From: Eric Biggers <ebiggers3@gmail.com>
To: stable@vger.kernel.org
Cc: Jaegeuk Kim <jaegeuk@kernel.org>,
Eric Biggers <ebiggers@google.com>, Theodore Ts'o <tytso@mit.edu>
Subject: [PATCH] fscrypto: require write access to mount to set encryption policy
Date: Tue, 24 Oct 2017 16:32:16 -0700 [thread overview]
Message-ID: <20171024233216.70844-1-ebiggers3@gmail.com> (raw)
From: Eric Biggers <ebiggers@google.com>
commit ba63f23d69a3a10e7e527a02702023da68ef8a6d upstream. [Please apply
to 4.4-stable. Note: this was already backported, but only to ext4; it
was missed that it should go to f2fs as well. This is needed to make
xfstest generic/395 pass on f2fs.]
Since setting an encryption policy requires writing metadata to the
filesystem, it should be guarded by mnt_want_write/mnt_drop_write.
Otherwise, a user could cause a write to a frozen or readonly
filesystem. This was handled correctly by f2fs but not by ext4. Make
fscrypt_process_policy() handle it rather than relying on the filesystem
to get it right.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Cc: stable@vger.kernel.org # 4.1+; check fs/{ext4,f2fs}
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Acked-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fs/f2fs/file.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 4b449d263333..01eed94b01ea 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -1541,12 +1541,18 @@ static int f2fs_ioc_set_encryption_policy(struct file *filp, unsigned long arg)
sizeof(policy)))
return -EFAULT;
+ err = mnt_want_write_file(filp);
+ if (err)
+ return err;
+
mutex_lock(&inode->i_mutex);
err = f2fs_process_policy(&policy, inode);
mutex_unlock(&inode->i_mutex);
+ mnt_drop_write_file(filp);
+
return err;
#else
return -EOPNOTSUPP;
--
2.15.0.rc0.271.g36b669edcc-goog
next reply other threads:[~2017-10-24 23:32 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-24 23:32 Eric Biggers [this message]
2017-10-25 9:42 ` [PATCH] fscrypto: require write access to mount to set encryption policy Greg KH
-- strict thread matches above, loose matches on Subject: below --
2016-09-20 0:49 Eric Biggers
2016-09-08 21:20 Eric Biggers
2016-09-08 21:20 ` Eric Biggers
2016-09-10 4:15 ` Theodore Ts'o
2016-09-10 4:40 ` Jaegeuk Kim
2016-09-10 4:40 ` Jaegeuk Kim
2016-09-10 5:20 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171024233216.70844-1-ebiggers3@gmail.com \
--to=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=jaegeuk@kernel.org \
--cc=stable@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.