2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-23 04:34:11 +08:00

fscrypt: introduce fscrypt_prepare_readdir()

The last remaining use of fscrypt_get_encryption_info() from filesystems
is for readdir (->iterate_shared()).  Every other call is now in
fs/crypto/ as part of some other higher-level operation.

We need to add a new argument to fscrypt_get_encryption_info() to
indicate whether the encryption policy is allowed to be unrecognized or
not.  Doing this is easier if we can work with high-level operations
rather than direct filesystem use of fscrypt_get_encryption_info().

So add a function fscrypt_prepare_readdir() which wraps the call to
fscrypt_get_encryption_info() for the readdir use case.

Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20201203022041.230976-6-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
This commit is contained in:
Eric Biggers 2020-12-02 18:20:37 -08:00
parent 91d0d89241
commit ec0caa974c
6 changed files with 36 additions and 8 deletions
fs
include/linux

View File

@ -114,6 +114,12 @@ int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
}
EXPORT_SYMBOL_GPL(__fscrypt_prepare_lookup);
int __fscrypt_prepare_readdir(struct inode *dir)
{
return fscrypt_get_encryption_info(dir);
}
EXPORT_SYMBOL_GPL(__fscrypt_prepare_readdir);
/**
* fscrypt_prepare_setflags() - prepare to change flags with FS_IOC_SETFLAGS
* @inode: the inode on which flags are being changed

View File

@ -118,11 +118,9 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
struct buffer_head *bh = NULL;
struct fscrypt_str fstr = FSTR_INIT(NULL, 0);
if (IS_ENCRYPTED(inode)) {
err = fscrypt_get_encryption_info(inode);
if (err)
return err;
}
err = fscrypt_prepare_readdir(inode);
if (err)
return err;
if (is_dx_dir(inode)) {
err = ext4_dx_readdir(file, ctx);

View File

@ -1004,7 +1004,7 @@ static int htree_dirblock_to_tree(struct file *dir_file,
EXT4_DIR_REC_LEN(0));
/* Check if the directory is encrypted */
if (IS_ENCRYPTED(dir)) {
err = fscrypt_get_encryption_info(dir);
err = fscrypt_prepare_readdir(dir);
if (err < 0) {
brelse(bh);
return err;

View File

@ -1022,7 +1022,7 @@ static int f2fs_readdir(struct file *file, struct dir_context *ctx)
int err = 0;
if (IS_ENCRYPTED(inode)) {
err = fscrypt_get_encryption_info(inode);
err = fscrypt_prepare_readdir(inode);
if (err)
goto out;

View File

@ -514,7 +514,7 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)
return 0;
if (encrypted) {
err = fscrypt_get_encryption_info(dir);
err = fscrypt_prepare_readdir(dir);
if (err)
return err;

View File

@ -242,6 +242,7 @@ int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
unsigned int flags);
int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
struct fscrypt_name *fname);
int __fscrypt_prepare_readdir(struct inode *dir);
int fscrypt_prepare_setflags(struct inode *inode,
unsigned int oldflags, unsigned int flags);
int fscrypt_prepare_symlink(struct inode *dir, const char *target,
@ -537,6 +538,11 @@ static inline int __fscrypt_prepare_lookup(struct inode *dir,
return -EOPNOTSUPP;
}
static inline int __fscrypt_prepare_readdir(struct inode *dir)
{
return -EOPNOTSUPP;
}
static inline int fscrypt_prepare_setflags(struct inode *inode,
unsigned int oldflags,
unsigned int flags)
@ -795,6 +801,24 @@ static inline int fscrypt_prepare_lookup(struct inode *dir,
return 0;
}
/**
* fscrypt_prepare_readdir() - prepare to read a possibly-encrypted directory
* @dir: the directory inode
*
* If the directory is encrypted and it doesn't already have its encryption key
* set up, try to set it up so that the filenames will be listed in plaintext
* form rather than in no-key form.
*
* Return: 0 on success; -errno on error. Note that the encryption key being
* unavailable is not considered an error.
*/
static inline int fscrypt_prepare_readdir(struct inode *dir)
{
if (IS_ENCRYPTED(dir))
return __fscrypt_prepare_readdir(dir);
return 0;
}
/**
* fscrypt_prepare_setattr() - prepare to change a possibly-encrypted inode's
* attributes