eCryptfs: make ecryptfs_prepare_write decrypt the page

When the page is not up to date, ecryptfs_prepare_write() should be acting much like ecryptfs_readpage(). This includes the painfully obvious step of actually decrypting the page contents read from the lower encrypted file. Note that this patch resolves a bug in eCryptfs in 2.6.24 that one can produce with these steps: # mount -t ecryptfs /secret /secret # echo "abc" > /secret/file.txt # umount /secret # mount -t ecryptfs /secret /secret # echo "def" >> /secret/file.txt # cat /secret/file.txt Without this patch, the resulting data returned from cat is likely to be something other than "abc\ndef\n". (Thanks to Benedikt Driessen for reporting this.) Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Cc: Benedikt Driessen <bdriessen@escrypt.com> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
author: Michael Halcrow <mhalcrow@us.ibm.com> 2008-03-04 17:29:24 -0500
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> 2008-03-04 19:35:16 -0500
commit: e4465fdaeb3f7b5ef47f389d3eac76db79ff20d8 (patch)
tree: 11dd43980a7df9ba7875a4d5fb55085d152bbdc6 /fs
parent: 87ffbe679e21cbf82ff8e3302520ff0ea2beed9a (diff)
1 files changed, 76 insertions, 26 deletions
diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c
index dc74b186145..6df1debdccc 100644
--- a/fs/ecryptfs/mmap.c
+++ b/fs/ecryptfs/mmap.c
@@ -263,52 +263,102 @@ out:
        return 0;
 }
-/* This function must zero any hole we create */
+/**
+ * ecryptfs_prepare_write
+ * @file: The eCryptfs file
+ * @page: The eCryptfs page
+ * @from: The start byte from which we will write
+ * @to: The end byte to which we will write
+ *
+ * This function must zero any hole we create
+ *
+ * Returns zero on success; non-zero otherwise
+ */
 static int ecryptfs_prepare_write(struct file *file, struct page *page,
                                  unsigned from, unsigned to)
 {
-        int rc = 0;
        loff_t prev_page_end_size;
+        int rc = 0;
        if (!PageUptodate(page)) {
-                rc = ecryptfs_read_lower_page_segment(page, page->index, 0,
+                struct ecryptfs_crypt_stat *crypt_stat =
-                                                      PAGE_CACHE_SIZE,
+                        &ecryptfs_inode_to_private(
-                                                      page->mapping->host);
+                                file->f_path.dentry->d_inode)->crypt_stat;
-                if (rc) {
-                        printk(KERN_ERR "%s: Error attemping to read lower "
+                if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)
-                               "page segment; rc = [%d]\n", __FUNCTION__, rc);
+                    || (crypt_stat->flags & ECRYPTFS_NEW_FILE)) {
-                        ClearPageUptodate(page);
+                        rc = ecryptfs_read_lower_page_segment(
-                        goto out;
+                                page, page->index, 0, PAGE_CACHE_SIZE,
-                } else
+                                page->mapping->host);
+                        if (rc) {
+                                printk(KERN_ERR "%s: Error attemping to read "
+                                       "lower page segment; rc = [%d]\n",
+                                       __FUNCTION__, rc);
+                                ClearPageUptodate(page);
+                                goto out;
+                        } else
+                                SetPageUptodate(page);
+                } else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) {
+                        if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
+                                rc = ecryptfs_copy_up_encrypted_with_header(
+                                        page, crypt_stat);
+                                if (rc) {
+                                        printk(KERN_ERR "%s: Error attempting "
+                                               "to copy the encrypted content "
+                                               "from the lower file whilst "
+                                               "inserting the metadata from "
+                                               "the xattr into the header; rc "
+                                               "= [%d]\n", __FUNCTION__, rc);
+                                        ClearPageUptodate(page);
+                                        goto out;
+                                }
+                                SetPageUptodate(page);
+                        } else {
+                                rc = ecryptfs_read_lower_page_segment(
+                                        page, page->index, 0, PAGE_CACHE_SIZE,
+                                        page->mapping->host);
+                                if (rc) {
+                                        printk(KERN_ERR "%s: Error reading "
+                                               "page; rc = [%d]\n",
+                                               __FUNCTION__, rc);
+                                        ClearPageUptodate(page);
+                                        goto out;
+                                }
+                                SetPageUptodate(page);
+                        }
+                } else {
+                        rc = ecryptfs_decrypt_page(page);
+                        if (rc) {
+                                printk(KERN_ERR "%s: Error decrypting page "
+                                       "at index [%ld]; rc = [%d]\n",
+                                       __FUNCTION__, page->index, rc);
+                                ClearPageUptodate(page);
+                                goto out;
+                        }
                        SetPageUptodate(page);
+                }
        }
        prev_page_end_size = ((loff_t)page->index << PAGE_CACHE_SHIFT);
+        /* If creating a page or more of holes, zero them out via truncate.
-        /*
+         * Note, this will increase i_size. */
-         * If creating a page or more of holes, zero them out via truncate.
-         * Note, this will increase i_size.
-         */
        if (page->index != 0) {
                if (prev_page_end_size > i_size_read(page->mapping->host)) {
                        rc = ecryptfs_truncate(file->f_path.dentry,
                                               prev_page_end_size);
                        if (rc) {
-                                printk(KERN_ERR "Error on attempt to "
+                                printk(KERN_ERR "%s: Error on attempt to "
                                       "truncate to (higher) offset [%lld];"
-                                       " rc = [%d]\n", prev_page_end_size, rc);
+                                       " rc = [%d]\n", __FUNCTION__,
+                                       prev_page_end_size, rc);
                                goto out;
                        }
                }
        }
-        /*
+        /* Writing to a new page, and creating a small hole from start
-         * Writing to a new page, and creating a small hole from start of page?
+         * of page?  Zero it out. */
-         * Zero it out.
+        if ((i_size_read(page->mapping->host) == prev_page_end_size)
-         */
+            && (from != 0))
-        if ((i_size_read(page->mapping->host) == prev_page_end_size) &&
-            (from != 0)) {
                zero_user(page, 0, PAGE_CACHE_SIZE);
-        }
 out:
        return rc;
 }
author	Michael Halcrow <mhalcrow@us.ibm.com>	2008-03-04 17:29:24 -0500
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	2008-03-04 19:35:16 -0500
commit	e4465fdaeb3f7b5ef47f389d3eac76db79ff20d8 (patch)
tree	11dd43980a7df9ba7875a4d5fb55085d152bbdc6 /fs
parent	87ffbe679e21cbf82ff8e3302520ff0ea2beed9a (diff)

diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c index dc74b186145..6df1debdccc 100644 --- a/fs/ecryptfs/mmap.c +++ b/fs/ecryptfs/mmap.c
@@ -263,52 +263,102 @@ out:
263	return 0;	263	return 0;
264	}	264	}
265		265
266	/* This function must zero any hole we create */	266	/**
		267	* ecryptfs_prepare_write
		268	* @file: The eCryptfs file
		269	* @page: The eCryptfs page
		270	* @from: The start byte from which we will write
		271	* @to: The end byte to which we will write
		272	*
		273	* This function must zero any hole we create
		274	*
		275	* Returns zero on success; non-zero otherwise
		276	*/
267	static int ecryptfs_prepare_write(struct file file, struct page page,	277	static int ecryptfs_prepare_write(struct file file, struct page page,
268	unsigned from, unsigned to)	278	unsigned from, unsigned to)
269	{	279	{
270	int rc = 0;
271	loff_t prev_page_end_size;	280	loff_t prev_page_end_size;
		281	int rc = 0;
272		282
273	if (!PageUptodate(page)) {	283	if (!PageUptodate(page)) {
274	rc = ecryptfs_read_lower_page_segment(page, page->index, 0,	284	struct ecryptfs_crypt_stat *crypt_stat =
275	PAGE_CACHE_SIZE,	285	&ecryptfs_inode_to_private(
276	page->mapping->host);	286	file->f_path.dentry->d_inode)->crypt_stat;
277	if (rc) {	287
278	printk(KERN_ERR "%s: Error attemping to read lower "	288	if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)
279	"page segment; rc = [%d]\n", __FUNCTION__, rc);	289	\|\| (crypt_stat->flags & ECRYPTFS_NEW_FILE)) {
280	ClearPageUptodate(page);	290	rc = ecryptfs_read_lower_page_segment(
281	goto out;	291	page, page->index, 0, PAGE_CACHE_SIZE,
282	} else	292	page->mapping->host);
		293	if (rc) {
		294	printk(KERN_ERR "%s: Error attemping to read "
		295	"lower page segment; rc = [%d]\n",
		296	__FUNCTION__, rc);
		297	ClearPageUptodate(page);
		298	goto out;
		299	} else
		300	SetPageUptodate(page);
		301	} else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) {
		302	if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
		303	rc = ecryptfs_copy_up_encrypted_with_header(
		304	page, crypt_stat);
		305	if (rc) {
		306	printk(KERN_ERR "%s: Error attempting "
		307	"to copy the encrypted content "
		308	"from the lower file whilst "
		309	"inserting the metadata from "
		310	"the xattr into the header; rc "
		311	"= [%d]\n", __FUNCTION__, rc);
		312	ClearPageUptodate(page);
		313	goto out;
		314	}
		315	SetPageUptodate(page);
		316	} else {
		317	rc = ecryptfs_read_lower_page_segment(
		318	page, page->index, 0, PAGE_CACHE_SIZE,
		319	page->mapping->host);
		320	if (rc) {
		321	printk(KERN_ERR "%s: Error reading "
		322	"page; rc = [%d]\n",
		323	__FUNCTION__, rc);
		324	ClearPageUptodate(page);
		325	goto out;
		326	}
		327	SetPageUptodate(page);
		328	}
		329	} else {
		330	rc = ecryptfs_decrypt_page(page);
		331	if (rc) {
		332	printk(KERN_ERR "%s: Error decrypting page "
		333	"at index [%ld]; rc = [%d]\n",
		334	__FUNCTION__, page->index, rc);
		335	ClearPageUptodate(page);
		336	goto out;
		337	}
283	SetPageUptodate(page);	338	SetPageUptodate(page);
		339	}
284	}	340	}
285
286	prev_page_end_size = ((loff_t)page->index << PAGE_CACHE_SHIFT);	341	prev_page_end_size = ((loff_t)page->index << PAGE_CACHE_SHIFT);
287		342	/* If creating a page or more of holes, zero them out via truncate.
288	/*	343	* Note, this will increase i_size. */
289	* If creating a page or more of holes, zero them out via truncate.
290	* Note, this will increase i_size.
291	*/
292	if (page->index != 0) {	344	if (page->index != 0) {
293	if (prev_page_end_size > i_size_read(page->mapping->host)) {	345	if (prev_page_end_size > i_size_read(page->mapping->host)) {
294	rc = ecryptfs_truncate(file->f_path.dentry,	346	rc = ecryptfs_truncate(file->f_path.dentry,
295	prev_page_end_size);	347	prev_page_end_size);
296	if (rc) {	348	if (rc) {
297	printk(KERN_ERR "Error on attempt to "	349	printk(KERN_ERR "%s: Error on attempt to "
298	"truncate to (higher) offset [%lld];"	350	"truncate to (higher) offset [%lld];"
299	" rc = [%d]\n", prev_page_end_size, rc);	351	" rc = [%d]\n", __FUNCTION__,
		352	prev_page_end_size, rc);
300	goto out;	353	goto out;
301	}	354	}
302	}	355	}
303	}	356	}
304	/*	357	/* Writing to a new page, and creating a small hole from start
305	* Writing to a new page, and creating a small hole from start of page?	358	* of page? Zero it out. */
306	* Zero it out.	359	if ((i_size_read(page->mapping->host) == prev_page_end_size)
307	*/	360	&& (from != 0))
308	if ((i_size_read(page->mapping->host) == prev_page_end_size) &&
309	(from != 0)) {
310	zero_user(page, 0, PAGE_CACHE_SIZE);	361	zero_user(page, 0, PAGE_CACHE_SIZE);
311	}
312	out:	362	out:
313	return rc;	363	return rc;
314	}	364	}