diff options
author | Eric Biggers <ebiggers@google.com> | 2016-12-19 23:20:13 +0100 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2016-12-31 06:47:05 +0100 |
commit | 42d97eb0ade31e1bc537d086842f5d6e766d9d51 (patch) | |
tree | 04f4a277ddf959f3cabb6a97c7743806d9bd953e /fs/crypto | |
parent | fscrypt: fix the test_dummy_encryption mount option (diff) | |
download | linux-42d97eb0ade31e1bc537d086842f5d6e766d9d51.tar.xz linux-42d97eb0ade31e1bc537d086842f5d6e766d9d51.zip |
fscrypt: fix renaming and linking special files
Attempting to link a device node, named pipe, or socket file into an
encrypted directory through rename(2) or link(2) always failed with
EPERM. This happened because fscrypt_has_permitted_context() saw that
the file was unencrypted and forbid creating the link. This behavior
was unexpected because such files are never encrypted; only regular
files, directories, and symlinks can be encrypted.
To fix this, make fscrypt_has_permitted_context() always return true on
special files.
This will be covered by a test in my encryption xfstests patchset.
Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt support")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Richard Weinberger <richard@nod.at>
Cc: stable@vger.kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/crypto')
-rw-r--r-- | fs/crypto/policy.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c index 6ed7c2eebeec..d6cd7ea4851d 100644 --- a/fs/crypto/policy.c +++ b/fs/crypto/policy.c @@ -179,6 +179,11 @@ int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) BUG_ON(1); } + /* No restrictions on file types which are never encrypted */ + if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) && + !S_ISLNK(child->i_mode)) + return 1; + /* no restrictions if the parent directory is not encrypted */ if (!parent->i_sb->s_cop->is_encrypted(parent)) return 1; |