Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp3078506pxp; Tue, 22 Mar 2022 11:34:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy2pfVUkyH8QTfNMOsMWtLqUWlWw5t8uuswWcsF2j6wlXXrt6gcF5csPFRwNPZe1qo5fmnE X-Received: by 2002:a05:6a00:2405:b0:4e1:5008:adcc with SMTP id z5-20020a056a00240500b004e15008adccmr30204935pfh.35.1647974050729; Tue, 22 Mar 2022 11:34:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1647974050; cv=none; d=google.com; s=arc-20160816; b=vQHDSiNPp94BHCkorxxAcLnzlCo6DFnWNxonWc6MlycbLbV//Eb83fbaMx1Oolpk08 lAxWrTnDAAa4Rc1P4r9KpNz6xbaUfMKtxfVmGY2mOLTjauJJ1bU+wodl+46hBwmsi14C S7AK8lXhtbcrY4j65RYoKPD8W1leA9yiZ3bUTSPLn7ptlsTrQGGZcDhxeQfzWmzWRPr8 xZdNz/dJ2e0neLh3qBMX+xH8eRUgdoYfSz+6hEYqt6jAhsp+qi4aPboyNiKoX1+mzUnI bjIGyysxUj6NUOSyaQwr/FINormkOW/gyVKWfMlrI3A1GFMx59bGBs7ULZr+CqZDeXli FfAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=qdO/Wqd4DGMBNyZW4WtKMKv8wBGM+/j46KrSsnEX1PU=; b=09oO7UbAgupvHATS/IyWehXmxaZf94AS1hvLQhwqbHXbZMXx0VP1Cq6sdY+rZzAun6 gRxuqYPlzu4hBRkDHRMt2dBOiFetW+w2VIEpKHhLfaJUcVIO30Bh5W0uiDmJGCGjH0hl egK2+QobZAkqTXo1Io7ADYuqU5UcdL8p2AbggxXlNjN2Y1HvKS3PKh9REdiyakRQA722 U/SwLVpLOKxxyOlxBiVBQQAFTZybqx2wmv//OF9nmQHDnupOKpjbyTqxTH3Y3xMlUsgJ E7Ci0Rj3Aygba5gB8xoLGyBdjt9og7KwAPfE2HRx0RAYmVzYzNG4HmnsW9KLBT5Ltc74 G3Tw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=JNGFpcQR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t21-20020a62ea15000000b004fa3a8e000esi10395772pfh.197.2022.03.22.11.33.55; Tue, 22 Mar 2022 11:34:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=JNGFpcQR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237768AbiCVOTY (ORCPT + 99 others); Tue, 22 Mar 2022 10:19:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50790 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236436AbiCVOPC (ORCPT ); Tue, 22 Mar 2022 10:15:02 -0400 Received: from sin.source.kernel.org (sin.source.kernel.org [IPv6:2604:1380:40e1:4800::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DACE680207; Tue, 22 Mar 2022 07:13:33 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sin.source.kernel.org (Postfix) with ESMTPS id 52D33CE1CB2; Tue, 22 Mar 2022 14:13:32 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id EBF2AC36AE3; Tue, 22 Mar 2022 14:13:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1647958410; bh=qCvm12JIx5v8brhsRRqgAaDUmWNtAuToWb1JQhAYbW8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=JNGFpcQRiJY2KFFaZUrhSgYoEZqXSwSKmYpbXsUIN0RFHlGaWXWR8K/KDN5q5IkPf 9mA9SvNRxzJznLf/YgVwlMhh4xjCHmrAGcdALbZLp3gy1P0bNq3b3n6S3LGb4v0v/I rzYSOq9TJGxkeBAXeHpc48PwgXr5qIyJ91iXGqr+G0XiAsRqigrK3Wb//6sRIQzG/L bAXs6k70X2aHvjma9Ib3B/FxUNpJFi1yvviHff39mXkteqrm/O6ZWblof56RkJqc3T Fpzz+W7YFyhcXOaAiI+zmGOJM6zu8s56C/fN2wCKqW8B42+Gn5v+PBsUi+IfAjtVD5 y3TJQJD0xNmdA== From: Jeff Layton To: idryomov@gmail.com, xiubli@redhat.com Cc: ceph-devel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org, lhenriques@suse.de Subject: [RFC PATCH v11 12/51] ceph: add fscrypt ioctls Date: Tue, 22 Mar 2022 10:12:37 -0400 Message-Id: <20220322141316.41325-13-jlayton@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220322141316.41325-1-jlayton@kernel.org> References: <20220322141316.41325-1-jlayton@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org We gate most of the ioctls on MDS feature support. The exception is the key removal and status functions that we still want to work if the MDS's were to (inexplicably) lose the feature. For the set_policy ioctl, we take Fs caps to ensure that nothing can create files in the directory while the ioctl is running. That should be enough to ensure that the "empty_dir" check is reliable. Signed-off-by: Jeff Layton --- fs/ceph/ioctl.c | 83 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/fs/ceph/ioctl.c b/fs/ceph/ioctl.c index 6e061bf62ad4..477ecc667aee 100644 --- a/fs/ceph/ioctl.c +++ b/fs/ceph/ioctl.c @@ -6,6 +6,7 @@ #include "mds_client.h" #include "ioctl.h" #include +#include /* * ioctls @@ -268,8 +269,54 @@ static long ceph_ioctl_syncio(struct file *file) return 0; } +static int vet_mds_for_fscrypt(struct file *file) +{ + int i, ret = -EOPNOTSUPP; + struct ceph_mds_client *mdsc = ceph_sb_to_mdsc(file_inode(file)->i_sb); + + mutex_lock(&mdsc->mutex); + for (i = 0; i < mdsc->max_sessions; i++) { + struct ceph_mds_session *s = mdsc->sessions[i]; + + if (!s) + continue; + if (test_bit(CEPHFS_FEATURE_ALTERNATE_NAME, &s->s_features)) + ret = 0; + break; + } + mutex_unlock(&mdsc->mutex); + return ret; +} + +static long ceph_set_encryption_policy(struct file *file, unsigned long arg) +{ + int ret, got = 0; + struct inode *inode = file_inode(file); + struct ceph_inode_info *ci = ceph_inode(inode); + + ret = vet_mds_for_fscrypt(file); + if (ret) + return ret; + + /* + * Ensure we hold these caps so that we _know_ that the rstats check + * in the empty_dir check is reliable. + */ + ret = ceph_get_caps(file, CEPH_CAP_FILE_SHARED, 0, -1, &got); + if (ret) + return ret; + + ret = fscrypt_ioctl_set_policy(file, (const void __user *)arg); + if (got) + ceph_put_cap_refs(ci, got); + + return ret; +} + long ceph_ioctl(struct file *file, unsigned int cmd, unsigned long arg) { + int ret; + dout("ioctl file %p cmd %u arg %lu\n", file, cmd, arg); switch (cmd) { case CEPH_IOC_GET_LAYOUT: @@ -289,6 +336,42 @@ long ceph_ioctl(struct file *file, unsigned int cmd, unsigned long arg) case CEPH_IOC_SYNCIO: return ceph_ioctl_syncio(file); + + case FS_IOC_SET_ENCRYPTION_POLICY: + return ceph_set_encryption_policy(file, arg); + + case FS_IOC_GET_ENCRYPTION_POLICY: + ret = vet_mds_for_fscrypt(file); + if (ret) + return ret; + return fscrypt_ioctl_get_policy(file, (void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_POLICY_EX: + ret = vet_mds_for_fscrypt(file); + if (ret) + return ret; + return fscrypt_ioctl_get_policy_ex(file, (void __user *)arg); + + case FS_IOC_ADD_ENCRYPTION_KEY: + ret = vet_mds_for_fscrypt(file); + if (ret) + return ret; + return fscrypt_ioctl_add_key(file, (void __user *)arg); + + case FS_IOC_REMOVE_ENCRYPTION_KEY: + return fscrypt_ioctl_remove_key(file, (void __user *)arg); + + case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS: + return fscrypt_ioctl_remove_key_all_users(file, (void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: + return fscrypt_ioctl_get_key_status(file, (void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_NONCE: + ret = vet_mds_for_fscrypt(file); + if (ret) + return ret; + return fscrypt_ioctl_get_nonce(file, (void __user *)arg); } return -ENOTTY; -- 2.35.1