git.baikalelectronics.ru Git - kernel.git/commit

author	Jeff Layton <jlayton@kernel.org>
	Tue, 1 Sep 2020 16:56:42 +0000 (12:56 -0400)
committer	Ilya Dryomov <idryomov@gmail.com>
	Tue, 2 Aug 2022 22:54:11 +0000 (00:54 +0200)
commit	184842d4e5b9b9c54dfd5514dd525865b304219d
tree	9c669843ba144ff28f9150d6dcf9e53d57969e3c	tree \| snapshot
parent	08490bf5c7977b18e714871c1d248ecb4759801a	commit \| diff

fscrypt: add fscrypt_context_for_new_inode

Most filesystems just call fscrypt_set_context on new inodes, which
usually causes a setxattr. That's a bit late for ceph, which can send
along a full set of attributes with the create request.

Doing so allows it to avoid race windows that where the new inode could
be seen by other clients without the crypto context attached. It also
avoids the separate round trip to the server.

Refactor the fscrypt code a bit to allow us to create a new crypto
context, attach it to the inode, and write it to the buffer, but without
calling set_context on it. ceph can later use this to marshal the
context into the attributes we send along with the create request.

Signed-off-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Xiubo Li <xiubli@redhat.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>

fs/crypto/policy.c		diff \| blob \| history
include/linux/fscrypt.h		diff \| blob \| history