[RFC,v7,06/24] ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces

...and store them in the ceph_inode_info.

Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
 fs/ceph/file.c       |  2 ++
 fs/ceph/inode.c      | 18 ++++++++++++++++++
 fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
 fs/ceph/mds_client.h |  4 ++++
 fs/ceph/super.h      |  6 ++++++
 5 files changed, 74 insertions(+)

On 6/25/21 9:58 PM, Jeff Layton wrote:
> ...and store them in the ceph_inode_info.

>

> Signed-off-by: Jeff Layton <jlayton@kernel.org>

> ---

>   fs/ceph/file.c       |  2 ++

>   fs/ceph/inode.c      | 18 ++++++++++++++++++

>   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

>   fs/ceph/mds_client.h |  4 ++++

>   fs/ceph/super.h      |  6 ++++++

>   5 files changed, 74 insertions(+)

>

> diff --git a/fs/ceph/file.c b/fs/ceph/file.c

> index 2cda398ba64d..ea0e85075b7b 100644

> --- a/fs/ceph/file.c

> +++ b/fs/ceph/file.c

> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

>   	iinfo.xattr_data = xattr_buf;

>   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

>   

> +	/* FIXME: set fscrypt_auth and fscrypt_file */

> +

>   	in.ino = cpu_to_le64(vino.ino);

>   	in.snapid = cpu_to_le64(CEPH_NOSNAP);

>   	in.version = cpu_to_le64(1);	// ???

> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

> index f62785e4dbcb..b620281ea65b 100644

> --- a/fs/ceph/inode.c

> +++ b/fs/ceph/inode.c

> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

>   

>   	ci->i_meta_err = 0;

>   

> +#ifdef CONFIG_FS_ENCRYPTION

> +	ci->fscrypt_auth = NULL;

> +	ci->fscrypt_auth_len = 0;

> +	ci->fscrypt_file = NULL;

> +	ci->fscrypt_file_len = 0;

> +#endif

> +

>   	return &ci->vfs_inode;

>   }

>   

> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

>   	struct ceph_inode_info *ci = ceph_inode(inode);

>   

>   	kfree(ci->i_symlink);

> +#ifdef CONFIG_FS_ENCRYPTION

> +	kfree(ci->fscrypt_auth);

> +#endif

>   	kmem_cache_free(ceph_inode_cachep, ci);

>   }

>   

> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

>   		xattr_blob = NULL;

>   	}

>   

> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

> +		ci->fscrypt_auth = iinfo->fscrypt_auth;

> +		iinfo->fscrypt_auth = NULL;

> +		iinfo->fscrypt_auth_len = 0;

> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

> +	}

> +

>   	/* finally update i_version */

>   	if (le64_to_cpu(info->version) > ci->i_version)

>   		ci->i_version = le64_to_cpu(info->version);

> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c

> index 3b3a14024ca0..9c994effc51d 100644

> --- a/fs/ceph/mds_client.c

> +++ b/fs/ceph/mds_client.c

> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,

>   			info->rsnaps = 0;

>   		}

>   

> +		if (struct_v >= 5) {

> +			u32 alen;

> +

> +			ceph_decode_32_safe(p, end, alen, bad);

> +

> +			while (alen--) {

> +				u32 len;

> +

> +				/* key */

> +				ceph_decode_32_safe(p, end, len, bad);

> +				ceph_decode_skip_n(p, end, len, bad);

> +				/* value */

> +				ceph_decode_32_safe(p, end, len, bad);

> +				ceph_decode_skip_n(p, end, len, bad);

> +			}

> +		}

> +

> +		/* fscrypt flag -- ignore */

> +		if (struct_v >= 6)

> +			ceph_decode_skip_8(p, end, bad);

> +

> +		if (struct_v >= 7) {

> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);

> +			if (info->fscrypt_auth_len) {

> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);

> +				if (!info->fscrypt_auth)

> +					return -ENOMEM;

> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,

> +						      info->fscrypt_auth_len, bad);

> +			}

> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);

> +			if (info->fscrypt_file_len) {

> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);

> +				if (!info->fscrypt_file)

> +					return -ENOMEM;


Should we kfree(info->fscrypt_auth) before return ?

I didn't anywhere is freeing it.

Thanks.


> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,

> +						      info->fscrypt_file_len, bad);

> +			}

> +		}

>   		*p = end;

>   	} else {

> +		/* legacy (unversioned) struct */

>   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {

>   			ceph_decode_64_safe(p, end, info->inline_version, bad);

>   			ceph_decode_32_safe(p, end, info->inline_len, bad);

> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

>   

>   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

>   {

> +	kfree(info->diri.fscrypt_auth);

> +	kfree(info->diri.fscrypt_file);

> +	kfree(info->targeti.fscrypt_auth);

> +	kfree(info->targeti.fscrypt_file);

>   	if (!info->dir_entries)

>   		return;

>   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h

> index 64ea9d853b8d..0c3cc61fd038 100644

> --- a/fs/ceph/mds_client.h

> +++ b/fs/ceph/mds_client.h

> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {

>   	s32 dir_pin;

>   	struct ceph_timespec btime;

>   	struct ceph_timespec snap_btime;

> +	u8 *fscrypt_auth;

> +	u8 *fscrypt_file;

> +	u32 fscrypt_auth_len;

> +	u32 fscrypt_file_len;

>   	u64 rsnaps;

>   	u64 change_attr;

>   };

> diff --git a/fs/ceph/super.h b/fs/ceph/super.h

> index 0cd94b296f5f..e032737fe472 100644

> --- a/fs/ceph/super.h

> +++ b/fs/ceph/super.h

> @@ -429,6 +429,12 @@ struct ceph_inode_info {

>   

>   #ifdef CONFIG_CEPH_FSCACHE

>   	struct fscache_cookie *fscache;

> +#endif

> +#ifdef CONFIG_FS_ENCRYPTION

> +	u32 fscrypt_auth_len;

> +	u32 fscrypt_file_len;

> +	u8 *fscrypt_auth;

> +	u8 *fscrypt_file;

>   #endif

>   	errseq_t i_meta_err;

>

On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:
> ...and store them in the ceph_inode_info.

> 

> Signed-off-by: Jeff Layton <jlayton@kernel.org>

> ---

>  fs/ceph/file.c       |  2 ++

>  fs/ceph/inode.c      | 18 ++++++++++++++++++

>  fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

>  fs/ceph/mds_client.h |  4 ++++

>  fs/ceph/super.h      |  6 ++++++

>  5 files changed, 74 insertions(+)

> 

> diff --git a/fs/ceph/file.c b/fs/ceph/file.c

> index 2cda398ba64d..ea0e85075b7b 100644

> --- a/fs/ceph/file.c

> +++ b/fs/ceph/file.c

> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

>  	iinfo.xattr_data = xattr_buf;

>  	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

>  

> +	/* FIXME: set fscrypt_auth and fscrypt_file */

> +

>  	in.ino = cpu_to_le64(vino.ino);

>  	in.snapid = cpu_to_le64(CEPH_NOSNAP);

>  	in.version = cpu_to_le64(1);	// ???

> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

> index f62785e4dbcb..b620281ea65b 100644

> --- a/fs/ceph/inode.c

> +++ b/fs/ceph/inode.c

> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

>  

>  	ci->i_meta_err = 0;

>  

> +#ifdef CONFIG_FS_ENCRYPTION

> +	ci->fscrypt_auth = NULL;

> +	ci->fscrypt_auth_len = 0;

> +	ci->fscrypt_file = NULL;

> +	ci->fscrypt_file_len = 0;

> +#endif

> +

>  	return &ci->vfs_inode;

>  }

>  

> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

>  	struct ceph_inode_info *ci = ceph_inode(inode);

>  

>  	kfree(ci->i_symlink);

> +#ifdef CONFIG_FS_ENCRYPTION

> +	kfree(ci->fscrypt_auth);

> +#endif

>  	kmem_cache_free(ceph_inode_cachep, ci);

>  }

>  

> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

>  		xattr_blob = NULL;

>  	}

>  

> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

> +		ci->fscrypt_auth = iinfo->fscrypt_auth;

> +		iinfo->fscrypt_auth = NULL;

> +		iinfo->fscrypt_auth_len = 0;

> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

> +	}


I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth
is already set.  Something like:

	if (iinfo->fscrypt_auth_len) {
		if (!ci->fscrypt_auth) {
			...
		} else {
			kfree(iinfo->fscrypt_auth);
			iinfo->fscrypt_auth = NULL;
		}
	}

> +

>  	/* finally update i_version */

>  	if (le64_to_cpu(info->version) > ci->i_version)

>  		ci->i_version = le64_to_cpu(info->version);

> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c

> index 3b3a14024ca0..9c994effc51d 100644

> --- a/fs/ceph/mds_client.c

> +++ b/fs/ceph/mds_client.c

> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,

>  			info->rsnaps = 0;

>  		}

>  

> +		if (struct_v >= 5) {

> +			u32 alen;

> +

> +			ceph_decode_32_safe(p, end, alen, bad);

> +

> +			while (alen--) {

> +				u32 len;

> +

> +				/* key */

> +				ceph_decode_32_safe(p, end, len, bad);

> +				ceph_decode_skip_n(p, end, len, bad);

> +				/* value */

> +				ceph_decode_32_safe(p, end, len, bad);

> +				ceph_decode_skip_n(p, end, len, bad);

> +			}

> +		}

> +

> +		/* fscrypt flag -- ignore */

> +		if (struct_v >= 6)

> +			ceph_decode_skip_8(p, end, bad);

> +

> +		if (struct_v >= 7) {

> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);

> +			if (info->fscrypt_auth_len) {

> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);

> +				if (!info->fscrypt_auth)

> +					return -ENOMEM;

> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,

> +						      info->fscrypt_auth_len, bad);

> +			}

> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);

> +			if (info->fscrypt_file_len) {

> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);

> +				if (!info->fscrypt_file)

> +					return -ENOMEM;


As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing
in this error path.

Cheers,
--
Luís

> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,

> +						      info->fscrypt_file_len, bad);

> +			}

> +		}

>  		*p = end;

>  	} else {

> +		/* legacy (unversioned) struct */

>  		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {

>  			ceph_decode_64_safe(p, end, info->inline_version, bad);

>  			ceph_decode_32_safe(p, end, info->inline_len, bad);

> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

>  

>  static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

>  {

> +	kfree(info->diri.fscrypt_auth);

> +	kfree(info->diri.fscrypt_file);

> +	kfree(info->targeti.fscrypt_auth);

> +	kfree(info->targeti.fscrypt_file);

>  	if (!info->dir_entries)

>  		return;

>  	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h

> index 64ea9d853b8d..0c3cc61fd038 100644

> --- a/fs/ceph/mds_client.h

> +++ b/fs/ceph/mds_client.h

> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {

>  	s32 dir_pin;

>  	struct ceph_timespec btime;

>  	struct ceph_timespec snap_btime;

> +	u8 *fscrypt_auth;

> +	u8 *fscrypt_file;

> +	u32 fscrypt_auth_len;

> +	u32 fscrypt_file_len;

>  	u64 rsnaps;

>  	u64 change_attr;

>  };

> diff --git a/fs/ceph/super.h b/fs/ceph/super.h

> index 0cd94b296f5f..e032737fe472 100644

> --- a/fs/ceph/super.h

> +++ b/fs/ceph/super.h

> @@ -429,6 +429,12 @@ struct ceph_inode_info {

>  

>  #ifdef CONFIG_CEPH_FSCACHE

>  	struct fscache_cookie *fscache;

> +#endif

> +#ifdef CONFIG_FS_ENCRYPTION

> +	u32 fscrypt_auth_len;

> +	u32 fscrypt_file_len;

> +	u8 *fscrypt_auth;

> +	u8 *fscrypt_file;

>  #endif

>  	errseq_t i_meta_err;

>  

> -- 

> 2.31.1

>

On 7/7/21 6:47 PM, Luis Henriques wrote:
> On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:

>> ...and store them in the ceph_inode_info.

>>

>> Signed-off-by: Jeff Layton <jlayton@kernel.org>

>> ---

>>   fs/ceph/file.c       |  2 ++

>>   fs/ceph/inode.c      | 18 ++++++++++++++++++

>>   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

>>   fs/ceph/mds_client.h |  4 ++++

>>   fs/ceph/super.h      |  6 ++++++

>>   5 files changed, 74 insertions(+)

>>

>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c

>> index 2cda398ba64d..ea0e85075b7b 100644

>> --- a/fs/ceph/file.c

>> +++ b/fs/ceph/file.c

>> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

>>   	iinfo.xattr_data = xattr_buf;

>>   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

>>   

>> +	/* FIXME: set fscrypt_auth and fscrypt_file */

>> +

>>   	in.ino = cpu_to_le64(vino.ino);

>>   	in.snapid = cpu_to_le64(CEPH_NOSNAP);

>>   	in.version = cpu_to_le64(1);	// ???

>> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

>> index f62785e4dbcb..b620281ea65b 100644

>> --- a/fs/ceph/inode.c

>> +++ b/fs/ceph/inode.c

>> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

>>   

>>   	ci->i_meta_err = 0;

>>   

>> +#ifdef CONFIG_FS_ENCRYPTION

>> +	ci->fscrypt_auth = NULL;

>> +	ci->fscrypt_auth_len = 0;

>> +	ci->fscrypt_file = NULL;

>> +	ci->fscrypt_file_len = 0;

>> +#endif

>> +

>>   	return &ci->vfs_inode;

>>   }

>>   

>> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

>>   	struct ceph_inode_info *ci = ceph_inode(inode);

>>   

>>   	kfree(ci->i_symlink);

>> +#ifdef CONFIG_FS_ENCRYPTION

>> +	kfree(ci->fscrypt_auth);

>> +#endif

>>   	kmem_cache_free(ceph_inode_cachep, ci);

>>   }

>>   

>> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

>>   		xattr_blob = NULL;

>>   	}

>>   

>> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

>> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

>> +		ci->fscrypt_auth = iinfo->fscrypt_auth;

>> +		iinfo->fscrypt_auth = NULL;

>> +		iinfo->fscrypt_auth_len = 0;

>> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

>> +	}

> I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth

> is already set.  Something like:

>

> 	if (iinfo->fscrypt_auth_len) {

> 		if (!ci->fscrypt_auth) {

> 			...

> 		} else {

> 			kfree(iinfo->fscrypt_auth);

> 			iinfo->fscrypt_auth = NULL;

> 		}

> 	}

>

IMO, this should be okay because it will be freed in 
destroy_reply_info() when putting the request.


>> +

>>   	/* finally update i_version */

>>   	if (le64_to_cpu(info->version) > ci->i_version)

>>   		ci->i_version = le64_to_cpu(info->version);

>> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c

>> index 3b3a14024ca0..9c994effc51d 100644

>> --- a/fs/ceph/mds_client.c

>> +++ b/fs/ceph/mds_client.c

>> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,

>>   			info->rsnaps = 0;

>>   		}

>>   

>> +		if (struct_v >= 5) {

>> +			u32 alen;

>> +

>> +			ceph_decode_32_safe(p, end, alen, bad);

>> +

>> +			while (alen--) {

>> +				u32 len;

>> +

>> +				/* key */

>> +				ceph_decode_32_safe(p, end, len, bad);

>> +				ceph_decode_skip_n(p, end, len, bad);

>> +				/* value */

>> +				ceph_decode_32_safe(p, end, len, bad);

>> +				ceph_decode_skip_n(p, end, len, bad);

>> +			}

>> +		}

>> +

>> +		/* fscrypt flag -- ignore */

>> +		if (struct_v >= 6)

>> +			ceph_decode_skip_8(p, end, bad);

>> +

>> +		if (struct_v >= 7) {

>> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);

>> +			if (info->fscrypt_auth_len) {

>> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);

>> +				if (!info->fscrypt_auth)

>> +					return -ENOMEM;

>> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,

>> +						      info->fscrypt_auth_len, bad);

>> +			}

>> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);

>> +			if (info->fscrypt_file_len) {

>> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);

>> +				if (!info->fscrypt_file)

>> +					return -ENOMEM;

> As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing

> in this error path.

>

> Cheers,

> --

> Luís

>

>> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,

>> +						      info->fscrypt_file_len, bad);

>> +			}

>> +		}

>>   		*p = end;

>>   	} else {

>> +		/* legacy (unversioned) struct */

>>   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {

>>   			ceph_decode_64_safe(p, end, info->inline_version, bad);

>>   			ceph_decode_32_safe(p, end, info->inline_len, bad);

>> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

>>   

>>   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

>>   {

>> +	kfree(info->diri.fscrypt_auth);

>> +	kfree(info->diri.fscrypt_file);

>> +	kfree(info->targeti.fscrypt_auth);

>> +	kfree(info->targeti.fscrypt_file);

>>   	if (!info->dir_entries)

>>   		return;

>>   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

>> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h

>> index 64ea9d853b8d..0c3cc61fd038 100644

>> --- a/fs/ceph/mds_client.h

>> +++ b/fs/ceph/mds_client.h

>> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {

>>   	s32 dir_pin;

>>   	struct ceph_timespec btime;

>>   	struct ceph_timespec snap_btime;

>> +	u8 *fscrypt_auth;

>> +	u8 *fscrypt_file;

>> +	u32 fscrypt_auth_len;

>> +	u32 fscrypt_file_len;

>>   	u64 rsnaps;

>>   	u64 change_attr;

>>   };

>> diff --git a/fs/ceph/super.h b/fs/ceph/super.h

>> index 0cd94b296f5f..e032737fe472 100644

>> --- a/fs/ceph/super.h

>> +++ b/fs/ceph/super.h

>> @@ -429,6 +429,12 @@ struct ceph_inode_info {

>>   

>>   #ifdef CONFIG_CEPH_FSCACHE

>>   	struct fscache_cookie *fscache;

>> +#endif

>> +#ifdef CONFIG_FS_ENCRYPTION

>> +	u32 fscrypt_auth_len;

>> +	u32 fscrypt_file_len;

>> +	u8 *fscrypt_auth;

>> +	u8 *fscrypt_file;

>>   #endif

>>   	errseq_t i_meta_err;

>>   

>> -- 

>> 2.31.1

>>

On Wed, 2021-07-07 at 11:53 +0800, Xiubo Li wrote:
> On 6/25/21 9:58 PM, Jeff Layton wrote:

> > ...and store them in the ceph_inode_info.

> > 

> > Signed-off-by: Jeff Layton <jlayton@kernel.org>

> > ---

> >   fs/ceph/file.c       |  2 ++

> >   fs/ceph/inode.c      | 18 ++++++++++++++++++

> >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

> >   fs/ceph/mds_client.h |  4 ++++

> >   fs/ceph/super.h      |  6 ++++++

> >   5 files changed, 74 insertions(+)

> > 

> > diff --git a/fs/ceph/file.c b/fs/ceph/file.c

> > index 2cda398ba64d..ea0e85075b7b 100644

> > --- a/fs/ceph/file.c

> > +++ b/fs/ceph/file.c

> > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

> >   	iinfo.xattr_data = xattr_buf;

> >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

> >   

> > +	/* FIXME: set fscrypt_auth and fscrypt_file */

> > +

> >   	in.ino = cpu_to_le64(vino.ino);

> >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);

> >   	in.version = cpu_to_le64(1);	// ???

> > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

> > index f62785e4dbcb..b620281ea65b 100644

> > --- a/fs/ceph/inode.c

> > +++ b/fs/ceph/inode.c

> > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

> >   

> >   	ci->i_meta_err = 0;

> >   

> > +#ifdef CONFIG_FS_ENCRYPTION

> > +	ci->fscrypt_auth = NULL;

> > +	ci->fscrypt_auth_len = 0;

> > +	ci->fscrypt_file = NULL;

> > +	ci->fscrypt_file_len = 0;

> > +#endif

> > +

> >   	return &ci->vfs_inode;

> >   }

> >   

> > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

> >   	struct ceph_inode_info *ci = ceph_inode(inode);

> >   

> >   	kfree(ci->i_symlink);

> > +#ifdef CONFIG_FS_ENCRYPTION

> > +	kfree(ci->fscrypt_auth);

> > +#endif

> >   	kmem_cache_free(ceph_inode_cachep, ci);

> >   }

> >   

> > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

> >   		xattr_blob = NULL;

> >   	}

> >   

> > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

> > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

> > +		ci->fscrypt_auth = iinfo->fscrypt_auth;

> > +		iinfo->fscrypt_auth = NULL;

> > +		iinfo->fscrypt_auth_len = 0;

> > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

> > +	}

> > +

> >   	/* finally update i_version */

> >   	if (le64_to_cpu(info->version) > ci->i_version)

> >   		ci->i_version = le64_to_cpu(info->version);

> > diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c

> > index 3b3a14024ca0..9c994effc51d 100644

> > --- a/fs/ceph/mds_client.c

> > +++ b/fs/ceph/mds_client.c

> > @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,

> >   			info->rsnaps = 0;

> >   		}

> >   

> > +		if (struct_v >= 5) {

> > +			u32 alen;

> > +

> > +			ceph_decode_32_safe(p, end, alen, bad);

> > +

> > +			while (alen--) {

> > +				u32 len;

> > +

> > +				/* key */

> > +				ceph_decode_32_safe(p, end, len, bad);

> > +				ceph_decode_skip_n(p, end, len, bad);

> > +				/* value */

> > +				ceph_decode_32_safe(p, end, len, bad);

> > +				ceph_decode_skip_n(p, end, len, bad);

> > +			}

> > +		}

> > +

> > +		/* fscrypt flag -- ignore */

> > +		if (struct_v >= 6)

> > +			ceph_decode_skip_8(p, end, bad);

> > +

> > +		if (struct_v >= 7) {

> > +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);

> > +			if (info->fscrypt_auth_len) {

> > +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);

> > +				if (!info->fscrypt_auth)

> > +					return -ENOMEM;

> > +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,

> > +						      info->fscrypt_auth_len, bad);

> > +			}

> > +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);

> > +			if (info->fscrypt_file_len) {

> > +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);

> > +				if (!info->fscrypt_file)

> > +					return -ENOMEM;

> 

> Should we kfree(info->fscrypt_auth) before return ?

> 

> I didn't anywhere is freeing it.

> 


It'll get freed in destroy_reply_info(). We could do it here, but it
should be fine to wait until we're tearing the "info" structure down.

> 

> 

> > +				ceph_decode_copy_safe(p, end, info->fscrypt_file,

> > +						      info->fscrypt_file_len, bad);

> > +			}

> > +		}

> >   		*p = end;

> >   	} else {

> > +		/* legacy (unversioned) struct */

> >   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {

> >   			ceph_decode_64_safe(p, end, info->inline_version, bad);

> >   			ceph_decode_32_safe(p, end, info->inline_len, bad);

> > @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

> >   

> >   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

> >   {

> > +	kfree(info->diri.fscrypt_auth);

> > +	kfree(info->diri.fscrypt_file);

> > +	kfree(info->targeti.fscrypt_auth);

> > +	kfree(info->targeti.fscrypt_file);

> >   	if (!info->dir_entries)

> >   		return;

> >   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

> > diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h

> > index 64ea9d853b8d..0c3cc61fd038 100644

> > --- a/fs/ceph/mds_client.h

> > +++ b/fs/ceph/mds_client.h

> > @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {

> >   	s32 dir_pin;

> >   	struct ceph_timespec btime;

> >   	struct ceph_timespec snap_btime;

> > +	u8 *fscrypt_auth;

> > +	u8 *fscrypt_file;

> > +	u32 fscrypt_auth_len;

> > +	u32 fscrypt_file_len;

> >   	u64 rsnaps;

> >   	u64 change_attr;

> >   };

> > diff --git a/fs/ceph/super.h b/fs/ceph/super.h

> > index 0cd94b296f5f..e032737fe472 100644

> > --- a/fs/ceph/super.h

> > +++ b/fs/ceph/super.h

> > @@ -429,6 +429,12 @@ struct ceph_inode_info {

> >   

> >   #ifdef CONFIG_CEPH_FSCACHE

> >   	struct fscache_cookie *fscache;

> > +#endif

> > +#ifdef CONFIG_FS_ENCRYPTION

> > +	u32 fscrypt_auth_len;

> > +	u32 fscrypt_file_len;

> > +	u8 *fscrypt_auth;

> > +	u8 *fscrypt_file;

> >   #endif

> >   	errseq_t i_meta_err;

> >   

> 


-- 
Jeff Layton <jlayton@kernel.org>

On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:
> On 7/7/21 6:47 PM, Luis Henriques wrote:

> > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:

> > > ...and store them in the ceph_inode_info.

> > > 

> > > Signed-off-by: Jeff Layton <jlayton@kernel.org>

> > > ---

> > >   fs/ceph/file.c       |  2 ++

> > >   fs/ceph/inode.c      | 18 ++++++++++++++++++

> > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

> > >   fs/ceph/mds_client.h |  4 ++++

> > >   fs/ceph/super.h      |  6 ++++++

> > >   5 files changed, 74 insertions(+)

> > > 

> > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c

> > > index 2cda398ba64d..ea0e85075b7b 100644

> > > --- a/fs/ceph/file.c

> > > +++ b/fs/ceph/file.c

> > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

> > >   	iinfo.xattr_data = xattr_buf;

> > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

> > >   

> > > +	/* FIXME: set fscrypt_auth and fscrypt_file */

> > > +

> > >   	in.ino = cpu_to_le64(vino.ino);

> > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);

> > >   	in.version = cpu_to_le64(1);	// ???

> > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

> > > index f62785e4dbcb..b620281ea65b 100644

> > > --- a/fs/ceph/inode.c

> > > +++ b/fs/ceph/inode.c

> > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

> > >   

> > >   	ci->i_meta_err = 0;

> > >   

> > > +#ifdef CONFIG_FS_ENCRYPTION

> > > +	ci->fscrypt_auth = NULL;

> > > +	ci->fscrypt_auth_len = 0;

> > > +	ci->fscrypt_file = NULL;

> > > +	ci->fscrypt_file_len = 0;

> > > +#endif

> > > +

> > >   	return &ci->vfs_inode;

> > >   }

> > >   

> > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

> > >   	struct ceph_inode_info *ci = ceph_inode(inode);

> > >   

> > >   	kfree(ci->i_symlink);

> > > +#ifdef CONFIG_FS_ENCRYPTION

> > > +	kfree(ci->fscrypt_auth);

> > > +#endif

> > >   	kmem_cache_free(ceph_inode_cachep, ci);

> > >   }

> > >   

> > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

> > >   		xattr_blob = NULL;

> > >   	}

> > >   

> > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

> > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

> > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;

> > > +		iinfo->fscrypt_auth = NULL;

> > > +		iinfo->fscrypt_auth_len = 0;

> > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

> > > +	}

> > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth

> > is already set.  Something like:

> > 

> > 	if (iinfo->fscrypt_auth_len) {

> > 		if (!ci->fscrypt_auth) {

> > 			...

> > 		} else {

> > 			kfree(iinfo->fscrypt_auth);

> > 			iinfo->fscrypt_auth = NULL;

> > 		}

> > 	}

> > 

> IMO, this should be okay because it will be freed in 

> destroy_reply_info() when putting the request.

> 

> 


Yes. All of that should get cleaned up with the request.

> > > +

> > >   	/* finally update i_version */

> > >   	if (le64_to_cpu(info->version) > ci->i_version)

> > >   		ci->i_version = le64_to_cpu(info->version);

> > > diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c

> > > index 3b3a14024ca0..9c994effc51d 100644

> > > --- a/fs/ceph/mds_client.c

> > > +++ b/fs/ceph/mds_client.c

> > > @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,

> > >   			info->rsnaps = 0;

> > >   		}

> > >   

> > > +		if (struct_v >= 5) {

> > > +			u32 alen;

> > > +

> > > +			ceph_decode_32_safe(p, end, alen, bad);

> > > +

> > > +			while (alen--) {

> > > +				u32 len;

> > > +

> > > +				/* key */

> > > +				ceph_decode_32_safe(p, end, len, bad);

> > > +				ceph_decode_skip_n(p, end, len, bad);

> > > +				/* value */

> > > +				ceph_decode_32_safe(p, end, len, bad);

> > > +				ceph_decode_skip_n(p, end, len, bad);

> > > +			}

> > > +		}

> > > +

> > > +		/* fscrypt flag -- ignore */

> > > +		if (struct_v >= 6)

> > > +			ceph_decode_skip_8(p, end, bad);

> > > +

> > > +		if (struct_v >= 7) {

> > > +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);

> > > +			if (info->fscrypt_auth_len) {

> > > +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);

> > > +				if (!info->fscrypt_auth)

> > > +					return -ENOMEM;

> > > +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,

> > > +						      info->fscrypt_auth_len, bad);

> > > +			}

> > > +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);

> > > +			if (info->fscrypt_file_len) {

> > > +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);

> > > +				if (!info->fscrypt_file)

> > > +					return -ENOMEM;

> > As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing

> > in this error path.

> > 

> > Cheers,

> > --

> > Luís

> > 

> > > +				ceph_decode_copy_safe(p, end, info->fscrypt_file,

> > > +						      info->fscrypt_file_len, bad);

> > > +			}

> > > +		}

> > >   		*p = end;

> > >   	} else {

> > > +		/* legacy (unversioned) struct */

> > >   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {

> > >   			ceph_decode_64_safe(p, end, info->inline_version, bad);

> > >   			ceph_decode_32_safe(p, end, info->inline_len, bad);

> > > @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

> > >   

> > >   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

> > >   {

> > > +	kfree(info->diri.fscrypt_auth);

> > > +	kfree(info->diri.fscrypt_file);

> > > +	kfree(info->targeti.fscrypt_auth);

> > > +	kfree(info->targeti.fscrypt_file);

> > >   	if (!info->dir_entries)

> > >   		return;

> > >   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

> > > diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h

> > > index 64ea9d853b8d..0c3cc61fd038 100644

> > > --- a/fs/ceph/mds_client.h

> > > +++ b/fs/ceph/mds_client.h

> > > @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {

> > >   	s32 dir_pin;

> > >   	struct ceph_timespec btime;

> > >   	struct ceph_timespec snap_btime;

> > > +	u8 *fscrypt_auth;

> > > +	u8 *fscrypt_file;

> > > +	u32 fscrypt_auth_len;

> > > +	u32 fscrypt_file_len;

> > >   	u64 rsnaps;

> > >   	u64 change_attr;

> > >   };

> > > diff --git a/fs/ceph/super.h b/fs/ceph/super.h

> > > index 0cd94b296f5f..e032737fe472 100644

> > > --- a/fs/ceph/super.h

> > > +++ b/fs/ceph/super.h

> > > @@ -429,6 +429,12 @@ struct ceph_inode_info {

> > >   

> > >   #ifdef CONFIG_CEPH_FSCACHE

> > >   	struct fscache_cookie *fscache;

> > > +#endif

> > > +#ifdef CONFIG_FS_ENCRYPTION

> > > +	u32 fscrypt_auth_len;

> > > +	u32 fscrypt_file_len;

> > > +	u8 *fscrypt_auth;

> > > +	u8 *fscrypt_file;

> > >   #endif

> > >   	errseq_t i_meta_err;

> > >   

> > > -- 

> > > 2.31.1

> > > 

> 


-- 
Jeff Layton <jlayton@kernel.org>

On 7/7/21 8:09 PM, Jeff Layton wrote:
> On Wed, 2021-07-07 at 11:53 +0800, Xiubo Li wrote:

>> On 6/25/21 9:58 PM, Jeff Layton wrote:

>>> ...and store them in the ceph_inode_info.

>>>

>>> Signed-off-by: Jeff Layton <jlayton@kernel.org>

>>> ---

>>>    fs/ceph/file.c       |  2 ++

>>>    fs/ceph/inode.c      | 18 ++++++++++++++++++

>>>    fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

>>>    fs/ceph/mds_client.h |  4 ++++

>>>    fs/ceph/super.h      |  6 ++++++

>>>    5 files changed, 74 insertions(+)

>>>

>>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c

>>> index 2cda398ba64d..ea0e85075b7b 100644

>>> --- a/fs/ceph/file.c

>>> +++ b/fs/ceph/file.c

>>> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

>>>    	iinfo.xattr_data = xattr_buf;

>>>    	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

>>>    

>>> +	/* FIXME: set fscrypt_auth and fscrypt_file */

>>> +

>>>    	in.ino = cpu_to_le64(vino.ino);

>>>    	in.snapid = cpu_to_le64(CEPH_NOSNAP);

>>>    	in.version = cpu_to_le64(1);	// ???

>>> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

>>> index f62785e4dbcb..b620281ea65b 100644

>>> --- a/fs/ceph/inode.c

>>> +++ b/fs/ceph/inode.c

>>> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

>>>    

>>>    	ci->i_meta_err = 0;

>>>    

>>> +#ifdef CONFIG_FS_ENCRYPTION

>>> +	ci->fscrypt_auth = NULL;

>>> +	ci->fscrypt_auth_len = 0;

>>> +	ci->fscrypt_file = NULL;

>>> +	ci->fscrypt_file_len = 0;

>>> +#endif

>>> +

>>>    	return &ci->vfs_inode;

>>>    }

>>>    

>>> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

>>>    	struct ceph_inode_info *ci = ceph_inode(inode);

>>>    

>>>    	kfree(ci->i_symlink);

>>> +#ifdef CONFIG_FS_ENCRYPTION

>>> +	kfree(ci->fscrypt_auth);

>>> +#endif

>>>    	kmem_cache_free(ceph_inode_cachep, ci);

>>>    }

>>>    

>>> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

>>>    		xattr_blob = NULL;

>>>    	}

>>>    

>>> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

>>> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

>>> +		ci->fscrypt_auth = iinfo->fscrypt_auth;

>>> +		iinfo->fscrypt_auth = NULL;

>>> +		iinfo->fscrypt_auth_len = 0;

>>> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

>>> +	}

>>> +

>>>    	/* finally update i_version */

>>>    	if (le64_to_cpu(info->version) > ci->i_version)

>>>    		ci->i_version = le64_to_cpu(info->version);

>>> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c

>>> index 3b3a14024ca0..9c994effc51d 100644

>>> --- a/fs/ceph/mds_client.c

>>> +++ b/fs/ceph/mds_client.c

>>> @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,

>>>    			info->rsnaps = 0;

>>>    		}

>>>    

>>> +		if (struct_v >= 5) {

>>> +			u32 alen;

>>> +

>>> +			ceph_decode_32_safe(p, end, alen, bad);

>>> +

>>> +			while (alen--) {

>>> +				u32 len;

>>> +

>>> +				/* key */

>>> +				ceph_decode_32_safe(p, end, len, bad);

>>> +				ceph_decode_skip_n(p, end, len, bad);

>>> +				/* value */

>>> +				ceph_decode_32_safe(p, end, len, bad);

>>> +				ceph_decode_skip_n(p, end, len, bad);

>>> +			}

>>> +		}

>>> +

>>> +		/* fscrypt flag -- ignore */

>>> +		if (struct_v >= 6)

>>> +			ceph_decode_skip_8(p, end, bad);

>>> +

>>> +		if (struct_v >= 7) {

>>> +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);

>>> +			if (info->fscrypt_auth_len) {

>>> +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);

>>> +				if (!info->fscrypt_auth)

>>> +					return -ENOMEM;

>>> +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,

>>> +						      info->fscrypt_auth_len, bad);

>>> +			}

>>> +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);

>>> +			if (info->fscrypt_file_len) {

>>> +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);

>>> +				if (!info->fscrypt_file)

>>> +					return -ENOMEM;

>> Should we kfree(info->fscrypt_auth) before return ?

>>

>> I didn't anywhere is freeing it.

>>

> It'll get freed in destroy_reply_info(). We could do it here, but it

> should be fine to wait until we're tearing the "info" structure down.

>

Yeah, I just missed the destory_reply_info() code that time.



>>

>>> +				ceph_decode_copy_safe(p, end, info->fscrypt_file,

>>> +						      info->fscrypt_file_len, bad);

>>> +			}

>>> +		}

>>>    		*p = end;

>>>    	} else {

>>> +		/* legacy (unversioned) struct */

>>>    		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {

>>>    			ceph_decode_64_safe(p, end, info->inline_version, bad);

>>>    			ceph_decode_32_safe(p, end, info->inline_len, bad);

>>> @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

>>>    

>>>    static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

>>>    {

>>> +	kfree(info->diri.fscrypt_auth);

>>> +	kfree(info->diri.fscrypt_file);

>>> +	kfree(info->targeti.fscrypt_auth);

>>> +	kfree(info->targeti.fscrypt_file);

>>>    	if (!info->dir_entries)

>>>    		return;

>>>    	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

>>> diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h

>>> index 64ea9d853b8d..0c3cc61fd038 100644

>>> --- a/fs/ceph/mds_client.h

>>> +++ b/fs/ceph/mds_client.h

>>> @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {

>>>    	s32 dir_pin;

>>>    	struct ceph_timespec btime;

>>>    	struct ceph_timespec snap_btime;

>>> +	u8 *fscrypt_auth;

>>> +	u8 *fscrypt_file;

>>> +	u32 fscrypt_auth_len;

>>> +	u32 fscrypt_file_len;

>>>    	u64 rsnaps;

>>>    	u64 change_attr;

>>>    };

>>> diff --git a/fs/ceph/super.h b/fs/ceph/super.h

>>> index 0cd94b296f5f..e032737fe472 100644

>>> --- a/fs/ceph/super.h

>>> +++ b/fs/ceph/super.h

>>> @@ -429,6 +429,12 @@ struct ceph_inode_info {

>>>    

>>>    #ifdef CONFIG_CEPH_FSCACHE

>>>    	struct fscache_cookie *fscache;

>>> +#endif

>>> +#ifdef CONFIG_FS_ENCRYPTION

>>> +	u32 fscrypt_auth_len;

>>> +	u32 fscrypt_file_len;

>>> +	u8 *fscrypt_auth;

>>> +	u8 *fscrypt_file;

>>>    #endif

>>>    	errseq_t i_meta_err;

>>>

On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:
> On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:

> > On 7/7/21 6:47 PM, Luis Henriques wrote:

> > > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:

> > > > ...and store them in the ceph_inode_info.

> > > > 

> > > > Signed-off-by: Jeff Layton <jlayton@kernel.org>

> > > > ---

> > > >   fs/ceph/file.c       |  2 ++

> > > >   fs/ceph/inode.c      | 18 ++++++++++++++++++

> > > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

> > > >   fs/ceph/mds_client.h |  4 ++++

> > > >   fs/ceph/super.h      |  6 ++++++

> > > >   5 files changed, 74 insertions(+)

> > > > 

> > > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c

> > > > index 2cda398ba64d..ea0e85075b7b 100644

> > > > --- a/fs/ceph/file.c

> > > > +++ b/fs/ceph/file.c

> > > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

> > > >   	iinfo.xattr_data = xattr_buf;

> > > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

> > > >   

> > > > +	/* FIXME: set fscrypt_auth and fscrypt_file */

> > > > +

> > > >   	in.ino = cpu_to_le64(vino.ino);

> > > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);

> > > >   	in.version = cpu_to_le64(1);	// ???

> > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

> > > > index f62785e4dbcb..b620281ea65b 100644

> > > > --- a/fs/ceph/inode.c

> > > > +++ b/fs/ceph/inode.c

> > > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

> > > >   

> > > >   	ci->i_meta_err = 0;

> > > >   

> > > > +#ifdef CONFIG_FS_ENCRYPTION

> > > > +	ci->fscrypt_auth = NULL;

> > > > +	ci->fscrypt_auth_len = 0;

> > > > +	ci->fscrypt_file = NULL;

> > > > +	ci->fscrypt_file_len = 0;

> > > > +#endif

> > > > +

> > > >   	return &ci->vfs_inode;

> > > >   }

> > > >   

> > > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

> > > >   	struct ceph_inode_info *ci = ceph_inode(inode);

> > > >   

> > > >   	kfree(ci->i_symlink);

> > > > +#ifdef CONFIG_FS_ENCRYPTION

> > > > +	kfree(ci->fscrypt_auth);

> > > > +#endif

> > > >   	kmem_cache_free(ceph_inode_cachep, ci);

> > > >   }

> > > >   

> > > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

> > > >   		xattr_blob = NULL;

> > > >   	}

> > > >   

> > > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

> > > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

> > > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;

> > > > +		iinfo->fscrypt_auth = NULL;

> > > > +		iinfo->fscrypt_auth_len = 0;

> > > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

> > > > +	}

> > > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth

> > > is already set.  Something like:

> > > 

> > > 	if (iinfo->fscrypt_auth_len) {

> > > 		if (!ci->fscrypt_auth) {

> > > 			...

> > > 		} else {

> > > 			kfree(iinfo->fscrypt_auth);

> > > 			iinfo->fscrypt_auth = NULL;

> > > 		}

> > > 	}

> > > 

> > IMO, this should be okay because it will be freed in 

> > destroy_reply_info() when putting the request.

> > 

> > 

> 

> Yes. All of that should get cleaned up with the request.


Hmm... ok, so maybe I missed something because I *did* saw kmemleak
complaining.  Maybe it was on the READDIR path.  /me goes look again.

Cheers,
--
Luís


> 

> > > > +

> > > >   	/* finally update i_version */

> > > >   	if (le64_to_cpu(info->version) > ci->i_version)

> > > >   		ci->i_version = le64_to_cpu(info->version);

> > > > diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c

> > > > index 3b3a14024ca0..9c994effc51d 100644

> > > > --- a/fs/ceph/mds_client.c

> > > > +++ b/fs/ceph/mds_client.c

> > > > @@ -183,8 +183,48 @@ static int parse_reply_info_in(void **p, void *end,

> > > >   			info->rsnaps = 0;

> > > >   		}

> > > >   

> > > > +		if (struct_v >= 5) {

> > > > +			u32 alen;

> > > > +

> > > > +			ceph_decode_32_safe(p, end, alen, bad);

> > > > +

> > > > +			while (alen--) {

> > > > +				u32 len;

> > > > +

> > > > +				/* key */

> > > > +				ceph_decode_32_safe(p, end, len, bad);

> > > > +				ceph_decode_skip_n(p, end, len, bad);

> > > > +				/* value */

> > > > +				ceph_decode_32_safe(p, end, len, bad);

> > > > +				ceph_decode_skip_n(p, end, len, bad);

> > > > +			}

> > > > +		}

> > > > +

> > > > +		/* fscrypt flag -- ignore */

> > > > +		if (struct_v >= 6)

> > > > +			ceph_decode_skip_8(p, end, bad);

> > > > +

> > > > +		if (struct_v >= 7) {

> > > > +			ceph_decode_32_safe(p, end, info->fscrypt_auth_len, bad);

> > > > +			if (info->fscrypt_auth_len) {

> > > > +				info->fscrypt_auth = kmalloc(info->fscrypt_auth_len, GFP_KERNEL);

> > > > +				if (!info->fscrypt_auth)

> > > > +					return -ENOMEM;

> > > > +				ceph_decode_copy_safe(p, end, info->fscrypt_auth,

> > > > +						      info->fscrypt_auth_len, bad);

> > > > +			}

> > > > +			ceph_decode_32_safe(p, end, info->fscrypt_file_len, bad);

> > > > +			if (info->fscrypt_file_len) {

> > > > +				info->fscrypt_file = kmalloc(info->fscrypt_file_len, GFP_KERNEL);

> > > > +				if (!info->fscrypt_file)

> > > > +					return -ENOMEM;

> > > As Xiubo already pointed out, there's a kfree(info->fscrypt_auth) missing

> > > in this error path.

> > > 

> > > Cheers,

> > > --

> > > Luís

> > > 

> > > > +				ceph_decode_copy_safe(p, end, info->fscrypt_file,

> > > > +						      info->fscrypt_file_len, bad);

> > > > +			}

> > > > +		}

> > > >   		*p = end;

> > > >   	} else {

> > > > +		/* legacy (unversioned) struct */

> > > >   		if (features & CEPH_FEATURE_MDS_INLINE_DATA) {

> > > >   			ceph_decode_64_safe(p, end, info->inline_version, bad);

> > > >   			ceph_decode_32_safe(p, end, info->inline_len, bad);

> > > > @@ -625,6 +665,10 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

> > > >   

> > > >   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

> > > >   {

> > > > +	kfree(info->diri.fscrypt_auth);

> > > > +	kfree(info->diri.fscrypt_file);

> > > > +	kfree(info->targeti.fscrypt_auth);

> > > > +	kfree(info->targeti.fscrypt_file);

> > > >   	if (!info->dir_entries)

> > > >   		return;

> > > >   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

> > > > diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h

> > > > index 64ea9d853b8d..0c3cc61fd038 100644

> > > > --- a/fs/ceph/mds_client.h

> > > > +++ b/fs/ceph/mds_client.h

> > > > @@ -88,6 +88,10 @@ struct ceph_mds_reply_info_in {

> > > >   	s32 dir_pin;

> > > >   	struct ceph_timespec btime;

> > > >   	struct ceph_timespec snap_btime;

> > > > +	u8 *fscrypt_auth;

> > > > +	u8 *fscrypt_file;

> > > > +	u32 fscrypt_auth_len;

> > > > +	u32 fscrypt_file_len;

> > > >   	u64 rsnaps;

> > > >   	u64 change_attr;

> > > >   };

> > > > diff --git a/fs/ceph/super.h b/fs/ceph/super.h

> > > > index 0cd94b296f5f..e032737fe472 100644

> > > > --- a/fs/ceph/super.h

> > > > +++ b/fs/ceph/super.h

> > > > @@ -429,6 +429,12 @@ struct ceph_inode_info {

> > > >   

> > > >   #ifdef CONFIG_CEPH_FSCACHE

> > > >   	struct fscache_cookie *fscache;

> > > > +#endif

> > > > +#ifdef CONFIG_FS_ENCRYPTION

> > > > +	u32 fscrypt_auth_len;

> > > > +	u32 fscrypt_file_len;

> > > > +	u8 *fscrypt_auth;

> > > > +	u8 *fscrypt_file;

> > > >   #endif

> > > >   	errseq_t i_meta_err;

> > > >   

> > > > -- 

> > > > 2.31.1

> > > > 

> > 

> 

> -- 

> Jeff Layton <jlayton@kernel.org>

>

On Wed, Jul 07, 2021 at 03:32:13PM +0100, Luis Henriques wrote:
> On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:

> > On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:

> > > On 7/7/21 6:47 PM, Luis Henriques wrote:

> > > > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:

> > > > > ...and store them in the ceph_inode_info.

> > > > > 

> > > > > Signed-off-by: Jeff Layton <jlayton@kernel.org>

> > > > > ---

> > > > >   fs/ceph/file.c       |  2 ++

> > > > >   fs/ceph/inode.c      | 18 ++++++++++++++++++

> > > > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

> > > > >   fs/ceph/mds_client.h |  4 ++++

> > > > >   fs/ceph/super.h      |  6 ++++++

> > > > >   5 files changed, 74 insertions(+)

> > > > > 

> > > > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c

> > > > > index 2cda398ba64d..ea0e85075b7b 100644

> > > > > --- a/fs/ceph/file.c

> > > > > +++ b/fs/ceph/file.c

> > > > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

> > > > >   	iinfo.xattr_data = xattr_buf;

> > > > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

> > > > >   

> > > > > +	/* FIXME: set fscrypt_auth and fscrypt_file */

> > > > > +

> > > > >   	in.ino = cpu_to_le64(vino.ino);

> > > > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);

> > > > >   	in.version = cpu_to_le64(1);	// ???

> > > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

> > > > > index f62785e4dbcb..b620281ea65b 100644

> > > > > --- a/fs/ceph/inode.c

> > > > > +++ b/fs/ceph/inode.c

> > > > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

> > > > >   

> > > > >   	ci->i_meta_err = 0;

> > > > >   

> > > > > +#ifdef CONFIG_FS_ENCRYPTION

> > > > > +	ci->fscrypt_auth = NULL;

> > > > > +	ci->fscrypt_auth_len = 0;

> > > > > +	ci->fscrypt_file = NULL;

> > > > > +	ci->fscrypt_file_len = 0;

> > > > > +#endif

> > > > > +

> > > > >   	return &ci->vfs_inode;

> > > > >   }

> > > > >   

> > > > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

> > > > >   	struct ceph_inode_info *ci = ceph_inode(inode);

> > > > >   

> > > > >   	kfree(ci->i_symlink);

> > > > > +#ifdef CONFIG_FS_ENCRYPTION

> > > > > +	kfree(ci->fscrypt_auth);

> > > > > +#endif

> > > > >   	kmem_cache_free(ceph_inode_cachep, ci);

> > > > >   }

> > > > >   

> > > > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

> > > > >   		xattr_blob = NULL;

> > > > >   	}

> > > > >   

> > > > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

> > > > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

> > > > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;

> > > > > +		iinfo->fscrypt_auth = NULL;

> > > > > +		iinfo->fscrypt_auth_len = 0;

> > > > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

> > > > > +	}

> > > > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth

> > > > is already set.  Something like:

> > > > 

> > > > 	if (iinfo->fscrypt_auth_len) {

> > > > 		if (!ci->fscrypt_auth) {

> > > > 			...

> > > > 		} else {

> > > > 			kfree(iinfo->fscrypt_auth);

> > > > 			iinfo->fscrypt_auth = NULL;

> > > > 		}

> > > > 	}

> > > > 

> > > IMO, this should be okay because it will be freed in 

> > > destroy_reply_info() when putting the request.

> > > 

> > > 

> > 

> > Yes. All of that should get cleaned up with the request.

> 

> Hmm... ok, so maybe I missed something because I *did* saw kmemleak

> complaining.  Maybe it was on the READDIR path.  /me goes look again.


Ah, that was indeed the problem.  So, here's a quick hack to fix
destroy_reply_info() so that it also frees the extra memory from READDIR:

@@ -686,12 +686,23 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,
 
 static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)
 {
+	int i = 0;
+
 	kfree(info->diri.fscrypt_auth);
 	kfree(info->diri.fscrypt_file);
 	kfree(info->targeti.fscrypt_auth);
 	kfree(info->targeti.fscrypt_file);
 	if (!info->dir_entries)
 		return;
+
+	for (i = 0; i < info->dir_nr; i++) {
+		struct ceph_mds_reply_dir_entry *rde = info->dir_entries + i;
+		if (rde->inode.fscrypt_auth_len)
+			kfree(rde->inode.fscrypt_auth);
+	}
+	       
 	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));
 }
 

Cheers,
--
Luís

On 7/7/21 10:56 PM, Luis Henriques wrote:
> On Wed, Jul 07, 2021 at 03:32:13PM +0100, Luis Henriques wrote:

>> On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:

>>> On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:

>>>> On 7/7/21 6:47 PM, Luis Henriques wrote:

>>>>> On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:

>>>>>> ...and store them in the ceph_inode_info.

>>>>>>

>>>>>> Signed-off-by: Jeff Layton <jlayton@kernel.org>

>>>>>> ---

>>>>>>    fs/ceph/file.c       |  2 ++

>>>>>>    fs/ceph/inode.c      | 18 ++++++++++++++++++

>>>>>>    fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

>>>>>>    fs/ceph/mds_client.h |  4 ++++

>>>>>>    fs/ceph/super.h      |  6 ++++++

>>>>>>    5 files changed, 74 insertions(+)

>>>>>>

>>>>>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c

>>>>>> index 2cda398ba64d..ea0e85075b7b 100644

>>>>>> --- a/fs/ceph/file.c

>>>>>> +++ b/fs/ceph/file.c

>>>>>> @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

>>>>>>    	iinfo.xattr_data = xattr_buf;

>>>>>>    	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

>>>>>>    

>>>>>> +	/* FIXME: set fscrypt_auth and fscrypt_file */

>>>>>> +

>>>>>>    	in.ino = cpu_to_le64(vino.ino);

>>>>>>    	in.snapid = cpu_to_le64(CEPH_NOSNAP);

>>>>>>    	in.version = cpu_to_le64(1);	// ???

>>>>>> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

>>>>>> index f62785e4dbcb..b620281ea65b 100644

>>>>>> --- a/fs/ceph/inode.c

>>>>>> +++ b/fs/ceph/inode.c

>>>>>> @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

>>>>>>    

>>>>>>    	ci->i_meta_err = 0;

>>>>>>    

>>>>>> +#ifdef CONFIG_FS_ENCRYPTION

>>>>>> +	ci->fscrypt_auth = NULL;

>>>>>> +	ci->fscrypt_auth_len = 0;

>>>>>> +	ci->fscrypt_file = NULL;

>>>>>> +	ci->fscrypt_file_len = 0;

>>>>>> +#endif

>>>>>> +

>>>>>>    	return &ci->vfs_inode;

>>>>>>    }

>>>>>>    

>>>>>> @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

>>>>>>    	struct ceph_inode_info *ci = ceph_inode(inode);

>>>>>>    

>>>>>>    	kfree(ci->i_symlink);

>>>>>> +#ifdef CONFIG_FS_ENCRYPTION

>>>>>> +	kfree(ci->fscrypt_auth);

>>>>>> +#endif

>>>>>>    	kmem_cache_free(ceph_inode_cachep, ci);

>>>>>>    }

>>>>>>    

>>>>>> @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

>>>>>>    		xattr_blob = NULL;

>>>>>>    	}

>>>>>>    

>>>>>> +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

>>>>>> +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

>>>>>> +		ci->fscrypt_auth = iinfo->fscrypt_auth;

>>>>>> +		iinfo->fscrypt_auth = NULL;

>>>>>> +		iinfo->fscrypt_auth_len = 0;

>>>>>> +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

>>>>>> +	}

>>>>> I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth

>>>>> is already set.  Something like:

>>>>>

>>>>> 	if (iinfo->fscrypt_auth_len) {

>>>>> 		if (!ci->fscrypt_auth) {

>>>>> 			...

>>>>> 		} else {

>>>>> 			kfree(iinfo->fscrypt_auth);

>>>>> 			iinfo->fscrypt_auth = NULL;

>>>>> 		}

>>>>> 	}

>>>>>

>>>> IMO, this should be okay because it will be freed in

>>>> destroy_reply_info() when putting the request.

>>>>

>>>>

>>> Yes. All of that should get cleaned up with the request.

>> Hmm... ok, so maybe I missed something because I *did* saw kmemleak

>> complaining.  Maybe it was on the READDIR path.  /me goes look again.

> Ah, that was indeed the problem.  So, here's a quick hack to fix

> destroy_reply_info() so that it also frees the extra memory from READDIR:

>

> @@ -686,12 +686,23 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

>   

>   static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

>   {

> +	int i = 0;

> +

>   	kfree(info->diri.fscrypt_auth);

>   	kfree(info->diri.fscrypt_file);

>   	kfree(info->targeti.fscrypt_auth);

>   	kfree(info->targeti.fscrypt_file);

>   	if (!info->dir_entries)

>   		return;

> +

> +	for (i = 0; i < info->dir_nr; i++) {

> +		struct ceph_mds_reply_dir_entry *rde = info->dir_entries + i;

> +		if (rde->inode.fscrypt_auth_len)

> +			kfree(rde->inode.fscrypt_auth);

> +	}

> +	

>   	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

>   }

>   


Yeah, this looks nice.


> Cheers,

> --

> Luís

>

On Wed, 2021-07-07 at 15:56 +0100, Luis Henriques wrote:
> On Wed, Jul 07, 2021 at 03:32:13PM +0100, Luis Henriques wrote:

> > On Wed, Jul 07, 2021 at 08:19:25AM -0400, Jeff Layton wrote:

> > > On Wed, 2021-07-07 at 19:19 +0800, Xiubo Li wrote:

> > > > On 7/7/21 6:47 PM, Luis Henriques wrote:

> > > > > On Fri, Jun 25, 2021 at 09:58:16AM -0400, Jeff Layton wrote:

> > > > > > ...and store them in the ceph_inode_info.

> > > > > > 

> > > > > > Signed-off-by: Jeff Layton <jlayton@kernel.org>

> > > > > > ---

> > > > > >   fs/ceph/file.c       |  2 ++

> > > > > >   fs/ceph/inode.c      | 18 ++++++++++++++++++

> > > > > >   fs/ceph/mds_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++

> > > > > >   fs/ceph/mds_client.h |  4 ++++

> > > > > >   fs/ceph/super.h      |  6 ++++++

> > > > > >   5 files changed, 74 insertions(+)

> > > > > > 

> > > > > > diff --git a/fs/ceph/file.c b/fs/ceph/file.c

> > > > > > index 2cda398ba64d..ea0e85075b7b 100644

> > > > > > --- a/fs/ceph/file.c

> > > > > > +++ b/fs/ceph/file.c

> > > > > > @@ -592,6 +592,8 @@ static int ceph_finish_async_create(struct inode *dir, struct inode *inode,

> > > > > >   	iinfo.xattr_data = xattr_buf;

> > > > > >   	memset(iinfo.xattr_data, 0, iinfo.xattr_len);

> > > > > >   

> > > > > > +	/* FIXME: set fscrypt_auth and fscrypt_file */

> > > > > > +

> > > > > >   	in.ino = cpu_to_le64(vino.ino);

> > > > > >   	in.snapid = cpu_to_le64(CEPH_NOSNAP);

> > > > > >   	in.version = cpu_to_le64(1);	// ???

> > > > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c

> > > > > > index f62785e4dbcb..b620281ea65b 100644

> > > > > > --- a/fs/ceph/inode.c

> > > > > > +++ b/fs/ceph/inode.c

> > > > > > @@ -611,6 +611,13 @@ struct inode *ceph_alloc_inode(struct super_block *sb)

> > > > > >   

> > > > > >   	ci->i_meta_err = 0;

> > > > > >   

> > > > > > +#ifdef CONFIG_FS_ENCRYPTION

> > > > > > +	ci->fscrypt_auth = NULL;

> > > > > > +	ci->fscrypt_auth_len = 0;

> > > > > > +	ci->fscrypt_file = NULL;

> > > > > > +	ci->fscrypt_file_len = 0;

> > > > > > +#endif

> > > > > > +

> > > > > >   	return &ci->vfs_inode;

> > > > > >   }

> > > > > >   

> > > > > > @@ -619,6 +626,9 @@ void ceph_free_inode(struct inode *inode)

> > > > > >   	struct ceph_inode_info *ci = ceph_inode(inode);

> > > > > >   

> > > > > >   	kfree(ci->i_symlink);

> > > > > > +#ifdef CONFIG_FS_ENCRYPTION

> > > > > > +	kfree(ci->fscrypt_auth);

> > > > > > +#endif

> > > > > >   	kmem_cache_free(ceph_inode_cachep, ci);

> > > > > >   }

> > > > > >   

> > > > > > @@ -1021,6 +1031,14 @@ int ceph_fill_inode(struct inode *inode, struct page *locked_page,

> > > > > >   		xattr_blob = NULL;

> > > > > >   	}

> > > > > >   

> > > > > > +	if (iinfo->fscrypt_auth_len && !ci->fscrypt_auth) {

> > > > > > +		ci->fscrypt_auth_len = iinfo->fscrypt_auth_len;

> > > > > > +		ci->fscrypt_auth = iinfo->fscrypt_auth;

> > > > > > +		iinfo->fscrypt_auth = NULL;

> > > > > > +		iinfo->fscrypt_auth_len = 0;

> > > > > > +		inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);

> > > > > > +	}

> > > > > I think we also need to free iinfo->fscrypt_auth here if ci->fscrypt_auth

> > > > > is already set.  Something like:

> > > > > 

> > > > > 	if (iinfo->fscrypt_auth_len) {

> > > > > 		if (!ci->fscrypt_auth) {

> > > > > 			...

> > > > > 		} else {

> > > > > 			kfree(iinfo->fscrypt_auth);

> > > > > 			iinfo->fscrypt_auth = NULL;

> > > > > 		}

> > > > > 	}

> > > > > 

> > > > IMO, this should be okay because it will be freed in 

> > > > destroy_reply_info() when putting the request.

> > > > 

> > > > 

> > > 

> > > Yes. All of that should get cleaned up with the request.

> > 

> > Hmm... ok, so maybe I missed something because I *did* saw kmemleak

> > complaining.  Maybe it was on the READDIR path.  /me goes look again.

> 

> Ah, that was indeed the problem.  So, here's a quick hack to fix

> destroy_reply_info() so that it also frees the extra memory from READDIR:

> 

> @@ -686,12 +686,23 @@ static int parse_reply_info(struct ceph_mds_session *s, struct ceph_msg *msg,

>  

>  static void destroy_reply_info(struct ceph_mds_reply_info_parsed *info)

>  {

> +	int i = 0;

> +

>  	kfree(info->diri.fscrypt_auth);

>  	kfree(info->diri.fscrypt_file);

>  	kfree(info->targeti.fscrypt_auth);

>  	kfree(info->targeti.fscrypt_file);

>  	if (!info->dir_entries)

>  		return;

> +

> +	for (i = 0; i < info->dir_nr; i++) {

> +		struct ceph_mds_reply_dir_entry *rde = info->dir_entries + i;

> +		if (rde->inode.fscrypt_auth_len)

> +			kfree(rde->inode.fscrypt_auth);

> +	}

> +	       

>  	free_pages((unsigned long)info->dir_entries, get_order(info->dir_buf_size));

>  }

>  

> 


Well spotted! I'll plan to incorporate a fix like that soon.
-- 
Jeff Layton <jlayton@kernel.org>