summaryrefslogtreecommitdiffstats
path: root/fs/ubifs
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2017-04-07 19:58:40 +0200
committerTheodore Ts'o <tytso@mit.edu>2017-05-04 17:44:35 +0200
commit413d5a9edbb45eec4dbb1904fe689b561ea5d143 (patch)
tree1d56e8577d5c2244ae51b9bf722c1a51e44354b4 /fs/ubifs
parentf2fs: sync f2fs_lookup() with ext4_lookup() (diff)
downloadlinux-413d5a9edbb45eec4dbb1904fe689b561ea5d143.tar.xz
linux-413d5a9edbb45eec4dbb1904fe689b561ea5d143.zip
ubifs: check for consistent encryption contexts in ubifs_lookup()
As ext4 and f2fs do, ubifs should check for consistent encryption contexts during ->lookup() in an encrypted directory. This protects certain users of filesystem encryption against certain types of offline attacks. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ubifs')
-rw-r--r--fs/ubifs/dir.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
index 30825d882aa9..bbe2b346a94f 100644
--- a/fs/ubifs/dir.c
+++ b/fs/ubifs/dir.c
@@ -285,6 +285,15 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
goto out_dent;
}
+ if (ubifs_crypt_is_encrypted(dir) &&
+ (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
+ !fscrypt_has_permitted_context(dir, inode)) {
+ ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu",
+ dir->i_ino, inode->i_ino);
+ err = -EPERM;
+ goto out_inode;
+ }
+
done:
kfree(dent);
fscrypt_free_filename(&nm);
@@ -295,6 +304,8 @@ done:
d_add(dentry, inode);
return NULL;
+out_inode:
+ iput(inode);
out_dent:
kfree(dent);
out_fname: