| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Feb 2024 16:28:23 -0500 From: Gabriel Krisman Bertazi <krisman@...e.de> To: Eric Biggers <ebiggers@...nel.org> Cc: viro@...iv.linux.org.uk, jaegeuk@...nel.org, tytso@....edu, amir73il@...il.com, linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net, linux-fsdevel@...r.kernel.org, brauner@...nel.org Subject: Re: [PATCH v7 00/10] Set casefold/fscrypt dentry operations through sb->s_d_op Eric Biggers <ebiggers@...nel.org> writes: > On Wed, Feb 21, 2024 at 12:14:02PM -0500, Gabriel Krisman Bertazi wrote: >> >> When case-insensitive and fscrypt were adapted to work together, we moved the >> code that sets the dentry operations for case-insensitive dentries(d_hash and >> d_compare) to happen from a helper inside ->lookup. This is because fscrypt >> wants to set d_revalidate only on some dentries, so it does it only for them in >> d_revalidate. >> >> But, case-insensitive hooks are actually set on all dentries in the filesystem, >> so the natural place to do it is through s_d_op and let d_alloc handle it [1]. >> In addition, doing it inside the ->lookup is a problem for case-insensitive >> dentries that are not created through ->lookup, like those coming >> open-by-fhandle[2], which will not see the required d_ops. >> >> This patchset therefore reverts to using sb->s_d_op to set the dentry operations >> for case-insensitive filesystems. In order to set case-insensitive hooks early >> and not require every dentry to have d_revalidate in case-insensitive >> filesystems, it introduces a patch suggested by Al Viro to disable d_revalidate >> on some dentries on the fly. >> >> It survives fstests encrypt and quick groups without regressions. Based on >> v6.7-rc1. >> >> [1] https://lore.kernel.org/linux-fsdevel/20231123195327.GP38156@ZenIV/ >> [2] https://lore.kernel.org/linux-fsdevel/20231123171255.GN38156@ZenIV/ >> >> Gabriel Krisman Bertazi (10): >> ovl: Always reject mounting over case-insensitive directories >> fscrypt: Factor out a helper to configure the lookup dentry >> fscrypt: Drop d_revalidate for valid dentries during lookup >> fscrypt: Drop d_revalidate once the key is added >> libfs: Merge encrypted_ci_dentry_ops and ci_dentry_ops >> libfs: Add helper to choose dentry operations at mount-time >> ext4: Configure dentry operations at dentry-creation time >> f2fs: Configure dentry operations at dentry-creation time >> ubifs: Configure dentry operations at dentry-creation time >> libfs: Drop generic_set_encrypted_ci_d_ops >> >> fs/crypto/hooks.c | 15 ++++------ >> fs/ext4/namei.c | 1 - >> fs/ext4/super.c | 1 + >> fs/f2fs/namei.c | 1 - >> fs/f2fs/super.c | 1 + >> fs/libfs.c | 62 +++++++++++--------------------------- >> fs/overlayfs/params.c | 14 +++++++-- >> fs/ubifs/dir.c | 1 - >> fs/ubifs/super.c | 1 + >> include/linux/fs.h | 11 ++++++- >> include/linux/fscrypt.h | 66 ++++++++++++++++++++++++++++++++++++----- >> 11 files changed, 105 insertions(+), 69 deletions(-) >> > > Looks good, > > Reviewed-by: Eric Biggers <ebiggers@...gle.com> Thank you for you reviews, Eric. I really appreciate them. Since this been on the list for a while, I pushed it to get some linux-next testing and, should nothing arise or no one else comments, will get to Linus soon. Thanks, -- Gabriel Krisman Bertazi
Powered by blists - more mailing lists