| Message ID | 20230313123310.13040-3-lhenriques@suse.de |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp1158030wrd;
Mon, 13 Mar 2023 05:37:00 -0700 (PDT)
X-Google-Smtp-Source:
AK7set8ZKe2OW3wiGCMIiKs+jkn6RXjlyZAIJBRiR+lv6TvwGPh8kVWllkoVsVBvWGX4nSx4AbO+
X-Received: by 2002:a17:902:e748:b0:1a0:53f3:3776 with SMTP id
p8-20020a170902e74800b001a053f33776mr1865789plf.62.1678711020279;
Mon, 13 Mar 2023 05:37:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1678711020; cv=none;
d=google.com; s=arc-20160816;
b=sugy2ex0/VjatAUxYssqJanOfRu7TxkilOb+WJjoYsY+fSuDgdYJw3ql7Z7XneCDeU
MZz4rzCtz8m21Qlqsp4Qf4LumGQK1X7RkQuTWbTJgxwA066obCmyyeM1+bBto019dDce
EOh52tDrPKBq/v9/Fx96dmyDtOsxgkQqiSMqA+pj5kRaiYdNXw2BW0465NP+H3bjWUhe
XjnrVDu+5ymC+ix75MKiCkpYu8f7/hRIsWDIvvJjrldP7/8DMTOkDloJbWpWB7x8PfO5
oWQrs3lfJLxDjhedo0NGdi7vjrwkqXPMLwYMruZzmM0E4m3RlqibbK49Blt5arGNZCX+
o1Ug==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature:dkim-signature;
bh=Wi/DSEelWohyw8yWLL1NnkiRzPqUQBsHap+bfimcrtg=;
b=wI8ikS7j0JifvroKbKkg1mGID+b2nh9YJsXeX/I2k5C9bi2zCE/FrFuJyRkuQcRSh1
PSU7KENyntI7u2bAUrviOH4FU4uNF8Jcg/UFyL2737V+mggwk+Srt4fojhito/JWeUu+
YKVY917plQRciwgRRPTFqTMjVzmDxQk750Vj0TQJyOdh4LZ1EEpr3GpHY6WVBadeYjTb
isltW31epR87QOt9UtVy2BwypGLnEw9fd5JzAyQIn4DVhm8yhOcRR5ONV4SSgsrKBVEr
5ZVsGM3RS95B6Aqnze6lvF9SsERbEREiqiWhEHUdvuv/XKrDuosJSN68V/VUMOrq3H3f
xlnA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=WeshQ6Lv;
dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
la15-20020a170902fa0f00b001a059a2a864si622194plb.362.2023.03.13.05.36.44;
Mon, 13 Mar 2023 05:37:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=WeshQ6Lv;
dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S229768AbjCMMdU (ORCPT <rfc822;realc9580@gmail.com> + 99 others);
Mon, 13 Mar 2023 08:33:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58612 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229698AbjCMMdQ (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Mon, 13 Mar 2023 08:33:16 -0400
Received: from smtp-out2.suse.de (smtp-out2.suse.de
[IPv6:2001:67c:2178:6::1d])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A5D00196A1;
Mon, 13 Mar 2023 05:33:15 -0700 (PDT)
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de
[192.168.254.74])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (P-521) server-digest
SHA512)
(No client certificate requested)
by smtp-out2.suse.de (Postfix) with ESMTPS id 3F39C1FE0D;
Mon, 13 Mar 2023 12:33:14 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;
s=susede2_rsa;
t=1678710794;
h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=Wi/DSEelWohyw8yWLL1NnkiRzPqUQBsHap+bfimcrtg=;
b=WeshQ6Lv8biUxqcFdv2eExqvHx3pToKI8CsYvXqUzknHdkGj3Qoq55kMlKsxSWMMIIlCct
xAzPgAjc+CuddpxPoIL1nNx4Uut1NLIpRyhHU9NNb39F445cobArmPVfidnZ5QLVoQ9CMw
tFEHd+euX7wEShNc18ROEFAnbrMSyLQ=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;
s=susede2_ed25519; t=1678710794;
h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=Wi/DSEelWohyw8yWLL1NnkiRzPqUQBsHap+bfimcrtg=;
b=FJUMlQwRteHpzv87KQRR0kfn9YAHAMA9aGdtpc7g/wDK893ymVQKYQ+miN/qCZ5BfGarb2
oS5UYcCrPCDhgACw==
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de
[192.168.254.74])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (P-521) server-digest
SHA512)
(No client certificate requested)
by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 8CA8313582;
Mon, 13 Mar 2023 12:33:13 +0000 (UTC)
Received: from dovecot-director2.suse.de ([192.168.254.65])
by imap2.suse-dmz.suse.de with ESMTPSA
id wHpQHwkYD2RnCQAAMHmgww
(envelope-from <lhenriques@suse.de>); Mon, 13 Mar 2023 12:33:13 +0000
Received: from localhost (brahms.olymp [local])
by brahms.olymp (OpenSMTPD) with ESMTPA id 42149d88;
Mon, 13 Mar 2023 12:33:11 +0000 (UTC)
From: =?utf-8?q?Lu=C3=ADs_Henriques?= <lhenriques@suse.de>
To: Eric Biggers <ebiggers@kernel.org>, Xiubo Li <xiubli@redhat.com>,
Jeff Layton <jlayton@kernel.org>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>, Jaegeuk Kim <jaegeuk@kernel.org>,
Ilya Dryomov <idryomov@gmail.com>, linux-fscrypt@vger.kernel.org,
ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, =?utf-8?q?Lu?=
=?utf-8?q?=C3=ADs_Henriques?= <lhenriques@suse.de>
Subject: [PATCH 2/2] ceph: switch atomic open to use new fscrypt helper
Date: Mon, 13 Mar 2023 12:33:10 +0000
Message-Id: <20230313123310.13040-3-lhenriques@suse.de>
In-Reply-To: <20230313123310.13040-1-lhenriques@suse.de>
References: <20230313123310.13040-1-lhenriques@suse.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1760256086762328722?=
X-GMAIL-MSGID: =?utf-8?q?1760256086762328722?=
|
| Series |
ceph: fscrypt: fix atomic open bug for encrypted directories
|
|
Commit Message
Luis Henriques
March 13, 2023, 12:33 p.m. UTC
Switch ceph atomic open to use fscrypt_prepare_atomic_open(). This fixes
a bug where a dentry is incorrectly set with DCACHE_NOKEY_NAME when 'dir'
has been evicted but the key is still available (for example, where there's
a drop_caches).
Signed-off-by: Luís Henriques <lhenriques@suse.de>
---
fs/ceph/file.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
Comments
On Mon, Mar 13, 2023 at 12:33:10PM +0000, Luís Henriques wrote: > Switch ceph atomic open to use fscrypt_prepare_atomic_open(). This fixes > a bug where a dentry is incorrectly set with DCACHE_NOKEY_NAME when 'dir' > has been evicted but the key is still available (for example, where there's > a drop_caches). > > Signed-off-by: Luís Henriques <lhenriques@suse.de> > --- > fs/ceph/file.c | 8 +++----- > 1 file changed, 3 insertions(+), 5 deletions(-) > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c > index dee3b445f415..5ad57cc4c13b 100644 > --- a/fs/ceph/file.c > +++ b/fs/ceph/file.c > @@ -795,11 +795,9 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, > ihold(dir); > if (IS_ENCRYPTED(dir)) { > set_bit(CEPH_MDS_R_FSCRYPT_FILE, &req->r_req_flags); > - if (!fscrypt_has_encryption_key(dir)) { > - spin_lock(&dentry->d_lock); > - dentry->d_flags |= DCACHE_NOKEY_NAME; > - spin_unlock(&dentry->d_lock); > - } > + err = fscrypt_prepare_atomic_open(dir, dentry); > + if (err) > + goto out_req; Note that this patch does not apply to upstream or even to linux-next. I'd be glad to take patch 1 through the fscrypt tree for 6.4. But I'm wondering what the current plans are for getting ceph's fscrypt support upstream? - Eric
Eric Biggers <ebiggers@kernel.org> writes: > On Mon, Mar 13, 2023 at 12:33:10PM +0000, Luís Henriques wrote: >> Switch ceph atomic open to use fscrypt_prepare_atomic_open(). This fixes >> a bug where a dentry is incorrectly set with DCACHE_NOKEY_NAME when 'dir' >> has been evicted but the key is still available (for example, where there's >> a drop_caches). >> >> Signed-off-by: Luís Henriques <lhenriques@suse.de> >> --- >> fs/ceph/file.c | 8 +++----- >> 1 file changed, 3 insertions(+), 5 deletions(-) >> >> diff --git a/fs/ceph/file.c b/fs/ceph/file.c >> index dee3b445f415..5ad57cc4c13b 100644 >> --- a/fs/ceph/file.c >> +++ b/fs/ceph/file.c >> @@ -795,11 +795,9 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, >> ihold(dir); >> if (IS_ENCRYPTED(dir)) { >> set_bit(CEPH_MDS_R_FSCRYPT_FILE, &req->r_req_flags); >> - if (!fscrypt_has_encryption_key(dir)) { >> - spin_lock(&dentry->d_lock); >> - dentry->d_flags |= DCACHE_NOKEY_NAME; >> - spin_unlock(&dentry->d_lock); >> - } >> + err = fscrypt_prepare_atomic_open(dir, dentry); >> + if (err) >> + goto out_req; > > Note that this patch does not apply to upstream or even to linux-next. True, I should have mentioned that in the cover-letter. This patch should be applied against the 'testing' branch in https://github.com/ceph/ceph-client, which is where the ceph fscrypt currently lives. > I'd be glad to take patch 1 through the fscrypt tree for 6.4. But I'm wondering > what the current plans are for getting ceph's fscrypt support upstream? As far as I know, the current plan is to try to merge the ceph code during the next merge window for 6.4 (but Xiubo and Ilya may correct me if I'm wrong). Also, regarding who picks which patch, I'm fine with you picking the first one. But I'll let the ceph maintainers say what they think, because it may be easier for them to keep both patches together due to the testing infrastructure being used. Anyway, I'll send out a new rev tomorrow taking your comments into account. Thanks, Eric! Cheers,
On 14/03/2023 02:42, Luís Henriques wrote: > Eric Biggers <ebiggers@kernel.org> writes: > >> On Mon, Mar 13, 2023 at 12:33:10PM +0000, Luís Henriques wrote: >>> Switch ceph atomic open to use fscrypt_prepare_atomic_open(). This fixes >>> a bug where a dentry is incorrectly set with DCACHE_NOKEY_NAME when 'dir' >>> has been evicted but the key is still available (for example, where there's >>> a drop_caches). >>> >>> Signed-off-by: Luís Henriques <lhenriques@suse.de> >>> --- >>> fs/ceph/file.c | 8 +++----- >>> 1 file changed, 3 insertions(+), 5 deletions(-) >>> >>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c >>> index dee3b445f415..5ad57cc4c13b 100644 >>> --- a/fs/ceph/file.c >>> +++ b/fs/ceph/file.c >>> @@ -795,11 +795,9 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, >>> ihold(dir); >>> if (IS_ENCRYPTED(dir)) { >>> set_bit(CEPH_MDS_R_FSCRYPT_FILE, &req->r_req_flags); >>> - if (!fscrypt_has_encryption_key(dir)) { >>> - spin_lock(&dentry->d_lock); >>> - dentry->d_flags |= DCACHE_NOKEY_NAME; >>> - spin_unlock(&dentry->d_lock); >>> - } >>> + err = fscrypt_prepare_atomic_open(dir, dentry); >>> + if (err) >>> + goto out_req; >> Note that this patch does not apply to upstream or even to linux-next. > True, I should have mentioned that in the cover-letter. This patch should > be applied against the 'testing' branch in https://github.com/ceph/ceph-client, > which is where the ceph fscrypt currently lives. > >> I'd be glad to take patch 1 through the fscrypt tree for 6.4. But I'm wondering >> what the current plans are for getting ceph's fscrypt support upstream? > As far as I know, the current plan is to try to merge the ceph code during > the next merge window for 6.4 (but Xiubo and Ilya may correct me if I'm > wrong). Also, regarding who picks which patch, I'm fine with you picking > the first one. But I'll let the ceph maintainers say what they think, > because it may be easier for them to keep both patches together due to the > testing infrastructure being used. > > Anyway, I'll send out a new rev tomorrow taking your comments into > account. Thanks, Eric! Eric, Luis, It will be fine if Eric could merge patch 1 into the fscrypt tree. Then I will merge the patch 1 into the ceph-client's testing by tagging as [DO NOT MERGE] to run our tests. And locally we are still running the test, and there have several fixes followed and need more time to review. Thanks - Xiubo > Cheers,
Xiubo Li <xiubli@redhat.com> writes: > On 14/03/2023 02:42, Luís Henriques wrote: >> Eric Biggers <ebiggers@kernel.org> writes: >> >>> On Mon, Mar 13, 2023 at 12:33:10PM +0000, Luís Henriques wrote: >>>> Switch ceph atomic open to use fscrypt_prepare_atomic_open(). This fixes >>>> a bug where a dentry is incorrectly set with DCACHE_NOKEY_NAME when 'dir' >>>> has been evicted but the key is still available (for example, where there's >>>> a drop_caches). >>>> >>>> Signed-off-by: Luís Henriques <lhenriques@suse.de> >>>> --- >>>> fs/ceph/file.c | 8 +++----- >>>> 1 file changed, 3 insertions(+), 5 deletions(-) >>>> >>>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c >>>> index dee3b445f415..5ad57cc4c13b 100644 >>>> --- a/fs/ceph/file.c >>>> +++ b/fs/ceph/file.c >>>> @@ -795,11 +795,9 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, >>>> ihold(dir); >>>> if (IS_ENCRYPTED(dir)) { >>>> set_bit(CEPH_MDS_R_FSCRYPT_FILE, &req->r_req_flags); >>>> - if (!fscrypt_has_encryption_key(dir)) { >>>> - spin_lock(&dentry->d_lock); >>>> - dentry->d_flags |= DCACHE_NOKEY_NAME; >>>> - spin_unlock(&dentry->d_lock); >>>> - } >>>> + err = fscrypt_prepare_atomic_open(dir, dentry); >>>> + if (err) >>>> + goto out_req; >>> Note that this patch does not apply to upstream or even to linux-next. >> True, I should have mentioned that in the cover-letter. This patch should >> be applied against the 'testing' branch in https://github.com/ceph/ceph-client, >> which is where the ceph fscrypt currently lives. >> >>> I'd be glad to take patch 1 through the fscrypt tree for 6.4. But I'm wondering >>> what the current plans are for getting ceph's fscrypt support upstream? >> As far as I know, the current plan is to try to merge the ceph code during >> the next merge window for 6.4 (but Xiubo and Ilya may correct me if I'm >> wrong). Also, regarding who picks which patch, I'm fine with you picking >> the first one. But I'll let the ceph maintainers say what they think, >> because it may be easier for them to keep both patches together due to the >> testing infrastructure being used. >> >> Anyway, I'll send out a new rev tomorrow taking your comments into >> account. Thanks, Eric! > > Eric, Luis, > > It will be fine if Eric could merge patch 1 into the fscrypt tree. Then I will > merge the patch 1 into the ceph-client's testing by tagging as [DO NOT MERGE] to > run our tests. Awesome, so Eric can pick the first patch. Thanks. Cheers,
diff --git a/fs/ceph/file.c b/fs/ceph/file.c index dee3b445f415..5ad57cc4c13b 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -795,11 +795,9 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, ihold(dir); if (IS_ENCRYPTED(dir)) { set_bit(CEPH_MDS_R_FSCRYPT_FILE, &req->r_req_flags); - if (!fscrypt_has_encryption_key(dir)) { - spin_lock(&dentry->d_lock); - dentry->d_flags |= DCACHE_NOKEY_NAME; - spin_unlock(&dentry->d_lock); - } + err = fscrypt_prepare_atomic_open(dir, dentry); + if (err) + goto out_req; } if (flags & O_CREAT) {