static int ll_create_it(struct inode *dir, struct dentry *dentry,
struct lookup_intent *it,
- void *secctx, __u32 secctxlen, bool encrypt);
+ void *secctx, __u32 secctxlen, bool encrypt,
+ void *encctx, __u32 encctxlen);
/* called from iget5_locked->find_inode() under inode_lock spinlock */
static int ll_test_inode(struct inode *inode, void *opaque)
struct lookup_intent *it,
struct inode *parent, struct dentry **de,
void *secctx, __u32 secctxlen,
+ void *encctx, __u32 encctxlen,
ktime_t kstart, bool encrypt)
{
struct inode *inode = NULL;
if (rc)
RETURN(rc);
+ /* If encryption context was returned by MDT, put it in
+ * inode now to save an extra getxattr and avoid deadlock.
+ */
+ if (body->mbo_valid & OBD_MD_ENCCTX) {
+ encctx = req_capsule_server_get(pill, &RMF_FILE_ENCCTX);
+ encctxlen = req_capsule_get_size(pill,
+ &RMF_FILE_ENCCTX,
+ RCL_SERVER);
+
+ if (encctxlen) {
+ CDEBUG(D_SEC,
+ "server returned encryption ctx for "DFID"\n",
+ PFID(ll_inode2fid(inode)));
+ rc = ll_xattr_cache_insert(inode,
+ LL_XATTR_NAME_ENCRYPTION_CONTEXT,
+ encctx, encctxlen);
+ if (rc)
+ CWARN("%s: cannot set enc ctx for "DFID": rc = %d\n",
+ ll_i2sbi(inode)->ll_fsname,
+ PFID(ll_inode2fid(inode)), rc);
+ else if (encrypt) {
+ rc = llcrypt_get_encryption_info(inode);
+ if (rc)
+ CDEBUG(D_SEC,
+ "cannot get enc info for "DFID": rc = %d\n",
+ PFID(ll_inode2fid(inode)), rc);
+ }
+ }
+ }
+
if (it->it_op & IT_OPEN)
ll_dom_finish_open(inode, request, it);
}
if (secctx != NULL && secctxlen != 0) {
- inode_lock(inode);
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
rc = security_inode_notifysecctx(inode, secctx,
secctxlen);
- inode_unlock(inode);
if (rc)
- CWARN("cannot set security context for "
- DFID": rc = %d\n",
- PFID(ll_inode2fid(inode)), rc);
+ CWARN("%s: cannot set security context for "DFID": rc = %d\n",
+ ll_i2sbi(inode)->ll_fsname,
+ PFID(ll_inode2fid(inode)),
+ rc);
}
}
struct lookup_intent *it,
void **secctx, __u32 *secctxlen,
struct pcc_create_attach *pca,
- bool encrypt)
+ bool encrypt,
+ void **encctx, __u32 *encctxlen)
{
ktime_t kstart = ktime_get();
struct lookup_intent lookup_it = { .it_op = IT_LOOKUP };
if (secctxlen != NULL)
*secctxlen = 0;
}
+ if (it->it_op & IT_CREAT && encrypt) {
+ rc = llcrypt_inherit_context(parent, NULL, op_data, false);
+ if (rc)
+ GOTO(out, retval = ERR_PTR(rc));
+ if (encctx != NULL)
+ *encctx = op_data->op_file_encctx;
+ if (encctxlen != NULL)
+ *encctxlen = op_data->op_file_encctx_size;
+ } else {
+ if (encctx != NULL)
+ *encctx = NULL;
+ if (encctxlen != NULL)
+ *encctxlen = 0;
+ }
/* ask for security context upon intent */
if (it->it_op & (IT_LOOKUP | IT_GETATTR | IT_OPEN)) {
rc = ll_lookup_it_finish(req, it, parent, &dentry,
secctx != NULL ? *secctx : NULL,
secctxlen != NULL ? *secctxlen : 0,
+ encctx != NULL ? *encctx : NULL,
+ encctxlen != NULL ? *encctxlen : 0,
kstart, encrypt);
if (rc != 0) {
ll_intent_release(it);
op_data->op_file_secctx = NULL;
op_data->op_file_secctx_size = 0;
}
+ if (encctx != NULL && encctxlen != NULL &&
+ it->it_op & IT_CREAT && encrypt) {
+ /* caller needs enc ctx info, so reset it in op_data to
+ * prevent it from being freed
+ */
+ op_data->op_file_encctx = NULL;
+ op_data->op_file_encctx_size = 0;
+ }
ll_finish_md_op_data(op_data);
}
itp = NULL;
else
itp = ⁢
- de = ll_lookup_it(parent, dentry, itp, NULL, NULL, NULL, false);
+ de = ll_lookup_it(parent, dentry, itp, NULL, NULL, NULL, false,
+ NULL, NULL);
if (itp != NULL)
ll_intent_release(itp);
long long lookup_flags = LOOKUP_OPEN;
void *secctx = NULL;
__u32 secctxlen = 0;
+ void *encctx = NULL;
+ __u32 encctxlen = 0;
struct ll_sb_info *sbi = NULL;
struct pcc_create_attach pca = { NULL, NULL };
bool encrypt = false;
it->it_flags = (open_flags & ~O_ACCMODE) | OPEN_FMODE(open_flags);
it->it_flags &= ~MDS_OPEN_FL_INTERNAL;
- if (IS_ENCRYPTED(dir)) {
+ if (ll_sbi_has_encrypt(ll_i2sbi(dir)) && IS_ENCRYPTED(dir)) {
/* we know that we are going to create a regular file because
* we set S_IFREG bit on it->it_create_mode above
*/
}
/* Dentry added to dcache tree in ll_lookup_it */
- de = ll_lookup_it(dir, dentry, it, &secctx, &secctxlen, &pca, encrypt);
+ de = ll_lookup_it(dir, dentry, it, &secctx, &secctxlen, &pca, encrypt,
+ &encctx, &encctxlen);
if (IS_ERR(de))
rc = PTR_ERR(de);
else if (de != NULL)
if (it_disposition(it, DISP_OPEN_CREATE)) {
/* Dentry instantiated in ll_create_it. */
rc = ll_create_it(dir, dentry, it, secctx, secctxlen,
- encrypt);
+ encrypt, encctx, encctxlen);
security_release_secctx(secctx, secctxlen);
+ llcrypt_free_ctx(encctx, encctxlen);
if (rc) {
/* We dget in ll_splice_alias. */
if (de != NULL)
* already created PCC copy.
*/
pcc_create_attach_cleanup(dir->i_sb, &pca);
+
+ if (open_flags & O_CREAT && encrypt &&
+ dentry->d_inode) {
+ rc = ll_set_encflags(dentry->d_inode, encctx,
+ encctxlen, true);
+ llcrypt_free_ctx(encctx, encctxlen);
+ if (rc)
+ GOTO(out_release, rc);
+ }
}
if (dentry->d_inode && it_disposition(it, DISP_OPEN_OPEN)) {
*/
static int ll_create_it(struct inode *dir, struct dentry *dentry,
struct lookup_intent *it,
- void *secctx, __u32 secctxlen, bool encrypt)
+ void *secctx, __u32 secctxlen, bool encrypt,
+ void *encctx, __u32 encctxlen)
{
struct inode *inode;
__u64 bits = 0;
if ((ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX) &&
secctx != NULL) {
- inode_lock(inode);
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
rc = security_inode_notifysecctx(inode, secctx, secctxlen);
- inode_unlock(inode);
if (rc)
RETURN(rc);
}
d_instantiate(dentry, inode);
if (encrypt) {
- rc = llcrypt_inherit_context(dir, inode, dentry, true);
+ rc = ll_set_encflags(inode, encctx, encctxlen, true);
if (rc)
RETURN(rc);
}
struct inode *inode = NULL;
struct ll_sb_info *sbi = ll_i2sbi(dir);
int tgt_len = 0;
- int encrypt = 0;
+ bool encrypt = false;
int err;
ENTRY;
GOTO(err_exit, err);
}
- if ((IS_ENCRYPTED(dir) &&
+ if (ll_sbi_has_encrypt(sbi) &&
+ ((IS_ENCRYPTED(dir) &&
(S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) ||
- (unlikely(llcrypt_dummy_context_enabled(dir)) && S_ISDIR(mode))) {
+ (unlikely(llcrypt_dummy_context_enabled(dir)) && S_ISDIR(mode)))) {
err = llcrypt_get_encryption_info(dir);
if (err)
GOTO(err_exit, err);
if (!llcrypt_has_encryption_key(dir))
GOTO(err_exit, err = -ENOKEY);
- encrypt = 1;
+ encrypt = true;
+ }
+
+ if (encrypt) {
+ err = llcrypt_inherit_context(dir, NULL, op_data, false);
+ if (err)
+ GOTO(err_exit, err);
}
err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
GOTO(err_exit, err);
if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
- inode_lock(inode);
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
err = security_inode_notifysecctx(inode,
op_data->op_file_secctx,
op_data->op_file_secctx_size);
- inode_unlock(inode);
if (err)
GOTO(err_exit, err);
}
d_instantiate(dchild, inode);
if (encrypt) {
- err = llcrypt_inherit_context(dir, inode, NULL, true);
+ err = ll_set_encflags(inode, op_data->op_file_encctx,
+ op_data->op_file_encctx_size, true);
if (err)
GOTO(err_exit, err);
}
git://git.whamcloud.com / fs / lustre-release.git / blobdiff