diff options
| author | Eric Biggers <ebiggers@google.com> | 2017-04-07 10:58:40 -0700 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2017-05-04 11:44:35 -0400 |
| commit | 413d5a9edbb45eec4dbb1904fe689b561ea5d143 (patch) | |
| tree | 1d56e8577d5c2244ae51b9bf722c1a51e44354b4 /fs/ubifs | |
| parent | faac7fd97e0827f959c9d376399b91b37364a567 (diff) | |
| download | linux-stable-413d5a9edbb45eec4dbb1904fe689b561ea5d143.tar.gz linux-stable-413d5a9edbb45eec4dbb1904fe689b561ea5d143.tar.bz2 linux-stable-413d5a9edbb45eec4dbb1904fe689b561ea5d143.zip | |
ubifs: check for consistent encryption contexts in ubifs_lookup()
As ext4 and f2fs do, ubifs should check for consistent encryption
contexts during ->lookup() in an encrypted directory. This protects
certain users of filesystem encryption against certain types of offline
attacks.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ubifs')
| -rw-r--r-- | fs/ubifs/dir.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index 30825d882aa9..bbe2b346a94f 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -285,6 +285,15 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, goto out_dent; } + if (ubifs_crypt_is_encrypted(dir) && + (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && + !fscrypt_has_permitted_context(dir, inode)) { + ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu", + dir->i_ino, inode->i_ino); + err = -EPERM; + goto out_inode; + } + done: kfree(dent); fscrypt_free_filename(&nm); @@ -295,6 +304,8 @@ done: d_add(dentry, inode); return NULL; +out_inode: + iput(inode); out_dent: kfree(dent); out_fname: |