From: Michael Halcrow <mhalcrow@us.ibm.com>
To: Andrew Morton <akpm@osdl.org>
Cc: LKML <linux-kernel@vger.kernel.org>
Subject: [PATCH] eCryptfs: Mutex fixes
Date: Tue, 15 Aug 2006 10:54:29 -0500 [thread overview]
Message-ID: <20060815155429.GA3267@us.ibm.com> (raw)
The MD5 TFM for an inode might be manipulated concurrently if two
separate reads on the same file occur. The crypt_stat struct for the
same inode may be manipulated concurrently if two open events on the
same inode occur. This patch adds mutex locks to resolve these issues.
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
---
fs/ecryptfs/crypto.c | 2 ++
fs/ecryptfs/file.c | 6 ++++++
2 files changed, 8 insertions(+), 0 deletions(-)
13663b8871df88686621ca9b701392235bf838c0
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index a7889cc..39d7ec0 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -97,6 +97,7 @@ static int ecryptfs_calculate_md5(char *
int rc = 0;
struct scatterlist sg;
+ mutex_lock(&crypt_stat->cs_md5_tfm_mutex);
sg_init_one(&sg, (u8 *)src, len);
if (!crypt_stat->md5_tfm) {
crypt_stat->md5_tfm =
@@ -111,6 +112,7 @@ static int ecryptfs_calculate_md5(char *
crypto_digest_init(crypt_stat->md5_tfm);
crypto_digest_update(crypt_stat->md5_tfm, &sg, 1);
crypto_digest_final(crypt_stat->md5_tfm, dst);
+ mutex_unlock(&crypt_stat->cs_md5_tfm_mutex);
out:
return rc;
}
diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c
index c84e1d2..b707a99 100644
--- a/fs/ecryptfs/file.c
+++ b/fs/ecryptfs/file.c
@@ -232,12 +232,14 @@ static int ecryptfs_open(struct inode *i
}
lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry);
crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
+ mutex_lock(&crypt_stat->cs_mutex);
if (!ECRYPTFS_CHECK_FLAG(crypt_stat->flags, ECRYPTFS_POLICY_APPLIED)) {
ecryptfs_printk(KERN_DEBUG, "Setting flags for stat...\n");
/* Policy code enabled in future release */
ECRYPTFS_SET_FLAG(crypt_stat->flags, ECRYPTFS_POLICY_APPLIED);
ECRYPTFS_SET_FLAG(crypt_stat->flags, ECRYPTFS_ENCRYPTED);
}
+ mutex_unlock(&crypt_stat->cs_mutex);
/* This mntget & dget is undone via fput when the file is released */
dget(lower_dentry);
lower_flags = file->f_flags;
@@ -263,10 +265,12 @@ static int ecryptfs_open(struct inode *i
rc = 0;
goto out;
}
+ mutex_lock(&crypt_stat->cs_mutex);
if (i_size_read(lower_inode) == 0) {
ecryptfs_printk(KERN_EMERG, "Zero-length lower file; "
"ecryptfs_create() had a problem?\n");
rc = -ENOENT;
+ mutex_unlock(&crypt_stat->cs_mutex);
goto out_puts;
} else if (!ECRYPTFS_CHECK_FLAG(crypt_stat->flags,
ECRYPTFS_POLICY_APPLIED)
@@ -283,9 +287,11 @@ static int ecryptfs_open(struct inode *i
* as-is to userspace. For release 0.1, we are
* going to default to -EIO. */
rc = -EIO;
+ mutex_unlock(&crypt_stat->cs_mutex);
goto out_puts;
}
}
+ mutex_unlock(&crypt_stat->cs_mutex);
ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = [0x%.16x] "
"size: [0x%.16x]\n", inode, inode->i_ino,
i_size_read(inode));
--
1.3.3
reply other threads:[~2006-08-15 15:54 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060815155429.GA3267@us.ibm.com \
--to=mhalcrow@us.ibm.com \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.