linux-stable.git/fs/crypto, branch v6.9 Linux kernel stable tree Merge tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux 2024-03-12T20:17:36+00:00 Linus Torvalds torvalds@linux-foundation.org 2024-03-12T20:17:36+00:00 3bf95d567d67f8d78d7d2c8553025eaa02e1d9c5 Pull fscrypt updates from Eric Biggers: "Fix flakiness in a test by releasing the quota synchronously when a key is removed, and other minor cleanups" * tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux: fscrypt: shrink the size of struct fscrypt_inode_info slightly fscrypt: write CBC-CTS instead of CTS-CBC fscrypt: clear keyring before calling key_put() fscrypt: explicitly require that inode->i_blkbits be set 
Pull fscrypt updates from Eric Biggers:
 "Fix flakiness in a test by releasing the quota synchronously when a
  key is removed, and other minor cleanups"

* tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux:
  fscrypt: shrink the size of struct fscrypt_inode_info slightly
  fscrypt: write CBC-CTS instead of CTS-CBC
  fscrypt: clear keyring before calling key_put()
  fscrypt: explicitly require that inode->i_blkbits be set
Merge tag 'for-next-6.9' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/krisman/unicode into vfs.misc 2024-03-07T10:55:41+00:00 Christian Brauner brauner@kernel.org 2024-03-07T10:55:41+00:00 09406ad8e5105729291a7639160e0cd51c9e0c6c Merge case-insensitive updates from Gabriel Krisman Bertazi: - Patch case-insensitive lookup by trying the case-exact comparison first, before falling back to costly utf8 casefolded comparison. - Fix to forbid using a case-insensitive directory as part of an overlayfs mount. - Patchset to ensure d_op are set at d_alloc time for fscrypt and casefold volumes, ensuring filesystem dentries will all have the correct ops, whether they come from a lookup or not. * tag 'for-next-6.9' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/krisman/unicode: libfs: Drop generic_set_encrypted_ci_d_ops ubifs: Configure dentry operations at dentry-creation time f2fs: Configure dentry operations at dentry-creation time ext4: Configure dentry operations at dentry-creation time libfs: Add helper to choose dentry operations at mount-time libfs: Merge encrypted_ci_dentry_ops and ci_dentry_ops fscrypt: Drop d_revalidate once the key is added fscrypt: Drop d_revalidate for valid dentries during lookup fscrypt: Factor out a helper to configure the lookup dentry ovl: Always reject mounting over case-insensitive directories libfs: Attempt exact-match comparison first during casefolded lookup Signed-off-by: Christian Brauner <brauner@kernel.org> 
Merge case-insensitive updates from Gabriel Krisman Bertazi:

- Patch case-insensitive lookup by trying the case-exact comparison
  first, before falling back to costly utf8 casefolded comparison.

- Fix to forbid using a case-insensitive directory as part of an
  overlayfs mount.

- Patchset to ensure d_op are set at d_alloc time for fscrypt and
  casefold volumes, ensuring filesystem dentries will all have the
  correct ops, whether they come from a lookup or not.

* tag 'for-next-6.9' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/krisman/unicode:
  libfs: Drop generic_set_encrypted_ci_d_ops
  ubifs: Configure dentry operations at dentry-creation time
  f2fs: Configure dentry operations at dentry-creation time
  ext4: Configure dentry operations at dentry-creation time
  libfs: Add helper to choose dentry operations at mount-time
  libfs: Merge encrypted_ci_dentry_ops and ci_dentry_ops
  fscrypt: Drop d_revalidate once the key is added
  fscrypt: Drop d_revalidate for valid dentries during lookup
  fscrypt: Factor out a helper to configure the lookup dentry
  ovl: Always reject mounting over case-insensitive directories
  libfs: Attempt exact-match comparison first during casefolded lookup

Signed-off-by: Christian Brauner <brauner@kernel.org>
fscrypt: Factor out a helper to configure the lookup dentry 2024-02-27T21:55:34+00:00 Gabriel Krisman Bertazi krisman@suse.de 2024-02-21T17:14:04+00:00 8b6bb995d3819218498bdbee4465bffff1497a31 Both fscrypt_prepare_lookup_partial and fscrypt_prepare_lookup will set DCACHE_NOKEY_NAME for dentries when the key is not available. Extract out a helper to set this flag in a single place, in preparation to also add the optimization that will disable ->d_revalidate if possible. Reviewed-by: Eric Biggers <ebiggers@google.com> Link: https://lore.kernel.org/r/20240221171412.10710-3-krisman@suse.de Signed-off-by: Gabriel Krisman Bertazi <krisman@suse.de> 
Both fscrypt_prepare_lookup_partial and fscrypt_prepare_lookup will set
DCACHE_NOKEY_NAME for dentries when the key is not available. Extract
out a helper to set this flag in a single place, in preparation to also
add the optimization that will disable ->d_revalidate if possible.

Reviewed-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20240221171412.10710-3-krisman@suse.de
Signed-off-by: Gabriel Krisman Bertazi <krisman@suse.de>
fscrypt: shrink the size of struct fscrypt_inode_info slightly 2024-02-24T06:03:48+00:00 Eric Biggers ebiggers@google.com 2024-02-24T06:01:03+00:00 8c62f31eddb71c6f6878258579318c1156045247 Shrink the size of struct fscrypt_inode_info by 8 bytes by packing the small fields into the 64 bits after ci_enc_key. Link: https://lore.kernel.org/r/20240224060103.91037-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 
Shrink the size of struct fscrypt_inode_info by 8 bytes by packing the
small fields into the 64 bits after ci_enc_key.

Link: https://lore.kernel.org/r/20240224060103.91037-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
fscrypt: write CBC-CTS instead of CTS-CBC 2024-02-24T05:38:59+00:00 Eric Biggers ebiggers@google.com 2024-02-24T05:35:49+00:00 2f944c66ae73eed4250607ccd3acdf2531afc194 Calling CBC with ciphertext stealing "CBC-CTS" seems to be more common than calling it "CTS-CBC". E.g., CBC-CTS is used by OpenSSL, Crypto++, RFC3962, and RFC6803. The NIST SP800-38A addendum uses CBC-CS1, CBC-CS2, and CBC-CS3, distinguishing between different CTS conventions but similarly putting the CBC part first. In the interest of avoiding any idiosyncratic terminology, update the fscrypt documentation and the fscrypt_mode "friendly names" to align with the more common convention. Changing the "friendly names" only affects some log messages. The actual mode constants in the API are unchanged; those call it simply "CTS". Add a note to the documentation that clarifies that "CBC" and "CTS" in the API really mean CBC-ESSIV and CBC-CTS, respectively. Link: https://lore.kernel.org/r/20240224053550.44659-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 
Calling CBC with ciphertext stealing "CBC-CTS" seems to be more common
than calling it "CTS-CBC".  E.g., CBC-CTS is used by OpenSSL, Crypto++,
RFC3962, and RFC6803.  The NIST SP800-38A addendum uses CBC-CS1,
CBC-CS2, and CBC-CS3, distinguishing between different CTS conventions
but similarly putting the CBC part first.  In the interest of avoiding
any idiosyncratic terminology, update the fscrypt documentation and the
fscrypt_mode "friendly names" to align with the more common convention.

Changing the "friendly names" only affects some log messages.  The
actual mode constants in the API are unchanged; those call it simply
"CTS".  Add a note to the documentation that clarifies that "CBC" and
"CTS" in the API really mean CBC-ESSIV and CBC-CTS, respectively.

Link: https://lore.kernel.org/r/20240224053550.44659-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
fscrypt: clear keyring before calling key_put() 2024-02-07T00:55:35+00:00 Luis Henriques lhenriques@suse.de 2024-02-06T10:16:19+00:00 d3a7bd4200762d11c33ebe7e2c47c5813ddc65b4 Now that the key quotas are handled immediately on key_put() instead of being postponed to the key management garbage collection worker, a call to keyring_clear() is all that is required in fscrypt_put_master_key() so that the keyring clean-up is also done synchronously. This patch should fix the fstest generic/581 flakiness. Signed-off-by: Luis Henriques <lhenriques@suse.de> Link: https://lore.kernel.org/r/20240206101619.8083-1-lhenriques@suse.de [ebiggers: added comment] Signed-off-by: Eric Biggers <ebiggers@google.com> 
Now that the key quotas are handled immediately on key_put() instead of
being postponed to the key management garbage collection worker, a call
to keyring_clear() is all that is required in fscrypt_put_master_key()
so that the keyring clean-up is also done synchronously.  This patch
should fix the fstest generic/581 flakiness.

Signed-off-by: Luis Henriques <lhenriques@suse.de>
Link: https://lore.kernel.org/r/20240206101619.8083-1-lhenriques@suse.de
[ebiggers: added comment]
Signed-off-by: Eric Biggers <ebiggers@google.com>
fscrypt: explicitly require that inode->i_blkbits be set 2024-02-01T02:44:59+00:00 Xiubo Li xiubli@redhat.com 2024-02-01T00:35:25+00:00 5befc19caec93f0088595b4d28baf10658c27a0f Document that fscrypt_prepare_new_inode() requires inode->i_blkbits to be set, and make it WARN if it's not. This would have made the CephFS bug https://tracker.ceph.com/issues/64035 a bit easier to debug. Signed-off-by: Xiubo Li <xiubli@redhat.com> Link: https://lore.kernel.org/r/20240201003525.1788594-1-xiubli@redhat.com Signed-off-by: Eric Biggers <ebiggers@google.com> 
Document that fscrypt_prepare_new_inode() requires inode->i_blkbits to
be set, and make it WARN if it's not.  This would have made the CephFS
bug https://tracker.ceph.com/issues/64035 a bit easier to debug.

Signed-off-by: Xiubo Li <xiubli@redhat.com>
Link: https://lore.kernel.org/r/20240201003525.1788594-1-xiubli@redhat.com
Signed-off-by: Eric Biggers <ebiggers@google.com>
Merge tag 'exportfs-6.9' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/cel/linux 2024-01-23T16:56:30+00:00 Christian Brauner brauner@kernel.org 2024-01-23T16:25:51+00:00 0000ff2523df42bcf3c2fe3e8daaeca038835487 Merge exportfs fixes from Chuck Lever: * tag 'exportfs-6.9' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/cel/linux: fs: Create a generic is_dot_dotdot() utility exportfs: fix the fallback implementation of the get_name export operation Link: https://lore.kernel.org/r/BDC2AEB4-7085-4A7C-8DE8-A659FE1DBA6A@oracle.com Signed-off-by: Christian Brauner <brauner@kernel.org> 
Merge exportfs fixes from Chuck Lever:

* tag 'exportfs-6.9' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/cel/linux:
  fs: Create a generic is_dot_dotdot() utility
  exportfs: fix the fallback implementation of the get_name export operation

Link: https://lore.kernel.org/r/BDC2AEB4-7085-4A7C-8DE8-A659FE1DBA6A@oracle.com
Signed-off-by: Christian Brauner <brauner@kernel.org>
fs: Create a generic is_dot_dotdot() utility 2024-01-23T15:58:56+00:00 Chuck Lever chuck.lever@oracle.com 2023-12-31T00:46:00+00:00 42c3732fa8073717dd7d924472f1c0bc5b452fdc De-duplicate the same functionality in several places by hoisting the is_dot_dotdot() utility function into linux/fs.h. Suggested-by: Amir Goldstein <amir73il@gmail.com> Reviewed-by: Jeff Layton <jlayton@kernel.org> Reviewed-by: Amir Goldstein <amir73il@gmail.com> Acked-by: Christian Brauner <brauner@kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 
De-duplicate the same functionality in several places by hoisting
the is_dot_dotdot() utility function into linux/fs.h.

Suggested-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Acked-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
fscrypt: document that CephFS supports fscrypt now 2023-12-27T04:55:42+00:00 Eric Biggers ebiggers@google.com 2023-12-27T04:51:58+00:00 c1f1f5bf413936a93fea0f920e9aafff3551ad56 The help text for CONFIG_FS_ENCRYPTION and the fscrypt.rst documentation file both list the filesystems that support fscrypt. CephFS added support for fscrypt in v6.6, so add CephFS to the list. Link: https://lore.kernel.org/r/20231227045158.87276-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 
The help text for CONFIG_FS_ENCRYPTION and the fscrypt.rst documentation
file both list the filesystems that support fscrypt.  CephFS added
support for fscrypt in v6.6, so add CephFS to the list.

Link: https://lore.kernel.org/r/20231227045158.87276-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>