diff options
author | Eric Biggers <ebiggers@google.com> | 2023-02-08 09:21:03 +0300 |
---|---|---|
committer | Eric Biggers <ebiggers@google.com> | 2023-02-08 09:30:30 +0300 |
commit | 60e463f0be9874692a56a7d419a6e39029b6290d (patch) | |
tree | 0c8a86275f6b293eee0ad9081158311a07fe48ed /fs/crypto/policy.c | |
parent | 6d796c50f84ca79f1722bb131799e5a5710c4700 (diff) | |
download | linux-60e463f0be9874692a56a7d419a6e39029b6290d.tar.xz |
fscrypt: add the test dummy encryption key on-demand
When the key for an inode is not found but the inode is using the
test_dummy_encryption policy, automatically add the
test_dummy_encryption key to the filesystem keyring. This eliminates
the need for all the individual filesystems to do this at mount time,
which is a bit tricky to clean up from on failure.
Note: this covers the call to fscrypt_find_master_key() from inode key
setup, but not from the fscrypt ioctls. So, this isn't *exactly* the
same as the key being present from the very beginning. I think we can
tolerate that, though, since the inode key setup caller is the only one
that actually matters in the context of test_dummy_encryption.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20230208062107.199831-2-ebiggers@kernel.org
Diffstat (limited to 'fs/crypto/policy.c')
-rw-r--r-- | fs/crypto/policy.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c index 893661b52376..69dca4ff5f48 100644 --- a/fs/crypto/policy.c +++ b/fs/crypto/policy.c @@ -53,8 +53,7 @@ int fscrypt_policy_to_key_spec(const union fscrypt_policy *policy, } } -static const union fscrypt_policy * -fscrypt_get_dummy_policy(struct super_block *sb) +const union fscrypt_policy *fscrypt_get_dummy_policy(struct super_block *sb) { if (!sb->s_cop->get_dummy_policy) return NULL; |