aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@us.ibm.com>2008-07-24 00:30:08 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-07-24 13:47:31 -0400
commit391b52f98cf2e9bff227dad8bf9ea206fec43fa4 (patch)
tree40eb4e0d6d399d9b98b791db497097a1ff44894e /fs/ecryptfs
parent72b55fffd631a89e5be6fe1b4f2565bc4cd90deb (diff)
eCryptfs: Make all persistent file opens delayed
There is no good reason to immediately open the lower file, and that can cause problems with files that the user does not intend to immediately open, such as device nodes. This patch removes the persistent file open from the interpose step and pushes that to the locations where eCryptfs really does need the lower persistent file, such as just before reading or writing the metadata stored in the lower file header. Two functions are jumping to out_dput when they should just be jumping to out on error paths. This patch also fixes these. Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/ecryptfs')
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h2
-rw-r--r--fs/ecryptfs/file.c4
-rw-r--r--fs/ecryptfs/inode.c27
-rw-r--r--fs/ecryptfs/main.c16
4 files changed, 23 insertions, 26 deletions
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index b0727f91454e..b73fb752c5f8 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -235,7 +235,6 @@ struct ecryptfs_crypt_stat {
235#define ECRYPTFS_METADATA_IN_XATTR 0x00000100 235#define ECRYPTFS_METADATA_IN_XATTR 0x00000100
236#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200 236#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200
237#define ECRYPTFS_KEY_SET 0x00000400 237#define ECRYPTFS_KEY_SET 0x00000400
238#define ECRYPTFS_DELAY_PERSISTENT 0x00000800
239 u32 flags; 238 u32 flags;
240 unsigned int file_version; 239 unsigned int file_version;
241 size_t iv_bytes; 240 size_t iv_bytes;
@@ -576,7 +575,6 @@ struct ecryptfs_open_req {
576}; 575};
577 576
578#define ECRYPTFS_INTERPOSE_FLAG_D_ADD 0x00000001 577#define ECRYPTFS_INTERPOSE_FLAG_D_ADD 0x00000001
579#define ECRYPTFS_INTERPOSE_FLAG_DELAY_PERSISTENT_FILE 0x00000002
580int ecryptfs_interpose(struct dentry *hidden_dentry, 578int ecryptfs_interpose(struct dentry *hidden_dentry,
581 struct dentry *this_dentry, struct super_block *sb, 579 struct dentry *this_dentry, struct super_block *sb,
582 u32 flags); 580 u32 flags);
diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c
index 2c2d60df3f60..9244d653743e 100644
--- a/fs/ecryptfs/file.c
+++ b/fs/ecryptfs/file.c
@@ -200,10 +200,6 @@ static int ecryptfs_open(struct inode *inode, struct file *file)
200 goto out; 200 goto out;
201 } 201 }
202 if (!ecryptfs_inode_to_private(inode)->lower_file) { 202 if (!ecryptfs_inode_to_private(inode)->lower_file) {
203 BUG_ON(!(crypt_stat->flags & ECRYPTFS_DELAY_PERSISTENT));
204 mutex_lock(&crypt_stat->cs_mutex);
205 crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
206 mutex_unlock(&crypt_stat->cs_mutex);
207 rc = ecryptfs_init_persistent_file(ecryptfs_dentry); 203 rc = ecryptfs_init_persistent_file(ecryptfs_dentry);
208 if (rc) { 204 if (rc) {
209 printk(KERN_ERR "%s: Error attempting to initialize " 205 printk(KERN_ERR "%s: Error attempting to initialize "
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
index 26090878c930..d755455e3bff 100644
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -189,6 +189,16 @@ static int ecryptfs_initialize_file(struct dentry *ecryptfs_dentry)
189 "context; rc = [%d]\n", rc); 189 "context; rc = [%d]\n", rc);
190 goto out; 190 goto out;
191 } 191 }
192 if (!ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->lower_file) {
193 rc = ecryptfs_init_persistent_file(ecryptfs_dentry);
194 if (rc) {
195 printk(KERN_ERR "%s: Error attempting to initialize "
196 "the persistent file for the dentry with name "
197 "[%s]; rc = [%d]\n", __func__,
198 ecryptfs_dentry->d_name.name, rc);
199 goto out;
200 }
201 }
192 rc = ecryptfs_write_metadata(ecryptfs_dentry); 202 rc = ecryptfs_write_metadata(ecryptfs_dentry);
193 if (rc) { 203 if (rc) {
194 printk(KERN_ERR "Error writing headers; rc = [%d]\n", rc); 204 printk(KERN_ERR "Error writing headers; rc = [%d]\n", rc);
@@ -312,7 +322,7 @@ static struct dentry *ecryptfs_lookup(struct inode *dir, struct dentry *dentry,
312 ECRYPTFS_INTERPOSE_FLAG_D_ADD); 322 ECRYPTFS_INTERPOSE_FLAG_D_ADD);
313 if (rc) { 323 if (rc) {
314 ecryptfs_printk(KERN_ERR, "Error interposing\n"); 324 ecryptfs_printk(KERN_ERR, "Error interposing\n");
315 goto out_dput; 325 goto out;
316 } 326 }
317 if (S_ISDIR(lower_inode->i_mode)) { 327 if (S_ISDIR(lower_inode->i_mode)) {
318 ecryptfs_printk(KERN_DEBUG, "Is a directory; returning\n"); 328 ecryptfs_printk(KERN_DEBUG, "Is a directory; returning\n");
@@ -338,11 +348,21 @@ static struct dentry *ecryptfs_lookup(struct inode *dir, struct dentry *dentry,
338 rc = -ENOMEM; 348 rc = -ENOMEM;
339 ecryptfs_printk(KERN_ERR, 349 ecryptfs_printk(KERN_ERR,
340 "Cannot ecryptfs_kmalloc a page\n"); 350 "Cannot ecryptfs_kmalloc a page\n");
341 goto out_dput; 351 goto out;
342 } 352 }
343 crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; 353 crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat;
344 if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) 354 if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED))
345 ecryptfs_set_default_sizes(crypt_stat); 355 ecryptfs_set_default_sizes(crypt_stat);
356 if (!ecryptfs_inode_to_private(dentry->d_inode)->lower_file) {
357 rc = ecryptfs_init_persistent_file(dentry);
358 if (rc) {
359 printk(KERN_ERR "%s: Error attempting to initialize "
360 "the persistent file for the dentry with name "
361 "[%s]; rc = [%d]\n", __func__,
362 dentry->d_name.name, rc);
363 goto out;
364 }
365 }
346 rc = ecryptfs_read_and_validate_header_region(page_virt, 366 rc = ecryptfs_read_and_validate_header_region(page_virt,
347 dentry->d_inode); 367 dentry->d_inode);
348 if (rc) { 368 if (rc) {
@@ -538,8 +558,7 @@ ecryptfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
538 rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev); 558 rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev);
539 if (rc || !lower_dentry->d_inode) 559 if (rc || !lower_dentry->d_inode)
540 goto out; 560 goto out;
541 rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 561 rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
542 ECRYPTFS_INTERPOSE_FLAG_DELAY_PERSISTENT_FILE);
543 if (rc) 562 if (rc)
544 goto out; 563 goto out;
545 fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode); 564 fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode);
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index ee4f84b20410..6f403cfba14f 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -201,22 +201,6 @@ int ecryptfs_interpose(struct dentry *lower_dentry, struct dentry *dentry,
201 /* This size will be overwritten for real files w/ headers and 201 /* This size will be overwritten for real files w/ headers and
202 * other metadata */ 202 * other metadata */
203 fsstack_copy_inode_size(inode, lower_inode); 203 fsstack_copy_inode_size(inode, lower_inode);
204 if (!(flags & ECRYPTFS_INTERPOSE_FLAG_DELAY_PERSISTENT_FILE)) {
205 rc = ecryptfs_init_persistent_file(dentry);
206 if (rc) {
207 printk(KERN_ERR "%s: Error attempting to initialize "
208 "the persistent file for the dentry with name "
209 "[%s]; rc = [%d]\n", __func__,
210 dentry->d_name.name, rc);
211 goto out;
212 }
213 } else {
214 struct ecryptfs_inode_info *inode_info =
215 ecryptfs_inode_to_private(dentry->d_inode);
216
217 inode_info->lower_file = NULL;
218 inode_info->crypt_stat.flags |= ECRYPTFS_DELAY_PERSISTENT;
219 }
220out: 204out:
221 return rc; 205 return rc;
222} 206}
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-10 06:10:29 -0500