summaryrefslogtreecommitdiffstats
path: root/fs/ubifs
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2017-06-13 16:47:55 -0700
committerRichard Weinberger <richard@nod.at>2017-07-05 23:52:50 +0200
commit4afb9996a254a8ec33801f4b33992d45670164b2 (patch)
tree0bb8a31b3d354500529bf0abe026ca586f982dbc /fs/ubifs
parent32c1431eea4881a6b17bd7c639315010aeefa452 (diff)
downloadlinux-4afb9996a254a8ec33801f4b33992d45670164b2.tar.gz
linux-4afb9996a254a8ec33801f4b33992d45670164b2.tar.bz2
linux-4afb9996a254a8ec33801f4b33992d45670164b2.zip
ubifs: require key for truncate(2) of encrypted file
Currently, filesystems allow truncate(2) on an encrypted file without the encryption key. However, it's impossible to correctly handle the case where the size being truncated to is not a multiple of the filesystem block size, because that would require decrypting the final block, zeroing the part beyond i_size, then encrypting the block. As other modifications to encrypted file contents are prohibited without the key, just prohibit truncate(2) as well, making it fail with ENOKEY. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Richard Weinberger <richard@nod.at>
Diffstat (limited to 'fs/ubifs')
-rw-r--r--fs/ubifs/file.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c
index 2cda3d67e2d0..ee3ff4c6bf4a 100644
--- a/fs/ubifs/file.c
+++ b/fs/ubifs/file.c
@@ -1284,6 +1284,14 @@ int ubifs_setattr(struct dentry *dentry, struct iattr *attr)
if (err)
return err;
+ if (ubifs_crypt_is_encrypted(inode) && (attr->ia_valid & ATTR_SIZE)) {
+ err = fscrypt_get_encryption_info(inode);
+ if (err)
+ return err;
+ if (!fscrypt_has_encryption_key(inode))
+ return -ENOKEY;
+ }
+
if ((attr->ia_valid & ATTR_SIZE) && attr->ia_size < inode->i_size)
/* Truncation to a smaller size */
err = do_truncation(c, inode, attr);