summaryrefslogtreecommitdiff
path: root/fs/ceph/crypto.c
diff options
context:
space:
mode:
authorLuís Henriques <lhenriques@suse.de>2022-11-29 10:39:49 +0000
committerIlya Dryomov <idryomov@gmail.com>2023-08-24 11:24:35 +0200
commit14e034a61c908d4479be1a7ee9fe5b8d3d1f09b8 (patch)
tree5a8a46cbfaed77a5df049eb2036c1aaa58acf2bc /fs/ceph/crypto.c
parente127e03009a3a3c26f00d0b2703c6e0e47927aec (diff)
downloadlwn-14e034a61c908d4479be1a7ee9fe5b8d3d1f09b8.tar.gz
lwn-14e034a61c908d4479be1a7ee9fe5b8d3d1f09b8.zip
ceph: mark directory as non-complete after loading key
When setting a directory's crypt context, ceph_dir_clear_complete() needs to be called otherwise if it was complete before, any existing (old) dentry will still be valid. This patch adds a wrapper around __fscrypt_prepare_readdir() which will ensure a directory is marked as non-complete if key status changes. [ xiubli: revise commit title per Milind ] Signed-off-by: Luís Henriques <lhenriques@suse.de> Reviewed-by: Xiubo Li <xiubli@redhat.com> Reviewed-by: Milind Changire <mchangir@redhat.com> Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Diffstat (limited to 'fs/ceph/crypto.c')
-rw-r--r--fs/ceph/crypto.c35
1 files changed, 33 insertions, 2 deletions
diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c
index a08978a0ed4d..5df2c52b384f 100644
--- a/fs/ceph/crypto.c
+++ b/fs/ceph/crypto.c
@@ -287,8 +287,8 @@ int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
if (fname->name_len > NAME_MAX || fname->ctext_len > NAME_MAX)
return -EIO;
- ret = __fscrypt_prepare_readdir(fname->dir);
- if (ret)
+ ret = ceph_fscrypt_prepare_readdir(fname->dir);
+ if (ret < 0)
return ret;
/*
@@ -334,3 +334,34 @@ out:
fscrypt_fname_free_buffer(&_tname);
return ret;
}
+
+/**
+ * ceph_fscrypt_prepare_readdir - simple __fscrypt_prepare_readdir() wrapper
+ * @dir: directory inode for readdir prep
+ *
+ * Simple wrapper around __fscrypt_prepare_readdir() that will mark directory as
+ * non-complete if this call results in having the directory unlocked.
+ *
+ * Returns:
+ * 1 - if directory was locked and key is now loaded (i.e. dir is unlocked)
+ * 0 - if directory is still locked
+ * < 0 - if __fscrypt_prepare_readdir() fails
+ */
+int ceph_fscrypt_prepare_readdir(struct inode *dir)
+{
+ bool had_key = fscrypt_has_encryption_key(dir);
+ int err;
+
+ if (!IS_ENCRYPTED(dir))
+ return 0;
+
+ err = __fscrypt_prepare_readdir(dir);
+ if (err)
+ return err;
+ if (!had_key && fscrypt_has_encryption_key(dir)) {
+ /* directory just got unlocked, mark it as not complete */
+ ceph_dir_clear_complete(dir);
+ return 1;
+ }
+ return 0;
+}