Hi Eric, On 2019/7/27 6:41, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > Wire up the new ioctls for adding and removing fscrypt keys to/from the > filesystem, and the new ioctl for retrieving v2 encryption policies. > > FS_IOC_REMOVE_ENCRYPTION_KEY also required making f2fs_drop_inode() call > fscrypt_drop_inode(). > > For more details see Documentation/filesystems/fscrypt.rst and the > fscrypt patches that added the implementation of these ioctls. > > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> Reviewed-by: Chao Yu <yuchao0@xxxxxxxxxx> BTW, do you think it needs to make xxfs_has_support_encrypt() function be a common interface defined in struct fscrypt_operations, as I see all fscrypt_ioctl_*() needs to check with it, tho such cleanup is minor... Thanks, > --- > fs/f2fs/file.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ > fs/f2fs/super.c | 2 ++ > 2 files changed, 48 insertions(+) > > diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c > index f8d46df8fa9ee..d81dda290b829 100644 > --- a/fs/f2fs/file.c > +++ b/fs/f2fs/file.c > @@ -2184,6 +2184,40 @@ static int f2fs_ioc_get_encryption_pwsalt(struct file *filp, unsigned long arg) > return err; > } > > +static int f2fs_ioc_get_encryption_policy_ex(struct file *filp, > + unsigned long arg) > +{ > + if (!f2fs_sb_has_encrypt(F2FS_I_SB(file_inode(filp)))) > + return -EOPNOTSUPP; > + > + return fscrypt_ioctl_get_policy_ex(filp, (void __user *)arg); > +} > + > +static int f2fs_ioc_add_encryption_key(struct file *filp, unsigned long arg) > +{ > + if (!f2fs_sb_has_encrypt(F2FS_I_SB(file_inode(filp)))) > + return -EOPNOTSUPP; > + > + return fscrypt_ioctl_add_key(filp, (void __user *)arg); > +} > + > +static int f2fs_ioc_remove_encryption_key(struct file *filp, unsigned long arg) > +{ > + if (!f2fs_sb_has_encrypt(F2FS_I_SB(file_inode(filp)))) > + return -EOPNOTSUPP; > + > + return fscrypt_ioctl_remove_key(filp, (const void __user *)arg); > +} > + > +static int f2fs_ioc_get_encryption_key_status(struct file *filp, > + unsigned long arg) > +{ > + if (!f2fs_sb_has_encrypt(F2FS_I_SB(file_inode(filp)))) > + return -EOPNOTSUPP; > + > + return fscrypt_ioctl_get_key_status(filp, (void __user *)arg); > +} > + > static int f2fs_ioc_gc(struct file *filp, unsigned long arg) > { > struct inode *inode = file_inode(filp); > @@ -3109,6 +3143,14 @@ long f2fs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) > return f2fs_ioc_get_encryption_policy(filp, arg); > case F2FS_IOC_GET_ENCRYPTION_PWSALT: > return f2fs_ioc_get_encryption_pwsalt(filp, arg); > + case FS_IOC_GET_ENCRYPTION_POLICY_EX: > + return f2fs_ioc_get_encryption_policy_ex(filp, arg); > + case FS_IOC_ADD_ENCRYPTION_KEY: > + return f2fs_ioc_add_encryption_key(filp, arg); > + case FS_IOC_REMOVE_ENCRYPTION_KEY: > + return f2fs_ioc_remove_encryption_key(filp, arg); > + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: > + return f2fs_ioc_get_encryption_key_status(filp, arg); > case F2FS_IOC_GARBAGE_COLLECT: > return f2fs_ioc_gc(filp, arg); > case F2FS_IOC_GARBAGE_COLLECT_RANGE: > @@ -3236,6 +3278,10 @@ long f2fs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) > case F2FS_IOC_SET_ENCRYPTION_POLICY: > case F2FS_IOC_GET_ENCRYPTION_PWSALT: > case F2FS_IOC_GET_ENCRYPTION_POLICY: > + case FS_IOC_GET_ENCRYPTION_POLICY_EX: > + case FS_IOC_ADD_ENCRYPTION_KEY: > + case FS_IOC_REMOVE_ENCRYPTION_KEY: > + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: > case F2FS_IOC_GARBAGE_COLLECT: > case F2FS_IOC_GARBAGE_COLLECT_RANGE: > case F2FS_IOC_WRITE_CHECKPOINT: > diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c > index 6de6cda440315..f5fae8d511a20 100644 > --- a/fs/f2fs/super.c > +++ b/fs/f2fs/super.c > @@ -913,6 +913,8 @@ static int f2fs_drop_inode(struct inode *inode) > return 0; > } > ret = generic_drop_inode(inode); > + if (!ret) > + ret = fscrypt_drop_inode(inode); > trace_f2fs_drop_inode(inode, ret); > return ret; > } >