diff options
author | Tyler Hicks <tyhicks@linux.vnet.ibm.com> | 2010-02-11 01:02:32 -0500 |
---|---|---|
committer | Tyler Hicks <tyhicks@linux.vnet.ibm.com> | 2010-03-23 13:31:35 -0400 |
commit | f4e60e6b303bc46cdc477d3174dbf9cb5dd013aa (patch) | |
tree | 36abefd614efd86f97ac812f57c86a583c7e484a | |
parent | 1984c23f9e0cdb432d90a85ecf88b424d36878fc (diff) |
eCryptfs: Strip metadata in xattr flag in encrypted view
The ecryptfs_encrypted_view mount option provides a unified way of
viewing encrypted eCryptfs files. If the metadata is stored in a xattr,
the metadata is moved to the file header when the file is read inside
the eCryptfs mount. Because of this, we should strip the
ECRYPTFS_METADATA_IN_XATTR flag from the header's flag section. This
allows eCryptfs to treat the file as an eCryptfs file with a header
at the front.
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
-rw-r--r-- | fs/ecryptfs/crypto.c | 9 | ||||
-rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 3 | ||||
-rw-r--r-- | fs/ecryptfs/mmap.c | 14 |
3 files changed, 22 insertions, 4 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 4d9db0ed88ea..fad5bf6a6116 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
@@ -1107,9 +1107,9 @@ static void write_ecryptfs_marker(char *page_virt, size_t *written) | |||
1107 | (*written) = MAGIC_ECRYPTFS_MARKER_SIZE_BYTES; | 1107 | (*written) = MAGIC_ECRYPTFS_MARKER_SIZE_BYTES; |
1108 | } | 1108 | } |
1109 | 1109 | ||
1110 | static void | 1110 | void ecryptfs_write_crypt_stat_flags(char *page_virt, |
1111 | write_ecryptfs_flags(char *page_virt, struct ecryptfs_crypt_stat *crypt_stat, | 1111 | struct ecryptfs_crypt_stat *crypt_stat, |
1112 | size_t *written) | 1112 | size_t *written) |
1113 | { | 1113 | { |
1114 | u32 flags = 0; | 1114 | u32 flags = 0; |
1115 | int i; | 1115 | int i; |
@@ -1290,7 +1290,8 @@ static int ecryptfs_write_headers_virt(char *page_virt, size_t max, | |||
1290 | offset = ECRYPTFS_FILE_SIZE_BYTES; | 1290 | offset = ECRYPTFS_FILE_SIZE_BYTES; |
1291 | write_ecryptfs_marker((page_virt + offset), &written); | 1291 | write_ecryptfs_marker((page_virt + offset), &written); |
1292 | offset += written; | 1292 | offset += written; |
1293 | write_ecryptfs_flags((page_virt + offset), crypt_stat, &written); | 1293 | ecryptfs_write_crypt_stat_flags((page_virt + offset), crypt_stat, |
1294 | &written); | ||
1294 | offset += written; | 1295 | offset += written; |
1295 | ecryptfs_write_header_metadata((page_virt + offset), crypt_stat, | 1296 | ecryptfs_write_header_metadata((page_virt + offset), crypt_stat, |
1296 | &written); | 1297 | &written); |
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index d031efd7666b..bc7115403f38 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h | |||
@@ -659,6 +659,9 @@ int ecryptfs_decrypt_page(struct page *page); | |||
659 | int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry); | 659 | int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry); |
660 | int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry); | 660 | int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry); |
661 | int ecryptfs_new_file_context(struct dentry *ecryptfs_dentry); | 661 | int ecryptfs_new_file_context(struct dentry *ecryptfs_dentry); |
662 | void ecryptfs_write_crypt_stat_flags(char *page_virt, | ||
663 | struct ecryptfs_crypt_stat *crypt_stat, | ||
664 | size_t *written); | ||
662 | int ecryptfs_read_and_validate_header_region(char *data, | 665 | int ecryptfs_read_and_validate_header_region(char *data, |
663 | struct inode *ecryptfs_inode); | 666 | struct inode *ecryptfs_inode); |
664 | int ecryptfs_read_and_validate_xattr_region(char *page_virt, | 667 | int ecryptfs_read_and_validate_xattr_region(char *page_virt, |
diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c index 270f42ae7c0d..bea998a25afd 100644 --- a/fs/ecryptfs/mmap.c +++ b/fs/ecryptfs/mmap.c | |||
@@ -82,6 +82,19 @@ out: | |||
82 | return rc; | 82 | return rc; |
83 | } | 83 | } |
84 | 84 | ||
85 | static void strip_xattr_flag(char *page_virt, | ||
86 | struct ecryptfs_crypt_stat *crypt_stat) | ||
87 | { | ||
88 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) { | ||
89 | size_t written; | ||
90 | |||
91 | crypt_stat->flags &= ~ECRYPTFS_METADATA_IN_XATTR; | ||
92 | ecryptfs_write_crypt_stat_flags(page_virt, crypt_stat, | ||
93 | &written); | ||
94 | crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; | ||
95 | } | ||
96 | } | ||
97 | |||
85 | /** | 98 | /** |
86 | * Header Extent: | 99 | * Header Extent: |
87 | * Octets 0-7: Unencrypted file size (big-endian) | 100 | * Octets 0-7: Unencrypted file size (big-endian) |
@@ -136,6 +149,7 @@ ecryptfs_copy_up_encrypted_with_header(struct page *page, | |||
136 | 149 | ||
137 | rc = ecryptfs_read_xattr_region( | 150 | rc = ecryptfs_read_xattr_region( |
138 | page_virt, page->mapping->host); | 151 | page_virt, page->mapping->host); |
152 | strip_xattr_flag(page_virt + 16, crypt_stat); | ||
139 | ecryptfs_write_header_metadata(page_virt + 20, | 153 | ecryptfs_write_header_metadata(page_virt + 20, |
140 | crypt_stat, | 154 | crypt_stat, |
141 | &written); | 155 | &written); |