Received: by 2002:ac8:7315:0:b0:429:955e:b7c6 with SMTP id x21csp206501qto; Fri, 26 Jan 2024 16:11:54 -0800 (PST) X-Google-Smtp-Source: AGHT+IE9a7CU75I+tQyDtCYjsveGnPQFq/w7y2EpVarDnW3W42jEiMRUvbTY4cM7eJ7LgLcz6snL X-Received: by 2002:a17:906:dc53:b0:a31:13e3:9c7d with SMTP id yz19-20020a170906dc5300b00a3113e39c7dmr271682ejb.74.1706314314598; Fri, 26 Jan 2024 16:11:54 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706314314; cv=pass; d=google.com; s=arc-20160816; b=ohseEPDfflrhUfAd6g8u4WfzthhETHGmJwlBH2y1GFGx9fPHvwwp0MPlOu1QNTcmKG 55SS+SfkulPvdTHE/ju7OrqRcDQTCQc3uZRQ2ofnndAOcxEz4MzWGkdJQOvF2hTHjjWr BxWpFj/6sBYojUJGDdDgvA4NhOZnN+DKohUQu/EiyCNlHHlc2wLBjZ/J1yiaB0MtHfHx Z3+WIgSnpIkiw5gGvk9xalT4XMN8Bys01O3+OgdShm5xcZ7cgLAXjw6QObhRpx+efsHu t13n3hrRWU1as493G5+o7t3eTbbDa2Avp+1QhzZnyTG8Pgb8jTslYMvC+fv33ZyJ4h+t cKmw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature:dkim-signature :dkim-signature:dkim-signature; bh=ee/oWUNb4/zKYaB/G7ImZVRaz1EQk96VJ8QbjhzB4ZM=; fh=M648oune0DwZmCHpgeKmdqyNG9Pnhrh1APj5VeeCjyQ=; b=MpMfHHDGXEE3VcO3sykV6T/nIsfiG31PxYtu5cEEWAaOj4wmCSRlOaDpPhzZAyUB/g 7A8bwXZBx+bkfGKifUv3DUYqd7PYfyyspNOcC8fBO5C7sdNUg/Ov+HdORr4Rp1elDm4I w/PIpPU6LXQ+Hb+/9AYGHtwp+D9qrdetmMLlChFafp5QW0hJcE+PWnAcLD0Jswecg0JW 6leMbz0nddhRLLjoMA4Bmxqe23QMWq7zGMyUzBIpLyLAkOviQkGBFt5LZVAt/jXefMIa nDR4EPHwucAizV4r56Zh1j/xN9uY76+ZlzcKKS62xNnBnaH3m4KzMFN3EFxH04UMSQZm x3Pw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=njihZ2dH; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=njihZ2dH; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; arc=pass (i=1 spf=pass spfdomain=suse.de dkim=pass dkdomain=suse.de dkim=pass dkdomain=suse.de dmarc=pass fromdomain=suse.de); spf=pass (google.com: domain of linux-ext4+bounces-941-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-ext4+bounces-941-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id ks12-20020a170906f84c00b00a3178e881e1si1046266ejb.302.2024.01.26.16.11.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 16:11:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-ext4+bounces-941-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=njihZ2dH; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=njihZ2dH; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; arc=pass (i=1 spf=pass spfdomain=suse.de dkim=pass dkdomain=suse.de dkim=pass dkdomain=suse.de dmarc=pass fromdomain=suse.de); spf=pass (google.com: domain of linux-ext4+bounces-941-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-ext4+bounces-941-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 08E771F214BA for ; Sat, 27 Jan 2024 00:11:49 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5D1324A2F; Sat, 27 Jan 2024 00:10:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="njihZ2dH"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="glvGzXi4"; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="njihZ2dH"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="glvGzXi4" X-Original-To: linux-ext4@vger.kernel.org Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 44C202F32; Sat, 27 Jan 2024 00:10:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.131 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706314240; cv=none; b=h9KqE5Dz6JoMW26YGzXcUFEoN9iEIWOdjnYiWv/Yz3HEhm+FB6oumrzonE9rrE9GfhM0DM3A8JaobU9Lg+8m1AwRMOFrsu7BpSTW/I2D6hVTusDX8MXtqiefepdfk4hGDHdYi7Rq1Lh16MReFORVr0cAWXLXP+zHb1QBQjuJeQw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706314240; c=relaxed/simple; bh=mjhq8Ydo934T4ky79O6NVA6saVt9Qh6FavIF4018Pxw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=e6OKjdtM2iAQiEYYJPkxwmEpEb+xtof/ye1LvnqhL1oq/XStyiDjSR+qGpRJnKVayJqdKMPdmztZcz1DFZtgI2TLGgNrnzyHtwars+85bg2dqXuUY12qypBQens5vmdT73By0kZLHxulGckMyi4eiPPUF5t/rvFzEm93P27Q/pk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de; spf=pass smtp.mailfrom=suse.de; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=njihZ2dH; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=glvGzXi4; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=njihZ2dH; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=glvGzXi4; arc=none smtp.client-ip=195.135.223.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.de Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 6FBB51FDB0; Sat, 27 Jan 2024 00:10:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1706314237; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ee/oWUNb4/zKYaB/G7ImZVRaz1EQk96VJ8QbjhzB4ZM=; b=njihZ2dHAnHyFYwzjouCIGfePEXEE1CROutbw5YtwQizHMZhBRVFuJguNcMm6MihGp+vIa qSEPIOXSrjG4Wwj6Mk9lDyaUFHvnoozmE0obDlR/2140b7HdytPHbETVIwVj7uebRkBzIr rEj2n9UP+SBCfCFSxlbhtB5i1euUq0Q= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1706314237; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ee/oWUNb4/zKYaB/G7ImZVRaz1EQk96VJ8QbjhzB4ZM=; b=glvGzXi4PeXfuOC1nkWX/mSYmDJJheEXCVcC/+N7c4gFM55a9yJ3LjZTbCRYtJtAPv6ILB N/e9drsssNj7fPCQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1706314237; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ee/oWUNb4/zKYaB/G7ImZVRaz1EQk96VJ8QbjhzB4ZM=; b=njihZ2dHAnHyFYwzjouCIGfePEXEE1CROutbw5YtwQizHMZhBRVFuJguNcMm6MihGp+vIa qSEPIOXSrjG4Wwj6Mk9lDyaUFHvnoozmE0obDlR/2140b7HdytPHbETVIwVj7uebRkBzIr rEj2n9UP+SBCfCFSxlbhtB5i1euUq0Q= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1706314237; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ee/oWUNb4/zKYaB/G7ImZVRaz1EQk96VJ8QbjhzB4ZM=; b=glvGzXi4PeXfuOC1nkWX/mSYmDJJheEXCVcC/+N7c4gFM55a9yJ3LjZTbCRYtJtAPv6ILB N/e9drsssNj7fPCQ== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id C7AB513998; Sat, 27 Jan 2024 00:10:36 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id CC1ZH/xJtGVpEQAAD6G6ig (envelope-from ); Sat, 27 Jan 2024 00:10:36 +0000 From: Gabriel Krisman Bertazi To: ebiggers@kernel.org, viro@zeniv.linux.org.uk, jaegeuk@kernel.org, tytso@mit.edu Cc: amir73il@gmail.com, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-fsdevel@vger.kernel.org, Gabriel Krisman Bertazi Subject: [PATCH v4 05/12] fscrypt: Drop d_revalidate once the key is added Date: Fri, 26 Jan 2024 21:10:05 -0300 Message-ID: <20240127001013.2845-6-krisman@suse.de> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240127001013.2845-1-krisman@suse.de> References: <20240127001013.2845-1-krisman@suse.de> Precedence: bulk X-Mailing-List: linux-ext4@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Authentication-Results: smtp-out2.suse.de; dkim=pass header.d=suse.de header.s=susede2_rsa header.b=njihZ2dH; dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=glvGzXi4 X-Spamd-Result: default: False [-0.31 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; SPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_ENVRCPT(0.00)[gmail.com]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; DWL_DNSWL_MED(-2.00)[suse.de:dkim]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; DKIM_TRACE(0.00)[suse.de:+]; MX_GOOD(-0.01)[]; RCPT_COUNT_SEVEN(0.00)[9]; MID_CONTAINS_FROM(1.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:dkim,suse.de:email]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_CC(0.00)[gmail.com,vger.kernel.org,lists.sourceforge.net,suse.de]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Rspamd-Server: rspamd1.dmz-prg2.suse.org X-Spam-Score: -0.31 X-Rspamd-Queue-Id: 6FBB51FDB0 X-Spam-Level: X-Spam-Flag: NO X-Spamd-Bar: / From fscrypt perspective, once the key is available, the dentry will remain valid until evicted for other reasons, since keyed dentries don't require revalidation and, if the key is removed, the dentry is forcefully evicted. Therefore, we don't need to keep revalidating them repeatedly. Obviously, we can only do this if fscrypt is the only thing requiring revalidation for a dentry. For this reason, we only disable d_revalidate if the .d_revalidate hook is fscrypt_d_revalidate itself. It is safe to do it here because when moving the dentry to the plain-text version, we are holding the d_lock. We might race with a concurrent RCU lookup but this is harmless because, at worst, we will get an extra d_revalidate on the keyed dentry, which is will find the dentry is valid. Signed-off-by: Gabriel Krisman Bertazi --- Changes since v3: - Fix null-ptr-deref for filesystems that don't support fscrypt (ktr) Changes since v2: - Do it when moving instead of when revalidating the dentry. (me) Changes since v1: - Improve commit message (Eric) - Drop & in function comparison (Eric) --- include/linux/fscrypt.h | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h index a22997b9f35c..c1e285053b3e 100644 --- a/include/linux/fscrypt.h +++ b/include/linux/fscrypt.h @@ -192,6 +192,8 @@ struct fscrypt_operations { unsigned int *num_devs); }; +int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags); + static inline struct fscrypt_inode_info * fscrypt_get_inode_info(const struct inode *inode) { @@ -221,15 +223,24 @@ static inline bool fscrypt_needs_contents_encryption(const struct inode *inode) } /* - * When d_splice_alias() moves a directory's no-key alias to its plaintext alias - * as a result of the encryption key being added, DCACHE_NOKEY_NAME must be - * cleared. Note that we don't have to support arbitrary moves of this flag - * because fscrypt doesn't allow no-key names to be the source or target of a - * rename(). + * When d_splice_alias() moves a directory's no-key alias to its + * plaintext alias as a result of the encryption key being added, + * DCACHE_NOKEY_NAME must be cleared and there might be an opportunity + * to disable d_revalidate. Note that we don't have to support the + * inverse operation because fscrypt doesn't allow no-key names to be + * the source or target of a rename(). */ static inline void fscrypt_handle_d_move(struct dentry *dentry) { dentry->d_flags &= ~DCACHE_NOKEY_NAME; + + /* + * Save the d_revalidate call cost during VFS operations. We + * can do it because, when the key is available, the dentry + * can't go stale and the key won't go away without eviction. + */ + if (dentry->d_op && dentry->d_op->d_revalidate == fscrypt_d_revalidate) + dentry->d_flags &= ~DCACHE_OP_REVALIDATE; } /** @@ -368,7 +379,6 @@ int fscrypt_fname_disk_to_usr(const struct inode *inode, bool fscrypt_match_name(const struct fscrypt_name *fname, const u8 *de_name, u32 de_name_len); u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name); -int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags); /* bio.c */ bool fscrypt_decrypt_bio(struct bio *bio); -- 2.43.0