[PATCH 0/2] Bounce buffer for mds client decryption when vmalloc()

Next message: kernel test robot: "[peterz-queue:sched/proxy] [sched/fair] 3272406483: RIP:set_next_task_idle"
Previous message: Yin Tirui: "Re: [PATCH mm-unstable RFC v4 0/7] mm: add huge pfnmap support for remap_pfn_range()"
Next in thread: Sam Edwards: "[PATCH 1/2] ceph: pass fscrypt `tname` buffers directly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sam Edwards

Date: Tue May 26 2026 - 22:59:27 EST

Hi Ceph maintainers,

This is my proposed patchset after my previous RFC [1]. Apologies for the long
delay, life gets busy (and my Linux hacking time was eaten by trying to stay
patched in the face of the recent flood of LPE vulns), so it took me longer
than usual to get patches written, tested, and cleaned up. Glad to be back! :)

Since Alex pointed out last time that parse_reply_info_trace() has the same
latent bug, and Slava disliked the already-high complexity of
parse_reply_info_readdir(), I opted to resolve the issue in ceph_fname_to_usr()
instead. The purpose of patch #2 is to make ceph_fname_to_usr() explicitly
responsible for handling vmalloc()-backed filename buffers (for base64,
ciphertext, and plaintext), using the `tname` parameter as a bounce buffer
where appropriate (and preserving the allocate-when-needed behavior).

Patch #1 simplifies `struct fscrypt_str *tname` to `unsigned char *tname`, both
in recognition of `tname->len` being unused/unnecessary, and to eliminate the
`tname == NULL` / `tname->name == NULL` confusion.

Cheers,
Sam

[1] https://lore.kernel.org/ceph-devel/CAH5Ym4ga7miUQE0K-cJA93Ya7w62P69MAN27R5cBiYnudoOHdA@xxxxxxxxxxxxxx/T/

Sam Edwards (2):
ceph: pass fscrypt `tname` buffers directly
ceph: properly decrypt filenames in vmalloc() buffers

fs/ceph/crypto.c | 45 ++++++++++++++++++++++++++++++++------------
fs/ceph/crypto.h | 4 ++--
fs/ceph/mds_client.c | 12 ++++++++----
3 files changed, 43 insertions(+), 18 deletions(-)

--
2.53.0