From patchwork Mon Apr 30 22:51:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906905 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="vY6o8442"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 40Zg0F3Nlqz9s27 for ; Tue, 1 May 2018 08:57:01 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755460AbeD3W47 (ORCPT ); Mon, 30 Apr 2018 18:56:59 -0400 Received: from mail-pf0-f194.google.com ([209.85.192.194]:38716 "EHLO mail-pf0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755381AbeD3W4v (ORCPT ); Mon, 30 Apr 2018 18:56:51 -0400 Received: by mail-pf0-f194.google.com with SMTP id o76so7873644pfi.5; Mon, 30 Apr 2018 15:56:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=S24RiGNhuz386YKQKlb+0Ab3WqrNET6rAgJVSwGcwaA=; b=vY6o84422EjORMijAejzpjAK80ltfbu5B2QeNhW5TunpYFxLrFOCA6qbzYoH7vXfWj /UiQcqLit/1f3xWnp1qP0jqDgiDhOZkCNXC5Bpg3chX10t3PM3/1EWAgWroqKA10pBbd Ra24qYXhm8WR1VpqsJOY/jhAJHW1a8WLsCm+mYcjk2ZkykNU4u1sOLdyXNDoBiIRCVO6 tViOqhCkz/VFJbFIWIPcfTe87QW0ykrb7B71FQTaBPey5Q77OjnNaUtUeW7jiDQM16Jx W8mv4/kDXkqelWOlSXhZLVsNbTexowdfUssrQQfr8aY9RZVUdFseZWmWc8wtFxf8/9yH JVbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=S24RiGNhuz386YKQKlb+0Ab3WqrNET6rAgJVSwGcwaA=; b=mpslzSpKuAoZ4SVpd3Ra50JGJobiz9PYkZS6vTZh7Pk82O7NK8w0muaKId/YgJlrbF LNk3YcBhuUB6wmZGdzUTt1uDVBvXQBme59MYJ+mNyGFDXxlpeLFtDjjP4YncZS4uq11K mj9dR4pdXLhBmaJ4F+4Gr6aIXqFhO4KTeHAnP3EsdK2N5VrmmQZAY1nRs6eHShmZbWdW H8Wf1WCrP2lnTB5D/xh3mXpf5Ml9PGyJOLfKYge0eBAPDZczTctJAyyD4c58iGqesoR8 BoRLz7W1XT6/6+DGpCnPFJ8Xz0qk5pWfpvcecdteZ1B6cbrC5Qt4w4vamXqxPksCObwJ vafA== X-Gm-Message-State: ALQs6tAoHhqqL7X323c9fsV8Na8JBn3lgPwvexeftHTaVpNd8XnRaakd RjJzzLdqwbE8PrDlCfOI2WJJtl0R X-Google-Smtp-Source: AB8JxZpzc9IwT183rLPZZWN7JeZmepldUjQyhcgh89JsZ6+u6bKrkaGeofgJFQipPbABCK5hRJN7Og== X-Received: by 10.98.67.83 with SMTP id q80mr13591353pfa.228.1525129010777; Mon, 30 Apr 2018 15:56:50 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:50 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Eric Biggers Subject: [PATCH 13/15] fscrypt: use a common logging function Date: Mon, 30 Apr 2018 15:51:47 -0700 Message-Id: <20180430225149.183514-14-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers Use a common function for fscrypt warning and error messages so that all the messages are consistently ratelimited, include the "fscrypt:" prefix, and include the filesystem name if applicable. Also fix up a few of the log messages to be more descriptive. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 28 +++++++++++++++++++++++++--- fs/crypto/fname.c | 10 ++++++---- fs/crypto/fscrypt_private.h | 8 ++++++++ fs/crypto/hooks.c | 5 +++-- fs/crypto/keyinfo.c | 27 +++++++++++++++------------ 5 files changed, 57 insertions(+), 21 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index d22887f689ad..a40d7d73b633 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -174,9 +174,10 @@ int fscrypt_do_page_crypto(const struct inode *inode, fscrypt_direction_t rw, res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); skcipher_request_free(req); if (res) { - printk_ratelimited(KERN_ERR - "%s: crypto_skcipher_encrypt() returned %d\n", - __func__, res); + fscrypt_err(inode->i_sb, + "%scryption failed for inode %lu, block %llu: %d", + (rw == FS_DECRYPT ? "de" : "en"), + inode->i_ino, lblk_num, res); return res; } return 0; @@ -416,6 +417,27 @@ int fscrypt_initialize(unsigned int cop_flags) return res; } +void fscrypt_msg(struct super_block *sb, const char *level, + const char *fmt, ...) +{ + static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, + DEFAULT_RATELIMIT_BURST); + struct va_format vaf; + va_list args; + + if (!__ratelimit(&rs)) + return; + + va_start(args, fmt); + vaf.fmt = fmt; + vaf.va = &args; + if (sb) + printk("%sfscrypt (%s): %pV\n", level, sb->s_id, &vaf); + else + printk("%sfscrypt: %pV\n", level, &vaf); + va_end(args); +} + /** * fscrypt_init() - Set up for fs encryption. */ diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 39091fc31e98..d7a0f682ca12 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -71,8 +71,9 @@ int fname_encrypt(struct inode *inode, const struct qstr *iname, res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); skcipher_request_free(req); if (res < 0) { - printk_ratelimited(KERN_ERR - "%s: Error (error code %d)\n", __func__, res); + fscrypt_err(inode->i_sb, + "Filename encryption failed for inode %lu: %d", + inode->i_ino, res); return res; } @@ -115,8 +116,9 @@ static int fname_decrypt(struct inode *inode, res = crypto_wait_req(crypto_skcipher_decrypt(req), &wait); skcipher_request_free(req); if (res < 0) { - printk_ratelimited(KERN_ERR - "%s: Error (error code %d)\n", __func__, res); + fscrypt_err(inode->i_sb, + "Filename decryption failed for inode %lu: %d", + inode->i_ino, res); return res; } diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 8358610d6558..09d6c72635b6 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -100,6 +100,14 @@ extern struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx, gfp_t gfp_flags); extern const struct dentry_operations fscrypt_d_ops; +extern void __printf(3, 4) __cold +fscrypt_msg(struct super_block *sb, const char *level, const char *fmt, ...); + +#define fscrypt_warn(sb, fmt, ...) \ + fscrypt_msg(sb, KERN_WARNING, fmt, ##__VA_ARGS__) +#define fscrypt_err(sb, fmt, ...) \ + fscrypt_msg(sb, KERN_ERR, fmt, ##__VA_ARGS__) + /* fname.c */ extern int fname_encrypt(struct inode *inode, const struct qstr *iname, u8 *out, unsigned int olen); diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c index bec06490fb13..926e5df20ec3 100644 --- a/fs/crypto/hooks.c +++ b/fs/crypto/hooks.c @@ -39,8 +39,9 @@ int fscrypt_file_open(struct inode *inode, struct file *filp) dir = dget_parent(file_dentry(filp)); if (IS_ENCRYPTED(d_inode(dir)) && !fscrypt_has_permitted_context(d_inode(dir), inode)) { - pr_warn_ratelimited("fscrypt: inconsistent encryption contexts: %lu/%lu", - d_inode(dir)->i_ino, inode->i_ino); + fscrypt_warn(inode->i_sb, + "inconsistent encryption contexts: %lu/%lu", + d_inode(dir)->i_ino, inode->i_ino); err = -EPERM; } dput(dir); diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index f6d6acd37b97..f63bfd6dffd6 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -103,9 +103,8 @@ static int validate_user_key(struct fscrypt_info *crypt_info, if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE || master_key->size % AES_BLOCK_SIZE != 0) { - printk_once(KERN_WARNING - "%s: key size incorrect: %d\n", - __func__, master_key->size); + fscrypt_warn(NULL, "key size incorrect: %u", + master_key->size); res = -ENOKEY; goto out; } @@ -132,9 +131,10 @@ static int determine_cipher_type(struct fscrypt_info *ci, struct inode *inode, u32 mode; if (!fscrypt_valid_enc_modes(ci->ci_data_mode, ci->ci_filename_mode)) { - pr_warn_ratelimited("fscrypt: inode %lu uses unsupported encryption modes (contents mode %d, filenames mode %d)\n", - inode->i_ino, - ci->ci_data_mode, ci->ci_filename_mode); + fscrypt_warn(inode->i_sb, + "inode %lu uses unsupported encryption modes (contents mode %d, filenames mode %d)", + inode->i_ino, ci->ci_data_mode, + ci->ci_filename_mode); return -EINVAL; } @@ -173,8 +173,9 @@ static int derive_essiv_salt(const u8 *key, int keysize, u8 *salt) tfm = crypto_alloc_shash("sha256", 0, 0); if (IS_ERR(tfm)) { - pr_warn_ratelimited("fscrypt: error allocating SHA-256 transform: %ld\n", - PTR_ERR(tfm)); + fscrypt_warn(NULL, + "error allocating SHA-256 transform: %ld", + PTR_ERR(tfm)); return PTR_ERR(tfm); } prev_tfm = cmpxchg(&essiv_hash_tfm, NULL, tfm); @@ -309,8 +310,9 @@ int fscrypt_get_encryption_info(struct inode *inode) ctfm = crypto_alloc_skcipher(cipher_str, 0, 0); if (IS_ERR(ctfm)) { res = PTR_ERR(ctfm); - pr_debug("%s: error %d (inode %lu) allocating crypto tfm\n", - __func__, res, inode->i_ino); + fscrypt_warn(inode->i_sb, + "error allocating '%s' transform for inode %lu: %d", + cipher_str, inode->i_ino, res); goto out; } crypt_info->ci_ctfm = ctfm; @@ -327,8 +329,9 @@ int fscrypt_get_encryption_info(struct inode *inode) crypt_info->ci_data_mode == FS_ENCRYPTION_MODE_AES_128_CBC) { res = init_essiv_generator(crypt_info, raw_key, keysize); if (res) { - pr_debug("%s: error %d (inode %lu) allocating essiv tfm\n", - __func__, res, inode->i_ino); + fscrypt_warn(inode->i_sb, + "error initializing ESSIV generator for inode %lu: %d", + inode->i_ino, res); goto out; } }