aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2016-12-15 16:37:08 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2016-12-15 16:37:08 -0500
commit39d2c3b96e072c8756f3b980588fa516b7988cb1 (patch)
tree6d1676323744646b30bbbe102bfc8e9fd1d5461c
parente18bf801f1501e15830db5fa927a6e2832d49d7b (diff)
parentba75d570b60c05cda21c0b43c5fbdc4e344f892d (diff)
Merge tag 'upstream-4.10-rc1' of git://git.infradead.org/linux-ubifs
Pull ubifs updates from Richard Weinberger: - file encryption for UBIFS using the fscrypt framework - a fix to honor the dirty_writeback_interval sysctl - removal of dead code * tag 'upstream-4.10-rc1' of git://git.infradead.org/linux-ubifs: (30 commits) ubifs: Initialize fstr_real_len ubifs: Use fscrypt ioctl() helpers ubifs: Use FS_CFLG_OWN_PAGES ubifs: Raise write version to 5 ubifs: Implement UBIFS_FLG_ENCRYPTION ubifs: Implement UBIFS_FLG_DOUBLE_HASH ubifs: Use a random number for cookies ubifs: Add full hash lookup support ubifs: Rename tnc_read_node_nm ubifs: Add support for encrypted symlinks ubifs: Implement encrypted filenames ubifs: Make r5 hash binary string aware ubifs: Relax checks in ubifs_validate_entry() ubifs: Implement encrypt/decrypt for all IO ubifs: Constify struct inode pointer in ubifs_crypt_is_encrypted() ubifs: Introduce new data node field, compr_size ubifs: Enforce crypto policy in mmap ubifs: Massage assert in ubifs_xattr_set() wrt. fscrypto ubifs: Preload crypto context in ->lookup() ubifs: Enforce crypto policy in ->link and ->rename ...
Diffstat
-rw-r--r--fs/ubifs/Kconfig11
-rw-r--r--fs/ubifs/Makefile1
-rw-r--r--fs/ubifs/crypto.c97
-rw-r--r--fs/ubifs/debug.c14
-rw-r--r--fs/ubifs/dir.c478
-rw-r--r--fs/ubifs/file.c108
-rw-r--r--fs/ubifs/gc.c4
-rw-r--r--fs/ubifs/io.c18
-rw-r--r--fs/ubifs/ioctl.c20
-rw-r--r--fs/ubifs/journal.c224
-rw-r--r--fs/ubifs/key.h21
-rw-r--r--fs/ubifs/replay.c10
-rw-r--r--fs/ubifs/sb.c59
-rw-r--r--fs/ubifs/super.c17
-rw-r--r--fs/ubifs/tnc.c159
-rw-r--r--fs/ubifs/ubifs-media.h29
-rw-r--r--fs/ubifs/ubifs.h115
-rw-r--r--fs/ubifs/xattr.c116
18 files changed, 1192 insertions, 309 deletions
diff --git a/fs/ubifs/Kconfig b/fs/ubifs/Kconfig
index 7ff7712f284e..0a908ae7af13 100644
--- a/fs/ubifs/Kconfig
+++ b/fs/ubifs/Kconfig
@@ -50,3 +50,14 @@ config UBIFS_ATIME_SUPPORT
50 strictatime is the "heavy", relatime is "lighter", etc. 50 strictatime is the "heavy", relatime is "lighter", etc.
51 51
52 If unsure, say 'N' 52 If unsure, say 'N'
53
54config UBIFS_FS_ENCRYPTION
55 bool "UBIFS Encryption"
56 depends on UBIFS_FS
57 select FS_ENCRYPTION
58 default n
59 help
60 Enable encryption of UBIFS files and directories. This
61 feature is similar to ecryptfs, but it is more memory
62 efficient since it avoids caching the encrypted and
63 decrypted pages in the page cache.
diff --git a/fs/ubifs/Makefile b/fs/ubifs/Makefile
index c54a24360f85..6f3251c2bf08 100644
--- a/fs/ubifs/Makefile
+++ b/fs/ubifs/Makefile
@@ -5,3 +5,4 @@ ubifs-y += tnc.o master.o scan.o replay.o log.o commit.o gc.o orphan.o
5ubifs-y += budget.o find.o tnc_commit.o compress.o lpt.o lprops.o 5ubifs-y += budget.o find.o tnc_commit.o compress.o lpt.o lprops.o
6ubifs-y += recovery.o ioctl.o lpt_commit.o tnc_misc.o xattr.o debug.o 6ubifs-y += recovery.o ioctl.o lpt_commit.o tnc_misc.o xattr.o debug.o
7ubifs-y += misc.o 7ubifs-y += misc.o
8ubifs-$(CONFIG_UBIFS_FS_ENCRYPTION) += crypto.o
diff --git a/fs/ubifs/crypto.c b/fs/ubifs/crypto.c
new file mode 100644
index 000000000000..3402720f2b28
--- /dev/null
+++ b/fs/ubifs/crypto.c
@@ -0,0 +1,97 @@
1#include "ubifs.h"
2
3static int ubifs_crypt_get_context(struct inode *inode, void *ctx, size_t len)
4{
5 return ubifs_xattr_get(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,
6 ctx, len);
7}
8
9static int ubifs_crypt_set_context(struct inode *inode, const void *ctx,
10 size_t len, void *fs_data)
11{
12 return ubifs_xattr_set(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,
13 ctx, len, 0);
14}
15
16static bool ubifs_crypt_empty_dir(struct inode *inode)
17{
18 return ubifs_check_dir_empty(inode) == 0;
19}
20
21static unsigned int ubifs_crypt_max_namelen(struct inode *inode)
22{
23 if (S_ISLNK(inode->i_mode))
24 return UBIFS_MAX_INO_DATA;
25 else
26 return UBIFS_MAX_NLEN;
27}
28
29static int ubifs_key_prefix(struct inode *inode, u8 **key)
30{
31 static char prefix[] = "ubifs:";
32
33 *key = prefix;
34
35 return sizeof(prefix) - 1;
36}
37
38int ubifs_encrypt(const struct inode *inode, struct ubifs_data_node *dn,
39 unsigned int in_len, unsigned int *out_len, int block)
40{
41 struct ubifs_info *c = inode->i_sb->s_fs_info;
42 void *p = &dn->data;
43 struct page *ret;
44 unsigned int pad_len = round_up(in_len, UBIFS_CIPHER_BLOCK_SIZE);
45
46 ubifs_assert(pad_len <= *out_len);
47 dn->compr_size = cpu_to_le16(in_len);
48
49 /* pad to full block cipher length */
50 if (pad_len != in_len)
51 memset(p + in_len, 0, pad_len - in_len);
52
53 ret = fscrypt_encrypt_page(inode, virt_to_page(&dn->data), pad_len,
54 offset_in_page(&dn->data), block, GFP_NOFS);
55 if (IS_ERR(ret)) {
56 ubifs_err(c, "fscrypt_encrypt_page failed: %ld", PTR_ERR(ret));
57 return PTR_ERR(ret);
58 }
59 *out_len = pad_len;
60
61 return 0;
62}
63
64int ubifs_decrypt(const struct inode *inode, struct ubifs_data_node *dn,
65 unsigned int *out_len, int block)
66{
67 struct ubifs_info *c = inode->i_sb->s_fs_info;
68 int err;
69 unsigned int clen = le16_to_cpu(dn->compr_size);
70 unsigned int dlen = *out_len;
71
72 if (clen <= 0 || clen > UBIFS_BLOCK_SIZE || clen > dlen) {
73 ubifs_err(c, "bad compr_size: %i", clen);
74 return -EINVAL;
75 }
76
77 ubifs_assert(dlen <= UBIFS_BLOCK_SIZE);
78 err = fscrypt_decrypt_page(inode, virt_to_page(&dn->data), dlen,
79 offset_in_page(&dn->data), block);
80 if (err) {
81 ubifs_err(c, "fscrypt_decrypt_page failed: %i", err);
82 return err;
83 }
84 *out_len = clen;
85
86 return 0;
87}
88
89struct fscrypt_operations ubifs_crypt_operations = {
90 .flags = FS_CFLG_OWN_PAGES,
91 .get_context = ubifs_crypt_get_context,
92 .set_context = ubifs_crypt_set_context,
93 .is_encrypted = __ubifs_crypt_is_encrypted,
94 .empty_dir = ubifs_crypt_empty_dir,
95 .max_namelen = ubifs_crypt_max_namelen,
96 .key_prefix = ubifs_key_prefix,
97};
diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
index 69e287e20732..1e712a364680 100644
--- a/fs/ubifs/debug.c
+++ b/fs/ubifs/debug.c
@@ -233,7 +233,7 @@ static void dump_ch(const struct ubifs_ch *ch)
233void ubifs_dump_inode(struct ubifs_info *c, const struct inode *inode) 233void ubifs_dump_inode(struct ubifs_info *c, const struct inode *inode)
234{ 234{
235 const struct ubifs_inode *ui = ubifs_inode(inode); 235 const struct ubifs_inode *ui = ubifs_inode(inode);
236 struct qstr nm = { .name = NULL }; 236 struct fscrypt_name nm = {0};
237 union ubifs_key key; 237 union ubifs_key key;
238 struct ubifs_dent_node *dent, *pdent = NULL; 238 struct ubifs_dent_node *dent, *pdent = NULL;
239 int count = 2; 239 int count = 2;
@@ -289,8 +289,8 @@ void ubifs_dump_inode(struct ubifs_info *c, const struct inode *inode)
289 pr_err("\t%d: %s (%s)\n", 289 pr_err("\t%d: %s (%s)\n",
290 count++, dent->name, get_dent_type(dent->type)); 290 count++, dent->name, get_dent_type(dent->type));
291 291
292 nm.name = dent->name; 292 fname_name(&nm) = dent->name;
293 nm.len = le16_to_cpu(dent->nlen); 293 fname_len(&nm) = le16_to_cpu(dent->nlen);
294 kfree(pdent); 294 kfree(pdent);
295 pdent = dent; 295 pdent = dent;
296 key_read(c, &dent->key, &key); 296 key_read(c, &dent->key, &key);
@@ -1107,7 +1107,7 @@ int dbg_check_dir(struct ubifs_info *c, const struct inode *dir)
1107 unsigned int nlink = 2; 1107 unsigned int nlink = 2;
1108 union ubifs_key key; 1108 union ubifs_key key;
1109 struct ubifs_dent_node *dent, *pdent = NULL; 1109 struct ubifs_dent_node *dent, *pdent = NULL;
1110 struct qstr nm = { .name = NULL }; 1110 struct fscrypt_name nm = {0};
1111 loff_t size = UBIFS_INO_NODE_SZ; 1111 loff_t size = UBIFS_INO_NODE_SZ;
1112 1112
1113 if (!dbg_is_chk_gen(c)) 1113 if (!dbg_is_chk_gen(c))
@@ -1128,9 +1128,9 @@ int dbg_check_dir(struct ubifs_info *c, const struct inode *dir)
1128 return err; 1128 return err;
1129 } 1129 }
1130 1130
1131 nm.name = dent->name; 1131 fname_name(&nm) = dent->name;
1132 nm.len = le16_to_cpu(dent->nlen); 1132 fname_len(&nm) = le16_to_cpu(dent->nlen);
1133 size += CALC_DENT_SIZE(nm.len); 1133 size += CALC_DENT_SIZE(fname_len(&nm));
1134 if (dent->type == UBIFS_ITYPE_DIR) 1134 if (dent->type == UBIFS_ITYPE_DIR)
1135 nlink += 1; 1135 nlink += 1;
1136 kfree(pdent); 1136 kfree(pdent);
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
index ca16c5d7bab1..1c5331ac9614 100644
--- a/fs/ubifs/dir.c
+++ b/fs/ubifs/dir.c
@@ -85,11 +85,26 @@ static int inherit_flags(const struct inode *dir, umode_t mode)
85 * initializes it. Returns new inode in case of success and an error code in 85 * initializes it. Returns new inode in case of success and an error code in
86 * case of failure. 86 * case of failure.
87 */ 87 */
88struct inode *ubifs_new_inode(struct ubifs_info *c, const struct inode *dir, 88struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir,
89 umode_t mode) 89 umode_t mode)
90{ 90{
91 int err;
91 struct inode *inode; 92 struct inode *inode;
92 struct ubifs_inode *ui; 93 struct ubifs_inode *ui;
94 bool encrypted = false;
95
96 if (ubifs_crypt_is_encrypted(dir)) {
97 err = fscrypt_get_encryption_info(dir);
98 if (err) {
99 ubifs_err(c, "fscrypt_get_encryption_info failed: %i", err);
100 return ERR_PTR(err);
101 }
102
103 if (!fscrypt_has_encryption_key(dir))
104 return ERR_PTR(-EPERM);
105
106 encrypted = true;
107 }
93 108
94 inode = new_inode(c->vfs_sb); 109 inode = new_inode(c->vfs_sb);
95 ui = ubifs_inode(inode); 110 ui = ubifs_inode(inode);
@@ -165,18 +180,29 @@ struct inode *ubifs_new_inode(struct ubifs_info *c, const struct inode *dir,
165 */ 180 */
166 ui->creat_sqnum = ++c->max_sqnum; 181 ui->creat_sqnum = ++c->max_sqnum;
167 spin_unlock(&c->cnt_lock); 182 spin_unlock(&c->cnt_lock);
183
184 if (encrypted) {
185 err = fscrypt_inherit_context(dir, inode, &encrypted, true);
186 if (err) {
187 ubifs_err(c, "fscrypt_inherit_context failed: %i", err);
188 make_bad_inode(inode);
189 iput(inode);
190 return ERR_PTR(err);
191 }
192 }
193
168 return inode; 194 return inode;
169} 195}
170 196
171static int dbg_check_name(const struct ubifs_info *c, 197static int dbg_check_name(const struct ubifs_info *c,
172 const struct ubifs_dent_node *dent, 198 const struct ubifs_dent_node *dent,
173 const struct qstr *nm) 199 const struct fscrypt_name *nm)
174{ 200{
175 if (!dbg_is_chk_gen(c)) 201 if (!dbg_is_chk_gen(c))
176 return 0; 202 return 0;
177 if (le16_to_cpu(dent->nlen) != nm->len) 203 if (le16_to_cpu(dent->nlen) != fname_len(nm))
178 return -EINVAL; 204 return -EINVAL;
179 if (memcmp(dent->name, nm->name, nm->len)) 205 if (memcmp(dent->name, fname_name(nm), fname_len(nm)))
180 return -EINVAL; 206 return -EINVAL;
181 return 0; 207 return 0;
182} 208}
@@ -189,30 +215,61 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
189 struct inode *inode = NULL; 215 struct inode *inode = NULL;
190 struct ubifs_dent_node *dent; 216 struct ubifs_dent_node *dent;
191 struct ubifs_info *c = dir->i_sb->s_fs_info; 217 struct ubifs_info *c = dir->i_sb->s_fs_info;
218 struct fscrypt_name nm;
192 219
193 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 220 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
194 221
195 if (dentry->d_name.len > UBIFS_MAX_NLEN) 222 if (ubifs_crypt_is_encrypted(dir)) {
196 return ERR_PTR(-ENAMETOOLONG); 223 err = fscrypt_get_encryption_info(dir);
224
225 /*
226 * DCACHE_ENCRYPTED_WITH_KEY is set if the dentry is
227 * created while the directory was encrypted and we
228 * have access to the key.
229 */
230 if (fscrypt_has_encryption_key(dir))
231 fscrypt_set_encrypted_dentry(dentry);
232 fscrypt_set_d_op(dentry);
233 if (err && err != -ENOKEY)
234 return ERR_PTR(err);
235 }
236
237 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
238 if (err)
239 return ERR_PTR(err);
240
241 if (fname_len(&nm) > UBIFS_MAX_NLEN) {
242 err = -ENAMETOOLONG;
243 goto out_fname;
244 }
197 245
198 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS); 246 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS);
199 if (!dent) 247 if (!dent) {
200 return ERR_PTR(-ENOMEM); 248 err = -ENOMEM;
249 goto out_fname;
250 }
201 251
202 dent_key_init(c, &key, dir->i_ino, &dentry->d_name); 252 if (nm.hash) {
253 ubifs_assert(fname_len(&nm) == 0);
254 ubifs_assert(fname_name(&nm) == NULL);
255 dent_key_init_hash(c, &key, dir->i_ino, nm.hash);
256 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash);
257 } else {
258 dent_key_init(c, &key, dir->i_ino, &nm);
259 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm);
260 }
203 261
204 err = ubifs_tnc_lookup_nm(c, &key, dent, &dentry->d_name);
205 if (err) { 262 if (err) {
206 if (err == -ENOENT) { 263 if (err == -ENOENT) {
207 dbg_gen("not found"); 264 dbg_gen("not found");
208 goto done; 265 goto done;
209 } 266 }
210 goto out; 267 goto out_dent;
211 } 268 }
212 269
213 if (dbg_check_name(c, dent, &dentry->d_name)) { 270 if (dbg_check_name(c, dent, &nm)) {
214 err = -EINVAL; 271 err = -EINVAL;
215 goto out; 272 goto out_dent;
216 } 273 }
217 274
218 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum)); 275 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum));
@@ -225,11 +282,12 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
225 ubifs_err(c, "dead directory entry '%pd', error %d", 282 ubifs_err(c, "dead directory entry '%pd', error %d",
226 dentry, err); 283 dentry, err);
227 ubifs_ro_mode(c, err); 284 ubifs_ro_mode(c, err);
228 goto out; 285 goto out_dent;
229 } 286 }
230 287
231done: 288done:
232 kfree(dent); 289 kfree(dent);
290 fscrypt_free_filename(&nm);
233 /* 291 /*
234 * Note, d_splice_alias() would be required instead if we supported 292 * Note, d_splice_alias() would be required instead if we supported
235 * NFS. 293 * NFS.
@@ -237,8 +295,10 @@ done:
237 d_add(dentry, inode); 295 d_add(dentry, inode);
238 return NULL; 296 return NULL;
239 297
240out: 298out_dent:
241 kfree(dent); 299 kfree(dent);
300out_fname:
301 fscrypt_free_filename(&nm);
242 return ERR_PTR(err); 302 return ERR_PTR(err);
243} 303}
244 304
@@ -247,10 +307,11 @@ static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
247{ 307{
248 struct inode *inode; 308 struct inode *inode;
249 struct ubifs_info *c = dir->i_sb->s_fs_info; 309 struct ubifs_info *c = dir->i_sb->s_fs_info;
250 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
251 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 310 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
252 .dirtied_ino = 1 }; 311 .dirtied_ino = 1 };
253 struct ubifs_inode *dir_ui = ubifs_inode(dir); 312 struct ubifs_inode *dir_ui = ubifs_inode(dir);
313 struct fscrypt_name nm;
314 int err, sz_change;
254 315
255 /* 316 /*
256 * Budget request settings: new inode, new direntry, changing the 317 * Budget request settings: new inode, new direntry, changing the
@@ -264,10 +325,16 @@ static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
264 if (err) 325 if (err)
265 return err; 326 return err;
266 327
328 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
329 if (err)
330 goto out_budg;
331
332 sz_change = CALC_DENT_SIZE(fname_len(&nm));
333
267 inode = ubifs_new_inode(c, dir, mode); 334 inode = ubifs_new_inode(c, dir, mode);
268 if (IS_ERR(inode)) { 335 if (IS_ERR(inode)) {
269 err = PTR_ERR(inode); 336 err = PTR_ERR(inode);
270 goto out_budg; 337 goto out_fname;
271 } 338 }
272 339
273 err = ubifs_init_security(dir, inode, &dentry->d_name); 340 err = ubifs_init_security(dir, inode, &dentry->d_name);
@@ -278,12 +345,13 @@ static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
278 dir->i_size += sz_change; 345 dir->i_size += sz_change;
279 dir_ui->ui_size = dir->i_size; 346 dir_ui->ui_size = dir->i_size;
280 dir->i_mtime = dir->i_ctime = inode->i_ctime; 347 dir->i_mtime = dir->i_ctime = inode->i_ctime;
281 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0); 348 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
282 if (err) 349 if (err)
283 goto out_cancel; 350 goto out_cancel;
284 mutex_unlock(&dir_ui->ui_mutex); 351 mutex_unlock(&dir_ui->ui_mutex);
285 352
286 ubifs_release_budget(c, &req); 353 ubifs_release_budget(c, &req);
354 fscrypt_free_filename(&nm);
287 insert_inode_hash(inode); 355 insert_inode_hash(inode);
288 d_instantiate(dentry, inode); 356 d_instantiate(dentry, inode);
289 return 0; 357 return 0;
@@ -295,6 +363,8 @@ out_cancel:
295out_inode: 363out_inode:
296 make_bad_inode(inode); 364 make_bad_inode(inode);
297 iput(inode); 365 iput(inode);
366out_fname:
367 fscrypt_free_filename(&nm);
298out_budg: 368out_budg:
299 ubifs_release_budget(c, &req); 369 ubifs_release_budget(c, &req);
300 ubifs_err(c, "cannot create regular file, error %d", err); 370 ubifs_err(c, "cannot create regular file, error %d", err);
@@ -310,6 +380,7 @@ static int do_tmpfile(struct inode *dir, struct dentry *dentry,
310 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 }; 380 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 };
311 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir); 381 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir);
312 int err, instantiated = 0; 382 int err, instantiated = 0;
383 struct fscrypt_name nm;
313 384
314 /* 385 /*
315 * Budget request settings: new dirty inode, new direntry, 386 * Budget request settings: new dirty inode, new direntry,
@@ -319,13 +390,30 @@ static int do_tmpfile(struct inode *dir, struct dentry *dentry,
319 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 390 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
320 dentry, mode, dir->i_ino); 391 dentry, mode, dir->i_ino);
321 392
322 err = ubifs_budget_space(c, &req); 393 if (ubifs_crypt_is_encrypted(dir)) {
394 err = fscrypt_get_encryption_info(dir);
395 if (err)
396 return err;
397
398 if (!fscrypt_has_encryption_key(dir)) {
399 return -EPERM;
400 }
401 }
402
403 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
323 if (err) 404 if (err)
324 return err; 405 return err;
325 406
407 err = ubifs_budget_space(c, &req);
408 if (err) {
409 fscrypt_free_filename(&nm);
410 return err;
411 }
412
326 err = ubifs_budget_space(c, &ino_req); 413 err = ubifs_budget_space(c, &ino_req);
327 if (err) { 414 if (err) {
328 ubifs_release_budget(c, &req); 415 ubifs_release_budget(c, &req);
416 fscrypt_free_filename(&nm);
329 return err; 417 return err;
330 } 418 }
331 419
@@ -361,7 +449,7 @@ static int do_tmpfile(struct inode *dir, struct dentry *dentry,
361 mutex_unlock(&ui->ui_mutex); 449 mutex_unlock(&ui->ui_mutex);
362 450
363 mutex_lock(&dir_ui->ui_mutex); 451 mutex_lock(&dir_ui->ui_mutex);
364 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 1, 0); 452 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
365 if (err) 453 if (err)
366 goto out_cancel; 454 goto out_cancel;
367 mutex_unlock(&dir_ui->ui_mutex); 455 mutex_unlock(&dir_ui->ui_mutex);
@@ -380,6 +468,7 @@ out_budg:
380 ubifs_release_budget(c, &req); 468 ubifs_release_budget(c, &req);
381 if (!instantiated) 469 if (!instantiated)
382 ubifs_release_budget(c, &ino_req); 470 ubifs_release_budget(c, &ino_req);
471 fscrypt_free_filename(&nm);
383 ubifs_err(c, "cannot create temporary file, error %d", err); 472 ubifs_err(c, "cannot create temporary file, error %d", err);
384 return err; 473 return err;
385} 474}
@@ -439,12 +528,14 @@ static unsigned int vfs_dent_type(uint8_t type)
439 */ 528 */
440static int ubifs_readdir(struct file *file, struct dir_context *ctx) 529static int ubifs_readdir(struct file *file, struct dir_context *ctx)
441{ 530{
442 int err = 0; 531 int fstr_real_len = 0, err = 0;
443 struct qstr nm; 532 struct fscrypt_name nm;
533 struct fscrypt_str fstr = {0};
444 union ubifs_key key; 534 union ubifs_key key;
445 struct ubifs_dent_node *dent; 535 struct ubifs_dent_node *dent;
446 struct inode *dir = file_inode(file); 536 struct inode *dir = file_inode(file);
447 struct ubifs_info *c = dir->i_sb->s_fs_info; 537 struct ubifs_info *c = dir->i_sb->s_fs_info;
538 bool encrypted = ubifs_crypt_is_encrypted(dir);
448 539
449 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos); 540 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos);
450 541
@@ -455,6 +546,18 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)
455 */ 546 */
456 return 0; 547 return 0;
457 548
549 if (encrypted) {
550 err = fscrypt_get_encryption_info(dir);
551 if (err && err != -ENOKEY)
552 return err;
553
554 err = fscrypt_fname_alloc_buffer(dir, UBIFS_MAX_NLEN, &fstr);
555 if (err)
556 return err;
557
558 fstr_real_len = fstr.len;
559 }
560
458 if (file->f_version == 0) { 561 if (file->f_version == 0) {
459 /* 562 /*
460 * The file was seek'ed, which means that @file->private_data 563 * The file was seek'ed, which means that @file->private_data
@@ -476,12 +579,15 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)
476 /* File positions 0 and 1 correspond to "." and ".." */ 579 /* File positions 0 and 1 correspond to "." and ".." */
477 if (ctx->pos < 2) { 580 if (ctx->pos < 2) {
478 ubifs_assert(!file->private_data); 581 ubifs_assert(!file->private_data);
479 if (!dir_emit_dots(file, ctx)) 582 if (!dir_emit_dots(file, ctx)) {
583 if (encrypted)
584 fscrypt_fname_free_buffer(&fstr);
480 return 0; 585 return 0;
586 }
481 587
482 /* Find the first entry in TNC and save it */ 588 /* Find the first entry in TNC and save it */
483 lowest_dent_key(c, &key, dir->i_ino); 589 lowest_dent_key(c, &key, dir->i_ino);
484 nm.name = NULL; 590 fname_len(&nm) = 0;
485 dent = ubifs_tnc_next_ent(c, &key, &nm); 591 dent = ubifs_tnc_next_ent(c, &key, &nm);
486 if (IS_ERR(dent)) { 592 if (IS_ERR(dent)) {
487 err = PTR_ERR(dent); 593 err = PTR_ERR(dent);
@@ -499,7 +605,7 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)
499 * Find the entry corresponding to @ctx->pos or the closest one. 605 * Find the entry corresponding to @ctx->pos or the closest one.
500 */ 606 */
501 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos); 607 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos);
502 nm.name = NULL; 608 fname_len(&nm) = 0;
503 dent = ubifs_tnc_next_ent(c, &key, &nm); 609 dent = ubifs_tnc_next_ent(c, &key, &nm);
504 if (IS_ERR(dent)) { 610 if (IS_ERR(dent)) {
505 err = PTR_ERR(dent); 611 err = PTR_ERR(dent);
@@ -516,15 +622,33 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)
516 ubifs_assert(le64_to_cpu(dent->ch.sqnum) > 622 ubifs_assert(le64_to_cpu(dent->ch.sqnum) >
517 ubifs_inode(dir)->creat_sqnum); 623 ubifs_inode(dir)->creat_sqnum);
518 624
519 nm.len = le16_to_cpu(dent->nlen); 625 fname_len(&nm) = le16_to_cpu(dent->nlen);
520 if (!dir_emit(ctx, dent->name, nm.len, 626 fname_name(&nm) = dent->name;
627
628 if (encrypted) {
629 fstr.len = fstr_real_len;
630
631 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c,
632 &dent->key),
633 le32_to_cpu(dent->cookie),
634 &nm.disk_name, &fstr);
635 if (err)
636 goto out;
637 } else {
638 fstr.len = fname_len(&nm);
639 fstr.name = fname_name(&nm);
640 }
641
642 if (!dir_emit(ctx, fstr.name, fstr.len,
521 le64_to_cpu(dent->inum), 643 le64_to_cpu(dent->inum),
522 vfs_dent_type(dent->type))) 644 vfs_dent_type(dent->type))) {
645 if (encrypted)
646 fscrypt_fname_free_buffer(&fstr);
523 return 0; 647 return 0;
648 }
524 649
525 /* Switch to the next entry */ 650 /* Switch to the next entry */
526 key_read(c, &dent->key, &key); 651 key_read(c, &dent->key, &key);
527 nm.name = dent->name;
528 dent = ubifs_tnc_next_ent(c, &key, &nm); 652 dent = ubifs_tnc_next_ent(c, &key, &nm);
529 if (IS_ERR(dent)) { 653 if (IS_ERR(dent)) {
530 err = PTR_ERR(dent); 654 err = PTR_ERR(dent);
@@ -541,6 +665,9 @@ out:
541 kfree(file->private_data); 665 kfree(file->private_data);
542 file->private_data = NULL; 666 file->private_data = NULL;
543 667
668 if (encrypted)
669 fscrypt_fname_free_buffer(&fstr);
670
544 if (err != -ENOENT) 671 if (err != -ENOENT)
545 ubifs_err(c, "cannot find next direntry, error %d", err); 672 ubifs_err(c, "cannot find next direntry, error %d", err);
546 else 673 else
@@ -601,6 +728,7 @@ static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
601 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len); 728 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
602 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2, 729 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2,
603 .dirtied_ino_d = ALIGN(ui->data_len, 8) }; 730 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
731 struct fscrypt_name nm;
604 732
605 /* 733 /*
606 * Budget request settings: new direntry, changing the target inode, 734 * Budget request settings: new direntry, changing the target inode,
@@ -613,13 +741,29 @@ static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
613 ubifs_assert(inode_is_locked(dir)); 741 ubifs_assert(inode_is_locked(dir));
614 ubifs_assert(inode_is_locked(inode)); 742 ubifs_assert(inode_is_locked(inode));
615 743
616 err = dbg_check_synced_i_size(c, inode); 744 if (ubifs_crypt_is_encrypted(dir)) {
745 if (!fscrypt_has_permitted_context(dir, inode))
746 return -EPERM;
747
748 err = fscrypt_get_encryption_info(inode);
749 if (err)
750 return err;
751
752 if (!fscrypt_has_encryption_key(inode))
753 return -EPERM;
754 }
755
756 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
617 if (err) 757 if (err)
618 return err; 758 return err;
619 759
760 err = dbg_check_synced_i_size(c, inode);
761 if (err)
762 goto out_fname;
763
620 err = ubifs_budget_space(c, &req); 764 err = ubifs_budget_space(c, &req);
621 if (err) 765 if (err)
622 return err; 766 goto out_fname;
623 767
624 lock_2_inodes(dir, inode); 768 lock_2_inodes(dir, inode);
625 inc_nlink(inode); 769 inc_nlink(inode);
@@ -628,13 +772,14 @@ static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
628 dir->i_size += sz_change; 772 dir->i_size += sz_change;
629 dir_ui->ui_size = dir->i_size; 773 dir_ui->ui_size = dir->i_size;
630 dir->i_mtime = dir->i_ctime = inode->i_ctime; 774 dir->i_mtime = dir->i_ctime = inode->i_ctime;
631 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0); 775 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
632 if (err) 776 if (err)
633 goto out_cancel; 777 goto out_cancel;
634 unlock_2_inodes(dir, inode); 778 unlock_2_inodes(dir, inode);
635 779
636 ubifs_release_budget(c, &req); 780 ubifs_release_budget(c, &req);
637 d_instantiate(dentry, inode); 781 d_instantiate(dentry, inode);
782 fscrypt_free_filename(&nm);
638 return 0; 783 return 0;
639 784
640out_cancel: 785out_cancel:
@@ -644,6 +789,8 @@ out_cancel:
644 unlock_2_inodes(dir, inode); 789 unlock_2_inodes(dir, inode);
645 ubifs_release_budget(c, &req); 790 ubifs_release_budget(c, &req);
646 iput(inode); 791 iput(inode);
792out_fname:
793 fscrypt_free_filename(&nm);
647 return err; 794 return err;
648} 795}
649 796
@@ -652,10 +799,10 @@ static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
652 struct ubifs_info *c = dir->i_sb->s_fs_info; 799 struct ubifs_info *c = dir->i_sb->s_fs_info;
653 struct inode *inode = d_inode(dentry); 800 struct inode *inode = d_inode(dentry);
654 struct ubifs_inode *dir_ui = ubifs_inode(dir); 801 struct ubifs_inode *dir_ui = ubifs_inode(dir);
655 int sz_change = CALC_DENT_SIZE(dentry->d_name.len); 802 int err, sz_change, budgeted = 1;
656 int err, budgeted = 1;
657 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 803 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
658 unsigned int saved_nlink = inode->i_nlink; 804 unsigned int saved_nlink = inode->i_nlink;
805 struct fscrypt_name nm;
659 806
660 /* 807 /*
661 * Budget request settings: deletion direntry, deletion inode (+1 for 808 * Budget request settings: deletion direntry, deletion inode (+1 for
@@ -667,16 +814,29 @@ static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
667 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu", 814 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu",
668 dentry, inode->i_ino, 815 dentry, inode->i_ino,
669 inode->i_nlink, dir->i_ino); 816 inode->i_nlink, dir->i_ino);
817
818 if (ubifs_crypt_is_encrypted(dir)) {
819 err = fscrypt_get_encryption_info(dir);
820 if (err && err != -ENOKEY)
821 return err;
822 }
823
824 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
825 if (err)
826 return err;
827
828 sz_change = CALC_DENT_SIZE(fname_len(&nm));
829
670 ubifs_assert(inode_is_locked(dir)); 830 ubifs_assert(inode_is_locked(dir));
671 ubifs_assert(inode_is_locked(inode)); 831 ubifs_assert(inode_is_locked(inode));
672 err = dbg_check_synced_i_size(c, inode); 832 err = dbg_check_synced_i_size(c, inode);
673 if (err) 833 if (err)
674 return err; 834 goto out_fname;
675 835
676 err = ubifs_budget_space(c, &req); 836 err = ubifs_budget_space(c, &req);
677 if (err) { 837 if (err) {
678 if (err != -ENOSPC) 838 if (err != -ENOSPC)
679 return err; 839 goto out_fname;
680 budgeted = 0; 840 budgeted = 0;
681 } 841 }
682 842
@@ -686,7 +846,7 @@ static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
686 dir->i_size -= sz_change; 846 dir->i_size -= sz_change;
687 dir_ui->ui_size = dir->i_size; 847 dir_ui->ui_size = dir->i_size;
688 dir->i_mtime = dir->i_ctime = inode->i_ctime; 848 dir->i_mtime = dir->i_ctime = inode->i_ctime;
689 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 1, 0); 849 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
690 if (err) 850 if (err)
691 goto out_cancel; 851 goto out_cancel;
692 unlock_2_inodes(dir, inode); 852 unlock_2_inodes(dir, inode);
@@ -698,6 +858,7 @@ static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
698 c->bi.nospace = c->bi.nospace_rp = 0; 858 c->bi.nospace = c->bi.nospace_rp = 0;
699 smp_wmb(); 859 smp_wmb();
700 } 860 }
861 fscrypt_free_filename(&nm);
701 return 0; 862 return 0;
702 863
703out_cancel: 864out_cancel:
@@ -707,21 +868,23 @@ out_cancel:
707 unlock_2_inodes(dir, inode); 868 unlock_2_inodes(dir, inode);
708 if (budgeted) 869 if (budgeted)
709 ubifs_release_budget(c, &req); 870 ubifs_release_budget(c, &req);
871out_fname:
872 fscrypt_free_filename(&nm);
710 return err; 873 return err;
711} 874}
712 875
713/** 876/**
714 * check_dir_empty - check if a directory is empty or not. 877 * check_dir_empty - check if a directory is empty or not.
715 * @c: UBIFS file-system description object
716 * @dir: VFS inode object of the directory to check 878 * @dir: VFS inode object of the directory to check
717 * 879 *
718 * This function checks if directory @dir is empty. Returns zero if the 880 * This function checks if directory @dir is empty. Returns zero if the
719 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes 881 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes
720 * in case of of errors. 882 * in case of of errors.
721 */ 883 */
722static int check_dir_empty(struct ubifs_info *c, struct inode *dir) 884int ubifs_check_dir_empty(struct inode *dir)
723{ 885{
724 struct qstr nm = { .name = NULL }; 886 struct ubifs_info *c = dir->i_sb->s_fs_info;
887 struct fscrypt_name nm = { 0 };
725 struct ubifs_dent_node *dent; 888 struct ubifs_dent_node *dent;
726 union ubifs_key key; 889 union ubifs_key key;
727 int err; 890 int err;
@@ -743,10 +906,10 @@ static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
743{ 906{
744 struct ubifs_info *c = dir->i_sb->s_fs_info; 907 struct ubifs_info *c = dir->i_sb->s_fs_info;
745 struct inode *inode = d_inode(dentry); 908 struct inode *inode = d_inode(dentry);
746 int sz_change = CALC_DENT_SIZE(dentry->d_name.len); 909 int err, sz_change, budgeted = 1;
747 int err, budgeted = 1;
748 struct ubifs_inode *dir_ui = ubifs_inode(dir); 910 struct ubifs_inode *dir_ui = ubifs_inode(dir);
749 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 911 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
912 struct fscrypt_name nm;
750 913
751 /* 914 /*
752 * Budget request settings: deletion direntry, deletion inode and 915 * Budget request settings: deletion direntry, deletion inode and
@@ -758,14 +921,26 @@ static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
758 inode->i_ino, dir->i_ino); 921 inode->i_ino, dir->i_ino);
759 ubifs_assert(inode_is_locked(dir)); 922 ubifs_assert(inode_is_locked(dir));
760 ubifs_assert(inode_is_locked(inode)); 923 ubifs_assert(inode_is_locked(inode));
761 err = check_dir_empty(c, d_inode(dentry)); 924 err = ubifs_check_dir_empty(d_inode(dentry));
762 if (err) 925 if (err)
763 return err; 926 return err;
764 927
928 if (ubifs_crypt_is_encrypted(dir)) {
929 err = fscrypt_get_encryption_info(dir);
930 if (err && err != -ENOKEY)
931 return err;
932 }
933
934 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
935 if (err)
936 return err;
937
938 sz_change = CALC_DENT_SIZE(fname_len(&nm));
939
765 err = ubifs_budget_space(c, &req); 940 err = ubifs_budget_space(c, &req);
766 if (err) { 941 if (err) {
767 if (err != -ENOSPC) 942 if (err != -ENOSPC)
768 return err; 943 goto out_fname;
769 budgeted = 0; 944 budgeted = 0;
770 } 945 }
771 946
@@ -776,7 +951,7 @@ static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
776 dir->i_size -= sz_change; 951 dir->i_size -= sz_change;
777 dir_ui->ui_size = dir->i_size; 952 dir_ui->ui_size = dir->i_size;
778 dir->i_mtime = dir->i_ctime = inode->i_ctime; 953 dir->i_mtime = dir->i_ctime = inode->i_ctime;
779 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 1, 0); 954 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
780 if (err) 955 if (err)
781 goto out_cancel; 956 goto out_cancel;
782 unlock_2_inodes(dir, inode); 957 unlock_2_inodes(dir, inode);
@@ -788,6 +963,7 @@ static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
788 c->bi.nospace = c->bi.nospace_rp = 0; 963 c->bi.nospace = c->bi.nospace_rp = 0;
789 smp_wmb(); 964 smp_wmb();
790 } 965 }
966 fscrypt_free_filename(&nm);
791 return 0; 967 return 0;
792 968
793out_cancel: 969out_cancel:
@@ -798,6 +974,8 @@ out_cancel:
798 unlock_2_inodes(dir, inode); 974 unlock_2_inodes(dir, inode);
799 if (budgeted) 975 if (budgeted)
800 ubifs_release_budget(c, &req); 976 ubifs_release_budget(c, &req);
977out_fname:
978 fscrypt_free_filename(&nm);
801 return err; 979 return err;
802} 980}
803 981
@@ -806,8 +984,9 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
806 struct inode *inode; 984 struct inode *inode;
807 struct ubifs_inode *dir_ui = ubifs_inode(dir); 985 struct ubifs_inode *dir_ui = ubifs_inode(dir);
808 struct ubifs_info *c = dir->i_sb->s_fs_info; 986 struct ubifs_info *c = dir->i_sb->s_fs_info;
809 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len); 987 int err, sz_change;
810 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 }; 988 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 };
989 struct fscrypt_name nm;
811 990
812 /* 991 /*
813 * Budget request settings: new inode, new direntry and changing parent 992 * Budget request settings: new inode, new direntry and changing parent
@@ -821,10 +1000,27 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
821 if (err) 1000 if (err)
822 return err; 1001 return err;
823 1002
1003 if (ubifs_crypt_is_encrypted(dir)) {
1004 err = fscrypt_get_encryption_info(dir);
1005 if (err)
1006 goto out_budg;
1007
1008 if (!fscrypt_has_encryption_key(dir)) {
1009 err = -EPERM;
1010 goto out_budg;
1011 }
1012 }
1013
1014 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1015 if (err)
1016 goto out_budg;
1017
1018 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1019
824 inode = ubifs_new_inode(c, dir, S_IFDIR | mode); 1020 inode = ubifs_new_inode(c, dir, S_IFDIR | mode);
825 if (IS_ERR(inode)) { 1021 if (IS_ERR(inode)) {
826 err = PTR_ERR(inode); 1022 err = PTR_ERR(inode);
827 goto out_budg; 1023 goto out_fname;
828 } 1024 }
829 1025
830 err = ubifs_init_security(dir, inode, &dentry->d_name); 1026 err = ubifs_init_security(dir, inode, &dentry->d_name);
@@ -838,7 +1034,7 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
838 dir->i_size += sz_change; 1034 dir->i_size += sz_change;
839 dir_ui->ui_size = dir->i_size; 1035 dir_ui->ui_size = dir->i_size;
840 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1036 dir->i_mtime = dir->i_ctime = inode->i_ctime;
841 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0); 1037 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
842 if (err) { 1038 if (err) {
843 ubifs_err(c, "cannot create directory, error %d", err); 1039 ubifs_err(c, "cannot create directory, error %d", err);
844 goto out_cancel; 1040 goto out_cancel;
@@ -847,6 +1043,7 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
847 1043
848 ubifs_release_budget(c, &req); 1044 ubifs_release_budget(c, &req);
849 d_instantiate(dentry, inode); 1045 d_instantiate(dentry, inode);
1046 fscrypt_free_filename(&nm);
850 return 0; 1047 return 0;
851 1048
852out_cancel: 1049out_cancel:
@@ -857,6 +1054,8 @@ out_cancel:
857out_inode: 1054out_inode:
858 make_bad_inode(inode); 1055 make_bad_inode(inode);
859 iput(inode); 1056 iput(inode);
1057out_fname:
1058 fscrypt_free_filename(&nm);
860out_budg: 1059out_budg:
861 ubifs_release_budget(c, &req); 1060 ubifs_release_budget(c, &req);
862 return err; 1061 return err;
@@ -870,11 +1069,12 @@ static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
870 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1069 struct ubifs_inode *dir_ui = ubifs_inode(dir);
871 struct ubifs_info *c = dir->i_sb->s_fs_info; 1070 struct ubifs_info *c = dir->i_sb->s_fs_info;
872 union ubifs_dev_desc *dev = NULL; 1071 union ubifs_dev_desc *dev = NULL;
873 int sz_change = CALC_DENT_SIZE(dentry->d_name.len); 1072 int sz_change;
874 int err, devlen = 0; 1073 int err, devlen = 0;
875 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1074 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
876 .new_ino_d = ALIGN(devlen, 8), 1075 .new_ino_d = ALIGN(devlen, 8),
877 .dirtied_ino = 1 }; 1076 .dirtied_ino = 1 };
1077 struct fscrypt_name nm;
878 1078
879 /* 1079 /*
880 * Budget request settings: new inode, new direntry and changing parent 1080 * Budget request settings: new inode, new direntry and changing parent
@@ -896,11 +1096,28 @@ static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
896 return err; 1096 return err;
897 } 1097 }
898 1098
1099 if (ubifs_crypt_is_encrypted(dir)) {
1100 err = fscrypt_get_encryption_info(dir);
1101 if (err)
1102 goto out_budg;
1103
1104 if (!fscrypt_has_encryption_key(dir)) {
1105 err = -EPERM;
1106 goto out_budg;
1107 }
1108 }
1109
1110 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1111 if (err)
1112 goto out_budg;
1113
1114 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1115
899 inode = ubifs_new_inode(c, dir, mode); 1116 inode = ubifs_new_inode(c, dir, mode);
900 if (IS_ERR(inode)) { 1117 if (IS_ERR(inode)) {
901 kfree(dev); 1118 kfree(dev);
902 err = PTR_ERR(inode); 1119 err = PTR_ERR(inode);
903 goto out_budg; 1120 goto out_fname;
904 } 1121 }
905 1122
906 init_special_inode(inode, inode->i_mode, rdev); 1123 init_special_inode(inode, inode->i_mode, rdev);
@@ -917,7 +1134,7 @@ static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
917 dir->i_size += sz_change; 1134 dir->i_size += sz_change;
918 dir_ui->ui_size = dir->i_size; 1135 dir_ui->ui_size = dir->i_size;
919 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1136 dir->i_mtime = dir->i_ctime = inode->i_ctime;
920 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0); 1137 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
921 if (err) 1138 if (err)
922 goto out_cancel; 1139 goto out_cancel;
923 mutex_unlock(&dir_ui->ui_mutex); 1140 mutex_unlock(&dir_ui->ui_mutex);
@@ -925,6 +1142,7 @@ static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
925 ubifs_release_budget(c, &req); 1142 ubifs_release_budget(c, &req);
926 insert_inode_hash(inode); 1143 insert_inode_hash(inode);
927 d_instantiate(dentry, inode); 1144 d_instantiate(dentry, inode);
1145 fscrypt_free_filename(&nm);
928 return 0; 1146 return 0;
929 1147
930out_cancel: 1148out_cancel:
@@ -934,6 +1152,8 @@ out_cancel:
934out_inode: 1152out_inode:
935 make_bad_inode(inode); 1153 make_bad_inode(inode);
936 iput(inode); 1154 iput(inode);
1155out_fname:
1156 fscrypt_free_filename(&nm);
937out_budg: 1157out_budg:
938 ubifs_release_budget(c, &req); 1158 ubifs_release_budget(c, &req);
939 return err; 1159 return err;
@@ -947,10 +1167,27 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
947 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1167 struct ubifs_inode *dir_ui = ubifs_inode(dir);
948 struct ubifs_info *c = dir->i_sb->s_fs_info; 1168 struct ubifs_info *c = dir->i_sb->s_fs_info;
949 int err, len = strlen(symname); 1169 int err, len = strlen(symname);
950 int sz_change = CALC_DENT_SIZE(dentry->d_name.len); 1170 int sz_change = CALC_DENT_SIZE(len);
1171 struct fscrypt_str disk_link = FSTR_INIT((char *)symname, len + 1);
1172 struct fscrypt_symlink_data *sd = NULL;
951 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1173 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
952 .new_ino_d = ALIGN(len, 8), 1174 .new_ino_d = ALIGN(len, 8),
953 .dirtied_ino = 1 }; 1175 .dirtied_ino = 1 };
1176 struct fscrypt_name nm;
1177
1178 if (ubifs_crypt_is_encrypted(dir)) {
1179 err = fscrypt_get_encryption_info(dir);
1180 if (err)
1181 goto out_budg;
1182
1183 if (!fscrypt_has_encryption_key(dir)) {
1184 err = -EPERM;
1185 goto out_budg;
1186 }
1187
1188 disk_link.len = (fscrypt_fname_encrypted_size(dir, len) +
1189 sizeof(struct fscrypt_symlink_data));
1190 }
954 1191
955 /* 1192 /*
956 * Budget request settings: new inode, new direntry and changing parent 1193 * Budget request settings: new inode, new direntry and changing parent
@@ -960,36 +1197,77 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
960 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry, 1197 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry,
961 symname, dir->i_ino); 1198 symname, dir->i_ino);
962 1199
963 if (len > UBIFS_MAX_INO_DATA) 1200 if (disk_link.len > UBIFS_MAX_INO_DATA)
964 return -ENAMETOOLONG; 1201 return -ENAMETOOLONG;
965 1202
966 err = ubifs_budget_space(c, &req); 1203 err = ubifs_budget_space(c, &req);
967 if (err) 1204 if (err)
968 return err; 1205 return err;
969 1206
1207 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1208 if (err)
1209 goto out_budg;
1210
970 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO); 1211 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO);
971 if (IS_ERR(inode)) { 1212 if (IS_ERR(inode)) {
972 err = PTR_ERR(inode); 1213 err = PTR_ERR(inode);
973 goto out_budg; 1214 goto out_fname;
974 } 1215 }
975 1216
976 ui = ubifs_inode(inode); 1217 ui = ubifs_inode(inode);
977 ui->data = kmalloc(len + 1, GFP_NOFS); 1218 ui->data = kmalloc(disk_link.len, GFP_NOFS);
978 if (!ui->data) { 1219 if (!ui->data) {
979 err = -ENOMEM; 1220 err = -ENOMEM;
980 goto out_inode; 1221 goto out_inode;
981 } 1222 }
982 1223
983 memcpy(ui->data, symname, len); 1224 if (ubifs_crypt_is_encrypted(dir)) {
984 ((char *)ui->data)[len] = '\0'; 1225 struct qstr istr = QSTR_INIT(symname, len);
985 inode->i_link = ui->data; 1226 struct fscrypt_str ostr;
1227
1228 sd = kzalloc(disk_link.len, GFP_NOFS);
1229 if (!sd) {
1230 err = -ENOMEM;
1231 goto out_inode;
1232 }
1233
1234 err = fscrypt_get_encryption_info(inode);
1235 if (err) {
1236 kfree(sd);
1237 goto out_inode;
1238 }
1239
1240 if (!fscrypt_has_encryption_key(inode)) {
1241 kfree(sd);
1242 err = -EPERM;
1243 goto out_inode;
1244 }
1245
1246 ostr.name = sd->encrypted_path;
1247 ostr.len = disk_link.len;
1248
1249 err = fscrypt_fname_usr_to_disk(inode, &istr, &ostr);
1250 if (err) {
1251 kfree(sd);
1252 goto out_inode;
1253 }
1254
1255 sd->len = cpu_to_le16(ostr.len);
1256 disk_link.name = (char *)sd;
1257 } else {
1258 inode->i_link = ui->data;
1259 }
1260
1261 memcpy(ui->data, disk_link.name, disk_link.len);
1262 ((char *)ui->data)[disk_link.len - 1] = '\0';
1263
986 /* 1264 /*
987 * The terminating zero byte is not written to the flash media and it 1265 * The terminating zero byte is not written to the flash media and it
988 * is put just to make later in-memory string processing simpler. Thus, 1266 * is put just to make later in-memory string processing simpler. Thus,
989 * data length is @len, not @len + %1. 1267 * data length is @len, not @len + %1.
990 */ 1268 */
991 ui->data_len = len; 1269 ui->data_len = disk_link.len - 1;
992 inode->i_size = ubifs_inode(inode)->ui_size = len; 1270 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1;
993 1271
994 err = ubifs_init_security(dir, inode, &dentry->d_name); 1272 err = ubifs_init_security(dir, inode, &dentry->d_name);
995 if (err) 1273 if (err)
@@ -999,7 +1277,7 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
999 dir->i_size += sz_change; 1277 dir->i_size += sz_change;
1000 dir_ui->ui_size = dir->i_size; 1278 dir_ui->ui_size = dir->i_size;
1001 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1279 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1002 err = ubifs_jnl_update(c, dir, &dentry->d_name, inode, 0, 0); 1280 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1003 if (err) 1281 if (err)
1004 goto out_cancel; 1282 goto out_cancel;
1005 mutex_unlock(&dir_ui->ui_mutex); 1283 mutex_unlock(&dir_ui->ui_mutex);
@@ -1007,6 +1285,7 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
1007 ubifs_release_budget(c, &req); 1285 ubifs_release_budget(c, &req);
1008 insert_inode_hash(inode); 1286 insert_inode_hash(inode);
1009 d_instantiate(dentry, inode); 1287 d_instantiate(dentry, inode);
1288 fscrypt_free_filename(&nm);
1010 return 0; 1289 return 0;
1011 1290
1012out_cancel: 1291out_cancel:
@@ -1016,6 +1295,8 @@ out_cancel:
1016out_inode: 1295out_inode:
1017 make_bad_inode(inode); 1296 make_bad_inode(inode);
1018 iput(inode); 1297 iput(inode);
1298out_fname:
1299 fscrypt_free_filename(&nm);
1019out_budg: 1300out_budg:
1020 ubifs_release_budget(c, &req); 1301 ubifs_release_budget(c, &req);
1021 return err; 1302 return err;
@@ -1078,15 +1359,14 @@ static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1078 struct ubifs_inode *whiteout_ui = NULL; 1359 struct ubifs_inode *whiteout_ui = NULL;
1079 int err, release, sync = 0, move = (new_dir != old_dir); 1360 int err, release, sync = 0, move = (new_dir != old_dir);
1080 int is_dir = S_ISDIR(old_inode->i_mode); 1361 int is_dir = S_ISDIR(old_inode->i_mode);
1081 int unlink = !!new_inode; 1362 int unlink = !!new_inode, new_sz, old_sz;
1082 int new_sz = CALC_DENT_SIZE(new_dentry->d_name.len);
1083 int old_sz = CALC_DENT_SIZE(old_dentry->d_name.len);
1084 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1363 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1085 .dirtied_ino = 3 }; 1364 .dirtied_ino = 3 };
1086 struct ubifs_budget_req ino_req = { .dirtied_ino = 1, 1365 struct ubifs_budget_req ino_req = { .dirtied_ino = 1,
1087 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) }; 1366 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) };
1088 struct timespec time; 1367 struct timespec time;
1089 unsigned int uninitialized_var(saved_nlink); 1368 unsigned int uninitialized_var(saved_nlink);
1369 struct fscrypt_name old_nm, new_nm;
1090 1370
1091 if (flags & ~RENAME_NOREPLACE) 1371 if (flags & ~RENAME_NOREPLACE)
1092 return -EINVAL; 1372 return -EINVAL;
@@ -1107,17 +1387,41 @@ static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1107 if (unlink) 1387 if (unlink)
1108 ubifs_assert(inode_is_locked(new_inode)); 1388 ubifs_assert(inode_is_locked(new_inode));
1109 1389
1390 if (old_dir != new_dir) {
1391 if (ubifs_crypt_is_encrypted(new_dir) &&
1392 !fscrypt_has_permitted_context(new_dir, old_inode))
1393 return -EPERM;
1394 }
1395
1110 if (unlink && is_dir) { 1396 if (unlink && is_dir) {
1111 err = check_dir_empty(c, new_inode); 1397 err = ubifs_check_dir_empty(new_inode);
1112 if (err) 1398 if (err)
1113 return err; 1399 return err;
1114 } 1400 }
1115 1401
1116 err = ubifs_budget_space(c, &req); 1402 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm);
1117 if (err) 1403 if (err)
1118 return err; 1404 return err;
1405
1406 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm);
1407 if (err) {
1408 fscrypt_free_filename(&old_nm);
1409 return err;
1410 }
1411
1412 new_sz = CALC_DENT_SIZE(fname_len(&new_nm));
1413 old_sz = CALC_DENT_SIZE(fname_len(&old_nm));
1414
1415 err = ubifs_budget_space(c, &req);
1416 if (err) {
1417 fscrypt_free_filename(&old_nm);
1418 fscrypt_free_filename(&new_nm);
1419 return err;
1420 }
1119 err = ubifs_budget_space(c, &ino_req); 1421 err = ubifs_budget_space(c, &ino_req);
1120 if (err) { 1422 if (err) {
1423 fscrypt_free_filename(&old_nm);
1424 fscrypt_free_filename(&new_nm);
1121 ubifs_release_budget(c, &req); 1425 ubifs_release_budget(c, &req);
1122 return err; 1426 return err;
1123 } 1427 }
@@ -1239,8 +1543,8 @@ static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1239 iput(whiteout); 1543 iput(whiteout);
1240 } 1544 }
1241 1545
1242 err = ubifs_jnl_rename(c, old_dir, old_dentry, new_dir, new_dentry, whiteout, 1546 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir,
1243 sync); 1547 new_inode, &new_nm, whiteout, sync);
1244 if (err) 1548 if (err)
1245 goto out_cancel; 1549 goto out_cancel;
1246 1550
@@ -1256,6 +1560,9 @@ static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1256 ubifs_release_budget(c, &ino_req); 1560 ubifs_release_budget(c, &ino_req);
1257 if (IS_SYNC(old_inode)) 1561 if (IS_SYNC(old_inode))
1258 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL); 1562 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL);
1563
1564 fscrypt_free_filename(&old_nm);
1565 fscrypt_free_filename(&new_nm);
1259 return err; 1566 return err;
1260 1567
1261out_cancel: 1568out_cancel:
@@ -1284,6 +1591,8 @@ out_cancel:
1284 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1591 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1285 ubifs_release_budget(c, &ino_req); 1592 ubifs_release_budget(c, &ino_req);
1286 ubifs_release_budget(c, &req); 1593 ubifs_release_budget(c, &req);
1594 fscrypt_free_filename(&old_nm);
1595 fscrypt_free_filename(&new_nm);
1287 return err; 1596 return err;
1288} 1597}
1289 1598
@@ -1298,9 +1607,27 @@ static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry,
1298 struct inode *snd_inode = d_inode(new_dentry); 1607 struct inode *snd_inode = d_inode(new_dentry);
1299 struct timespec time; 1608 struct timespec time;
1300 int err; 1609 int err;
1610 struct fscrypt_name fst_nm, snd_nm;
1301 1611
1302 ubifs_assert(fst_inode && snd_inode); 1612 ubifs_assert(fst_inode && snd_inode);
1303 1613
1614 if ((ubifs_crypt_is_encrypted(old_dir) ||
1615 ubifs_crypt_is_encrypted(new_dir)) &&
1616 (old_dir != new_dir) &&
1617 (!fscrypt_has_permitted_context(new_dir, fst_inode) ||
1618 !fscrypt_has_permitted_context(old_dir, snd_inode)))
1619 return -EPERM;
1620
1621 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm);
1622 if (err)
1623 return err;
1624
1625 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm);
1626 if (err) {
1627 fscrypt_free_filename(&fst_nm);
1628 return err;
1629 }
1630
1304 lock_4_inodes(old_dir, new_dir, NULL, NULL); 1631 lock_4_inodes(old_dir, new_dir, NULL, NULL);
1305 1632
1306 time = ubifs_current_time(old_dir); 1633 time = ubifs_current_time(old_dir);
@@ -1320,12 +1647,14 @@ static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry,
1320 } 1647 }
1321 } 1648 }
1322 1649
1323 err = ubifs_jnl_xrename(c, old_dir, old_dentry, new_dir, new_dentry, 1650 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir,
1324 sync); 1651 snd_inode, &snd_nm, sync);
1325 1652
1326 unlock_4_inodes(old_dir, new_dir, NULL, NULL); 1653 unlock_4_inodes(old_dir, new_dir, NULL, NULL);
1327 ubifs_release_budget(c, &req); 1654 ubifs_release_budget(c, &req);
1328 1655
1656 fscrypt_free_filename(&fst_nm);
1657 fscrypt_free_filename(&snd_nm);
1329 return err; 1658 return err;
1330} 1659}
1331 1660
@@ -1384,6 +1713,14 @@ int ubifs_getattr(struct vfsmount *mnt, struct dentry *dentry,
1384 return 0; 1713 return 0;
1385} 1714}
1386 1715
1716static int ubifs_dir_open(struct inode *dir, struct file *file)
1717{
1718 if (ubifs_crypt_is_encrypted(dir))
1719 return fscrypt_get_encryption_info(dir) ? -EACCES : 0;
1720
1721 return 0;
1722}
1723
1387const struct inode_operations ubifs_dir_inode_operations = { 1724const struct inode_operations ubifs_dir_inode_operations = {
1388 .lookup = ubifs_lookup, 1725 .lookup = ubifs_lookup,
1389 .create = ubifs_create, 1726 .create = ubifs_create,
@@ -1410,6 +1747,7 @@ const struct file_operations ubifs_dir_operations = {
1410 .iterate_shared = ubifs_readdir, 1747 .iterate_shared = ubifs_readdir,
1411 .fsync = ubifs_fsync, 1748 .fsync = ubifs_fsync,
1412 .unlocked_ioctl = ubifs_ioctl, 1749 .unlocked_ioctl = ubifs_ioctl,
1750 .open = ubifs_dir_open,
1413#ifdef CONFIG_COMPAT 1751#ifdef CONFIG_COMPAT
1414 .compat_ioctl = ubifs_compat_ioctl, 1752 .compat_ioctl = ubifs_compat_ioctl,
1415#endif 1753#endif
diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c
index b4fbeefba246..aa0625f4f642 100644
--- a/fs/ubifs/file.c
+++ b/fs/ubifs/file.c
@@ -78,6 +78,13 @@ static int read_block(struct inode *inode, void *addr, unsigned int block,
78 goto dump; 78 goto dump;
79 79
80 dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ; 80 dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ;
81
82 if (ubifs_crypt_is_encrypted(inode)) {
83 err = ubifs_decrypt(inode, dn, &dlen, block);
84 if (err)
85 goto dump;
86 }
87
81 out_len = UBIFS_BLOCK_SIZE; 88 out_len = UBIFS_BLOCK_SIZE;
82 err = ubifs_decompress(c, &dn->data, dlen, addr, &out_len, 89 err = ubifs_decompress(c, &dn->data, dlen, addr, &out_len,
83 le16_to_cpu(dn->compr_type)); 90 le16_to_cpu(dn->compr_type));
@@ -650,6 +657,13 @@ static int populate_page(struct ubifs_info *c, struct page *page,
650 657
651 dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ; 658 dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ;
652 out_len = UBIFS_BLOCK_SIZE; 659 out_len = UBIFS_BLOCK_SIZE;
660
661 if (ubifs_crypt_is_encrypted(inode)) {
662 err = ubifs_decrypt(inode, dn, &dlen, page_block);
663 if (err)
664 goto out_err;
665 }
666
653 err = ubifs_decompress(c, &dn->data, dlen, addr, &out_len, 667 err = ubifs_decompress(c, &dn->data, dlen, addr, &out_len,
654 le16_to_cpu(dn->compr_type)); 668 le16_to_cpu(dn->compr_type));
655 if (err || len != out_len) 669 if (err || len != out_len)
@@ -1594,6 +1608,15 @@ static const struct vm_operations_struct ubifs_file_vm_ops = {
1594static int ubifs_file_mmap(struct file *file, struct vm_area_struct *vma) 1608static int ubifs_file_mmap(struct file *file, struct vm_area_struct *vma)
1595{ 1609{
1596 int err; 1610 int err;
1611 struct inode *inode = file->f_mapping->host;
1612
1613 if (ubifs_crypt_is_encrypted(inode)) {
1614 err = fscrypt_get_encryption_info(inode);
1615 if (err)
1616 return -EACCES;
1617 if (!fscrypt_has_encryption_key(inode))
1618 return -ENOKEY;
1619 }
1597 1620
1598 err = generic_file_mmap(file, vma); 1621 err = generic_file_mmap(file, vma);
1599 if (err) 1622 if (err)
@@ -1605,6 +1628,88 @@ static int ubifs_file_mmap(struct file *file, struct vm_area_struct *vma)
1605 return 0; 1628 return 0;
1606} 1629}
1607 1630
1631static int ubifs_file_open(struct inode *inode, struct file *filp)
1632{
1633 int ret;
1634 struct dentry *dir;
1635 struct ubifs_info *c = inode->i_sb->s_fs_info;
1636
1637 if (ubifs_crypt_is_encrypted(inode)) {
1638 ret = fscrypt_get_encryption_info(inode);
1639 if (ret)
1640 return -EACCES;
1641 if (!fscrypt_has_encryption_key(inode))
1642 return -ENOKEY;
1643 }
1644
1645 dir = dget_parent(file_dentry(filp));
1646 if (ubifs_crypt_is_encrypted(d_inode(dir)) &&
1647 !fscrypt_has_permitted_context(d_inode(dir), inode)) {
1648 ubifs_err(c, "Inconsistent encryption contexts: %lu/%lu",
1649 (unsigned long) d_inode(dir)->i_ino,
1650 (unsigned long) inode->i_ino);
1651 dput(dir);
1652 ubifs_ro_mode(c, -EPERM);
1653 return -EPERM;
1654 }
1655 dput(dir);
1656
1657 return 0;
1658}
1659
1660static const char *ubifs_get_link(struct dentry *dentry,
1661 struct inode *inode,
1662 struct delayed_call *done)
1663{
1664 int err;
1665 struct fscrypt_symlink_data *sd;
1666 struct ubifs_inode *ui = ubifs_inode(inode);
1667 struct fscrypt_str cstr;
1668 struct fscrypt_str pstr;
1669
1670 if (!ubifs_crypt_is_encrypted(inode))
1671 return ui->data;
1672
1673 if (!dentry)
1674 return ERR_PTR(-ECHILD);
1675
1676 err = fscrypt_get_encryption_info(inode);
1677 if (err)
1678 return ERR_PTR(err);
1679
1680 sd = (struct fscrypt_symlink_data *)ui->data;
1681 cstr.name = sd->encrypted_path;
1682 cstr.len = le16_to_cpu(sd->len);
1683
1684 if (cstr.len == 0)
1685 return ERR_PTR(-ENOENT);
1686
1687 if ((cstr.len + sizeof(struct fscrypt_symlink_data) - 1) > ui->data_len)
1688 return ERR_PTR(-EIO);
1689
1690 err = fscrypt_fname_alloc_buffer(inode, cstr.len, &pstr);
1691 if (err)
1692 return ERR_PTR(err);
1693
1694 err = fscrypt_fname_disk_to_usr(inode, 0, 0, &cstr, &pstr);
1695 if (err) {
1696 fscrypt_fname_free_buffer(&pstr);
1697 return ERR_PTR(err);
1698 }
1699
1700 pstr.name[pstr.len] = '\0';
1701
1702 // XXX this probably won't happen anymore...
1703 if (pstr.name[0] == '\0') {
1704 fscrypt_fname_free_buffer(&pstr);
1705 return ERR_PTR(-ENOENT);
1706 }
1707
1708 set_delayed_call(done, kfree_link, pstr.name);
1709 return pstr.name;
1710}
1711
1712
1608const struct address_space_operations ubifs_file_address_operations = { 1713const struct address_space_operations ubifs_file_address_operations = {
1609 .readpage = ubifs_readpage, 1714 .readpage = ubifs_readpage,
1610 .writepage = ubifs_writepage, 1715 .writepage = ubifs_writepage,
@@ -1629,7 +1734,7 @@ const struct inode_operations ubifs_file_inode_operations = {
1629 1734
1630const struct inode_operations ubifs_symlink_inode_operations = { 1735const struct inode_operations ubifs_symlink_inode_operations = {
1631 .readlink = generic_readlink, 1736 .readlink = generic_readlink,
1632 .get_link = simple_get_link, 1737 .get_link = ubifs_get_link,
1633 .setattr = ubifs_setattr, 1738 .setattr = ubifs_setattr,
1634 .getattr = ubifs_getattr, 1739 .getattr = ubifs_getattr,
1635 .listxattr = ubifs_listxattr, 1740 .listxattr = ubifs_listxattr,
@@ -1647,6 +1752,7 @@ const struct file_operations ubifs_file_operations = {
1647 .unlocked_ioctl = ubifs_ioctl, 1752 .unlocked_ioctl = ubifs_ioctl,
1648 .splice_read = generic_file_splice_read, 1753 .splice_read = generic_file_splice_read,
1649 .splice_write = iter_file_splice_write, 1754 .splice_write = iter_file_splice_write,
1755 .open = ubifs_file_open,
1650#ifdef CONFIG_COMPAT 1756#ifdef CONFIG_COMPAT
1651 .compat_ioctl = ubifs_compat_ioctl, 1757 .compat_ioctl = ubifs_compat_ioctl,
1652#endif 1758#endif
diff --git a/fs/ubifs/gc.c b/fs/ubifs/gc.c
index e845c64b6ce1..7b35e3d6cde7 100644
--- a/fs/ubifs/gc.c
+++ b/fs/ubifs/gc.c
@@ -846,10 +846,6 @@ int ubifs_gc_start_commit(struct ubifs_info *c)
846 */ 846 */
847 while (1) { 847 while (1) {
848 lp = ubifs_fast_find_freeable(c); 848 lp = ubifs_fast_find_freeable(c);
849 if (IS_ERR(lp)) {
850 err = PTR_ERR(lp);
851 goto out;
852 }
853 if (!lp) 849 if (!lp)
854 break; 850 break;
855 ubifs_assert(!(lp->flags & LPROPS_TAKEN)); 851 ubifs_assert(!(lp->flags & LPROPS_TAKEN));
diff --git a/fs/ubifs/io.c b/fs/ubifs/io.c
index 97be41215332..3be28900bf37 100644
--- a/fs/ubifs/io.c
+++ b/fs/ubifs/io.c
@@ -452,16 +452,22 @@ static enum hrtimer_restart wbuf_timer_callback_nolock(struct hrtimer *timer)
452 */ 452 */
453static void new_wbuf_timer_nolock(struct ubifs_wbuf *wbuf) 453static void new_wbuf_timer_nolock(struct ubifs_wbuf *wbuf)
454{ 454{
455 ktime_t softlimit = ms_to_ktime(dirty_writeback_interval * 10);
456 unsigned long long delta = dirty_writeback_interval;
457
458 /* centi to milli, milli to nano, then 10% */
459 delta *= 10ULL * NSEC_PER_MSEC / 10ULL;
460
455 ubifs_assert(!hrtimer_active(&wbuf->timer)); 461 ubifs_assert(!hrtimer_active(&wbuf->timer));
462 ubifs_assert(delta <= ULONG_MAX);
456 463
457 if (wbuf->no_timer) 464 if (wbuf->no_timer)
458 return; 465 return;
459 dbg_io("set timer for jhead %s, %llu-%llu millisecs", 466 dbg_io("set timer for jhead %s, %llu-%llu millisecs",
460 dbg_jhead(wbuf->jhead), 467 dbg_jhead(wbuf->jhead),
461 div_u64(ktime_to_ns(wbuf->softlimit), USEC_PER_SEC), 468 div_u64(ktime_to_ns(softlimit), USEC_PER_SEC),
462 div_u64(ktime_to_ns(wbuf->softlimit) + wbuf->delta, 469 div_u64(ktime_to_ns(softlimit) + delta, USEC_PER_SEC));
463 USEC_PER_SEC)); 470 hrtimer_start_range_ns(&wbuf->timer, softlimit, delta,
464 hrtimer_start_range_ns(&wbuf->timer, wbuf->softlimit, wbuf->delta,
465 HRTIMER_MODE_REL); 471 HRTIMER_MODE_REL);
466} 472}
467 473
@@ -1059,10 +1065,6 @@ int ubifs_wbuf_init(struct ubifs_info *c, struct ubifs_wbuf *wbuf)
1059 1065
1060 hrtimer_init(&wbuf->timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); 1066 hrtimer_init(&wbuf->timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
1061 wbuf->timer.function = wbuf_timer_callback_nolock; 1067 wbuf->timer.function = wbuf_timer_callback_nolock;
1062 wbuf->softlimit = ktime_set(WBUF_TIMEOUT_SOFTLIMIT, 0);
1063 wbuf->delta = WBUF_TIMEOUT_HARDLIMIT - WBUF_TIMEOUT_SOFTLIMIT;
1064 wbuf->delta *= 1000000000ULL;
1065 ubifs_assert(wbuf->delta <= ULONG_MAX);
1066 return 0; 1068 return 0;
1067} 1069}
1068 1070
diff --git a/fs/ubifs/ioctl.c b/fs/ubifs/ioctl.c
index 3c7b29de0ca7..78d713644df3 100644
--- a/fs/ubifs/ioctl.c
+++ b/fs/ubifs/ioctl.c
@@ -181,6 +181,26 @@ long ubifs_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
181 mnt_drop_write_file(file); 181 mnt_drop_write_file(file);
182 return err; 182 return err;
183 } 183 }
184 case FS_IOC_SET_ENCRYPTION_POLICY: {
185#ifdef CONFIG_UBIFS_FS_ENCRYPTION
186 struct ubifs_info *c = inode->i_sb->s_fs_info;
187
188 err = ubifs_enable_encryption(c);
189 if (err)
190 return err;
191
192 return fscrypt_ioctl_set_policy(file, (const void __user *)arg);
193#else
194 return -EOPNOTSUPP;
195#endif
196 }
197 case FS_IOC_GET_ENCRYPTION_POLICY: {
198#ifdef CONFIG_UBIFS_FS_ENCRYPTION
199 return fscrypt_ioctl_get_policy(file, (void __user *)arg);
200#else
201 return -EOPNOTSUPP;
202#endif
203 }
184 204
185 default: 205 default:
186 return -ENOTTY; 206 return -ENOTTY;
diff --git a/fs/ubifs/journal.c b/fs/ubifs/journal.c
index 91bc76dc559e..a459211a1c21 100644
--- a/fs/ubifs/journal.c
+++ b/fs/ubifs/journal.c
@@ -78,16 +78,6 @@ static inline void zero_ino_node_unused(struct ubifs_ino_node *ino)
78static inline void zero_dent_node_unused(struct ubifs_dent_node *dent) 78static inline void zero_dent_node_unused(struct ubifs_dent_node *dent)
79{ 79{
80 dent->padding1 = 0; 80 dent->padding1 = 0;
81 memset(dent->padding2, 0, 4);
82}
83
84/**
85 * zero_data_node_unused - zero out unused fields of an on-flash data node.
86 * @data: the data node to zero out
87 */
88static inline void zero_data_node_unused(struct ubifs_data_node *data)
89{
90 memset(data->padding, 0, 2);
91} 81}
92 82
93/** 83/**
@@ -511,6 +501,14 @@ static void mark_inode_clean(struct ubifs_info *c, struct ubifs_inode *ui)
511 ui->dirty = 0; 501 ui->dirty = 0;
512} 502}
513 503
504static void set_dent_cookie(struct ubifs_info *c, struct ubifs_dent_node *dent)
505{
506 if (c->double_hash)
507 dent->cookie = prandom_u32();
508 else
509 dent->cookie = 0;
510}
511
514/** 512/**
515 * ubifs_jnl_update - update inode. 513 * ubifs_jnl_update - update inode.
516 * @c: UBIFS file-system description object 514 * @c: UBIFS file-system description object
@@ -539,7 +537,7 @@ static void mark_inode_clean(struct ubifs_info *c, struct ubifs_inode *ui)
539 * success. In case of failure, a negative error code is returned. 537 * success. In case of failure, a negative error code is returned.
540 */ 538 */
541int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir, 539int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir,
542 const struct qstr *nm, const struct inode *inode, 540 const struct fscrypt_name *nm, const struct inode *inode,
543 int deletion, int xent) 541 int deletion, int xent)
544{ 542{
545 int err, dlen, ilen, len, lnum, ino_offs, dent_offs; 543 int err, dlen, ilen, len, lnum, ino_offs, dent_offs;
@@ -551,11 +549,11 @@ int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir,
551 struct ubifs_ino_node *ino; 549 struct ubifs_ino_node *ino;
552 union ubifs_key dent_key, ino_key; 550 union ubifs_key dent_key, ino_key;
553 551
554 dbg_jnl("ino %lu, dent '%.*s', data len %d in dir ino %lu", 552 //dbg_jnl("ino %lu, dent '%.*s', data len %d in dir ino %lu",
555 inode->i_ino, nm->len, nm->name, ui->data_len, dir->i_ino); 553 // inode->i_ino, nm->len, nm->name, ui->data_len, dir->i_ino);
556 ubifs_assert(mutex_is_locked(&host_ui->ui_mutex)); 554 ubifs_assert(mutex_is_locked(&host_ui->ui_mutex));
557 555
558 dlen = UBIFS_DENT_NODE_SZ + nm->len + 1; 556 dlen = UBIFS_DENT_NODE_SZ + fname_len(nm) + 1;
559 ilen = UBIFS_INO_NODE_SZ; 557 ilen = UBIFS_INO_NODE_SZ;
560 558
561 /* 559 /*
@@ -596,9 +594,11 @@ int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir,
596 key_write(c, &dent_key, dent->key); 594 key_write(c, &dent_key, dent->key);
597 dent->inum = deletion ? 0 : cpu_to_le64(inode->i_ino); 595 dent->inum = deletion ? 0 : cpu_to_le64(inode->i_ino);
598 dent->type = get_dent_type(inode->i_mode); 596 dent->type = get_dent_type(inode->i_mode);
599 dent->nlen = cpu_to_le16(nm->len); 597 dent->nlen = cpu_to_le16(fname_len(nm));
600 memcpy(dent->name, nm->name, nm->len); 598 memcpy(dent->name, fname_name(nm), fname_len(nm));
601 dent->name[nm->len] = '\0'; 599 dent->name[fname_len(nm)] = '\0';
600 set_dent_cookie(c, dent);
601
602 zero_dent_node_unused(dent); 602 zero_dent_node_unused(dent);
603 ubifs_prep_grp_node(c, dent, dlen, 0); 603 ubifs_prep_grp_node(c, dent, dlen, 0);
604 604
@@ -697,14 +697,18 @@ int ubifs_jnl_write_data(struct ubifs_info *c, const struct inode *inode,
697 const union ubifs_key *key, const void *buf, int len) 697 const union ubifs_key *key, const void *buf, int len)
698{ 698{
699 struct ubifs_data_node *data; 699 struct ubifs_data_node *data;
700 int err, lnum, offs, compr_type, out_len; 700 int err, lnum, offs, compr_type, out_len, compr_len;
701 int dlen = COMPRESSED_DATA_NODE_BUF_SZ, allocated = 1; 701 int dlen = COMPRESSED_DATA_NODE_BUF_SZ, allocated = 1;
702 struct ubifs_inode *ui = ubifs_inode(inode); 702 struct ubifs_inode *ui = ubifs_inode(inode);
703 bool encrypted = ubifs_crypt_is_encrypted(inode);
703 704
704 dbg_jnlk(key, "ino %lu, blk %u, len %d, key ", 705 dbg_jnlk(key, "ino %lu, blk %u, len %d, key ",
705 (unsigned long)key_inum(c, key), key_block(c, key), len); 706 (unsigned long)key_inum(c, key), key_block(c, key), len);
706 ubifs_assert(len <= UBIFS_BLOCK_SIZE); 707 ubifs_assert(len <= UBIFS_BLOCK_SIZE);
707 708
709 if (encrypted)
710 dlen += UBIFS_CIPHER_BLOCK_SIZE;
711
708 data = kmalloc(dlen, GFP_NOFS | __GFP_NOWARN); 712 data = kmalloc(dlen, GFP_NOFS | __GFP_NOWARN);
709 if (!data) { 713 if (!data) {
710 /* 714 /*
@@ -722,7 +726,6 @@ int ubifs_jnl_write_data(struct ubifs_info *c, const struct inode *inode,
722 data->ch.node_type = UBIFS_DATA_NODE; 726 data->ch.node_type = UBIFS_DATA_NODE;
723 key_write(c, key, &data->key); 727 key_write(c, key, &data->key);
724 data->size = cpu_to_le32(len); 728 data->size = cpu_to_le32(len);
725 zero_data_node_unused(data);
726 729
727 if (!(ui->flags & UBIFS_COMPR_FL)) 730 if (!(ui->flags & UBIFS_COMPR_FL))
728 /* Compression is disabled for this inode */ 731 /* Compression is disabled for this inode */
@@ -730,9 +733,18 @@ int ubifs_jnl_write_data(struct ubifs_info *c, const struct inode *inode,
730 else 733 else
731 compr_type = ui->compr_type; 734 compr_type = ui->compr_type;
732 735
733 out_len = dlen - UBIFS_DATA_NODE_SZ; 736 out_len = compr_len = dlen - UBIFS_DATA_NODE_SZ;
734 ubifs_compress(c, buf, len, &data->data, &out_len, &compr_type); 737 ubifs_compress(c, buf, len, &data->data, &compr_len, &compr_type);
735 ubifs_assert(out_len <= UBIFS_BLOCK_SIZE); 738 ubifs_assert(compr_len <= UBIFS_BLOCK_SIZE);
739
740 if (encrypted) {
741 err = ubifs_encrypt(inode, data, compr_len, &out_len, key_block(c, key));
742 if (err)
743 goto out_free;
744
745 } else {
746 data->compr_size = 0;
747 }
736 748
737 dlen = UBIFS_DATA_NODE_SZ + out_len; 749 dlen = UBIFS_DATA_NODE_SZ + out_len;
738 data->compr_type = cpu_to_le16(compr_type); 750 data->compr_type = cpu_to_le16(compr_type);
@@ -911,9 +923,11 @@ int ubifs_jnl_delete_inode(struct ubifs_info *c, const struct inode *inode)
911 * ubifs_jnl_xrename - cross rename two directory entries. 923 * ubifs_jnl_xrename - cross rename two directory entries.
912 * @c: UBIFS file-system description object 924 * @c: UBIFS file-system description object
913 * @fst_dir: parent inode of 1st directory entry to exchange 925 * @fst_dir: parent inode of 1st directory entry to exchange
914 * @fst_dentry: 1st directory entry to exchange 926 * @fst_inode: 1st inode to exchange
927 * @fst_nm: name of 1st inode to exchange
915 * @snd_dir: parent inode of 2nd directory entry to exchange 928 * @snd_dir: parent inode of 2nd directory entry to exchange
916 * @snd_dentry: 2nd directory entry to exchange 929 * @snd_inode: 2nd inode to exchange
930 * @snd_nm: name of 2nd inode to exchange
917 * @sync: non-zero if the write-buffer has to be synchronized 931 * @sync: non-zero if the write-buffer has to be synchronized
918 * 932 *
919 * This function implements the cross rename operation which may involve 933 * This function implements the cross rename operation which may involve
@@ -922,29 +936,29 @@ int ubifs_jnl_delete_inode(struct ubifs_info *c, const struct inode *inode)
922 * returned. 936 * returned.
923 */ 937 */
924int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir, 938int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir,
925 const struct dentry *fst_dentry, 939 const struct inode *fst_inode,
940 const struct fscrypt_name *fst_nm,
926 const struct inode *snd_dir, 941 const struct inode *snd_dir,
927 const struct dentry *snd_dentry, int sync) 942 const struct inode *snd_inode,
943 const struct fscrypt_name *snd_nm, int sync)
928{ 944{
929 union ubifs_key key; 945 union ubifs_key key;
930 struct ubifs_dent_node *dent1, *dent2; 946 struct ubifs_dent_node *dent1, *dent2;
931 int err, dlen1, dlen2, lnum, offs, len, plen = UBIFS_INO_NODE_SZ; 947 int err, dlen1, dlen2, lnum, offs, len, plen = UBIFS_INO_NODE_SZ;
932 int aligned_dlen1, aligned_dlen2; 948 int aligned_dlen1, aligned_dlen2;
933 int twoparents = (fst_dir != snd_dir); 949 int twoparents = (fst_dir != snd_dir);
934 const struct inode *fst_inode = d_inode(fst_dentry);
935 const struct inode *snd_inode = d_inode(snd_dentry);
936 void *p; 950 void *p;
937 951
938 dbg_jnl("dent '%pd' in dir ino %lu between dent '%pd' in dir ino %lu", 952 //dbg_jnl("dent '%pd' in dir ino %lu between dent '%pd' in dir ino %lu",
939 fst_dentry, fst_dir->i_ino, snd_dentry, snd_dir->i_ino); 953 // fst_dentry, fst_dir->i_ino, snd_dentry, snd_dir->i_ino);
940 954
941 ubifs_assert(ubifs_inode(fst_dir)->data_len == 0); 955 ubifs_assert(ubifs_inode(fst_dir)->data_len == 0);
942 ubifs_assert(ubifs_inode(snd_dir)->data_len == 0); 956 ubifs_assert(ubifs_inode(snd_dir)->data_len == 0);
943 ubifs_assert(mutex_is_locked(&ubifs_inode(fst_dir)->ui_mutex)); 957 ubifs_assert(mutex_is_locked(&ubifs_inode(fst_dir)->ui_mutex));
944 ubifs_assert(mutex_is_locked(&ubifs_inode(snd_dir)->ui_mutex)); 958 ubifs_assert(mutex_is_locked(&ubifs_inode(snd_dir)->ui_mutex));
945 959
946 dlen1 = UBIFS_DENT_NODE_SZ + snd_dentry->d_name.len + 1; 960 dlen1 = UBIFS_DENT_NODE_SZ + fname_len(snd_nm) + 1;
947 dlen2 = UBIFS_DENT_NODE_SZ + fst_dentry->d_name.len + 1; 961 dlen2 = UBIFS_DENT_NODE_SZ + fname_len(fst_nm) + 1;
948 aligned_dlen1 = ALIGN(dlen1, 8); 962 aligned_dlen1 = ALIGN(dlen1, 8);
949 aligned_dlen2 = ALIGN(dlen2, 8); 963 aligned_dlen2 = ALIGN(dlen2, 8);
950 964
@@ -963,24 +977,24 @@ int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir,
963 977
964 /* Make new dent for 1st entry */ 978 /* Make new dent for 1st entry */
965 dent1->ch.node_type = UBIFS_DENT_NODE; 979 dent1->ch.node_type = UBIFS_DENT_NODE;
966 dent_key_init_flash(c, &dent1->key, snd_dir->i_ino, &snd_dentry->d_name); 980 dent_key_init_flash(c, &dent1->key, snd_dir->i_ino, snd_nm);
967 dent1->inum = cpu_to_le64(fst_inode->i_ino); 981 dent1->inum = cpu_to_le64(fst_inode->i_ino);
968 dent1->type = get_dent_type(fst_inode->i_mode); 982 dent1->type = get_dent_type(fst_inode->i_mode);
969 dent1->nlen = cpu_to_le16(snd_dentry->d_name.len); 983 dent1->nlen = cpu_to_le16(fname_len(snd_nm));
970 memcpy(dent1->name, snd_dentry->d_name.name, snd_dentry->d_name.len); 984 memcpy(dent1->name, fname_name(snd_nm), fname_len(snd_nm));
971 dent1->name[snd_dentry->d_name.len] = '\0'; 985 dent1->name[fname_len(snd_nm)] = '\0';
972 zero_dent_node_unused(dent1); 986 zero_dent_node_unused(dent1);
973 ubifs_prep_grp_node(c, dent1, dlen1, 0); 987 ubifs_prep_grp_node(c, dent1, dlen1, 0);
974 988
975 /* Make new dent for 2nd entry */ 989 /* Make new dent for 2nd entry */
976 dent2 = (void *)dent1 + aligned_dlen1; 990 dent2 = (void *)dent1 + aligned_dlen1;
977 dent2->ch.node_type = UBIFS_DENT_NODE; 991 dent2->ch.node_type = UBIFS_DENT_NODE;
978 dent_key_init_flash(c, &dent2->key, fst_dir->i_ino, &fst_dentry->d_name); 992 dent_key_init_flash(c, &dent2->key, fst_dir->i_ino, fst_nm);
979 dent2->inum = cpu_to_le64(snd_inode->i_ino); 993 dent2->inum = cpu_to_le64(snd_inode->i_ino);
980 dent2->type = get_dent_type(snd_inode->i_mode); 994 dent2->type = get_dent_type(snd_inode->i_mode);
981 dent2->nlen = cpu_to_le16(fst_dentry->d_name.len); 995 dent2->nlen = cpu_to_le16(fname_len(fst_nm));
982 memcpy(dent2->name, fst_dentry->d_name.name, fst_dentry->d_name.len); 996 memcpy(dent2->name, fname_name(fst_nm), fname_len(fst_nm));
983 dent2->name[fst_dentry->d_name.len] = '\0'; 997 dent2->name[fname_len(fst_nm)] = '\0';
984 zero_dent_node_unused(dent2); 998 zero_dent_node_unused(dent2);
985 ubifs_prep_grp_node(c, dent2, dlen2, 0); 999 ubifs_prep_grp_node(c, dent2, dlen2, 0);
986 1000
@@ -1004,14 +1018,14 @@ int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir,
1004 } 1018 }
1005 release_head(c, BASEHD); 1019 release_head(c, BASEHD);
1006 1020
1007 dent_key_init(c, &key, snd_dir->i_ino, &snd_dentry->d_name); 1021 dent_key_init(c, &key, snd_dir->i_ino, snd_nm);
1008 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen1, &snd_dentry->d_name); 1022 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen1, snd_nm);
1009 if (err) 1023 if (err)
1010 goto out_ro; 1024 goto out_ro;
1011 1025
1012 offs += aligned_dlen1; 1026 offs += aligned_dlen1;
1013 dent_key_init(c, &key, fst_dir->i_ino, &fst_dentry->d_name); 1027 dent_key_init(c, &key, fst_dir->i_ino, fst_nm);
1014 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen2, &fst_dentry->d_name); 1028 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen2, fst_nm);
1015 if (err) 1029 if (err)
1016 goto out_ro; 1030 goto out_ro;
1017 1031
@@ -1063,31 +1077,31 @@ out_free:
1063 * returned. 1077 * returned.
1064 */ 1078 */
1065int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir, 1079int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir,
1066 const struct dentry *old_dentry, 1080 const struct inode *old_inode,
1081 const struct fscrypt_name *old_nm,
1067 const struct inode *new_dir, 1082 const struct inode *new_dir,
1068 const struct dentry *new_dentry, 1083 const struct inode *new_inode,
1084 const struct fscrypt_name *new_nm,
1069 const struct inode *whiteout, int sync) 1085 const struct inode *whiteout, int sync)
1070{ 1086{
1071 void *p; 1087 void *p;
1072 union ubifs_key key; 1088 union ubifs_key key;
1073 struct ubifs_dent_node *dent, *dent2; 1089 struct ubifs_dent_node *dent, *dent2;
1074 int err, dlen1, dlen2, ilen, lnum, offs, len; 1090 int err, dlen1, dlen2, ilen, lnum, offs, len;
1075 const struct inode *old_inode = d_inode(old_dentry);
1076 const struct inode *new_inode = d_inode(new_dentry);
1077 int aligned_dlen1, aligned_dlen2, plen = UBIFS_INO_NODE_SZ; 1091 int aligned_dlen1, aligned_dlen2, plen = UBIFS_INO_NODE_SZ;
1078 int last_reference = !!(new_inode && new_inode->i_nlink == 0); 1092 int last_reference = !!(new_inode && new_inode->i_nlink == 0);
1079 int move = (old_dir != new_dir); 1093 int move = (old_dir != new_dir);
1080 struct ubifs_inode *uninitialized_var(new_ui); 1094 struct ubifs_inode *uninitialized_var(new_ui);
1081 1095
1082 dbg_jnl("dent '%pd' in dir ino %lu to dent '%pd' in dir ino %lu", 1096 //dbg_jnl("dent '%pd' in dir ino %lu to dent '%pd' in dir ino %lu",
1083 old_dentry, old_dir->i_ino, new_dentry, new_dir->i_ino); 1097 // old_dentry, old_dir->i_ino, new_dentry, new_dir->i_ino);
1084 ubifs_assert(ubifs_inode(old_dir)->data_len == 0); 1098 ubifs_assert(ubifs_inode(old_dir)->data_len == 0);
1085 ubifs_assert(ubifs_inode(new_dir)->data_len == 0); 1099 ubifs_assert(ubifs_inode(new_dir)->data_len == 0);
1086 ubifs_assert(mutex_is_locked(&ubifs_inode(old_dir)->ui_mutex)); 1100 ubifs_assert(mutex_is_locked(&ubifs_inode(old_dir)->ui_mutex));
1087 ubifs_assert(mutex_is_locked(&ubifs_inode(new_dir)->ui_mutex)); 1101 ubifs_assert(mutex_is_locked(&ubifs_inode(new_dir)->ui_mutex));
1088 1102
1089 dlen1 = UBIFS_DENT_NODE_SZ + new_dentry->d_name.len + 1; 1103 dlen1 = UBIFS_DENT_NODE_SZ + fname_len(new_nm) + 1;
1090 dlen2 = UBIFS_DENT_NODE_SZ + old_dentry->d_name.len + 1; 1104 dlen2 = UBIFS_DENT_NODE_SZ + fname_len(old_nm) + 1;
1091 if (new_inode) { 1105 if (new_inode) {
1092 new_ui = ubifs_inode(new_inode); 1106 new_ui = ubifs_inode(new_inode);
1093 ubifs_assert(mutex_is_locked(&new_ui->ui_mutex)); 1107 ubifs_assert(mutex_is_locked(&new_ui->ui_mutex));
@@ -1113,19 +1127,19 @@ int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir,
1113 1127
1114 /* Make new dent */ 1128 /* Make new dent */
1115 dent->ch.node_type = UBIFS_DENT_NODE; 1129 dent->ch.node_type = UBIFS_DENT_NODE;
1116 dent_key_init_flash(c, &dent->key, new_dir->i_ino, &new_dentry->d_name); 1130 dent_key_init_flash(c, &dent->key, new_dir->i_ino, new_nm);
1117 dent->inum = cpu_to_le64(old_inode->i_ino); 1131 dent->inum = cpu_to_le64(old_inode->i_ino);
1118 dent->type = get_dent_type(old_inode->i_mode); 1132 dent->type = get_dent_type(old_inode->i_mode);
1119 dent->nlen = cpu_to_le16(new_dentry->d_name.len); 1133 dent->nlen = cpu_to_le16(fname_len(new_nm));
1120 memcpy(dent->name, new_dentry->d_name.name, new_dentry->d_name.len); 1134 memcpy(dent->name, fname_name(new_nm), fname_len(new_nm));
1121 dent->name[new_dentry->d_name.len] = '\0'; 1135 dent->name[fname_len(new_nm)] = '\0';
1136 set_dent_cookie(c, dent);
1122 zero_dent_node_unused(dent); 1137 zero_dent_node_unused(dent);
1123 ubifs_prep_grp_node(c, dent, dlen1, 0); 1138 ubifs_prep_grp_node(c, dent, dlen1, 0);
1124 1139
1125 dent2 = (void *)dent + aligned_dlen1; 1140 dent2 = (void *)dent + aligned_dlen1;
1126 dent2->ch.node_type = UBIFS_DENT_NODE; 1141 dent2->ch.node_type = UBIFS_DENT_NODE;
1127 dent_key_init_flash(c, &dent2->key, old_dir->i_ino, 1142 dent_key_init_flash(c, &dent2->key, old_dir->i_ino, old_nm);
1128 &old_dentry->d_name);
1129 1143
1130 if (whiteout) { 1144 if (whiteout) {
1131 dent2->inum = cpu_to_le64(whiteout->i_ino); 1145 dent2->inum = cpu_to_le64(whiteout->i_ino);
@@ -1135,9 +1149,10 @@ int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir,
1135 dent2->inum = 0; 1149 dent2->inum = 0;
1136 dent2->type = DT_UNKNOWN; 1150 dent2->type = DT_UNKNOWN;
1137 } 1151 }
1138 dent2->nlen = cpu_to_le16(old_dentry->d_name.len); 1152 dent2->nlen = cpu_to_le16(fname_len(old_nm));
1139 memcpy(dent2->name, old_dentry->d_name.name, old_dentry->d_name.len); 1153 memcpy(dent2->name, fname_name(old_nm), fname_len(old_nm));
1140 dent2->name[old_dentry->d_name.len] = '\0'; 1154 dent2->name[fname_len(old_nm)] = '\0';
1155 set_dent_cookie(c, dent2);
1141 zero_dent_node_unused(dent2); 1156 zero_dent_node_unused(dent2);
1142 ubifs_prep_grp_node(c, dent2, dlen2, 0); 1157 ubifs_prep_grp_node(c, dent2, dlen2, 0);
1143 1158
@@ -1178,15 +1193,15 @@ int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir,
1178 } 1193 }
1179 release_head(c, BASEHD); 1194 release_head(c, BASEHD);
1180 1195
1181 dent_key_init(c, &key, new_dir->i_ino, &new_dentry->d_name); 1196 dent_key_init(c, &key, new_dir->i_ino, new_nm);
1182 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen1, &new_dentry->d_name); 1197 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen1, new_nm);
1183 if (err) 1198 if (err)
1184 goto out_ro; 1199 goto out_ro;
1185 1200
1186 offs += aligned_dlen1; 1201 offs += aligned_dlen1;
1187 if (whiteout) { 1202 if (whiteout) {
1188 dent_key_init(c, &key, old_dir->i_ino, &old_dentry->d_name); 1203 dent_key_init(c, &key, old_dir->i_ino, old_nm);
1189 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen2, &old_dentry->d_name); 1204 err = ubifs_tnc_add_nm(c, &key, lnum, offs, dlen2, old_nm);
1190 if (err) 1205 if (err)
1191 goto out_ro; 1206 goto out_ro;
1192 1207
@@ -1196,8 +1211,8 @@ int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir,
1196 if (err) 1211 if (err)
1197 goto out_ro; 1212 goto out_ro;
1198 1213
1199 dent_key_init(c, &key, old_dir->i_ino, &old_dentry->d_name); 1214 dent_key_init(c, &key, old_dir->i_ino, old_nm);
1200 err = ubifs_tnc_remove_nm(c, &key, &old_dentry->d_name); 1215 err = ubifs_tnc_remove_nm(c, &key, old_nm);
1201 if (err) 1216 if (err)
1202 goto out_ro; 1217 goto out_ro;
1203 } 1218 }
@@ -1251,31 +1266,55 @@ out_free:
1251} 1266}
1252 1267
1253/** 1268/**
1254 * recomp_data_node - re-compress a truncated data node. 1269 * truncate_data_node - re-compress/encrypt a truncated data node.
1270 * @c: UBIFS file-system description object
1271 * @inode: inode which referes to the data node
1272 * @block: data block number
1255 * @dn: data node to re-compress 1273 * @dn: data node to re-compress
1256 * @new_len: new length 1274 * @new_len: new length
1257 * 1275 *
1258 * This function is used when an inode is truncated and the last data node of 1276 * This function is used when an inode is truncated and the last data node of
1259 * the inode has to be re-compressed and re-written. 1277 * the inode has to be re-compressed/encrypted and re-written.
1260 */ 1278 */
1261static int recomp_data_node(const struct ubifs_info *c, 1279static int truncate_data_node(const struct ubifs_info *c, const struct inode *inode,
1262 struct ubifs_data_node *dn, int *new_len) 1280 unsigned int block, struct ubifs_data_node *dn,
1281 int *new_len)
1263{ 1282{
1264 void *buf; 1283 void *buf;
1265 int err, len, compr_type, out_len; 1284 int err, dlen, compr_type, out_len, old_dlen;
1266 1285
1267 out_len = le32_to_cpu(dn->size); 1286 out_len = le32_to_cpu(dn->size);
1268 buf = kmalloc(out_len * WORST_COMPR_FACTOR, GFP_NOFS); 1287 buf = kmalloc(out_len * WORST_COMPR_FACTOR, GFP_NOFS);
1269 if (!buf) 1288 if (!buf)
1270 return -ENOMEM; 1289 return -ENOMEM;
1271 1290
1272 len = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ; 1291 dlen = old_dlen = le32_to_cpu(dn->ch.len) - UBIFS_DATA_NODE_SZ;
1273 compr_type = le16_to_cpu(dn->compr_type); 1292 compr_type = le16_to_cpu(dn->compr_type);
1274 err = ubifs_decompress(c, &dn->data, len, buf, &out_len, compr_type);
1275 if (err)
1276 goto out;
1277 1293
1278 ubifs_compress(c, buf, *new_len, &dn->data, &out_len, &compr_type); 1294 if (ubifs_crypt_is_encrypted(inode)) {
1295 err = ubifs_decrypt(inode, dn, &dlen, block);
1296 if (err)
1297 goto out;
1298 }
1299
1300 if (compr_type != UBIFS_COMPR_NONE) {
1301 err = ubifs_decompress(c, &dn->data, dlen, buf, &out_len, compr_type);
1302 if (err)
1303 goto out;
1304
1305 ubifs_compress(c, buf, *new_len, &dn->data, &out_len, &compr_type);
1306 }
1307
1308 if (ubifs_crypt_is_encrypted(inode)) {
1309 err = ubifs_encrypt(inode, dn, out_len, &old_dlen, block);
1310 if (err)
1311 goto out;
1312
1313 out_len = old_dlen;
1314 } else {
1315 dn->compr_size = 0;
1316 }
1317
1279 ubifs_assert(out_len <= UBIFS_BLOCK_SIZE); 1318 ubifs_assert(out_len <= UBIFS_BLOCK_SIZE);
1280 dn->compr_type = cpu_to_le16(compr_type); 1319 dn->compr_type = cpu_to_le16(compr_type);
1281 dn->size = cpu_to_le32(*new_len); 1320 dn->size = cpu_to_le32(*new_len);
@@ -1347,17 +1386,9 @@ int ubifs_jnl_truncate(struct ubifs_info *c, const struct inode *inode,
1347 if (le32_to_cpu(dn->size) <= dlen) 1386 if (le32_to_cpu(dn->size) <= dlen)
1348 dlen = 0; /* Nothing to do */ 1387 dlen = 0; /* Nothing to do */
1349 else { 1388 else {
1350 int compr_type = le16_to_cpu(dn->compr_type); 1389 err = truncate_data_node(c, inode, blk, dn, &dlen);
1351 1390 if (err)
1352 if (compr_type != UBIFS_COMPR_NONE) { 1391 goto out_free;
1353 err = recomp_data_node(c, dn, &dlen);
1354 if (err)
1355 goto out_free;
1356 } else {
1357 dn->size = cpu_to_le32(dlen);
1358 dlen += UBIFS_DATA_NODE_SZ;
1359 }
1360 zero_data_node_unused(dn);
1361 } 1392 }
1362 } 1393 }
1363 } 1394 }
@@ -1442,7 +1473,8 @@ out_free:
1442 * error code in case of failure. 1473 * error code in case of failure.
1443 */ 1474 */
1444int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host, 1475int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host,
1445 const struct inode *inode, const struct qstr *nm) 1476 const struct inode *inode,
1477 const struct fscrypt_name *nm)
1446{ 1478{
1447 int err, xlen, hlen, len, lnum, xent_offs, aligned_xlen; 1479 int err, xlen, hlen, len, lnum, xent_offs, aligned_xlen;
1448 struct ubifs_dent_node *xent; 1480 struct ubifs_dent_node *xent;
@@ -1451,9 +1483,9 @@ int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host,
1451 int sync = IS_DIRSYNC(host); 1483 int sync = IS_DIRSYNC(host);
1452 struct ubifs_inode *host_ui = ubifs_inode(host); 1484 struct ubifs_inode *host_ui = ubifs_inode(host);
1453 1485
1454 dbg_jnl("host %lu, xattr ino %lu, name '%s', data len %d", 1486 //dbg_jnl("host %lu, xattr ino %lu, name '%s', data len %d",
1455 host->i_ino, inode->i_ino, nm->name, 1487 // host->i_ino, inode->i_ino, nm->name,
1456 ubifs_inode(inode)->data_len); 1488 // ubifs_inode(inode)->data_len);
1457 ubifs_assert(inode->i_nlink == 0); 1489 ubifs_assert(inode->i_nlink == 0);
1458 ubifs_assert(mutex_is_locked(&host_ui->ui_mutex)); 1490 ubifs_assert(mutex_is_locked(&host_ui->ui_mutex));
1459 1491
@@ -1461,7 +1493,7 @@ int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host,
1461 * Since we are deleting the inode, we do not bother to attach any data 1493 * Since we are deleting the inode, we do not bother to attach any data
1462 * to it and assume its length is %UBIFS_INO_NODE_SZ. 1494 * to it and assume its length is %UBIFS_INO_NODE_SZ.
1463 */ 1495 */
1464 xlen = UBIFS_DENT_NODE_SZ + nm->len + 1; 1496 xlen = UBIFS_DENT_NODE_SZ + fname_len(nm) + 1;
1465 aligned_xlen = ALIGN(xlen, 8); 1497 aligned_xlen = ALIGN(xlen, 8);
1466 hlen = host_ui->data_len + UBIFS_INO_NODE_SZ; 1498 hlen = host_ui->data_len + UBIFS_INO_NODE_SZ;
1467 len = aligned_xlen + UBIFS_INO_NODE_SZ + ALIGN(hlen, 8); 1499 len = aligned_xlen + UBIFS_INO_NODE_SZ + ALIGN(hlen, 8);
@@ -1482,9 +1514,9 @@ int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host,
1482 key_write(c, &xent_key, xent->key); 1514 key_write(c, &xent_key, xent->key);
1483 xent->inum = 0; 1515 xent->inum = 0;
1484 xent->type = get_dent_type(inode->i_mode); 1516 xent->type = get_dent_type(inode->i_mode);
1485 xent->nlen = cpu_to_le16(nm->len); 1517 xent->nlen = cpu_to_le16(fname_len(nm));
1486 memcpy(xent->name, nm->name, nm->len); 1518 memcpy(xent->name, fname_name(nm), fname_len(nm));
1487 xent->name[nm->len] = '\0'; 1519 xent->name[fname_len(nm)] = '\0';
1488 zero_dent_node_unused(xent); 1520 zero_dent_node_unused(xent);
1489 ubifs_prep_grp_node(c, xent, xlen, 0); 1521 ubifs_prep_grp_node(c, xent, xlen, 0);
1490 1522
diff --git a/fs/ubifs/key.h b/fs/ubifs/key.h
index c0a95e393347..7547be512db2 100644
--- a/fs/ubifs/key.h
+++ b/fs/ubifs/key.h
@@ -69,7 +69,7 @@ static inline uint32_t key_r5_hash(const char *s, int len)
69 uint32_t a = 0; 69 uint32_t a = 0;
70 const signed char *str = (const signed char *)s; 70 const signed char *str = (const signed char *)s;
71 71
72 while (*str) { 72 while (len--) {
73 a += *str << 4; 73 a += *str << 4;
74 a += *str >> 4; 74 a += *str >> 4;
75 a *= 11; 75 a *= 11;
@@ -153,13 +153,13 @@ static inline void highest_ino_key(const struct ubifs_info *c,
153 * @c: UBIFS file-system description object 153 * @c: UBIFS file-system description object
154 * @key: key to initialize 154 * @key: key to initialize
155 * @inum: parent inode number 155 * @inum: parent inode number
156 * @nm: direntry name and length 156 * @nm: direntry name and length. Not a string when encrypted!
157 */ 157 */
158static inline void dent_key_init(const struct ubifs_info *c, 158static inline void dent_key_init(const struct ubifs_info *c,
159 union ubifs_key *key, ino_t inum, 159 union ubifs_key *key, ino_t inum,
160 const struct qstr *nm) 160 const struct fscrypt_name *nm)
161{ 161{
162 uint32_t hash = c->key_hash(nm->name, nm->len); 162 uint32_t hash = c->key_hash(fname_name(nm), fname_len(nm));
163 163
164 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK)); 164 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK));
165 key->u32[0] = inum; 165 key->u32[0] = inum;
@@ -191,10 +191,11 @@ static inline void dent_key_init_hash(const struct ubifs_info *c,
191 * @nm: direntry name and length 191 * @nm: direntry name and length
192 */ 192 */
193static inline void dent_key_init_flash(const struct ubifs_info *c, void *k, 193static inline void dent_key_init_flash(const struct ubifs_info *c, void *k,
194 ino_t inum, const struct qstr *nm) 194 ino_t inum,
195 const struct fscrypt_name *nm)
195{ 196{
196 union ubifs_key *key = k; 197 union ubifs_key *key = k;
197 uint32_t hash = c->key_hash(nm->name, nm->len); 198 uint32_t hash = c->key_hash(fname_name(nm), fname_len(nm));
198 199
199 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK)); 200 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK));
200 key->j32[0] = cpu_to_le32(inum); 201 key->j32[0] = cpu_to_le32(inum);
@@ -225,9 +226,9 @@ static inline void lowest_dent_key(const struct ubifs_info *c,
225 */ 226 */
226static inline void xent_key_init(const struct ubifs_info *c, 227static inline void xent_key_init(const struct ubifs_info *c,
227 union ubifs_key *key, ino_t inum, 228 union ubifs_key *key, ino_t inum,
228 const struct qstr *nm) 229 const struct fscrypt_name *nm)
229{ 230{
230 uint32_t hash = c->key_hash(nm->name, nm->len); 231 uint32_t hash = c->key_hash(fname_name(nm), fname_len(nm));
231 232
232 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK)); 233 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK));
233 key->u32[0] = inum; 234 key->u32[0] = inum;
@@ -242,10 +243,10 @@ static inline void xent_key_init(const struct ubifs_info *c,
242 * @nm: extended attribute entry name and length 243 * @nm: extended attribute entry name and length
243 */ 244 */
244static inline void xent_key_init_flash(const struct ubifs_info *c, void *k, 245static inline void xent_key_init_flash(const struct ubifs_info *c, void *k,
245 ino_t inum, const struct qstr *nm) 246 ino_t inum, const struct fscrypt_name *nm)
246{ 247{
247 union ubifs_key *key = k; 248 union ubifs_key *key = k;
248 uint32_t hash = c->key_hash(nm->name, nm->len); 249 uint32_t hash = c->key_hash(fname_name(nm), fname_len(nm));
249 250
250 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK)); 251 ubifs_assert(!(hash & ~UBIFS_S_KEY_HASH_MASK));
251 key->j32[0] = cpu_to_le32(inum); 252 key->j32[0] = cpu_to_le32(inum);
diff --git a/fs/ubifs/replay.c b/fs/ubifs/replay.c
index fb0f44cd1e28..ae5c02f22f3e 100644
--- a/fs/ubifs/replay.c
+++ b/fs/ubifs/replay.c
@@ -61,7 +61,7 @@ struct replay_entry {
61 struct list_head list; 61 struct list_head list;
62 union ubifs_key key; 62 union ubifs_key key;
63 union { 63 union {
64 struct qstr nm; 64 struct fscrypt_name nm;
65 struct { 65 struct {
66 loff_t old_size; 66 loff_t old_size;
67 loff_t new_size; 67 loff_t new_size;
@@ -327,7 +327,7 @@ static void destroy_replay_list(struct ubifs_info *c)
327 327
328 list_for_each_entry_safe(r, tmp, &c->replay_list, list) { 328 list_for_each_entry_safe(r, tmp, &c->replay_list, list) {
329 if (is_hash_key(c, &r->key)) 329 if (is_hash_key(c, &r->key))
330 kfree(r->nm.name); 330 kfree(fname_name(&r->nm));
331 list_del(&r->list); 331 list_del(&r->list);
332 kfree(r); 332 kfree(r);
333 } 333 }
@@ -430,10 +430,10 @@ static int insert_dent(struct ubifs_info *c, int lnum, int offs, int len,
430 r->deletion = !!deletion; 430 r->deletion = !!deletion;
431 r->sqnum = sqnum; 431 r->sqnum = sqnum;
432 key_copy(c, key, &r->key); 432 key_copy(c, key, &r->key);
433 r->nm.len = nlen; 433 fname_len(&r->nm) = nlen;
434 memcpy(nbuf, name, nlen); 434 memcpy(nbuf, name, nlen);
435 nbuf[nlen] = '\0'; 435 nbuf[nlen] = '\0';
436 r->nm.name = nbuf; 436 fname_name(&r->nm) = nbuf;
437 437
438 list_add_tail(&r->list, &c->replay_list); 438 list_add_tail(&r->list, &c->replay_list);
439 return 0; 439 return 0;
@@ -456,7 +456,7 @@ int ubifs_validate_entry(struct ubifs_info *c,
456 if (le32_to_cpu(dent->ch.len) != nlen + UBIFS_DENT_NODE_SZ + 1 || 456 if (le32_to_cpu(dent->ch.len) != nlen + UBIFS_DENT_NODE_SZ + 1 ||
457 dent->type >= UBIFS_ITYPES_CNT || 457 dent->type >= UBIFS_ITYPES_CNT ||
458 nlen > UBIFS_MAX_NLEN || dent->name[nlen] != 0 || 458 nlen > UBIFS_MAX_NLEN || dent->name[nlen] != 0 ||
459 strnlen(dent->name, nlen) != nlen || 459 (key_type == UBIFS_XENT_KEY && strnlen(dent->name, nlen) != nlen) ||
460 le64_to_cpu(dent->inum) > MAX_INUM) { 460 le64_to_cpu(dent->inum) > MAX_INUM) {
461 ubifs_err(c, "bad %s node", key_type == UBIFS_DENT_KEY ? 461 ubifs_err(c, "bad %s node", key_type == UBIFS_DENT_KEY ?
462 "directory entry" : "extended attribute entry"); 462 "directory entry" : "extended attribute entry");
diff --git a/fs/ubifs/sb.c b/fs/ubifs/sb.c
index 3cbb904a6d7d..7f1ead29e727 100644
--- a/fs/ubifs/sb.c
+++ b/fs/ubifs/sb.c
@@ -163,6 +163,7 @@ static int create_default_filesystem(struct ubifs_info *c)
163 tmp64 = (long long)max_buds * c->leb_size; 163 tmp64 = (long long)max_buds * c->leb_size;
164 if (big_lpt) 164 if (big_lpt)
165 sup_flags |= UBIFS_FLG_BIGLPT; 165 sup_flags |= UBIFS_FLG_BIGLPT;
166 sup_flags |= UBIFS_FLG_DOUBLE_HASH;
166 167
167 sup->ch.node_type = UBIFS_SB_NODE; 168 sup->ch.node_type = UBIFS_SB_NODE;
168 sup->key_hash = UBIFS_KEY_HASH_R5; 169 sup->key_hash = UBIFS_KEY_HASH_R5;
@@ -465,6 +466,16 @@ static int validate_sb(struct ubifs_info *c, struct ubifs_sb_node *sup)
465 goto failed; 466 goto failed;
466 } 467 }
467 468
469 if (!c->double_hash && c->fmt_version >= 5) {
470 err = 16;
471 goto failed;
472 }
473
474 if (c->encrypted && c->fmt_version < 5) {
475 err = 17;
476 goto failed;
477 }
478
468 return 0; 479 return 0;
469 480
470failed: 481failed:
@@ -620,6 +631,24 @@ int ubifs_read_superblock(struct ubifs_info *c)
620 memcpy(&c->uuid, &sup->uuid, 16); 631 memcpy(&c->uuid, &sup->uuid, 16);
621 c->big_lpt = !!(sup_flags & UBIFS_FLG_BIGLPT); 632 c->big_lpt = !!(sup_flags & UBIFS_FLG_BIGLPT);
622 c->space_fixup = !!(sup_flags & UBIFS_FLG_SPACE_FIXUP); 633 c->space_fixup = !!(sup_flags & UBIFS_FLG_SPACE_FIXUP);
634 c->double_hash = !!(sup_flags & UBIFS_FLG_DOUBLE_HASH);
635 c->encrypted = !!(sup_flags & UBIFS_FLG_ENCRYPTION);
636
637 if ((sup_flags & ~UBIFS_FLG_MASK) != 0) {
638 ubifs_err(c, "Unknown feature flags found: %#x",
639 sup_flags & ~UBIFS_FLG_MASK);
640 err = -EINVAL;
641 goto out;
642 }
643
644#ifndef CONFIG_UBIFS_FS_ENCRYPTION
645 if (c->encrypted) {
646 ubifs_err(c, "file system contains encrypted files but UBIFS"
647 " was built without crypto support.");
648 err = -EINVAL;
649 goto out;
650 }
651#endif
623 652
624 /* Automatically increase file system size to the maximum size */ 653 /* Automatically increase file system size to the maximum size */
625 c->old_leb_cnt = c->leb_cnt; 654 c->old_leb_cnt = c->leb_cnt;
@@ -807,3 +836,33 @@ int ubifs_fixup_free_space(struct ubifs_info *c)
807 ubifs_msg(c, "free space fixup complete"); 836 ubifs_msg(c, "free space fixup complete");
808 return err; 837 return err;
809} 838}
839
840int ubifs_enable_encryption(struct ubifs_info *c)
841{
842 int err;
843 struct ubifs_sb_node *sup;
844
845 if (c->encrypted)
846 return 0;
847
848 if (c->ro_mount || c->ro_media)
849 return -EROFS;
850
851 if (c->fmt_version < 5) {
852 ubifs_err(c, "on-flash format version 5 is needed for encryption");
853 return -EINVAL;
854 }
855
856 sup = ubifs_read_sb_node(c);
857 if (IS_ERR(sup))
858 return PTR_ERR(sup);
859
860 sup->flags |= cpu_to_le32(UBIFS_FLG_ENCRYPTION);
861
862 err = ubifs_write_sb_node(c, sup);
863 if (!err)
864 c->encrypted = 1;
865 kfree(sup);
866
867 return err;
868}
diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 4ec051089186..e08aa04fc835 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -198,7 +198,6 @@ struct inode *ubifs_iget(struct super_block *sb, unsigned long inum)
198 } 198 }
199 memcpy(ui->data, ino->data, ui->data_len); 199 memcpy(ui->data, ino->data, ui->data_len);
200 ((char *)ui->data)[ui->data_len] = '\0'; 200 ((char *)ui->data)[ui->data_len] = '\0';
201 inode->i_link = ui->data;
202 break; 201 break;
203 case S_IFBLK: 202 case S_IFBLK:
204 case S_IFCHR: 203 case S_IFCHR:
@@ -380,6 +379,9 @@ out:
380 } 379 }
381done: 380done:
382 clear_inode(inode); 381 clear_inode(inode);
382#ifdef CONFIG_UBIFS_FS_ENCRYPTION
383 fscrypt_put_encryption_info(inode, NULL);
384#endif
383} 385}
384 386
385static void ubifs_dirty_inode(struct inode *inode, int flags) 387static void ubifs_dirty_inode(struct inode *inode, int flags)
@@ -1207,7 +1209,8 @@ static int mount_ubifs(struct ubifs_info *c)
1207 bu_init(c); 1209 bu_init(c);
1208 1210
1209 if (!c->ro_mount) { 1211 if (!c->ro_mount) {
1210 c->write_reserve_buf = kmalloc(COMPRESSED_DATA_NODE_BUF_SZ, 1212 c->write_reserve_buf = kmalloc(COMPRESSED_DATA_NODE_BUF_SZ + \
1213 UBIFS_CIPHER_BLOCK_SIZE,
1211 GFP_KERNEL); 1214 GFP_KERNEL);
1212 if (!c->write_reserve_buf) 1215 if (!c->write_reserve_buf)
1213 goto out_free; 1216 goto out_free;
@@ -1620,7 +1623,8 @@ static int ubifs_remount_rw(struct ubifs_info *c)
1620 goto out; 1623 goto out;
1621 } 1624 }
1622 1625
1623 c->write_reserve_buf = kmalloc(COMPRESSED_DATA_NODE_BUF_SZ, GFP_KERNEL); 1626 c->write_reserve_buf = kmalloc(COMPRESSED_DATA_NODE_BUF_SZ + \
1627 UBIFS_CIPHER_BLOCK_SIZE, GFP_KERNEL);
1624 if (!c->write_reserve_buf) { 1628 if (!c->write_reserve_buf) {
1625 err = -ENOMEM; 1629 err = -ENOMEM;
1626 goto out; 1630 goto out;
@@ -1995,6 +1999,12 @@ static struct ubifs_info *alloc_ubifs_info(struct ubi_volume_desc *ubi)
1995 return c; 1999 return c;
1996} 2000}
1997 2001
2002#ifndef CONFIG_UBIFS_FS_ENCRYPTION
2003struct fscrypt_operations ubifs_crypt_operations = {
2004 .is_encrypted = __ubifs_crypt_is_encrypted,
2005};
2006#endif
2007
1998static int ubifs_fill_super(struct super_block *sb, void *data, int silent) 2008static int ubifs_fill_super(struct super_block *sb, void *data, int silent)
1999{ 2009{
2000 struct ubifs_info *c = sb->s_fs_info; 2010 struct ubifs_info *c = sb->s_fs_info;
@@ -2041,6 +2051,7 @@ static int ubifs_fill_super(struct super_block *sb, void *data, int silent)
2041 sb->s_maxbytes = c->max_inode_sz = MAX_LFS_FILESIZE; 2051 sb->s_maxbytes = c->max_inode_sz = MAX_LFS_FILESIZE;
2042 sb->s_op = &ubifs_super_operations; 2052 sb->s_op = &ubifs_super_operations;
2043 sb->s_xattr = ubifs_xattr_handlers; 2053 sb->s_xattr = ubifs_xattr_handlers;
2054 sb->s_cop = &ubifs_crypt_operations;
2044 2055
2045 mutex_lock(&c->umount_mutex); 2056 mutex_lock(&c->umount_mutex);
2046 err = mount_ubifs(c); 2057 err = mount_ubifs(c);
diff --git a/fs/ubifs/tnc.c b/fs/ubifs/tnc.c
index fa9a20cc60d6..74ae2de949df 100644
--- a/fs/ubifs/tnc.c
+++ b/fs/ubifs/tnc.c
@@ -378,7 +378,7 @@ static void lnc_free(struct ubifs_zbranch *zbr)
378} 378}
379 379
380/** 380/**
381 * tnc_read_node_nm - read a "hashed" leaf node. 381 * tnc_read_hashed_node - read a "hashed" leaf node.
382 * @c: UBIFS file-system description object 382 * @c: UBIFS file-system description object
383 * @zbr: key and position of the node 383 * @zbr: key and position of the node
384 * @node: node is returned here 384 * @node: node is returned here
@@ -388,8 +388,8 @@ static void lnc_free(struct ubifs_zbranch *zbr)
388 * added to LNC. Returns zero in case of success or a negative negative error 388 * added to LNC. Returns zero in case of success or a negative negative error
389 * code in case of failure. 389 * code in case of failure.
390 */ 390 */
391static int tnc_read_node_nm(struct ubifs_info *c, struct ubifs_zbranch *zbr, 391static int tnc_read_hashed_node(struct ubifs_info *c, struct ubifs_zbranch *zbr,
392 void *node) 392 void *node)
393{ 393{
394 int err; 394 int err;
395 395
@@ -519,7 +519,7 @@ static int fallible_read_node(struct ubifs_info *c, const union ubifs_key *key,
519 * of failure, a negative error code is returned. 519 * of failure, a negative error code is returned.
520 */ 520 */
521static int matches_name(struct ubifs_info *c, struct ubifs_zbranch *zbr, 521static int matches_name(struct ubifs_info *c, struct ubifs_zbranch *zbr,
522 const struct qstr *nm) 522 const struct fscrypt_name *nm)
523{ 523{
524 struct ubifs_dent_node *dent; 524 struct ubifs_dent_node *dent;
525 int nlen, err; 525 int nlen, err;
@@ -542,11 +542,11 @@ static int matches_name(struct ubifs_info *c, struct ubifs_zbranch *zbr,
542 dent = zbr->leaf; 542 dent = zbr->leaf;
543 543
544 nlen = le16_to_cpu(dent->nlen); 544 nlen = le16_to_cpu(dent->nlen);
545 err = memcmp(dent->name, nm->name, min_t(int, nlen, nm->len)); 545 err = memcmp(dent->name, fname_name(nm), min_t(int, nlen, fname_len(nm)));
546 if (err == 0) { 546 if (err == 0) {
547 if (nlen == nm->len) 547 if (nlen == fname_len(nm))
548 return NAME_MATCHES; 548 return NAME_MATCHES;
549 else if (nlen < nm->len) 549 else if (nlen < fname_len(nm))
550 return NAME_LESS; 550 return NAME_LESS;
551 else 551 else
552 return NAME_GREATER; 552 return NAME_GREATER;
@@ -689,7 +689,7 @@ static int tnc_prev(struct ubifs_info *c, struct ubifs_znode **zn, int *n)
689 */ 689 */
690static int resolve_collision(struct ubifs_info *c, const union ubifs_key *key, 690static int resolve_collision(struct ubifs_info *c, const union ubifs_key *key,
691 struct ubifs_znode **zn, int *n, 691 struct ubifs_znode **zn, int *n,
692 const struct qstr *nm) 692 const struct fscrypt_name *nm)
693{ 693{
694 int err; 694 int err;
695 695
@@ -807,7 +807,7 @@ static int resolve_collision(struct ubifs_info *c, const union ubifs_key *key,
807 */ 807 */
808static int fallible_matches_name(struct ubifs_info *c, 808static int fallible_matches_name(struct ubifs_info *c,
809 struct ubifs_zbranch *zbr, 809 struct ubifs_zbranch *zbr,
810 const struct qstr *nm) 810 const struct fscrypt_name *nm)
811{ 811{
812 struct ubifs_dent_node *dent; 812 struct ubifs_dent_node *dent;
813 int nlen, err; 813 int nlen, err;
@@ -835,11 +835,11 @@ static int fallible_matches_name(struct ubifs_info *c,
835 dent = zbr->leaf; 835 dent = zbr->leaf;
836 836
837 nlen = le16_to_cpu(dent->nlen); 837 nlen = le16_to_cpu(dent->nlen);
838 err = memcmp(dent->name, nm->name, min_t(int, nlen, nm->len)); 838 err = memcmp(dent->name, fname_name(nm), min_t(int, nlen, fname_len(nm)));
839 if (err == 0) { 839 if (err == 0) {
840 if (nlen == nm->len) 840 if (nlen == fname_len(nm))
841 return NAME_MATCHES; 841 return NAME_MATCHES;
842 else if (nlen < nm->len) 842 else if (nlen < fname_len(nm))
843 return NAME_LESS; 843 return NAME_LESS;
844 else 844 else
845 return NAME_GREATER; 845 return NAME_GREATER;
@@ -878,7 +878,8 @@ out_free:
878static int fallible_resolve_collision(struct ubifs_info *c, 878static int fallible_resolve_collision(struct ubifs_info *c,
879 const union ubifs_key *key, 879 const union ubifs_key *key,
880 struct ubifs_znode **zn, int *n, 880 struct ubifs_znode **zn, int *n,
881 const struct qstr *nm, int adding) 881 const struct fscrypt_name *nm,
882 int adding)
882{ 883{
883 struct ubifs_znode *o_znode = NULL, *znode = *zn; 884 struct ubifs_znode *o_znode = NULL, *znode = *zn;
884 int uninitialized_var(o_n), err, cmp, unsure = 0, nn = *n; 885 int uninitialized_var(o_n), err, cmp, unsure = 0, nn = *n;
@@ -1453,7 +1454,7 @@ again:
1453 * In this case the leaf node cache gets used, so we pass the 1454 * In this case the leaf node cache gets used, so we pass the
1454 * address of the zbranch and keep the mutex locked 1455 * address of the zbranch and keep the mutex locked
1455 */ 1456 */
1456 err = tnc_read_node_nm(c, zt, node); 1457 err = tnc_read_hashed_node(c, zt, node);
1457 goto out; 1458 goto out;
1458 } 1459 }
1459 if (safely) { 1460 if (safely) {
@@ -1782,19 +1783,19 @@ int ubifs_tnc_bulk_read(struct ubifs_info *c, struct bu_info *bu)
1782 * @node: the node is returned here 1783 * @node: the node is returned here
1783 * @nm: node name 1784 * @nm: node name
1784 * 1785 *
1785 * This function look up and reads a node which contains name hash in the key. 1786 * This function looks up and reads a node which contains name hash in the key.
1786 * Since the hash may have collisions, there may be many nodes with the same 1787 * Since the hash may have collisions, there may be many nodes with the same
1787 * key, so we have to sequentially look to all of them until the needed one is 1788 * key, so we have to sequentially look to all of them until the needed one is
1788 * found. This function returns zero in case of success, %-ENOENT if the node 1789 * found. This function returns zero in case of success, %-ENOENT if the node
1789 * was not found, and a negative error code in case of failure. 1790 * was not found, and a negative error code in case of failure.
1790 */ 1791 */
1791static int do_lookup_nm(struct ubifs_info *c, const union ubifs_key *key, 1792static int do_lookup_nm(struct ubifs_info *c, const union ubifs_key *key,
1792 void *node, const struct qstr *nm) 1793 void *node, const struct fscrypt_name *nm)
1793{ 1794{
1794 int found, n, err; 1795 int found, n, err;
1795 struct ubifs_znode *znode; 1796 struct ubifs_znode *znode;
1796 1797
1797 dbg_tnck(key, "name '%.*s' key ", nm->len, nm->name); 1798 //dbg_tnck(key, "name '%.*s' key ", nm->len, nm->name);
1798 mutex_lock(&c->tnc_mutex); 1799 mutex_lock(&c->tnc_mutex);
1799 found = ubifs_lookup_level0(c, key, &znode, &n); 1800 found = ubifs_lookup_level0(c, key, &znode, &n);
1800 if (!found) { 1801 if (!found) {
@@ -1816,7 +1817,7 @@ static int do_lookup_nm(struct ubifs_info *c, const union ubifs_key *key,
1816 goto out_unlock; 1817 goto out_unlock;
1817 } 1818 }
1818 1819
1819 err = tnc_read_node_nm(c, &znode->zbranch[n], node); 1820 err = tnc_read_hashed_node(c, &znode->zbranch[n], node);
1820 1821
1821out_unlock: 1822out_unlock:
1822 mutex_unlock(&c->tnc_mutex); 1823 mutex_unlock(&c->tnc_mutex);
@@ -1830,14 +1831,14 @@ out_unlock:
1830 * @node: the node is returned here 1831 * @node: the node is returned here
1831 * @nm: node name 1832 * @nm: node name
1832 * 1833 *
1833 * This function look up and reads a node which contains name hash in the key. 1834 * This function looks up and reads a node which contains name hash in the key.
1834 * Since the hash may have collisions, there may be many nodes with the same 1835 * Since the hash may have collisions, there may be many nodes with the same
1835 * key, so we have to sequentially look to all of them until the needed one is 1836 * key, so we have to sequentially look to all of them until the needed one is
1836 * found. This function returns zero in case of success, %-ENOENT if the node 1837 * found. This function returns zero in case of success, %-ENOENT if the node
1837 * was not found, and a negative error code in case of failure. 1838 * was not found, and a negative error code in case of failure.
1838 */ 1839 */
1839int ubifs_tnc_lookup_nm(struct ubifs_info *c, const union ubifs_key *key, 1840int ubifs_tnc_lookup_nm(struct ubifs_info *c, const union ubifs_key *key,
1840 void *node, const struct qstr *nm) 1841 void *node, const struct fscrypt_name *nm)
1841{ 1842{
1842 int err, len; 1843 int err, len;
1843 const struct ubifs_dent_node *dent = node; 1844 const struct ubifs_dent_node *dent = node;
@@ -1851,16 +1852,105 @@ int ubifs_tnc_lookup_nm(struct ubifs_info *c, const union ubifs_key *key,
1851 return err; 1852 return err;
1852 1853
1853 len = le16_to_cpu(dent->nlen); 1854 len = le16_to_cpu(dent->nlen);
1854 if (nm->len == len && !memcmp(dent->name, nm->name, len)) 1855 if (fname_len(nm) == len && !memcmp(dent->name, fname_name(nm), len))
1855 return 0; 1856 return 0;
1856 1857
1857 /* 1858 /*
1858 * Unluckily, there are hash collisions and we have to iterate over 1859 * Unluckily, there are hash collisions and we have to iterate over
1859 * them look at each direntry with colliding name hash sequentially. 1860 * them look at each direntry with colliding name hash sequentially.
1860 */ 1861 */
1862
1861 return do_lookup_nm(c, key, node, nm); 1863 return do_lookup_nm(c, key, node, nm);
1862} 1864}
1863 1865
1866static int do_lookup_dh(struct ubifs_info *c, const union ubifs_key *key,
1867 struct ubifs_dent_node *dent, uint32_t cookie)
1868{
1869 int n, err, type = key_type(c, key);
1870 struct ubifs_znode *znode;
1871 struct ubifs_zbranch *zbr;
1872 union ubifs_key *dkey, start_key;
1873
1874 ubifs_assert(is_hash_key(c, key));
1875
1876 lowest_dent_key(c, &start_key, key_inum(c, key));
1877
1878 mutex_lock(&c->tnc_mutex);
1879 err = ubifs_lookup_level0(c, &start_key, &znode, &n);
1880 if (unlikely(err < 0))
1881 goto out_unlock;
1882
1883 for (;;) {
1884 if (!err) {
1885 err = tnc_next(c, &znode, &n);
1886 if (err)
1887 goto out_unlock;
1888 }
1889
1890 zbr = &znode->zbranch[n];
1891 dkey = &zbr->key;
1892
1893 if (key_inum(c, dkey) != key_inum(c, key) ||
1894 key_type(c, dkey) != type) {
1895 err = -ENOENT;
1896 goto out_unlock;
1897 }
1898
1899 err = tnc_read_hashed_node(c, zbr, dent);
1900 if (err)
1901 goto out_unlock;
1902
1903 if (key_hash(c, key) == key_hash(c, dkey) &&
1904 le32_to_cpu(dent->cookie) == cookie)
1905 goto out_unlock;
1906 }
1907
1908out_unlock:
1909 mutex_unlock(&c->tnc_mutex);
1910 return err;
1911}
1912
1913/**
1914 * ubifs_tnc_lookup_dh - look up a "double hashed" node.
1915 * @c: UBIFS file-system description object
1916 * @key: node key to lookup
1917 * @node: the node is returned here
1918 * @cookie: node cookie for collision resolution
1919 *
1920 * This function looks up and reads a node which contains name hash in the key.
1921 * Since the hash may have collisions, there may be many nodes with the same
1922 * key, so we have to sequentially look to all of them until the needed one
1923 * with the same cookie value is found.
1924 * This function returns zero in case of success, %-ENOENT if the node
1925 * was not found, and a negative error code in case of failure.
1926 */
1927int ubifs_tnc_lookup_dh(struct ubifs_info *c, const union ubifs_key *key,
1928 void *node, uint32_t cookie)
1929{
1930 int err;
1931 const struct ubifs_dent_node *dent = node;
1932
1933 if (!c->double_hash)
1934 return -EOPNOTSUPP;
1935
1936 /*
1937 * We assume that in most of the cases there are no name collisions and
1938 * 'ubifs_tnc_lookup()' returns us the right direntry.
1939 */
1940 err = ubifs_tnc_lookup(c, key, node);
1941 if (err)
1942 return err;
1943
1944 if (le32_to_cpu(dent->cookie) == cookie)
1945 return 0;
1946
1947 /*
1948 * Unluckily, there are hash collisions and we have to iterate over
1949 * them look at each direntry with colliding name hash sequentially.
1950 */
1951 return do_lookup_dh(c, key, node, cookie);
1952}
1953
1864/** 1954/**
1865 * correct_parent_keys - correct parent znodes' keys. 1955 * correct_parent_keys - correct parent znodes' keys.
1866 * @c: UBIFS file-system description object 1956 * @c: UBIFS file-system description object
@@ -2279,14 +2369,15 @@ out_unlock:
2279 * may have collisions, like directory entry keys. 2369 * may have collisions, like directory entry keys.
2280 */ 2370 */
2281int ubifs_tnc_add_nm(struct ubifs_info *c, const union ubifs_key *key, 2371int ubifs_tnc_add_nm(struct ubifs_info *c, const union ubifs_key *key,
2282 int lnum, int offs, int len, const struct qstr *nm) 2372 int lnum, int offs, int len,
2373 const struct fscrypt_name *nm)
2283{ 2374{
2284 int found, n, err = 0; 2375 int found, n, err = 0;
2285 struct ubifs_znode *znode; 2376 struct ubifs_znode *znode;
2286 2377
2287 mutex_lock(&c->tnc_mutex); 2378 mutex_lock(&c->tnc_mutex);
2288 dbg_tnck(key, "LEB %d:%d, name '%.*s', key ", 2379 //dbg_tnck(key, "LEB %d:%d, name '%.*s', key ",
2289 lnum, offs, nm->len, nm->name); 2380 // lnum, offs, nm->len, nm->name);
2290 found = lookup_level0_dirty(c, key, &znode, &n); 2381 found = lookup_level0_dirty(c, key, &znode, &n);
2291 if (found < 0) { 2382 if (found < 0) {
2292 err = found; 2383 err = found;
@@ -2344,7 +2435,7 @@ int ubifs_tnc_add_nm(struct ubifs_info *c, const union ubifs_key *key,
2344 * by passing 'ubifs_tnc_remove_nm()' the same key but 2435 * by passing 'ubifs_tnc_remove_nm()' the same key but
2345 * an unmatchable name. 2436 * an unmatchable name.
2346 */ 2437 */
2347 struct qstr noname = { .name = "" }; 2438 struct fscrypt_name noname = { .disk_name = { .name = "", .len = 1 } };
2348 2439
2349 err = dbg_check_tnc(c, 0); 2440 err = dbg_check_tnc(c, 0);
2350 mutex_unlock(&c->tnc_mutex); 2441 mutex_unlock(&c->tnc_mutex);
@@ -2514,13 +2605,13 @@ out_unlock:
2514 * Returns %0 on success or negative error code on failure. 2605 * Returns %0 on success or negative error code on failure.
2515 */ 2606 */
2516int ubifs_tnc_remove_nm(struct ubifs_info *c, const union ubifs_key *key, 2607int ubifs_tnc_remove_nm(struct ubifs_info *c, const union ubifs_key *key,
2517 const struct qstr *nm) 2608 const struct fscrypt_name *nm)
2518{ 2609{
2519 int n, err; 2610 int n, err;
2520 struct ubifs_znode *znode; 2611 struct ubifs_znode *znode;
2521 2612
2522 mutex_lock(&c->tnc_mutex); 2613 mutex_lock(&c->tnc_mutex);
2523 dbg_tnck(key, "%.*s, key ", nm->len, nm->name); 2614 //dbg_tnck(key, "%.*s, key ", nm->len, nm->name);
2524 err = lookup_level0_dirty(c, key, &znode, &n); 2615 err = lookup_level0_dirty(c, key, &znode, &n);
2525 if (err < 0) 2616 if (err < 0)
2526 goto out_unlock; 2617 goto out_unlock;
@@ -2669,7 +2760,7 @@ int ubifs_tnc_remove_ino(struct ubifs_info *c, ino_t inum)
2669{ 2760{
2670 union ubifs_key key1, key2; 2761 union ubifs_key key1, key2;
2671 struct ubifs_dent_node *xent, *pxent = NULL; 2762 struct ubifs_dent_node *xent, *pxent = NULL;
2672 struct qstr nm = { .name = NULL }; 2763 struct fscrypt_name nm = {0};
2673 2764
2674 dbg_tnc("ino %lu", (unsigned long)inum); 2765 dbg_tnc("ino %lu", (unsigned long)inum);
2675 2766
@@ -2694,8 +2785,8 @@ int ubifs_tnc_remove_ino(struct ubifs_info *c, ino_t inum)
2694 dbg_tnc("xent '%s', ino %lu", xent->name, 2785 dbg_tnc("xent '%s', ino %lu", xent->name,
2695 (unsigned long)xattr_inum); 2786 (unsigned long)xattr_inum);
2696 2787
2697 nm.name = xent->name; 2788 fname_name(&nm) = xent->name;
2698 nm.len = le16_to_cpu(xent->nlen); 2789 fname_len(&nm) = le16_to_cpu(xent->nlen);
2699 err = ubifs_tnc_remove_nm(c, &key1, &nm); 2790 err = ubifs_tnc_remove_nm(c, &key1, &nm);
2700 if (err) { 2791 if (err) {
2701 kfree(xent); 2792 kfree(xent);
@@ -2747,7 +2838,7 @@ int ubifs_tnc_remove_ino(struct ubifs_info *c, ino_t inum)
2747 */ 2838 */
2748struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c, 2839struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c,
2749 union ubifs_key *key, 2840 union ubifs_key *key,
2750 const struct qstr *nm) 2841 const struct fscrypt_name *nm)
2751{ 2842{
2752 int n, err, type = key_type(c, key); 2843 int n, err, type = key_type(c, key);
2753 struct ubifs_znode *znode; 2844 struct ubifs_znode *znode;
@@ -2755,7 +2846,7 @@ struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c,
2755 struct ubifs_zbranch *zbr; 2846 struct ubifs_zbranch *zbr;
2756 union ubifs_key *dkey; 2847 union ubifs_key *dkey;
2757 2848
2758 dbg_tnck(key, "%s ", nm->name ? (char *)nm->name : "(lowest)"); 2849 //dbg_tnck(key, "%s ", nm->name ? (char *)nm->name : "(lowest)");
2759 ubifs_assert(is_hash_key(c, key)); 2850 ubifs_assert(is_hash_key(c, key));
2760 2851
2761 mutex_lock(&c->tnc_mutex); 2852 mutex_lock(&c->tnc_mutex);
@@ -2763,7 +2854,7 @@ struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c,
2763 if (unlikely(err < 0)) 2854 if (unlikely(err < 0))
2764 goto out_unlock; 2855 goto out_unlock;
2765 2856
2766 if (nm->name) { 2857 if (fname_len(nm) > 0) {
2767 if (err) { 2858 if (err) {
2768 /* Handle collisions */ 2859 /* Handle collisions */
2769 err = resolve_collision(c, key, &znode, &n, nm); 2860 err = resolve_collision(c, key, &znode, &n, nm);
@@ -2813,7 +2904,7 @@ struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c,
2813 goto out_free; 2904 goto out_free;
2814 } 2905 }
2815 2906
2816 err = tnc_read_node_nm(c, zbr, dent); 2907 err = tnc_read_hashed_node(c, zbr, dent);
2817 if (unlikely(err)) 2908 if (unlikely(err))
2818 goto out_free; 2909 goto out_free;
2819 2910
diff --git a/fs/ubifs/ubifs-media.h b/fs/ubifs/ubifs-media.h
index e24380cf46ed..e8c23c9d4f4a 100644
--- a/fs/ubifs/ubifs-media.h
+++ b/fs/ubifs/ubifs-media.h
@@ -46,7 +46,7 @@
46 * UBIFS went into mainline kernel with format version 4. The older formats 46 * UBIFS went into mainline kernel with format version 4. The older formats
47 * were development formats. 47 * were development formats.
48 */ 48 */
49#define UBIFS_FORMAT_VERSION 4 49#define UBIFS_FORMAT_VERSION 5
50 50
51/* 51/*
52 * Read-only compatibility version. If the UBIFS format is changed, older UBIFS 52 * Read-only compatibility version. If the UBIFS format is changed, older UBIFS
@@ -301,6 +301,13 @@ enum {
301#define UBIFS_MAX_NODE_SZ UBIFS_MAX_INO_NODE_SZ 301#define UBIFS_MAX_NODE_SZ UBIFS_MAX_INO_NODE_SZ
302 302
303/* 303/*
304 * xattr name of UBIFS encryption context, we don't use a prefix
305 * nor a long name to not waste space on the flash.
306 */
307#define UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT "c"
308
309
310/*
304 * On-flash inode flags. 311 * On-flash inode flags.
305 * 312 *
306 * UBIFS_COMPR_FL: use compression for this inode 313 * UBIFS_COMPR_FL: use compression for this inode
@@ -309,6 +316,7 @@ enum {
309 * UBIFS_APPEND_FL: writes to the inode may only append data 316 * UBIFS_APPEND_FL: writes to the inode may only append data
310 * UBIFS_DIRSYNC_FL: I/O on this directory inode has to be synchronous 317 * UBIFS_DIRSYNC_FL: I/O on this directory inode has to be synchronous
311 * UBIFS_XATTR_FL: this inode is the inode for an extended attribute value 318 * UBIFS_XATTR_FL: this inode is the inode for an extended attribute value
319 * UBIFS_CRYPT_FL: use encryption for this inode
312 * 320 *
313 * Note, these are on-flash flags which correspond to ioctl flags 321 * Note, these are on-flash flags which correspond to ioctl flags
314 * (@FS_COMPR_FL, etc). They have the same values now, but generally, do not 322 * (@FS_COMPR_FL, etc). They have the same values now, but generally, do not
@@ -321,6 +329,7 @@ enum {
321 UBIFS_APPEND_FL = 0x08, 329 UBIFS_APPEND_FL = 0x08,
322 UBIFS_DIRSYNC_FL = 0x10, 330 UBIFS_DIRSYNC_FL = 0x10,
323 UBIFS_XATTR_FL = 0x20, 331 UBIFS_XATTR_FL = 0x20,
332 UBIFS_CRYPT_FL = 0x40,
324}; 333};
325 334
326/* Inode flag bits used by UBIFS */ 335/* Inode flag bits used by UBIFS */
@@ -409,12 +418,19 @@ enum {
409 * 418 *
410 * UBIFS_FLG_BIGLPT: if "big" LPT model is used if set 419 * UBIFS_FLG_BIGLPT: if "big" LPT model is used if set
411 * UBIFS_FLG_SPACE_FIXUP: first-mount "fixup" of free space within LEBs needed 420 * UBIFS_FLG_SPACE_FIXUP: first-mount "fixup" of free space within LEBs needed
421 * UBIFS_FLG_DOUBLE_HASH: store a 32bit cookie in directory entry nodes to
422 * support 64bit cookies for lookups by hash
423 * UBIFS_FLG_ENCRYPTION: this filesystem contains encrypted files
412 */ 424 */
413enum { 425enum {
414 UBIFS_FLG_BIGLPT = 0x02, 426 UBIFS_FLG_BIGLPT = 0x02,
415 UBIFS_FLG_SPACE_FIXUP = 0x04, 427 UBIFS_FLG_SPACE_FIXUP = 0x04,
428 UBIFS_FLG_DOUBLE_HASH = 0x08,
429 UBIFS_FLG_ENCRYPTION = 0x10,
416}; 430};
417 431
432#define UBIFS_FLG_MASK (UBIFS_FLG_BIGLPT|UBIFS_FLG_SPACE_FIXUP|UBIFS_FLG_DOUBLE_HASH|UBIFS_FLG_ENCRYPTION)
433
418/** 434/**
419 * struct ubifs_ch - common header node. 435 * struct ubifs_ch - common header node.
420 * @magic: UBIFS node magic number (%UBIFS_NODE_MAGIC) 436 * @magic: UBIFS node magic number (%UBIFS_NODE_MAGIC)
@@ -521,7 +537,8 @@ struct ubifs_ino_node {
521 * @padding1: reserved for future, zeroes 537 * @padding1: reserved for future, zeroes
522 * @type: type of the target inode (%UBIFS_ITYPE_REG, %UBIFS_ITYPE_DIR, etc) 538 * @type: type of the target inode (%UBIFS_ITYPE_REG, %UBIFS_ITYPE_DIR, etc)
523 * @nlen: name length 539 * @nlen: name length
524 * @padding2: reserved for future, zeroes 540 * @cookie: A 32bits random number, used to construct a 64bits
541 * identifier.
525 * @name: zero-terminated name 542 * @name: zero-terminated name
526 * 543 *
527 * Note, do not forget to amend 'zero_dent_node_unused()' function when 544 * Note, do not forget to amend 'zero_dent_node_unused()' function when
@@ -534,7 +551,7 @@ struct ubifs_dent_node {
534 __u8 padding1; 551 __u8 padding1;
535 __u8 type; 552 __u8 type;
536 __le16 nlen; 553 __le16 nlen;
537 __u8 padding2[4]; /* Watch 'zero_dent_node_unused()' if changing! */ 554 __le32 cookie;
538 __u8 name[]; 555 __u8 name[];
539} __packed; 556} __packed;
540 557
@@ -544,18 +561,16 @@ struct ubifs_dent_node {
544 * @key: node key 561 * @key: node key
545 * @size: uncompressed data size in bytes 562 * @size: uncompressed data size in bytes
546 * @compr_type: compression type (%UBIFS_COMPR_NONE, %UBIFS_COMPR_LZO, etc) 563 * @compr_type: compression type (%UBIFS_COMPR_NONE, %UBIFS_COMPR_LZO, etc)
547 * @padding: reserved for future, zeroes 564 * @compr_size: compressed data size in bytes, only valid when data is encrypted
548 * @data: data 565 * @data: data
549 * 566 *
550 * Note, do not forget to amend 'zero_data_node_unused()' function when
551 * changing the padding fields.
552 */ 567 */
553struct ubifs_data_node { 568struct ubifs_data_node {
554 struct ubifs_ch ch; 569 struct ubifs_ch ch;
555 __u8 key[UBIFS_MAX_KEY_LEN]; 570 __u8 key[UBIFS_MAX_KEY_LEN];
556 __le32 size; 571 __le32 size;
557 __le16 compr_type; 572 __le16 compr_type;
558 __u8 padding[2]; /* Watch 'zero_data_node_unused()' if changing! */ 573 __le16 compr_size;
559 __u8 data[]; 574 __u8 data[];
560} __packed; 575} __packed;
561 576
diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h
index 096035eb29d0..ca72382ce6cc 100644
--- a/fs/ubifs/ubifs.h
+++ b/fs/ubifs/ubifs.h
@@ -38,6 +38,8 @@
38#include <linux/backing-dev.h> 38#include <linux/backing-dev.h>
39#include <linux/security.h> 39#include <linux/security.h>
40#include <linux/xattr.h> 40#include <linux/xattr.h>
41#include <linux/fscrypto.h>
42#include <linux/random.h>
41#include "ubifs-media.h" 43#include "ubifs-media.h"
42 44
43/* Version of this UBIFS implementation */ 45/* Version of this UBIFS implementation */
@@ -83,10 +85,6 @@
83 */ 85 */
84#define BGT_NAME_PATTERN "ubifs_bgt%d_%d" 86#define BGT_NAME_PATTERN "ubifs_bgt%d_%d"
85 87
86/* Write-buffer synchronization timeout interval in seconds */
87#define WBUF_TIMEOUT_SOFTLIMIT 3
88#define WBUF_TIMEOUT_HARDLIMIT 5
89
90/* Maximum possible inode number (only 32-bit inodes are supported now) */ 88/* Maximum possible inode number (only 32-bit inodes are supported now) */
91#define MAX_INUM 0xFFFFFFFF 89#define MAX_INUM 0xFFFFFFFF
92 90
@@ -138,6 +136,12 @@
138 */ 136 */
139#define WORST_COMPR_FACTOR 2 137#define WORST_COMPR_FACTOR 2
140 138
139#ifdef CONFIG_UBIFS_FS_ENCRYPTION
140#define UBIFS_CIPHER_BLOCK_SIZE FS_CRYPTO_BLOCK_SIZE
141#else
142#define UBIFS_CIPHER_BLOCK_SIZE 0
143#endif
144
141/* 145/*
142 * How much memory is needed for a buffer where we compress a data node. 146 * How much memory is needed for a buffer where we compress a data node.
143 */ 147 */
@@ -645,9 +649,6 @@ typedef int (*ubifs_lpt_scan_callback)(struct ubifs_info *c,
645 * @io_mutex: serializes write-buffer I/O 649 * @io_mutex: serializes write-buffer I/O
646 * @lock: serializes @buf, @lnum, @offs, @avail, @used, @next_ino and @inodes 650 * @lock: serializes @buf, @lnum, @offs, @avail, @used, @next_ino and @inodes
647 * fields 651 * fields
648 * @softlimit: soft write-buffer timeout interval
649 * @delta: hard and soft timeouts delta (the timer expire interval is @softlimit
650 * and @softlimit + @delta)
651 * @timer: write-buffer timer 652 * @timer: write-buffer timer
652 * @no_timer: non-zero if this write-buffer does not have a timer 653 * @no_timer: non-zero if this write-buffer does not have a timer
653 * @need_sync: non-zero if the timer expired and the wbuf needs sync'ing 654 * @need_sync: non-zero if the timer expired and the wbuf needs sync'ing
@@ -676,8 +677,6 @@ struct ubifs_wbuf {
676 int (*sync_callback)(struct ubifs_info *c, int lnum, int free, int pad); 677 int (*sync_callback)(struct ubifs_info *c, int lnum, int free, int pad);
677 struct mutex io_mutex; 678 struct mutex io_mutex;
678 spinlock_t lock; 679 spinlock_t lock;
679 ktime_t softlimit;
680 unsigned long long delta;
681 struct hrtimer timer; 680 struct hrtimer timer;
682 unsigned int no_timer:1; 681 unsigned int no_timer:1;
683 unsigned int need_sync:1; 682 unsigned int need_sync:1;
@@ -1007,6 +1006,8 @@ struct ubifs_debug_info;
1007 * 1006 *
1008 * @big_lpt: flag that LPT is too big to write whole during commit 1007 * @big_lpt: flag that LPT is too big to write whole during commit
1009 * @space_fixup: flag indicating that free space in LEBs needs to be cleaned up 1008 * @space_fixup: flag indicating that free space in LEBs needs to be cleaned up
1009 * @double_hash: flag indicating that we can do lookups by hash
1010 * @encrypted: flag indicating that this file system contains encrypted files
1010 * @no_chk_data_crc: do not check CRCs when reading data nodes (except during 1011 * @no_chk_data_crc: do not check CRCs when reading data nodes (except during
1011 * recovery) 1012 * recovery)
1012 * @bulk_read: enable bulk-reads 1013 * @bulk_read: enable bulk-reads
@@ -1249,6 +1250,8 @@ struct ubifs_info {
1249 1250
1250 unsigned int big_lpt:1; 1251 unsigned int big_lpt:1;
1251 unsigned int space_fixup:1; 1252 unsigned int space_fixup:1;
1253 unsigned int double_hash:1;
1254 unsigned int encrypted:1;
1252 unsigned int no_chk_data_crc:1; 1255 unsigned int no_chk_data_crc:1;
1253 unsigned int bulk_read:1; 1256 unsigned int bulk_read:1;
1254 unsigned int default_compr:2; 1257 unsigned int default_compr:2;
@@ -1515,25 +1518,29 @@ int ubifs_consolidate_log(struct ubifs_info *c);
1515 1518
1516/* journal.c */ 1519/* journal.c */
1517int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir, 1520int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir,
1518 const struct qstr *nm, const struct inode *inode, 1521 const struct fscrypt_name *nm, const struct inode *inode,
1519 int deletion, int xent); 1522 int deletion, int xent);
1520int ubifs_jnl_write_data(struct ubifs_info *c, const struct inode *inode, 1523int ubifs_jnl_write_data(struct ubifs_info *c, const struct inode *inode,
1521 const union ubifs_key *key, const void *buf, int len); 1524 const union ubifs_key *key, const void *buf, int len);
1522int ubifs_jnl_write_inode(struct ubifs_info *c, const struct inode *inode); 1525int ubifs_jnl_write_inode(struct ubifs_info *c, const struct inode *inode);
1523int ubifs_jnl_delete_inode(struct ubifs_info *c, const struct inode *inode); 1526int ubifs_jnl_delete_inode(struct ubifs_info *c, const struct inode *inode);
1524int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir, 1527int ubifs_jnl_xrename(struct ubifs_info *c, const struct inode *fst_dir,
1525 const struct dentry *fst_dentry, 1528 const struct inode *fst_inode,
1529 const struct fscrypt_name *fst_nm,
1526 const struct inode *snd_dir, 1530 const struct inode *snd_dir,
1527 const struct dentry *snd_dentry, int sync); 1531 const struct inode *snd_inode,
1532 const struct fscrypt_name *snd_nm, int sync);
1528int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir, 1533int ubifs_jnl_rename(struct ubifs_info *c, const struct inode *old_dir,
1529 const struct dentry *old_dentry, 1534 const struct inode *old_inode,
1535 const struct fscrypt_name *old_nm,
1530 const struct inode *new_dir, 1536 const struct inode *new_dir,
1531 const struct dentry *new_dentry, 1537 const struct inode *new_inode,
1538 const struct fscrypt_name *new_nm,
1532 const struct inode *whiteout, int sync); 1539 const struct inode *whiteout, int sync);
1533int ubifs_jnl_truncate(struct ubifs_info *c, const struct inode *inode, 1540int ubifs_jnl_truncate(struct ubifs_info *c, const struct inode *inode,
1534 loff_t old_size, loff_t new_size); 1541 loff_t old_size, loff_t new_size);
1535int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host, 1542int ubifs_jnl_delete_xattr(struct ubifs_info *c, const struct inode *host,
1536 const struct inode *inode, const struct qstr *nm); 1543 const struct inode *inode, const struct fscrypt_name *nm);
1537int ubifs_jnl_change_xattr(struct ubifs_info *c, const struct inode *inode1, 1544int ubifs_jnl_change_xattr(struct ubifs_info *c, const struct inode *inode1,
1538 const struct inode *inode2); 1545 const struct inode *inode2);
1539 1546
@@ -1568,7 +1575,9 @@ int ubifs_save_dirty_idx_lnums(struct ubifs_info *c);
1568int ubifs_lookup_level0(struct ubifs_info *c, const union ubifs_key *key, 1575int ubifs_lookup_level0(struct ubifs_info *c, const union ubifs_key *key,
1569 struct ubifs_znode **zn, int *n); 1576 struct ubifs_znode **zn, int *n);
1570int ubifs_tnc_lookup_nm(struct ubifs_info *c, const union ubifs_key *key, 1577int ubifs_tnc_lookup_nm(struct ubifs_info *c, const union ubifs_key *key,
1571 void *node, const struct qstr *nm); 1578 void *node, const struct fscrypt_name *nm);
1579int ubifs_tnc_lookup_dh(struct ubifs_info *c, const union ubifs_key *key,
1580 void *node, uint32_t secondary_hash);
1572int ubifs_tnc_locate(struct ubifs_info *c, const union ubifs_key *key, 1581int ubifs_tnc_locate(struct ubifs_info *c, const union ubifs_key *key,
1573 void *node, int *lnum, int *offs); 1582 void *node, int *lnum, int *offs);
1574int ubifs_tnc_add(struct ubifs_info *c, const union ubifs_key *key, int lnum, 1583int ubifs_tnc_add(struct ubifs_info *c, const union ubifs_key *key, int lnum,
@@ -1576,16 +1585,16 @@ int ubifs_tnc_add(struct ubifs_info *c, const union ubifs_key *key, int lnum,
1576int ubifs_tnc_replace(struct ubifs_info *c, const union ubifs_key *key, 1585int ubifs_tnc_replace(struct ubifs_info *c, const union ubifs_key *key,
1577 int old_lnum, int old_offs, int lnum, int offs, int len); 1586 int old_lnum, int old_offs, int lnum, int offs, int len);
1578int ubifs_tnc_add_nm(struct ubifs_info *c, const union ubifs_key *key, 1587int ubifs_tnc_add_nm(struct ubifs_info *c, const union ubifs_key *key,
1579 int lnum, int offs, int len, const struct qstr *nm); 1588 int lnum, int offs, int len, const struct fscrypt_name *nm);
1580int ubifs_tnc_remove(struct ubifs_info *c, const union ubifs_key *key); 1589int ubifs_tnc_remove(struct ubifs_info *c, const union ubifs_key *key);
1581int ubifs_tnc_remove_nm(struct ubifs_info *c, const union ubifs_key *key, 1590int ubifs_tnc_remove_nm(struct ubifs_info *c, const union ubifs_key *key,
1582 const struct qstr *nm); 1591 const struct fscrypt_name *nm);
1583int ubifs_tnc_remove_range(struct ubifs_info *c, union ubifs_key *from_key, 1592int ubifs_tnc_remove_range(struct ubifs_info *c, union ubifs_key *from_key,
1584 union ubifs_key *to_key); 1593 union ubifs_key *to_key);
1585int ubifs_tnc_remove_ino(struct ubifs_info *c, ino_t inum); 1594int ubifs_tnc_remove_ino(struct ubifs_info *c, ino_t inum);
1586struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c, 1595struct ubifs_dent_node *ubifs_tnc_next_ent(struct ubifs_info *c,
1587 union ubifs_key *key, 1596 union ubifs_key *key,
1588 const struct qstr *nm); 1597 const struct fscrypt_name *nm);
1589void ubifs_tnc_close(struct ubifs_info *c); 1598void ubifs_tnc_close(struct ubifs_info *c);
1590int ubifs_tnc_has_node(struct ubifs_info *c, union ubifs_key *key, int level, 1599int ubifs_tnc_has_node(struct ubifs_info *c, union ubifs_key *key, int level,
1591 int lnum, int offs, int is_idx); 1600 int lnum, int offs, int is_idx);
@@ -1642,6 +1651,7 @@ int ubifs_read_superblock(struct ubifs_info *c);
1642struct ubifs_sb_node *ubifs_read_sb_node(struct ubifs_info *c); 1651struct ubifs_sb_node *ubifs_read_sb_node(struct ubifs_info *c);
1643int ubifs_write_sb_node(struct ubifs_info *c, struct ubifs_sb_node *sup); 1652int ubifs_write_sb_node(struct ubifs_info *c, struct ubifs_sb_node *sup);
1644int ubifs_fixup_free_space(struct ubifs_info *c); 1653int ubifs_fixup_free_space(struct ubifs_info *c);
1654int ubifs_enable_encryption(struct ubifs_info *c);
1645 1655
1646/* replay.c */ 1656/* replay.c */
1647int ubifs_validate_entry(struct ubifs_info *c, 1657int ubifs_validate_entry(struct ubifs_info *c,
@@ -1733,16 +1743,21 @@ int ubifs_update_time(struct inode *inode, struct timespec *time, int flags);
1733#endif 1743#endif
1734 1744
1735/* dir.c */ 1745/* dir.c */
1736struct inode *ubifs_new_inode(struct ubifs_info *c, const struct inode *dir, 1746struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir,
1737 umode_t mode); 1747 umode_t mode);
1738int ubifs_getattr(struct vfsmount *mnt, struct dentry *dentry, 1748int ubifs_getattr(struct vfsmount *mnt, struct dentry *dentry,
1739 struct kstat *stat); 1749 struct kstat *stat);
1750int ubifs_check_dir_empty(struct inode *dir);
1740 1751
1741/* xattr.c */ 1752/* xattr.c */
1742extern const struct xattr_handler *ubifs_xattr_handlers[]; 1753extern const struct xattr_handler *ubifs_xattr_handlers[];
1743ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size); 1754ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size);
1744int ubifs_init_security(struct inode *dentry, struct inode *inode, 1755int ubifs_init_security(struct inode *dentry, struct inode *inode,
1745 const struct qstr *qstr); 1756 const struct qstr *qstr);
1757int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
1758 size_t size, int flags);
1759ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
1760 size_t size);
1746 1761
1747/* super.c */ 1762/* super.c */
1748struct inode *ubifs_iget(struct super_block *sb, unsigned long inum); 1763struct inode *ubifs_iget(struct super_block *sb, unsigned long inum);
@@ -1781,6 +1796,66 @@ int ubifs_decompress(const struct ubifs_info *c, const void *buf, int len,
1781#include "misc.h" 1796#include "misc.h"
1782#include "key.h" 1797#include "key.h"
1783 1798
1799#ifndef CONFIG_UBIFS_FS_ENCRYPTION
1800#define fscrypt_set_d_op(i)
1801#define fscrypt_get_ctx fscrypt_notsupp_get_ctx
1802#define fscrypt_release_ctx fscrypt_notsupp_release_ctx
1803#define fscrypt_encrypt_page fscrypt_notsupp_encrypt_page
1804#define fscrypt_decrypt_page fscrypt_notsupp_decrypt_page
1805#define fscrypt_decrypt_bio_pages fscrypt_notsupp_decrypt_bio_pages
1806#define fscrypt_pullback_bio_page fscrypt_notsupp_pullback_bio_page
1807#define fscrypt_restore_control_page fscrypt_notsupp_restore_control_page
1808#define fscrypt_zeroout_range fscrypt_notsupp_zeroout_range
1809#define fscrypt_ioctl_set_policy fscrypt_notsupp_ioctl_set_policy
1810#define fscrypt_ioctl_get_policy fscrypt_notsupp_ioctl_get_policy
1811#define fscrypt_has_permitted_context fscrypt_notsupp_has_permitted_context
1812#define fscrypt_inherit_context fscrypt_notsupp_inherit_context
1813#define fscrypt_get_encryption_info fscrypt_notsupp_get_encryption_info
1814#define fscrypt_put_encryption_info fscrypt_notsupp_put_encryption_info
1815#define fscrypt_setup_filename fscrypt_notsupp_setup_filename
1816#define fscrypt_free_filename fscrypt_notsupp_free_filename
1817#define fscrypt_fname_encrypted_size fscrypt_notsupp_fname_encrypted_size
1818#define fscrypt_fname_alloc_buffer fscrypt_notsupp_fname_alloc_buffer
1819#define fscrypt_fname_free_buffer fscrypt_notsupp_fname_free_buffer
1820#define fscrypt_fname_disk_to_usr fscrypt_notsupp_fname_disk_to_usr
1821#define fscrypt_fname_usr_to_disk fscrypt_notsupp_fname_usr_to_disk
1822static inline int ubifs_encrypt(const struct inode *inode,
1823 struct ubifs_data_node *dn,
1824 unsigned int in_len, unsigned int *out_len,
1825 int block)
1826{
1827 ubifs_assert(0);
1828 return -EOPNOTSUPP;
1829}
1830static inline int ubifs_decrypt(const struct inode *inode,
1831 struct ubifs_data_node *dn,
1832 unsigned int *out_len, int block)
1833{
1834 ubifs_assert(0);
1835 return -EOPNOTSUPP;
1836}
1837#else
1838/* crypto.c */
1839int ubifs_encrypt(const struct inode *inode, struct ubifs_data_node *dn,
1840 unsigned int in_len, unsigned int *out_len, int block);
1841int ubifs_decrypt(const struct inode *inode, struct ubifs_data_node *dn,
1842 unsigned int *out_len, int block);
1843#endif
1844
1845extern struct fscrypt_operations ubifs_crypt_operations;
1846
1847static inline bool __ubifs_crypt_is_encrypted(struct inode *inode)
1848{
1849 struct ubifs_inode *ui = ubifs_inode(inode);
1850
1851 return ui->flags & UBIFS_CRYPT_FL;
1852}
1853
1854static inline bool ubifs_crypt_is_encrypted(const struct inode *inode)
1855{
1856 return __ubifs_crypt_is_encrypted((struct inode *)inode);
1857}
1858
1784/* Normal UBIFS messages */ 1859/* Normal UBIFS messages */
1785__printf(2, 3) 1860__printf(2, 3)
1786void ubifs_msg(const struct ubifs_info *c, const char *fmt, ...); 1861void ubifs_msg(const struct ubifs_info *c, const char *fmt, ...);
diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c
index d9f9615bfd71..efe00fcb8b75 100644
--- a/fs/ubifs/xattr.c
+++ b/fs/ubifs/xattr.c
@@ -97,7 +97,7 @@ static const struct file_operations empty_fops;
97 * of failure. 97 * of failure.
98 */ 98 */
99static int create_xattr(struct ubifs_info *c, struct inode *host, 99static int create_xattr(struct ubifs_info *c, struct inode *host,
100 const struct qstr *nm, const void *value, int size) 100 const struct fscrypt_name *nm, const void *value, int size)
101{ 101{
102 int err, names_len; 102 int err, names_len;
103 struct inode *inode; 103 struct inode *inode;
@@ -117,7 +117,7 @@ static int create_xattr(struct ubifs_info *c, struct inode *host,
117 * extended attributes if the name list becomes larger. This limitation 117 * extended attributes if the name list becomes larger. This limitation
118 * is artificial for UBIFS, though. 118 * is artificial for UBIFS, though.
119 */ 119 */
120 names_len = host_ui->xattr_names + host_ui->xattr_cnt + nm->len + 1; 120 names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
121 if (names_len > XATTR_LIST_MAX) { 121 if (names_len > XATTR_LIST_MAX) {
122 ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d", 122 ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
123 host->i_ino, names_len, XATTR_LIST_MAX); 123 host->i_ino, names_len, XATTR_LIST_MAX);
@@ -154,9 +154,18 @@ static int create_xattr(struct ubifs_info *c, struct inode *host,
154 mutex_lock(&host_ui->ui_mutex); 154 mutex_lock(&host_ui->ui_mutex);
155 host->i_ctime = ubifs_current_time(host); 155 host->i_ctime = ubifs_current_time(host);
156 host_ui->xattr_cnt += 1; 156 host_ui->xattr_cnt += 1;
157 host_ui->xattr_size += CALC_DENT_SIZE(nm->len); 157 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
158 host_ui->xattr_size += CALC_XATTR_BYTES(size); 158 host_ui->xattr_size += CALC_XATTR_BYTES(size);
159 host_ui->xattr_names += nm->len; 159 host_ui->xattr_names += fname_len(nm);
160
161 /*
162 * We handle UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT here because we
163 * have to set the UBIFS_CRYPT_FL flag on the host inode.
164 * To avoid multiple updates of the same inode in the same operation,
165 * let's do it here.
166 */
167 if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
168 host_ui->flags |= UBIFS_CRYPT_FL;
160 169
161 err = ubifs_jnl_update(c, host, nm, inode, 0, 1); 170 err = ubifs_jnl_update(c, host, nm, inode, 0, 1);
162 if (err) 171 if (err)
@@ -170,9 +179,10 @@ static int create_xattr(struct ubifs_info *c, struct inode *host,
170 179
171out_cancel: 180out_cancel:
172 host_ui->xattr_cnt -= 1; 181 host_ui->xattr_cnt -= 1;
173 host_ui->xattr_size -= CALC_DENT_SIZE(nm->len); 182 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
174 host_ui->xattr_size -= CALC_XATTR_BYTES(size); 183 host_ui->xattr_size -= CALC_XATTR_BYTES(size);
175 host_ui->xattr_names -= nm->len; 184 host_ui->xattr_names -= fname_len(nm);
185 host_ui->flags &= ~UBIFS_CRYPT_FL;
176 mutex_unlock(&host_ui->ui_mutex); 186 mutex_unlock(&host_ui->ui_mutex);
177out_free: 187out_free:
178 make_bad_inode(inode); 188 make_bad_inode(inode);
@@ -269,22 +279,28 @@ static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum)
269 return ERR_PTR(-EINVAL); 279 return ERR_PTR(-EINVAL);
270} 280}
271 281
272static int __ubifs_setxattr(struct inode *host, const char *name, 282int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
273 const void *value, size_t size, int flags) 283 size_t size, int flags)
274{ 284{
275 struct inode *inode; 285 struct inode *inode;
276 struct ubifs_info *c = host->i_sb->s_fs_info; 286 struct ubifs_info *c = host->i_sb->s_fs_info;
277 struct qstr nm = QSTR_INIT(name, strlen(name)); 287 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
278 struct ubifs_dent_node *xent; 288 struct ubifs_dent_node *xent;
279 union ubifs_key key; 289 union ubifs_key key;
280 int err; 290 int err;
281 291
282 ubifs_assert(inode_is_locked(host)); 292 /*
293 * Creating an encryption context is done unlocked since we
294 * operate on a new inode which is not visible to other users
295 * at this point.
296 */
297 if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) != 0)
298 ubifs_assert(inode_is_locked(host));
283 299
284 if (size > UBIFS_MAX_INO_DATA) 300 if (size > UBIFS_MAX_INO_DATA)
285 return -ERANGE; 301 return -ERANGE;
286 302
287 if (nm.len > UBIFS_MAX_NLEN) 303 if (fname_len(&nm) > UBIFS_MAX_NLEN)
288 return -ENAMETOOLONG; 304 return -ENAMETOOLONG;
289 305
290 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS); 306 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
@@ -329,18 +345,18 @@ out_free:
329 return err; 345 return err;
330} 346}
331 347
332static ssize_t __ubifs_getxattr(struct inode *host, const char *name, 348ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
333 void *buf, size_t size) 349 size_t size)
334{ 350{
335 struct inode *inode; 351 struct inode *inode;
336 struct ubifs_info *c = host->i_sb->s_fs_info; 352 struct ubifs_info *c = host->i_sb->s_fs_info;
337 struct qstr nm = QSTR_INIT(name, strlen(name)); 353 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
338 struct ubifs_inode *ui; 354 struct ubifs_inode *ui;
339 struct ubifs_dent_node *xent; 355 struct ubifs_dent_node *xent;
340 union ubifs_key key; 356 union ubifs_key key;
341 int err; 357 int err;
342 358
343 if (nm.len > UBIFS_MAX_NLEN) 359 if (fname_len(&nm) > UBIFS_MAX_NLEN)
344 return -ENAMETOOLONG; 360 return -ENAMETOOLONG;
345 361
346 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS); 362 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
@@ -387,6 +403,20 @@ out_unlock:
387 return err; 403 return err;
388} 404}
389 405
406static bool xattr_visible(const char *name)
407{
408 /* File encryption related xattrs are for internal use only */
409 if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
410 return false;
411
412 /* Show trusted namespace only for "power" users */
413 if (strncmp(name, XATTR_TRUSTED_PREFIX,
414 XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN))
415 return false;
416
417 return true;
418}
419
390ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size) 420ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
391{ 421{
392 union ubifs_key key; 422 union ubifs_key key;
@@ -395,7 +425,7 @@ ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
395 struct ubifs_inode *host_ui = ubifs_inode(host); 425 struct ubifs_inode *host_ui = ubifs_inode(host);
396 struct ubifs_dent_node *xent, *pxent = NULL; 426 struct ubifs_dent_node *xent, *pxent = NULL;
397 int err, len, written = 0; 427 int err, len, written = 0;
398 struct qstr nm = { .name = NULL }; 428 struct fscrypt_name nm = {0};
399 429
400 dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino, 430 dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
401 dentry, size); 431 dentry, size);
@@ -419,15 +449,12 @@ ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
419 break; 449 break;
420 } 450 }
421 451
422 nm.name = xent->name; 452 fname_name(&nm) = xent->name;
423 nm.len = le16_to_cpu(xent->nlen); 453 fname_len(&nm) = le16_to_cpu(xent->nlen);
424 454
425 /* Show trusted namespace only for "power" users */ 455 if (xattr_visible(xent->name)) {
426 if (strncmp(xent->name, XATTR_TRUSTED_PREFIX, 456 memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1);
427 XATTR_TRUSTED_PREFIX_LEN) || 457 written += fname_len(&nm) + 1;
428 capable(CAP_SYS_ADMIN)) {
429 memcpy(buffer + written, nm.name, nm.len + 1);
430 written += nm.len + 1;
431 } 458 }
432 459
433 kfree(pxent); 460 kfree(pxent);
@@ -446,7 +473,7 @@ ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
446} 473}
447 474
448static int remove_xattr(struct ubifs_info *c, struct inode *host, 475static int remove_xattr(struct ubifs_info *c, struct inode *host,
449 struct inode *inode, const struct qstr *nm) 476 struct inode *inode, const struct fscrypt_name *nm)
450{ 477{
451 int err; 478 int err;
452 struct ubifs_inode *host_ui = ubifs_inode(host); 479 struct ubifs_inode *host_ui = ubifs_inode(host);
@@ -463,9 +490,9 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host,
463 mutex_lock(&host_ui->ui_mutex); 490 mutex_lock(&host_ui->ui_mutex);
464 host->i_ctime = ubifs_current_time(host); 491 host->i_ctime = ubifs_current_time(host);
465 host_ui->xattr_cnt -= 1; 492 host_ui->xattr_cnt -= 1;
466 host_ui->xattr_size -= CALC_DENT_SIZE(nm->len); 493 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
467 host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len); 494 host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len);
468 host_ui->xattr_names -= nm->len; 495 host_ui->xattr_names -= fname_len(nm);
469 496
470 err = ubifs_jnl_delete_xattr(c, host, inode, nm); 497 err = ubifs_jnl_delete_xattr(c, host, inode, nm);
471 if (err) 498 if (err)
@@ -477,27 +504,27 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host,
477 504
478out_cancel: 505out_cancel:
479 host_ui->xattr_cnt += 1; 506 host_ui->xattr_cnt += 1;
480 host_ui->xattr_size += CALC_DENT_SIZE(nm->len); 507 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
481 host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len); 508 host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len);
482 host_ui->xattr_names += nm->len; 509 host_ui->xattr_names += fname_len(nm);
483 mutex_unlock(&host_ui->ui_mutex); 510 mutex_unlock(&host_ui->ui_mutex);
484 ubifs_release_budget(c, &req); 511 ubifs_release_budget(c, &req);
485 make_bad_inode(inode); 512 make_bad_inode(inode);
486 return err; 513 return err;
487} 514}
488 515
489static int __ubifs_removexattr(struct inode *host, const char *name) 516static int ubifs_xattr_remove(struct inode *host, const char *name)
490{ 517{
491 struct inode *inode; 518 struct inode *inode;
492 struct ubifs_info *c = host->i_sb->s_fs_info; 519 struct ubifs_info *c = host->i_sb->s_fs_info;
493 struct qstr nm = QSTR_INIT(name, strlen(name)); 520 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
494 struct ubifs_dent_node *xent; 521 struct ubifs_dent_node *xent;
495 union ubifs_key key; 522 union ubifs_key key;
496 int err; 523 int err;
497 524
498 ubifs_assert(inode_is_locked(host)); 525 ubifs_assert(inode_is_locked(host));
499 526
500 if (nm.len > UBIFS_MAX_NLEN) 527 if (fname_len(&nm) > UBIFS_MAX_NLEN)
501 return -ENAMETOOLONG; 528 return -ENAMETOOLONG;
502 529
503 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS); 530 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
@@ -548,7 +575,8 @@ static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
548 } 575 }
549 strcpy(name, XATTR_SECURITY_PREFIX); 576 strcpy(name, XATTR_SECURITY_PREFIX);
550 strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name); 577 strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
551 err = __ubifs_setxattr(inode, name, xattr->value, xattr->value_len, 0); 578 err = ubifs_xattr_set(inode, name, xattr->value,
579 xattr->value_len, 0);
552 kfree(name); 580 kfree(name);
553 if (err < 0) 581 if (err < 0)
554 break; 582 break;
@@ -572,7 +600,7 @@ int ubifs_init_security(struct inode *dentry, struct inode *inode,
572 return err; 600 return err;
573} 601}
574 602
575static int ubifs_xattr_get(const struct xattr_handler *handler, 603static int xattr_get(const struct xattr_handler *handler,
576 struct dentry *dentry, struct inode *inode, 604 struct dentry *dentry, struct inode *inode,
577 const char *name, void *buffer, size_t size) 605 const char *name, void *buffer, size_t size)
578{ 606{
@@ -580,10 +608,10 @@ static int ubifs_xattr_get(const struct xattr_handler *handler,
580 inode->i_ino, dentry, size); 608 inode->i_ino, dentry, size);
581 609
582 name = xattr_full_name(handler, name); 610 name = xattr_full_name(handler, name);
583 return __ubifs_getxattr(inode, name, buffer, size); 611 return ubifs_xattr_get(inode, name, buffer, size);
584} 612}
585 613
586static int ubifs_xattr_set(const struct xattr_handler *handler, 614static int xattr_set(const struct xattr_handler *handler,
587 struct dentry *dentry, struct inode *inode, 615 struct dentry *dentry, struct inode *inode,
588 const char *name, const void *value, 616 const char *name, const void *value,
589 size_t size, int flags) 617 size_t size, int flags)
@@ -594,27 +622,27 @@ static int ubifs_xattr_set(const struct xattr_handler *handler,
594 name = xattr_full_name(handler, name); 622 name = xattr_full_name(handler, name);
595 623
596 if (value) 624 if (value)
597 return __ubifs_setxattr(inode, name, value, size, flags); 625 return ubifs_xattr_set(inode, name, value, size, flags);
598 else 626 else
599 return __ubifs_removexattr(inode, name); 627 return ubifs_xattr_remove(inode, name);
600} 628}
601 629
602static const struct xattr_handler ubifs_user_xattr_handler = { 630static const struct xattr_handler ubifs_user_xattr_handler = {
603 .prefix = XATTR_USER_PREFIX, 631 .prefix = XATTR_USER_PREFIX,
604 .get = ubifs_xattr_get, 632 .get = xattr_get,
605 .set = ubifs_xattr_set, 633 .set = xattr_set,
606}; 634};
607 635
608static const struct xattr_handler ubifs_trusted_xattr_handler = { 636static const struct xattr_handler ubifs_trusted_xattr_handler = {
609 .prefix = XATTR_TRUSTED_PREFIX, 637 .prefix = XATTR_TRUSTED_PREFIX,
610 .get = ubifs_xattr_get, 638 .get = xattr_get,
611 .set = ubifs_xattr_set, 639 .set = xattr_set,
612}; 640};
613 641
614static const struct xattr_handler ubifs_security_xattr_handler = { 642static const struct xattr_handler ubifs_security_xattr_handler = {
615 .prefix = XATTR_SECURITY_PREFIX, 643 .prefix = XATTR_SECURITY_PREFIX,
616 .get = ubifs_xattr_get, 644 .get = xattr_get,
617 .set = ubifs_xattr_set, 645 .set = xattr_set,
618}; 646};
619 647
620const struct xattr_handler *ubifs_xattr_handlers[] = { 648const struct xattr_handler *ubifs_xattr_handlers[] = {
generated by cgit v1.2.2 (git 2.25.0) at 2025-08-23 15:27:46 -0400