summaryrefslogtreecommitdiffstats
path: root/fs/f2fs/file.c
diff options
context:
space:
mode:
authorJaegeuk Kim <jaegeuk@kernel.org>2015-04-21 23:39:58 -0400
committerJaegeuk Kim <jaegeuk@kernel.org>2015-05-28 18:41:51 -0400
commitfcc85a4d86b5018f08717160c89c0eb50afd1dca (patch)
tree2f99ba2bc5ccf0ba32c6703a7a04d0731254b3af /fs/f2fs/file.c
parent6b3bd08f93a849edd56595391a54100d607ad7e4 (diff)
f2fs crypto: activate encryption support for fs APIs
This patch activates the following APIs for encryption support. The rules quoted by ext4 are: - An unencrypted directory may contain encrypted or unencrypted files or directories. - All files or directories in a directory must be protected using the same key as their containing directory. - Encrypted inode for regular file should not have inline_data. - Encrypted symlink and directory may have inline_data and inline_dentry. This patch activates the following APIs. 1. f2fs_link : validate context 2. f2fs_lookup : '' 3. f2fs_rename : '' 4. f2fs_create/f2fs_mkdir : inherit its dir's context 5. f2fs_direct_IO : do buffered io for regular files 6. f2fs_open : check encryption info 7. f2fs_file_mmap : '' 8. f2fs_setattr : '' 9. f2fs_file_write_iter : '' (Called by sys_io_submit) 10. f2fs_fallocate : do not support fcollapse 11. f2fs_evict_inode : free_encryption_info Signed-off-by: Michael Halcrow <mhalcrow@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Diffstat (limited to 'fs/f2fs/file.c')
-rw-r--r--fs/f2fs/file.c41
1 files changed, 39 insertions, 2 deletions
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index a66970d99cb4..9eb0100c57fd 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -408,6 +408,12 @@ static int f2fs_file_mmap(struct file *file, struct vm_area_struct *vma)
408{ 408{
409 struct inode *inode = file_inode(file); 409 struct inode *inode = file_inode(file);
410 410
411 if (f2fs_encrypted_inode(inode)) {
412 int err = f2fs_get_encryption_info(inode);
413 if (err)
414 return 0;
415 }
416
411 /* we don't need to use inline_data strictly */ 417 /* we don't need to use inline_data strictly */
412 if (f2fs_has_inline_data(inode)) { 418 if (f2fs_has_inline_data(inode)) {
413 int err = f2fs_convert_inline_inode(inode); 419 int err = f2fs_convert_inline_inode(inode);
@@ -420,6 +426,18 @@ static int f2fs_file_mmap(struct file *file, struct vm_area_struct *vma)
420 return 0; 426 return 0;
421} 427}
422 428
429static int f2fs_file_open(struct inode *inode, struct file *filp)
430{
431 int ret = generic_file_open(inode, filp);
432
433 if (!ret && f2fs_encrypted_inode(inode)) {
434 ret = f2fs_get_encryption_info(inode);
435 if (ret)
436 ret = -EACCES;
437 }
438 return ret;
439}
440
423int truncate_data_blocks_range(struct dnode_of_data *dn, int count) 441int truncate_data_blocks_range(struct dnode_of_data *dn, int count)
424{ 442{
425 int nr_free = 0, ofs = dn->ofs_in_node; 443 int nr_free = 0, ofs = dn->ofs_in_node;
@@ -627,6 +645,10 @@ int f2fs_setattr(struct dentry *dentry, struct iattr *attr)
627 return err; 645 return err;
628 646
629 if (attr->ia_valid & ATTR_SIZE) { 647 if (attr->ia_valid & ATTR_SIZE) {
648 if (f2fs_encrypted_inode(inode) &&
649 f2fs_get_encryption_info(inode))
650 return -EACCES;
651
630 if (attr->ia_size != i_size_read(inode)) { 652 if (attr->ia_size != i_size_read(inode)) {
631 truncate_setsize(inode, attr->ia_size); 653 truncate_setsize(inode, attr->ia_size);
632 f2fs_truncate(inode); 654 f2fs_truncate(inode);
@@ -1061,6 +1083,9 @@ static long f2fs_fallocate(struct file *file, int mode,
1061 struct inode *inode = file_inode(file); 1083 struct inode *inode = file_inode(file);
1062 long ret = 0; 1084 long ret = 0;
1063 1085
1086 if (f2fs_encrypted_inode(inode) && (mode & FALLOC_FL_COLLAPSE_RANGE))
1087 return -EOPNOTSUPP;
1088
1064 if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE | 1089 if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE |
1065 FALLOC_FL_COLLAPSE_RANGE | FALLOC_FL_ZERO_RANGE)) 1090 FALLOC_FL_COLLAPSE_RANGE | FALLOC_FL_ZERO_RANGE))
1066 return -EOPNOTSUPP; 1091 return -EOPNOTSUPP;
@@ -1468,6 +1493,18 @@ long f2fs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
1468 } 1493 }
1469} 1494}
1470 1495
1496static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
1497{
1498 struct inode *inode = file_inode(iocb->ki_filp);
1499
1500 if (f2fs_encrypted_inode(inode) &&
1501 !f2fs_has_encryption_key(inode) &&
1502 f2fs_get_encryption_info(inode))
1503 return -EACCES;
1504
1505 return generic_file_write_iter(iocb, from);
1506}
1507
1471#ifdef CONFIG_COMPAT 1508#ifdef CONFIG_COMPAT
1472long f2fs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 1509long f2fs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1473{ 1510{
@@ -1488,8 +1525,8 @@ long f2fs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1488const struct file_operations f2fs_file_operations = { 1525const struct file_operations f2fs_file_operations = {
1489 .llseek = f2fs_llseek, 1526 .llseek = f2fs_llseek,
1490 .read_iter = generic_file_read_iter, 1527 .read_iter = generic_file_read_iter,
1491 .write_iter = generic_file_write_iter, 1528 .write_iter = f2fs_file_write_iter,
1492 .open = generic_file_open, 1529 .open = f2fs_file_open,
1493 .release = f2fs_release_file, 1530 .release = f2fs_release_file,
1494 .mmap = f2fs_file_mmap, 1531 .mmap = f2fs_file_mmap,
1495 .fsync = f2fs_sync_file, 1532 .fsync = f2fs_sync_file,
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-21 18:26:07 -0500