Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-01 16:41:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
ac4acb1f4b
linux/fs/f2fs
History
Eric Biggers ac4acb1f4b fscrypt: handle test_dummy_encryption in more logical way 
The behavior of the test_dummy_encryption mount option is that when a
new file (or directory or symlink) is created in an unencrypted
directory, it's automatically encrypted using a dummy encryption policy.
That's it; in particular, the encryption (or lack thereof) of existing
files (or directories or symlinks) doesn't change.

Unfortunately the implementation of test_dummy_encryption is a bit weird
and confusing.  When test_dummy_encryption is enabled and a file is
being created in an unencrypted directory, we set up an encryption key
(->i_crypt_info) for the directory.  This isn't actually used to do any
encryption, however, since the directory is still unencrypted!  Instead,
->i_crypt_info is only used for inheriting the encryption policy.

One consequence of this is that the filesystem ends up providing a
"dummy context" (policy + nonce) instead of a "dummy policy".  In
commit ed318a6cc0 ("fscrypt: support test_dummy_encryption=v2"), I
mistakenly thought this was required.  However, actually the nonce only
ends up being used to derive a key that is never used.

Another consequence of this implementation is that it allows for
'inode->i_crypt_info != NULL && !IS_ENCRYPTED(inode)', which is an edge
case that can be forgotten about.  For example, currently
FS_IOC_GET_ENCRYPTION_POLICY on an unencrypted directory may return the
dummy encryption policy when the filesystem is mounted with
test_dummy_encryption.  That seems like the wrong thing to do, since
again, the directory itself is not actually encrypted.

Therefore, switch to a more logical and maintainable implementation
where the dummy encryption policy inheritance is done without setting up
keys for unencrypted directories.  This involves:

- Adding a function fscrypt_policy_to_inherit() which returns the
  encryption policy to inherit from a directory.  This can be a real
  policy, a dummy policy, or no policy.

- Replacing struct fscrypt_dummy_context, ->get_dummy_context(), etc.
  with struct fscrypt_dummy_policy, ->get_dummy_policy(), etc.

- Making fscrypt_fname_encrypted_size() take an fscrypt_policy instead
  of an inode.

Acked-by: Jaegeuk Kim <jaegeuk@kernel.org>
Acked-by: Jeff Layton <jlayton@kernel.org>
Link: https://lore.kernel.org/r/20200917041136.178600-13-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
2020-09-22 06:48:49 -07:00
..
acl.c f2fs: Replace spaces with tab 2019-05-08 21:23:11 -07:00
acl.h f2fs: Use the correct style for SPDX License Identifier 2020-05-08 06:55:55 -07:00
checkpoint.c f2fs: prepare a waiter before entering io_schedule 2020-08-03 20:54:58 -07:00
compress.c f2fs-for-5.9-rc1 2020-08-10 18:33:22 -07:00
data.c f2fs-for-5.9-rc1 2020-08-10 18:33:22 -07:00
debug.c f2fs: show more debug info for per-temperature log 2020-07-07 21:51:45 -07:00
dir.c f2fs: use fscrypt_prepare_new_inode() and fscrypt_set_context() 2020-09-22 06:48:35 -07:00
extent_cache.c f2fs: fix to wait page writeback before update 2020-07-07 21:51:45 -07:00
f2fs.h fscrypt: handle test_dummy_encryption in more logical way 2020-09-22 06:48:49 -07:00
file.c f2fs: make file immutable even if releasing zero compression block 2020-08-03 18:05:03 -07:00
gc.c f2fs: add GC_URGENT_LOW mode in gc_urgent 2020-07-07 21:51:49 -07:00
gc.h f2fs: Use the correct style for SPDX License Identifier 2020-05-08 06:55:55 -07:00
hash.c f2fs-for-5.8-rc1 2020-06-09 11:28:59 -07:00
inline.c f2fs: fix error path in do_recover_data() 2020-07-08 10:11:19 -07:00
inode.c f2fs: fix to wait page writeback before update 2020-07-07 21:51:45 -07:00
Kconfig f2fs: compress: support lzo-rle compress algorithm 2020-05-11 20:36:46 -07:00
Makefile f2fs: support data compression 2020-01-17 16:48:07 -08:00
namei.c f2fs: use fscrypt_prepare_new_inode() and fscrypt_set_context() 2020-09-22 06:48:35 -07:00
node.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
node.h f2fs: shrink spinlock coverage 2020-05-11 20:36:46 -07:00
recovery.c f2fs: fix error path in do_recover_data() 2020-07-08 10:11:19 -07:00
segment.c f2fs: update_sit_entry: Make the judgment condition of f2fs_bug_on more intuitive 2020-08-03 18:05:13 -07:00
segment.h f2fs: segment.h: delete a duplicated word 2020-07-20 15:47:38 -07:00
shrinker.c f2fs: fix inconsistent comments 2020-03-10 09:18:33 -07:00
super.c fscrypt: handle test_dummy_encryption in more logical way 2020-09-22 06:48:49 -07:00
sysfs.c f2fs: space related cleanup 2020-07-26 08:15:40 -07:00
trace.c f2fs: do not use mutex lock in atomic context 2019-03-05 19:58:06 -08:00
trace.h f2fs: Use the correct style for SPDX License Identifier 2020-05-08 06:55:55 -07:00
verity.c f2fs: use macro instead of f2fs verity version 2020-08-03 10:32:51 -07:00
xattr.c f2fs: space related cleanup 2020-07-26 08:15:40 -07:00
xattr.h f2fs: code cleanup by removing ifdef macro surrounding 2020-05-26 18:56:10 -07:00