mirror of
https://github.com/torvalds/linux.git
synced 2024-11-22 12:11:40 +00:00
fscrypt: rename fscrypt_info => fscrypt_inode_info
We are going to track per-extent information, so it'll be necessary to distinguish between inode infos and extent infos. Rename fscrypt_info to fscrypt_inode_info, adjusting any lines that now exceed 80 characters. Signed-off-by: Josef Bacik <josef@toxicpanda.com> [ebiggers: rebased onto fscrypt tree, renamed fscrypt_get_info(), adjusted two comments, and fixed some lines over 80 characters] Link: https://lore.kernel.org/r/20231005025757.33521-1-ebiggers@kernel.org Reviewed-by: Neal Gompa <neal@gompa.dev> Signed-off-by: Eric Biggers <ebiggers@google.com>
This commit is contained in:
parent
5b11888471
commit
3e7807d5a7
@ -111,7 +111,7 @@ out:
|
||||
int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
|
||||
sector_t pblk, unsigned int len)
|
||||
{
|
||||
const struct fscrypt_info *ci = inode->i_crypt_info;
|
||||
const struct fscrypt_inode_info *ci = inode->i_crypt_info;
|
||||
const unsigned int du_bits = ci->ci_data_unit_bits;
|
||||
const unsigned int du_size = 1U << du_bits;
|
||||
const unsigned int du_per_page_bits = PAGE_SHIFT - du_bits;
|
||||
|
@ -39,7 +39,7 @@ static mempool_t *fscrypt_bounce_page_pool = NULL;
|
||||
static struct workqueue_struct *fscrypt_read_workqueue;
|
||||
static DEFINE_MUTEX(fscrypt_init_mutex);
|
||||
|
||||
struct kmem_cache *fscrypt_info_cachep;
|
||||
struct kmem_cache *fscrypt_inode_info_cachep;
|
||||
|
||||
void fscrypt_enqueue_decrypt_work(struct work_struct *work)
|
||||
{
|
||||
@ -85,7 +85,7 @@ EXPORT_SYMBOL(fscrypt_free_bounce_page);
|
||||
* simply contain the data unit index (e.g., IV_INO_LBLK_32).
|
||||
*/
|
||||
void fscrypt_generate_iv(union fscrypt_iv *iv, u64 index,
|
||||
const struct fscrypt_info *ci)
|
||||
const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
u8 flags = fscrypt_policy_flags(&ci->ci_policy);
|
||||
|
||||
@ -105,7 +105,7 @@ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 index,
|
||||
}
|
||||
|
||||
/* Encrypt or decrypt a single "data unit" of file contents. */
|
||||
int fscrypt_crypt_data_unit(const struct fscrypt_info *ci,
|
||||
int fscrypt_crypt_data_unit(const struct fscrypt_inode_info *ci,
|
||||
fscrypt_direction_t rw, u64 index,
|
||||
struct page *src_page, struct page *dest_page,
|
||||
unsigned int len, unsigned int offs,
|
||||
@ -184,7 +184,7 @@ struct page *fscrypt_encrypt_pagecache_blocks(struct page *page,
|
||||
|
||||
{
|
||||
const struct inode *inode = page->mapping->host;
|
||||
const struct fscrypt_info *ci = inode->i_crypt_info;
|
||||
const struct fscrypt_inode_info *ci = inode->i_crypt_info;
|
||||
const unsigned int du_bits = ci->ci_data_unit_bits;
|
||||
const unsigned int du_size = 1U << du_bits;
|
||||
struct page *ciphertext_page;
|
||||
@ -267,7 +267,7 @@ int fscrypt_decrypt_pagecache_blocks(struct folio *folio, size_t len,
|
||||
size_t offs)
|
||||
{
|
||||
const struct inode *inode = folio->mapping->host;
|
||||
const struct fscrypt_info *ci = inode->i_crypt_info;
|
||||
const struct fscrypt_inode_info *ci = inode->i_crypt_info;
|
||||
const unsigned int du_bits = ci->ci_data_unit_bits;
|
||||
const unsigned int du_size = 1U << du_bits;
|
||||
u64 index = ((u64)folio->index << (PAGE_SHIFT - du_bits)) +
|
||||
@ -409,18 +409,19 @@ static int __init fscrypt_init(void)
|
||||
if (!fscrypt_read_workqueue)
|
||||
goto fail;
|
||||
|
||||
fscrypt_info_cachep = KMEM_CACHE(fscrypt_info, SLAB_RECLAIM_ACCOUNT);
|
||||
if (!fscrypt_info_cachep)
|
||||
fscrypt_inode_info_cachep = KMEM_CACHE(fscrypt_inode_info,
|
||||
SLAB_RECLAIM_ACCOUNT);
|
||||
if (!fscrypt_inode_info_cachep)
|
||||
goto fail_free_queue;
|
||||
|
||||
err = fscrypt_init_keyring();
|
||||
if (err)
|
||||
goto fail_free_info;
|
||||
goto fail_free_inode_info;
|
||||
|
||||
return 0;
|
||||
|
||||
fail_free_info:
|
||||
kmem_cache_destroy(fscrypt_info_cachep);
|
||||
fail_free_inode_info:
|
||||
kmem_cache_destroy(fscrypt_inode_info_cachep);
|
||||
fail_free_queue:
|
||||
destroy_workqueue(fscrypt_read_workqueue);
|
||||
fail:
|
||||
|
@ -100,7 +100,7 @@ int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *iname,
|
||||
{
|
||||
struct skcipher_request *req = NULL;
|
||||
DECLARE_CRYPTO_WAIT(wait);
|
||||
const struct fscrypt_info *ci = inode->i_crypt_info;
|
||||
const struct fscrypt_inode_info *ci = inode->i_crypt_info;
|
||||
struct crypto_skcipher *tfm = ci->ci_enc_key.tfm;
|
||||
union fscrypt_iv iv;
|
||||
struct scatterlist sg;
|
||||
@ -157,7 +157,7 @@ static int fname_decrypt(const struct inode *inode,
|
||||
struct skcipher_request *req = NULL;
|
||||
DECLARE_CRYPTO_WAIT(wait);
|
||||
struct scatterlist src_sg, dst_sg;
|
||||
const struct fscrypt_info *ci = inode->i_crypt_info;
|
||||
const struct fscrypt_inode_info *ci = inode->i_crypt_info;
|
||||
struct crypto_skcipher *tfm = ci->ci_enc_key.tfm;
|
||||
union fscrypt_iv iv;
|
||||
int res;
|
||||
@ -568,7 +568,7 @@ EXPORT_SYMBOL_GPL(fscrypt_match_name);
|
||||
*/
|
||||
u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name)
|
||||
{
|
||||
const struct fscrypt_info *ci = dir->i_crypt_info;
|
||||
const struct fscrypt_inode_info *ci = dir->i_crypt_info;
|
||||
|
||||
WARN_ON_ONCE(!ci->ci_dirhash_key_initialized);
|
||||
|
||||
|
@ -210,18 +210,18 @@ struct fscrypt_prepared_key {
|
||||
};
|
||||
|
||||
/*
|
||||
* fscrypt_info - the "encryption key" for an inode
|
||||
* fscrypt_inode_info - the "encryption key" for an inode
|
||||
*
|
||||
* When an encrypted file's key is made available, an instance of this struct is
|
||||
* allocated and stored in ->i_crypt_info. Once created, it remains until the
|
||||
* inode is evicted.
|
||||
*/
|
||||
struct fscrypt_info {
|
||||
struct fscrypt_inode_info {
|
||||
|
||||
/* The key in a form prepared for actual encryption/decryption */
|
||||
struct fscrypt_prepared_key ci_enc_key;
|
||||
|
||||
/* True if ci_enc_key should be freed when this fscrypt_info is freed */
|
||||
/* True if ci_enc_key should be freed when this struct is freed */
|
||||
bool ci_owns_key;
|
||||
|
||||
#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT
|
||||
@ -294,9 +294,9 @@ typedef enum {
|
||||
} fscrypt_direction_t;
|
||||
|
||||
/* crypto.c */
|
||||
extern struct kmem_cache *fscrypt_info_cachep;
|
||||
extern struct kmem_cache *fscrypt_inode_info_cachep;
|
||||
int fscrypt_initialize(struct super_block *sb);
|
||||
int fscrypt_crypt_data_unit(const struct fscrypt_info *ci,
|
||||
int fscrypt_crypt_data_unit(const struct fscrypt_inode_info *ci,
|
||||
fscrypt_direction_t rw, u64 index,
|
||||
struct page *src_page, struct page *dest_page,
|
||||
unsigned int len, unsigned int offs,
|
||||
@ -326,7 +326,7 @@ union fscrypt_iv {
|
||||
};
|
||||
|
||||
void fscrypt_generate_iv(union fscrypt_iv *iv, u64 index,
|
||||
const struct fscrypt_info *ci);
|
||||
const struct fscrypt_inode_info *ci);
|
||||
|
||||
/*
|
||||
* Return the number of bits used by the maximum file data unit index that is
|
||||
@ -374,17 +374,17 @@ void fscrypt_destroy_hkdf(struct fscrypt_hkdf *hkdf);
|
||||
|
||||
/* inline_crypt.c */
|
||||
#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT
|
||||
int fscrypt_select_encryption_impl(struct fscrypt_info *ci);
|
||||
int fscrypt_select_encryption_impl(struct fscrypt_inode_info *ci);
|
||||
|
||||
static inline bool
|
||||
fscrypt_using_inline_encryption(const struct fscrypt_info *ci)
|
||||
fscrypt_using_inline_encryption(const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
return ci->ci_inlinecrypt;
|
||||
}
|
||||
|
||||
int fscrypt_prepare_inline_crypt_key(struct fscrypt_prepared_key *prep_key,
|
||||
const u8 *raw_key,
|
||||
const struct fscrypt_info *ci);
|
||||
const struct fscrypt_inode_info *ci);
|
||||
|
||||
void fscrypt_destroy_inline_crypt_key(struct super_block *sb,
|
||||
struct fscrypt_prepared_key *prep_key);
|
||||
@ -395,7 +395,7 @@ void fscrypt_destroy_inline_crypt_key(struct super_block *sb,
|
||||
*/
|
||||
static inline bool
|
||||
fscrypt_is_key_prepared(struct fscrypt_prepared_key *prep_key,
|
||||
const struct fscrypt_info *ci)
|
||||
const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
/*
|
||||
* The two smp_load_acquire()'s here pair with the smp_store_release()'s
|
||||
@ -412,13 +412,13 @@ fscrypt_is_key_prepared(struct fscrypt_prepared_key *prep_key,
|
||||
|
||||
#else /* CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
|
||||
|
||||
static inline int fscrypt_select_encryption_impl(struct fscrypt_info *ci)
|
||||
static inline int fscrypt_select_encryption_impl(struct fscrypt_inode_info *ci)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline bool
|
||||
fscrypt_using_inline_encryption(const struct fscrypt_info *ci)
|
||||
fscrypt_using_inline_encryption(const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
@ -426,7 +426,7 @@ fscrypt_using_inline_encryption(const struct fscrypt_info *ci)
|
||||
static inline int
|
||||
fscrypt_prepare_inline_crypt_key(struct fscrypt_prepared_key *prep_key,
|
||||
const u8 *raw_key,
|
||||
const struct fscrypt_info *ci)
|
||||
const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
WARN_ON_ONCE(1);
|
||||
return -EOPNOTSUPP;
|
||||
@ -440,7 +440,7 @@ fscrypt_destroy_inline_crypt_key(struct super_block *sb,
|
||||
|
||||
static inline bool
|
||||
fscrypt_is_key_prepared(struct fscrypt_prepared_key *prep_key,
|
||||
const struct fscrypt_info *ci)
|
||||
const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
return smp_load_acquire(&prep_key->tfm) != NULL;
|
||||
}
|
||||
@ -640,17 +640,18 @@ struct fscrypt_mode {
|
||||
extern struct fscrypt_mode fscrypt_modes[];
|
||||
|
||||
int fscrypt_prepare_key(struct fscrypt_prepared_key *prep_key,
|
||||
const u8 *raw_key, const struct fscrypt_info *ci);
|
||||
const u8 *raw_key, const struct fscrypt_inode_info *ci);
|
||||
|
||||
void fscrypt_destroy_prepared_key(struct super_block *sb,
|
||||
struct fscrypt_prepared_key *prep_key);
|
||||
|
||||
int fscrypt_set_per_file_enc_key(struct fscrypt_info *ci, const u8 *raw_key);
|
||||
int fscrypt_set_per_file_enc_key(struct fscrypt_inode_info *ci,
|
||||
const u8 *raw_key);
|
||||
|
||||
int fscrypt_derive_dirhash_key(struct fscrypt_info *ci,
|
||||
int fscrypt_derive_dirhash_key(struct fscrypt_inode_info *ci,
|
||||
const struct fscrypt_master_key *mk);
|
||||
|
||||
void fscrypt_hash_inode_number(struct fscrypt_info *ci,
|
||||
void fscrypt_hash_inode_number(struct fscrypt_inode_info *ci,
|
||||
const struct fscrypt_master_key *mk);
|
||||
|
||||
int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported);
|
||||
@ -685,10 +686,11 @@ static inline int fscrypt_require_key(struct inode *inode)
|
||||
|
||||
void fscrypt_put_direct_key(struct fscrypt_direct_key *dk);
|
||||
|
||||
int fscrypt_setup_v1_file_key(struct fscrypt_info *ci,
|
||||
int fscrypt_setup_v1_file_key(struct fscrypt_inode_info *ci,
|
||||
const u8 *raw_master_key);
|
||||
|
||||
int fscrypt_setup_v1_file_key_via_subscribed_keyrings(struct fscrypt_info *ci);
|
||||
int fscrypt_setup_v1_file_key_via_subscribed_keyrings(
|
||||
struct fscrypt_inode_info *ci);
|
||||
|
||||
/* policy.c */
|
||||
|
||||
|
@ -169,7 +169,7 @@ EXPORT_SYMBOL_GPL(__fscrypt_prepare_setattr);
|
||||
int fscrypt_prepare_setflags(struct inode *inode,
|
||||
unsigned int oldflags, unsigned int flags)
|
||||
{
|
||||
struct fscrypt_info *ci;
|
||||
struct fscrypt_inode_info *ci;
|
||||
struct fscrypt_master_key *mk;
|
||||
int err;
|
||||
|
||||
|
@ -39,7 +39,7 @@ static struct block_device **fscrypt_get_devices(struct super_block *sb,
|
||||
return devs;
|
||||
}
|
||||
|
||||
static unsigned int fscrypt_get_dun_bytes(const struct fscrypt_info *ci)
|
||||
static unsigned int fscrypt_get_dun_bytes(const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
const struct super_block *sb = ci->ci_inode->i_sb;
|
||||
unsigned int flags = fscrypt_policy_flags(&ci->ci_policy);
|
||||
@ -89,7 +89,7 @@ static void fscrypt_log_blk_crypto_impl(struct fscrypt_mode *mode,
|
||||
}
|
||||
|
||||
/* Enable inline encryption for this file if supported. */
|
||||
int fscrypt_select_encryption_impl(struct fscrypt_info *ci)
|
||||
int fscrypt_select_encryption_impl(struct fscrypt_inode_info *ci)
|
||||
{
|
||||
const struct inode *inode = ci->ci_inode;
|
||||
struct super_block *sb = inode->i_sb;
|
||||
@ -151,7 +151,7 @@ out_free_devs:
|
||||
|
||||
int fscrypt_prepare_inline_crypt_key(struct fscrypt_prepared_key *prep_key,
|
||||
const u8 *raw_key,
|
||||
const struct fscrypt_info *ci)
|
||||
const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
const struct inode *inode = ci->ci_inode;
|
||||
struct super_block *sb = inode->i_sb;
|
||||
@ -232,7 +232,8 @@ bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode)
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(__fscrypt_inode_uses_inline_crypto);
|
||||
|
||||
static void fscrypt_generate_dun(const struct fscrypt_info *ci, u64 lblk_num,
|
||||
static void fscrypt_generate_dun(const struct fscrypt_inode_info *ci,
|
||||
u64 lblk_num,
|
||||
u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE])
|
||||
{
|
||||
u64 index = lblk_num << ci->ci_data_units_per_block_bits;
|
||||
@ -266,7 +267,7 @@ static void fscrypt_generate_dun(const struct fscrypt_info *ci, u64 lblk_num,
|
||||
void fscrypt_set_bio_crypt_ctx(struct bio *bio, const struct inode *inode,
|
||||
u64 first_lblk, gfp_t gfp_mask)
|
||||
{
|
||||
const struct fscrypt_info *ci;
|
||||
const struct fscrypt_inode_info *ci;
|
||||
u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE];
|
||||
|
||||
if (!fscrypt_inode_uses_inline_crypto(inode))
|
||||
@ -457,7 +458,7 @@ EXPORT_SYMBOL_GPL(fscrypt_dio_supported);
|
||||
*/
|
||||
u64 fscrypt_limit_io_blocks(const struct inode *inode, u64 lblk, u64 nr_blocks)
|
||||
{
|
||||
const struct fscrypt_info *ci;
|
||||
const struct fscrypt_inode_info *ci;
|
||||
u32 dun;
|
||||
|
||||
if (!fscrypt_inode_uses_inline_crypto(inode))
|
||||
|
@ -867,7 +867,7 @@ static void shrink_dcache_inode(struct inode *inode)
|
||||
|
||||
static void evict_dentries_for_decrypted_inodes(struct fscrypt_master_key *mk)
|
||||
{
|
||||
struct fscrypt_info *ci;
|
||||
struct fscrypt_inode_info *ci;
|
||||
struct inode *inode;
|
||||
struct inode *toput_inode = NULL;
|
||||
|
||||
@ -917,7 +917,7 @@ static int check_for_busy_inodes(struct super_block *sb,
|
||||
/* select an example file to show for debugging purposes */
|
||||
struct inode *inode =
|
||||
list_first_entry(&mk->mk_decrypted_inodes,
|
||||
struct fscrypt_info,
|
||||
struct fscrypt_inode_info,
|
||||
ci_master_key_link)->ci_inode;
|
||||
ino = inode->i_ino;
|
||||
}
|
||||
|
@ -148,7 +148,7 @@ err_free_tfm:
|
||||
* and IV generation method (@ci->ci_policy.flags).
|
||||
*/
|
||||
int fscrypt_prepare_key(struct fscrypt_prepared_key *prep_key,
|
||||
const u8 *raw_key, const struct fscrypt_info *ci)
|
||||
const u8 *raw_key, const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
struct crypto_skcipher *tfm;
|
||||
|
||||
@ -178,13 +178,14 @@ void fscrypt_destroy_prepared_key(struct super_block *sb,
|
||||
}
|
||||
|
||||
/* Given a per-file encryption key, set up the file's crypto transform object */
|
||||
int fscrypt_set_per_file_enc_key(struct fscrypt_info *ci, const u8 *raw_key)
|
||||
int fscrypt_set_per_file_enc_key(struct fscrypt_inode_info *ci,
|
||||
const u8 *raw_key)
|
||||
{
|
||||
ci->ci_owns_key = true;
|
||||
return fscrypt_prepare_key(&ci->ci_enc_key, raw_key, ci);
|
||||
}
|
||||
|
||||
static int setup_per_mode_enc_key(struct fscrypt_info *ci,
|
||||
static int setup_per_mode_enc_key(struct fscrypt_inode_info *ci,
|
||||
struct fscrypt_master_key *mk,
|
||||
struct fscrypt_prepared_key *keys,
|
||||
u8 hkdf_context, bool include_fs_uuid)
|
||||
@ -265,7 +266,7 @@ static int fscrypt_derive_siphash_key(const struct fscrypt_master_key *mk,
|
||||
return 0;
|
||||
}
|
||||
|
||||
int fscrypt_derive_dirhash_key(struct fscrypt_info *ci,
|
||||
int fscrypt_derive_dirhash_key(struct fscrypt_inode_info *ci,
|
||||
const struct fscrypt_master_key *mk)
|
||||
{
|
||||
int err;
|
||||
@ -279,7 +280,7 @@ int fscrypt_derive_dirhash_key(struct fscrypt_info *ci,
|
||||
return 0;
|
||||
}
|
||||
|
||||
void fscrypt_hash_inode_number(struct fscrypt_info *ci,
|
||||
void fscrypt_hash_inode_number(struct fscrypt_inode_info *ci,
|
||||
const struct fscrypt_master_key *mk)
|
||||
{
|
||||
WARN_ON_ONCE(ci->ci_inode->i_ino == 0);
|
||||
@ -289,7 +290,7 @@ void fscrypt_hash_inode_number(struct fscrypt_info *ci,
|
||||
&mk->mk_ino_hash_key);
|
||||
}
|
||||
|
||||
static int fscrypt_setup_iv_ino_lblk_32_key(struct fscrypt_info *ci,
|
||||
static int fscrypt_setup_iv_ino_lblk_32_key(struct fscrypt_inode_info *ci,
|
||||
struct fscrypt_master_key *mk)
|
||||
{
|
||||
int err;
|
||||
@ -329,7 +330,7 @@ unlock:
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int fscrypt_setup_v2_file_key(struct fscrypt_info *ci,
|
||||
static int fscrypt_setup_v2_file_key(struct fscrypt_inode_info *ci,
|
||||
struct fscrypt_master_key *mk,
|
||||
bool need_dirhash_key)
|
||||
{
|
||||
@ -404,7 +405,7 @@ static int fscrypt_setup_v2_file_key(struct fscrypt_info *ci,
|
||||
* still allow 512-bit master keys if the user chooses to use them, though.)
|
||||
*/
|
||||
static bool fscrypt_valid_master_key_size(const struct fscrypt_master_key *mk,
|
||||
const struct fscrypt_info *ci)
|
||||
const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
unsigned int min_keysize;
|
||||
|
||||
@ -430,11 +431,12 @@ static bool fscrypt_valid_master_key_size(const struct fscrypt_master_key *mk,
|
||||
*
|
||||
* If the master key is found in the filesystem-level keyring, then it is
|
||||
* returned in *mk_ret with its semaphore read-locked. This is needed to ensure
|
||||
* that only one task links the fscrypt_info into ->mk_decrypted_inodes (as
|
||||
* multiple tasks may race to create an fscrypt_info for the same inode), and to
|
||||
* synchronize the master key being removed with a new inode starting to use it.
|
||||
* that only one task links the fscrypt_inode_info into ->mk_decrypted_inodes
|
||||
* (as multiple tasks may race to create an fscrypt_inode_info for the same
|
||||
* inode), and to synchronize the master key being removed with a new inode
|
||||
* starting to use it.
|
||||
*/
|
||||
static int setup_file_encryption_key(struct fscrypt_info *ci,
|
||||
static int setup_file_encryption_key(struct fscrypt_inode_info *ci,
|
||||
bool need_dirhash_key,
|
||||
struct fscrypt_master_key **mk_ret)
|
||||
{
|
||||
@ -519,7 +521,7 @@ out_release_key:
|
||||
return err;
|
||||
}
|
||||
|
||||
static void put_crypt_info(struct fscrypt_info *ci)
|
||||
static void put_crypt_info(struct fscrypt_inode_info *ci)
|
||||
{
|
||||
struct fscrypt_master_key *mk;
|
||||
|
||||
@ -546,7 +548,7 @@ static void put_crypt_info(struct fscrypt_info *ci)
|
||||
fscrypt_put_master_key_activeref(ci->ci_inode->i_sb, mk);
|
||||
}
|
||||
memzero_explicit(ci, sizeof(*ci));
|
||||
kmem_cache_free(fscrypt_info_cachep, ci);
|
||||
kmem_cache_free(fscrypt_inode_info_cachep, ci);
|
||||
}
|
||||
|
||||
static int
|
||||
@ -555,7 +557,7 @@ fscrypt_setup_encryption_info(struct inode *inode,
|
||||
const u8 nonce[FSCRYPT_FILE_NONCE_SIZE],
|
||||
bool need_dirhash_key)
|
||||
{
|
||||
struct fscrypt_info *crypt_info;
|
||||
struct fscrypt_inode_info *crypt_info;
|
||||
struct fscrypt_mode *mode;
|
||||
struct fscrypt_master_key *mk = NULL;
|
||||
int res;
|
||||
@ -564,7 +566,7 @@ fscrypt_setup_encryption_info(struct inode *inode,
|
||||
if (res)
|
||||
return res;
|
||||
|
||||
crypt_info = kmem_cache_zalloc(fscrypt_info_cachep, GFP_KERNEL);
|
||||
crypt_info = kmem_cache_zalloc(fscrypt_inode_info_cachep, GFP_KERNEL);
|
||||
if (!crypt_info)
|
||||
return -ENOMEM;
|
||||
|
||||
@ -592,8 +594,8 @@ fscrypt_setup_encryption_info(struct inode *inode,
|
||||
/*
|
||||
* For existing inodes, multiple tasks may race to set ->i_crypt_info.
|
||||
* So use cmpxchg_release(). This pairs with the smp_load_acquire() in
|
||||
* fscrypt_get_info(). I.e., here we publish ->i_crypt_info with a
|
||||
* RELEASE barrier so that other tasks can ACQUIRE it.
|
||||
* fscrypt_get_inode_info(). I.e., here we publish ->i_crypt_info with
|
||||
* a RELEASE barrier so that other tasks can ACQUIRE it.
|
||||
*/
|
||||
if (cmpxchg_release(&inode->i_crypt_info, NULL, crypt_info) == NULL) {
|
||||
/*
|
||||
@ -740,8 +742,8 @@ EXPORT_SYMBOL_GPL(fscrypt_prepare_new_inode);
|
||||
* fscrypt_put_encryption_info() - free most of an inode's fscrypt data
|
||||
* @inode: an inode being evicted
|
||||
*
|
||||
* Free the inode's fscrypt_info. Filesystems must call this when the inode is
|
||||
* being evicted. An RCU grace period need not have elapsed yet.
|
||||
* Free the inode's fscrypt_inode_info. Filesystems must call this when the
|
||||
* inode is being evicted. An RCU grace period need not have elapsed yet.
|
||||
*/
|
||||
void fscrypt_put_encryption_info(struct inode *inode)
|
||||
{
|
||||
@ -778,7 +780,7 @@ EXPORT_SYMBOL(fscrypt_free_inode);
|
||||
*/
|
||||
int fscrypt_drop_inode(struct inode *inode)
|
||||
{
|
||||
const struct fscrypt_info *ci = fscrypt_get_info(inode);
|
||||
const struct fscrypt_inode_info *ci = fscrypt_get_inode_info(inode);
|
||||
|
||||
/*
|
||||
* If ci is NULL, then the inode doesn't have an encryption key set up
|
||||
|
@ -178,7 +178,8 @@ void fscrypt_put_direct_key(struct fscrypt_direct_key *dk)
|
||||
*/
|
||||
static struct fscrypt_direct_key *
|
||||
find_or_insert_direct_key(struct fscrypt_direct_key *to_insert,
|
||||
const u8 *raw_key, const struct fscrypt_info *ci)
|
||||
const u8 *raw_key,
|
||||
const struct fscrypt_inode_info *ci)
|
||||
{
|
||||
unsigned long hash_key;
|
||||
struct fscrypt_direct_key *dk;
|
||||
@ -218,7 +219,7 @@ find_or_insert_direct_key(struct fscrypt_direct_key *to_insert,
|
||||
|
||||
/* Prepare to encrypt directly using the master key in the given mode */
|
||||
static struct fscrypt_direct_key *
|
||||
fscrypt_get_direct_key(const struct fscrypt_info *ci, const u8 *raw_key)
|
||||
fscrypt_get_direct_key(const struct fscrypt_inode_info *ci, const u8 *raw_key)
|
||||
{
|
||||
struct fscrypt_direct_key *dk;
|
||||
int err;
|
||||
@ -250,7 +251,7 @@ err_free_dk:
|
||||
}
|
||||
|
||||
/* v1 policy, DIRECT_KEY: use the master key directly */
|
||||
static int setup_v1_file_key_direct(struct fscrypt_info *ci,
|
||||
static int setup_v1_file_key_direct(struct fscrypt_inode_info *ci,
|
||||
const u8 *raw_master_key)
|
||||
{
|
||||
struct fscrypt_direct_key *dk;
|
||||
@ -264,7 +265,7 @@ static int setup_v1_file_key_direct(struct fscrypt_info *ci,
|
||||
}
|
||||
|
||||
/* v1 policy, !DIRECT_KEY: derive the file's encryption key */
|
||||
static int setup_v1_file_key_derived(struct fscrypt_info *ci,
|
||||
static int setup_v1_file_key_derived(struct fscrypt_inode_info *ci,
|
||||
const u8 *raw_master_key)
|
||||
{
|
||||
u8 *derived_key;
|
||||
@ -289,7 +290,8 @@ out:
|
||||
return err;
|
||||
}
|
||||
|
||||
int fscrypt_setup_v1_file_key(struct fscrypt_info *ci, const u8 *raw_master_key)
|
||||
int fscrypt_setup_v1_file_key(struct fscrypt_inode_info *ci,
|
||||
const u8 *raw_master_key)
|
||||
{
|
||||
if (ci->ci_policy.v1.flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY)
|
||||
return setup_v1_file_key_direct(ci, raw_master_key);
|
||||
@ -297,7 +299,8 @@ int fscrypt_setup_v1_file_key(struct fscrypt_info *ci, const u8 *raw_master_key)
|
||||
return setup_v1_file_key_derived(ci, raw_master_key);
|
||||
}
|
||||
|
||||
int fscrypt_setup_v1_file_key_via_subscribed_keyrings(struct fscrypt_info *ci)
|
||||
int
|
||||
fscrypt_setup_v1_file_key_via_subscribed_keyrings(struct fscrypt_inode_info *ci)
|
||||
{
|
||||
const struct super_block *sb = ci->ci_inode->i_sb;
|
||||
struct key *key;
|
||||
|
@ -432,11 +432,11 @@ int fscrypt_policy_from_context(union fscrypt_policy *policy_u,
|
||||
/* Retrieve an inode's encryption policy */
|
||||
static int fscrypt_get_policy(struct inode *inode, union fscrypt_policy *policy)
|
||||
{
|
||||
const struct fscrypt_info *ci;
|
||||
const struct fscrypt_inode_info *ci;
|
||||
union fscrypt_context ctx;
|
||||
int ret;
|
||||
|
||||
ci = fscrypt_get_info(inode);
|
||||
ci = fscrypt_get_inode_info(inode);
|
||||
if (ci) {
|
||||
/* key available, use the cached policy */
|
||||
*policy = ci->ci_policy;
|
||||
@ -674,7 +674,7 @@ int fscrypt_has_permitted_context(struct inode *parent, struct inode *child)
|
||||
|
||||
/*
|
||||
* Both parent and child are encrypted, so verify they use the same
|
||||
* encryption policy. Compare the fscrypt_info structs if the keys are
|
||||
* encryption policy. Compare the cached policies if the keys are
|
||||
* available, otherwise retrieve and compare the fscrypt_contexts.
|
||||
*
|
||||
* Note that the fscrypt_context retrieval will be required frequently
|
||||
@ -744,7 +744,7 @@ const union fscrypt_policy *fscrypt_policy_to_inherit(struct inode *dir)
|
||||
*/
|
||||
int fscrypt_context_for_new_inode(void *ctx, struct inode *inode)
|
||||
{
|
||||
struct fscrypt_info *ci = inode->i_crypt_info;
|
||||
struct fscrypt_inode_info *ci = inode->i_crypt_info;
|
||||
|
||||
BUILD_BUG_ON(sizeof(union fscrypt_context) !=
|
||||
FSCRYPT_SET_CONTEXT_MAX_SIZE);
|
||||
@ -769,7 +769,7 @@ EXPORT_SYMBOL_GPL(fscrypt_context_for_new_inode);
|
||||
*/
|
||||
int fscrypt_set_context(struct inode *inode, void *fs_data)
|
||||
{
|
||||
struct fscrypt_info *ci = inode->i_crypt_info;
|
||||
struct fscrypt_inode_info *ci = inode->i_crypt_info;
|
||||
union fscrypt_context ctx;
|
||||
int ctxsize;
|
||||
|
||||
|
@ -67,7 +67,7 @@ struct swap_info_struct;
|
||||
struct seq_file;
|
||||
struct workqueue_struct;
|
||||
struct iov_iter;
|
||||
struct fscrypt_info;
|
||||
struct fscrypt_inode_info;
|
||||
struct fscrypt_operations;
|
||||
struct fsverity_info;
|
||||
struct fsverity_operations;
|
||||
@ -738,7 +738,7 @@ struct inode {
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_FS_ENCRYPTION
|
||||
struct fscrypt_info *i_crypt_info;
|
||||
struct fscrypt_inode_info *i_crypt_info;
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_FS_VERITY
|
||||
|
@ -31,7 +31,7 @@
|
||||
#define FSCRYPT_CONTENTS_ALIGNMENT 16
|
||||
|
||||
union fscrypt_policy;
|
||||
struct fscrypt_info;
|
||||
struct fscrypt_inode_info;
|
||||
struct fs_parameter;
|
||||
struct seq_file;
|
||||
|
||||
@ -192,7 +192,8 @@ struct fscrypt_operations {
|
||||
unsigned int *num_devs);
|
||||
};
|
||||
|
||||
static inline struct fscrypt_info *fscrypt_get_info(const struct inode *inode)
|
||||
static inline struct fscrypt_inode_info *
|
||||
fscrypt_get_inode_info(const struct inode *inode)
|
||||
{
|
||||
/*
|
||||
* Pairs with the cmpxchg_release() in fscrypt_setup_encryption_info().
|
||||
@ -404,7 +405,8 @@ static inline void fscrypt_set_ops(struct super_block *sb,
|
||||
}
|
||||
#else /* !CONFIG_FS_ENCRYPTION */
|
||||
|
||||
static inline struct fscrypt_info *fscrypt_get_info(const struct inode *inode)
|
||||
static inline struct fscrypt_inode_info *
|
||||
fscrypt_get_inode_info(const struct inode *inode)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
@ -882,7 +884,7 @@ static inline bool fscrypt_inode_uses_fs_layer_crypto(const struct inode *inode)
|
||||
*/
|
||||
static inline bool fscrypt_has_encryption_key(const struct inode *inode)
|
||||
{
|
||||
return fscrypt_get_info(inode) != NULL;
|
||||
return fscrypt_get_inode_info(inode) != NULL;
|
||||
}
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user