LU-15408 sec: confirm encrypted file's hash

It is a good practice to always confirm on server side the encrypted
file's hash included in the digested form sent by the client.

Lustre-change: https://review.whamcloud.com/45964
Lustre-commit: 9d98d1f7739e05bb4decf2614899ccb99b34826c

Fixes: ed4a625d88 ("LU-13717 sec: filename encryption - digest support")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I42212a36b23e4e6e41184a78fa8244c5e2d8dd1f
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Patrick Farrell <pfarrell@whamcloud.com>
Reviewed-by: John L. Hammond <jhammond@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/45965
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

diff --git a/lustre/mdt/mdt_handler.c b/lustre/mdt/mdt_handler.c
index 4c537bf..a18f9a0 100644 (file)
--- a/lustre/mdt/mdt_handler.c
+++ b/lustre/mdt/mdt_handler.c
@@ -1907,15 +1907,13 @@ lookup:
  * \param lname encoded hash to find
  * \param parent parent object
  * \param child object to search with LinkEA
- * \param force_check true to check hash even if LinkEA has only one entry
  *
  * \retval 1 match found
  * \retval 0 no match found
  * \retval -ev negative errno upon error
  */
 int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
-                           struct mdt_object *parent, struct mdt_object *child,
-                           bool force_check)
+                           struct mdt_object *parent, struct mdt_object *child)
 {
        /* Here, lname is an encoded hash of on-disk name, and
         * client is doing access without encryption key.
@@ -1929,7 +1927,7 @@ int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
        struct link_ea_header *leh;
        struct link_ea_entry *lee;
        struct lu_buf link = { 0 };
-       char *hash = NULL;
+       char *hash;
        int reclen, count, rc;
 
        ENTRY;
@@ -1946,21 +1944,15 @@ int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
        if (rc < 0)
                RETURN(rc);
 
+       hash = kmalloc(lname->ln_namelen, GFP_NOFS);
+       if (!hash)
+               RETURN(-ENOMEM);
+       rc = critical_decode(lname->ln_name, lname->ln_namelen, hash);
+
        leh = buf->lb_buf;
-       if (force_check || leh->leh_reccount > 1) {
-               hash = kmalloc(lname->ln_namelen, GFP_NOFS);
-               if (!hash)
-                       RETURN(-ENOMEM);
-               rc = critical_decode(lname->ln_name, lname->ln_namelen, hash);
-       }
        lee = (struct link_ea_entry *)(leh + 1);
        for (count = 0; count < leh->leh_reccount; count++) {
                linkea_entry_unpack(lee, &reclen, &name, &pfid);
-               if (!force_check && leh->leh_reccount == 1) {
-                       /* if there is only one rec, it has to be it */
-                       *lname = name;
-                       break;
-               }
                if (!parent || lu_fid_eq(&pfid, mdt_object_fid(parent))) {
                        lu_buf_check_and_alloc(&link, name.ln_namelen);
                        if (!link.lb_buf)
@@ -2213,7 +2205,7 @@ static int mdt_getattr_name_lock(struct mdt_thread_info *info,
                 * So we need to compare name hash with the one in the request.
                 */
                if (!find_name_matching_hash(info, lname, parent,
-                                            child, true)) {
+                                            child)) {
                        mdt_set_disposition(info, ldlm_rep, DISP_LOOKUP_NEG);
                        mdt_clear_disposition(info, ldlm_rep, DISP_LOOKUP_POS);
                        GOTO(out_child, rc = -ENOENT);

diff --git a/lustre/mdt/mdt_internal.h b/lustre/mdt/mdt_internal.h
index 96c5e19..49bfd24 100644 (file)
--- a/lustre/mdt/mdt_internal.h
+++ b/lustre/mdt/mdt_internal.h
@@ -927,8 +927,7 @@ int mdt_layout_change(struct mdt_thread_info *info, struct mdt_object *obj,
                      struct mdt_lock_handle *lhc,
                      struct md_layout_change *spec);
 int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
-                           struct mdt_object *parent, struct mdt_object *child,
-                           bool force_check);
+                          struct mdt_object *parent, struct mdt_object *child);
 int mdt_device_sync(const struct lu_env *env, struct mdt_device *mdt);
 
 struct lu_buf *mdt_buf(const struct lu_env *env, void *area, ssize_t len);

diff --git a/lustre/mdt/mdt_reint.c b/lustre/mdt/mdt_reint.c
index 2c87123..ac9c73f 100644 (file)
--- a/lustre/mdt/mdt_reint.c
+++ b/lustre/mdt/mdt_reint.c
@@ -1189,7 +1189,7 @@ relock:
                 * hash. So find name that matches provided hash.
                 */
                if (!find_name_matching_hash(info, &rr->rr_name,
-                                            NULL, mc, false))
+                                            NULL, mc))
                        GOTO(put_child, rc = -ENOENT);
        }