Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp1348161pxu; Mon, 23 Nov 2020 19:35:30 -0800 (PST) X-Google-Smtp-Source: ABdhPJyNhinN2zrccmdQWoO5HIhqS7TWlIOLtgXPAdeFMa/YdLcS3HrSe6ouehZ+g/JdJ09oDulB X-Received: by 2002:a05:6402:3098:: with SMTP id de24mr2050379edb.155.1606188929874; Mon, 23 Nov 2020 19:35:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1606188929; cv=none; d=google.com; s=arc-20160816; b=cCUccQl9tgRfpPWCZyIhBOK0IYuYJ3hXXth4tIMGQ7FBzw0e6ma1n2jazmqShhqwK9 Y4WTEGk0TBPB7Yoy3rLdaew47oN6GRCwxC7fUdH2yLfv4IGFzLUxvrV49rt55LV3jphR 3uKTrME5A7n2jXKjz1QDDEAgwauzK+SbNrL09pNh2DAHkv2us8Eb61V0wVAQhW3sjZ+e seA9ysfV8W/o3KMQyV2IsiqZDIhJR6kaAnEwZrVxl94jNehkFHQZGpQldjV0LKV3E8eD b/YwlnIKWMH6rN3szNMAAmqIsCeJXJ6CyHbjavLNlSO1aWd38dwf7SdhrmLIPiln9RLJ V0RA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=WP+31OsU+5g/aMu0W36G+ShW7+TjC+8Wfm0ANAD2BDg=; b=Qfr+hDCXXNKcAXLQmnFivy4Ocw0spHd2hvJ592pKf5/OvwWwo+HX6yxvtbj0l39FJx 05AXwSDh5qqMVtPCws5x2w6FYJ2icX0d7y5wEJmCOahj+GUBhywZn1bqfb2vUASOZKoW 3hlgMgEYd5CTLV8n2Nbml/WEy0rPysH2gJKDkkdPYrtm2OKZRbSgy5aCfm2fomOWTGfa MvXMCj2Wae19b3rQtg7EwzLNW6n/nkLJcKnz8fV/g9FpFCmPLZs6O1mvbeoepEAPJFNK d1sptJ/h3ZDe53dH9RGa2d36/zr74T0xJZSMNgtnolrKj/96lnKFmJKzRefuhu53rso6 nqjQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SJijZ7Ez; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bk9si736306ejb.252.2020.11.23.19.35.06; Mon, 23 Nov 2020 19:35:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SJijZ7Ez; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728009AbgKXCIp (ORCPT + 99 others); Mon, 23 Nov 2020 21:08:45 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:26367 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727972AbgKXCIo (ORCPT ); Mon, 23 Nov 2020 21:08:44 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606183722; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=WP+31OsU+5g/aMu0W36G+ShW7+TjC+8Wfm0ANAD2BDg=; b=SJijZ7EzXcr1BWrAHhxtUQ6N0w7uorsqNwlhJd6WG9m9i9Fl0uWvBemFHwG9aZIWwzf4ea wfUmZlhmeJtZxtJuRx3oRO/rtg3OzzqAQJkmSiTCqcClZKPQ3T74oV/VAwQ8OmPlldFJLw 8bdZK1daCfE6cljhREd/OVn2TzQSKSw= Received: from mail-pf1-f200.google.com (mail-pf1-f200.google.com [209.85.210.200]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-564-xCkTXUjSPIST92_HC2rp3g-1; Mon, 23 Nov 2020 21:08:40 -0500 X-MC-Unique: xCkTXUjSPIST92_HC2rp3g-1 Received: by mail-pf1-f200.google.com with SMTP id q199so14405235pfc.21 for ; Mon, 23 Nov 2020 18:08:39 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=WP+31OsU+5g/aMu0W36G+ShW7+TjC+8Wfm0ANAD2BDg=; b=rjsG2e5Qgpnu257Abxzi3hnTX7YOiGO2V5DGStQvKspBHpQMbPEobJSZYB8JHAZGUI VLqYwhsCFgdf7nRa7TlX6LwWBFe+bT5re1Ct2MgTtOmgoVGHJbEOFH0NmmxcCSXcwit3 sIOJWRxhKtgw4yKznPkhlRhJN0zbU6TZzpa95QuPLvsSQbcVGLGQJ+DkaGhFmM/cdKUD nWzR5oNG/NEmeoOmJFbntTB8xs/phulGq6i8u7SeKxwY1LJr7pzxHpIUetkHyC7FQa8W fBexCd4oE5HXElFrX/czX1W/zbB7Hu3em7D0gb4Sm3lR5TLBuXhKLtavA97bI4jTo+2a 5uHA== X-Gm-Message-State: AOAM5327Ypu+F3IGkSIkWfoBcMuObpp+zSU9dbeQCZwIpPK+hQcyWccT 1jCqicdxKoPfYatoiYTHcCtx6rgckj9X7N5mNdacwwuhi9VY63gd3yjgHaQM/0PekeKmAA4Gf7t DAARrtC2adfqlLvBV2K0H1w== X-Received: by 2002:a17:902:6b08:b029:d6:c471:8b5b with SMTP id o8-20020a1709026b08b02900d6c4718b5bmr1986825plk.78.1606183718983; Mon, 23 Nov 2020 18:08:38 -0800 (PST) X-Received: by 2002:a17:902:6b08:b029:d6:c471:8b5b with SMTP id o8-20020a1709026b08b02900d6c4718b5bmr1986811plk.78.1606183718720; Mon, 23 Nov 2020 18:08:38 -0800 (PST) Received: from xiangao.remote.csb ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id y3sm723148pjb.18.2020.11.23.18.08.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Nov 2020 18:08:38 -0800 (PST) Date: Tue, 24 Nov 2020 10:08:24 +0800 From: Gao Xiang To: Eric Biggers Cc: Gabriel Krisman Bertazi , Daniel Rosenberg , "Theodore Y . Ts'o" , Jaegeuk Kim , Andreas Dilger , Chao Yu , Alexander Viro , Richard Weinberger , linux-fscrypt@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mtd@lists.infradead.org, kernel-team@android.com Subject: Re: [PATCH v4 2/3] fscrypt: Have filesystems handle their d_ops Message-ID: <20201124020824.GA3156301@xiangao.remote.csb> References: <20201119060904.463807-1-drosen@google.com> <20201119060904.463807-3-drosen@google.com> <20201122051218.GA2717478@xiangao.remote.csb> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Mon, Nov 23, 2020 at 02:51:44PM -0800, Eric Biggers wrote: > On Sun, Nov 22, 2020 at 01:12:18PM +0800, Gao Xiang wrote: > > Hi all, > > > > On Thu, Nov 19, 2020 at 06:09:03AM +0000, Daniel Rosenberg wrote: > > > This shifts the responsibility of setting up dentry operations from > > > fscrypt to the individual filesystems, allowing them to have their own > > > operations while still setting fscrypt's d_revalidate as appropriate. > > > > > > Most filesystems can just use generic_set_encrypted_ci_d_ops, unless > > > they have their own specific dentry operations as well. That operation > > > will set the minimal d_ops required under the circumstances. > > > > > > Since the fscrypt d_ops are set later on, we must set all d_ops there, > > > since we cannot adjust those later on. This should not result in any > > > change in behavior. > > > > > > Signed-off-by: Daniel Rosenberg > > > Acked-by: Eric Biggers > > > --- > > > > ... > > > > > extern const struct file_operations ext4_dir_operations; > > > > > > -#ifdef CONFIG_UNICODE > > > -extern const struct dentry_operations ext4_dentry_ops; > > > -#endif > > > - > > > /* file.c */ > > > extern const struct inode_operations ext4_file_inode_operations; > > > extern const struct file_operations ext4_file_operations; > > > diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c > > > index 33509266f5a0..12a417ff5648 100644 > > > --- a/fs/ext4/namei.c > > > +++ b/fs/ext4/namei.c > > > @@ -1614,6 +1614,7 @@ static struct buffer_head *ext4_lookup_entry(struct inode *dir, > > > struct buffer_head *bh; > > > > > > err = ext4_fname_prepare_lookup(dir, dentry, &fname); > > > + generic_set_encrypted_ci_d_ops(dentry); > > > > One thing might be worth noticing is that currently overlayfs might > > not work properly when dentry->d_sb->s_encoding is set even only some > > subdirs are CI-enabled but the others not, see generic_set_encrypted_ci_d_ops(), > > ovl_mount_dir_noesc => ovl_dentry_weird() > > > > For more details, see: > > https://android-review.googlesource.com/c/device/linaro/hikey/+/1483316/2#message-2e1f6ab0010a3e35e7d8effea73f60341f84ee4d > > > > Just found it by chance (and not sure if it's vital for now), and > > a kind reminder about this. > > > > Yes, overlayfs doesn't work on ext4 or f2fs filesystems that have the casefold > feature enabled, regardless of which directories are actually using casefolding. > This is an existing limitation which was previously discussed, e.g. at > https://lkml.kernel.org/linux-ext4/CAOQ4uxgPXBazE-g2v=T_vOvnr_f0ZHyKYZ4wvn7A3ePatZrhnQ@mail.gmail.com/T/#u > and > https://lkml.kernel.org/linux-ext4/20191203051049.44573-1-drosen@google.com/T/#u. > > Gabriel and Daniel, is one of you still looking into fixing this? IIUC, the > current thinking is that when the casefolding flag is set on a directory, it's > too late to assign dentry_operations at that point. But what if all child > dentries (which must be negative) are invalidated first, and also the filesystem > forbids setting the casefold flag on encrypted directories that are accessed via > a no-key name (so that fscrypt_d_revalidate isn't needed -- i.e. the directory > would only go from "no d_ops" to "generic_ci_dentry_ops", not from > "generic_encrypted_dentry_ops" to "generic_encrypted_ci_dentry_ops")? From my limited knowledge about VFS, I think that is practical as well, since we don't have sub-sub-dirs since all sub-dirs are negative dentries for empty dirs. And if casefold ioctl is "dir inode locked", I think that would be fine (?) I don't check the code though. Thanks, Gao Xiang > > - Eric >