On Thu, Oct 20, 2022 at 12:58:21PM -0400, Sweet Tea Dorminy wrote:
> From: Omar Sandoval <osandov@xxxxxxxxxxx>
>
> Btrfs will need to check whether inode policies are identical for
> various purposes: if two inodes want to share an extent, they must have
> the same policy, including key identifier; symlinks must not span the
> encrypted/unencrypted border; and certain encryption policies will allow
> btrfs to store one fscrypt_context for multiple objects. Therefore, add
> a function which allows checking the encryption policies of two inodes
> to ensure they are identical.
>
> Signed-off-by: Omar Sandoval <osandov@xxxxxxxxxxx>
> Signed-off-by: Sweet Tea Dorminy <sweettea-kernel@xxxxxxxxxx>
> ---
> fs/crypto/policy.c | 26 ++++++++++++++++++++++++++
> include/linux/fscrypt.h | 7 +++++++
> 2 files changed, 33 insertions(+)
>
> diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
> index 46757c3052ef..b7c4820a8001 100644
> --- a/fs/crypto/policy.c
> +++ b/fs/crypto/policy.c
> @@ -415,6 +415,32 @@ static int fscrypt_get_policy(struct inode *inode, union fscrypt_policy *policy)
> return fscrypt_policy_from_context(policy, &ctx, ret);
> }
>
> +/**
> + * fscrypt_have_same_policy() - check whether two inodes have the same policy
> + * @inode1: the first inode
> + * @inode2: the second inode
> + *
> + * Return: %true if they are definitely equal, else %false
> + */
> +int fscrypt_have_same_policy(struct inode *inode1, struct inode *inode2)
> +{
> + union fscrypt_policy policy1, policy2;
> + int err;
> +
> + if (!IS_ENCRYPTED(inode1) && !IS_ENCRYPTED(inode2))
> + return true;
> + else if (!IS_ENCRYPTED(inode1) || !IS_ENCRYPTED(inode2))
> + return false;
> + err = fscrypt_get_policy(inode1, &policy1);
> + if (err)
> + return false;
> + err = fscrypt_get_policy(inode2, &policy2);
> + if (err)
> + return false;
> + return fscrypt_policies_equal(&policy1, &policy2);
You're returning bools here, you should maket his return bool instead of int.
Also you could just do
if (fscrypt_get_policy())
return false;
Thanks,
Josef
|