continue;
spin_lock_nested(&child->d_lock, DENTRY_D_LOCK_NESTED);
- __d_lustre_invalidate(child);
+ if (lld_is_init(child))
+ ll_d2d(child)->lld_invalid = 1;
if (!ll_d_count(child)) {
dget_dlock(child);
__d_drop(child);
}
if (bits & MDS_INODELOCK_XATTR) {
- ll_xattr_cache_destroy(inode);
+ ll_xattr_cache_empty(inode);
bits &= ~MDS_INODELOCK_XATTR;
}
struct dentry *ll_splice_alias(struct inode *inode, struct dentry *de)
{
struct dentry *new;
- int rc;
if (inode) {
new = ll_find_alias(inode, de);
if (new) {
- rc = ll_d_init(new);
- if (rc < 0) {
- dput(new);
- return ERR_PTR(rc);
- }
+ if (!ll_d_setup(new, true))
+ return ERR_PTR(-ENOMEM);
d_move(new, de);
iput(inode);
CDEBUG(D_DENTRY,
return new;
}
}
- rc = ll_d_init(de);
- if (rc < 0)
- return ERR_PTR(rc);
+ if (!ll_d_setup(de, false))
+ return ERR_PTR(-ENOMEM);
d_add(de, inode);
/* this needs only to be done for foreign symlink dirs as
__u32 opc;
int rc;
char secctx_name[XATTR_NAME_MAX + 1];
-
+ struct llcrypt_name fname;
+ struct lu_fid fid;
ENTRY;
if (dentry->d_name.len > ll_i2sbi(parent)->ll_namelen)
if (it->it_op & IT_CREAT)
opc = LUSTRE_OPC_CREATE;
else
- opc = LUSTRE_OPC_ANY;
+ opc = LUSTRE_OPC_LOOKUP;
+
+ /* Here we should be calling llcrypt_prepare_lookup(). But it installs a
+ * custom ->d_revalidate() method, so we lose ll_d_ops.
+ * To workaround this, call ll_setup_filename() and do the rest
+ * manually. Also make a copy of llcrypt_d_revalidate() (unfortunately
+ * not exported function) and call it from ll_revalidate_dentry(), to
+ * ensure we do not cache stale dentries after a key has been added.
+ */
+ rc = ll_setup_filename(parent, &dentry->d_name, 1, &fname, &fid);
+ if ((!rc || rc == -ENOENT) && fname.is_ciphertext_name) {
+ spin_lock(&dentry->d_lock);
+ dentry->d_flags |= DCACHE_ENCRYPTED_NAME;
+ spin_unlock(&dentry->d_lock);
+ }
+ if (rc == -ENOENT)
+ RETURN(NULL);
+ if (rc)
+ RETURN(ERR_PTR(rc));
- op_data = ll_prep_md_op_data(NULL, parent, NULL, dentry->d_name.name,
- dentry->d_name.len, 0, opc, NULL);
- if (IS_ERR(op_data))
- GOTO(out, retval = ERR_CAST(op_data));
+ op_data = ll_prep_md_op_data(NULL, parent, NULL, fname.disk_name.name,
+ fname.disk_name.len, 0, opc, NULL);
+ if (IS_ERR(op_data)) {
+ llcrypt_free_filename(&fname);
+ RETURN(ERR_CAST(op_data));
+ }
+ if (!fid_is_zero(&fid)) {
+ op_data->op_fid2 = fid;
+ op_data->op_bias = MDS_FID_OP;
+ if (it->it_op & IT_OPEN)
+ it->it_flags |= MDS_OPEN_BY_FID;
+ }
/* enforce umask if acl disabled or MDS doesn't support umask */
if (!IS_POSIXACL(parent) || !exp_connect_umask(ll_i2mdexp(parent)))
it->it_create_mode &= ~current_umask();
if (it->it_op & IT_CREAT &&
- ll_i2sbi(parent)->ll_flags & LL_SBI_FILE_SECCTX) {
+ test_bit(LL_SBI_FILE_SECCTX, ll_i2sbi(parent)->ll_flags)) {
rc = ll_dentry_init_security(dentry, it->it_create_mode,
&dentry->d_name,
&op_data->op_file_secctx_name,
op_data->op_file_encctx = NULL;
op_data->op_file_encctx_size = 0;
}
+ llcrypt_free_filename(&fname);
ll_finish_md_op_data(op_data);
}
if (IS_ERR(inode))
RETURN(PTR_ERR(inode));
- if ((ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX) &&
- secctx != NULL) {
+ if (test_bit(LL_SBI_FILE_SECCTX, ll_i2sbi(inode)->ll_flags) &&
+ secctx) {
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
RETURN(rc);
}
- if (!(ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX)) {
+ if (!test_bit(LL_SBI_FILE_SECCTX, ll_i2sbi(inode)->ll_flags)) {
rc = ll_inode_init_security(dentry, inode, dir);
if (rc)
RETURN(rc);
}
static int ll_new_node(struct inode *dir, struct dentry *dchild,
- const char *tgt, umode_t mode, int rdev, __u32 opc)
+ const char *tgt, umode_t mode, __u64 rdev, __u32 opc)
{
struct qstr *name = &dchild->d_name;
struct ptlrpc_request *request = NULL;
struct md_op_data *op_data = NULL;
struct inode *inode = NULL;
struct ll_sb_info *sbi = ll_i2sbi(dir);
- int tgt_len = 0;
+ struct llcrypt_str *disk_link = NULL;
bool encrypt = false;
int err;
ENTRY;
- if (unlikely(tgt != NULL))
- tgt_len = strlen(tgt) + 1;
+ if (unlikely(tgt != NULL)) {
+ disk_link = (struct llcrypt_str *)rdev;
+ rdev = 0;
+ if (!disk_link)
+ RETURN(-EINVAL);
+ }
again:
op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name,
if (S_ISDIR(mode))
ll_qos_mkdir_prep(op_data, dir);
- if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
+ if (test_bit(LL_SBI_FILE_SECCTX, sbi->ll_flags)) {
err = ll_dentry_init_security(dchild, mode, &dchild->d_name,
&op_data->op_file_secctx_name,
&op_data->op_file_secctx,
err = llcrypt_inherit_context(dir, NULL, op_data, false);
if (err)
GOTO(err_exit, err);
+
+ if (S_ISLNK(mode)) {
+ /* llcrypt needs inode to encrypt target name, so create
+ * a fake inode and associate encryption context got
+ * from llcrypt_inherit_context.
+ */
+ struct inode *fakeinode =
+ dchild->d_sb->s_op->alloc_inode(dchild->d_sb);
+
+ if (!fakeinode)
+ GOTO(err_exit, err = -ENOMEM);
+ fakeinode->i_sb = dchild->d_sb;
+ fakeinode->i_mode |= S_IFLNK;
+#ifdef IOP_XATTR
+ fakeinode->i_opflags |= IOP_XATTR;
+#endif
+ ll_lli_init(ll_i2info(fakeinode));
+ err = ll_set_encflags(fakeinode,
+ op_data->op_file_encctx,
+ op_data->op_file_encctx_size,
+ true);
+ if (!err)
+ err = __llcrypt_encrypt_symlink(fakeinode, tgt,
+ strlen(tgt),
+ disk_link);
+
+ ll_xattr_cache_destroy(fakeinode);
+ llcrypt_put_encryption_info(fakeinode);
+ dchild->d_sb->s_op->destroy_inode(fakeinode);
+ if (err)
+ GOTO(err_exit, err);
+ }
}
- err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
+ err = md_create(sbi->ll_md_exp, op_data, tgt ? disk_link->name : NULL,
+ tgt ? disk_link->len : 0, mode,
from_kuid(&init_user_ns, current_fsuid()),
from_kgid(&init_user_ns, current_fsgid()),
- cfs_curproc_cap_pack(), rdev, &request);
+ current_cap(), rdev, &request);
#if LUSTRE_VERSION_CODE < OBD_OCD_VERSION(2, 14, 58, 0)
/*
* server < 2.12.58 doesn't pack default LMV in intent_getattr reply,
if (err)
GOTO(err_exit, err);
- if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
+ if (test_bit(LL_SBI_FILE_SECCTX, sbi->ll_flags)) {
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
op_data->op_file_encctx_size, true);
if (err)
GOTO(err_exit, err);
+
+ if (S_ISLNK(mode)) {
+ struct ll_inode_info *lli = ll_i2info(inode);
+
+ /* Cache the plaintext symlink target
+ * for later use by get_link()
+ */
+ OBD_ALLOC(lli->lli_symlink_name, strlen(tgt) + 1);
+ /* do not return an error if we cannot
+ * cache the symlink locally
+ */
+ if (lli->lli_symlink_name)
+ memcpy(lli->lli_symlink_name,
+ tgt, strlen(tgt) + 1);
+ }
}
- if (!(sbi->ll_flags & LL_SBI_FILE_SECCTX)) {
+ if (!test_bit(LL_SBI_FILE_SECCTX, sbi->ll_flags)) {
err = ll_inode_init_security(dchild, inode, dir);
if (err)
GOTO(err_exit, err);
const char *oldpath)
{
ktime_t kstart = ktime_get();
+ int len = strlen(oldpath);
+ struct llcrypt_str disk_link;
int err;
ENTRY;
CDEBUG(D_VFSTRACE, "VFS Op:name=%pd, dir="DFID"(%p), target=%.*s\n",
dchild, PFID(ll_inode2fid(dir)), dir, 3000, oldpath);
- err = ll_new_node(dir, dchild, oldpath, S_IFLNK | S_IRWXUGO, 0,
- LUSTRE_OPC_SYMLINK);
+ err = llcrypt_prepare_symlink(dir, oldpath, len, dir->i_sb->s_blocksize,
+ &disk_link);
+ if (err)
+ RETURN(err);
+
+ err = ll_new_node(dir, dchild, oldpath, S_IFLNK | S_IRWXUGO,
+ (__u64)&disk_link, LUSTRE_OPC_SYMLINK);
+
+ if (disk_link.name != (unsigned char *)oldpath)
+ kfree(disk_link.name);
if (!err)
ll_stats_ops_tally(ll_i2sbi(dir), LPROC_LL_SYMLINK,
if (dchild->d_inode != NULL)
op_data->op_fid3 = *ll_inode2fid(dchild->d_inode);
- op_data->op_fid2 = op_data->op_fid3;
+ if (fid_is_zero(&op_data->op_fid2))
+ op_data->op_fid2 = op_data->op_fid3;
rc = md_unlink(ll_i2sbi(dir)->ll_md_exp, op_data, &request);
ll_finish_md_op_data(op_data);
if (!rc) {
ll_i2info(dchild->d_inode)->lli_clob &&
dirty_cnt(dchild->d_inode))
op_data->op_cli_flags |= CLI_DIRTY_DATA;
- op_data->op_fid2 = op_data->op_fid3;
+ if (fid_is_zero(&op_data->op_fid2))
+ op_data->op_fid2 = op_data->op_fid3;
rc = md_unlink(ll_i2sbi(dir)->ll_md_exp, op_data, &request);
ll_finish_md_op_data(op_data);
if (rc)
#endif
)
{
- struct qstr *src_name = &src_dchild->d_name;
- struct qstr *tgt_name = &tgt_dchild->d_name;
struct ptlrpc_request *request = NULL;
struct ll_sb_info *sbi = ll_i2sbi(src);
struct md_op_data *op_data;
ktime_t kstart = ktime_get();
umode_t mode = 0;
+ struct llcrypt_name foldname, fnewname;
int err;
ENTRY;
if (tgt_dchild->d_inode)
op_data->op_fid4 = *ll_inode2fid(tgt_dchild->d_inode);
+ err = ll_setup_filename(src, &src_dchild->d_name, 1, &foldname, NULL);
+ if (err)
+ RETURN(err);
+ err = ll_setup_filename(tgt, &tgt_dchild->d_name, 1, &fnewname, NULL);
+ if (err) {
+ llcrypt_free_filename(&foldname);
+ RETURN(err);
+ }
err = md_rename(sbi->ll_md_exp, op_data,
- src_name->name, src_name->len,
- tgt_name->name, tgt_name->len, &request);
+ foldname.disk_name.name, foldname.disk_name.len,
+ fnewname.disk_name.name, fnewname.disk_name.len,
+ &request);
+ llcrypt_free_filename(&foldname);
+ llcrypt_free_filename(&fnewname);
ll_finish_md_op_data(op_data);
if (!err) {
ll_update_times(request, src);
git://git.whamcloud.com / fs / lustre-release.git / blobdiff