fs: crypto: Maintain reference count for class keys
Reference count for device queue might overflow in case of class key if we keep preparing keys for each inode. So maintain a ref count to ensure keys can be fetched for inodes belonging to same storage class. Test: Tested by customer and it fixes the issue. Change-Id: Ia1dd32d0e0feeb79aa40335bd32b0ab6b693b440 Signed-off-by: Neeraj Soni <quic_neersoni@quicinc.com>
This commit is contained in:
parent
2753cc581b
commit
905ba5ec9d
@ -477,18 +477,9 @@ static void put_crypt_info(struct fscrypt_info *ci)
|
|||||||
|
|
||||||
if (ci->ci_direct_key)
|
if (ci->ci_direct_key)
|
||||||
fscrypt_put_direct_key(ci->ci_direct_key);
|
fscrypt_put_direct_key(ci->ci_direct_key);
|
||||||
else if (ci->ci_owns_key) {
|
else if (ci->ci_owns_key)
|
||||||
if (fscrypt_policy_contents_mode(&ci->ci_policy) !=
|
fscrypt_destroy_prepared_key(&ci->ci_key);
|
||||||
FSCRYPT_MODE_PRIVATE) {
|
|
||||||
fscrypt_destroy_prepared_key(&ci->ci_key);
|
|
||||||
} else {
|
|
||||||
crypto_free_skcipher(ci->ci_key.tfm);
|
|
||||||
#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT
|
|
||||||
if (ci->ci_key.blk_key)
|
|
||||||
kzfree(ci->ci_key.blk_key);
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
}
|
|
||||||
key = ci->ci_master_key;
|
key = ci->ci_master_key;
|
||||||
if (key) {
|
if (key) {
|
||||||
struct fscrypt_master_key *mk = key->payload.data[0];
|
struct fscrypt_master_key *mk = key->payload.data[0];
|
||||||
|
@ -314,7 +314,6 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci,
|
|||||||
if ((fscrypt_policy_contents_mode(&ci->ci_policy) ==
|
if ((fscrypt_policy_contents_mode(&ci->ci_policy) ==
|
||||||
FSCRYPT_MODE_PRIVATE) &&
|
FSCRYPT_MODE_PRIVATE) &&
|
||||||
fscrypt_using_inline_encryption(ci)) {
|
fscrypt_using_inline_encryption(ci)) {
|
||||||
ci->ci_owns_key = true;
|
|
||||||
if (ci->ci_policy.v1.flags &
|
if (ci->ci_policy.v1.flags &
|
||||||
FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) {
|
FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) {
|
||||||
union {
|
union {
|
||||||
@ -353,11 +352,8 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci,
|
|||||||
for (i = 0; i < ARRAY_SIZE(key_new.words); i++)
|
for (i = 0; i < ARRAY_SIZE(key_new.words); i++)
|
||||||
__cpu_to_be32s(&key_new.words[i]);
|
__cpu_to_be32s(&key_new.words[i]);
|
||||||
|
|
||||||
err = fscrypt_prepare_inline_crypt_key(&ci->ci_key,
|
err = setup_v1_file_key_direct(ci, key_new.bytes);
|
||||||
key_new.bytes,
|
|
||||||
ci->ci_mode->keysize,
|
|
||||||
false,
|
|
||||||
ci);
|
|
||||||
if (derived_key)
|
if (derived_key)
|
||||||
kzfree(derived_key);
|
kzfree(derived_key);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user