• Eric Biggers's avatar
    fscrypt: stop pretending that key setup is nofs-safe · 9dad5feb
    Eric Biggers authored
    fscrypt_get_encryption_info() has never actually been safe to call in a
    context that needs GFP_NOFS, since it calls crypto_alloc_skcipher().
    
    crypto_alloc_skcipher() isn't GFP_NOFS-safe, even if called under
    memalloc_nofs_save().  This is because it may load kernel modules, and
    also because it internally takes crypto_alg_sem.  Other tasks can do
    GFP_KERNEL allocations while holding crypto_alg_sem for write.
    
    The use of fscrypt_init_mutex isn't GFP_NOFS-safe either.
    
    So, stop pretending that fscrypt_get_encryption_info() is nofs-safe.
    I.e., when it allocates memory, just use GFP_KERNEL instead of GFP_NOFS.
    
    Note, another reason to do this is that GFP_NOFS is deprecated in favor
    of using memalloc_nofs_save() in the proper places.
    Acked-by: default avatarJeff Layton <jlayton@kernel.org>
    Link: https://lore.kernel.org/r/20200917041136.178600-10-ebiggers@kernel.orgSigned-off-by: default avatarEric Biggers <ebiggers@google.com>
    9dad5feb
keysetup_v1.c 9.29 KB