LU-15408 sec: confirm encrypted file's hash

It is a good practice to always confirm on server side the encrypted
file's hash included in the digested form sent by the client.

Fixes: ed4a625d88 ("LU-13717 sec: filename encryption - digest support")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I42212a36b23e4e6e41184a78fa8244c5e2d8dd1f
Reviewed-on: https://review.whamcloud.com/45964
Tested-by: jenkins <devops@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Patrick Farrell <pfarrell@whamcloud.com>
Reviewed-by: John L. Hammond <jhammond@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

diff --git a/lustre/mdt/mdt_handler.c b/lustre/mdt/mdt_handler.c
index cc5a870..50abf84 100644 (file)
--- a/lustre/mdt/mdt_handler.c
+++ b/lustre/mdt/mdt_handler.c
@@ -1914,15 +1914,13 @@ lookup:
  * \param lname encoded hash to find
  * \param parent parent object
  * \param child object to search with LinkEA
- * \param force_check true to check hash even if LinkEA has only one entry
  *
  * \retval 1 match found
  * \retval 0 no match found
  * \retval -ev negative errno upon error
  */
 int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
-                           struct mdt_object *parent, struct mdt_object *child,
-                           bool force_check)
+                           struct mdt_object *parent, struct mdt_object *child)
 {
        /* Here, lname is an encoded hash of on-disk name, and
         * client is doing access without encryption key.
@@ -1936,7 +1934,7 @@ int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
        struct link_ea_header *leh;
        struct link_ea_entry *lee;
        struct lu_buf link = { 0 };
-       char *hash = NULL;
+       char *hash;
        int reclen, count, rc;
 
        ENTRY;
@@ -1953,21 +1951,15 @@ int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
        if (rc < 0)
                RETURN(rc);
 
+       hash = kmalloc(lname->ln_namelen, GFP_NOFS);
+       if (!hash)
+               RETURN(-ENOMEM);
+       rc = critical_decode(lname->ln_name, lname->ln_namelen, hash);
+
        leh = buf->lb_buf;
-       if (force_check || leh->leh_reccount > 1) {
-               hash = kmalloc(lname->ln_namelen, GFP_NOFS);
-               if (!hash)
-                       RETURN(-ENOMEM);
-               rc = critical_decode(lname->ln_name, lname->ln_namelen, hash);
-       }
        lee = (struct link_ea_entry *)(leh + 1);
        for (count = 0; count < leh->leh_reccount; count++) {
                linkea_entry_unpack(lee, &reclen, &name, &pfid);
-               if (!force_check && leh->leh_reccount == 1) {
-                       /* if there is only one rec, it has to be it */
-                       *lname = name;
-                       break;
-               }
                if (!parent || lu_fid_eq(&pfid, mdt_object_fid(parent))) {
                        lu_buf_check_and_alloc(&link, name.ln_namelen);
                        if (!link.lb_buf)
@@ -2238,7 +2230,7 @@ static int mdt_getattr_name_lock(struct mdt_thread_info *info,
                 * So we need to compare name hash with the one in the request.
                 */
                if (!find_name_matching_hash(info, lname, parent,
-                                            child, true)) {
+                                            child)) {
                        mdt_set_disposition(info, ldlm_rep, DISP_LOOKUP_NEG);
                        mdt_clear_disposition(info, ldlm_rep, DISP_LOOKUP_POS);
                        GOTO(out_child, rc = -ENOENT);

diff --git a/lustre/mdt/mdt_internal.h b/lustre/mdt/mdt_internal.h
index 3812e9e..2726f86 100644 (file)
--- a/lustre/mdt/mdt_internal.h
+++ b/lustre/mdt/mdt_internal.h
@@ -925,8 +925,7 @@ int mdt_layout_change(struct mdt_thread_info *info, struct mdt_object *obj,
                      struct mdt_lock_handle *lhc,
                      struct md_layout_change *spec);
 int find_name_matching_hash(struct mdt_thread_info *info, struct lu_name *lname,
-                           struct mdt_object *parent, struct mdt_object *child,
-                           bool force_check);
+                          struct mdt_object *parent, struct mdt_object *child);
 int mdt_device_sync(const struct lu_env *env, struct mdt_device *mdt);
 
 struct lu_buf *mdt_buf(const struct lu_env *env, void *area, ssize_t len);

diff --git a/lustre/mdt/mdt_reint.c b/lustre/mdt/mdt_reint.c
index 8b36314..07b8818 100644 (file)
--- a/lustre/mdt/mdt_reint.c
+++ b/lustre/mdt/mdt_reint.c
@@ -1185,7 +1185,7 @@ relock:
                 * hash. So find name that matches provided hash.
                 */
                if (!find_name_matching_hash(info, &rr->rr_name,
-                                            NULL, mc, false))
+                                            NULL, mc))
                        GOTO(put_child, rc = -ENOENT);
        }