Linux kernel source tree https://git.amat.us/linux/atom/fs/ecryptfs?h=v3.0.7 2011-08-16T01:31:41Z 2011-08-16T01:31:41Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-08-05T03:58:51Z urn:sha1:8c9729a2ca6291a80c4d0473ae64f2b7a547cc9e commit f61500e000eedc0c7a0201200a7f00ba5529c002 upstream. When an eCryptfs inode's lower file has been closed, and the pointer has been set to NULL, return an error when trying to do a lower read or write rather than calling BUG(). https://bugzilla.kernel.org/show_bug.cgi?id=37292 Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2011-08-16T01:31:41Z John Johansen john.johansen@canonical.com 2011-07-22T15:14:15Z urn:sha1:ed60157d262ebc0a032362013c58665d490edeee commit 764355487ea220fdc2faf128d577d7f679b91f97 upstream. Close a TOCTOU race for mounts done via ecryptfs-mount-private. The mount source (device) can be raced when the ownership test is done in userspace. Provide Ecryptfs a means to force the uid check at mount time. Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2011-08-05T04:58:39Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-07-27T00:47:08Z urn:sha1:efc977be4683816c39dfab38a34f68e07b78997e commit b2987a5e05ec7a1af7ca42e5d5349d7a22753031 upstream. Fixes a regression caused by b5695d04634fa4ccca7dcbc05bb4a66522f02e0b Kernel keyring keys containing eCryptfs authentication tokens should not be write locked when calling out to ecryptfsd to wrap and unwrap file encryption keys. The eCryptfs kernel code can not hold the key's write lock because ecryptfsd needs to request the key after receiving such a request from the kernel. Without this fix, all file opens and creates will timeout and fail when using the eCryptfs PKI infrastructure. This is not an issue when using passphrase-based mount keys, which is the most widely deployed eCryptfs configuration. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Acked-by: Roberto Sassu <roberto.sassu@polito.it> Tested-by: Roberto Sassu <roberto.sassu@polito.it> Tested-by: Alexis Hafner1 <haf@zurich.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2011-08-05T04:58:39Z Thieu Le thieule@chromium.org 2011-07-26T23:15:10Z urn:sha1:a21353bae5e98fce18080a3691ef75ede61dd261 commit 985ca0e626e195ea08a1a82b8dbeb6719747429a upstream. Make the inode mapping bdi consistent with the superblock bdi so that dirty pages are flushed properly. Signed-off-by: Thieu Le <thieule@chromium.org> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2011-05-29T19:24:25Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T10:11:12Z urn:sha1:3063287053bca5207e121c567b95b2b6f0bdc2c8 Now that ecryptfs_lookup_interpose() is no longer using ecryptfs_header_cache_2 to read in metadata, the kmem_cache can be removed and the ecryptfs_header_cache_1 kmem_cache can be renamed to ecryptfs_header_cache. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 2011-05-29T19:24:24Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T09:56:23Z urn:sha1:778aeb42a708d2a57e491d2cbb5a1e74f61270b9 ecryptfs_lookup_interpose() has turned into spaghetti code over the years. This is an effort to clean it up. - Shorten overly descriptive variable names such as ecryptfs_dentry - Simplify gotos and error paths - Create helper function for reading plaintext i_size from metadata It also includes an optimization when reading i_size from the metadata. A complete page-sized kmem_cache_alloc() was being done to read in 16 bytes of metadata. The buffer for that is now statically declared. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 2011-05-29T19:24:24Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-02T05:39:54Z urn:sha1:7a86617e553f47761b10f57de472d7262562b7de Instead of having the calling functions translate the true/false return code to either 0 or -EINVAL, have contains_ecryptfs_marker() return 0 or -EINVAL so that the calling functions can just reuse the return code. Also, rename the function to ecryptfs_validate_marker() to avoid callers mistakenly thinking that it returns true/false codes. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 2011-05-29T19:23:39Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T08:49:02Z urn:sha1:3b06b3ebf44170c90c893c6c80916db6e922b9f2 Only unlock and d_add() new inodes after the plaintext inode size has been read from the lower filesystem. This fixes a race condition that was sometimes seen during a multi-job kernel build in an eCryptfs mount. https://bugzilla.kernel.org/show_bug.cgi?id=36002 Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Reported-by: David <david@unsolicited.net> Tested-by: David <david@unsolicited.net> 2011-05-29T17:51:17Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T07:16:51Z urn:sha1:5ccf92037c7c6e6f28175fd245284923f939259f The eCryptfs inode get, initialization, and dentry interposition code has two separate paths. One is for when dentry interposition is needed after doing things like a mkdir in the lower filesystem and the other is needed after a lookup. Unlocking new inodes and doing a d_add() needs to happen at different times, depending on which type of dentry interposing is being done. This patch cleans up the inode get and initialization code paths and splits them up so that the locking and d_add() differences mentioned above can be handled appropriately in a later patch. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Tested-by: David <david@unsolicited.net> 2011-05-29T17:49:53Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T02:18:20Z urn:sha1:c4f790736ca8d7d86883c5aee2ba1caa15cd8da3 These functions should live in inode.c since their focus is on inodes and they're primarily used by functions in inode.c. Also does a simple cleanup of ecryptfs_inode_test() and rolls ecryptfs_init_inode() into ecryptfs_inode_set(). Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Tested-by: David <david@unsolicited.net>