Re: [PATCH v2 2/3] fscrypt: Have filesystems handle their d_ops
From: Eric Biggers
Date: Tue Nov 17 2020 - 13:31:21 EST
On Tue, Nov 17, 2020 at 04:03:14AM +0000, Daniel Rosenberg wrote:
> diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
> index a8f7a43f031b..df2c66ca370e 100644
> --- a/include/linux/fscrypt.h
> +++ b/include/linux/fscrypt.h
> @@ -741,8 +741,9 @@ static inline int fscrypt_prepare_rename(struct inode *old_dir,
> * directory's encryption key is available, then the lookup is assumed to be by
> * plaintext name; otherwise, it is assumed to be by no-key name.
> *
> - * This also installs a custom ->d_revalidate() method which will invalidate the
> - * dentry if it was created without the key and the key is later added.
> + * After calling this function, a filesystem should ensure that its dentry
> + * operations contain fscrypt_d_revalidate if DCACHE_ENCRYPTED_NAME was set,
> + * so that the dentry can be invalidated if the key is later added.
> *
> * Return: 0 on success; -ENOENT if the directory's key is unavailable but the
> * filename isn't a valid no-key name, so a negative dentry should be created;
This should say DCACHE_NOKEY_NAME, not DCACHE_ENCRYPTED_NAME.
But more importantly, the explanation here isn't very clear. How about the
following instead:
* This will set DCACHE_NOKEY_NAME on the dentry if the lookup is by no-key
* name. In this case the filesystem must assign the dentry a dentry_operations
* which contains fscrypt_d_revalidate (or contains a d_revalidate method that
* calls fscrypt_d_revalidate), so that the dentry will be invalidated if the
* directory's encryption key is later added.