From: Eric Biggers <ebiggers3@gmail.com>
To: linux-fscrypt@vger.kernel.org
Cc: Theodore Ts'o <tytso@mit.edu>,
linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-mtd@lists.infradead.org, Eric Biggers <ebiggers@google.com>
Subject: [PATCH 0/3] fscrypt: forbid truncate(2) without key
Date: Tue, 13 Jun 2017 16:47:52 -0700 [thread overview]
Message-ID: <20170613234755.111167-1-ebiggers3@gmail.com> (raw)
From: Eric Biggers <ebiggers@google.com>
These patches update the various filesystems to forbid userspace from
truncating encrypted files without the encryption key, as it's not
possible to handle this correctly in general. I believe this may have
been missed because truncate() doesn't require opening the file first,
and therefore it's not prevented by the existing requirement that open()
is only allowed with the encryption key.
It probably makes sense to take this series through the fscrypt tree, as
the changes for each filesystem are basically identical. (Eventually it
might make sense to add an S_ENCRYPTED flag to struct inode and move
some of these "hooks" up into the VFS; this one might fit nicely into
setattr_prepare(), for example.)
Eric Biggers (3):
ext4: require key for truncate(2) of encrypted file
f2fs: require key for truncate(2) of encrypted file
ubifs: require key for truncate(2) of encrypted file
fs/ext4/inode.c | 8 ++++++++
fs/f2fs/file.c | 10 +++++++---
fs/ubifs/file.c | 8 ++++++++
3 files changed, 23 insertions(+), 3 deletions(-)
--
2.13.1.508.gb3defc5cc-goog
next reply other threads:[~2017-06-13 23:49 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-13 23:47 Eric Biggers [this message]
2017-06-13 23:47 ` [PATCH 1/3] ext4: require key for truncate(2) of encrypted file Eric Biggers
2017-06-14 0:14 ` Andreas Dilger
2017-06-14 3:12 ` Eric Biggers
2017-06-14 4:02 ` Andreas Dilger
2017-06-14 6:52 ` Christoph Hellwig
2017-06-14 7:03 ` Eric Biggers
2017-06-14 7:06 ` Christoph Hellwig
2017-06-23 23:52 ` Theodore Ts'o
2017-06-13 23:47 ` [PATCH 2/3] f2fs: " Eric Biggers
2017-06-14 12:44 ` Chao Yu
2017-06-13 23:47 ` [PATCH 3/3] ubifs: " Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170613234755.111167-1-ebiggers3@gmail.com \
--to=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).