Now that the key quotas are handled immediately on key_put() instead of
being postponed to the key management garbage collection worker, a call to
keyring_clear() is all that is required in fscrypt_put_master_key() so that
the keyring clean-up is also done synchronously. This patch should fix the
fstest generic/581 flakiness.
Signed-off-by: Luis Henriques <[email protected]>
---
Hi!
I know that patch "keys: update key quotas in key_put()" isn't yet merged
but since David and Jarkko seem to be OK with it, it doesn't hurt to send
this follow-up patch immediately.
Cheers,
--
Luis
fs/crypto/keyring.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/fs/crypto/keyring.c b/fs/crypto/keyring.c
index 0edf0b58daa7..dfdaae16b83a 100644
--- a/fs/crypto/keyring.c
+++ b/fs/crypto/keyring.c
@@ -74,8 +74,11 @@ void fscrypt_put_master_key(struct fscrypt_master_key *mk)
* that concurrent keyring lookups can no longer find it.
*/
WARN_ON_ONCE(refcount_read(&mk->mk_active_refs) != 0);
- key_put(mk->mk_users);
- mk->mk_users = NULL;
+ if (mk->mk_users) {
+ keyring_clear(mk->mk_users);
+ key_put(mk->mk_users);
+ mk->mk_users = NULL;
+ }
call_rcu(&mk->mk_rcu_head, fscrypt_free_master_key);
}
On Tue, Feb 06, 2024 at 10:16:19AM +0000, Luis Henriques wrote:
> Now that the key quotas are handled immediately on key_put() instead of
> being postponed to the key management garbage collection worker, a call to
> keyring_clear() is all that is required in fscrypt_put_master_key() so that
> the keyring clean-up is also done synchronously. This patch should fix the
> fstest generic/581 flakiness.
>
> Signed-off-by: Luis Henriques <[email protected]>
> ---
> Hi!
>
> I know that patch "keys: update key quotas in key_put()" isn't yet merged
> but since David and Jarkko seem to be OK with it, it doesn't hurt to send
> this follow-up patch immediately.
>
> Cheers,
> --
> Luis
>
> fs/crypto/keyring.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/fs/crypto/keyring.c b/fs/crypto/keyring.c
> index 0edf0b58daa7..dfdaae16b83a 100644
> --- a/fs/crypto/keyring.c
> +++ b/fs/crypto/keyring.c
> @@ -74,8 +74,11 @@ void fscrypt_put_master_key(struct fscrypt_master_key *mk)
> * that concurrent keyring lookups can no longer find it.
> */
> WARN_ON_ONCE(refcount_read(&mk->mk_active_refs) != 0);
> - key_put(mk->mk_users);
> - mk->mk_users = NULL;
> + if (mk->mk_users) {
> + keyring_clear(mk->mk_users);
> + key_put(mk->mk_users);
> + mk->mk_users = NULL;
> + }
> call_rcu(&mk->mk_rcu_head, fscrypt_free_master_key);
Applied, thanks. I added a comment above the call to keyring_clear() to explain
why it's there:
/* Clear the keyring so the quota gets released right away. */
- Eric
Eric Biggers <[email protected]> writes:
> On Tue, Feb 06, 2024 at 10:16:19AM +0000, Luis Henriques wrote:
>> Now that the key quotas are handled immediately on key_put() instead of
>> being postponed to the key management garbage collection worker, a call to
>> keyring_clear() is all that is required in fscrypt_put_master_key() so that
>> the keyring clean-up is also done synchronously. This patch should fix the
>> fstest generic/581 flakiness.
>>
>> Signed-off-by: Luis Henriques <[email protected]>
>> ---
>> Hi!
>>
>> I know that patch "keys: update key quotas in key_put()" isn't yet merged
>> but since David and Jarkko seem to be OK with it, it doesn't hurt to send
>> this follow-up patch immediately.
>>
>> Cheers,
>> --
>> Luis
>>
>> fs/crypto/keyring.c | 7 +++++--
>> 1 file changed, 5 insertions(+), 2 deletions(-)
>>
>> diff --git a/fs/crypto/keyring.c b/fs/crypto/keyring.c
>> index 0edf0b58daa7..dfdaae16b83a 100644
>> --- a/fs/crypto/keyring.c
>> +++ b/fs/crypto/keyring.c
>> @@ -74,8 +74,11 @@ void fscrypt_put_master_key(struct fscrypt_master_key *mk)
>> * that concurrent keyring lookups can no longer find it.
>> */
>> WARN_ON_ONCE(refcount_read(&mk->mk_active_refs) != 0);
>> - key_put(mk->mk_users);
>> - mk->mk_users = NULL;
>> + if (mk->mk_users) {
>> + keyring_clear(mk->mk_users);
>> + key_put(mk->mk_users);
>> + mk->mk_users = NULL;
>> + }
>> call_rcu(&mk->mk_rcu_head, fscrypt_free_master_key);
>
> Applied, thanks. I added a comment above the call to keyring_clear() to explain
> why it's there:
>
> /* Clear the keyring so the quota gets released right away. */
Awesome, makes sense. Thanks a lot, Eric!
Cheers,
--
Luís