Merge tag 'ecryptfs-3.6-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs

Pull ecryptfs fixes from Tyler Hicks:
 - Fixes a bug when the lower filesystem mount options include 'acl',
   but the eCryptfs mount options do not
 - Cleanups in the messaging code
 - Better handling of empty files in the lower filesystem to improve
   usability.  Failed file creations are now cleaned up and empty lower
   files are converted into eCryptfs during open().
 - The write-through cache changes are being reverted due to bugs that
   are not easy to fix.  Stability outweighs the performance
   enhancements here.
 - Improvement to the mount code to catch unsupported ciphers specified
   in the mount options

* tag 'ecryptfs-3.6-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs:
  eCryptfs: check for eCryptfs cipher support at mount
  eCryptfs: Revert to a writethrough cache model
  eCryptfs: Initialize empty lower files when opening them
  eCryptfs: Unlink lower inode when ecryptfs_create() fails
  eCryptfs: Make all miscdev functions use daemon ptr in file private_data
  eCryptfs: Remove unused messaging declarations and function
  eCryptfs: Copy up POSIX ACL and read-only flags from lower mount

1 files changed, 22 insertions, 0 deletions

diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index 1c0b3b6b75c6..2768138eefee 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -279,6 +279,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options,
         char *fnek_src;
         char *cipher_key_bytes_src;
         char *fn_cipher_key_bytes_src;
+        u8 cipher_code;
 
         *check_ruid = 0;
 
@@ -420,6 +421,18 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options,
             && !fn_cipher_key_bytes_set)
                 mount_crypt_stat->global_default_fn_cipher_key_bytes =
                         mount_crypt_stat->global_default_cipher_key_size;
+
+        cipher_code = ecryptfs_code_for_cipher_string(
+                mount_crypt_stat->global_default_cipher_name,
+                mount_crypt_stat->global_default_cipher_key_size);
+        if (!cipher_code) {
+                ecryptfs_printk(KERN_ERR,
+                                "eCryptfs doesn't support cipher: %s",
+                                mount_crypt_stat->global_default_cipher_name);
+                rc = -EINVAL;
+                goto out;
+        }
+
         mutex_lock(&key_tfm_list_mutex);
         if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,
                                  NULL)) {
@@ -540,6 +553,15 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags
         }
 
         ecryptfs_set_superblock_lower(s, path.dentry->d_sb);
+
+        /**
+         * Set the POSIX ACL flag based on whether they're enabled in the lower
+         * mount. Force a read-only eCryptfs mount if the lower mount is ro.
+         * Allow a ro eCryptfs mount even when the lower mount is rw.
+         */
+        s->s_flags = flags & ~MS_POSIXACL;
+        s->s_flags |= path.dentry->d_sb->s_flags & (MS_RDONLY | MS_POSIXACL);
+
         s->s_maxbytes = path.dentry->d_sb->s_maxbytes;
         s->s_blocksize = path.dentry->d_sb->s_blocksize;
         s->s_magic = ECRYPTFS_SUPER_MAGIC;