Re: [RFC PATCH v2 04/18] fscrypt: add fscrypt_new_context_from_inode

Eric Biggers <ebiggers@xxxxxxxxxx> · Mon, 7 Sep 2020 20:48:30 -0700

On Fri, Sep 04, 2020 at 12:05:23PM -0400, Jeff Layton wrote:
> CephFS will need to be able to generate a context for a new "prepared"
> inode. Add a new routine for getting the context out of an in-core
> inode.
> 
> Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
> ---
>  fs/crypto/policy.c      | 20 ++++++++++++++++++++
>  include/linux/fscrypt.h |  1 +
>  2 files changed, 21 insertions(+)
> 
> diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
> index c56ad886f7d7..10eddd113a21 100644
> --- a/fs/crypto/policy.c
> +++ b/fs/crypto/policy.c
> @@ -670,6 +670,26 @@ int fscrypt_set_context(struct inode *inode, void *fs_data)
>  }
>  EXPORT_SYMBOL_GPL(fscrypt_set_context);
>  
> +/**
> + * fscrypt_context_from_inode() - fetch the encryption context out of in-core inode

Comment doesn't match the function name.

Also, the name isn't very clear.  How about calling this
fscrypt_context_for_new_inode()?

BTW, I might rename fscrypt_new_context_from_policy() to
fscrypt_context_from_policy() in my patchset.  Since it now makes the caller
provide the nonce, technically it's no longer limited to "new" contexts.

> + * @ctx: where context should be written
> + * @inode: inode from which to fetch context
> + *
> + * Given an in-core prepared, but not-necessarily fully-instantiated inode,
> + * generate an encryption context from its policy and write it to ctx.

Clarify what is meant by "prepared" (fscrypt_prepare_new_inode() was called)
vs. "instantiated".

> + *
> + * Returns size of the context.
> + */
> +int fscrypt_new_context_from_inode(union fscrypt_context *ctx, struct inode *inode)
> +{
> +	struct fscrypt_info *ci = inode->i_crypt_info;
> +
> +	BUILD_BUG_ON(sizeof(*ctx) != FSCRYPT_SET_CONTEXT_MAX_SIZE);
> +
> +	return fscrypt_new_context_from_policy(ctx, &ci->ci_policy, ci->ci_nonce);
> +}
> +EXPORT_SYMBOL_GPL(fscrypt_new_context_from_inode);

fscrypt_set_context() should be changed to call this, instead of duplicating the
same logic.  As part of that, the WARN_ON_ONCE(!ci) that's currently in
fscrypt_set_context() should go in here instead.

- Eric