diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2024-03-12 13:17:36 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2024-03-12 13:17:36 -0700 |
commit | 3bf95d567d67f8d78d7d2c8553025eaa02e1d9c5 (patch) | |
tree | a28bfcf2889b9a49b21edc51e44a0acf7bc2beb7 /fs/crypto | |
parent | cbcb9b5bc9804c2e803f00a460c212f9a0bbdb0d (diff) | |
parent | 8c62f31eddb71c6f6878258579318c1156045247 (diff) | |
download | lwn-3bf95d567d67f8d78d7d2c8553025eaa02e1d9c5.tar.gz lwn-3bf95d567d67f8d78d7d2c8553025eaa02e1d9c5.zip |
Merge tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux
Pull fscrypt updates from Eric Biggers:
"Fix flakiness in a test by releasing the quota synchronously when a
key is removed, and other minor cleanups"
* tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux:
fscrypt: shrink the size of struct fscrypt_inode_info slightly
fscrypt: write CBC-CTS instead of CTS-CBC
fscrypt: clear keyring before calling key_put()
fscrypt: explicitly require that inode->i_blkbits be set
Diffstat (limited to 'fs/crypto')
-rw-r--r-- | fs/crypto/fscrypt_private.h | 14 | ||||
-rw-r--r-- | fs/crypto/keyring.c | 8 | ||||
-rw-r--r-- | fs/crypto/keysetup.c | 11 |
3 files changed, 21 insertions, 12 deletions
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 1892356cf924..8371e4e1f596 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -222,16 +222,19 @@ struct fscrypt_inode_info { struct fscrypt_prepared_key ci_enc_key; /* True if ci_enc_key should be freed when this struct is freed */ - bool ci_owns_key; + u8 ci_owns_key : 1; #ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT /* * True if this inode will use inline encryption (blk-crypto) instead of * the traditional filesystem-layer encryption. */ - bool ci_inlinecrypt; + u8 ci_inlinecrypt : 1; #endif + /* True if ci_dirhash_key is initialized */ + u8 ci_dirhash_key_initialized : 1; + /* * log2 of the data unit size (granularity of contents encryption) of * this file. This is computable from ci_policy and ci_inode but is @@ -242,6 +245,9 @@ struct fscrypt_inode_info { /* Cached value: log2 of number of data units per FS block */ u8 ci_data_units_per_block_bits; + /* Hashed inode number. Only set for IV_INO_LBLK_32 */ + u32 ci_hashed_ino; + /* * Encryption mode used for this inode. It corresponds to either the * contents or filenames encryption mode, depending on the inode type. @@ -276,16 +282,12 @@ struct fscrypt_inode_info { * the plaintext filenames -- currently just casefolded directories. */ siphash_key_t ci_dirhash_key; - bool ci_dirhash_key_initialized; /* The encryption policy used by this inode */ union fscrypt_policy ci_policy; /* This inode's nonce, copied from the fscrypt_context */ u8 ci_nonce[FSCRYPT_FILE_NONCE_SIZE]; - - /* Hashed inode number. Only set for IV_INO_LBLK_32 */ - u32 ci_hashed_ino; }; typedef enum { diff --git a/fs/crypto/keyring.c b/fs/crypto/keyring.c index 0edf0b58daa7..6681a71625f0 100644 --- a/fs/crypto/keyring.c +++ b/fs/crypto/keyring.c @@ -74,8 +74,12 @@ void fscrypt_put_master_key(struct fscrypt_master_key *mk) * that concurrent keyring lookups can no longer find it. */ WARN_ON_ONCE(refcount_read(&mk->mk_active_refs) != 0); - key_put(mk->mk_users); - mk->mk_users = NULL; + if (mk->mk_users) { + /* Clear the keyring so the quota gets released right away. */ + keyring_clear(mk->mk_users); + key_put(mk->mk_users); + mk->mk_users = NULL; + } call_rcu(&mk->mk_rcu_head, fscrypt_free_master_key); } diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c index d71f7c799e79..b4fe01ea4bd4 100644 --- a/fs/crypto/keysetup.c +++ b/fs/crypto/keysetup.c @@ -23,7 +23,7 @@ struct fscrypt_mode fscrypt_modes[] = { .blk_crypto_mode = BLK_ENCRYPTION_MODE_AES_256_XTS, }, [FSCRYPT_MODE_AES_256_CTS] = { - .friendly_name = "AES-256-CTS-CBC", + .friendly_name = "AES-256-CBC-CTS", .cipher_str = "cts(cbc(aes))", .keysize = 32, .security_strength = 32, @@ -38,7 +38,7 @@ struct fscrypt_mode fscrypt_modes[] = { .blk_crypto_mode = BLK_ENCRYPTION_MODE_AES_128_CBC_ESSIV, }, [FSCRYPT_MODE_AES_128_CTS] = { - .friendly_name = "AES-128-CTS-CBC", + .friendly_name = "AES-128-CBC-CTS", .cipher_str = "cts(cbc(aes))", .keysize = 16, .security_strength = 16, @@ -53,7 +53,7 @@ struct fscrypt_mode fscrypt_modes[] = { .blk_crypto_mode = BLK_ENCRYPTION_MODE_SM4_XTS, }, [FSCRYPT_MODE_SM4_CTS] = { - .friendly_name = "SM4-CTS-CBC", + .friendly_name = "SM4-CBC-CTS", .cipher_str = "cts(cbc(sm4))", .keysize = 16, .security_strength = 16, @@ -687,7 +687,7 @@ int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported) /** * fscrypt_prepare_new_inode() - prepare to create a new inode in a directory * @dir: a possibly-encrypted directory - * @inode: the new inode. ->i_mode must be set already. + * @inode: the new inode. ->i_mode and ->i_blkbits must be set already. * ->i_ino doesn't need to be set yet. * @encrypt_ret: (output) set to %true if the new inode will be encrypted * @@ -717,6 +717,9 @@ int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode, if (IS_ERR(policy)) return PTR_ERR(policy); + if (WARN_ON_ONCE(inode->i_blkbits == 0)) + return -EINVAL; + if (WARN_ON_ONCE(inode->i_mode == 0)) return -EINVAL; |