On Mon, 2020-09-07 at 20:55 -0700, Eric Biggers wrote:
> On Fri, Sep 04, 2020 at 12:05:25PM -0400, Jeff Layton wrote:
> > Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
> > ---
> > fs/crypto/fname.c | 71 +++++++++++++++++++++++------------------
> > include/linux/fscrypt.h | 3 ++
> > 2 files changed, 43 insertions(+), 31 deletions(-)
> >
> > diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
> > index 9440a44e24ac..09f09def87fc 100644
> > --- a/fs/crypto/fname.c
> > +++ b/fs/crypto/fname.c
> > @@ -300,6 +300,45 @@ void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str)
> > }
> > EXPORT_SYMBOL(fscrypt_fname_free_buffer);
> >
> > +void fscrypt_encode_nokey_name(u32 hash, u32 minor_hash,
> > + const struct fscrypt_str *iname,
> > + struct fscrypt_str *oname)
> > +{
> > + struct fscrypt_nokey_name nokey_name;
> > + u32 size; /* size of the unencoded no-key name */
> > +
> > + /*
> > + * Sanity check that struct fscrypt_nokey_name doesn't have padding
> > + * between fields and that its encoded size never exceeds NAME_MAX.
> > + */
> > + BUILD_BUG_ON(offsetofend(struct fscrypt_nokey_name, dirhash) !=
> > + offsetof(struct fscrypt_nokey_name, bytes));
> > + BUILD_BUG_ON(offsetofend(struct fscrypt_nokey_name, bytes) !=
> > + offsetof(struct fscrypt_nokey_name, sha256));
> > + BUILD_BUG_ON(BASE64_CHARS(FSCRYPT_NOKEY_NAME_MAX) > NAME_MAX);
> > +
> > + if (hash) {
> > + nokey_name.dirhash[0] = hash;
> > + nokey_name.dirhash[1] = minor_hash;
> > + } else {
> > + nokey_name.dirhash[0] = 0;
> > + nokey_name.dirhash[1] = 0;
> > + }
> > + if (iname->len <= sizeof(nokey_name.bytes)) {
> > + memcpy(nokey_name.bytes, iname->name, iname->len);
> > + size = offsetof(struct fscrypt_nokey_name, bytes[iname->len]);
> > + } else {
> > + memcpy(nokey_name.bytes, iname->name, sizeof(nokey_name.bytes));
> > + /* Compute strong hash of remaining part of name. */
> > + fscrypt_do_sha256(&iname->name[sizeof(nokey_name.bytes)],
> > + iname->len - sizeof(nokey_name.bytes),
> > + nokey_name.sha256);
> > + size = FSCRYPT_NOKEY_NAME_MAX;
> > + }
> > + oname->len = base64_encode((const u8 *)&nokey_name, size, oname->name);
> > +}
> > +EXPORT_SYMBOL(fscrypt_encode_nokey_name);
>
> Why does this need to be exported?
>
> There's no user of this function introduced in this patchset.
>
> - Eric
Yeah, I probably should have dropped this from the series for now as
nothing uses it yet, but eventually we may need this. I did a fairly
detailed writeup of the problem here:
https://tracker.ceph.com/issues/47162
Basically, we still need to allow clients to look up dentries in the MDS
even when they don't have the key.
There are a couple of different approaches, but the simplest is to just
have the client always store long dentry names using the nokey_name, and
then keep the full name in a new field in the dentry representation that
is sent across the wire.
This requires some changes to the Ceph MDS (which is what that tracker
bug is about), and will mean enshrining the nokey name in perpetuity.
We're still looking at this for now though, and we're open to other
approaches if you've got any to suggest.
--
Jeff Layton <jlayton@xxxxxxxxxx>
