Received: by 2002:ac0:950c:0:0:0:0:0 with SMTP id f12csp2965879imc; Wed, 13 Mar 2019 05:49:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqyVU/dJkuX/FDHopeqQuuVHSGUtu2JPVIZeo0WRJLH5AbvOc61eFgnX3ZW9Mv4S+wUGiLtv X-Received: by 2002:a17:902:5a41:: with SMTP id f1mr3387051plm.202.1552481397680; Wed, 13 Mar 2019 05:49:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552481397; cv=none; d=google.com; s=arc-20160816; b=B3HRxBmf5s9ap/3LM7Xr2HnnsGd89AW8B2quIRdsm2GYmgohiG60sz4OW4y0TBNBi1 bVvz1gp8v+Wj55451aHT4Qhy5sG08XBCOx0arxdkssCtrXeAlIGWEXGfsWKACbjWM55D DDArpJOa+eYIKiQ4FWXjiQ+H0TiceGVWxGI2RVlYqCeyCzpiyywljzvFml78t2uO2Pcs jbU4Niyf9NURLfsWhLRlUz8GQqswkMPCcUvtP/6gVzWnz6VXNw84ecSfU8QIPFW2tB9z MrhhXBaMl/D1UztrfxktLQI8slPL6jNGL2RKGKEGs2HCuxs3H3xyf5k6LbwK6MDlke0m r3Vg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=NMjHWc7b8Jz7XjSt1vUTn1iVybFoE0bGsjme8LrGHek=; b=o//Qd+CUswb8w7fS1mKsFmWXGu0Ab87ovKncttP+Njv4wcX25N4KnNLAstZfJSQhhC IBBKwLqfpXTk/hSc0A9MKnxxbTNAcombbXOOzpaQTT4xgO7mUyz1j58ciN4nZbFQFLcs FTh+6Im0Jj/eVIKVzIxz19BY/vD+jK/4ctL2gE7Vux3RTfn/rsqOivHPJOE8z93t/VlO FFPY7fiOGiyzPbkHubrjT3FO50TQoLuE29TJz7Jmm5cEYVwWiNdBJ7xbeZej1ETgjQPo ud9kDc5yzQ5OaYMg0ag6aWRrHcLDT99C1TN6smItg2nbQM+Pg7v/yrdR34jEA6ZKDc34 ko+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d11si10710344pls.255.2019.03.13.05.49.41; Wed, 13 Mar 2019 05:49:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726444AbfCMMro convert rfc822-to-8bit (ORCPT + 99 others); Wed, 13 Mar 2019 08:47:44 -0400 Received: from lithops.sigma-star.at ([195.201.40.130]:41950 "EHLO lithops.sigma-star.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725868AbfCMMro (ORCPT ); Wed, 13 Mar 2019 08:47:44 -0400 Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id B1A7C609186C; Wed, 13 Mar 2019 13:47:41 +0100 (CET) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id MT2xNyXoIwxw; Wed, 13 Mar 2019 13:47:41 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id 50C39609187E; Wed, 13 Mar 2019 13:47:41 +0100 (CET) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 8e52FewGmFx8; Wed, 13 Mar 2019 13:47:41 +0100 (CET) Received: from blindfold.localnet (unknown [82.150.214.1]) by lithops.sigma-star.at (Postfix) with ESMTPSA id ECFD6609186C; Wed, 13 Mar 2019 13:47:40 +0100 (CET) From: Richard Weinberger To: Miklos Szeredi Cc: linux-fsdevel@vger.kernel.org, linux-fscrypt@vger.kernel.org, overlayfs , linux-kernel@vger.kernel.org Subject: Re: overlayfs vs. fscrypt Date: Wed, 13 Mar 2019 13:47:40 +0100 Message-ID: <1852545.qrIQg0rEWx@blindfold> In-Reply-To: References: <4603533.ZIfxmiEf7K@blindfold> MIME-Version: 1.0 Content-Transfer-Encoding: 8BIT Content-Type: text/plain; charset="iso-8859-1" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am Mittwoch, 13. M?rz 2019, 13:36:02 CET schrieb Miklos Szeredi: > I don't get it. Does fscrypt try to check permissions via > ->d_revalidate? Why is it not doing that via ->permission()? Please let me explain. Suppose we have a fscrypto directory /mnt and I *don't* have the key. When reading the directory contents of /mnt will return an encrypted filename. e.g. # ls /mnt +mcQ46ne5Y8U6JMV9Wdq2C As soon I load my key the real name is shown and I can read the file contents too. That's why fscrypt has ->d_revalidate(). It checks for the key, if the key is still not here -> stay with the old encrypted name. If the key is present -> reveal the real name. Same happens on the other direction if I unlink my key from the keyring. > > > > 2. Teach overlayfs to deal with a upper that has ->d_revalidate(). > > Given the complexity of overlayfs I'm not sure how feasible this is. > > But I'm no overlayfs expert, maybe I miss something. > > I don't think it would be too complex. But first I'd like to > understand exactly why fscrypt is (ab) using d_revalidate(). I hope my answer makes things more clear. Thanks, //richard