inode *inode)
572 if (res) 572 if (res)
573 goto out; 573 goto out;
574 574
575 if (cmpxchg(&inode->i_crypt_info, NULL, crypt_info) == NULL) 575 if (cmpxchg_release(&inode->i_crypt_info, NULL, crypt_info) == NULL)
576 crypt_info = NULL; 576 crypt_info = NULL;
577out: 577out:
578 if (res == -ENOKEY) 578 if (res == -ENOKEY)
@@ -583,9 +583,30 @@ out:
583} 583}
584EXPORT_SYMBOL(fscrypt_get_encryption_info); 584EXPORT_SYMBOL(fscrypt_get_encryption_info);
585 585
586/**
587 * fscrypt_put_encryption_info - free most of an inode's fscrypt data
588 *
589 * Free the inode's fscrypt_info. Filesystems must call this when the inode is
590 * being evicted. An RCU grace period need not have elapsed yet.
591 */
586void fscrypt_put_encryption_info(struct inode *inode) 592void fscrypt_put_encryption_info(struct inode *inode)
587{ 593{
588 put_crypt_info(inode->i_crypt_info); 594 put_crypt_info(inode->i_crypt_info);
589 inode->i_crypt_info = NULL; 595 inode->i_crypt_info = NULL;
590} 596}
591EXPORT_SYMBOL(fscrypt_put_encryption_info); 597EXPORT_SYMBOL(fscrypt_put_encryption_info);
598
599/**
600 * fscrypt_free_inode - free an inode's fscrypt data requiring RCU delay
601 *
602 * Free the inode's cached decrypted symlink target, if any. Filesystems must
603 * call this after an RCU grace period, just before they free the inode.
604 */
605void fscrypt_free_inode(struct inode *inode)
606{
607 if (IS_ENCRYPTED(inode) && S_ISLNK(inode->i_mode)) {
608 kfree(inode->i_link);
609 inode->i_link = NULL;
610 }
611}
612EXPORT_SYMBOL(fscrypt_free_inode);
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
index bd7eaf9b3f00..d536889ac31b 100644
--- a/fs/crypto/policy.c
+++ b/fs/crypto/policy.c
@@ -194,8 +194,8 @@ int fscrypt_has_permitted_context(struct inode *parent, struct inode *child)
194 res = fscrypt_get_encryption_info(child); 194 res = fscrypt_get_encryption_info(child);
195 if (res) 195 if (res)
196 return 0; 196 return 0;
197 parent_ci = parent->i_crypt_info; 197 parent_ci = READ_ONCE(parent->i_crypt_info);
198 child_ci = child->i_crypt_info; 198 child_ci = READ_ONCE(child->i_crypt_info);
199 199
200 if (parent_ci && child_ci) { 200 if (parent_ci && child_ci) {
201 return memcmp(parent_ci->ci_master_key_descriptor, 201 return memcmp(parent_ci->ci_master_key_descriptor,
@@ -246,7 +246,7 @@ int fscrypt_inherit_context(struct inode *parent, struct inode *child,
246 if (res < 0) 246 if (res < 0)
247 return res; 247 return res;
248 248
249 ci = parent->i_crypt_info; 249 ci = READ_ONCE(parent->i_crypt_info);
250 if (ci == NULL) 250 if (ci == NULL)
251 return -ENOKEY; 251 return -ENOKEY;
252 252
diff --git a/fs/dcache.c b/fs/dcache.c
index 982d97bbb72c..8136bda27a1f 100644
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -18,6 +18,7 @@
18#include <linux/string.h> 18#include <linux/string.h>
19#include <linux/mm.h> 19#include <linux/mm.h>
20#include <linux/fs.h> 20#include <linux/fs.h>
21#include <linux/fscrypt.h>
21#include <linux/fsnotify.h> 22#include <linux/fsnotify.h>
22#include <linux/slab.h> 23#include <linux/slab.h>
23#include <linux/init.h> 24#include <linux/init.h>
@@ -2797,6 +2798,7 @@ static void __d_move(struct dentry *dentry, struct dentry *target,
2797 list_move(&dentry->d_child, &dentry->d_parent->d_subdirs); 2798 list_move(&dentry->d_child, &dentry->d_parent->d_subdirs);
2798 __d_rehash(dentry); 2799 __d_rehash(dentry);
2799 fsnotify_update_flags(dentry); 2800 fsnotify_update_flags(dentry);
2801 fscrypt_handle_d_move(dentry);
2800 2802
2801 write_seqcount_end(&target->d_seq); 2803 write_seqcount_end(&target->d_seq);
2802 write_seqcount_end(&dentry->d_seq); 2804 write_seqcount_end(&dentry->d_seq);
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index ef755e5f6f2f..1cb67859e051 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -2303,23 +2303,47 @@ extern unsigned ext4_free_clusters_after_init(struct super_block *sb,
2303ext4_fsblk_t ext4_inode_to_goal_block(struct inode *); 2303ext4_fsblk_t ext4_inode_to_goal_block(struct inode *);
2304 2304
2305#ifdef CONFIG_FS_ENCRYPTION 2305#ifdef CONFIG_FS_ENCRYPTION
2306static inline void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
2307 const struct fscrypt_name *src)
2308{
2309 memset(dst, 0, sizeof(*dst));
2310
2311 dst->usr_fname = src->usr_fname;
2312 dst->disk_name = src->disk_name;
2313 dst->hinfo.hash = src->hash;
2314 dst->hinfo.minor_hash = src->minor_hash;
2315 dst->crypto_buf = src->crypto_buf;
2316}
2317
2306static inline int ext4_fname_setup_filename(struct inode *dir, 2318static inline int ext4_fname_setup_filename(struct inode *dir,
2307 const struct qstr *iname, 2319 const struct qstr *iname,
2308 int lookup, struct ext4_filename *fname) 2320 int lookup,
2321 struct ext4_filename *fname)
2309{ 2322{
2310 struct fscrypt_name name; 2323 struct fscrypt_name name;
2311 int err; 2324 int err;
2312 2325
2313 memset(fname, 0, sizeof(struct ext4_filename));
2314
2315 err = fscrypt_setup_filename(dir, iname, lookup, &name); 2326 err = fscrypt_setup_filename(dir, iname, lookup, &name);
2327 if (err)
2328 return err;
2316 2329
2317 fname->usr_fname = name.usr_fname; 2330 ext4_fname_from_fscrypt_name(fname, &name);
2318 fname->disk_name = name.disk_name; 2331 return 0;
2319 fname->hinfo.hash = name.hash; 2332}
2320 fname->hinfo.minor_hash = name.minor_hash; 2333
2321 fname->crypto_buf = name.crypto_buf; 2334static inline int ext4_fname_prepare_lookup(struct inode *dir,
2322 return err; 2335 struct dentry *dentry,
2336 struct ext4_filename *fname)
2337{
2338 struct fscrypt_name name;
2339 int err;
2340
2341 err = fscrypt_prepare_lookup(dir, dentry, &name);
2342 if (err)
2343 return err;
2344
2345 ext4_fname_from_fscrypt_name(fname, &name);
2346 return 0;
2323} 2347}
2324 2348
2325static inline void ext4_fname_free_filename(struct ext4_filename *fname) 2349static inline void ext4_fname_free_filename(struct ext4_filename *fname)
@@ -2333,19 +2357,27 @@ static inline void ext4_fname_free_filename(struct ext4_filename *fname)
2333 fname->usr_fname = NULL; 2357 fname->usr_fname = NULL;
2334 fname->disk_name.name = NULL; 2358 fname->disk_name.name = NULL;
2335} 2359}
2336#else 2360#else /* !CONFIG_FS_ENCRYPTION */
2337static inline int ext4_fname_setup_filename(struct inode *dir, 2361static inline int ext4_fname_setup_filename(struct inode *dir,
2338 const struct qstr *iname, 2362 const struct qstr *iname,
2339 int lookup, struct ext4_filename *fname) 2363 int lookup,
2364 struct ext4_filename *fname)
2340{ 2365{
2341 fname->usr_fname = iname; 2366 fname->usr_fname = iname;
2342 fname->disk_name.name = (unsigned char *) iname->name; 2367 fname->disk_name.name = (unsigned char *) iname->name;
2343 fname->disk_name.len = iname->len; 2368 fname->disk_name.len = iname->len;
2344 return 0; 2369 return 0;
2345} 2370}
2346static inline void ext4_fname_free_filename(struct ext4_filename *fname) { }
2347 2371
2348#endif 2372static inline int ext4_fname_prepare_lookup(struct inode *dir,
2373 struct dentry *dentry,
2374 struct ext4_filename *fname)
2375{
2376 return ext4_fname_setup_filename(dir, &dentry->d_name, 1, fname);
2377}
2378
2379static inline void ext4_fname_free_filename(struct ext4_filename *fname) { }
2380#endif /* !CONFIG_FS_ENCRYPTION */
2349 2381
2350/* dir.c */ 2382/* dir.c */
2351extern int __ext4_check_dir_entry(const char *, unsigned int, struct inode *, 2383extern int __ext4_check_dir_entry(const char *, unsigned int, struct inode *,
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index e917830eae84..6d50f53b7a15 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1371,7 +1371,7 @@ static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block,
1371} 1371}
1372 1372
1373/* 1373/*
1374 * ext4_find_entry() 1374 * __ext4_find_entry()
1375 * 1375 *
1376 * finds an entry in the specified directory with the wanted name. It 1376 * finds an entry in the specified directory with the wanted name. It
1377 * returns the cache buffer in which the entry was found, and the entry 1377 * returns the cache buffer in which the entry was found, and the entry
@@ -1381,39 +1381,32 @@ static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block,
1381 * The returned buffer_head has ->b_count elevated. The caller is expected 1381 * The returned buffer_head has ->b_count elevated. The caller is expected
1382 * to brelse() it when appropriate. 1382 * to brelse() it when appropriate.
1383 */ 1383 */
1384static struct buffer_head * ext4_find_entry (struct inode *dir, 1384static struct buffer_head *__ext4_find_entry(struct inode *dir,
1385 const struct qstr *d_name, 1385 struct ext4_filename *fname,
1386 struct ext4_dir_entry_2 **res_dir, 1386 struct ext4_dir_entry_2 **res_dir,
1387 int *inlined) 1387 int *inlined)
1388{ 1388{
1389 struct super_block *sb; 1389 struct super_block *sb;
1390 struct buffer_head *bh_use[NAMEI_RA_SIZE]; 1390 struct buffer_head *bh_use[NAMEI_RA_SIZE];
1391 struct buffer_head *bh, *ret = NULL; 1391 struct buffer_head *bh, *ret = NULL;
1392 ext4_lblk_t start, block; 1392 ext4_lblk_t start, block;
1393 const u8 *name = d_name->name; 1393 const u8 *name = fname->usr_fname->name;
1394 size_t ra_max = 0; /* Number of bh's in the readahead 1394 size_t ra_max = 0; /* Number of bh's in the readahead
1395 buffer, bh_use[] */ 1395 buffer, bh_use[] */
1396 size_t ra_ptr = 0; /* Current index into readahead 1396 size_t ra_ptr = 0; /* Current index into readahead
1397 buffer */ 1397 buffer */
1398 ext4_lblk_t nblocks; 1398 ext4_lblk_t nblocks;
1399 int i, namelen, retval; 1399 int i, namelen, retval;
1400 struct ext4_filename fname;
1401 1400
1402 *res_dir = NULL; 1401 *res_dir = NULL;
1403 sb = dir->i_sb; 1402 sb = dir->i_sb;
1404 namelen = d_name->len; 1403 namelen = fname->usr_fname->len;
1405 if (namelen > EXT4_NAME_LEN) 1404 if (namelen > EXT4_NAME_LEN)
1406 return NULL; 1405 return NULL;
1407 1406
1408 retval = ext4_fname_setup_filename(dir, d_name, 1, &fname);
1409 if (retval == -ENOENT)
1410 return NULL;
1411 if (retval)
1412 return ERR_PTR(retval);
1413
1414 if (ext4_has_inline_data(dir)) { 1407 if (ext4_has_inline_data(dir)) {
1415 int has_inline_data = 1; 1408 int has_inline_data = 1;
1416 ret = ext4_find_inline_entry(dir, &fname, res_dir, 1409 ret = ext4_find_inline_entry(dir, fname, res_dir,
1417 &has_inline_data); 1410 &has_inline_data);
1418 if (has_inline_data) { 1411 if (has_inline_data) {
1419 if (inlined) 1412 if (inlined)
@@ -1433,7 +1426,7 @@ static struct buffer_head * ext4_find_entry (struct inode *dir,
1433 goto restart; 1426 goto restart;
1434 } 1427 }
1435 if (is_dx(dir)) { 1428 if (is_dx(dir)) {
1436 ret = ext4_dx_find_entry(dir, &fname, res_dir); 1429 ret = ext4_dx_find_entry(dir, fname, res_dir);
1437 /* 1430 /*
1438 * On success, or if the error was file not found, 1431 * On success, or if the error was file not found,
1439 * return. Otherwise, fall back to doing a search the 1432 * return. Otherwise, fall back to doing a search the
@@ -1497,7 +1490,7 @@ restart:
1497 goto cleanup_and_exit; 1490 goto cleanup_and_exit;
1498 } 1491 }
1499 set_buffer_verified(bh); 1492 set_buffer_verified(bh);
1500 i = search_dirblock(bh, dir, &fname, 1493 i = search_dirblock(bh, dir, fname,
1501 block << EXT4_BLOCK_SIZE_BITS(sb), res_dir); 1494 block << EXT4_BLOCK_SIZE_BITS(sb), res_dir);
1502 if (i == 1) { 1495 if (i == 1) {
1503 EXT4_I(dir)->i_dir_start_lookup = block; 1496 EXT4_I(dir)->i_dir_start_lookup = block;
@@ -1528,10 +1521,50 @@ cleanup_and_exit:
1528 /* Clean up the read-ahead blocks */ 1521 /* Clean up the read-ahead blocks */
1529 for (; ra_ptr < ra_max; ra_ptr++) 1522 for (; ra_ptr < ra_max; ra_ptr++)
1530 brelse(bh_use[ra_ptr]); 1523 brelse(bh_use[ra_ptr]);
1531 ext4_fname_free_filename(&fname);
1532 return ret; 1524 return ret;
1533} 1525}
1534 1526
1527static struct buffer_head *ext4_find_entry(struct inode *dir,
1528 const struct qstr *d_name,
1529 struct ext4_dir_entry_2 **res_dir,
1530 int *inlined)
1531{
1532 int err;
1533 struct ext4_filename fname;
1534 struct buffer_head *bh;
1535
1536 err = ext4_fname_setup_filename(dir, d_name, 1, &fname);
1537 if (err == -ENOENT)
1538 return NULL;
1539 if (err)
1540 return ERR_PTR(err);
1541
1542 bh = __ext4_find_entry(dir, &fname, res_dir, inlined);
1543
1544 ext4_fname_free_filename(&fname);
1545 return bh;
1546}
1547
1548static struct buffer_head *ext4_lookup_entry(struct inode *dir,
1549 struct dentry *dentry,
1550 struct ext4_dir_entry_2 **res_dir)
1551{
1552 int err;
1553 struct ext4_filename fname;
1554 struct buffer_head *bh;
1555
1556 err = ext4_fname_prepare_lookup(dir, dentry, &fname);
1557 if (err == -ENOENT)
1558 return NULL;
1559 if (err)
1560 return ERR_PTR(err);
1561
1562 bh = __ext4_find_entry(dir, &fname, res_dir, NULL);
1563
1564 ext4_fname_free_filename(&fname);
1565 return bh;
1566}
1567
1535static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 1568static struct buffer_head * ext4_dx_find_entry(struct inode *dir,
1536 struct ext4_filename *fname, 1569 struct ext4_filename *fname,
1537 struct ext4_dir_entry_2 **res_dir) 1570 struct ext4_dir_entry_2 **res_dir)
@@ -1590,16 +1623,11 @@ static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsi
1590 struct inode *inode; 1623 struct inode *inode;
1591 struct ext4_dir_entry_2 *de; 1624 struct ext4_dir_entry_2 *de;
1592 struct buffer_head *bh; 1625 struct buffer_head *bh;
1593 int err;
1594
1595 err = fscrypt_prepare_lookup(dir, dentry, flags);
1596 if (err)
1597 return ERR_PTR(err);
1598 1626
1599 if (dentry->d_name.len > EXT4_NAME_LEN) 1627 if (dentry->d_name.len > EXT4_NAME_LEN)
1600 return ERR_PTR(-ENAMETOOLONG); 1628 return ERR_PTR(-ENAMETOOLONG);
1601 1629
1602 bh = ext4_find_entry(dir, &dentry->d_name, &de, NULL); 1630 bh = ext4_lookup_entry(dir, dentry, &de);
1603 if (IS_ERR(bh)) 1631 if (IS_ERR(bh))
1604 return ERR_CAST(bh); 1632 return ERR_CAST(bh);
1605 inode = NULL; 1633 inode = NULL;
diff --git a/fs/ext4/readpage.c b/fs/ext4/readpage.c
index 2a39c7cb1441..c916017db334 100644
--- a/fs/ext4/readpage.c
+++ b/fs/ext4/readpage.c
@@ -244,7 +244,7 @@ int ext4_mpage_readpages(struct address_space *mapping,
244 struct fscrypt_ctx *ctx = NULL; 244 struct fscrypt_ctx *ctx = NULL;
245 245
246 if (IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode)) { 246 if (IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode)) {
247 ctx = fscrypt_get_ctx(inode, GFP_NOFS); 247 ctx = fscrypt_get_ctx(GFP_NOFS);
248 if (IS_ERR(ctx)) 248 if (IS_ERR(ctx))
249 goto set_error_page; 249 goto set_error_page;
250 } 250 }
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 3681cb737e9d..f71b5254a990 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1113,6 +1113,7 @@ static int ext4_drop_inode(struct inode *inode)
1113 1113
1114static void ext4_free_in_core_inode(struct inode *inode) 1114static void ext4_free_in_core_inode(struct inode *inode)
1115{ 1115{
1116 fscrypt_free_inode(inode);
1116 kmem_cache_free(ext4_inode_cachep, EXT4_I(inode)); 1117 kmem_cache_free(ext4_inode_cachep, EXT4_I(inode));
1117} 1118}
1118 1119
diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
index f5e34e467003..c3e8a901d47a 100644
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@@ -436,19 +436,23 @@ static struct dentry *f2fs_lookup(struct inode *dir, struct dentry *dentry,
436 nid_t ino = -1; 436 nid_t ino = -1;
437 int err = 0; 437 int err = 0;
438 unsigned int root_ino = F2FS_ROOT_INO(F2FS_I_SB(dir)); 438 unsigned int root_ino = F2FS_ROOT_INO(F2FS_I_SB(dir));
439 struct fscrypt_name fname;
439 440
440 trace_f2fs_lookup_start(dir, dentry, flags); 441 trace_f2fs_lookup_start(dir, dentry, flags);
441 442
442 err = fscrypt_prepare_lookup(dir, dentry, flags);
443 if (err)
444 goto out;
445
446 if (dentry->d_name.len > F2FS_NAME_LEN) { 443 if (dentry->d_name.len > F2FS_NAME_LEN) {
447 err = -ENAMETOOLONG; 444 err = -ENAMETOOLONG;
448 goto out; 445 goto out;
449 } 446 }
450 447
451 de = f2fs_find_entry(dir, &dentry->d_name, &page); 448 err = fscrypt_prepare_lookup(dir, dentry, &fname);
449 if (err == -ENOENT)
450 goto out_splice;
451 if (err)
452 goto out;
453 de = __f2fs_find_entry(dir, &fname, &page);
454 fscrypt_free_filename(&fname);
455
452 if (!de) { 456 if (!de) {
453 if (IS_ERR(page)) { 457 if (IS_ERR(page)) {
454 err = PTR_ERR(page); 458 err = PTR_ERR(page);
@@ -488,8 +492,7 @@ static struct dentry *f2fs_lookup(struct inode *dir, struct dentry *dentry,
488 } 492 }
489out_splice: 493out_splice:
490 new = d_splice_alias(inode, dentry); 494 new = d_splice_alias(inode, dentry);
491 if (IS_ERR(new)) 495 err = PTR_ERR_OR_ZERO(new);
492 err = PTR_ERR(new);
493 trace_f2fs_lookup_end(dir, dentry, ino, err); 496 trace_f2fs_lookup_end(dir, dentry, ino, err);
494 return new; 497 return new;
495out_iput: 498out_iput:
diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index 9924eac76254..4c55d2ea9df3 100644
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -1002,6 +1002,7 @@ static void f2fs_dirty_inode(struct inode *inode, int flags)
1002 1002
1003static void f2fs_free_inode(struct inode *inode) 1003static void f2fs_free_inode(struct inode *inode)
1004{ 1004{
1005 fscrypt_free_inode(inode);
1005 kmem_cache_free(f2fs_inode_cachep, F2FS_I(inode)); 1006 kmem_cache_free(f2fs_inode_cachep, F2FS_I(inode));
1006} 1007}
1007 1008
diff --git a/fs/namei.c b/fs/namei.c
index 5ebd64b21970..20831c2fbb34 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1066,7 +1066,7 @@ const char *get_link(struct nameidata *nd)
1066 return ERR_PTR(error); 1066 return ERR_PTR(error);
1067 1067
1068 nd->last_type = LAST_BIND; 1068 nd->last_type = LAST_BIND;
1069 res = inode->i_link; 1069 res = READ_ONCE(inode->i_link);
1070 if (!res) { 1070 if (!res) {
1071 const char * (*get)(struct dentry *, struct inode *, 1071 const char * (*get)(struct dentry *, struct inode *,
1072 struct delayed_call *); 1072 struct delayed_call *);
@@ -4729,7 +4729,7 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen)
4729 spin_unlock(&inode->i_lock); 4729 spin_unlock(&inode->i_lock);
4730 } 4730 }
4731 4731
4732 link = inode->i_link; 4732 link = READ_ONCE(inode->i_link);
4733 if (!link) { 4733 if (!link) {
4734 link = inode->i_op->get_link(dentry, inode, &done); 4734 link = inode->i_op->get_link(dentry, inode, &done);
4735 if (IS_ERR(link)) 4735 if (IS_ERR(link))
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
index 5767b373a8ff..b73de6d04fa3 100644
--- a/fs/ubifs/dir.c
+++ b/fs/ubifs/dir.c
@@ -220,11 +220,9 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
220 220
221 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 221 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
222 222
223 err = fscrypt_prepare_lookup(dir, dentry, flags); 223 err = fscrypt_prepare_lookup(dir, dentry, &nm);
224 if (err) 224 if (err == -ENOENT)
225 return ERR_PTR(err); 225 return d_splice_alias(NULL, dentry);
226
227 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
228 if (err) 226 if (err)
229 return ERR_PTR(err); 227 return ERR_PTR(err);
230 228
diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index c2307c423638..632f02d4d660 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -275,7 +275,10 @@ static struct inode *ubifs_alloc_inode(struct super_block *sb)
275static void ubifs_free_inode(struct inode *inode) 275static void ubifs_free_inode(struct inode *inode)
276{ 276{
277 struct ubifs_inode *ui = ubifs_inode(inode); 277 struct ubifs_inode *ui = ubifs_inode(inode);
278
278 kfree(ui->data); 279 kfree(ui->data);
280 fscrypt_free_inode(inode);
281
279 kmem_cache_free(ubifs_inode_slab, ui); 282 kmem_cache_free(ubifs_inode_slab, ui);
280} 283}
281 284
diff --git a/include/linux/dcache.h b/include/linux/dcache.h
index 73c3a8f90580..f14e587c5d5d 100644
--- a/include/linux/dcache.h
+++ b/include/linux/dcache.h
@@ -211,7 +211,7 @@ struct dentry_operations {
211 211
212#define DCACHE_MAY_FREE 0x00800000 212#define DCACHE_MAY_FREE 0x00800000
213#define DCACHE_FALLTHRU 0x01000000 /* Fall through to lower layer */ 213#define DCACHE_FALLTHRU 0x01000000 /* Fall through to lower layer */
214#define DCACHE_ENCRYPTED_WITH_KEY 0x02000000 /* dir is encrypted with a valid key */ 214#define DCACHE_ENCRYPTED_NAME 0x02000000 /* Encrypted name (dir key was unavailable) */
215#define DCACHE_OP_REAL 0x04000000 215#define DCACHE_OP_REAL 0x04000000
216 216
217#define DCACHE_PAR_LOOKUP 0x10000000 /* being looked up (with parent locked shared) */ 217#define DCACHE_PAR_LOOKUP 0x10000000 /* being looked up (with parent locked shared) */
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index e5194fc3983e..28c74e0a7231 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -33,6 +33,7 @@ struct fscrypt_name {
33 u32 hash; 33 u32 hash;
34 u32 minor_hash; 34 u32 minor_hash;
35 struct fscrypt_str crypto_buf; 35 struct fscrypt_str crypto_buf;
36 bool is_ciphertext_name;
36}; 37};
37 38
38#define FSTR_INIT(n, l) { .name = n, .len = l } 39#define FSTR_INIT(n, l) { .name = n, .len = l }
@@ -79,7 +80,8 @@ struct fscrypt_ctx {
79 80
80static inline bool fscrypt_has_encryption_key(const struct inode *inode) 81static inline bool fscrypt_has_encryption_key(const struct inode *inode)
81{ 82{
82 return (inode->i_crypt_info != NULL); 83 /* pairs with cmpxchg_release() in fscrypt_get_encryption_info() */
84 return READ_ONCE(inode->i_crypt_info) != NULL;
83} 85}
84 86
85static inline bool fscrypt_dummy_context_enabled(struct inode *inode) 87static inline bool fscrypt_dummy_context_enabled(struct inode *inode)
@@ -88,9 +90,21 @@ static inline bool fscrypt_dummy_context_enabled(struct inode *inode)
88 inode->i_sb->s_cop->dummy_context(inode); 90 inode->i_sb->s_cop->dummy_context(inode);
89} 91}
90 92
93/*
94 * When d_splice_alias() moves a directory's encrypted alias to its decrypted
95 * alias as a result of the encryption key being added, DCACHE_ENCRYPTED_NAME
96 * must be cleared. Note that we don't have to support arbitrary moves of this
97 * flag because fscrypt doesn't allow encrypted aliases to be the source or
98 * target of a rename().
99 */
100static inline void fscrypt_handle_d_move(struct dentry *dentry)
101{
102 dentry->d_flags &= ~DCACHE_ENCRYPTED_NAME;
103}
104
91/* crypto.c */ 105/* crypto.c */
92extern void fscrypt_enqueue_decrypt_work(struct work_struct *); 106extern void fscrypt_enqueue_decrypt_work(struct work_struct *);
93extern struct fscrypt_ctx *fscrypt_get_ctx(const struct inode *, gfp_t); 107extern struct fscrypt_ctx *fscrypt_get_ctx(gfp_t);
94extern void fscrypt_release_ctx(struct fscrypt_ctx *); 108extern void fscrypt_release_ctx(struct fscrypt_ctx *);
95extern struct page *fscrypt_encrypt_page(const struct inode *, struct page *, 109extern struct page *fscrypt_encrypt_page(const struct inode *, struct page *,
96 unsigned int, unsigned int, 110 unsigned int, unsigned int,
@@ -114,6 +128,7 @@ extern int fscrypt_inherit_context(struct inode *, struct inode *,
114/* keyinfo.c */ 128/* keyinfo.c */
115extern int fscrypt_get_encryption_info(struct inode *); 129extern int fscrypt_get_encryption_info(struct inode *);
116extern void fscrypt_put_encryption_info(struct inode *); 130extern void fscrypt_put_encryption_info(struct inode *);
131extern void fscrypt_free_inode(struct inode *);
117 132
118/* fname.c */ 133/* fname.c */
119extern int fscrypt_setup_filename(struct inode *, const struct qstr *, 134extern int fscrypt_setup_filename(struct inode *, const struct qstr *,
@@ -214,13 +229,15 @@ extern int fscrypt_zeroout_range(const struct inode *, pgoff_t, sector_t,
214 229
215/* hooks.c */ 230/* hooks.c */
216extern int fscrypt_file_open(struct inode *inode, struct file *filp); 231extern int fscrypt_file_open(struct inode *inode, struct file *filp);
217extern int __fscrypt_prepare_link(struct inode *inode, struct inode *dir); 232extern int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
233 struct dentry *dentry);
218extern int __fscrypt_prepare_rename(struct inode *old_dir, 234extern int __fscrypt_prepare_rename(struct inode *old_dir,
219 struct dentry *old_dentry, 235 struct dentry *old_dentry,
220 struct inode *new_dir, 236 struct inode *new_dir,
221 struct dentry *new_dentry, 237 struct dentry *new_dentry,
222 unsigned int flags); 238 unsigned int flags);
223extern int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry); 239extern int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
240 struct fscrypt_name *fname);
224extern int __fscrypt_prepare_symlink(struct inode *dir, unsigned int len, 241extern int __fscrypt_prepare_symlink(struct inode *dir, unsigned int len,
225 unsigned int max_len, 242 unsigned int max_len,
226 struct fscrypt_str *disk_link); 243 struct fscrypt_str *disk_link);
@@ -242,13 +259,16 @@ static inline bool fscrypt_dummy_context_enabled(struct inode *inode)
242 return false; 259 return false;
243} 260}
244 261
262static inline void fscrypt_handle_d_move(struct dentry *dentry)
263{
264}
265
245/* crypto.c */ 266/* crypto.c */
246static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work) 267static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work)
247{ 268{
248} 269}
249 270
250static inline struct fscrypt_ctx *fscrypt_get_ctx(const struct inode *inode, 271static inline struct fscrypt_ctx *fscrypt_get_ctx(gfp_t gfp_flags)
251 gfp_t gfp_flags)
252{ 272{
253 return ERR_PTR(-EOPNOTSUPP); 273 return ERR_PTR(-EOPNOTSUPP);
254} 274}
@@ -322,6 +342,10 @@ static inline void fscrypt_put_encryption_info(struct inode *inode)
322 return; 342 return;
323} 343}
324 344
345static inline void fscrypt_free_inode(struct inode *inode)
346{
347}
348
325 /* fname.c */ 349 /* fname.c */
326static inline int fscrypt_setup_filename(struct inode *dir, 350static inline int fscrypt_setup_filename(struct inode *dir,
327 const struct qstr *iname, 351 const struct qstr *iname,
@@ -330,7 +354,7 @@ static inline int fscrypt_setup_filename(struct inode *dir,
330 if (IS_ENCRYPTED(dir)) 354 if (IS_ENCRYPTED(dir))
331 return -EOPNOTSUPP; 355 return -EOPNOTSUPP;
332 356
333 memset(fname, 0, sizeof(struct fscrypt_name)); 357 memset(fname, 0, sizeof(*fname));
334 fname->usr_fname = iname; 358 fname->usr_fname = iname;
335 fname->disk_name.name = (unsigned char *)iname->name; 359 fname->disk_name.name = (unsigned char *)iname->name;
336 fname->disk_name.len = iname->len; 360 fname->disk_name.len = iname->len;
@@ -401,8 +425,8 @@ static inline int fscrypt_file_open(struct inode *inode, struct file *filp)
401 return 0; 425 return 0;
402} 426}
403 427
404static inline int __fscrypt_prepare_link(struct inode *inode, 428static inline int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
405 struct inode *dir) 429 struct dentry *dentry)
406{ 430{
407 return -EOPNOTSUPP; 431 return -EOPNOTSUPP;
408} 432}
@@ -417,7 +441,8 @@ static inline int __fscrypt_prepare_rename(struct inode *old_dir,
417} 441}
418 442
419static inline int __fscrypt_prepare_lookup(struct inode *dir, 443static inline int __fscrypt_prepare_lookup(struct inode *dir,
420 struct dentry *dentry) 444 struct dentry *dentry,
445 struct fscrypt_name *fname)
421{ 446{
422 return -EOPNOTSUPP; 447 return -EOPNOTSUPP;
423} 448}
@@ -497,7 +522,7 @@ static inline int fscrypt_prepare_link(struct dentry *old_dentry,
497 struct dentry *dentry) 522 struct dentry *dentry)
498{ 523{
499 if (IS_ENCRYPTED(dir)) 524 if (IS_ENCRYPTED(dir))
500 return __fscrypt_prepare_link(d_inode(old_dentry), dir); 525 return __fscrypt_prepare_link(d_inode(old_dentry), dir, dentry);
501 return 0; 526 return 0;
502} 527}
503 528
@@ -538,27 +563,32 @@ static inline int fscrypt_prepare_rename(struct inode *old_dir,
538 * fscrypt_prepare_lookup - prepare to lookup a name in a possibly-encrypted directory 563 * fscrypt_prepare_lookup - prepare to lookup a name in a possibly-encrypted directory
539 * @dir: directory being searched 564 * @dir: directory being searched
540 * @dentry: filename being looked up 565 * @dentry: filename being looked up
541 * @flags: lookup flags 566 * @fname: (output) the name to use to search the on-disk directory
542 * 567 *
543 * Prepare for ->lookup() in a directory which may be encrypted. Lookups can be 568 * Prepare for ->lookup() in a directory which may be encrypted by determining
544 * done with or without the directory's encryption key; without the key, 569 * the name that will actually be used to search the directory on-disk. Lookups
570 * can be done with or without the directory's encryption key; without the key,
545 * filenames are presented in encrypted form. Therefore, we'll try to set up 571 * filenames are presented in encrypted form. Therefore, we'll try to set up
546 * the directory's encryption key, but even without it the lookup can continue. 572 * the directory's encryption key, but even without it the lookup can continue.
547 * 573 *
548 * To allow invalidating stale dentries if the directory's encryption key is 574 * This also installs a custom ->d_revalidate() method which will invalidate the
549 * added later, we also install a custom ->d_revalidate() method and use the 575 * dentry if it was created without the key and the key is later added.
550 * DCACHE_ENCRYPTED_WITH_KEY flag to indicate whether a given dentry is a
551 * plaintext name (flag set) or a ciphertext name (flag cleared).
552 * 576 *
553 * Return: 0 on success, -errno if a problem occurred while setting up the 577 * Return: 0 on success; -ENOENT if key is unavailable but the filename isn't a
554 * encryption key 578 * correctly formed encoded ciphertext name, so a negative dentry should be
579 * created; or another -errno code.
555 */ 580 */
556static inline int fscrypt_prepare_lookup(struct inode *dir, 581static inline int fscrypt_prepare_lookup(struct inode *dir,
557 struct dentry *dentry, 582 struct dentry *dentry,
558 unsigned int flags) 583 struct fscrypt_name *fname)
559{ 584{
560 if (IS_ENCRYPTED(dir)) 585 if (IS_ENCRYPTED(dir))
561 return __fscrypt_prepare_lookup(dir, dentry); 586 return __fscrypt_prepare_lookup(dir, dentry, fname);
587
588 memset(fname, 0, sizeof(*fname));
589 fname->usr_fname = &dentry->d_name;
590 fname->disk_name.name = (unsigned char *)dentry->d_name.name;
591 fname->disk_name.len = dentry->d_name.len;
562 return 0; 592 return 0;
563} 593}
564 594