fscrypt: Have filesystems handle their d_ops

This shifts the responsibility of setting up dentry operations from fscrypt to the individual filesystems, allowing them to have their own operations while still setting fscrypt's d_revalidate as appropriate. Most filesystems can just use generic_set_encrypted_ci_d_ops, unless they have their own specific dentry operations as well. That operation will set the minimal d_ops required under the circumstances. Since the fscrypt d_ops are set later on, we must set all d_ops there, since we cannot adjust those later on. This should not result in any change in behavior. Signed-off-by: Daniel Rosenberg <drosen@google.com> Acked-by: Theodore Ts'o <tytso@mit.edu> Acked-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2025-11-04 10:40:15 +02:00 · 2020-11-19 06:09:03 +00:00 · 2020-11-19 06:09:03 +00:00 · bb9cd9106b
commit bb9cd9106b
parent 608af70351
13 changed files with 8 additions and 35 deletions
--- a/fs/crypto/fname.c
+++ b/fs/crypto/fname.c
@ -570,7 +570,3 @@ int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
 	return valid;
 }
 EXPORT_SYMBOL_GPL(fscrypt_d_revalidate);
 const struct dentry_operations fscrypt_d_ops = {
 	.d_revalidate = fscrypt_d_revalidate,
 };
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@ -294,7 +294,6 @@ int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *iname,
 bool fscrypt_fname_encrypted_size(const union fscrypt_policy *policy,
 				  u32 orig_len, u32 max_len,
 				  u32 *encrypted_len_ret);
 extern const struct dentry_operations fscrypt_d_ops;
 /* hkdf.c */
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@ -117,7 +117,6 @@ int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
 		spin_lock(&dentry->d_lock);
 		dentry->d_flags |= DCACHE_NOKEY_NAME;
 		spin_unlock(&dentry->d_lock);
 		d_set_d_op(dentry, &fscrypt_d_ops);
 	}
 	return err;
 }
--- a/fs/ext4/dir.c
+++ b/fs/ext4/dir.c
@ -667,10 +667,3 @@ const struct file_operations ext4_dir_operations = {
 	.open		= ext4_dir_open,
 	.release	= ext4_release_dir,
 };
 #ifdef CONFIG_UNICODE
 const struct dentry_operations ext4_dentry_ops = {
 	.d_hash = generic_ci_d_hash,
 	.d_compare = generic_ci_d_compare,
 };
 #endif
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@ -3354,10 +3354,6 @@ static inline void ext4_unlock_group(struct super_block *sb,
 /* dir.c */
 extern const struct file_operations ext4_dir_operations;
 #ifdef CONFIG_UNICODE
 extern const struct dentry_operations ext4_dentry_ops;
 #endif
 /* file.c */
 extern const struct inode_operations ext4_file_inode_operations;
 extern const struct file_operations ext4_file_operations;
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@ -1614,6 +1614,7 @@ static struct buffer_head *ext4_lookup_entry(struct inode *dir,
 	struct buffer_head *bh;
 	err = ext4_fname_prepare_lookup(dir, dentry, &fname);
 	generic_set_encrypted_ci_d_ops(dentry);
 	if (err == -ENOENT)
 		return NULL;
 	if (err)
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@ -4974,11 +4974,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
 		goto failed_mount4;
 	}
 #ifdef CONFIG_UNICODE
 	if (sb->s_encoding)
 		sb->s_d_op = &ext4_dentry_ops;
 #endif
 	sb->s_root = d_make_root(root);
 	if (!sb->s_root) {
 		ext4_msg(sb, KERN_ERR, "get root dentry failed");
--- a/fs/f2fs/dir.c
+++ b/fs/f2fs/dir.c
@ -1099,10 +1099,3 @@ const struct file_operations f2fs_dir_operations = {
 	.compat_ioctl   = f2fs_compat_ioctl,
 #endif
 };
 #ifdef CONFIG_UNICODE
 const struct dentry_operations f2fs_dentry_ops = {
 	.d_hash = generic_ci_d_hash,
 	.d_compare = generic_ci_d_compare,
 };
 #endif
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@ -3688,9 +3688,6 @@ static inline void f2fs_update_sit_info(struct f2fs_sb_info *sbi) {}
 #endif
 extern const struct file_operations f2fs_dir_operations;
 #ifdef CONFIG_UNICODE
 extern const struct dentry_operations f2fs_dentry_ops;
 #endif
 extern const struct file_operations f2fs_file_operations;
 extern const struct inode_operations f2fs_file_inode_operations;
 extern const struct address_space_operations f2fs_dblock_aops;
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@ -497,6 +497,7 @@ static struct dentry *f2fs_lookup(struct inode *dir, struct dentry *dentry,
 	}
 	err = f2fs_prepare_lookup(dir, dentry, &fname);
 	generic_set_encrypted_ci_d_ops(dentry);
 	if (err == -ENOENT)
 		goto out_splice;
 	if (err)
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@ -3426,7 +3426,6 @@ static int f2fs_setup_casefold(struct f2fs_sb_info *sbi)
 		sbi->sb->s_encoding = encoding;
 		sbi->sb->s_encoding_flags = encoding_flags;
 		sbi->sb->s_d_op = &f2fs_dentry_ops;
 	}
 #else
 	if (f2fs_sb_has_casefold(sbi)) {
--- a/fs/ubifs/dir.c
+++ b/fs/ubifs/dir.c
@ -203,6 +203,7 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
 	dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
 	err = fscrypt_prepare_lookup(dir, dentry, &nm);
 	generic_set_encrypted_ci_d_ops(dentry);
 	if (err == -ENOENT)
 		return d_splice_alias(NULL, dentry);
 	if (err)
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@ -741,8 +741,11 @@ static inline int fscrypt_prepare_rename(struct inode *old_dir,
 * directory's encryption key is available, then the lookup is assumed to be by
 * plaintext name; otherwise, it is assumed to be by no-key name.
 *
- * This also installs a custom ->d_revalidate() method which will invalidate the
+ * This will set DCACHE_NOKEY_NAME on the dentry if the lookup is by no-key
- * dentry if it was created without the key and the key is later added.
+ * name.  In this case the filesystem must assign the dentry a dentry_operations
 * which contains fscrypt_d_revalidate (or contains a d_revalidate method that
 * calls fscrypt_d_revalidate), so that the dentry will be invalidated if the
 * directory's encryption key is later added.
 *
 * Return: 0 on success; -ENOENT if the directory's key is unavailable but the
 * filename isn't a valid no-key name, so a negative dentry should be created;