static int ll_create_it(struct inode *dir, struct dentry *dentry,
struct lookup_intent *it,
- void *secctx, __u32 secctxlen);
+ void *secctx, __u32 secctxlen, bool encrypt,
+ void *encctx, __u32 encctxlen);
/* called from iget5_locked->find_inode() under inode_lock spinlock */
static int ll_test_inode(struct inode *inode, void *opaque)
struct lookup_intent *it,
struct inode *parent, struct dentry **de,
void *secctx, __u32 secctxlen,
- ktime_t kstart)
+ void *encctx, __u32 encctxlen,
+ ktime_t kstart, bool encrypt)
{
struct inode *inode = NULL;
__u64 bits = 0;
if (rc)
RETURN(rc);
+ /* If encryption context was returned by MDT, put it in
+ * inode now to save an extra getxattr and avoid deadlock.
+ */
+ if (body->mbo_valid & OBD_MD_ENCCTX) {
+ encctx = req_capsule_server_get(pill, &RMF_FILE_ENCCTX);
+ encctxlen = req_capsule_get_size(pill,
+ &RMF_FILE_ENCCTX,
+ RCL_SERVER);
+
+ if (encctxlen) {
+ CDEBUG(D_SEC,
+ "server returned encryption ctx for "DFID"\n",
+ PFID(ll_inode2fid(inode)));
+ rc = ll_xattr_cache_insert(inode,
+ LL_XATTR_NAME_ENCRYPTION_CONTEXT,
+ encctx, encctxlen);
+ if (rc)
+ CWARN("%s: cannot set enc ctx for "DFID": rc = %d\n",
+ ll_i2sbi(inode)->ll_fsname,
+ PFID(ll_inode2fid(inode)), rc);
+ else if (encrypt) {
+ rc = llcrypt_get_encryption_info(inode);
+ if (rc)
+ CDEBUG(D_SEC,
+ "cannot get enc info for "DFID": rc = %d\n",
+ PFID(ll_inode2fid(inode)), rc);
+ }
+ }
+ }
+
if (it->it_op & IT_OPEN)
ll_dom_finish_open(inode, request, it);
}
if (secctx != NULL && secctxlen != 0) {
- inode_lock(inode);
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
rc = security_inode_notifysecctx(inode, secctx,
secctxlen);
- inode_unlock(inode);
if (rc)
- CWARN("cannot set security context for "
- DFID": rc = %d\n",
- PFID(ll_inode2fid(inode)), rc);
+ CWARN("%s: cannot set security context for "DFID": rc = %d\n",
+ ll_i2sbi(inode)->ll_fsname,
+ PFID(ll_inode2fid(inode)),
+ rc);
}
}
/* we have lookup look - unhide dentry */
if (bits & MDS_INODELOCK_LOOKUP)
d_lustre_revalidate(*de);
+
+ if (encrypt) {
+ rc = llcrypt_get_encryption_info(inode);
+ if (rc)
+ GOTO(out, rc);
+ if (!llcrypt_has_encryption_key(inode))
+ GOTO(out, rc = -ENOKEY);
+ }
} else if (!it_disposition(it, DISP_OPEN_CREATE)) {
/*
* If file was created on the server, the dentry is revalidated
static struct dentry *ll_lookup_it(struct inode *parent, struct dentry *dentry,
struct lookup_intent *it,
void **secctx, __u32 *secctxlen,
- struct pcc_create_attach *pca)
+ struct pcc_create_attach *pca,
+ bool encrypt,
+ void **encctx, __u32 *encctxlen)
{
ktime_t kstart = ktime_get();
struct lookup_intent lookup_it = { .it_op = IT_LOOKUP };
if (secctxlen != NULL)
*secctxlen = 0;
}
+ if (it->it_op & IT_CREAT && encrypt) {
+ rc = llcrypt_inherit_context(parent, NULL, op_data, false);
+ if (rc)
+ GOTO(out, retval = ERR_PTR(rc));
+ if (encctx != NULL)
+ *encctx = op_data->op_file_encctx;
+ if (encctxlen != NULL)
+ *encctxlen = op_data->op_file_encctx_size;
+ } else {
+ if (encctx != NULL)
+ *encctx = NULL;
+ if (encctxlen != NULL)
+ *encctxlen = 0;
+ }
/* ask for security context upon intent */
if (it->it_op & (IT_LOOKUP | IT_GETATTR | IT_OPEN)) {
rc = ll_lookup_it_finish(req, it, parent, &dentry,
secctx != NULL ? *secctx : NULL,
secctxlen != NULL ? *secctxlen : 0,
- kstart);
- if (rc != 0) {
- ll_intent_release(it);
- GOTO(out, retval = ERR_PTR(rc));
- }
-
- if ((it->it_op & IT_OPEN) && dentry->d_inode &&
- !S_ISREG(dentry->d_inode->i_mode) &&
- !S_ISDIR(dentry->d_inode->i_mode)) {
- ll_release_openhandle(dentry, it);
- }
- ll_lookup_finish_locks(it, dentry);
+ encctx != NULL ? *encctx : NULL,
+ encctxlen != NULL ? *encctxlen : 0,
+ kstart, encrypt);
+ if (rc != 0) {
+ ll_intent_release(it);
+ GOTO(out, retval = ERR_PTR(rc));
+ }
+
+ if ((it->it_op & IT_OPEN) && dentry->d_inode &&
+ !S_ISREG(dentry->d_inode->i_mode) &&
+ !S_ISDIR(dentry->d_inode->i_mode)) {
+ ll_release_openhandle(dentry, it);
+ }
+ ll_lookup_finish_locks(it, dentry);
GOTO(out, retval = (dentry == save) ? NULL : dentry);
op_data->op_file_secctx = NULL;
op_data->op_file_secctx_size = 0;
}
+ if (encctx != NULL && encctxlen != NULL &&
+ it->it_op & IT_CREAT && encrypt) {
+ /* caller needs enc ctx info, so reset it in op_data to
+ * prevent it from being freed
+ */
+ op_data->op_file_encctx = NULL;
+ op_data->op_file_encctx_size = 0;
+ }
ll_finish_md_op_data(op_data);
}
itp = NULL;
else
itp = ⁢
- de = ll_lookup_it(parent, dentry, itp, NULL, NULL, NULL);
+ de = ll_lookup_it(parent, dentry, itp, NULL, NULL, NULL, false,
+ NULL, NULL);
if (itp != NULL)
ll_intent_release(itp);
long long lookup_flags = LOOKUP_OPEN;
void *secctx = NULL;
__u32 secctxlen = 0;
- struct ll_sb_info *sbi;
+ void *encctx = NULL;
+ __u32 encctxlen = 0;
+ struct ll_sb_info *sbi = NULL;
struct pcc_create_attach pca = { NULL, NULL };
+ bool encrypt = false;
int rc = 0;
ENTRY;
it->it_flags = (open_flags & ~O_ACCMODE) | OPEN_FMODE(open_flags);
it->it_flags &= ~MDS_OPEN_FL_INTERNAL;
+ if (ll_sbi_has_encrypt(ll_i2sbi(dir)) && IS_ENCRYPTED(dir)) {
+ /* we know that we are going to create a regular file because
+ * we set S_IFREG bit on it->it_create_mode above
+ */
+ rc = llcrypt_get_encryption_info(dir);
+ if (rc)
+ GOTO(out_release, rc);
+ if (!llcrypt_has_encryption_key(dir))
+ GOTO(out_release, rc = -ENOKEY);
+ encrypt = true;
+ rc = 0;
+ }
+
/* Dentry added to dcache tree in ll_lookup_it */
- de = ll_lookup_it(dir, dentry, it, &secctx, &secctxlen, &pca);
+ de = ll_lookup_it(dir, dentry, it, &secctx, &secctxlen, &pca, encrypt,
+ &encctx, &encctxlen);
if (IS_ERR(de))
rc = PTR_ERR(de);
else if (de != NULL)
if (!rc) {
if (it_disposition(it, DISP_OPEN_CREATE)) {
/* Dentry instantiated in ll_create_it. */
- rc = ll_create_it(dir, dentry, it, secctx, secctxlen);
+ rc = ll_create_it(dir, dentry, it, secctx, secctxlen,
+ encrypt, encctx, encctxlen);
security_release_secctx(secctx, secctxlen);
+ llcrypt_free_ctx(encctx, encctxlen);
if (rc) {
/* We dget in ll_splice_alias. */
if (de != NULL)
* already created PCC copy.
*/
pcc_create_attach_cleanup(dir->i_sb, &pca);
+
+ if (open_flags & O_CREAT && encrypt &&
+ dentry->d_inode) {
+ rc = ll_set_encflags(dentry->d_inode, encctx,
+ encctxlen, true);
+ llcrypt_free_ctx(encctx, encctxlen);
+ if (rc)
+ GOTO(out_release, rc);
+ }
}
if (dentry->d_inode && it_disposition(it, DISP_OPEN_OPEN)) {
*/
static int ll_create_it(struct inode *dir, struct dentry *dentry,
struct lookup_intent *it,
- void *secctx, __u32 secctxlen)
+ void *secctx, __u32 secctxlen, bool encrypt,
+ void *encctx, __u32 encctxlen)
{
struct inode *inode;
__u64 bits = 0;
if ((ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX) &&
secctx != NULL) {
- inode_lock(inode);
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
rc = security_inode_notifysecctx(inode, secctx, secctxlen);
- inode_unlock(inode);
if (rc)
RETURN(rc);
}
d_instantiate(dentry, inode);
+ if (encrypt) {
+ rc = ll_set_encflags(inode, encctx, encctxlen, true);
+ if (rc)
+ RETURN(rc);
+ }
+
if (!(ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX)) {
rc = ll_inode_init_security(dentry, inode, dir);
if (rc)
const char *tgt, umode_t mode, int rdev, __u32 opc)
{
struct qstr *name = &dchild->d_name;
- struct ptlrpc_request *request = NULL;
- struct md_op_data *op_data;
- struct inode *inode = NULL;
- struct ll_sb_info *sbi = ll_i2sbi(dir);
- int tgt_len = 0;
- int err;
+ struct ptlrpc_request *request = NULL;
+ struct md_op_data *op_data = NULL;
+ struct inode *inode = NULL;
+ struct ll_sb_info *sbi = ll_i2sbi(dir);
+ int tgt_len = 0;
+ bool encrypt = false;
+ int err;
- ENTRY;
- if (unlikely(tgt != NULL))
- tgt_len = strlen(tgt) + 1;
+ ENTRY;
+ if (unlikely(tgt != NULL))
+ tgt_len = strlen(tgt) + 1;
again:
op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name,
GOTO(err_exit, err);
}
+ if (ll_sbi_has_encrypt(sbi) &&
+ ((IS_ENCRYPTED(dir) &&
+ (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) ||
+ (unlikely(llcrypt_dummy_context_enabled(dir)) && S_ISDIR(mode)))) {
+ err = llcrypt_get_encryption_info(dir);
+ if (err)
+ GOTO(err_exit, err);
+ if (!llcrypt_has_encryption_key(dir))
+ GOTO(err_exit, err = -ENOKEY);
+ encrypt = true;
+ }
+
+ if (encrypt) {
+ err = llcrypt_inherit_context(dir, NULL, op_data, false);
+ if (err)
+ GOTO(err_exit, err);
+ }
+
err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
from_kuid(&init_user_ns, current_fsuid()),
from_kgid(&init_user_ns, current_fsgid()),
GOTO(err_exit, err);
if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
- inode_lock(inode);
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
err = security_inode_notifysecctx(inode,
op_data->op_file_secctx,
op_data->op_file_secctx_size);
- inode_unlock(inode);
if (err)
GOTO(err_exit, err);
}
d_instantiate(dchild, inode);
+ if (encrypt) {
+ err = ll_set_encflags(inode, op_data->op_file_encctx,
+ op_data->op_file_encctx_size, true);
+ if (err)
+ GOTO(err_exit, err);
+ }
+
if (!(sbi->ll_flags & LL_SBI_FILE_SECCTX)) {
err = ll_inode_init_security(dchild, inode, dir);
if (err)
if (!IS_ERR_OR_NULL(op_data))
ll_finish_md_op_data(op_data);
- return err;
+ RETURN(err);
}
static int ll_mknod(struct inode *dir, struct dentry *dchild, umode_t mode,
PFID(ll_inode2fid(src)), src,
PFID(ll_inode2fid(dir)), dir, new_dentry);
+ err = llcrypt_prepare_link(old_dentry, dir, new_dentry);
+ if (err)
+ RETURN(err);
+
op_data = ll_prep_md_op_data(NULL, src, dir, name->name, name->len,
0, LUSTRE_OPC_ANY, NULL);
if (IS_ERR(op_data))
if (unlikely(d_mountpoint(src_dchild) || d_mountpoint(tgt_dchild)))
RETURN(-EBUSY);
+#ifdef HAVE_IOPS_RENAME_WITH_FLAGS
+ err = llcrypt_prepare_rename(src, src_dchild, tgt, tgt_dchild, flags);
+#else
+ err = llcrypt_prepare_rename(src, src_dchild, tgt, tgt_dchild, 0);
+#endif
+ if (err)
+ RETURN(err);
+
op_data = ll_prep_md_op_data(NULL, src, tgt, NULL, 0, 0,
LUSTRE_OPC_ANY, NULL);
if (IS_ERR(op_data))