+2 -2

fs/buffer.c

reviewed

··· 331 331 struct buffer_head *bh = ctx->bh; 332 332 int err; 333 333 334 334 - err = fscrypt_decrypt_pagecache_blocks(page_folio(bh->b_page), 335 335 - bh->b_size, bh_offset(bh)); 334 334 + err = fscrypt_decrypt_pagecache_blocks(bh->b_folio, bh->b_size, 335 335 + bh_offset(bh)); 336 336 if (err == 0 && need_fsverity(bh)) { 337 337 /* 338 338 * We use different work queues for decryption and for verity

+3 -3

fs/crypto/bio.c

reviewed

··· 69 69 pblk << (blockbits - SECTOR_SHIFT); 70 70 } 71 71 ret = bio_add_page(bio, ZERO_PAGE(0), bytes_this_page, 0); 72 72 - if (WARN_ON(ret != bytes_this_page)) { 72 72 + if (WARN_ON_ONCE(ret != bytes_this_page)) { 73 73 err = -EIO; 74 74 goto out; 75 75 } ··· 147 147 break; 148 148 } 149 149 nr_pages = i; 150 150 - if (WARN_ON(nr_pages <= 0)) 150 150 + if (WARN_ON_ONCE(nr_pages <= 0)) 151 151 return -EINVAL; 152 152 153 153 /* This always succeeds since __GFP_DIRECT_RECLAIM is set. */ ··· 170 170 offset += blocksize; 171 171 if (offset == PAGE_SIZE || len == 0) { 172 172 ret = bio_add_page(bio, pages[i++], offset, 0); 173 173 - if (WARN_ON(ret != offset)) { 173 173 + if (WARN_ON_ONCE(ret != offset)) { 174 174 err = -EIO; 175 175 goto out; 176 176 }

+12 -7

fs/crypto/crypto.c

reviewed

··· 308 308 309 309 /** 310 310 * fscrypt_initialize() - allocate major buffers for fs encryption. 311 311 - * @cop_flags: fscrypt operations flags 311 311 + * @sb: the filesystem superblock 312 312 * 313 313 * We only call this when we start accessing encrypted files, since it 314 314 * results in memory getting allocated that wouldn't otherwise be used. 315 315 * 316 316 * Return: 0 on success; -errno on failure 317 317 */ 318 318 - int fscrypt_initialize(unsigned int cop_flags) 318 318 + int fscrypt_initialize(struct super_block *sb) 319 319 { 320 320 int err = 0; 321 321 + mempool_t *pool; 322 322 + 323 323 + /* pairs with smp_store_release() below */ 324 324 + if (likely(smp_load_acquire(&fscrypt_bounce_page_pool))) 325 325 + return 0; 321 326 322 327 /* No need to allocate a bounce page pool if this FS won't use it. */ 323 323 - if (cop_flags & FS_CFLG_OWN_PAGES) 328 328 + if (sb->s_cop->flags & FS_CFLG_OWN_PAGES) 324 329 return 0; 325 330 326 331 mutex_lock(&fscrypt_init_mutex); ··· 333 328 goto out_unlock; 334 329 335 330 err = -ENOMEM; 336 336 - fscrypt_bounce_page_pool = 337 337 - mempool_create_page_pool(num_prealloc_crypto_pages, 0); 338 338 - if (!fscrypt_bounce_page_pool) 331 331 + pool = mempool_create_page_pool(num_prealloc_crypto_pages, 0); 332 332 + if (!pool) 339 333 goto out_unlock; 340 340 - 334 334 + /* pairs with smp_load_acquire() above */ 335 335 + smp_store_release(&fscrypt_bounce_page_pool, pool); 341 336 err = 0; 342 337 out_unlock: 343 338 mutex_unlock(&fscrypt_init_mutex);

+2 -2

fs/crypto/fname.c

reviewed

··· 110 110 * Copy the filename to the output buffer for encrypting in-place and 111 111 * pad it with the needed number of NUL bytes. 112 112 */ 113 113 - if (WARN_ON(olen < iname->len)) 113 113 + if (WARN_ON_ONCE(olen < iname->len)) 114 114 return -ENOBUFS; 115 115 memcpy(out, iname->name, iname->len); 116 116 memset(out + iname->len, 0, olen - iname->len); ··· 570 570 { 571 571 const struct fscrypt_info *ci = dir->i_crypt_info; 572 572 573 573 - WARN_ON(!ci->ci_dirhash_key_initialized); 573 573 + WARN_ON_ONCE(!ci->ci_dirhash_key_initialized); 574 574 575 575 return siphash(name->name, name->len, &ci->ci_dirhash_key); 576 576 }

+3 -3

fs/crypto/fscrypt_private.h

reviewed

··· 101 101 case FSCRYPT_CONTEXT_V2: 102 102 return ctx->v2.nonce; 103 103 } 104 104 - WARN_ON(1); 104 104 + WARN_ON_ONCE(1); 105 105 return NULL; 106 106 } 107 107 ··· 264 264 265 265 /* crypto.c */ 266 266 extern struct kmem_cache *fscrypt_info_cachep; 267 267 - int fscrypt_initialize(unsigned int cop_flags); 267 267 + int fscrypt_initialize(struct super_block *sb); 268 268 int fscrypt_crypt_block(const struct inode *inode, fscrypt_direction_t rw, 269 269 u64 lblk_num, struct page *src_page, 270 270 struct page *dest_page, unsigned int len, ··· 386 386 const u8 *raw_key, 387 387 const struct fscrypt_info *ci) 388 388 { 389 389 - WARN_ON(1); 389 389 + WARN_ON_ONCE(1); 390 390 return -EOPNOTSUPP; 391 391 } 392 392

+2 -2

fs/crypto/hkdf.c

reviewed

··· 79 79 return PTR_ERR(hmac_tfm); 80 80 } 81 81 82 82 - if (WARN_ON(crypto_shash_digestsize(hmac_tfm) != sizeof(prk))) { 82 82 + if (WARN_ON_ONCE(crypto_shash_digestsize(hmac_tfm) != sizeof(prk))) { 83 83 err = -EINVAL; 84 84 goto err_free_tfm; 85 85 } ··· 125 125 u8 counter = 1; 126 126 u8 tmp[HKDF_HASHLEN]; 127 127 128 128 - if (WARN_ON(okmlen > 255 * HKDF_HASHLEN)) 128 128 + if (WARN_ON_ONCE(okmlen > 255 * HKDF_HASHLEN)) 129 129 return -EINVAL; 130 130 131 131 desc->tfm = hkdf->hmac_tfm;

+31 -1

fs/crypto/hooks.c

reviewed

··· 111 111 } 112 112 EXPORT_SYMBOL_GPL(__fscrypt_prepare_lookup); 113 113 114 114 + /** 115 115 + * fscrypt_prepare_lookup_partial() - prepare lookup without filename setup 116 116 + * @dir: the encrypted directory being searched 117 117 + * @dentry: the dentry being looked up in @dir 118 118 + * 119 119 + * This function should be used by the ->lookup and ->atomic_open methods of 120 120 + * filesystems that handle filename encryption and no-key name encoding 121 121 + * themselves and thus can't use fscrypt_prepare_lookup(). Like 122 122 + * fscrypt_prepare_lookup(), this will try to set up the directory's encryption 123 123 + * key and will set DCACHE_NOKEY_NAME on the dentry if the key is unavailable. 124 124 + * However, this function doesn't set up a struct fscrypt_name for the filename. 125 125 + * 126 126 + * Return: 0 on success; -errno on error. Note that the encryption key being 127 127 + * unavailable is not considered an error. It is also not an error if 128 128 + * the encryption policy is unsupported by this kernel; that is treated 129 129 + * like the key being unavailable, so that files can still be deleted. 130 130 + */ 131 131 + int fscrypt_prepare_lookup_partial(struct inode *dir, struct dentry *dentry) 132 132 + { 133 133 + int err = fscrypt_get_encryption_info(dir, true); 134 134 + 135 135 + if (!err && !fscrypt_has_encryption_key(dir)) { 136 136 + spin_lock(&dentry->d_lock); 137 137 + dentry->d_flags |= DCACHE_NOKEY_NAME; 138 138 + spin_unlock(&dentry->d_lock); 139 139 + } 140 140 + return err; 141 141 + } 142 142 + EXPORT_SYMBOL_GPL(fscrypt_prepare_lookup_partial); 143 143 + 114 144 int __fscrypt_prepare_readdir(struct inode *dir) 115 145 { 116 146 return fscrypt_get_encryption_info(dir, true); ··· 345 315 int err; 346 316 347 317 /* This is for encrypted symlinks only */ 348 348 - if (WARN_ON(!IS_ENCRYPTED(inode))) 318 318 + if (WARN_ON_ONCE(!IS_ENCRYPTED(inode))) 349 319 return ERR_PTR(-EINVAL); 350 320 351 321 /* If the decrypted target is already cached, just return it. */

+7 -7

fs/crypto/keyring.c

reviewed

··· 73 73 * fscrypt_master_key struct itself after an RCU grace period ensures 74 74 * that concurrent keyring lookups can no longer find it. 75 75 */ 76 76 - WARN_ON(refcount_read(&mk->mk_active_refs) != 0); 76 76 + WARN_ON_ONCE(refcount_read(&mk->mk_active_refs) != 0); 77 77 key_put(mk->mk_users); 78 78 mk->mk_users = NULL; 79 79 call_rcu(&mk->mk_rcu_head, fscrypt_free_master_key); ··· 92 92 * destroying any subkeys embedded in it. 93 93 */ 94 94 95 95 - if (WARN_ON(!sb->s_master_keys)) 95 95 + if (WARN_ON_ONCE(!sb->s_master_keys)) 96 96 return; 97 97 spin_lock(&sb->s_master_keys->lock); 98 98 hlist_del_rcu(&mk->mk_node); ··· 102 102 * ->mk_active_refs == 0 implies that ->mk_secret is not present and 103 103 * that ->mk_decrypted_inodes is empty. 104 104 */ 105 105 - WARN_ON(is_master_key_secret_present(&mk->mk_secret)); 106 106 - WARN_ON(!list_empty(&mk->mk_decrypted_inodes)); 105 105 + WARN_ON_ONCE(is_master_key_secret_present(&mk->mk_secret)); 106 106 + WARN_ON_ONCE(!list_empty(&mk->mk_decrypted_inodes)); 107 107 108 108 for (i = 0; i <= FSCRYPT_MODE_MAX; i++) { 109 109 fscrypt_destroy_prepared_key( ··· 237 237 * with ->mk_secret. There should be no structural refs 238 238 * beyond the one associated with the active ref. 239 239 */ 240 240 - WARN_ON(refcount_read(&mk->mk_active_refs) != 1); 241 241 - WARN_ON(refcount_read(&mk->mk_struct_refs) != 1); 242 242 - WARN_ON(!is_master_key_secret_present(&mk->mk_secret)); 240 240 + WARN_ON_ONCE(refcount_read(&mk->mk_active_refs) != 1); 241 241 + WARN_ON_ONCE(refcount_read(&mk->mk_struct_refs) != 1); 242 242 + WARN_ON_ONCE(!is_master_key_secret_present(&mk->mk_secret)); 243 243 wipe_master_key_secret(&mk->mk_secret); 244 244 fscrypt_put_master_key_activeref(sb, mk); 245 245 }

+7 -7

fs/crypto/keysetup.c

reviewed

··· 125 125 pr_info("fscrypt: %s using implementation \"%s\"\n", 126 126 mode->friendly_name, crypto_skcipher_driver_name(tfm)); 127 127 } 128 128 - if (WARN_ON(crypto_skcipher_ivsize(tfm) != mode->ivsize)) { 128 128 + if (WARN_ON_ONCE(crypto_skcipher_ivsize(tfm) != mode->ivsize)) { 129 129 err = -EINVAL; 130 130 goto err_free_tfm; 131 131 } ··· 199 199 unsigned int hkdf_infolen = 0; 200 200 int err; 201 201 202 202 - if (WARN_ON(mode_num > FSCRYPT_MODE_MAX)) 202 202 + if (WARN_ON_ONCE(mode_num > FSCRYPT_MODE_MAX)) 203 203 return -EINVAL; 204 204 205 205 prep_key = &keys[mode_num]; ··· 282 282 void fscrypt_hash_inode_number(struct fscrypt_info *ci, 283 283 const struct fscrypt_master_key *mk) 284 284 { 285 285 - WARN_ON(ci->ci_inode->i_ino == 0); 286 286 - WARN_ON(!mk->mk_ino_hash_key_initialized); 285 285 + WARN_ON_ONCE(ci->ci_inode->i_ino == 0); 286 286 + WARN_ON_ONCE(!mk->mk_ino_hash_key_initialized); 287 287 288 288 ci->ci_hashed_ino = (u32)siphash_1u64(ci->ci_inode->i_ino, 289 289 &mk->mk_ino_hash_key); ··· 503 503 err = fscrypt_setup_v2_file_key(ci, mk, need_dirhash_key); 504 504 break; 505 505 default: 506 506 - WARN_ON(1); 506 506 + WARN_ON_ONCE(1); 507 507 err = -EINVAL; 508 508 break; 509 509 } ··· 560 560 struct fscrypt_master_key *mk = NULL; 561 561 int res; 562 562 563 563 - res = fscrypt_initialize(inode->i_sb->s_cop->flags); 563 563 + res = fscrypt_initialize(inode->i_sb); 564 564 if (res) 565 565 return res; 566 566 ··· 577 577 res = PTR_ERR(mode); 578 578 goto out; 579 579 } 580 580 - WARN_ON(mode->ivsize > FSCRYPT_MAX_IV_SIZE); 580 580 + WARN_ON_ONCE(mode->ivsize > FSCRYPT_MAX_IV_SIZE); 581 581 crypt_info->ci_mode = mode; 582 582 583 583 res = setup_file_encryption_key(crypt_info, need_dirhash_key, &mk);

+2 -2

fs/crypto/policy.c

reviewed

··· 48 48 FSCRYPT_KEY_IDENTIFIER_SIZE); 49 49 return 0; 50 50 default: 51 51 - WARN_ON(1); 51 51 + WARN_ON_ONCE(1); 52 52 return -EINVAL; 53 53 } 54 54 } ··· 463 463 current->comm, current->pid); 464 464 break; 465 465 default: 466 466 - WARN_ON(1); 466 466 + WARN_ON_ONCE(1); 467 467 return -EINVAL; 468 468 } 469 469

+7

include/linux/fscrypt.h

reviewed

··· 359 359 unsigned int flags); 360 360 int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry, 361 361 struct fscrypt_name *fname); 362 362 + int fscrypt_prepare_lookup_partial(struct inode *dir, struct dentry *dentry); 362 363 int __fscrypt_prepare_readdir(struct inode *dir); 363 364 int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr); 364 365 int fscrypt_prepare_setflags(struct inode *inode, ··· 670 669 static inline int __fscrypt_prepare_lookup(struct inode *dir, 671 670 struct dentry *dentry, 672 671 struct fscrypt_name *fname) 672 672 + { 673 673 + return -EOPNOTSUPP; 674 674 + } 675 675 + 676 676 + static inline int fscrypt_prepare_lookup_partial(struct inode *dir, 677 677 + struct dentry *dentry) 673 678 { 674 679 return -EOPNOTSUPP; 675 680 }