From: Xiubo Li <[email protected]>
The inode->i_blkbits should be already set before calling
fscrypt_get_encryption_info() and it will be used this to setup the
ci_data_unit_bits.
Signed-off-by: Xiubo Li <[email protected]>
---
fs/crypto/keysetup.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index d71f7c799e79..909187e52bae 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -702,6 +702,9 @@ int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported)
* This doesn't persist the new inode's encryption context. That still needs to
* be done later by calling fscrypt_set_context().
*
+ * Please note that the inode->i_blkbits should be already set before calling
+ * this and later it will be used to setup the ci_data_unit_bits.
+ *
* Return: 0 on success, -ENOKEY if the encryption key is missing, or another
* -errno code
*/
@@ -717,6 +720,9 @@ int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode,
if (IS_ERR(policy))
return PTR_ERR(policy);
+ if (WARN_ON_ONCE(inode->i_blkbits == 0))
+ return -EINVAL;
+
if (WARN_ON_ONCE(inode->i_mode == 0))
return -EINVAL;
--
2.43.0
On Thu, Jan 25, 2024 at 12:48:25PM +0800, [email protected] wrote:
> From: Xiubo Li <[email protected]>
>
> The inode->i_blkbits should be already set before calling
> fscrypt_get_encryption_info() and it will be used this to setup the
> ci_data_unit_bits.
>
> Signed-off-by: Xiubo Li <[email protected]>
> ---
> fs/crypto/keysetup.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
> index d71f7c799e79..909187e52bae 100644
> --- a/fs/crypto/keysetup.c
> +++ b/fs/crypto/keysetup.c
> @@ -702,6 +702,9 @@ int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported)
> /**
> * fscrypt_prepare_new_inode() - prepare to create a new inode in a directory
> * @dir: a possibly-encrypted directory
> * @inode: the new inode. ->i_mode must be set already.
> * ->i_ino doesn't need to be set yet.
Maybe just change the above to "->i_mode and ->i_blkbits", instead of adding a
separate paragraph?
> * @encrypt_ret: (output) set to %true if the new inode will be encrypted
> *
> * If the directory is encrypted, set up its ->i_crypt_info in preparation for
> * encrypting the name of the new file. Also, if the new inode will be
> * encrypted, set up its ->i_crypt_info and set *encrypt_ret=true.
> *
> * This isn't %GFP_NOFS-safe, and therefore it should be called before starting
> * any filesystem transaction to create the inode. For this reason, ->i_ino
> * isn't required to be set yet, as the filesystem may not have set it yet.
> *
> * This doesn't persist the new inode's encryption context. That still needs to
> * be done later by calling fscrypt_set_context().
> *
> + * Please note that the inode->i_blkbits should be already set before calling
> + * this and later it will be used to setup the ci_data_unit_bits.
> + *
> * Return: 0 on success, -ENOKEY if the encryption key is missing, or another
> * -errno code
> */
> @@ -717,6 +720,9 @@ int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode,
> if (IS_ERR(policy))
> return PTR_ERR(policy);
>
> + if (WARN_ON_ONCE(inode->i_blkbits == 0))
> + return -EINVAL;
> +
Thanks,
- Eric
On 1/27/24 14:37, Eric Biggers wrote:
> On Thu, Jan 25, 2024 at 12:48:25PM +0800, [email protected] wrote:
>> From: Xiubo Li <[email protected]>
>>
>> The inode->i_blkbits should be already set before calling
>> fscrypt_get_encryption_info() and it will be used this to setup the
>> ci_data_unit_bits.
>>
>> Signed-off-by: Xiubo Li <[email protected]>
>> ---
>> fs/crypto/keysetup.c | 6 ++++++
>> 1 file changed, 6 insertions(+)
>>
>> diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
>> index d71f7c799e79..909187e52bae 100644
>> --- a/fs/crypto/keysetup.c
>> +++ b/fs/crypto/keysetup.c
>> @@ -702,6 +702,9 @@ int fscrypt_get_encryption_info(struct inode *inode, bool allow_unsupported)
>> /**
>> * fscrypt_prepare_new_inode() - prepare to create a new inode in a directory
>> * @dir: a possibly-encrypted directory
>> * @inode: the new inode. ->i_mode must be set already.
>> * ->i_ino doesn't need to be set yet.
> Maybe just change the above to "->i_mode and ->i_blkbits", instead of adding a
> separate paragraph?
Just back from PTO.
Yeah, this sounds much better. I will fix it.
Thanks
- Xiubo
>> * @encrypt_ret: (output) set to %true if the new inode will be encrypted
>> *
>> * If the directory is encrypted, set up its ->i_crypt_info in preparation for
>> * encrypting the name of the new file. Also, if the new inode will be
>> * encrypted, set up its ->i_crypt_info and set *encrypt_ret=true.
>> *
>> * This isn't %GFP_NOFS-safe, and therefore it should be called before starting
>> * any filesystem transaction to create the inode. For this reason, ->i_ino
>> * isn't required to be set yet, as the filesystem may not have set it yet.
>> *
>> * This doesn't persist the new inode's encryption context. That still needs to
>> * be done later by calling fscrypt_set_context().
>> *
>> + * Please note that the inode->i_blkbits should be already set before calling
>> + * this and later it will be used to setup the ci_data_unit_bits.
>> + *
>> * Return: 0 on success, -ENOKEY if the encryption key is missing, or another
>> * -errno code
>> */
>> @@ -717,6 +720,9 @@ int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode,
>> if (IS_ERR(policy))
>> return PTR_ERR(policy);
>>
>> + if (WARN_ON_ONCE(inode->i_blkbits == 0))
>> + return -EINVAL;
>> +
> Thanks,
>
> - Eric
>