From patchwork Mon Apr 30 22:51:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906914 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Ljur7NpT"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="maal8/Rb"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg1r026Bz9s27 for ; Tue, 1 May 2018 08:58:24 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=QUl/9yzprDu47kMoplFhh4rzmxOHqY678s4wPOepW6A=; b=Ljur7NpTIuehLIeZALajYUWkZQ JnHLRuDGNmVJRHU1inekeiclma1uLeWCvuFyRcNNHWeN5W1X8Vx75MFb1xrn3J0uQMSyGtEAuNjLV 3IoyGzH4a7VjboJ8zP0yyLpB6jKPqlNUGfJaJcWBgZJbVd2lxkPmnTk0tfW72+OgnH9tKc7TczH0G xSTbQJ4TDxkvzZGNwMXt4YZ2SJDdQQjJ+FVzkiXss3THHAsDzfiIDPsxegs4GNY+eLCT+KpKC/SKW ioQBOgTzTXJ84tQSqEjzZuWohiWTi9oqs9fHYaosO7KxhAiYLRNv01auK9YweYj+3CVNtd1iZkoEu DEBSfWTQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHkF-0004PV-Jg; Mon, 30 Apr 2018 22:58:07 +0000 Received: from mail-pg0-x243.google.com ([2607:f8b0:400e:c05::243]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj0-0003mC-KQ for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:52 +0000 Received: by mail-pg0-x243.google.com with SMTP id i29-v6so7244643pgn.12 for ; Mon, 30 Apr 2018 15:56:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GEosfGWQuVg7oJ/HbHUvmG3ZXuBEuIzteCd3eQ1w4/8=; b=maal8/Rb/KB8F7rCOuuFoMR4KK6qlZadXB307vGgUijuA/MbnLDxLpXU7swrzxC5CI 87GPkMDd0wZmyxGxHZDnTzMw/r0/TNY5JWccZXZF0rUG4rWZjpnfSKTpV1nogoLyxbLM J6V3BZpHz3oz9Kh6XbYW9LgfFdDTHqUej6zdgLaCNjmo4+dhaBVnGdAB9xtmPZFCbOdP qmxp7h43Zk/JQjxOJ779WRiZR1sclD0WYpHVwMvK++nVaZFc3stxRGbc6NSdulM9C0PF rm9pTtOPpfqUOBJ8vOMIkF3lBPwJ2LlGPLm3xV0YOTqzLtKzyv5/FS/aabynEW1QNLdF WuuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GEosfGWQuVg7oJ/HbHUvmG3ZXuBEuIzteCd3eQ1w4/8=; b=VLkT7b17VompHM5tHPJfLRZBjZgtvps/8AGSI//l72owf/AuqPqrv4IGYx+HFW9vKA B5q2pJn74wzeakwYSJFYBUxZT5rHLN9p8IVZ7P1iaEJ3MHB0PVPBSkSnVVcenH8/MXLb AlGhJ/bpDrT0NJwRagwjTwZpelAWdKaLyI2hJELgT7Lu/4mOm4MqAsfNjIZR2D8TajR0 WHnKGgiOwXwJfG1eylVJTfOZNrnNuqjWcnxhHJ9/nKzrPAaQg5v40L431ed/CUmsQi6q A9hEmPo9m+YPKrZuBAMqV2JJDHK17Km4lDj6Dc/EzdGYJS5d2K163lUwLzSYFK6fTIK/ NEuQ== X-Gm-Message-State: ALQs6tD5jlmaX7wsJFBmXoZ1rOcjvmSbipOCwlYOjq+Yi6BhFi70Mdpt rR8SiyFL+qqJmZgz3mLdF6w= X-Google-Smtp-Source: AB8JxZqTnkKbREjHoKDgeLQXzVqvQRxTgwzt7pyj2lt0BiIuKlhJamu8h9AINbCrj2Wi8/r11QbIuA== X-Received: by 2002:a63:69c3:: with SMTP id e186-v6mr11253248pgc.353.1525128999824; Mon, 30 Apr 2018 15:56:39 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:39 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 01/15] fs, fscrypt: only define ->s_cop when FS_ENCRYPTION is enabled Date: Mon, 30 Apr 2018 15:51:35 -0700 Message-Id: <20180430225149.183514-2-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155650_694699_08EDCEE1 X-CRM114-Status: GOOD ( 11.83 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:243 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Now that filesystems only set and use their fscrypt_operations when they are built with encryption support, we can remove ->s_cop from 'struct super_block' when FS_ENCRYPTION is disabled. This saves a few bytes on some kernels and also makes it consistent with ->i_crypt_info. Signed-off-by: Eric Biggers --- include/linux/fs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/fs.h b/include/linux/fs.h index 760d8da1b6c7..8e2460694c3a 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1364,9 +1364,9 @@ struct super_block { void *s_security; #endif const struct xattr_handler **s_xattr; - +#if IS_ENABLED(CONFIG_FS_ENCRYPTION) const struct fscrypt_operations *s_cop; - +#endif struct hlist_bl_head s_roots; /* alternate root dentries for NFS */ struct list_head s_mounts; /* list of mounts; _not_ for fs use */ struct block_device *s_bdev; From patchwork Mon Apr 30 22:51:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906917 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="WIIKmrmR"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="mUrNsaCW"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg444NBRz9s0n for ; Tue, 1 May 2018 09:00:20 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=lB7Vk+EVZSHUY8QHclhkJ0eNFyRenW8Itf1t4McnUXk=; b=WIIKmrmR4MR7BJ19+eWpsiP1vJ cnC3gBKuLtHrezV3MHHGpcf92fHYRhISPp2TcddPHHMYv1aoY+vtlTtxRAcv7bjOyyiMBGV1o8CR+ QXdGP00NNfTRRb0mmqqqxYox2OUeFY2EUcDDaF2NewqJWalgsP/Dw2s8fFsg/TO4pXajAlTYFB0Pq zrs71oSaIMWiq0iSxRETwCZOLTYr0qkvqMBu6hxwZk5bths4Qz3iDYKVRR7C4hF3XLCA76Fd7FBMH l7HFHJFVn1v9qW9Fhx1ZfynqoAqY2lzvwO3IRObBazfvJ1cOUeu0aNvv25VD8UDzCI3vGmtsmJnHS X0/pyP9w==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHmF-0005tZ-Fd; Mon, 30 Apr 2018 23:00:11 +0000 Received: from mail-pg0-x242.google.com ([2607:f8b0:400e:c05::242]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj1-0003mS-H5 for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:54 +0000 Received: by mail-pg0-x242.google.com with SMTP id b9-v6so7260276pgf.6 for ; Mon, 30 Apr 2018 15:56:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=rWq4cPPdQCFYQoyo0QJLdRvGhjAu9TOIwKtMH2FJG24=; b=mUrNsaCWbfWbLhMBTMe/5pKj7uDn/IyEsyUw+y8Gar0Mr5j8UT7KeEQvqKgjJ4+l8u SqKIyJyVYVnYA8SmBFDUS1UJUMbOWJekJG1NAsIPdqKqakOxtbjpMIsCsfU/QusrjFRH kyO52KEG4pGJ6Qd0m4dcZO3Cq97PCKBcguzwgj50VR1qPSzXB9vLtQ56K9cYQQgVDoBO YhycMHJ2d27+l8P+JLKLgd2pAboy0ZdTqVPfalw7mZH2XcjCEvI8kfgsgKeBdGjsSnYF umUhZcgOswjc0XBL/mwd3rCkduQkYF4jprzg+y6U0iKBu3+2we/ondLSKqzIBAm34XoD ImdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=rWq4cPPdQCFYQoyo0QJLdRvGhjAu9TOIwKtMH2FJG24=; b=RELAXfUe+DDB2ywG2dMFqmzjYU08jVM6tadyD/ESbMQltbPMTIx2+HLNG7mlKOy49l FgY9sjr9YGTgGHmfFRrLacBmSwri2BJR0xvlzHnuEpWbUf+gFk5zpms4fNi2az/a7eFx c4yFogQ8+RySDyBcuVyFT/qTUL7cGIL3ZI461Y/t/sgRLiUKlTMssy06eERh2b+JBu58 gSNbKeJh6hWORyY34LIOyrgSXV0+sBkzDB3k3I4zomVdGZeC/R9TOuW4o+0M1Qg39ZNn EbFUZYBHpCdzQXOCWfLyvy5zXNmNQueFp/crM+K7ql+AY0T87RqJEGyY2KF1WGkIlYIk wETw== X-Gm-Message-State: ALQs6tDxJwZsyDCba6sOAsIrsRiAS5zzxIlE0OACfXF43WsMuj7B8xAR 4AZVI3LsR4JxFCweJ4CA0c8= X-Google-Smtp-Source: AB8JxZoWsdiouwpGVTlUWcqWug2RTQhpstAJM5E/s61Dg6tJkOYkCisRnaTzE5l1nHkR1IZihhiXOA== X-Received: by 2002:a63:b406:: with SMTP id s6-v6mr11588424pgf.334.1525129000731; Mon, 30 Apr 2018 15:56:40 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:40 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 02/15] fscrypt: clean up after fscrypt_prepare_lookup() conversions Date: Mon, 30 Apr 2018 15:51:36 -0700 Message-Id: <20180430225149.183514-3-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155651_597527_4FA41A6C X-CRM114-Status: GOOD ( 12.53 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:242 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Now that all filesystems have been converted to use fscrypt_prepare_lookup(), we can remove the fscrypt_set_d_op() and fscrypt_set_encrypted_dentry() functions as well as un-export fscrypt_d_ops. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 1 - fs/crypto/fscrypt_private.h | 1 + include/linux/fscrypt_notsupp.h | 10 ---------- include/linux/fscrypt_supp.h | 14 -------------- 4 files changed, 1 insertion(+), 25 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index ce654526c0fb..f2b2d8408a01 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -353,7 +353,6 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) const struct dentry_operations fscrypt_d_ops = { .d_revalidate = fscrypt_d_revalidate, }; -EXPORT_SYMBOL(fscrypt_d_ops); void fscrypt_restore_control_page(struct page *page) { diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index ad6722bae8b7..fb96e493167b 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -106,6 +106,7 @@ extern int fscrypt_do_page_crypto(const struct inode *inode, gfp_t gfp_flags); extern struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx, gfp_t gfp_flags); +extern const struct dentry_operations fscrypt_d_ops; /* fname.c */ extern int fname_encrypt(struct inode *inode, const struct qstr *iname, diff --git a/include/linux/fscrypt_notsupp.h b/include/linux/fscrypt_notsupp.h index 44b50c04bae9..25b6492de6e5 100644 --- a/include/linux/fscrypt_notsupp.h +++ b/include/linux/fscrypt_notsupp.h @@ -64,16 +64,6 @@ static inline void fscrypt_restore_control_page(struct page *page) return; } -static inline void fscrypt_set_d_op(struct dentry *dentry) -{ - return; -} - -static inline void fscrypt_set_encrypted_dentry(struct dentry *dentry) -{ - return; -} - /* policy.c */ static inline int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg) diff --git a/include/linux/fscrypt_supp.h b/include/linux/fscrypt_supp.h index 477a7a6504d2..c9c2cc26bc62 100644 --- a/include/linux/fscrypt_supp.h +++ b/include/linux/fscrypt_supp.h @@ -74,20 +74,6 @@ static inline struct page *fscrypt_control_page(struct page *page) extern void fscrypt_restore_control_page(struct page *); -extern const struct dentry_operations fscrypt_d_ops; - -static inline void fscrypt_set_d_op(struct dentry *dentry) -{ - d_set_d_op(dentry, &fscrypt_d_ops); -} - -static inline void fscrypt_set_encrypted_dentry(struct dentry *dentry) -{ - spin_lock(&dentry->d_lock); - dentry->d_flags |= DCACHE_ENCRYPTED_WITH_KEY; - spin_unlock(&dentry->d_lock); -} - /* policy.c */ extern int fscrypt_ioctl_set_policy(struct file *, const void __user *); extern int fscrypt_ioctl_get_policy(struct file *, void __user *); From patchwork Mon Apr 30 22:51:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906915 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="MQEow+Tq"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="fQUZ/Qk0"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg2S01Sjz9s0n for ; Tue, 1 May 2018 08:58:55 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=BTzMZx/j0VhJivQy2Z0o+Msz/896X8BsN3zsjz3dFAE=; b=MQEow+TqiUmy7s2jtf2Hw/BFft AJTCr76VZZF9cS9MGwiGPVzKFWnEDw8ZAfdWpNP+fBHbQPdjdMO2PT4iXZMnM7XpG5A4q0UNG55yJ f3hxi22kmf5Vf/ORdcLt5X+QUoxJ0LmJ+JdnMwxCe+4ZBxJgbsod1s/7nsrN2lYDto+Y75/X5K5p4 AqPSxbdb1xXfZcjuQJaM7PxlJFoJO9atFZvWAGuRpOp1vJZa8SRm3NU2b+Mph9CgR8GYKlODATdQM HbGQst9elR6e+f/dDzNx63aApJHNhuTxDiC0DyKBmGvftEW3ox8bvD31Ahh4FPCSUT6VVFScYotWe sIJU/Hrw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHkl-0004fi-6c; Mon, 30 Apr 2018 22:58:39 +0000 Received: from mail-pg0-x241.google.com ([2607:f8b0:400e:c05::241]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj2-0003mV-FT for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:54 +0000 Received: by mail-pg0-x241.google.com with SMTP id g20-v6so580511pgv.1 for ; Mon, 30 Apr 2018 15:56:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=XvOWIjmOn0PxA7PdXbWqhqHx2trNuJonWONBF3x8FS4=; b=fQUZ/Qk0NqEC3woI/gH6u5IpjHXqGoq79w7U/VYyBnPg+8LRSfB7+JhKkeVyOOqm2M eeenAV+SkWGkSs7sxyH7uj8h9Xh9XYs8n6F2T5RyAz7kjFV3Vz48UkUOB5fp/GMH2i56 HrqymBYWWEpGtIK5UvDD4hLhW+Q1reZxxtb1FbW8vbUe5/SjNgDIZnQ4Bw40kyrCZzg7 dPlZ8u9j61XFts8AJ9T9tJv2zvvxiCQvwtZ2ww3Uas+Xizui0L62ZtQiTvX2KpNdxZPi 8Ujfiryp2kthn4aVZOi7UmvUie310QTLA8d//7Jk2JXzlXWjuBlIFuk1Jni8kky73Pnm QAdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=XvOWIjmOn0PxA7PdXbWqhqHx2trNuJonWONBF3x8FS4=; b=botws7ifOtwiNFH+20s3wqrjCaHJn4OfDlTR5Q3LvWWzKsX2jrvua1G2Nffi8msQb7 DYgYnGiabdTR3rCSi8fLtwNbvgRVMj1785u9rwG1z8mCGCiTdkcjSCkHRzrCAJLsIWal EVlgnVYxcYejrevU4QIcphOnu3XULXhhBik61DHQfWt11yskypd6Nf2MCkbglej2aKvd /DHVkdmVfjo0HXgmI7CNQT520ZCF9TCyjnMxcjJSWDXmbXSZzdBrZpV4HxoJ6OpBrj1s 5ioVPp9t51lqOPTgEJGzwttU/qW24kemX05GzAW602yiMd0cZwUbdvx/0MKhpmw+A/dt Hgaw== X-Gm-Message-State: ALQs6tCXoBf2vvYImB6RgWe2u0iJkiGzRI+u3XWN+dNgrcIV5qcROnA7 UsmKosN2xH2kOOdMKsW3ww4= X-Google-Smtp-Source: AB8JxZqFkV4nosJCTFcyFKEjHPOorxZetUXF+yhDrOhF90BeiOU834syEQzHf2iebdxgi9++pI4IKw== X-Received: by 2002:a65:48c9:: with SMTP id o9-v6mr10990304pgs.390.1525129001733; Mon, 30 Apr 2018 15:56:41 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:40 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 03/15] fscrypt: remove unnecessary NULL check when allocating skcipher Date: Mon, 30 Apr 2018 15:51:37 -0700 Message-Id: <20180430225149.183514-4-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155652_568870_2AF016FB X-CRM114-Status: UNSURE ( 9.47 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:241 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers crypto_alloc_skcipher() returns an ERR_PTR() on failure, not NULL. Remove the unnecessary check for NULL. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 05f5ee1f0705..d09df8f751df 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -318,8 +318,8 @@ int fscrypt_get_encryption_info(struct inode *inode) goto out; } ctfm = crypto_alloc_skcipher(cipher_str, 0, 0); - if (!ctfm || IS_ERR(ctfm)) { - res = ctfm ? PTR_ERR(ctfm) : -ENOMEM; + if (IS_ERR(ctfm)) { + res = PTR_ERR(ctfm); pr_debug("%s: error %d (inode %lu) allocating crypto tfm\n", __func__, res, inode->i_ino); goto out; From patchwork Mon Apr 30 22:51:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906918 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="riCscv5j"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Oabb1lcS"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg57015Gz9s0n for ; Tue, 1 May 2018 09:01:14 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=WbyjZ0XEDEcQRaVU2gNlK6Q7nKv+GZBSlz6n34o77U4=; b=riCscv5jEUPtUKfyUjFAwgZk5E 92OxFnKuUIh5dIcUmx0OYeSJ1FwUxNbDbSOQZdqdOK1ypgCKlZ6yf1LQOwMjLDlk71yoYYab1XXKL 91/chKTzNo43oceo8MERiAkvn9NcuIfcLPFaCFP+f383aAGt38AgtyA1K/TwqJ3zUvJvaQtgcb/W1 mY5ed57L4jbKSiA1eXaFHWpwl2DHg/XNj2B77Gj7rrIFQsbFrgwPoPyPV9q7AQcD8JRQRflrpcTDJ zK47NFja9Lg/u2v48Hu6ZxRJfvi5EAQTruQl026GxnIRSfeM7m+TIQlpK5uE9sBGyqKsx6BHKq1uR ce5S9MMA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHn7-0007EN-35; Mon, 30 Apr 2018 23:01:05 +0000 Received: from mail-pg0-x241.google.com ([2607:f8b0:400e:c05::241]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj2-0003mW-H6 for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:56 +0000 Received: by mail-pg0-x241.google.com with SMTP id i29-v6so7244709pgn.12 for ; Mon, 30 Apr 2018 15:56:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=8pjpcrDcRhTWN81wgd1CvnzrziUVBWC2eSR6J45++fc=; b=Oabb1lcSY7kJJQO5Lv+rBTMOVNoXrxzD/35o6kvTjDjPoMcmXeQSmHL6/M0ELxEG07 OlqAcwaAoU7wPtDH6vdCQfH6M9MnJuvap1Ky4HPvsw2qrdpS5rhviQxzAR8M0i+yx4QH tuKB5ndYGyAeR4j3Lj+ert3TOti4ST/9+dvezlVBIBs+DNHRUpwmMOrt8ehjyAAaY/x+ akQtxFObwy4QvqrfUgiu3ZPVJp5CGx1fDO1hqK+GZ/z2vx6wduxoCRtD4SriQpUY1RyH gS5OJEmoPJT/W7R/PVZN3mnG+W+NKxIRmHfqpYjxVuKvHqA5NQH4DJTo+dexRwWnOlFx Kf/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=8pjpcrDcRhTWN81wgd1CvnzrziUVBWC2eSR6J45++fc=; b=d524uDEpB/SjXLl6Uq33zjkjBWTM+oubIgnhLTfLn5uM/RMJHTffDpiqGJP34qIhTR sEFbxp3fAqJZPJBB7LshpcasvBRTaWz3K8zhjQtr2kV6WX7N80jlhjT97QbrFgeAbN26 NGa0OyT1kDRvdKHp63bMZiifgAY3vfnSk7uU5HZkg2GRmLK8e2b3jOQ8eNhUoiUxzl1q 6ijFa3KrlCRn8Ac4b2aRNO6NTrlr9y9aT14KzZgzazVmui+KZQWnQwMLZyLdgrK8yJlY wldr1Tjf59fFurLp3jDW9bn/MrJaaCg7jFD4HScddRdj1kxDeAnypVg0IDdOKajMPJc4 CC9g== X-Gm-Message-State: ALQs6tB8xiukn2+2AnAQKnE8T67GRM5a0RURge0eD1XNVLKhXf8iGvpX xh0MUtssPZeLsqRVXHm3hQI= X-Google-Smtp-Source: AB8JxZo55lgWiCntKO9sqhh7/M6enmN/RXdW+vReWqZpU0tS9qJTketiBddY3GCjKM8NSfaEpfdTig== X-Received: by 2002:a63:7058:: with SMTP id a24-v6mr11607129pgn.101.1525129002629; Mon, 30 Apr 2018 15:56:42 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:41 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 04/15] fscrypt: remove error messages for skcipher_request_alloc() failure Date: Mon, 30 Apr 2018 15:51:38 -0700 Message-Id: <20180430225149.183514-5-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155652_615090_E30DAFD4 X-CRM114-Status: GOOD ( 10.75 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:241 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers skcipher_request_alloc() can only fail due to lack of memory, and in that case the memory allocator will have already printed a detailed error message. Thus, remove the redundant error messages from fscrypt. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 6 +----- fs/crypto/fname.c | 10 ++-------- 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index f2b2d8408a01..58761d816751 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -156,12 +156,8 @@ int fscrypt_do_page_crypto(const struct inode *inode, fscrypt_direction_t rw, } req = skcipher_request_alloc(tfm, gfp_flags); - if (!req) { - printk_ratelimited(KERN_ERR - "%s: crypto_request_alloc() failed\n", - __func__); + if (!req) return -ENOMEM; - } skcipher_request_set_callback( req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index e33f3d3c5ade..3b5164b159cb 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -59,11 +59,8 @@ int fname_encrypt(struct inode *inode, const struct qstr *iname, /* Set up the encryption request */ req = skcipher_request_alloc(tfm, GFP_NOFS); - if (!req) { - printk_ratelimited(KERN_ERR - "%s: skcipher_request_alloc() failed\n", __func__); + if (!req) return -ENOMEM; - } skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); @@ -108,11 +105,8 @@ static int fname_decrypt(struct inode *inode, /* Allocate request */ req = skcipher_request_alloc(tfm, GFP_NOFS); - if (!req) { - printk_ratelimited(KERN_ERR - "%s: crypto_request_alloc() failed\n", __func__); + if (!req) return -ENOMEM; - } skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); From patchwork Mon Apr 30 22:51:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906919 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="F1QZn5Kn"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="FYoVv6MR"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg5v50Rxz9s0n for ; Tue, 1 May 2018 09:01:55 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=9BdPKOTt4DnJO9NzULHPbXnDb4bor7XB/Ex8Lriltvc=; b=F1QZn5KnM7Cz5pcXDl2HapVC+q 5LDdeIAzBm7cmXvEaWWcy1fIJSAiMcrAIy4oAsfJqrto4GSSyp9VYBU6vA5HG6a/5F7vf1Q2hkQCC x2SxJBYfopy/dyY1Q0jyYZGKnXOwU4qVXr3phEdVumYnKiu2h+zEY6gMnImS9s13waYDE4uM4IVKI 5zyuEAmoRL2Bc6GLw9hEJhv+4XgrCrW3aq9kyQ53SOP74bVULpdqRitP6vnmTzVzwdHbOvzYBDtcX 3P+lurq4n6VGw2v0T5ACRebk0LxFfPp/72NxRY1THnR4I/VsJ4VgqPJ8zmhm2EErd3SN3mnmq4lJJ P8tTwDPQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHnj-0007Vg-CQ; Mon, 30 Apr 2018 23:01:43 +0000 Received: from mail-pf0-x242.google.com ([2607:f8b0:400e:c00::242]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj4-0003mY-2P for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:56 +0000 Received: by mail-pf0-x242.google.com with SMTP id j5so7882819pfh.2 for ; Mon, 30 Apr 2018 15:56:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ggFpFWQmZF/MW2yTQBQ8VlYD8wUcFgsk0uSswIYQZt0=; b=FYoVv6MRtKBibQRh7nAF0rYgJfLzy8948ioDmLD4+xMjLfyU3OP+42Ulw4x3FL3a0Z O7j/NxMNJBCM17rWZROS5zdAIRw0I0F4z21FUc46+p6ycsTH6ej+67DlcUmhUyMxQdhA saYxt604dBWxDRmS2noViYyPHFtgslYQG/XcbDfHvlu5rGKjYrugG/P0FGNejVEYjGwQ 82hyPO1eKS4N58DLzImzjTzrvS0XkHq9W8oAME5EhxUA8X+ZwUZlXogBzWM3aN0xpmRy tXYclZkXevXtg7c5DjVKZo1nXNDQ8TUDovW9u2R76nxPSboXxXSxZo6m1cb7ZewQIlow B6Ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ggFpFWQmZF/MW2yTQBQ8VlYD8wUcFgsk0uSswIYQZt0=; b=tX8tekCpFdF5GN52wCRKee1EMeXNRcbzfwjfaDJ0ZmsRkfswHDyHMZ5iFRl6VRSaAj feP6rIU2JWAjeIEbybYScD5GiDna9Ob8aJ3ElqfaGtbmt7CPBymq1AcG/7OuFV1HOb5W ZebgfOgsNNCTHGSGcT2z1bLagj3uZJlxBMCYqFFMeEKI2Zh2DkU6Efp3RaBITM5Ad2D5 6HMCKG36K4TV/0KShhWR2mYejAareICJL+yKj2/3jE309TQB/7tBsOnxtYklkHLRug1t Knm+xmLZEzsDcLuyIqEaN8VhHuPBgLlwBWngIgmcxb1h2dQJg/Nb2OPVerP7Yj+NyBLO alew== X-Gm-Message-State: ALQs6tC2cXo3tRUTc943oox+v83+Pt3tFtkGCdnzA0Im2YtAJwyZflo9 G1fwXLEMCF3wKilP4iZ3nL0= X-Google-Smtp-Source: AB8JxZo0ZrYiDYGT09KxYzlmrcKV49Ys/7aesAMO/ADTOn/CjLK8kCTHTYA72g75shF66CG3xWt8cw== X-Received: by 2002:a65:4e03:: with SMTP id r3-v6mr11469983pgt.121.1525129003554; Mon, 30 Apr 2018 15:56:43 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:42 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 05/15] fscrypt: remove stale comment from fscrypt_d_revalidate() Date: Mon, 30 Apr 2018 15:51:39 -0700 Message-Id: <20180430225149.183514-6-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155654_132502_CCFBC692 X-CRM114-Status: GOOD ( 11.01 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:242 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index 58761d816751..d22887f689ad 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -322,7 +322,6 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) return 0; } - /* this should eventually be an flag in d_flags */ spin_lock(&dentry->d_lock); cached_with_key = dentry->d_flags & DCACHE_ENCRYPTED_WITH_KEY; spin_unlock(&dentry->d_lock); From patchwork Mon Apr 30 22:51:40 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906922 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Y5fNkWjy"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Z/ZHWp8V"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg871wg0z9s0n for ; Tue, 1 May 2018 09:03:51 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=NUh4fvzVWpF02l2P3FEBZWv0RPtqT5C5q2YaGYjx6L0=; b=Y5fNkWjyocYmK5HmVy6BXhjeRt 9KULeVLncI3tiQVujCsqKqQXEL1CNsc1XfX5IU9SgiHqiDogXGVDxS4rngvhDgQ3ZKnida/oYzqTx atigcwc9hWGsj/hOvPBkfKbN+S7rWhpZH0dilX+zC7WDWPr9OjgRHKSaHyUDvhsj4Sxl7E/1nC6LW Ps+bIHBKhVBpNzxOk2vWH6UUmvR3r+Cd9izWJcv+W1mnUfWsIQ+XWJ1xKyx4k5NMMaJFm6EkoQ9rt TX5Ns3B4r7rfomoF4TzpqreQWLJqL4IEofpsc/e1rugop6znXuLZCx/5lgkXZVVuTs4299i22NNhh /DH8YpEA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHpd-0008M6-B3; Mon, 30 Apr 2018 23:03:41 +0000 Received: from mail-pf0-x243.google.com ([2607:f8b0:400e:c00::243]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj5-0003mg-5B for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:57 +0000 Received: by mail-pf0-x243.google.com with SMTP id c10so7865078pfi.12 for ; Mon, 30 Apr 2018 15:56:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=LIu2AchSzLKPzwlM41IUmPiyaiNBI2IOG+t4D0uRSa8=; b=Z/ZHWp8VSosJCcQE+dFG1qDzNQANga8Vro8gTJ+46f/VAb4nuIz9Vat1ikpY77bvFI s3MS+hQRTxCMGc1hNfhVnlkLdckgfHGXGD4Kcs0FHeY4Cay012BnsWQ/zppkSe8kev5t BBt4G5TNFu3Ft4lP5WfGcrAg+Hw98Z3q6zPCKa/XTusSyVy46DpbrzetiAyzOtNbebvv C3mwqg0xK4WWauIMCW2AlOwvfK95hwh+noWFhB95vxWrEZ/1E7tmeZEOKdk2mFOetKbO 3HgT8hiSB/vLMDZRVFLTzocf/2TSbuJ9erkTUdeKkB8ZklI5JHuuaPUeoE8TyZaBJHgd eI+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=LIu2AchSzLKPzwlM41IUmPiyaiNBI2IOG+t4D0uRSa8=; b=Wkn1I8SRnfCDqeUbt1cnz+w6MFs1AlBpEUA/Qee1SK/rlJdAzobPD91mjJb212AdL1 LgolEnjmw0Fv0WVUUsSstWw2LBdGEzHmDN8z8UMOA8Go0CoWMDOekGFhcSgRkqsshkpc pAw56bm3ouvLPT1jgkw9jZ57migMVVSOfDrPd+ReJKS57kB9b71wgi8QHWddzSVF4PkI PpZSh5FEar/hhCF5UrFFS0Aj0YMzCINpccpYefxiOcq+2mhTMJdG9SXNqbWfLdSR8QfX brQ1sd5aQVIwaPUx1B6wmY2JJ7JBTHFIoZqL9nozIt0xDTcMfkPC7ammlXjWyykbv1VB Jjjw== X-Gm-Message-State: ALQs6tDPH8VCUydLMP1nVq4N0ipX+C/W72a4LNoi1GtEGr/LqlijPbUd vrtvAutH2hOyFVi3RKAdg3w= X-Google-Smtp-Source: AB8JxZoWYWCM5WxPElnrQjeOcXzNiheMuVbEKAMVJU/tXzyVD4yHtnhXIjYiJo5JVlLibxoT9OAoUg== X-Received: by 2002:a63:6445:: with SMTP id y66-v6mr11289992pgb.206.1525129004392; Mon, 30 Apr 2018 15:56:44 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:43 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 06/15] fscrypt: don't clear flags on crypto transform Date: Mon, 30 Apr 2018 15:51:40 -0700 Message-Id: <20180430225149.183514-7-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155655_257216_8F8FFE22 X-CRM114-Status: GOOD ( 11.18 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:243 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers fscrypt is clearing the flags on the crypto_skcipher it allocates for each inode. But, this is unnecessary and may cause problems in the future because it will even clear flags that are meant to be internal to the crypto API, e.g. CRYPTO_TFM_NEED_KEY. Remove the unnecessary flag clearing. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index d09df8f751df..0f6a65c6483b 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -325,7 +325,6 @@ int fscrypt_get_encryption_info(struct inode *inode) goto out; } crypt_info->ci_ctfm = ctfm; - crypto_skcipher_clear_flags(ctfm, ~0); crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_REQ_WEAK_KEY); /* * if the provided key is longer than keysize, we use the first From patchwork Mon Apr 30 22:51:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906921 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="lXpBdBF/"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="GehkIBX7"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg7P2Knvz9s0n for ; Tue, 1 May 2018 09:03:13 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=1uf8+4NHDa4GkmvIqb5fktRS80TLB/E/DeDGn8YQG3w=; b=lXpBdBF/BXRFYTxT4VNX4PKYUH y1dJ+wiuJvGJ7/ocMpumxcg8KVzr+t4ECHNV0pTprLO/D5QWlhy09Bp4Z+38g/2Q8Yorh0yAQmklX tRcOqr/FG7FHQWBEZpjwCwzTWPbvj+YJiGyJBOkXIxaDkyNUV8tZmcYIzdJGysCknbTnZ9/gjvBw4 72gA7BVAgch9uYgrZi1b4h9E2noWAWJ8gsITbQ05z13ubRi4KxKQMwBmVJ6vIjlP+CFij2VSrFsS5 KPEANZ3Pmg2gqKT0AQWoVLdQBVGh1fKZZ07UnxKeapGJ/i3hrwLQzx6CrMPs6N44+it8iX0QSFyR4 n9RX6uzQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHp1-00084w-UL; Mon, 30 Apr 2018 23:03:03 +0000 Received: from mail-pf0-x243.google.com ([2607:f8b0:400e:c00::243]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj5-0003n7-5K for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:58 +0000 Received: by mail-pf0-x243.google.com with SMTP id j11so7865837pff.10 for ; Mon, 30 Apr 2018 15:56:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=9do0xI/Gk53WyrrKSwNXgYKTTaRYdwmUaK07VYNYN/I=; b=GehkIBX75CLXg68KVwTvCW5qmSql+HtZjWO0tfhQ0TNUMfvwrBSQZnliNNDjRPWZFC p522NmS2HUvHUlXYzRCY/PyibUyEr1ru5QFKlLPFlNTiVP9pgcY8NYzxtxBxMDRXDfGl QsscAJgdC/e+rMf281BnlvbrBn5PD85CF4QiXsFK/eiFLyiCewR7OaScr4HR06Mqkxqs FLN4xw+6+ZSYMVGjwvFPW5igY4zzbW+hDLlKpOCDfY81bkmcALPQXJml1U3nUa6u6uhe rJbyT0KJ6qBDsS2nlzU64lJ78PFV3aFV3Va4u2/9zT2lfVrHWaaIc5AnUaCKkkiNnX78 909g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=9do0xI/Gk53WyrrKSwNXgYKTTaRYdwmUaK07VYNYN/I=; b=ThSK0Ed5dFrrJmv+rknyL7ekh2BTv41cjgxJKSzqaaE2014C+a9sFNxzD3Vqd55D14 yDa2nsHerY2yM7sORTsluW10SZzWcxku9F7EY/OeCSO2Ye6QuFlL5iHTtrJd8pvWjyjs lJkykgT8pzewqaKWFbo7mSBCjlVQVK7zY4GbJ0IsRm9MaixHU8F9bBHXVk0uC8IGdCXv 7nYtjKmYZXKcV2iPLHXwZk4qr10VhOGEZ1ygV7HC+a3y7vlERZjbrEFRQYRj+eC4AmiQ 2DaXpiPR/X1cUaHjMwwbyHUpduxQgBsUml4D5HjxPoLQZxmR7cC3w9KqiMJM/9wG8xwW QAJA== X-Gm-Message-State: ALQs6tAr9AGzzB41MnJ7hWAQR9IMzz0tfk6eNzijN5n/TE9NzLqIPclx fHBc1dLGAXDp6Wrm6vtyCQk= X-Google-Smtp-Source: AB8JxZqixYCAts5NqKRurzCg29pF4ItrvoBA5dm+q054FqhOa2auoTm/FwjFX6zWviVRfIIY5to0CA== X-Received: by 2002:a65:62c2:: with SMTP id m2-v6mr11500141pgv.164.1525129005352; Mon, 30 Apr 2018 15:56:45 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:44 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 07/15] fscrypt: don't special-case EOPNOTSUPP from fscrypt_get_encryption_info() Date: Mon, 30 Apr 2018 15:51:41 -0700 Message-Id: <20180430225149.183514-8-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155655_273391_0F38EB27 X-CRM114-Status: GOOD ( 13.31 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:243 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers In fscrypt_setup_filename(), remove the unnecessary check for fscrypt_get_encryption_info() returning EOPNOTSUPP. There's no reason to handle this error differently from any other. I think there may have been some confusion because the "notsupp" version of fscrypt_get_encryption_info() returns EOPNOTSUPP -- but that's not applicable from inside fs/crypto/. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 3b5164b159cb..8088a606c0aa 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -335,7 +335,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname, return 0; } ret = fscrypt_get_encryption_info(dir); - if (ret && ret != -EOPNOTSUPP) + if (ret) return ret; if (dir->i_crypt_info) { From patchwork Mon Apr 30 22:51:42 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906923 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="mCNT9bX7"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="DI59IGct"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg8t6gHBz9s0n for ; Tue, 1 May 2018 09:04:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=5vC1ptFn85YOjF84jRB19wI7dCus3SHnm2rvwrOBC4M=; b=mCNT9bX7p8YFEKVLKiNih0NoB4 vWgoKr3mKoxGzbILpRJnI0IR+op9R88yhrlf5cw7JtinQ2iEfxw/XnMEUDnj36MNTwqmByvaWmZii o3e085qJ7tI0Wa9n3Uwf+HE70ASly4PJBafP4nJitpSAwH1Zho6j16i6x+NDSgi05JQ8LPQ0hQ/Cn TXqlMsDUlmqZZSKmI1I2zvjDX7HxbqaYte5IODp7J8ReRDtcVgXOoM4uu/Z7NCfr7+HN5xiEqWfNo MeceSQoI1kxo0FwkiIASii5KXP0UzyGZ0Q//jkRx2xQpjdxRamScUpYD+njv0dRsYE8HgXNfKsKP3 5I8TwwTQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHqG-0000CZ-1Y; Mon, 30 Apr 2018 23:04:20 +0000 Received: from mail-pf0-x241.google.com ([2607:f8b0:400e:c00::241]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj6-0003n8-To for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:59 +0000 Received: by mail-pf0-x241.google.com with SMTP id f189so7874386pfa.7 for ; Mon, 30 Apr 2018 15:56:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Uea0xpw287CzFIPmQeLSWYI5fhVgb78MFSq1WmN6FRA=; b=DI59IGctw7L0dfiJwbuYZoTE72Sp7K6nCO5FVbHLKxre+EM1MlKurtlQzaAqqUfYDY McQlbMY+YyAkKzFW9HTEgwhrrZ0IfrxHoYvPEcn8gIur0hHnGXgXWwpZM1o/78lOWhGe B/i0D9ZCWRX2eXYPkx3rtF3bfk0wmaRiaFgnrt0OdhbDbXhSAmgDpKWocYBJee0Dk69E 3KBRCVPtaSqHSWAFYj+nYFbh9WRsUNv9o84C0VxkSftT48mo0BIj5Ea4eUb0KMRbxS/B hdRFs2dwb2s/i9dX5OwGsDoxHr7Wgqax/XK7rbnTnjspIABGtcAIbPylsQlDUpUqnnAG qRrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Uea0xpw287CzFIPmQeLSWYI5fhVgb78MFSq1WmN6FRA=; b=lDwCqMYBvyBu/u+xjXisSuzhGg/amhJ0B18NoIq5uD1QJ5wI9s0vjE+S7aRIYEuXA3 /TOagVlK3muC6tf45fasqUzs/blrc1f/b+EGB7G4uYdrmaEMWsdhfE8ZeAalYpohxalu 0b9IXEGNfHuC49agmbODScF6AQ4szo7lh1XQ4tgvF617C34Afa6AbeKYoVuA1l1JrwCB GhN+MwZr5OMVIZRb3EO39MKnpEExd+0L1vutFTAdBe9HKvCL+HD8Mm8fjvYRci7eRKoH RBAnHb6I/JXmeOQbzjCrn4MA5IB3TEuOaCEHWuDN3O1m3idDwsq0p5SXtHJV/ADLxpC0 LsSQ== X-Gm-Message-State: ALQs6tAqTyOlkJ9RbPZyw8jauPnjutuPejCZY7VWkyr3uUq7j1ZeYICg cwotV+ROE+2IbyyASgRq8F5k9p9z X-Google-Smtp-Source: AB8JxZoms4xCBbVaVfDQSX0xGICsD9w+PtG3Jq5iBuxPF0fZjwkBxvaKGYmG8Y/CiZ69JOzQSb/Sog== X-Received: by 2002:a63:a412:: with SMTP id c18-v6mr11298516pgf.85.1525129006165; Mon, 30 Apr 2018 15:56:46 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:45 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 08/15] fscrypt: drop max_namelen check from fname_decrypt() Date: Mon, 30 Apr 2018 15:51:42 -0700 Message-Id: <20180430225149.183514-9-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155656_998355_5FB0203E X-CRM114-Status: GOOD ( 12.39 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:241 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers fname_decrypt() returns an error if the input filename is longer than the inode's ->max_namelen() as given by the filesystem. But, this doesn't actually make sense because the filesystem provided the input filename in the first place, where it was subject to the filesystem's limits. And fname_decrypt() has no internal limit itself. Thus, remove this unnecessary check. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 8088a606c0aa..cc9590b5f371 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -93,14 +93,11 @@ static int fname_decrypt(struct inode *inode, struct skcipher_request *req = NULL; DECLARE_CRYPTO_WAIT(wait); struct scatterlist src_sg, dst_sg; - struct fscrypt_info *ci = inode->i_crypt_info; - struct crypto_skcipher *tfm = ci->ci_ctfm; + struct crypto_skcipher *tfm = inode->i_crypt_info->ci_ctfm; int res = 0; char iv[FS_CRYPTO_BLOCK_SIZE]; - unsigned lim; - lim = inode->i_sb->s_cop->max_namelen(inode); - if (iname->len <= 0 || iname->len > lim) + if (iname->len <= 0) return -EIO; /* Allocate request */ From patchwork Mon Apr 30 22:51:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906920 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Wd6ZNIKs"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="HoretyeG"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg6c0XtSz9s27 for ; Tue, 1 May 2018 09:02:32 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=wa39YwOFPVeHTe/32A/FcbCeSCB+h9/nURHOSekWUoU=; b=Wd6ZNIKsYr8COmoj3Uxs+ablNf 9QKkWMAoaJjn10phCjIVzOa7M9SjFpb9rcrh1v1Mr9qWfEDuIe+/jnZwtIwJ0+zslA8vdvlFp9mTx sysz/OIrUFd8oL/yK1/sqnwuMWDxZdvAomEuv4BZ+LYRWOTnF6NpW5jG4E4BDiZraCAFsdcAD2P7H LZgMkbG8mdayKl/KLHruB6NgfpUbDAB7GHZrwtUFGHKtYHyUz+X7JH497ibQmRb5B+LaUv1CvR3un dklF7ypPtl22P06wam16zqko/Kax+FZnrHYNtITfE2dH+3PmTUotsrRHaKLCkRNxxsM/eKsBTKpfv Ebtmz1PQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHoN-0007n6-F8; Mon, 30 Apr 2018 23:02:23 +0000 Received: from mail-pf0-x243.google.com ([2607:f8b0:400e:c00::243]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj5-0003nM-5S for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:57 +0000 Received: by mail-pf0-x243.google.com with SMTP id f189so7874412pfa.7 for ; Mon, 30 Apr 2018 15:56:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=sqPrY0sqsIid7e09Q3AsQplZFzNhnxQtv38fdTmgmT4=; b=HoretyeGPJhIQBYsrcb+pR3lr1IAzCO1X6Axo4OiOompaeADIlun6mZWRT8uuvmz2J xFM4Yi06IcbBd5sWJrNuf89SPiYFXEgOAEdFTchaKW9HBEYfsucveKrhTwyR8Gco9vpm uui8YoUFWoUs7vw98lDDYD3P91p18D0iKmBVcspZpBBFX+h/egBe9q6Ruau3sRmgrBRq lkNUEIMmhMBTY57PM3ubq8XAv//ODSbZiuflIdw/bhiz9FnL++/qoVnTHEhW6kmyiUU8 +EWGKrO3jWr2WC00F00PMO61PHiDPBDAReumUyI2hwUhvzZlq9DdSyRTu9ZjJKXobXwI Isqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=sqPrY0sqsIid7e09Q3AsQplZFzNhnxQtv38fdTmgmT4=; b=OsWfknm3Yb9TfJpy9zxWjMKk2fW4apVKfGtneOP82+oaYtRejNJoGlZQmvp37HJWXy eVUMlK4lmdycVw1i8szqNoPRiaLawX07J6JbORtjjvHJWna8iKOZ/0mMWH1Veq4G/ALp M/beLG1mHio9VeWcGIe35KcO+H/cMTpgA0krrsq+FMazCvO9ZAiP5T8erDfAcN5lf7om RtE5AHEObF7i12JwQR/iAJsviQHC7RUCfhigwMpdpeGlFEddqc+MgoZWZSrJCln7qbOp UMmILObMU0oR12iFEw1ME3wPURA0R2s2xNUFhUl4t47KyjbYRWwaL2SDFB7olbDZ/XcS CsAQ== X-Gm-Message-State: ALQs6tATM1oEp7V8u7BvTI02W/P6gheDbJ/jfMH8pxoWvr/RQ5up4TKz c0Kok41g5QUAzK3RB00MtgA= X-Google-Smtp-Source: AB8JxZrKdMhCClqFFLbhheRQxkK16Ml9D91QYYVtHcrseGEVRMSa8OWDLWN2cGFtwxJ9hTb5VEekpA== X-Received: by 2002:a63:9711:: with SMTP id n17-v6mr11060029pge.171.1525129007071; Mon, 30 Apr 2018 15:56:47 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:46 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 09/15] fscrypt: drop empty name check from fname_decrypt() Date: Mon, 30 Apr 2018 15:51:43 -0700 Message-Id: <20180430225149.183514-10-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155655_262779_9844C94F X-CRM114-Status: GOOD ( 10.49 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:243 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers fname_decrypt() is validating that the encrypted filename is nonempty. However, earlier a stronger precondition was already enforced: the encrypted filename must be at least 16 (FS_CRYPTO_BLOCK_SIZE) bytes. Drop the redundant check for an empty filename. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index cc9590b5f371..c4eb3a235ae4 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -97,9 +97,6 @@ static int fname_decrypt(struct inode *inode, int res = 0; char iv[FS_CRYPTO_BLOCK_SIZE]; - if (iname->len <= 0) - return -EIO; - /* Allocate request */ req = skcipher_request_alloc(tfm, GFP_NOFS); if (!req) From patchwork Mon Apr 30 22:51:44 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906916 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="rZ+aucuq"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="tWDBNItt"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg393490z9s0n for ; Tue, 1 May 2018 08:59:33 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=7Gd7QnRp0okldHJL3gJKuplfXpq5OZ/THGlRD8poLj8=; b=rZ+aucuqdvDZdjQCCQMJrfUM9v EQqSau/PqdgeMhrXsRRDvgJ2R5o2cYk5MpTu4jVnxCw0ICUzidjSig5awpjJnbkFaC34VJk16AcNt CwhllMFghq9AA4yQC0Vpi8xXYoio7l9XmvDKXRZdXXDd9B+EQBDWZj9AwIe3trxlGpb5XysNz5r0S tCB1FH56YjdAGQSVqyACbQQ+QvzWQlDC/haujd2YmZ/FkXEZ4nmb2I5/e7Z0KvpRugdLuhPNDQPW2 Pm0vu7vMQIuXro5vJXVop8oM5hnK9zAjS0tCx64SBpJUIVin2VVFefoMgvgo5dyDJzReQ0YNHhrXi PEHdYpcQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHlT-0004z3-7T; Mon, 30 Apr 2018 22:59:23 +0000 Received: from mail-pg0-x241.google.com ([2607:f8b0:400e:c05::241]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj2-0003nN-Fl for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:54 +0000 Received: by mail-pg0-x241.google.com with SMTP id m21-v6so7256064pgv.8 for ; Mon, 30 Apr 2018 15:56:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=N/Wfk1E+tK3OOkPaIA+XXWsFyvjshxUgze3gjk0jpkQ=; b=tWDBNIttoK3i2i90iyNCBhu2sXCIV2xYHDPf0Eyf/cQjDe028LE3X20i+H03IbDyb3 G8iDa1/L0ptjN+vnt7F7IVHu1tpv5gol5bDM5/Tn+MAwN261qBm/l6e05nDsJnY1twTD reMPnlif4gGakAy6DS8k/A8v1pzMiPqZgshxpIKzcAzUpYarOF1CQ4SeepsddHUeEoMS JD52AR59Ja9vK0S+YBUUg2f1mm+aio5U6ITRVwmCu7CN8O2fjg7FCap3KX7zTG2t/5kK dtwZtjtmO3r8BnW0hrmNAsBeiosoCpdXeI+bH4GTkC/nT1KK/n7y+zHWpZKBG9BP+Ce9 shdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=N/Wfk1E+tK3OOkPaIA+XXWsFyvjshxUgze3gjk0jpkQ=; b=ZxbixiihDsh3PgjFtx6k2/j+H7AA4FijztO8tYOyZBL+CLSlKnwGalIh8Lk4rbzv3w 3UZiAQTjOWjTzwgIAFgQfqpnXzhcNMeF/d13txs9BQJIIqoB7vqnygelppaLh6PAiGvu TU1nW7KYKSELNAdjSBK+7CW51XwyuDa+TGnVH/X3qHRhzasEJcJc+vFTstsCwx3DL3uf 88J2NbcLWNQ9PSFjB9zNqt1puEg8QZvTBVRilMBI1Mp5c/s7xOSziUyMWTBIdQEWScvd qHcw8A2Er9z1hHkw0OrRffgQVtnHj1A05em9KC+PdNIq4687qX7oDI/uYnmxbWOROaxg b/kQ== X-Gm-Message-State: ALQs6tA0mY8Q1Ws0oDi5yj+3JkpF26/FwZjvUF5cpmwbBtBmMzF+mUci Qkk5Wefk8zDllpb7LeSBQH0= X-Google-Smtp-Source: AB8JxZoD+QtGPBTbeD7mqEa7ZIQ6m5umhKG35aiU/0GPmOgeLSiEhzg2/d88G+POzDeJVCPgYo3uSQ== X-Received: by 2002:a63:5f0d:: with SMTP id t13-v6mr11456011pgb.145.1525129007876; Mon, 30 Apr 2018 15:56:47 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:47 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 10/15] fscrypt: make fscrypt_operations.max_namelen an integer Date: Mon, 30 Apr 2018 15:51:44 -0700 Message-Id: <20180430225149.183514-11-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155652_564136_EE835312 X-CRM114-Status: GOOD ( 12.83 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:241 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Now ->max_namelen() is only called to limit the filename length when adding NUL padding, and only for real filenames -- not symlink targets. It also didn't give the correct length for symlink targets anyway since it forgot to subtract 'sizeof(struct fscrypt_symlink_data)'. Thus, change ->max_namelen from a function to a simple 'unsigned int' that gives the filesystem's maximum filename length. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 2 +- fs/ext4/super.c | 8 +------- fs/f2fs/super.c | 8 +------- fs/ubifs/crypto.c | 10 +--------- include/linux/fscrypt_supp.h | 2 +- 5 files changed, 5 insertions(+), 25 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index c4eb3a235ae4..39091fc31e98 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -334,7 +334,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname, if (dir->i_crypt_info) { if (!fscrypt_fname_encrypted_size(dir, iname->len, - dir->i_sb->s_cop->max_namelen(dir), + dir->i_sb->s_cop->max_namelen, &fname->crypto_buf.len)) return -ENAMETOOLONG; fname->crypto_buf.name = kmalloc(fname->crypto_buf.len, diff --git a/fs/ext4/super.c b/fs/ext4/super.c index eb104e8476f0..502c36da292c 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -1237,19 +1237,13 @@ static bool ext4_dummy_context(struct inode *inode) return DUMMY_ENCRYPTION_ENABLED(EXT4_SB(inode->i_sb)); } -static unsigned ext4_max_namelen(struct inode *inode) -{ - return S_ISLNK(inode->i_mode) ? inode->i_sb->s_blocksize : - EXT4_NAME_LEN; -} - static const struct fscrypt_operations ext4_cryptops = { .key_prefix = "ext4:", .get_context = ext4_get_context, .set_context = ext4_set_context, .dummy_context = ext4_dummy_context, .empty_dir = ext4_empty_dir, - .max_namelen = ext4_max_namelen, + .max_namelen = EXT4_NAME_LEN, }; #endif diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 42d564c5ccd0..970ae27f401c 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -1930,19 +1930,13 @@ static bool f2fs_dummy_context(struct inode *inode) return DUMMY_ENCRYPTION_ENABLED(F2FS_I_SB(inode)); } -static unsigned f2fs_max_namelen(struct inode *inode) -{ - return S_ISLNK(inode->i_mode) ? - inode->i_sb->s_blocksize : F2FS_NAME_LEN; -} - static const struct fscrypt_operations f2fs_cryptops = { .key_prefix = "f2fs:", .get_context = f2fs_get_context, .set_context = f2fs_set_context, .dummy_context = f2fs_dummy_context, .empty_dir = f2fs_empty_dir, - .max_namelen = f2fs_max_namelen, + .max_namelen = F2FS_NAME_LEN, }; #endif diff --git a/fs/ubifs/crypto.c b/fs/ubifs/crypto.c index 616a688f5d8f..55c508fe8131 100644 --- a/fs/ubifs/crypto.c +++ b/fs/ubifs/crypto.c @@ -24,14 +24,6 @@ static bool ubifs_crypt_empty_dir(struct inode *inode) return ubifs_check_dir_empty(inode) == 0; } -static unsigned int ubifs_crypt_max_namelen(struct inode *inode) -{ - if (S_ISLNK(inode->i_mode)) - return UBIFS_MAX_INO_DATA; - else - return UBIFS_MAX_NLEN; -} - int ubifs_encrypt(const struct inode *inode, struct ubifs_data_node *dn, unsigned int in_len, unsigned int *out_len, int block) { @@ -89,5 +81,5 @@ const struct fscrypt_operations ubifs_crypt_operations = { .get_context = ubifs_crypt_get_context, .set_context = ubifs_crypt_set_context, .empty_dir = ubifs_crypt_empty_dir, - .max_namelen = ubifs_crypt_max_namelen, + .max_namelen = UBIFS_MAX_NLEN, }; diff --git a/include/linux/fscrypt_supp.h b/include/linux/fscrypt_supp.h index c9c2cc26bc62..5080cb1bec4c 100644 --- a/include/linux/fscrypt_supp.h +++ b/include/linux/fscrypt_supp.h @@ -29,7 +29,7 @@ struct fscrypt_operations { int (*set_context)(struct inode *, const void *, size_t, void *); bool (*dummy_context)(struct inode *); bool (*empty_dir)(struct inode *); - unsigned (*max_namelen)(struct inode *); + unsigned int max_namelen; }; struct fscrypt_ctx { From patchwork Mon Apr 30 22:51:45 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906913 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="IESRTd7Z"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="fwq1OzWk"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg105qBXz9s0n for ; Tue, 1 May 2018 08:57:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=jQKsnF/7tn5T03OcxmX0Ba7xkfKSqOtf0Bai3jAhs7w=; b=IESRTd7ZOZCQognwD3JBZYWBFk 497iuYqn6pyv5uioL8NzYBd9ZkGszfK3xbHA04gqOO+0RY5gpv9osnj/VRBmaLxPnfFNsuyARqXzJ 9NtLC/Uqq5NvsKHRclgL3jxeOhzayRL/B5pAzDUzAeaYhzP2UHKE+dSjW0hktM9u1fegIZYxh0GUc ZYLtjQvG9wiCq1WVPxhxxrTycjgVFlzspjdpYWcV0RFDPNvLWlHaa87qFme4pwGNcKfX7WT/kwm6j cNIhOwVbCobNPTGn2dcUdh9F8a1X4udvdVFCbHdRbizVDag9NKKbrwETeO9gkKcQjN9na99vLOTLN qtHOEujQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHjf-00048d-Dj; Mon, 30 Apr 2018 22:57:31 +0000 Received: from mail-pg0-x243.google.com ([2607:f8b0:400e:c05::243]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj0-0003nV-KU for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:56:52 +0000 Received: by mail-pg0-x243.google.com with SMTP id m21-v6so7256087pgv.8 for ; Mon, 30 Apr 2018 15:56:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3cyCdxl8Vwv2++i/twiDN1wy2fYcNtoWWfr0H8Mse3A=; b=fwq1OzWkvR527SVGJBKhuRmSp43LOuEjAIaoy1AXgrn3nQGslkLRaatNV06cv3PwEh tPMmZ/YmYcsuYLC9TXYYiyt4dm1vJAkK9jc8oHKTfPu3b1y6mOus6qwKSuyQ3HOH68Lf 99G6+qm9456iFcP2mYvJFIfQAamhFvIzu0ZkrbvT8lSPifpUZFrRfK7ta/kqaZXsnFvi GbGJOU4mDCDIYc4hiHqykMyxxTbndKgDKR9UkMW4JTWJUs01l2n/g4INlCrq9s7UVheR fhxSMy6EU15istUtdA2x1BN/ODzVT0eSpPpCeVllEAX2O6YQxvlFpiBLGfSwtp6SovYg SgCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3cyCdxl8Vwv2++i/twiDN1wy2fYcNtoWWfr0H8Mse3A=; b=mDdevn9Vtvm4yiiy0P0/LRkMet3F6XBw2c/zW9wQ0B0ZyONjByAqoyUUs0qQ3HiTxB WHPlhvW7yRE87GkqkfA9LqnfEW1MTFVFDSP6FqV2UbgIEOXWnRuPfJzY5jPAMAfbV306 +ZdJNQFtGA9WQ9P5hg/zyLVlu5t9BXoqfUZa+DIxFtKdkLUiUgm2G7mi2jlm9YmmwclJ 9GjeGGruTJ/t5juUXAXOx/HGqIGAitKg77s2hXW8vRXq5ej03VVvUsnjo1F0oEHATIo/ GaQv7TvTxsroNVzwAuUHBllgxd+f6jY1aPS/w2Zrskf2ozl+TcbU5SiFn6SWGa6bfFBP NQGg== X-Gm-Message-State: ALQs6tBlEO4RJ5fQK2jTYTVC7x7OCsYCtovZpzqbcp2KVK6Xm8Z5Rrrt tOIuB56khzU8Nlri0sXnOaA= X-Google-Smtp-Source: AB8JxZrgWFXcF1KSeBYAaUjK6gL9T2N9/S6JKV/omTFVdPxy70O8mRgJSQHvw6HN4QLp9mS8GS4s+w== X-Received: by 2002:a63:6d07:: with SMTP id i7-v6mr11121218pgc.174.1525129008831; Mon, 30 Apr 2018 15:56:48 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:48 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 11/15] fscrypt: remove unnecessary check for non-logon key type Date: Mon, 30 Apr 2018 15:51:45 -0700 Message-Id: <20180430225149.183514-12-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155650_716844_2FF72245 X-CRM114-Status: GOOD ( 10.75 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:243 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers We're passing 'key_type_logon' to request_key(), so the found key is guaranteed to be of type "logon". Thus, there is no reason to check later that the key is really a "logon" key. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 0f6a65c6483b..0b48aa469453 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -89,12 +89,6 @@ static int validate_user_key(struct fscrypt_info *crypt_info, return PTR_ERR(keyring_key); down_read(&keyring_key->sem); - if (keyring_key->type != &key_type_logon) { - printk_once(KERN_WARNING - "%s: key type must be logon\n", __func__); - res = -ENOKEY; - goto out; - } ukp = user_key_payload_locked(keyring_key); if (!ukp) { /* key was revoked before we acquired its semaphore */ From patchwork Mon Apr 30 22:51:46 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906924 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="hS9rU9b1"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="KwddrQCl"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40Zg9h3lFBz9s0n for ; Tue, 1 May 2018 09:05:12 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=weZLUjEgBokmHzFyTnw7XkFHEZCXJswwn1Nz6z8nAxk=; b=hS9rU9b1C1eAdoeCYm85eREc5H otlv8onm5pJJaZznh7QRJIBG89kqdqeZO9KyG7ZLSg1ZpZRi7reCyvZa8VFWeO3Rxth1sXNGtKFXJ qlA+Joembb7800jOUmQd6r/9Kts3fGepDzzuhIWoLN6YY0sDO7bIZv6UzfoaAwJR7jHBt8ouDBx5k uJM97T9AdsaX4mVpa2PDLGalA+0XpQtsyYUaBPn3db/m4mKr7B2jCrDLqUzwGokEY9G0Kmv+5zGax 6QkgS1Dg7Hz7MO9RQIvKOXzBXdhHwEmIZgBrkXGLULpemxK4M5QzSisE4/6+rJb9R0GplKBaa58Jq 8vNlLT/w==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHqv-0000TT-5Q; Mon, 30 Apr 2018 23:05:01 +0000 Received: from mail-pf0-x241.google.com ([2607:f8b0:400e:c00::241]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj7-0003nu-0d for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:57:00 +0000 Received: by mail-pf0-x241.google.com with SMTP id v63so7869922pfk.8 for ; Mon, 30 Apr 2018 15:56:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=omYekTlYFpF6Ky2145AS7Pz/BnftMmdO6HTM8/byU08=; b=KwddrQCl7R9E3JUsuPag5xN2z4MJ2PzwvJtnBSspwjpdNslmwGcdx3ZkITlfwYbDB6 M3DCqLTqX6YJc0grj/oPWDQUTlLM9wG+BXVdgRDxnTa3e/7XM50McUHmnCuJbA6JKNkO +G3fGpP0bvKM2jJteTkCWtNT4wYjwOw6uEW+1/UPl0U4/MRQZ7SZyivALkaR0uZbS7fJ 89ljEnp4S+UnyrV9tKqs4YC0VSSZSInR+pQSnj6zfmiZRWCiyXinl+Z2cJqBptMGsSiv Y/BIWjtSSGlPxwhBFb6CIDBOPuATMGncHnXTc2ZD6GB+3+LMv6cL28uMFsRaOwOOMc+3 9ldw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=omYekTlYFpF6Ky2145AS7Pz/BnftMmdO6HTM8/byU08=; b=f/gWb4ipunHgf6ZN7cvXvUoXKDtR3psGqhyEMktwjmz2rfF7ROdhrnkbOD44CVlpDw 4ZvT81efVeBCMgXn24CbHM4sTsDHTJm2Mbb0OEew8Imw7S6VhoSWmvc+JCyvbaMnZwI6 sP74Kobkee3Ky4Yp0V2pcNc3EHflEyrvUpyGid207fI7GCJwIHR4Z7asz6wvuNrSey94 D1S7ONQ4sgVJMj+rc/1BSpRaTq0o9Nk36p1Klzv9OICrVMNMemDXELFdHprG5AALPYD2 udXMZoy92GR742m8buooyq8wbY4iEGap4TRbyAjQ4SRzxv9siQNqtmwyPIzGNoBH7aHa CUZQ== X-Gm-Message-State: ALQs6tAOW7ezPMyOzUkS/urTuaT24Ra8BvLWdDaM5hKmohN7eZUU29Oh Cm/DO9avp+70e2QkxkfQCVxCdGXr X-Google-Smtp-Source: AB8JxZrMYI+7/b2QcjA2vxgaujZiMcpo9UBNG+ZofJYQ8OoBtrZbTc1QtnIY/4boXJ0piWw3doKTgA== X-Received: by 10.98.227.15 with SMTP id g15mr13649744pfh.68.1525129009875; Mon, 30 Apr 2018 15:56:49 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:49 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 12/15] fscrypt: remove internal key size constants Date: Mon, 30 Apr 2018 15:51:46 -0700 Message-Id: <20180430225149.183514-13-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155657_238848_18AA31E4 X-CRM114-Status: GOOD ( 13.30 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:241 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers With one exception, the internal key size constants such as FS_AES_256_XTS_KEY_SIZE are only used for the 'available_modes' array, where they really only serve to obfuscate what the values are. Also some of the constants are unused, and the key sizes tend to be in the names of the algorithms anyway. In the past these values were also misused, e.g. we used to have FS_AES_256_XTS_KEY_SIZE in places that technically should have been FS_MAX_KEY_SIZE. The exception is that FS_AES_128_ECB_KEY_SIZE is used for key derivation. But it's more appropriate to use FS_KEY_DERIVATION_NONCE_SIZE for that instead. Thus, just put the sizes directly in the 'available_modes' array. Signed-off-by: Eric Biggers --- fs/crypto/fscrypt_private.h | 10 +--------- fs/crypto/keyinfo.c | 17 ++++++----------- 2 files changed, 7 insertions(+), 20 deletions(-) diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index fb96e493167b..8358610d6558 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -18,15 +18,7 @@ /* Encryption parameters */ #define FS_IV_SIZE 16 -#define FS_AES_128_ECB_KEY_SIZE 16 -#define FS_AES_128_CBC_KEY_SIZE 16 -#define FS_AES_128_CTS_KEY_SIZE 16 -#define FS_AES_256_GCM_KEY_SIZE 32 -#define FS_AES_256_CBC_KEY_SIZE 32 -#define FS_AES_256_CTS_KEY_SIZE 32 -#define FS_AES_256_XTS_KEY_SIZE 64 - -#define FS_KEY_DERIVATION_NONCE_SIZE 16 +#define FS_KEY_DERIVATION_NONCE_SIZE 16 /** * Encryption context for inode diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 0b48aa469453..f6d6acd37b97 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -27,7 +27,7 @@ static struct crypto_shash *essiv_hash_tfm; * * Return: Zero on success; non-zero otherwise. */ -static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE], +static int derive_key_aes(u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], const struct fscrypt_key *source_key, u8 derived_raw_key[FS_MAX_KEY_SIZE]) { @@ -52,7 +52,7 @@ static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE], CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); res = crypto_skcipher_setkey(tfm, deriving_key, - FS_AES_128_ECB_KEY_SIZE); + FS_KEY_DERIVATION_NONCE_SIZE); if (res < 0) goto out; @@ -100,7 +100,6 @@ static int validate_user_key(struct fscrypt_info *crypt_info, goto out; } master_key = (struct fscrypt_key *)ukp->data; - BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE); if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE || master_key->size % AES_BLOCK_SIZE != 0) { @@ -121,14 +120,10 @@ static const struct { const char *cipher_str; int keysize; } available_modes[] = { - [FS_ENCRYPTION_MODE_AES_256_XTS] = { "xts(aes)", - FS_AES_256_XTS_KEY_SIZE }, - [FS_ENCRYPTION_MODE_AES_256_CTS] = { "cts(cbc(aes))", - FS_AES_256_CTS_KEY_SIZE }, - [FS_ENCRYPTION_MODE_AES_128_CBC] = { "cbc(aes)", - FS_AES_128_CBC_KEY_SIZE }, - [FS_ENCRYPTION_MODE_AES_128_CTS] = { "cts(cbc(aes))", - FS_AES_128_CTS_KEY_SIZE }, + [FS_ENCRYPTION_MODE_AES_256_XTS] = { "xts(aes)", 64 }, + [FS_ENCRYPTION_MODE_AES_256_CTS] = { "cts(cbc(aes))", 32 }, + [FS_ENCRYPTION_MODE_AES_128_CBC] = { "cbc(aes)", 16 }, + [FS_ENCRYPTION_MODE_AES_128_CTS] = { "cts(cbc(aes))", 16 }, }; static int determine_cipher_type(struct fscrypt_info *ci, struct inode *inode, From patchwork Mon Apr 30 22:51:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906926 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="i2/jeAeb"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="vY6o8442"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40ZgCK3SBdz9s27 for ; Tue, 1 May 2018 09:06:37 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=nqbRQvRhcB2v5hgyn6N8OHN+9p0K5hLeG+fjguP1bxE=; b=i2/jeAeb2ZeGK4la5Dl/TsIgps 6Ghv9giOL7+/5NtRVjz/nglf9g9GywOWpG3d9YJ/RLeZdcKSMkoVrbmeozCH9q+kAba4o9mR2XQOE zxnIPp8CcUHJRs+WkaAgUsZqydKYl6mrgTLT3pY0EyIqGDY5RLs4nOsCqiBQZ0uG9eY6RNv/Hydtu KgSkUoTYYbOzuvv0vR3XrZmwn5vPSRQ9VeOc+DoKUyoV4P72BS/Ad9GlEMVoUTW0Ri/UVg7t1ecFu LomPqJkmelaIiMUM+NBgD2M9jazyCUrdi0AqQ4qR0L7hUuiMxMaRtxAYvQ+E58xQcO+monv7o49eN HogdDX+Q==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHsJ-0002Fq-2K; Mon, 30 Apr 2018 23:06:27 +0000 Received: from mail-pf0-x241.google.com ([2607:f8b0:400e:c00::241]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj7-0003oe-0A for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:57:00 +0000 Received: by mail-pf0-x241.google.com with SMTP id a11so7865852pfn.9 for ; Mon, 30 Apr 2018 15:56:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=S24RiGNhuz386YKQKlb+0Ab3WqrNET6rAgJVSwGcwaA=; b=vY6o84422EjORMijAejzpjAK80ltfbu5B2QeNhW5TunpYFxLrFOCA6qbzYoH7vXfWj /UiQcqLit/1f3xWnp1qP0jqDgiDhOZkCNXC5Bpg3chX10t3PM3/1EWAgWroqKA10pBbd Ra24qYXhm8WR1VpqsJOY/jhAJHW1a8WLsCm+mYcjk2ZkykNU4u1sOLdyXNDoBiIRCVO6 tViOqhCkz/VFJbFIWIPcfTe87QW0ykrb7B71FQTaBPey5Q77OjnNaUtUeW7jiDQM16Jx W8mv4/kDXkqelWOlSXhZLVsNbTexowdfUssrQQfr8aY9RZVUdFseZWmWc8wtFxf8/9yH JVbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=S24RiGNhuz386YKQKlb+0Ab3WqrNET6rAgJVSwGcwaA=; b=Bv9Uacg+yjiH6FJHGJAbJxT02X1yNEB3Dp5NkrQDXPmz3LQ4BD29GM6jgELqyldl+m KlUZMsiay6USfsJAL/4sL+XQ2wLU4jpdEWj8/4ZXZdMm/N9HL+xNVOnWbHYp3eT2I4/m qoBrswslRog5r6NMcoAWEFP3dpytncirVHNtxZ/EiQbnfR5N2WMBLiv7n7SVujeoFLf9 8byZPv/XHdBG+UjHlWFHsk1mViyZlHZ8exwbOjejG+ihPZ9hizcN+coLEdCZJnMatqk5 LE1WAhWRWHsvpe6mwC108EAnH1s5iG+uYbcighD88EgkH4ixOZvFuEWkvezoo9MEAZW5 tmMA== X-Gm-Message-State: ALQs6tDoC/X2BcH+hb27UUoDT0oWY1rVEj1aV+sX1oLMkHctPeLnj6TO l4uy/GC639cqYccrBkvyECE= X-Google-Smtp-Source: AB8JxZpzc9IwT183rLPZZWN7JeZmepldUjQyhcgh89JsZ6+u6bKrkaGeofgJFQipPbABCK5hRJN7Og== X-Received: by 10.98.67.83 with SMTP id q80mr13591353pfa.228.1525129010777; Mon, 30 Apr 2018 15:56:50 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:50 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 13/15] fscrypt: use a common logging function Date: Mon, 30 Apr 2018 15:51:47 -0700 Message-Id: <20180430225149.183514-14-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155657_220755_06804078 X-CRM114-Status: GOOD ( 15.43 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:241 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Use a common function for fscrypt warning and error messages so that all the messages are consistently ratelimited, include the "fscrypt:" prefix, and include the filesystem name if applicable. Also fix up a few of the log messages to be more descriptive. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 28 +++++++++++++++++++++++++--- fs/crypto/fname.c | 10 ++++++---- fs/crypto/fscrypt_private.h | 8 ++++++++ fs/crypto/hooks.c | 5 +++-- fs/crypto/keyinfo.c | 27 +++++++++++++++------------ 5 files changed, 57 insertions(+), 21 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index d22887f689ad..a40d7d73b633 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -174,9 +174,10 @@ int fscrypt_do_page_crypto(const struct inode *inode, fscrypt_direction_t rw, res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); skcipher_request_free(req); if (res) { - printk_ratelimited(KERN_ERR - "%s: crypto_skcipher_encrypt() returned %d\n", - __func__, res); + fscrypt_err(inode->i_sb, + "%scryption failed for inode %lu, block %llu: %d", + (rw == FS_DECRYPT ? "de" : "en"), + inode->i_ino, lblk_num, res); return res; } return 0; @@ -416,6 +417,27 @@ int fscrypt_initialize(unsigned int cop_flags) return res; } +void fscrypt_msg(struct super_block *sb, const char *level, + const char *fmt, ...) +{ + static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, + DEFAULT_RATELIMIT_BURST); + struct va_format vaf; + va_list args; + + if (!__ratelimit(&rs)) + return; + + va_start(args, fmt); + vaf.fmt = fmt; + vaf.va = &args; + if (sb) + printk("%sfscrypt (%s): %pV\n", level, sb->s_id, &vaf); + else + printk("%sfscrypt: %pV\n", level, &vaf); + va_end(args); +} + /** * fscrypt_init() - Set up for fs encryption. */ diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 39091fc31e98..d7a0f682ca12 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -71,8 +71,9 @@ int fname_encrypt(struct inode *inode, const struct qstr *iname, res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); skcipher_request_free(req); if (res < 0) { - printk_ratelimited(KERN_ERR - "%s: Error (error code %d)\n", __func__, res); + fscrypt_err(inode->i_sb, + "Filename encryption failed for inode %lu: %d", + inode->i_ino, res); return res; } @@ -115,8 +116,9 @@ static int fname_decrypt(struct inode *inode, res = crypto_wait_req(crypto_skcipher_decrypt(req), &wait); skcipher_request_free(req); if (res < 0) { - printk_ratelimited(KERN_ERR - "%s: Error (error code %d)\n", __func__, res); + fscrypt_err(inode->i_sb, + "Filename decryption failed for inode %lu: %d", + inode->i_ino, res); return res; } diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 8358610d6558..09d6c72635b6 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -100,6 +100,14 @@ extern struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx, gfp_t gfp_flags); extern const struct dentry_operations fscrypt_d_ops; +extern void __printf(3, 4) __cold +fscrypt_msg(struct super_block *sb, const char *level, const char *fmt, ...); + +#define fscrypt_warn(sb, fmt, ...) \ + fscrypt_msg(sb, KERN_WARNING, fmt, ##__VA_ARGS__) +#define fscrypt_err(sb, fmt, ...) \ + fscrypt_msg(sb, KERN_ERR, fmt, ##__VA_ARGS__) + /* fname.c */ extern int fname_encrypt(struct inode *inode, const struct qstr *iname, u8 *out, unsigned int olen); diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c index bec06490fb13..926e5df20ec3 100644 --- a/fs/crypto/hooks.c +++ b/fs/crypto/hooks.c @@ -39,8 +39,9 @@ int fscrypt_file_open(struct inode *inode, struct file *filp) dir = dget_parent(file_dentry(filp)); if (IS_ENCRYPTED(d_inode(dir)) && !fscrypt_has_permitted_context(d_inode(dir), inode)) { - pr_warn_ratelimited("fscrypt: inconsistent encryption contexts: %lu/%lu", - d_inode(dir)->i_ino, inode->i_ino); + fscrypt_warn(inode->i_sb, + "inconsistent encryption contexts: %lu/%lu", + d_inode(dir)->i_ino, inode->i_ino); err = -EPERM; } dput(dir); diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index f6d6acd37b97..f63bfd6dffd6 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -103,9 +103,8 @@ static int validate_user_key(struct fscrypt_info *crypt_info, if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE || master_key->size % AES_BLOCK_SIZE != 0) { - printk_once(KERN_WARNING - "%s: key size incorrect: %d\n", - __func__, master_key->size); + fscrypt_warn(NULL, "key size incorrect: %u", + master_key->size); res = -ENOKEY; goto out; } @@ -132,9 +131,10 @@ static int determine_cipher_type(struct fscrypt_info *ci, struct inode *inode, u32 mode; if (!fscrypt_valid_enc_modes(ci->ci_data_mode, ci->ci_filename_mode)) { - pr_warn_ratelimited("fscrypt: inode %lu uses unsupported encryption modes (contents mode %d, filenames mode %d)\n", - inode->i_ino, - ci->ci_data_mode, ci->ci_filename_mode); + fscrypt_warn(inode->i_sb, + "inode %lu uses unsupported encryption modes (contents mode %d, filenames mode %d)", + inode->i_ino, ci->ci_data_mode, + ci->ci_filename_mode); return -EINVAL; } @@ -173,8 +173,9 @@ static int derive_essiv_salt(const u8 *key, int keysize, u8 *salt) tfm = crypto_alloc_shash("sha256", 0, 0); if (IS_ERR(tfm)) { - pr_warn_ratelimited("fscrypt: error allocating SHA-256 transform: %ld\n", - PTR_ERR(tfm)); + fscrypt_warn(NULL, + "error allocating SHA-256 transform: %ld", + PTR_ERR(tfm)); return PTR_ERR(tfm); } prev_tfm = cmpxchg(&essiv_hash_tfm, NULL, tfm); @@ -309,8 +310,9 @@ int fscrypt_get_encryption_info(struct inode *inode) ctfm = crypto_alloc_skcipher(cipher_str, 0, 0); if (IS_ERR(ctfm)) { res = PTR_ERR(ctfm); - pr_debug("%s: error %d (inode %lu) allocating crypto tfm\n", - __func__, res, inode->i_ino); + fscrypt_warn(inode->i_sb, + "error allocating '%s' transform for inode %lu: %d", + cipher_str, inode->i_ino, res); goto out; } crypt_info->ci_ctfm = ctfm; @@ -327,8 +329,9 @@ int fscrypt_get_encryption_info(struct inode *inode) crypt_info->ci_data_mode == FS_ENCRYPTION_MODE_AES_128_CBC) { res = init_essiv_generator(crypt_info, raw_key, keysize); if (res) { - pr_debug("%s: error %d (inode %lu) allocating essiv tfm\n", - __func__, res, inode->i_ino); + fscrypt_warn(inode->i_sb, + "error initializing ESSIV generator for inode %lu: %d", + inode->i_ino, res); goto out; } } From patchwork Mon Apr 30 22:51:48 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906927 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="DWtyw8zS"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="SJRGXiuc"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40ZgD86XT3z9s0n for ; Tue, 1 May 2018 09:07:20 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=cp8suDdyiUf/6mNH4gVzpVABqyaQPBZnFNdEyYp+e5w=; b=DWtyw8zS9nAv/N6vUN37LrT0D5 XyoVe0V/ivmc0HIWVFRPALU32KjEJNwKAb7ivb50xiUjXmtGzHO7kUssnRVvTUBTA/Wb0v0bdOlMs 1VUn1BtfFlEL6C+L4PGqnSZAHyGDYmebnG52UNaFNa+F+Qgcwlx0nWQsgsSlTEFIalJM0P9hLiZmx zWip94To2FroGAmYyXuvWINW2ZWAUkZnU8StM98WHOIKyhBErE9m+zhm33S7e3CHzIeQQPh3Y8yF+ 2WQ1tk1dfsojkSLU4Ti0+XW0AJDasI407cDUcQfgCR6oOk8Lc2C0J+xtPyJ9Uiop8uRY6Nw68gkPY yMZRIqOg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHsz-0002aO-UH; Mon, 30 Apr 2018 23:07:09 +0000 Received: from mail-pg0-x242.google.com ([2607:f8b0:400e:c05::242]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHjC-0003pL-DX for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:57:04 +0000 Received: by mail-pg0-x242.google.com with SMTP id a13-v6so7263603pgu.4 for ; Mon, 30 Apr 2018 15:56:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=IRxUR1yOfimCy7foxNc8YmkhY/UjM5MzF5tpF5qZDGI=; b=SJRGXiuc+pNnOexWTo29VeDwke3taMOG/FsgvKsi/jC8FCDfGS18vL5xZygy6vMbxV LtTIaa08pAPRL/Qb+7+T0Xu5acKblp6yCW8xx5KzmJglJLHi9juyvBXzbwc0Gwe5UanL qQvVHGMvofx6+ZOX2Uc2c9Z9yL1u5PIPtloUigixrXcMDqbmm/Dxs4uNE/PYSJ8Rjnql n1lCNNaw+BcS8r/zPF/8ntL0qmF/akZzvKfhqeBDRVJB/7trK9RX26RCEfK2JGYcfWDn jBIrScFmco3l5gQTUtCLP0xBFslE2JS8aMD0ILCjjAydeIqpZ6i60c+PpbYIYbLiQdFY 3dVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=IRxUR1yOfimCy7foxNc8YmkhY/UjM5MzF5tpF5qZDGI=; b=JnuNqX8nkgsd5J3/Rs94r35xPz19YEs1wOwU9xiI5IuYPuaNanB7YrYG/VXFYlbOxK zixFQkeUd7I4/4wbEqECLrdzTul18s/a4sNhEju8/lEEZSzk1mzbKPjvHXqd/cVo6fnW 2h1MtKEo70RnsJdjSSR5QYnSQQNh/QxmT3+j1e6dvX2hi4jAQqnfsbOkqngNT80antM/ cKuqZS+bM2yLBH9PXTtbanzswJRp3RDrSKuUb7tMY+oOjA75zf7EzzI3vQAX921VN8z6 NhGArE84aIHzpf2pPtjHTnnZ+ZhtZ4KxA4gvrCPdfhbhkPkIXKklSj/3me+WnRUlc6T2 D7sA== X-Gm-Message-State: ALQs6tAk1kBvbjYBAyXVyhJI6SNUdtDltq3HFqhDyYBarQzA0DYsjc3I F4xlsVUI5QtZ1vpcJur3Y4c= X-Google-Smtp-Source: AB8JxZo1Fm7LkMN3y4oEug0izoT4bEhDON6ewsOEZB1N41XBnw1esLCCG9EPQHeuNhJl2UIcyqt/vg== X-Received: by 2002:a17:902:bc08:: with SMTP id n8-v6mr13763240pls.97.1525129011714; Mon, 30 Apr 2018 15:56:51 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:50 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 14/15] fscrypt: separate key lookup from key derivation Date: Mon, 30 Apr 2018 15:51:48 -0700 Message-Id: <20180430225149.183514-15-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155702_487215_2BE8C7BA X-CRM114-Status: GOOD ( 19.02 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:242 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Refactor the confusingly-named function 'validate_user_key()' into a new function 'find_and_derive_key()' which first finds the keyring key, then does the key derivation. Among other benefits this avoids the strange behavior we had previously where if key derivation failed for some reason, then we would fall back to the alternate key prefix. Now, we'll only fall back to the alternate key prefix if a valid key isn't found. This patch also improves the warning messages that are logged when the keyring key's payload is invalid. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 122 +++++++++++++++++++++++++++----------------- 1 file changed, 74 insertions(+), 48 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index f63bfd6dffd6..f248ee9974fa 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -27,7 +27,7 @@ static struct crypto_shash *essiv_hash_tfm; * * Return: Zero on success; non-zero otherwise. */ -static int derive_key_aes(u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], +static int derive_key_aes(const u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], const struct fscrypt_key *source_key, u8 derived_raw_key[FS_MAX_KEY_SIZE]) { @@ -67,52 +67,88 @@ static int derive_key_aes(u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], return res; } -static int validate_user_key(struct fscrypt_info *crypt_info, - struct fscrypt_context *ctx, u8 *raw_key, - const char *prefix, int min_keysize) +/* + * Search the current task's subscribed keyrings for a "logon" key with + * description prefix:descriptor, and if found acquire a read lock on it and + * return a pointer to its validated payload in *payload_ret. + */ +static struct key * +find_and_lock_process_key(const char *prefix, + const u8 descriptor[FS_KEY_DESCRIPTOR_SIZE], + unsigned int min_keysize, + const struct fscrypt_key **payload_ret) { char *description; - struct key *keyring_key; - struct fscrypt_key *master_key; + struct key *key; const struct user_key_payload *ukp; - int res; + const struct fscrypt_key *payload; description = kasprintf(GFP_NOFS, "%s%*phN", prefix, - FS_KEY_DESCRIPTOR_SIZE, - ctx->master_key_descriptor); + FS_KEY_DESCRIPTOR_SIZE, descriptor); if (!description) - return -ENOMEM; + return ERR_PTR(-ENOMEM); - keyring_key = request_key(&key_type_logon, description, NULL); + key = request_key(&key_type_logon, description, NULL); kfree(description); - if (IS_ERR(keyring_key)) - return PTR_ERR(keyring_key); - down_read(&keyring_key->sem); - - ukp = user_key_payload_locked(keyring_key); - if (!ukp) { - /* key was revoked before we acquired its semaphore */ - res = -EKEYREVOKED; - goto out; + if (IS_ERR(key)) + return key; + + down_read(&key->sem); + ukp = user_key_payload_locked(key); + + if (!ukp) /* was the key revoked before we acquired its semaphore? */ + goto invalid; + + payload = (const struct fscrypt_key *)ukp->data; + + if (ukp->datalen != sizeof(struct fscrypt_key) || + payload->size < 1 || payload->size > FS_MAX_KEY_SIZE) { + fscrypt_warn(NULL, + "key with description '%s' has invalid payload", + key->description); + goto invalid; } - if (ukp->datalen != sizeof(struct fscrypt_key)) { - res = -EINVAL; - goto out; + + if (payload->size < min_keysize || + payload->size % AES_BLOCK_SIZE != 0) { + fscrypt_warn(NULL, + "key with description '%s' is too short or is misaligned (got %u bytes, need %u+ bytes)", + key->description, payload->size, min_keysize); + goto invalid; } - master_key = (struct fscrypt_key *)ukp->data; - if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE - || master_key->size % AES_BLOCK_SIZE != 0) { - fscrypt_warn(NULL, "key size incorrect: %u", - master_key->size); - res = -ENOKEY; - goto out; + *payload_ret = payload; + return key; + +invalid: + up_read(&key->sem); + key_put(key); + return ERR_PTR(-ENOKEY); +} + +/* Find the master key, then derive the inode's actual encryption key */ +static int find_and_derive_key(const struct inode *inode, + const struct fscrypt_context *ctx, + u8 *derived_key, unsigned int derived_keysize) +{ + struct key *key; + const struct fscrypt_key *payload; + int err; + + key = find_and_lock_process_key(FS_KEY_DESC_PREFIX, + ctx->master_key_descriptor, + derived_keysize, &payload); + if (key == ERR_PTR(-ENOKEY) && inode->i_sb->s_cop->key_prefix) { + key = find_and_lock_process_key(inode->i_sb->s_cop->key_prefix, + ctx->master_key_descriptor, + derived_keysize, &payload); } - res = derive_key_aes(ctx->nonce, master_key, raw_key); -out: - up_read(&keyring_key->sem); - key_put(keyring_key); - return res; + if (IS_ERR(key)) + return PTR_ERR(key); + err = derive_key_aes(ctx->nonce, payload, derived_key); + up_read(&key->sem); + key_put(key); + return err; } static const struct { @@ -293,20 +329,10 @@ int fscrypt_get_encryption_info(struct inode *inode) if (!raw_key) goto out; - res = validate_user_key(crypt_info, &ctx, raw_key, FS_KEY_DESC_PREFIX, - keysize); - if (res && inode->i_sb->s_cop->key_prefix) { - int res2 = validate_user_key(crypt_info, &ctx, raw_key, - inode->i_sb->s_cop->key_prefix, - keysize); - if (res2) { - if (res2 == -ENOKEY) - res = -ENOKEY; - goto out; - } - } else if (res) { + res = find_and_derive_key(inode, &ctx, raw_key, keysize); + if (res) goto out; - } + ctfm = crypto_alloc_skcipher(cipher_str, 0, 0); if (IS_ERR(ctfm)) { res = PTR_ERR(ctfm); From patchwork Mon Apr 30 22:51:49 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 906925 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Oflw9jqW"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="nc+QaGGw"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40ZgBZ56pKz9s0n for ; Tue, 1 May 2018 09:05:58 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=n696kw6l5o0Oc4s/Q0MjFLH0IJLenZXreRirXRBJgT0=; b=Oflw9jqW/cz3FX0hnHNYTMvkdW E4wPMB4IBEar05Jv3KVvChmC61931gyedItI7K3Kx6wBuOL1nVph9KID/bWGr1z0RND50SFgNkStt O159Y3g6dWO9/8sLSMj4Q0KGDh1tdGqHY3TyzCTv0Lnis88jmugzy9jVIxBREAOfVq4E7kZI/TCef SL9zqLqBZ38CXUb61LgBEdVAuQ21q7u6zsktFKFfWKGIAZc6AGzdB+vCajDhKrsPsEao6KgIqCk4/ Gz8T43JLm1S5lEJR9LpBWBdmr10wUDoYKMXhMNoDILbc0/gBWMvzsQsEMb9FHHEnUJ5Xuke5cHUnd FgTFZIMA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHrg-0001zy-8B; Mon, 30 Apr 2018 23:05:48 +0000 Received: from mail-pf0-x241.google.com ([2607:f8b0:400e:c00::241]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fDHj6-0003qH-Vx for linux-mtd@lists.infradead.org; Mon, 30 Apr 2018 22:57:00 +0000 Received: by mail-pf0-x241.google.com with SMTP id j11so7866033pff.10 for ; Mon, 30 Apr 2018 15:56:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=6FJK5fX6Xy34m8X70gLUAwyLpubC/LkpvQQIN9+cN18=; b=nc+QaGGwfKkQIdYEA4J+WKPM3EYIRliTwUb7DkA9HOI6ChdWYHlo1fXmP38wFOdu4t jk+hKMVh6vIBMGcg1SjDnuMOLmRV7dobT1wqa8Az8svs4Nfs7urbegH+uS+L3LD8RG0j e/1nhSHzP7n3knPI5kGxOaBEMOqAPJ6EPYf5sDZzALdmxrfHER+XTq7PH6mtc7M3+N7R QFOa5O0DSy+SDl0VFNb1bhWmBuX6sGwKol9TzeD9Ic1LyOROk0opaNavMaAfHedc/rhd SO98v8fcNI8zBReoIOi75V6e3UFLjMmdYUzfSSU9d9nAk05JBEjRQcsv0CsNL1skP5Tc XaDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=6FJK5fX6Xy34m8X70gLUAwyLpubC/LkpvQQIN9+cN18=; b=pSRv+Bt7WxB3lPacL9Nzw65PD0cd72bbbb38wUu3eehZp1z9kWZ/A49dGqDDj2DZy7 Tj8pOKA1NlCXI/kiGQnkYTIj6qGAEZ5x8idmQ2OQ6DMCBIscBDbnDZI0ZZZzgrw4YVhB rjJrU5zsfszqwDBYmkEhL1N+PlNoRkBVQ7+dTulgbsZwninLwnRYlacYDnA07TA8b/pW HmtPhj0EPIA1/lAyDX5uAjIARhKDYjGpblr4DTLuxJkpmkWCHPAMMuGKoTdpaZTVauH6 NjS5MdtPM7y/wtPhYymaEPzP2uLsb9oR6LFR6wf5HRn2ppzeyX1xhLSxgFj6ERpNboJr wqkw== X-Gm-Message-State: ALQs6tCgk0/T6VwqGbGxwyqrbGUN3y45j9aH2ABF9PjRmq3UakkDUb3q xN1Ye/3JUazsalCqyKcm3AIRcAWy X-Google-Smtp-Source: AB8JxZrbEZADLIPieDij4VBAiT1ncSAJTqVZvitaof6IITCk8FbFzeq4Msh2trjuQtXKEmI1wY8Ofw== X-Received: by 2002:a17:902:bb8c:: with SMTP id m12-v6mr14255407pls.53.1525129012623; Mon, 30 Apr 2018 15:56:52 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id b15sm12969305pfi.111.2018.04.30.15.56.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Apr 2018 15:56:51 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Subject: [PATCH 15/15] fscrypt: only derive the needed portion of the key Date: Mon, 30 Apr 2018 15:51:49 -0700 Message-Id: <20180430225149.183514-16-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog In-Reply-To: <20180430225149.183514-1-ebiggers3@gmail.com> References: <20180430225149.183514-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180430_155657_236919_3982F5D5 X-CRM114-Status: GOOD ( 15.59 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c00:0:0:0:241 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-mtd@lists.infradead.org, Eric Biggers , linux-f2fs-devel@lists.sourceforge.net MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Currently the key derivation function in fscrypt uses the master key length as the amount of output key material to derive. This works, but it means we can waste time deriving more key material than is actually used, e.g. most commonly, deriving 64 bytes for directories which only take a 32-byte AES-256-CTS-CBC key. It also forces us to validate that the master key length is a multiple of AES_BLOCK_SIZE, which wouldn't otherwise be necessary. Fix it to only derive the needed length key. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 39 ++++++++++++++++----------------------- 1 file changed, 16 insertions(+), 23 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index f248ee9974fa..c4d1388fc9b4 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -19,17 +19,16 @@ static struct crypto_shash *essiv_hash_tfm; -/** - * derive_key_aes() - Derive a key using AES-128-ECB - * @deriving_key: Encryption key used for derivation. - * @source_key: Source key to which to apply derivation. - * @derived_raw_key: Derived raw key. +/* + * Key derivation function. This generates the derived key by encrypting the + * master key with AES-128-ECB using the inode's nonce as the AES key. * - * Return: Zero on success; non-zero otherwise. + * The master key must be at least as long as the derived key. If the master + * key is longer, then only the first 'derived_keysize' bytes are used. */ -static int derive_key_aes(const u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], - const struct fscrypt_key *source_key, - u8 derived_raw_key[FS_MAX_KEY_SIZE]) +static int derive_key_aes(const u8 *master_key, + const struct fscrypt_context *ctx, + u8 *derived_key, unsigned int derived_keysize) { int res = 0; struct skcipher_request *req = NULL; @@ -51,14 +50,13 @@ static int derive_key_aes(const u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); - res = crypto_skcipher_setkey(tfm, deriving_key, - FS_KEY_DERIVATION_NONCE_SIZE); + res = crypto_skcipher_setkey(tfm, ctx->nonce, sizeof(ctx->nonce)); if (res < 0) goto out; - sg_init_one(&src_sg, source_key->raw, source_key->size); - sg_init_one(&dst_sg, derived_raw_key, source_key->size); - skcipher_request_set_crypt(req, &src_sg, &dst_sg, source_key->size, + sg_init_one(&src_sg, master_key, derived_keysize); + sg_init_one(&dst_sg, derived_key, derived_keysize); + skcipher_request_set_crypt(req, &src_sg, &dst_sg, derived_keysize, NULL); res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); out: @@ -109,10 +107,9 @@ find_and_lock_process_key(const char *prefix, goto invalid; } - if (payload->size < min_keysize || - payload->size % AES_BLOCK_SIZE != 0) { + if (payload->size < min_keysize) { fscrypt_warn(NULL, - "key with description '%s' is too short or is misaligned (got %u bytes, need %u+ bytes)", + "key with description '%s' is too short (got %u bytes, need %u+ bytes)", key->description, payload->size, min_keysize); goto invalid; } @@ -145,7 +142,7 @@ static int find_and_derive_key(const struct inode *inode, } if (IS_ERR(key)) return PTR_ERR(key); - err = derive_key_aes(ctx->nonce, payload, derived_key); + err = derive_key_aes(payload->raw, ctx, derived_key, derived_keysize); up_read(&key->sem); key_put(key); return err; @@ -325,7 +322,7 @@ int fscrypt_get_encryption_info(struct inode *inode) * crypto API as part of key derivation. */ res = -ENOMEM; - raw_key = kmalloc(FS_MAX_KEY_SIZE, GFP_NOFS); + raw_key = kmalloc(keysize, GFP_NOFS); if (!raw_key) goto out; @@ -343,10 +340,6 @@ int fscrypt_get_encryption_info(struct inode *inode) } crypt_info->ci_ctfm = ctfm; crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_REQ_WEAK_KEY); - /* - * if the provided key is longer than keysize, we use the first - * keysize bytes of the derived key only - */ res = crypto_skcipher_setkey(ctfm, raw_key, keysize); if (res) goto out;