diff options
author | Tyler Hicks <tyhicks@linux.vnet.ibm.com> | 2010-08-25 11:26:37 -0400 |
---|---|---|
committer | Tyler Hicks <tyhicks@linux.vnet.ibm.com> | 2010-08-27 11:50:53 -0400 |
commit | 93c3fe40c279f002906ad14584c30671097d4394 (patch) | |
tree | 9e18819c7abfe2bc6b15e924236efd36a0601780 /fs | |
parent | 7371a38201d04124a9ff2cf05059731d7c1e35a5 (diff) |
eCryptfs: Fix encrypted file name lookup regression
Fixes a regression caused by 21edad32205e97dc7ccb81a85234c77e760364c8
When file name encryption was enabled, ecryptfs_lookup() failed to use
the encrypted and encoded version of the upper, plaintext, file name
when performing a lookup in the lower file system. This made it
impossible to lookup existing encrypted file names and any newly created
files would have plaintext file names in the lower file system.
https://bugs.launchpad.net/ecryptfs/+bug/623087
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/ecryptfs/crypto.c | 1 | ||||
-rw-r--r-- | fs/ecryptfs/inode.c | 31 |
2 files changed, 24 insertions, 8 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 13ff48b3eacb..cbadc1bee6e7 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
@@ -2169,7 +2169,6 @@ int ecryptfs_encrypt_and_encode_filename( | |||
2169 | (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE | 2169 | (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE |
2170 | + encoded_name_no_prefix_size); | 2170 | + encoded_name_no_prefix_size); |
2171 | (*encoded_name)[(*encoded_name_size)] = '\0'; | 2171 | (*encoded_name)[(*encoded_name_size)] = '\0'; |
2172 | (*encoded_name_size)++; | ||
2173 | } else { | 2172 | } else { |
2174 | rc = -EOPNOTSUPP; | 2173 | rc = -EOPNOTSUPP; |
2175 | } | 2174 | } |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 6c55113e7222..3fbc94203380 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c | |||
@@ -349,7 +349,7 @@ out: | |||
349 | 349 | ||
350 | /** | 350 | /** |
351 | * ecryptfs_new_lower_dentry | 351 | * ecryptfs_new_lower_dentry |
352 | * @ename: The name of the new dentry. | 352 | * @name: The name of the new dentry. |
353 | * @lower_dir_dentry: Parent directory of the new dentry. | 353 | * @lower_dir_dentry: Parent directory of the new dentry. |
354 | * @nd: nameidata from last lookup. | 354 | * @nd: nameidata from last lookup. |
355 | * | 355 | * |
@@ -386,20 +386,19 @@ ecryptfs_new_lower_dentry(struct qstr *name, struct dentry *lower_dir_dentry, | |||
386 | * ecryptfs_lookup_one_lower | 386 | * ecryptfs_lookup_one_lower |
387 | * @ecryptfs_dentry: The eCryptfs dentry that we are looking up | 387 | * @ecryptfs_dentry: The eCryptfs dentry that we are looking up |
388 | * @lower_dir_dentry: lower parent directory | 388 | * @lower_dir_dentry: lower parent directory |
389 | * @name: lower file name | ||
389 | * | 390 | * |
390 | * Get the lower dentry from vfs. If lower dentry does not exist yet, | 391 | * Get the lower dentry from vfs. If lower dentry does not exist yet, |
391 | * create it. | 392 | * create it. |
392 | */ | 393 | */ |
393 | static struct dentry * | 394 | static struct dentry * |
394 | ecryptfs_lookup_one_lower(struct dentry *ecryptfs_dentry, | 395 | ecryptfs_lookup_one_lower(struct dentry *ecryptfs_dentry, |
395 | struct dentry *lower_dir_dentry) | 396 | struct dentry *lower_dir_dentry, struct qstr *name) |
396 | { | 397 | { |
397 | struct nameidata nd; | 398 | struct nameidata nd; |
398 | struct vfsmount *lower_mnt; | 399 | struct vfsmount *lower_mnt; |
399 | struct qstr *name; | ||
400 | int err; | 400 | int err; |
401 | 401 | ||
402 | name = &ecryptfs_dentry->d_name; | ||
403 | lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt( | 402 | lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt( |
404 | ecryptfs_dentry->d_parent)); | 403 | ecryptfs_dentry->d_parent)); |
405 | err = vfs_path_lookup(lower_dir_dentry, lower_mnt, name->name , 0, &nd); | 404 | err = vfs_path_lookup(lower_dir_dentry, lower_mnt, name->name , 0, &nd); |
@@ -434,6 +433,7 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
434 | size_t encrypted_and_encoded_name_size; | 433 | size_t encrypted_and_encoded_name_size; |
435 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; | 434 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; |
436 | struct dentry *lower_dir_dentry, *lower_dentry; | 435 | struct dentry *lower_dir_dentry, *lower_dentry; |
436 | struct qstr lower_name; | ||
437 | int rc = 0; | 437 | int rc = 0; |
438 | 438 | ||
439 | ecryptfs_dentry->d_op = &ecryptfs_dops; | 439 | ecryptfs_dentry->d_op = &ecryptfs_dops; |
@@ -444,9 +444,17 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
444 | goto out_d_drop; | 444 | goto out_d_drop; |
445 | } | 445 | } |
446 | lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent); | 446 | lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent); |
447 | 447 | lower_name.name = ecryptfs_dentry->d_name.name; | |
448 | lower_name.len = ecryptfs_dentry->d_name.len; | ||
449 | lower_name.hash = ecryptfs_dentry->d_name.hash; | ||
450 | if (lower_dir_dentry->d_op && lower_dir_dentry->d_op->d_hash) { | ||
451 | rc = lower_dir_dentry->d_op->d_hash(lower_dir_dentry, | ||
452 | &lower_name); | ||
453 | if (rc < 0) | ||
454 | goto out_d_drop; | ||
455 | } | ||
448 | lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry, | 456 | lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry, |
449 | lower_dir_dentry); | 457 | lower_dir_dentry, &lower_name); |
450 | if (IS_ERR(lower_dentry)) { | 458 | if (IS_ERR(lower_dentry)) { |
451 | rc = PTR_ERR(lower_dentry); | 459 | rc = PTR_ERR(lower_dentry); |
452 | ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned " | 460 | ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned " |
@@ -471,8 +479,17 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
471 | "filename; rc = [%d]\n", __func__, rc); | 479 | "filename; rc = [%d]\n", __func__, rc); |
472 | goto out_d_drop; | 480 | goto out_d_drop; |
473 | } | 481 | } |
482 | lower_name.name = encrypted_and_encoded_name; | ||
483 | lower_name.len = encrypted_and_encoded_name_size; | ||
484 | lower_name.hash = full_name_hash(lower_name.name, lower_name.len); | ||
485 | if (lower_dir_dentry->d_op && lower_dir_dentry->d_op->d_hash) { | ||
486 | rc = lower_dir_dentry->d_op->d_hash(lower_dir_dentry, | ||
487 | &lower_name); | ||
488 | if (rc < 0) | ||
489 | goto out_d_drop; | ||
490 | } | ||
474 | lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry, | 491 | lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry, |
475 | lower_dir_dentry); | 492 | lower_dir_dentry, &lower_name); |
476 | if (IS_ERR(lower_dentry)) { | 493 | if (IS_ERR(lower_dentry)) { |
477 | rc = PTR_ERR(lower_dentry); | 494 | rc = PTR_ERR(lower_dentry); |
478 | ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned " | 495 | ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned " |