grep -A3 ext4_update_dx_flag $LINUX/fs/ext4/ext4.h \
| grep ext4_test_inode_flag
if test $? -eq 0; then
- LDISKFS_SERIES="5.4.0-66-ubuntu20.series"
+ LDISKFS_SERIES="5.3.18-sles15sp2.series"
fi
;; # (
15sp3 ) LDISKFS_SERIES="5.3.18-sles15sp3.series"
Reviewed-on: http://review.whamcloud.com/375
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
---
- fs/ext4/Makefile | 1 +
- fs/ext4/ext4.h | 78 ++++
- fs/ext4/htree_lock.c | 891 +++++++++++++++++++++++++++++++++++++
- fs/ext4/namei.c | 454 +++++++++++++++++--
- fs/ext4/super.c | 1 +
- include/linux/htree_lock.h | 187 ++++++++
- 6 files changed, 1572 insertions(+), 40 deletions(-)
- create mode 100644 fs/ext4/htree_lock.c
- create mode 100644 include/linux/htree_lock.h
+ fs/ext4/Makefile | 1 +
+ fs/ext4/ext4.h | 78 ++++++++
+ fs/ext4/namei.c | 450 +++++++++++++++++++++++++++++++++++++++++++----
+ fs/ext4/super.c | 1 +
+ 4 files changed, 492 insertions(+), 38 deletions(-)
-Index: linux-stage/fs/ext4/ext4.h
-===================================================================
---- linux-stage.orig/fs/ext4/ext4.h
-+++ linux-stage/fs/ext4/ext4.h
+diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile
+index b17ddc22..45a68cb5 100644
+--- a/fs/ext4/Makefile
++++ b/fs/ext4/Makefile
+@@ -7,6 +7,7 @@ obj-$(CONFIG_EXT4_FS) += ext4.o
+
+ ext4-y := balloc.o bitmap.o block_validity.o dir.o ext4_jbd2.o extents.o \
+ extents_status.o file.o fsmap.o fsync.o hash.o ialloc.o \
++ htree_lock.o \
+ indirect.o inline.o inode.o ioctl.o mballoc.o migrate.o \
+ mmp.o move_extent.o namei.o page-io.o readpage.o resize.o \
+ super.o symlink.o sysfs.o xattr.o xattr_trusted.o xattr_user.o
+diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
+index af38fcf2..80b8120d 100644
+--- a/fs/ext4/ext4.h
++++ b/fs/ext4/ext4.h
@@ -29,6 +29,7 @@
#include <linux/timer.h>
#include <linux/version.h>
/*
* i_block_group is the number of the block group which contains
* this file's inode. Constant across the lifetime of the inode,
-@@ -2207,6 +2211,72 @@ struct dx_hash_info
+@@ -2186,6 +2190,72 @@ struct dx_hash_info
*/
#define HASH_NB_ALWAYS 1
struct ext4_filename {
const struct qstr *usr_fname;
struct fscrypt_str disk_name;
-@@ -2574,12 +2644,21 @@ void ext4_insert_dentry(struct inode *in
+@@ -2553,8 +2623,16 @@ void ext4_insert_dentry(struct inode *inode,
struct ext4_filename *fname, void *data);
static inline void ext4_update_dx_flag(struct inode *inode)
{
+ * the htree-locking.
+ * If we really want to support this operation in the future,
+ * we need to exclusively lock the directory at here which will
-+ * increase complexity of code
-+ */
++ * increase complexity of code */
+#if 0
- if (!ext4_has_feature_dir_index(inode->i_sb) &&
- ext4_test_inode_flag(inode, EXT4_INODE_INDEX)) {
- /* ext4_iget() should have caught this... */
- WARN_ON_ONCE(ext4_has_feature_metadata_csum(inode->i_sb));
+ if (!ext4_has_feature_dir_index(inode->i_sb))
ext4_clear_inode_flag(inode, EXT4_INODE_INDEX);
- }
+#endif
}
static const unsigned char ext4_filetype_table[] = {
DT_UNKNOWN, DT_REG, DT_DIR, DT_CHR, DT_BLK, DT_FIFO, DT_SOCK, DT_LNK
-Index: linux-stage/fs/ext4/Makefile
-===================================================================
---- linux-stage.orig/fs/ext4/Makefile
-+++ linux-stage/fs/ext4/Makefile
-@@ -7,6 +7,7 @@ obj-$(CONFIG_EXT4_FS) += ext4.o
-
- ext4-y := balloc.o bitmap.o block_validity.o dir.o ext4_jbd2.o extents.o \
- extents_status.o file.o fsmap.o fsync.o hash.o ialloc.o \
-+ htree_lock.o \
- indirect.o inline.o inode.o ioctl.o mballoc.o migrate.o \
- mmp.o move_extent.o namei.o page-io.o readpage.o resize.o \
- super.o symlink.o sysfs.o xattr.o xattr_trusted.o xattr_user.o
-Index: linux-stage/fs/ext4/namei.c
-===================================================================
---- linux-stage.orig/fs/ext4/namei.c
-+++ linux-stage/fs/ext4/namei.c
-@@ -55,6 +55,7 @@ struct buffer_head *ext4_append(handle_t
+diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
+index cc4193f1..7e9aabaf 100644
+--- a/fs/ext4/namei.c
++++ b/fs/ext4/namei.c
+@@ -55,6 +55,7 @@ struct buffer_head *ext4_append(handle_t *handle,
ext4_lblk_t *block)
{
struct buffer_head *bh;
int err;
if (unlikely(EXT4_SB(inode->i_sb)->s_max_dir_size_kb &&
-@@ -62,15 +63,22 @@ struct buffer_head *ext4_append(handle_t
+@@ -62,15 +63,22 @@ struct buffer_head *ext4_append(handle_t *handle,
EXT4_SB(inode->i_sb)->s_max_dir_size_kb)))
return ERR_PTR(-ENOSPC);
if (err) {
brelse(bh);
ext4_std_error(inode->i_sb, err);
-@@ -264,7 +272,8 @@ static unsigned dx_node_limit(struct ino
+@@ -264,7 +272,8 @@ static unsigned dx_node_limit(struct inode *dir);
static struct dx_frame *dx_probe(struct ext4_filename *fname,
struct inode *dir,
struct dx_hash_info *hinfo,
static void dx_release(struct dx_frame *frames);
static int dx_make_map(struct inode *dir, struct ext4_dir_entry_2 *de,
unsigned blocksize, struct dx_hash_info *hinfo,
-@@ -278,12 +287,13 @@ static void dx_insert_block(struct dx_fr
+@@ -278,12 +287,13 @@ static void dx_insert_block(struct dx_frame *frame,
static int ext4_htree_next_block(struct inode *dir, __u32 hash,
struct dx_frame *frame,
struct dx_frame *frames,
/* checksumming functions */
void ext4_initialize_dirent_tail(struct buffer_head *bh,
-@@ -748,6 +758,227 @@ struct stats dx_show_entries(struct dx_h
+@@ -748,6 +758,227 @@ struct stats dx_show_entries(struct dx_hash_info *hinfo, struct inode *dir,
}
#endif /* DX_DEBUG */
/*
* Probe for a directory leaf block to search.
*
-@@ -759,10 +990,11 @@ struct stats dx_show_entries(struct dx_h
+@@ -759,10 +990,11 @@ struct stats dx_show_entries(struct dx_hash_info *hinfo, struct inode *dir,
*/
static struct dx_frame *
dx_probe(struct ext4_filename *fname, struct inode *dir,
struct dx_root_info *info;
struct dx_frame *frame = frame_in;
struct dx_frame *ret_err = ERR_PTR(ERR_BAD_DX_DIR);
-@@ -824,8 +1056,15 @@ dx_probe(struct ext4_filename *fname, st
+@@ -824,8 +1056,15 @@ dx_probe(struct ext4_filename *fname, struct inode *dir,
dxtrace(printk("Look up %x", hash));
while (1) {
ext4_warning_inode(dir,
"dx entry: count %u beyond limit %u",
count, dx_get_limit(entries));
-@@ -864,8 +1103,70 @@ dx_probe(struct ext4_filename *fname, st
+@@ -864,8 +1103,70 @@ dx_probe(struct ext4_filename *fname, struct inode *dir,
dx_get_block(at)));
frame->entries = entries;
frame->at = at;
frame++;
frame->bh = ext4_read_dirblock(dir, dx_get_block(at), INDEX);
if (IS_ERR(frame->bh)) {
-@@ -934,7 +1235,7 @@ static void dx_release(struct dx_frame *
+@@ -934,7 +1235,7 @@ static void dx_release(struct dx_frame *frames)
static int ext4_htree_next_block(struct inode *dir, __u32 hash,
struct dx_frame *frame,
struct dx_frame *frames,
{
struct dx_frame *p;
struct buffer_head *bh;
-@@ -949,12 +1250,22 @@ static int ext4_htree_next_block(struct
+@@ -949,12 +1250,22 @@ static int ext4_htree_next_block(struct inode *dir, __u32 hash,
* this loop, num_frames indicates the number of interior
* nodes need to be read.
*/
p--;
}
-@@ -977,6 +1288,13 @@ static int ext4_htree_next_block(struct
+@@ -977,6 +1288,13 @@ static int ext4_htree_next_block(struct inode *dir, __u32 hash,
* block so no check is necessary
*/
while (num_frames--) {
bh = ext4_read_dirblock(dir, dx_get_block(p->at), INDEX);
if (IS_ERR(bh))
return PTR_ERR(bh);
-@@ -985,6 +1303,7 @@ static int ext4_htree_next_block(struct
+@@ -985,6 +1303,7 @@ static int ext4_htree_next_block(struct inode *dir, __u32 hash,
p->bh = bh;
p->at = p->entries = ((struct dx_node *) bh->b_data)->entries;
}
return 1;
}
-@@ -1132,10 +1451,10 @@ int ext4_htree_fill_tree(struct file *di
+@@ -1132,10 +1451,10 @@ int ext4_htree_fill_tree(struct file *dir_file, __u32 start_hash,
}
hinfo.hash = start_hash;
hinfo.minor_hash = 0;
/* Add '.' and '..' from the htree header */
if (!start_hash && !start_minor_hash) {
de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data;
-@@ -1175,7 +1494,7 @@ int ext4_htree_fill_tree(struct file *di
+@@ -1175,7 +1494,7 @@ int ext4_htree_fill_tree(struct file *dir_file, __u32 start_hash,
count += ret;
hashval = ~0;
ret = ext4_htree_next_block(dir, HASH_NB_ALWAYS,
*next_hash = hashval;
if (ret < 0) {
err = ret;
-@@ -1451,7 +1770,7 @@ static int is_dx_internal_node(struct in
+@@ -1451,7 +1770,7 @@ static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block,
static struct buffer_head *__ext4_find_entry(struct inode *dir,
struct ext4_filename *fname,
struct ext4_dir_entry_2 **res_dir,
{
struct super_block *sb;
struct buffer_head *bh_use[NAMEI_RA_SIZE];
-@@ -1493,7 +1812,7 @@ static struct buffer_head *__ext4_find_e
+@@ -1493,7 +1812,7 @@ static struct buffer_head *__ext4_find_entry(struct inode *dir,
goto restart;
}
if (is_dx(dir)) {
/*
* On success, or if the error was file not found,
* return. Otherwise, fall back to doing a search the
-@@ -1503,6 +1822,7 @@ static struct buffer_head *__ext4_find_e
+@@ -1503,6 +1822,7 @@ static struct buffer_head *__ext4_find_entry(struct inode *dir,
goto cleanup_and_exit;
dxtrace(printk(KERN_DEBUG "ext4_find_entry: dx failed, "
"falling back\n"));
ret = NULL;
}
nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb);
-@@ -1591,10 +1911,10 @@ cleanup_and_exit:
+@@ -1590,10 +1910,10 @@ cleanup_and_exit:
return ret;
}
{
int err;
struct ext4_filename fname;
-@@ -1606,12 +1926,14 @@ static struct buffer_head *ext4_find_ent
+@@ -1605,12 +1925,14 @@ static struct buffer_head *ext4_find_entry(struct inode *dir,
if (err)
return ERR_PTR(err);
static struct buffer_head *ext4_lookup_entry(struct inode *dir,
struct dentry *dentry,
struct ext4_dir_entry_2 **res_dir)
-@@ -1626,7 +1948,7 @@ static struct buffer_head *ext4_lookup_e
+@@ -1625,7 +1947,7 @@ static struct buffer_head *ext4_lookup_entry(struct inode *dir,
if (err)
return ERR_PTR(err);
ext4_fname_free_filename(&fname);
return bh;
-@@ -1634,7 +1956,8 @@ static struct buffer_head *ext4_lookup_e
+@@ -1633,7 +1955,8 @@ static struct buffer_head *ext4_lookup_entry(struct inode *dir,
static struct buffer_head * ext4_dx_find_entry(struct inode *dir,
struct ext4_filename *fname,
{
struct super_block * sb = dir->i_sb;
struct dx_frame frames[EXT4_HTREE_LEVEL], *frame;
-@@ -1645,7 +1968,7 @@ static struct buffer_head * ext4_dx_find
+@@ -1644,7 +1967,7 @@ static struct buffer_head * ext4_dx_find_entry(struct inode *dir,
#ifdef CONFIG_FS_ENCRYPTION
*res_dir = NULL;
#endif
if (IS_ERR(frame))
return (struct buffer_head *) frame;
do {
-@@ -1667,7 +1990,7 @@ static struct buffer_head * ext4_dx_find
+@@ -1666,7 +1989,7 @@ static struct buffer_head * ext4_dx_find_entry(struct inode *dir,
/* Check to see if we should continue to search */
retval = ext4_htree_next_block(dir, fname->hinfo.hash, frame,
if (retval < 0) {
ext4_warning_inode(dir,
"error %d reading directory index block",
-@@ -1847,8 +2170,9 @@ static struct ext4_dir_entry_2* dx_pack_
+@@ -1846,8 +2169,9 @@ static struct ext4_dir_entry_2* dx_pack_dirents(char *base, unsigned blocksize)
* Returns pointer to de in block into which the new entry will be inserted.
*/
static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir,
{
unsigned blocksize = dir->i_sb->s_blocksize;
unsigned count, continued;
-@@ -1919,8 +2243,14 @@ static struct ext4_dir_entry_2 *do_split
+@@ -1908,8 +2232,14 @@ static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir,
hash2, split, count-split));
/* Fancy dance to stay within two buffers */
de = dx_pack_dirents(data1, blocksize);
de->rec_len = ext4_rec_len_to_disk(data1 + (blocksize - csum_size) -
(char *) de,
-@@ -1938,12 +2268,21 @@ static struct ext4_dir_entry_2 *do_split
+@@ -1927,12 +2257,21 @@ static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir,
dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data2,
blocksize, 1));
err = ext4_handle_dirty_dirblock(handle, dir, bh2);
if (err)
goto journal_error;
-@@ -2213,7 +2552,7 @@ static int make_indexed_dir(handle_t *ha
+@@ -2181,7 +2520,7 @@ static int make_indexed_dir(handle_t *handle, struct ext4_filename *fname,
if (retval)
goto out_frames;
if (IS_ERR(de)) {
retval = PTR_ERR(de);
goto out_frames;
-@@ -2323,8 +2662,8 @@ out:
+@@ -2394,8 +2733,8 @@ out:
* may not sleep between calling this and putting something into
* the entry, as someone else might have used it while you slept.
*/
{
struct inode *dir = d_inode(dentry->d_parent);
struct buffer_head *bh = NULL;
-@@ -2375,9 +2714,10 @@ static int ext4_add_entry(handle_t *hand
+@@ -2444,9 +2783,10 @@ static int ext4_add_entry(handle_t *handle, struct dentry *dentry,
return ext4_update_dotdot(handle, dentry, inode);
if (is_dx(dir)) {
if (!retval || (retval != ERR_BAD_DX_DIR))
goto out;
+ ext4_htree_safe_relock(lck);
- /* Can we just ignore htree data? */
- if (ext4_has_metadata_csum(sb)) {
- EXT4_ERROR_INODE(dir,
-@@ -2438,12 +2778,14 @@ out:
+ ext4_clear_inode_flag(dir, EXT4_INODE_INDEX);
+ dx_fallback++;
+ ext4_mark_inode_dirty(handle, dir);
+@@ -2500,12 +2840,14 @@ out:
ext4_set_inode_state(inode, EXT4_STATE_NEWENTRY);
return retval;
}
{
struct dx_frame frames[EXT4_HTREE_LEVEL], *frame;
struct dx_entry *entries, *at;
-@@ -2455,7 +2797,7 @@ static int ext4_dx_add_entry(handle_t *h
+@@ -2517,7 +2859,7 @@ static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname,
again:
restart = 0;
if (IS_ERR(frame))
return PTR_ERR(frame);
entries = frame->entries;
-@@ -2490,6 +2832,12 @@ again:
+@@ -2552,6 +2894,12 @@ again:
struct dx_node *node2;
struct buffer_head *bh2;
while (frame > frames) {
if (dx_get_count((frame - 1)->entries) <
dx_get_limit((frame - 1)->entries)) {
-@@ -2591,8 +2939,32 @@ again:
+@@ -2654,8 +3002,32 @@ again:
restart = 1;
goto journal_error;
}
if (IS_ERR(de)) {
err = PTR_ERR(de);
goto cleanup;
-@@ -2603,6 +2975,8 @@ again:
+@@ -2666,6 +3038,8 @@ again:
journal_error:
ext4_std_error(dir->i_sb, err); /* this is a no-op if err == 0 */
cleanup:
brelse(bh);
dx_release(frames);
/* @restart is true means htree-path has been changed, we need to
-Index: linux-stage/fs/ext4/super.c
-===================================================================
---- linux-stage.orig/fs/ext4/super.c
-+++ linux-stage/fs/ext4/super.c
-@@ -1086,6 +1086,7 @@ static struct inode *ext4_alloc_inode(st
+diff --git a/fs/ext4/super.c b/fs/ext4/super.c
+index 0fcc33b1..3cc03066 100644
+--- a/fs/ext4/super.c
++++ b/fs/ext4/super.c
+@@ -1076,6 +1076,7 @@ static struct inode *ext4_alloc_inode(struct super_block *sb)
inode_set_iversion(&ei->vfs_inode, 1);
spin_lock_init(&ei->i_raw_lock);
INIT_LIST_HEAD(&ei->i_prealloc_list);
spin_lock_init(&ei->i_prealloc_lock);
ext4_es_init_tree(&ei->i_es_tree);
+--
+2.34.1
+
+commit d0a722cb8fb886380e24e8261e8efca09a3262d6
+Author: Sebastien Buisson <sbuisson@ddn.com>
+AuthorDate: Tue Dec 20 15:40:52 2022 +0100
+Commit: Oleg Drokin <green@whamcloud.com>
+CommitDate: Thu Aug 31 06:28:45 2023 +0000
+LU-16374 ldiskfs: implement security.encdata xattr
+
+security.encdata is a virtual xattr containing information related
+to encrypted files. It is expressed as ASCII text with a "key: value"
+format, and space as field separator. For instance:
+
+ { encoding: base64url, size: 3012, enc_ctx: YWJjZGVmZ2hpamtsbW
+ 5vcHFyc3R1dnd4eXphYmNkZWZnaGlqa2xtbg, enc_name: ZmlsZXdpdGh2ZX
+ J5bG9uZ25hbWVmaWxld2l0aHZlcnlsb25nbmFtZWZpbGV3aXRodmVyeWxvbmdu
+ YW1lZmlsZXdpdGg }
+
+'encoding' is the encoding method used for binary data, assume name
+can be up to 255 chars.
+'size' is the clear text file data length in bytes.
+'enc_ctx' is encoded encryption context, 40 bytes for v2.
+'enc_name' is encoded encrypted name, 256 bytes max.
+So on overall, this xattr is at most 727 chars plus terminating '0'.
+
+On get, the value of the security.encdata xattr is computed from
+encrypted file's information.
+On set, encrypted file's information is restored from xattr value.
+The encrypted name is stored temporarily in a dedicated xattr
+LDISKFS_XATTR_NAME_RAWENCNAME, that will be used to set correct name
+at linkat.
+
+Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
+Change-Id: Ia318c39d403b1c448e71bcd5b29862d022d05d0a
+Reviewed-on: https://review.whamcloud.com/49456
+Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
+Reviewed-by: Li Dongyang <dongyangli@ddn.com>
+---
+ fs/ext4/encdata.h | 128 ++++++++++++++++++++++++
+ fs/ext4/inode.c | 6 ++
+ fs/ext4/super.c | 8 ++
+ fs/ext4/xattr.h | 2 +
+ fs/ext4/xattr_security.c | 209 ++++++++++++++++++++++++++++++++++++++-
+ 5 files changed, 352 insertions(+), 1 deletion(-)
+ create mode 100644 fs/ext4/encdata.h
+
diff --git a/fs/ext4/encdata.h b/fs/ext4/encdata.h
new file mode 100644
index 00000000..aa83832f
-Subject: [PATCH] sles15sp3/ext4-filename-encode.patch
+From d0a722cb8fb886380e24e8261e8efca09a3262d6 Mon Sep 17 00:00:00 2001
+From: Sebastien Buisson <sbuisson@ddn.com>
+Date: Tue, 20 Dec 2022 15:40:52 +0100
+Subject: [PATCH] LU-16374 ldiskfs: implement security.encdata xattr
+
+security.encdata is a virtual xattr containing information related
+to encrypted files. It is expressed as ASCII text with a "key: value"
+format, and space as field separator. For instance:
+
+ { encoding: base64url, size: 3012, enc_ctx: YWJjZGVmZ2hpamtsbW
+ 5vcHFyc3R1dnd4eXphYmNkZWZnaGlqa2xtbg, enc_name: ZmlsZXdpdGh2ZX
+ J5bG9uZ25hbWVmaWxld2l0aHZlcnlsb25nbmFtZWZpbGV3aXRodmVyeWxvbmdu
+ YW1lZmlsZXdpdGg }
+
+'encoding' is the encoding method used for binary data, assume name
+can be up to 255 chars.
+'size' is the clear text file data length in bytes.
+'enc_ctx' is encoded encryption context, 40 bytes for v2.
+'enc_name' is encoded encrypted name, 256 bytes max.
+So on overall, this xattr is at most 727 chars plus terminating '0'.
+
+On get, the value of the security.encdata xattr is computed from
+encrypted file's information.
+On set, encrypted file's information is restored from xattr value.
+The encrypted name is stored temporarily in a dedicated xattr
+LDISKFS_XATTR_NAME_RAWENCNAME, that will be used to set correct name
+at linkat.
+
+Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
+Change-Id: Ia318c39d403b1c448e71bcd5b29862d022d05d0a
+Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/49456
+Tested-by: jenkins <devops@whamcloud.com>
+Tested-by: Maloo <maloo@whamcloud.com>
+Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
+Reviewed-by: Li Dongyang <dongyangli@ddn.com>
+Reviewed-by: Oleg Drokin <green@whamcloud.com>
+---
+ fs/ext4/critical_encode.h | 173 ++++++++++++++++++++++++++++++++++++++
+ fs/ext4/dir.c | 27 ++++--
+ fs/ext4/ialloc.c | 1 +
+ fs/ext4/namei.c | 50 ++++++++---
+ 4 files changed, 232 insertions(+), 19 deletions(-)
+ create mode 100644 fs/ext4/critical_encode.h
diff --git a/fs/ext4/critical_encode.h b/fs/ext4/critical_encode.h
new file mode 100644
--- /dev/null
+From d0a722cb8fb886380e24e8261e8efca09a3262d6 Mon Sep 17 00:00:00 2001
+From: Sebastien Buisson <sbuisson@ddn.com>
+Date: Tue, 20 Dec 2022 15:40:52 +0100
+Subject: [PATCH] LU-16374 ldiskfs: implement security.encdata xattr
+
+security.encdata is a virtual xattr containing information related
+to encrypted files. It is expressed as ASCII text with a "key: value"
+format, and space as field separator. For instance:
+
+ { encoding: base64url, size: 3012, enc_ctx: YWJjZGVmZ2hpamtsbW
+ 5vcHFyc3R1dnd4eXphYmNkZWZnaGlqa2xtbg, enc_name: ZmlsZXdpdGh2ZX
+ J5bG9uZ25hbWVmaWxld2l0aHZlcnlsb25nbmFtZWZpbGV3aXRodmVyeWxvbmdu
+ YW1lZmlsZXdpdGg }
+
+'encoding' is the encoding method used for binary data, assume name
+can be up to 255 chars.
+'size' is the clear text file data length in bytes.
+'enc_ctx' is encoded encryption context, 40 bytes for v2.
+'enc_name' is encoded encrypted name, 256 bytes max.
+So on overall, this xattr is at most 727 chars plus terminating '0'.
+
+On get, the value of the security.encdata xattr is computed from
+encrypted file's information.
+On set, encrypted file's information is restored from xattr value.
+The encrypted name is stored temporarily in a dedicated xattr
+LDISKFS_XATTR_NAME_RAWENCNAME, that will be used to set correct name
+at linkat.
+
+Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
+Change-Id: Ia318c39d403b1c448e71bcd5b29862d022d05d0a
+Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/49456
+Tested-by: jenkins <devops@whamcloud.com>
+Tested-by: Maloo <maloo@whamcloud.com>
+Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
+Reviewed-by: Li Dongyang <dongyangli@ddn.com>
+Reviewed-by: Oleg Drokin <green@whamcloud.com>
+---
+ fs/ext4/critical_encode.h | 173 ++++++++++++++++++++++++++++++++++++++
+ fs/ext4/dir.c | 27 ++++--
+ fs/ext4/ialloc.c | 1 +
+ fs/ext4/namei.c | 50 ++++++++---
+ 4 files changed, 232 insertions(+), 19 deletions(-)
+ create mode 100644 fs/ext4/critical_encode.h
+
+diff --git a/fs/ext4/critical_encode.h b/fs/ext4/critical_encode.h
+new file mode 100644
+index 00000000..8dc0d1c5
+--- /dev/null
++++ b/fs/ext4/critical_encode.h
+@@ -0,0 +1,173 @@
++/*
++ * critical_encode.h
++ *
++ * Copyright (c) 2022 Whamcloud
++ */
++
++#ifndef _CRITICAL_ENCODE_H
++#define _CRITICAL_ENCODE_H
++
++#include <linux/ctype.h>
++
++/* Encoding/decoding routines inspired from yEnc principles.
++ * We just take care of a few critical characters:
++ * NULL, LF, CR, /, DEL and =.
++ * If such a char is found, it is replaced with '=' followed by
++ * the char value + 64.
++ * All other chars are left untouched.
++ * Efficiency of this encoding depends on the occurences of the
++ * critical chars, but statistically on binary data it can be much higher
++ * than base64 for instance.
++ */
++static inline int critical_encode(const u8 *src, int len, char *dst)
++{
++ u8 *p = (u8 *)src, *q = dst;
++
++ while (p - src < len) {
++ /* escape NULL, LF, CR, /, DEL and = */
++ if (unlikely(*p == 0x0 || *p == 0xA || *p == 0xD ||
++ *p == '/' || *p == 0x7F || *p == '=')) {
++ *(q++) = '=';
++ *(q++) = *(p++) + 64;
++ } else {
++ *(q++) = *(p++);
++ }
++ }
++
++ return (char *)q - dst;
++}
++
++/* returns the number of chars encoding would produce */
++static inline int critical_chars(const u8 *src, int len)
++{
++ u8 *p = (u8 *)src;
++ int newlen = len;
++
++ while (p - src < len) {
++ /* NULL, LF, CR, /, DEL and = cost an additional '=' */
++ if (unlikely(*p == 0x0 || *p == 0xA || *p == 0xD ||
++ *p == '/' || *p == 0x7F || *p == '='))
++ newlen++;
++ p++;
++ }
++
++ return newlen;
++}
++
++/* decoding routine - returns the number of chars in output */
++static inline int critical_decode(const u8 *src, int len, char *dst)
++{
++ u8 *p = (u8 *)src, *q = dst;
++
++ while (p - src < len) {
++ if (unlikely(*p == '=')) {
++ *(q++) = *(++p) - 64;
++ p++;
++ } else {
++ *(q++) = *(p++);
++ }
++ }
++
++ return (char *)q - dst;
++}
++
++#define fscrypt_get_encryption_info(inode) \
++ (unlikely(!IS_LUSTRE_MOUNT(inode->i_sb)) ? 0 : -EOPNOTSUPP)
++
++static inline int ext4_has_permitted_context(struct inode *parent,
++ struct inode *child)
++{
++ if (unlikely(!IS_LUSTRE_MOUNT(parent->i_sb)))
++ return 1;
++ return fscrypt_has_permitted_context(parent, child);
++}
++
++struct ext4_filename;
++
++static inline int ext4_prepare_readdir(struct inode *dir)
++{
++ if (unlikely(!IS_LUSTRE_MOUNT(dir->i_sb)))
++ return 0;
++ return fscrypt_get_encryption_info(dir);
++}
++
++static inline int ext4_fname_alloc_buffer(const struct inode *inode,
++ u32 max_encrypted_len,
++ struct fscrypt_str *crypto_str)
++{
++ crypto_str->name = kmalloc(max_encrypted_len + 1, GFP_NOFS);
++ if (!crypto_str->name)
++ return -ENOMEM;
++ crypto_str->len = max_encrypted_len;
++ return 0;
++}
++
++static inline void ext4_fname_free_buffer(struct fscrypt_str *crypto_str)
++{
++ if (!crypto_str)
++ return;
++ kfree(crypto_str->name);
++ crypto_str->name = NULL;
++}
++
++static inline int ext4_fname_disk_to_usr(struct inode *inode,
++ u32 hash, u32 minor_hash,
++ const struct fscrypt_str *iname,
++ struct fscrypt_str *oname)
++{
++ int presented_len;
++
++ presented_len = critical_encode(iname->name, iname->len, oname->name);
++ if (presented_len > NAME_MAX) {
++ /* truncate at NAME_MAX,
++ * or NAME_MAX-1 if name ends with '=' to avoid decoding issue
++ */
++ presented_len = NAME_MAX;
++ if (oname->name[presented_len - 1] == '=')
++ presented_len--;
++ oname->len = presented_len;
++ }
++ oname->name[presented_len] = '\0';
++
++ return 0;
++}
++
++static inline int ext4_setup_filename(struct inode *dir,
++ const struct qstr *iname,
++ int lookup,
++ struct ext4_filename *fname)
++{
++ int err = 0;
++
++ fname->usr_fname = iname;
++
++ if (lookup && IS_ENCRYPTED(dir) &&
++ unlikely(!IS_LUSTRE_MOUNT(dir->i_sb) &&
++ strnchr(iname->name, iname->len, '='))) {
++ /* Only proceed to critical decode if
++ * iname contains escape char '='.
++ */
++ int len = iname->len;
++ char *buf;
++
++ buf = kmalloc(len, GFP_NOFS);
++ if (!buf)
++ return -ENOMEM;
++
++ len = critical_decode(iname->name, len, buf);
++ fname->disk_name.name = (unsigned char *)buf;
++ fname->disk_name.len = len;
++ return 0;
++ }
++
++ fname->disk_name.name = (unsigned char *) iname->name;
++ fname->disk_name.len = iname->len;
++
++#ifdef CONFIG_UNICODE
++ ext4_fname_setup_ci_filename(dir, iname, &fname->cf_name);
++#endif
++
++ return err;
++}
++
++#endif /* _CRITICAL_ENCODE_H */
+diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c
+index 6db6302d..9842a650 100644
+--- a/fs/ext4/dir.c
++++ b/fs/ext4/dir.c
+@@ -29,6 +29,7 @@
+ #include <linux/unicode.h>
+ #include "ext4.h"
+ #include "xattr.h"
++#include "critical_encode.h"
+
+ static int ext4_dx_readdir(struct file *, struct dir_context *);
+
+@@ -148,7 +149,8 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
+ return err;
+ }
+
+- if (IS_ENCRYPTED(inode)) {
++ /* disable decryption of filename, present only escaped name */
++ if (0 && IS_ENCRYPTED(inode)) {
+ err = fscrypt_fname_alloc_buffer(inode, EXT4_NAME_LEN, &fstr);
+ if (err < 0)
+ return err;
+@@ -261,22 +263,33 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
+ get_dtype(sb, de->file_type)))
+ goto done;
+ } else {
+- int save_len = fstr.len;
+ struct fscrypt_str de_name =
+ FSTR_INIT(de->name,
+ de->name_len);
++ int presented_len;
+
+ /* Directory is encrypted */
+- err = fscrypt_fname_disk_to_usr(inode,
++ presented_len = critical_chars(de->name,
++ de->name_len);
++ err = ext4_fname_alloc_buffer(inode,
++ presented_len,
++ &fstr);
++ if (err)
++ goto errout;
++
++ err = ext4_fname_disk_to_usr(inode,
+ 0, 0, &de_name, &fstr);
+ de_name = fstr;
+- fstr.len = save_len;
+- if (err)
++ if (err) {
++ ext4_fname_free_buffer(&fstr);
+ goto errout;
+- if (!dir_emit(ctx,
++ }
++ err = dir_emit(ctx,
+ de_name.name, de_name.len,
+ le32_to_cpu(de->inode),
+- get_dtype(sb, de->file_type)))
++ get_dtype(sb, de->file_type));
++ ext4_fname_free_buffer(&fstr);
++ if (!err)
+ goto done;
+ }
+ }
+diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
+index e4d44ab4..a4335db6 100644
+--- a/fs/ext4/ialloc.c
++++ b/fs/ext4/ialloc.c
+@@ -30,6 +30,7 @@
+ #include "ext4_jbd2.h"
+ #include "xattr.h"
+ #include "acl.h"
++#include "critical_encode.h"
+
+ #include <trace/events/ext4.h>
+
+diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
+index 0134c7e7..2545816f 100644
+--- a/fs/ext4/namei.c
++++ b/fs/ext4/namei.c
+@@ -41,6 +41,7 @@
+
+ #include "xattr.h"
+ #include "acl.h"
++#include "critical_encode.h"
+
+ #include <trace/events/ext4.h>
+ /*
+@@ -1345,7 +1346,7 @@ static int htree_dirblock_to_tree(struct file *dir_file,
+ EXT4_DIR_REC_LEN(0));
+ #ifdef CONFIG_FS_ENCRYPTION
+ /* Check if the directory is encrypted */
+- if (IS_ENCRYPTED(dir)) {
++ if (0 && IS_ENCRYPTED(dir)) {
+ err = fscrypt_get_encryption_info(dir);
+ if (err < 0) {
+ brelse(bh);
+@@ -1381,22 +1382,31 @@ static int htree_dirblock_to_tree(struct file *dir_file,
+ hinfo->hash, hinfo->minor_hash, de,
+ &tmp_str);
+ } else {
+- int save_len = fname_crypto_str.len;
+ struct fscrypt_str de_name = FSTR_INIT(de->name,
+ de->name_len);
++ int presented_len;
+
+ /* Directory is encrypted */
+- err = fscrypt_fname_disk_to_usr(dir, hinfo->hash,
++ presented_len = critical_chars(de->name, de->name_len);
++ err = ext4_fname_alloc_buffer(dir, presented_len,
++ &fname_crypto_str);
++ if (err) {
++ count = err;
++ goto errout;
++ }
++
++ err = ext4_fname_disk_to_usr(dir, hinfo->hash,
+ hinfo->minor_hash, &de_name,
+ &fname_crypto_str);
+ if (err) {
++ ext4_fname_free_buffer(&fname_crypto_str);
+ count = err;
+ goto errout;
+ }
+ err = ext4_htree_store_dirent(dir_file,
+ hinfo->hash, hinfo->minor_hash, de,
+ &fname_crypto_str);
+- fname_crypto_str.len = save_len;
++ ext4_fname_free_buffer(&fname_crypto_str);
+ }
+ if (err != 0) {
+ count = err;
+@@ -1682,7 +1692,7 @@ void ext4_fname_setup_ci_filename(struct inode *dir, const struct qstr *iname,
+ */
+ static inline bool ext4_match(const struct inode *parent,
+ const struct ext4_filename *fname,
+- const struct ext4_dir_entry_2 *de)
++ const struct ext4_dir_entry_2 *de, int denamelen)
+ {
+ struct fscrypt_name f;
+ #ifdef CONFIG_UNICODE
+@@ -1710,7 +1720,7 @@ static inline bool ext4_match(const struct inode *parent,
+ }
+ #endif
+
+- return fscrypt_match_name(&f, de->name, de->name_len);
++ return fscrypt_match_name(&f, de->name, denamelen);
+ }
+
+ /*
+@@ -1721,16 +1731,30 @@ int ext4_search_dir(struct buffer_head *bh, char *search_buf, int buf_size,
+ unsigned int offset, struct ext4_dir_entry_2 **res_dir)
+ {
+ struct ext4_dir_entry_2 * de;
++ bool probablytrunc;
+ char * dlimit;
+- int de_len;
++ int de_len, denamelen;
+
+ de = (struct ext4_dir_entry_2 *)search_buf;
+ dlimit = search_buf + buf_size;
++ /* fname is probably truncated if it is the decoded representation of
++ * an encrypted filename not aligned on a 32-byte boundary
++ */
++ probablytrunc = !IS_LUSTRE_MOUNT(dir->i_sb) && IS_ENCRYPTED(dir) &&
++ fname->disk_name.len & 31;
+ while ((char *) de < dlimit) {
+ /* this code is executed quadratically often */
+ /* do minimal checking `by hand' */
++ denamelen = de->name_len;
++ if (unlikely(probablytrunc) &&
++ de->name_len > fname->disk_name.len)
++ /* Adjust name len to look for a partial match.
++ * Since it is binary encrypted names, there
++ * should not be any collision between names.
++ */
++ denamelen = fname->disk_name.len;
+ if ((char *) de + de->name_len <= dlimit &&
+- ext4_match(dir, fname, de)) {
++ ext4_match(dir, fname, de, denamelen)) {
+ /* found a match - just to be sure, do
+ * a full check */
+ if (ext4_check_dir_entry(dir, NULL, de, bh, search_buf,
+@@ -1930,7 +1954,7 @@ struct buffer_head *ext4_find_entry_locked(struct inode *dir,
+ struct ext4_filename fname;
+ struct buffer_head *bh;
+
+- err = ext4_fname_setup_filename(dir, d_name, 1, &fname);
++ err = ext4_setup_filename(dir, d_name, 1, &fname);
+ if (err == -ENOENT)
+ return NULL;
+ if (err)
+@@ -1938,7 +1962,9 @@ struct buffer_head *ext4_find_entry_locked(struct inode *dir,
+
+ bh = __ext4_find_entry(dir, &fname, res_dir, inlined, lck);
+
+- ext4_fname_free_filename(&fname);
++ if (fname.disk_name.name != d_name->name)
++ kfree(fname.disk_name.name);
++
+ return bh;
+ }
+
+@@ -2052,7 +2078,7 @@ static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsi
+ }
+ if (!IS_ERR(inode) && IS_ENCRYPTED(dir) &&
+ (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
+- !fscrypt_has_permitted_context(dir, inode)) {
++ !ext4_has_permitted_context(dir, inode)) {
+ ext4_warning(inode->i_sb,
+ "Inconsistent encryption contexts: %lu/%lu",
+ dir->i_ino, inode->i_ino);
+@@ -2329,7 +2355,7 @@ int ext4_find_dest_de(struct inode *dir, struct inode *inode,
+ if (ext4_check_dir_entry(dir, NULL, de, bh,
+ buf, buf_size, offset))
+ return -EFSCORRUPTED;
+- if (ext4_match(dir, fname, de))
++ if (ext4_match(dir, fname, de, de->name_len))
+ return -EEXIST;
+ nlen = EXT4_DIR_ENTRY_LEN(de);
+ rlen = ext4_rec_len_from_disk(de->rec_len, buf_size);
+--
+2.34.1
+
--- /dev/null
+rhel8/ext4-inode-version.patch
+linux-5.4/ext4-lookup-dotdot.patch
+suse15/ext4-print-inum-in-htree-warning.patch
+rhel8/ext4-prealloc.patch
+ubuntu18/ext4-osd-iop-common.patch
+ubuntu19/ext4-misc.patch
+rhel8/ext4-mballoc-extra-checks.patch
+linux-5.4/ext4-hash-indexed-dir-dotdot-update.patch
+linux-5.4/ext4-kill-dx-root.patch
+rhel7.6/ext4-mballoc-pa-free-mismatch.patch
+linux-5.4/ext4-data-in-dirent.patch
+rhel8/ext4-nocmtime.patch
+base/ext4-htree-lock.patch
+ubuntu2004/ext4-pdirop.patch
+rhel8/ext4-max-dir-size.patch
+rhel8/ext4-corrupted-inode-block-bitmaps-handling-patches.patch
+linux-5.4/ext4-give-warning-with-dir-htree-growing.patch
+ubuntu18/ext4-jcb-optimization.patch
+linux-5.4/ext4-attach-jinode-in-writepages.patch
+rhel8/ext4-dont-check-before-replay.patch
+rhel7.6/ext4-use-GFP_NOFS-in-ext4_inode_attach_jinode.patch
+rhel7.6/ext4-export-orphan-add.patch
+rhel8/ext4-export-mb-stream-allocator-variables.patch
+ubuntu19/ext4-iget-with-flags.patch
+linux-5.4/export-ext4fs-dirhash-helper.patch
+linux-5.4/ext4-misc.patch
+rhel8/ext4-simple-blockalloc.patch
+rhel8/ext4-xattr-disable-credits-check.patch
+base/ext4-no-max-dir-size-limit-for-iam-objects.patch
+rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
+base/ext4-projid-xattrs.patch
+linux-5.4/ext4-enc-flag.patch
+base/ext4-delayed-iput.patch
+rhel8/ext4-old_ea_inodes_handling_fix.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
+rhel8/ext4-add-periodic-superblock-update.patch
linux-5.8/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-sles15sp3/ext4-filename-encode.patch
+ubuntu2004/ext4-filename-encode.patch
sles15sp3/ext4-encdata.patch
rhel8/ext4-add-periodic-superblock-update.patch
rhel8/ext4-xattr-disable-credits-check.patch
base/ext4-no-max-dir-size-limit-for-iam-objects.patch
rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
base/ext4-projid-xattrs.patch
linux-5.4/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-rhel8/ext4-encdata.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
rhel8/ext4-xattr-disable-credits-check.patch
base/ext4-no-max-dir-size-limit-for-iam-objects.patch
rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
base/ext4-projid-xattrs.patch
linux-5.4/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-rhel8/ext4-encdata.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
linux-5.4/ext4-xattr-disable-credits-check.patch
base/ext4-no-max-dir-size-limit-for-iam-objects.patch
rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
base/ext4-projid-xattrs.patch
linux-5.4/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-rhel8/ext4-encdata.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
linux-5.4/ext4-xattr-disable-credits-check.patch
base/ext4-no-max-dir-size-limit-for-iam-objects.patch
rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
base/ext4-projid-xattrs.patch
linux-5.4/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-rhel8/ext4-encdata.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
rhel8/ext4-xattr-disable-credits-check.patch
base/ext4-no-max-dir-size-limit-for-iam-objects.patch
rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
base/ext4-projid-xattrs.patch
linux-5.4/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-rhel8/ext4-encdata.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
linux-5.4/ext4-data-in-dirent.patch
rhel8/ext4-nocmtime.patch
base/ext4-htree-lock.patch
-linux-5.4/ext4-pdirop.patch
+linux-5.10/ext4-pdirop.patch
rhel8/ext4-max-dir-size.patch
rhel8/ext4-corrupted-inode-block-bitmaps-handling-patches.patch
linux-5.4/ext4-give-warning-with-dir-htree-growing.patch
linux-5.4/ext4-xattr-disable-credits-check.patch
base/ext4-no-max-dir-size-limit-for-iam-objects.patch
rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
base/ext4-projid-xattrs.patch
linux-5.4/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-rhel8/ext4-encdata.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
rhel8/ext4-xattr-disable-credits-check.patch
base/ext4-no-max-dir-size-limit-for-iam-objects.patch
rhel8/ext4-ialloc-uid-gid-and-pass-owner-down.patch
+rhel8/ext4-ext-merge.patch
base/ext4-projid-xattrs.patch
linux-5.4/ext4-enc-flag.patch
base/ext4-delayed-iput.patch
rhel8/ext4-old_ea_inodes_handling_fix.patch
-rhel8/ext4-encdata.patch
+ubuntu2004/ext4-filename-encode.patch
+sles15sp3/ext4-encdata.patch
git://git.whamcloud.com / fs / lustre-release.git / commitdiff