From: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
To: Boris Burkov <boris@bur.io>
Cc: Chris Mason <clm@fb.com>, Josef Bacik <josef@toxicpanda.com>,
David Sterba <dsterba@suse.com>,
Eric Biggers <ebiggers@kernel.org>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
kernel-team@meta.com, linux-btrfs@vger.kernel.org,
linux-fscrypt@vger.kernel.org,
Omar Sandoval <osandov@osandov.com>
Subject: Re: [PATCH v1 05/17] btrfs: add inode encryption contexts
Date: Sun, 16 Jul 2023 21:43:39 -0400 [thread overview]
Message-ID: <09d05271-3b4d-dcaa-bac6-b8fbde02a948@dorminy.me> (raw)
In-Reply-To: <20230707233256.GA2579580@zen>
On 7/7/23 19:32, Boris Burkov wrote:
> On Wed, Jun 28, 2023 at 08:35:28PM -0400, Sweet Tea Dorminy wrote:
>> From: Omar Sandoval <osandov@osandov.com>
>>
>> In order to store encryption information for directories, symlinks,
>> etc., fscrypt stores a context item with each encrypted non-regular
>> inode. fscrypt provides an arbitrary blob for the filesystem to store,
>> and it does not clearly fit into an existing structure, so this goes in
>> a new item type.
>>
>> Signed-off-by: Omar Sandoval <osandov@osandov.com>
>> Signed-off-by: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
>> ---
>> fs/btrfs/fscrypt.c | 116 ++++++++++++++++++++++++++++++++
>> fs/btrfs/fscrypt.h | 2 +
>> fs/btrfs/inode.c | 19 ++++++
>> fs/btrfs/ioctl.c | 8 ++-
>> include/uapi/linux/btrfs_tree.h | 10 +++
>> 5 files changed, 153 insertions(+), 2 deletions(-)
>>
>> diff --git a/fs/btrfs/fscrypt.c b/fs/btrfs/fscrypt.c
>> index 3a53dc59c1e4..235f65e43d96 100644
>> --- a/fs/btrfs/fscrypt.c
>> +++ b/fs/btrfs/fscrypt.c
>> @@ -1,8 +1,124 @@
>> // SPDX-License-Identifier: GPL-2.0
>>
>> +#include <linux/iversion.h>
>> #include "ctree.h"
>> +#include "accessors.h"
>> +#include "btrfs_inode.h"
>> +#include "disk-io.h"
>> +#include "fs.h"
>> #include "fscrypt.h"
>> +#include "ioctl.h"
>> +#include "messages.h"
>> +#include "transaction.h"
>> +#include "xattr.h"
>> +
>> +static int btrfs_fscrypt_get_context(struct inode *inode, void *ctx, size_t len)
>> +{
>> + struct btrfs_key key = {
>> + .objectid = btrfs_ino(BTRFS_I(inode)),
>> + .type = BTRFS_FSCRYPT_CTXT_ITEM_KEY,
>> + .offset = 0,
>> + };
>> + struct btrfs_path *path;
>> + struct extent_buffer *leaf;
>> + unsigned long ptr;
>> + int ret;
>> +
>> +
>> + path = btrfs_alloc_path();
>> + if (!path)
>> + return -ENOMEM;
>> +
>> + ret = btrfs_search_slot(NULL, BTRFS_I(inode)->root, &key, path, 0, 0);
>> + if (ret) {
>> + len = -EINVAL;
>
> I'm a little wary about squishing the errors down like this. It could
> be some error, in which case it might be interesting to get the real errno
> or it could be ret > 1, in which case I think ENOENT is more useful than
> EINVAL.
I'll make it ENOENT.
> Also, having a ret variable and mashing that into len feels kinda weird.
> Maybe that's the neatest way to write this logic, though.
It's the way the existing fscrypt interface does things, so it'd be hard
to change.
>
> Since the variables usually go by ctx, I lightly prefer CTX_ITEM_KEY.
> Obviously not a big deal.
Sure, will do.
next prev parent reply other threads:[~2023-07-17 1:43 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-29 0:35 [PATCH v1 00/17] btrfs: add encryption feature Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 01/17] btrfs: disable various operations on encrypted inodes Sweet Tea Dorminy
2023-07-07 23:36 ` Boris Burkov
2023-07-17 1:42 ` Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 02/17] btrfs: disable verity " Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 03/17] fscrypt: expose fscrypt_nokey_name Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 04/17] btrfs: start using fscrypt hooks Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 05/17] btrfs: add inode encryption contexts Sweet Tea Dorminy
2023-07-07 23:32 ` Boris Burkov
2023-07-17 1:43 ` Sweet Tea Dorminy [this message]
2023-06-29 0:35 ` [PATCH v1 06/17] btrfs: add new FEATURE_INCOMPAT_ENCRYPT flag Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 07/17] btrfs: adapt readdir for encrypted and nokey names Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 08/17] btrfs: use correct name hash for " Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 09/17] btrfs: implement fscrypt ioctls Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 10/17] btrfs: add encryption to CONFIG_BTRFS_DEBUG Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 11/17] btrfs: add get_devices hook for fscrypt Sweet Tea Dorminy
2023-06-29 13:20 ` Luís Henriques
2023-06-29 0:35 ` [PATCH v1 12/17] btrfs: turn on inlinecrypt mount option for encrypt Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 13/17] btrfs: turn on the encryption ioctls Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 14/17] btrfs: create and free extent fscrypt_infos Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 15/17] btrfs: start tracking extent encryption context info Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 16/17] btrfs: explicitly track file extent length and encryption Sweet Tea Dorminy
2023-06-29 0:35 ` [PATCH v1 17/17] btrfs: save and load fscrypt extent contexts Sweet Tea Dorminy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=09d05271-3b4d-dcaa-bac6-b8fbde02a948@dorminy.me \
--to=sweettea-kernel@dorminy.me \
--cc=boris@bur.io \
--cc=clm@fb.com \
--cc=dsterba@suse.com \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=josef@toxicpanda.com \
--cc=kernel-team@meta.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=osandov@osandov.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).