[PATCH] fscrypt: simplify master key locking
Eric Biggers
ebiggers at kernel.org
Tue Nov 24 18:42:22 EST 2020
On Mon, Nov 16, 2020 at 07:26:26PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers at google.com>
>
> The stated reasons for separating fscrypt_master_key::mk_secret_sem from
> the standard semaphore contained in every 'struct key' no longer apply.
>
> First, due to commit a992b20cd4ee ("fscrypt: add
> fscrypt_prepare_new_inode() and fscrypt_set_context()"),
> fscrypt_get_encryption_info() is no longer called from within a
> filesystem transaction.
>
> Second, due to commit d3ec10aa9581 ("KEYS: Don't write out to userspace
> while holding key semaphore"), the semaphore for the "keyring" key type
> no longer ranks above page faults.
>
> That leaves performance as the only possible reason to keep the separate
> mk_secret_sem. Specifically, having mk_secret_sem reduces the
> contention between setup_file_encryption_key() and
> FS_IOC_{ADD,REMOVE}_ENCRYPTION_KEY. However, these ioctls aren't
> executed often, so this doesn't seem to be worth the extra complexity.
>
> Therefore, simplify the locking design by just using key->sem instead of
> mk_secret_sem.
>
> Signed-off-by: Eric Biggers <ebiggers at google.com>
> ---
> fs/crypto/fscrypt_private.h | 19 ++++++-------------
> fs/crypto/hooks.c | 8 +++++---
> fs/crypto/keyring.c | 8 +-------
> fs/crypto/keysetup.c | 20 +++++++++-----------
> 4 files changed, 21 insertions(+), 34 deletions(-)
Applied to fscrypt.git#master for 5.11.
- Eric
More information about the linux-mtd
mailing list