diff options
| author | Tyler Hicks <tyhicks@linux.vnet.ibm.com> | 2009-03-13 16:51:59 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-03-14 14:57:22 -0400 |
| commit | 84814d642a4f1f294bd675ab11aae1ca54c6cedb (patch) | |
| tree | 4ae91cce54c8d9578dc3217b6454a921b91833a3 /fs | |
| parent | 15e7b8767605dc0cb9bd4594caabfec392385210 (diff) | |
eCryptfs: don't encrypt file key with filename key
eCryptfs has file encryption keys (FEK), file encryption key encryption
keys (FEKEK), and filename encryption keys (FNEK). The per-file FEK is
encrypted with one or more FEKEKs and stored in the header of the
encrypted file. I noticed that the FEK is also being encrypted by the
FNEK. This is a problem if a user wants to use a different FNEK than
their FEKEK, as their file contents will still be accessible with the
FNEK.
This is a minimalistic patch which prevents the FNEKs signatures from
being copied to the inode signatures list. Ultimately, it keeps the FEK
from being encrypted with a FNEK.
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Cc: Serge Hallyn <serue@us.ibm.com>
Acked-by: Dustin Kirkland <kirkland@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/ecryptfs/crypto.c | 2 | ||||
| -rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 3 | ||||
| -rw-r--r-- | fs/ecryptfs/keystore.c | 3 | ||||
| -rw-r--r-- | fs/ecryptfs/main.c | 5 |
4 files changed, 9 insertions, 4 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index f6caeb1d1106..bdca1f4b3a3e 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
| @@ -946,6 +946,8 @@ static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs( | |||
| 946 | list_for_each_entry(global_auth_tok, | 946 | list_for_each_entry(global_auth_tok, |
| 947 | &mount_crypt_stat->global_auth_tok_list, | 947 | &mount_crypt_stat->global_auth_tok_list, |
| 948 | mount_crypt_stat_list) { | 948 | mount_crypt_stat_list) { |
| 949 | if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK) | ||
| 950 | continue; | ||
| 949 | rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); | 951 | rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); |
| 950 | if (rc) { | 952 | if (rc) { |
| 951 | printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); | 953 | printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); |
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index c11fc95714ab..eb2267eca1fe 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h | |||
| @@ -328,6 +328,7 @@ struct ecryptfs_dentry_info { | |||
| 328 | */ | 328 | */ |
| 329 | struct ecryptfs_global_auth_tok { | 329 | struct ecryptfs_global_auth_tok { |
| 330 | #define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 | 330 | #define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 |
| 331 | #define ECRYPTFS_AUTH_TOK_FNEK 0x00000002 | ||
| 331 | u32 flags; | 332 | u32 flags; |
| 332 | struct list_head mount_crypt_stat_list; | 333 | struct list_head mount_crypt_stat_list; |
| 333 | struct key *global_auth_tok_key; | 334 | struct key *global_auth_tok_key; |
| @@ -696,7 +697,7 @@ ecryptfs_write_header_metadata(char *virt, | |||
| 696 | int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig); | 697 | int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig); |
| 697 | int | 698 | int |
| 698 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, | 699 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, |
| 699 | char *sig); | 700 | char *sig, u32 global_auth_tok_flags); |
| 700 | int ecryptfs_get_global_auth_tok_for_sig( | 701 | int ecryptfs_get_global_auth_tok_for_sig( |
| 701 | struct ecryptfs_global_auth_tok **global_auth_tok, | 702 | struct ecryptfs_global_auth_tok **global_auth_tok, |
| 702 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig); | 703 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig); |
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c index ff539420cc6f..e4a6223c3145 100644 --- a/fs/ecryptfs/keystore.c +++ b/fs/ecryptfs/keystore.c | |||
| @@ -2375,7 +2375,7 @@ struct kmem_cache *ecryptfs_global_auth_tok_cache; | |||
| 2375 | 2375 | ||
| 2376 | int | 2376 | int |
| 2377 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, | 2377 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, |
| 2378 | char *sig) | 2378 | char *sig, u32 global_auth_tok_flags) |
| 2379 | { | 2379 | { |
| 2380 | struct ecryptfs_global_auth_tok *new_auth_tok; | 2380 | struct ecryptfs_global_auth_tok *new_auth_tok; |
| 2381 | int rc = 0; | 2381 | int rc = 0; |
| @@ -2389,6 +2389,7 @@ ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, | |||
| 2389 | goto out; | 2389 | goto out; |
| 2390 | } | 2390 | } |
| 2391 | memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); | 2391 | memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); |
| 2392 | new_auth_tok->flags = global_auth_tok_flags; | ||
| 2392 | new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; | 2393 | new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; |
| 2393 | mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); | 2394 | mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); |
| 2394 | list_add(&new_auth_tok->mount_crypt_stat_list, | 2395 | list_add(&new_auth_tok->mount_crypt_stat_list, |
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index 789cf2e1be1e..aed56c25539b 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c | |||
| @@ -319,7 +319,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
| 319 | case ecryptfs_opt_ecryptfs_sig: | 319 | case ecryptfs_opt_ecryptfs_sig: |
| 320 | sig_src = args[0].from; | 320 | sig_src = args[0].from; |
| 321 | rc = ecryptfs_add_global_auth_tok(mount_crypt_stat, | 321 | rc = ecryptfs_add_global_auth_tok(mount_crypt_stat, |
| 322 | sig_src); | 322 | sig_src, 0); |
| 323 | if (rc) { | 323 | if (rc) { |
| 324 | printk(KERN_ERR "Error attempting to register " | 324 | printk(KERN_ERR "Error attempting to register " |
| 325 | "global sig; rc = [%d]\n", rc); | 325 | "global sig; rc = [%d]\n", rc); |
| @@ -370,7 +370,8 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
| 370 | ECRYPTFS_SIG_SIZE_HEX] = '\0'; | 370 | ECRYPTFS_SIG_SIZE_HEX] = '\0'; |
| 371 | rc = ecryptfs_add_global_auth_tok( | 371 | rc = ecryptfs_add_global_auth_tok( |
| 372 | mount_crypt_stat, | 372 | mount_crypt_stat, |
| 373 | mount_crypt_stat->global_default_fnek_sig); | 373 | mount_crypt_stat->global_default_fnek_sig, |
| 374 | ECRYPTFS_AUTH_TOK_FNEK); | ||
| 374 | if (rc) { | 375 | if (rc) { |
| 375 | printk(KERN_ERR "Error attempting to register " | 376 | printk(KERN_ERR "Error attempting to register " |
| 376 | "global fnek sig [%s]; rc = [%d]\n", | 377 | "global fnek sig [%s]; rc = [%d]\n", |