[PATCH] fscrypt: simplify master key locking

Eric Biggers ebiggers at kernel.org
Tue Nov 24 18:42:22 EST 2020


On Mon, Nov 16, 2020 at 07:26:26PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers at google.com>
> 
> The stated reasons for separating fscrypt_master_key::mk_secret_sem from
> the standard semaphore contained in every 'struct key' no longer apply.
> 
> First, due to commit a992b20cd4ee ("fscrypt: add
> fscrypt_prepare_new_inode() and fscrypt_set_context()"),
> fscrypt_get_encryption_info() is no longer called from within a
> filesystem transaction.
> 
> Second, due to commit d3ec10aa9581 ("KEYS: Don't write out to userspace
> while holding key semaphore"), the semaphore for the "keyring" key type
> no longer ranks above page faults.
> 
> That leaves performance as the only possible reason to keep the separate
> mk_secret_sem.  Specifically, having mk_secret_sem reduces the
> contention between setup_file_encryption_key() and
> FS_IOC_{ADD,REMOVE}_ENCRYPTION_KEY.  However, these ioctls aren't
> executed often, so this doesn't seem to be worth the extra complexity.
> 
> Therefore, simplify the locking design by just using key->sem instead of
> mk_secret_sem.
> 
> Signed-off-by: Eric Biggers <ebiggers at google.com>
> ---
>  fs/crypto/fscrypt_private.h | 19 ++++++-------------
>  fs/crypto/hooks.c           |  8 +++++---
>  fs/crypto/keyring.c         |  8 +-------
>  fs/crypto/keysetup.c        | 20 +++++++++-----------
>  4 files changed, 21 insertions(+), 34 deletions(-)

Applied to fscrypt.git#master for 5.11.

- Eric



More information about the linux-mtd mailing list