| Message ID | 20210120182847.644850-16-jlayton@kernel.org |
|---|---|
| State | New |
| Headers | show |
| Series | ceph+fscrypt: context, filename and symlink support | expand |
Jeff Layton <jlayton@kernel.org> writes: > If we have a dentry which represents a no-key name, then we need to test > whether the parent directory's encryption key has since been added. Do > that before we test anything else about the dentry. > > Signed-off-by: Jeff Layton <jlayton@kernel.org> > --- > fs/ceph/dir.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c > index 236c381ab6bd..cb7ff91a243a 100644 > --- a/fs/ceph/dir.c > +++ b/fs/ceph/dir.c > @@ -1726,6 +1726,10 @@ static int ceph_d_revalidate(struct dentry *dentry, unsigned int flags) > dout("d_revalidate %p '%pd' inode %p offset 0x%llx\n", dentry, > dentry, inode, ceph_dentry(dentry)->offset); > > + valid = fscrypt_d_revalidate(dentry, flags); > + if (valid <= 0) > + return valid; > + This one took me a while to figure out, but eventually got there. Initially I was seeing this error: crypt: ceph: 1 inode(s) still busy after removing key with identifier f019f4a1c5d5665675218f89fccfa3c7, including ino 1099511627791 and, when umounting the filesystem I would get the warning in fs/dcache.c:1623. Anyway, the patch below should fix it. Unfortunately I didn't had a lot of time to look into the -experimental branch yet. On my TODO list for the next few days. Cheers, -- Luis diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index ae0890be0c9d..d3ac39c6645f 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1781,7 +1781,7 @@ static int ceph_d_revalidate(struct dentry *dentry, unsigned int flags) valid = fscrypt_d_revalidate(dentry, flags); if (valid <= 0) - return valid; + goto out; mdsc = ceph_sb_to_client(dir->i_sb)->mdsc; @@ -1853,6 +1853,7 @@ static int ceph_d_revalidate(struct dentry *dentry, unsigned int flags) if (!valid) ceph_dir_clear_complete(dir); +out: if (!(flags & LOOKUP_RCU)) dput(parent); return valid; > mdsc = ceph_sb_to_client(dir->i_sb)->mdsc; > > /* always trust cached snapped dentries, snapdir dentry */ > -- > > 2.29.2 >
On Mon, 2021-02-01 at 17:18 +0000, Luis Henriques wrote: > Jeff Layton <jlayton@kernel.org> writes: > > > If we have a dentry which represents a no-key name, then we need to test > > whether the parent directory's encryption key has since been added. Do > > that before we test anything else about the dentry. > > > > Signed-off-by: Jeff Layton <jlayton@kernel.org> > > --- > > fs/ceph/dir.c | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c > > index 236c381ab6bd..cb7ff91a243a 100644 > > --- a/fs/ceph/dir.c > > +++ b/fs/ceph/dir.c > > @@ -1726,6 +1726,10 @@ static int ceph_d_revalidate(struct dentry *dentry, unsigned int flags) > > dout("d_revalidate %p '%pd' inode %p offset 0x%llx\n", dentry, > > dentry, inode, ceph_dentry(dentry)->offset); > > > > > > + valid = fscrypt_d_revalidate(dentry, flags); > > + if (valid <= 0) > > + return valid; > > + > > This one took me a while to figure out, but eventually got there. > Initially I was seeing this error: > > crypt: ceph: 1 inode(s) still busy after removing key with identifier f019f4a1c5d5665675218f89fccfa3c7, including ino 1099511627791 > > and, when umounting the filesystem I would get the warning in > fs/dcache.c:1623. > > Anyway, the patch below should fix it. > > Unfortunately I didn't had a lot of time to look into the -experimental > branch yet. On my TODO list for the next few days. > > Cheers, Well spotted! I think the better fix though is to just move the fscrypt_d_revalidate call up before the point where we take the parent reference. I'll fix that up in my tree. Thanks for tracking that down! -- Jeff Layton <jlayton@kernel.org>
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 236c381ab6bd..cb7ff91a243a 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1726,6 +1726,10 @@ static int ceph_d_revalidate(struct dentry *dentry, unsigned int flags) dout("d_revalidate %p '%pd' inode %p offset 0x%llx\n", dentry, dentry, inode, ceph_dentry(dentry)->offset); + valid = fscrypt_d_revalidate(dentry, flags); + if (valid <= 0) + return valid; + mdsc = ceph_sb_to_client(dir->i_sb)->mdsc; /* always trust cached snapped dentries, snapdir dentry */
If we have a dentry which represents a no-key name, then we need to test whether the parent directory's encryption key has since been added. Do that before we test anything else about the dentry. Signed-off-by: Jeff Layton <jlayton@kernel.org> --- fs/ceph/dir.c | 4 ++++ 1 file changed, 4 insertions(+)