f2fs: Handle casefolding with Encryption

Expand f2fs's casefolding support to include encrypted directories. To index casefolded+encrypted directories, we use the SipHash of the casefolded name, keyed by a key derived from the directory's fscrypt master key. This ensures that the dirhash doesn't leak information about the plaintext filenames. Encryption keys are unavailable during roll-forward recovery, so we can't compute the dirhash when recovering a new dentry in an encrypted + casefolded directory. To avoid having to force a checkpoint when a new file is fsync'ed, store the dirhash on-disk appended to i_name. This patch incorporates work by Eric Biggers <ebiggers@google.com> and Jaegeuk Kim <jaegeuk@kernel.org>. Co-developed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Daniel Rosenberg <drosen@google.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2020-11-19 06:09:04 +00:00 · 2020-11-19 06:09:04 +00:00 · 7ad08a58bf
parent bb9cd9106b
commit 7ad08a58bf
6 changed files with 107 additions and 34 deletions
--- a/fs/f2fs/dir.c
+++ b/fs/f2fs/dir.c
@ -5,6 +5,7 @@
 * Copyright (c) 2012 Samsung Electronics Co., Ltd.
 *             http://www.samsung.com/
 */
 #include <asm/unaligned.h>
 #include <linux/fs.h>
 #include <linux/f2fs_fs.h>
 #include <linux/sched/signal.h>
@ -206,30 +207,55 @@ static struct f2fs_dir_entry *find_in_block(struct inode *dir,
 /*
 * Test whether a case-insensitive directory entry matches the filename
 * being searched for.
 *
 * Returns 1 for a match, 0 for no match, and -errno on an error.
 */
-static bool f2fs_match_ci_name(const struct inode *dir, const struct qstr *name,
+static int f2fs_match_ci_name(const struct inode *dir, const struct qstr *name,
 			       const u8 *de_name, u32 de_name_len)
 {
 	const struct super_block *sb = dir->i_sb;
 	const struct unicode_map *um = sb->s_encoding;
 	struct fscrypt_str decrypted_name = FSTR_INIT(NULL, de_name_len);
 	struct qstr entry = QSTR_INIT(de_name, de_name_len);
 	int res;
-	res = utf8_strncasecmp_folded(um, name, &entry);
+	if (IS_ENCRYPTED(dir)) {
-	if (res < 0) {
+		const struct fscrypt_str encrypted_name =
-		/*
+			FSTR_INIT((u8 *)de_name, de_name_len);
-		 * In strict mode, ignore invalid names.  In non-strict mode,
+
-		 * fall back to treating them as opaque byte sequences.
+		if (WARN_ON_ONCE(!fscrypt_has_encryption_key(dir)))
-		 */
+			return -EINVAL;
-		if (sb_has_strict_encoding(sb) || name->len != entry.len)
+
-			return false;
+		decrypted_name.name = kmalloc(de_name_len, GFP_KERNEL);
-		return !memcmp(name->name, entry.name, name->len);
+		if (!decrypted_name.name)
 			return -ENOMEM;
 		res = fscrypt_fname_disk_to_usr(dir, 0, 0, &encrypted_name,
 						&decrypted_name);
 		if (res < 0)
 			goto out;
 		entry.name = decrypted_name.name;
 		entry.len = decrypted_name.len;
 	}
-	return res == 0;
+
 	res = utf8_strncasecmp_folded(um, name, &entry);
 	/*
 	 * In strict mode, ignore invalid names.  In non-strict mode,
 	 * fall back to treating them as opaque byte sequences.
 	 */
 	if (res < 0 && !sb_has_strict_encoding(sb)) {
 		res = name->len == entry.len &&
 				memcmp(name->name, entry.name, name->len) == 0;
 	} else {
 		/* utf8_strncasecmp_folded returns 0 on match */
 		res = (res == 0);
 	}
 out:
 	kfree(decrypted_name.name);
 	return res;
 }
 #endif /* CONFIG_UNICODE */
-static inline bool f2fs_match_name(const struct inode *dir,
+static inline int f2fs_match_name(const struct inode *dir,
 				   const struct f2fs_filename *fname,
 				   const u8 *de_name, u32 de_name_len)
 {
@ -256,6 +282,7 @@ struct f2fs_dir_entry *f2fs_find_target_dentry(const struct f2fs_dentry_ptr *d,
 	struct f2fs_dir_entry *de;
 	unsigned long bit_pos = 0;
 	int max_len = 0;
 	int res = 0;
 	if (max_slots)
 		*max_slots = 0;
@ -273,10 +300,15 @@ struct f2fs_dir_entry *f2fs_find_target_dentry(const struct f2fs_dentry_ptr *d,
 			continue;
 		}
-		if (de->hash_code == fname->hash &&
+		if (de->hash_code == fname->hash) {
-		    f2fs_match_name(d->inode, fname, d->filename[bit_pos],
+			res = f2fs_match_name(d->inode, fname,
-				    le16_to_cpu(de->name_len)))
+					      d->filename[bit_pos],
-			goto found;
+					      le16_to_cpu(de->name_len));
 			if (res < 0)
 				return ERR_PTR(res);
 			if (res)
 				goto found;
 		}
 		if (max_slots && max_len > *max_slots)
 			*max_slots = max_len;
@ -326,7 +358,11 @@ static struct f2fs_dir_entry *find_in_level(struct inode *dir,
 		}
 		de = find_in_block(dir, dentry_page, fname, &max_slots);
-		if (de) {
+		if (IS_ERR(de)) {
 			*res_page = ERR_CAST(de);
 			de = NULL;
 			break;
 		} else if (de) {
 			*res_page = dentry_page;
 			break;
 		}
@ -448,17 +484,39 @@ void f2fs_set_link(struct inode *dir, struct f2fs_dir_entry *de,
 	f2fs_put_page(page, 1);
 }
-static void init_dent_inode(const struct f2fs_filename *fname,
+static void init_dent_inode(struct inode *dir, struct inode *inode,
 			    const struct f2fs_filename *fname,
 			    struct page *ipage)
 {
 	struct f2fs_inode *ri;
 	if (!fname) /* tmpfile case? */
 		return;
 	f2fs_wait_on_page_writeback(ipage, NODE, true, true);
 	/* copy name info. to this inode page */
 	ri = F2FS_INODE(ipage);
 	ri->i_namelen = cpu_to_le32(fname->disk_name.len);
 	memcpy(ri->i_name, fname->disk_name.name, fname->disk_name.len);
 	if (IS_ENCRYPTED(dir)) {
 		file_set_enc_name(inode);
 		/*
 		 * Roll-forward recovery doesn't have encryption keys available,
 		 * so it can't compute the dirhash for encrypted+casefolded
 		 * filenames.  Append it to i_name if possible.  Else, disable
 		 * roll-forward recovery of the dentry (i.e., make fsync'ing the
 		 * file force a checkpoint) by setting LOST_PINO.
 		 */
 		if (IS_CASEFOLDED(dir)) {
 			if (fname->disk_name.len + sizeof(f2fs_hash_t) <=
 			    F2FS_NAME_LEN)
 				put_unaligned(fname->hash, (f2fs_hash_t *)
 					&ri->i_name[fname->disk_name.len]);
 			else
 				file_lost_pino(inode);
 		}
 	}
 	set_page_dirty(ipage);
 }
@ -541,11 +599,7 @@ struct page *f2fs_init_inode_metadata(struct inode *inode, struct inode *dir,
 			return page;
 	}
-	if (fname) {
+	init_dent_inode(dir, inode, fname, page);
 		init_dent_inode(fname, page);
 		if (IS_ENCRYPTED(dir))
 			file_set_enc_name(inode);
 	}
 	/*
 	 * This file should be checkpointed during fsync.
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@ -454,9 +454,11 @@ struct f2fs_filename {
 #ifdef CONFIG_UNICODE
 	/*
 	 * For casefolded directories: the casefolded name, but it's left NULL
-	 * if the original name is not valid Unicode or if the filesystem is
+	 * if the original name is not valid Unicode, if the directory is both
-	 * doing an internal operation where usr_fname is also NULL.  In these
+	 * casefolded and encrypted and its encryption key is unavailable, or if
-	 * cases we fall back to treating the name as an opaque byte sequence.
+	 * the filesystem is doing an internal operation where usr_fname is also
 	 * NULL.  In all these cases we fall back to treating the name as an
 	 * opaque byte sequence.
 	 */
 	struct fscrypt_str cf_name;
 #endif
--- a/fs/f2fs/hash.c
+++ b/fs/f2fs/hash.c
@ -111,7 +111,9 @@ void f2fs_hash_filename(const struct inode *dir, struct f2fs_filename *fname)
 		 * If the casefolded name is provided, hash it instead of the
 		 * on-disk name.  If the casefolded name is *not* provided, that
 		 * should only be because the name wasn't valid Unicode, so fall
-		 * back to treating the name as an opaque byte sequence.
+		 * back to treating the name as an opaque byte sequence.  Note
 		 * that to handle encrypted directories, the fallback must use
 		 * usr_fname (plaintext) rather than disk_name (ciphertext).
 		 */
 		WARN_ON_ONCE(!fname->usr_fname->name);
 		if (fname->cf_name.name) {
@ -121,6 +123,13 @@ void f2fs_hash_filename(const struct inode *dir, struct f2fs_filename *fname)
 			name = fname->usr_fname->name;
 			len = fname->usr_fname->len;
 		}
 		if (IS_ENCRYPTED(dir)) {
 			struct qstr tmp = QSTR_INIT(name, len);
 			fname->hash =
 				cpu_to_le32(fscrypt_fname_siphash(dir, &tmp));
 			return;
 		}
 	}
 #endif
 	fname->hash = cpu_to_le32(TEA_hash_name(name, len));
--- a/fs/f2fs/inline.c
+++ b/fs/f2fs/inline.c
@ -332,6 +332,10 @@ struct f2fs_dir_entry *f2fs_find_in_inline_dir(struct inode *dir,
 	make_dentry_ptr_inline(dir, &d, inline_dentry);
 	de = f2fs_find_target_dentry(&d, fname, NULL);
 	unlock_page(ipage);
 	if (IS_ERR(de)) {
 		*res_page = ERR_CAST(de);
 		de = NULL;
 	}
 	if (de)
 		*res_page = ipage;
 	else
--- a/fs/f2fs/recovery.c
+++ b/fs/f2fs/recovery.c
@ -5,6 +5,7 @@
 * Copyright (c) 2012 Samsung Electronics Co., Ltd.
 *             http://www.samsung.com/
 */
 #include <asm/unaligned.h>
 #include <linux/fs.h>
 #include <linux/f2fs_fs.h>
 #include "f2fs.h"
@ -128,7 +129,16 @@ static int init_recovered_filename(const struct inode *dir,
 	}
 	/* Compute the hash of the filename */
-	if (IS_CASEFOLDED(dir)) {
+	if (IS_ENCRYPTED(dir) && IS_CASEFOLDED(dir)) {
 		/*
 		 * In this case the hash isn't computable without the key, so it
 		 * was saved on-disk.
 		 */
 		if (fname->disk_name.len + sizeof(f2fs_hash_t) > F2FS_NAME_LEN)
 			return -EINVAL;
 		fname->hash = get_unaligned((f2fs_hash_t *)
 				&raw_inode->i_name[fname->disk_name.len]);
 	} else if (IS_CASEFOLDED(dir)) {
 		err = f2fs_init_casefolded_name(dir, fname);
 		if (err)
 			return err;
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@ -3398,12 +3398,6 @@ static int f2fs_setup_casefold(struct f2fs_sb_info *sbi)
 		struct unicode_map *encoding;
 		__u16 encoding_flags;
 		if (f2fs_sb_has_encrypt(sbi)) {
 			f2fs_err(sbi,
 				"Can't mount with encoding and encryption");
 			return -EINVAL;
 		}
 		if (f2fs_sb_read_encoding(sbi->raw_super, &encoding_info,
 					  &encoding_flags)) {
 			f2fs_err(sbi,