* [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
@ 2017-03-08 12:08 ` Chao Yu
0 siblings, 0 replies; 10+ messages in thread
From: Chao Yu @ 2017-03-08 12:08 UTC (permalink / raw)
To: jaegeuk; +Cc: linux-f2fs-devel, linux-kernel, chao, Chao Yu
In commit d9cdc9033181 ("ext4 crypto: enforce context consistency") we
declared that:
2) All files or directories in a directory must be protected using the
same key as their containing directory.
But in f2fs_cross_rename there is a vulnerability that allow to cross
rename unencrypted file into encrypted directory, it needs to be refused.
Signed-off-by: Chao Yu <yuchao0@huawei.com>
---
fs/f2fs/namei.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
index 25c073f6c7d4..8de684b84cb9 100644
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@@ -855,6 +855,10 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
!fscrypt_has_encryption_key(new_dir)))
return -ENOKEY;
+ if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
+ f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
+ return -EPERM;
+
if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
(old_dir != new_dir) &&
(!fscrypt_has_permitted_context(new_dir, old_inode) ||
--
2.8.2.295.g3f1c1d0
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
@ 2017-03-08 12:08 ` Chao Yu
0 siblings, 0 replies; 10+ messages in thread
From: Chao Yu @ 2017-03-08 12:08 UTC (permalink / raw)
To: jaegeuk; +Cc: chao, linux-kernel, linux-f2fs-devel
In commit d9cdc9033181 ("ext4 crypto: enforce context consistency") we
declared that:
2) All files or directories in a directory must be protected using the
same key as their containing directory.
But in f2fs_cross_rename there is a vulnerability that allow to cross
rename unencrypted file into encrypted directory, it needs to be refused.
Signed-off-by: Chao Yu <yuchao0@huawei.com>
---
fs/f2fs/namei.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
index 25c073f6c7d4..8de684b84cb9 100644
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@@ -855,6 +855,10 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
!fscrypt_has_encryption_key(new_dir)))
return -ENOKEY;
+ if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
+ f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
+ return -EPERM;
+
if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
(old_dir != new_dir) &&
(!fscrypt_has_permitted_context(new_dir, old_inode) ||
--
2.8.2.295.g3f1c1d0
------------------------------------------------------------------------------
Announcing the Oxford Dictionaries API! The API offers world-renowned
dictionary content that is easy and intuitive to access. Sign up for an
account today to start using our lexical data to power your apps and
projects. Get started today and enter our developer competition.
http://sdm.link/oxford
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [f2fs-dev] [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
2017-03-08 12:08 ` Chao Yu
@ 2017-03-08 13:35 ` Kinglong Mee
-1 siblings, 0 replies; 10+ messages in thread
From: Kinglong Mee @ 2017-03-08 13:35 UTC (permalink / raw)
To: Chao Yu, jaegeuk; +Cc: chao, linux-kernel, linux-f2fs-devel, Kinglong Mee
On 3/8/2017 20:08, Chao Yu wrote:
> In commit d9cdc9033181 ("ext4 crypto: enforce context consistency") we
> declared that:
>
> 2) All files or directories in a directory must be protected using the
> same key as their containing directory.
>
> But in f2fs_cross_rename there is a vulnerability that allow to cross
> rename unencrypted file into encrypted directory, it needs to be refused.
fscrypt_has_permitted_context has do the checking as this patch,
168 /* no restrictions if the parent directory is not encrypted */
169 if (!parent->i_sb->s_cop->is_encrypted(parent))
170 return 1;
171 /* if the child directory is not encrypted, this is always a problem */
172 if (!parent->i_sb->s_cop->is_encrypted(child))
173 return 0;
So, the cross rename unencrypted file into encrypted directory is permitted right now.
I have a encrypted directory "ncry", "new" is unencrypted file.
[root@nfstestnic f2fs]# renameat2 -x encry/hello new
Operation not permitted
[root@nfstestnic f2fs]# renameat2 -x encry/hello new
Operation not permitted
How do you test it?
thanks,
Kinglong Mee
>
> Signed-off-by: Chao Yu <yuchao0@huawei.com>
> ---
> fs/f2fs/namei.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
> index 25c073f6c7d4..8de684b84cb9 100644
> --- a/fs/f2fs/namei.c
> +++ b/fs/f2fs/namei.c
> @@ -855,6 +855,10 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
> !fscrypt_has_encryption_key(new_dir)))
> return -ENOKEY;
>
> + if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
> + f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
> + return -EPERM;
> +
> if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
> (old_dir != new_dir) &&
> (!fscrypt_has_permitted_context(new_dir, old_inode) ||
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
@ 2017-03-08 13:35 ` Kinglong Mee
0 siblings, 0 replies; 10+ messages in thread
From: Kinglong Mee @ 2017-03-08 13:35 UTC (permalink / raw)
To: Chao Yu, jaegeuk; +Cc: chao, linux-kernel, linux-f2fs-devel
On 3/8/2017 20:08, Chao Yu wrote:
> In commit d9cdc9033181 ("ext4 crypto: enforce context consistency") we
> declared that:
>
> 2) All files or directories in a directory must be protected using the
> same key as their containing directory.
>
> But in f2fs_cross_rename there is a vulnerability that allow to cross
> rename unencrypted file into encrypted directory, it needs to be refused.
fscrypt_has_permitted_context has do the checking as this patch,
168 /* no restrictions if the parent directory is not encrypted */
169 if (!parent->i_sb->s_cop->is_encrypted(parent))
170 return 1;
171 /* if the child directory is not encrypted, this is always a problem */
172 if (!parent->i_sb->s_cop->is_encrypted(child))
173 return 0;
So, the cross rename unencrypted file into encrypted directory is permitted right now.
I have a encrypted directory "ncry", "new" is unencrypted file.
[root@nfstestnic f2fs]# renameat2 -x encry/hello new
Operation not permitted
[root@nfstestnic f2fs]# renameat2 -x encry/hello new
Operation not permitted
How do you test it?
thanks,
Kinglong Mee
>
> Signed-off-by: Chao Yu <yuchao0@huawei.com>
> ---
> fs/f2fs/namei.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
> index 25c073f6c7d4..8de684b84cb9 100644
> --- a/fs/f2fs/namei.c
> +++ b/fs/f2fs/namei.c
> @@ -855,6 +855,10 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
> !fscrypt_has_encryption_key(new_dir)))
> return -ENOKEY;
>
> + if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
> + f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
> + return -EPERM;
> +
> if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
> (old_dir != new_dir) &&
> (!fscrypt_has_permitted_context(new_dir, old_inode) ||
>
------------------------------------------------------------------------------
Announcing the Oxford Dictionaries API! The API offers world-renowned
dictionary content that is easy and intuitive to access. Sign up for an
account today to start using our lexical data to power your apps and
projects. Get started today and enter our developer competition.
http://sdm.link/oxford
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [f2fs-dev] [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
2017-03-08 13:35 ` Kinglong Mee
@ 2017-03-09 1:33 ` Chao Yu
-1 siblings, 0 replies; 10+ messages in thread
From: Chao Yu @ 2017-03-09 1:33 UTC (permalink / raw)
To: Kinglong Mee, jaegeuk; +Cc: chao, linux-kernel, linux-f2fs-devel
On 2017/3/8 21:35, Kinglong Mee wrote:
> On 3/8/2017 20:08, Chao Yu wrote:
>> In commit d9cdc9033181 ("ext4 crypto: enforce context consistency") we
>> declared that:
>>
>> 2) All files or directories in a directory must be protected using the
>> same key as their containing directory.
>>
>> But in f2fs_cross_rename there is a vulnerability that allow to cross
>> rename unencrypted file into encrypted directory, it needs to be refused.
>
> fscrypt_has_permitted_context has do the checking as this patch,
>
> 168 /* no restrictions if the parent directory is not encrypted */
> 169 if (!parent->i_sb->s_cop->is_encrypted(parent))
> 170 return 1;
> 171 /* if the child directory is not encrypted, this is always a problem */
> 172 if (!parent->i_sb->s_cop->is_encrypted(child))
> 173 return 0;
>
> So, the cross rename unencrypted file into encrypted directory is permitted right now.
>
> I have a encrypted directory "ncry", "new" is unencrypted file.
>
> [root@nfstestnic f2fs]# renameat2 -x encry/hello new
> Operation not permitted
> [root@nfstestnic f2fs]# renameat2 -x encry/hello new
> Operation not permitted
I've tried this, the same result as yours, so this patch is wrong, please ignore
it, sorry about the noise.
Thanks,
>
> How do you test it?
>
> thanks,
> Kinglong Mee
>>
>> Signed-off-by: Chao Yu <yuchao0@huawei.com>
>> ---
>> fs/f2fs/namei.c | 4 ++++
>> 1 file changed, 4 insertions(+)
>>
>> diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
>> index 25c073f6c7d4..8de684b84cb9 100644
>> --- a/fs/f2fs/namei.c
>> +++ b/fs/f2fs/namei.c
>> @@ -855,6 +855,10 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
>> !fscrypt_has_encryption_key(new_dir)))
>> return -ENOKEY;
>>
>> + if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
>> + f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
>> + return -EPERM;
>> +
>> if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
>> (old_dir != new_dir) &&
>> (!fscrypt_has_permitted_context(new_dir, old_inode) ||
>>
>
> .
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
@ 2017-03-09 1:33 ` Chao Yu
0 siblings, 0 replies; 10+ messages in thread
From: Chao Yu @ 2017-03-09 1:33 UTC (permalink / raw)
To: Kinglong Mee, jaegeuk; +Cc: chao, linux-kernel, linux-f2fs-devel
On 2017/3/8 21:35, Kinglong Mee wrote:
> On 3/8/2017 20:08, Chao Yu wrote:
>> In commit d9cdc9033181 ("ext4 crypto: enforce context consistency") we
>> declared that:
>>
>> 2) All files or directories in a directory must be protected using the
>> same key as their containing directory.
>>
>> But in f2fs_cross_rename there is a vulnerability that allow to cross
>> rename unencrypted file into encrypted directory, it needs to be refused.
>
> fscrypt_has_permitted_context has do the checking as this patch,
>
> 168 /* no restrictions if the parent directory is not encrypted */
> 169 if (!parent->i_sb->s_cop->is_encrypted(parent))
> 170 return 1;
> 171 /* if the child directory is not encrypted, this is always a problem */
> 172 if (!parent->i_sb->s_cop->is_encrypted(child))
> 173 return 0;
>
> So, the cross rename unencrypted file into encrypted directory is permitted right now.
>
> I have a encrypted directory "ncry", "new" is unencrypted file.
>
> [root@nfstestnic f2fs]# renameat2 -x encry/hello new
> Operation not permitted
> [root@nfstestnic f2fs]# renameat2 -x encry/hello new
> Operation not permitted
I've tried this, the same result as yours, so this patch is wrong, please ignore
it, sorry about the noise.
Thanks,
>
> How do you test it?
>
> thanks,
> Kinglong Mee
>>
>> Signed-off-by: Chao Yu <yuchao0@huawei.com>
>> ---
>> fs/f2fs/namei.c | 4 ++++
>> 1 file changed, 4 insertions(+)
>>
>> diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
>> index 25c073f6c7d4..8de684b84cb9 100644
>> --- a/fs/f2fs/namei.c
>> +++ b/fs/f2fs/namei.c
>> @@ -855,6 +855,10 @@ static int f2fs_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
>> !fscrypt_has_encryption_key(new_dir)))
>> return -ENOKEY;
>>
>> + if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
>> + f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
>> + return -EPERM;
>> +
>> if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
>> (old_dir != new_dir) &&
>> (!fscrypt_has_permitted_context(new_dir, old_inode) ||
>>
>
> .
>
------------------------------------------------------------------------------
Announcing the Oxford Dictionaries API! The API offers world-renowned
dictionary content that is easy and intuitive to access. Sign up for an
account today to start using our lexical data to power your apps and
projects. Get started today and enter our developer competition.
http://sdm.link/oxford
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
2017-03-08 12:08 ` Chao Yu
@ 2017-03-10 21:49 ` kbuild test robot
-1 siblings, 0 replies; 10+ messages in thread
From: kbuild test robot @ 2017-03-10 21:49 UTC (permalink / raw)
To: Chao Yu
Cc: kbuild-all, jaegeuk, linux-f2fs-devel, linux-kernel, chao, Chao Yu
[-- Attachment #1: Type: text/plain, Size: 2287 bytes --]
Hi Chao,
[auto build test WARNING on f2fs/dev]
[also build test WARNING on v4.11-rc1 next-20170309]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Chao-Yu/f2fs-don-t-allow-rename-unencrypted-file-to-encrypted-directory/20170311-052705
base: https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git dev
config: i386-randconfig-x005-201710 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All warnings (new ones prefixed by >>):
fs/f2fs/namei.c: In function 'f2fs_cross_rename':
>> fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
vim +858 fs/f2fs/namei.c
842 struct f2fs_sb_info *sbi = F2FS_I_SB(old_dir);
843 struct inode *old_inode = d_inode(old_dentry);
844 struct inode *new_inode = d_inode(new_dentry);
845 struct page *old_dir_page, *new_dir_page;
846 struct page *old_page, *new_page;
847 struct f2fs_dir_entry *old_dir_entry = NULL, *new_dir_entry = NULL;
848 struct f2fs_dir_entry *old_entry, *new_entry;
849 int old_nlink = 0, new_nlink = 0;
850 int err = -ENOENT;
851
852 if ((f2fs_encrypted_inode(old_dir) &&
853 !fscrypt_has_encryption_key(old_dir)) ||
854 (f2fs_encrypted_inode(new_dir) &&
855 !fscrypt_has_encryption_key(new_dir)))
856 return -ENOKEY;
857
> 858 if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
859 f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
860 return -EPERM;
861
862 if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
863 (old_dir != new_dir) &&
864 (!fscrypt_has_permitted_context(new_dir, old_inode) ||
865 !fscrypt_has_permitted_context(old_dir, new_inode)))
866 return -EPERM;
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 26281 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
@ 2017-03-10 21:49 ` kbuild test robot
0 siblings, 0 replies; 10+ messages in thread
From: kbuild test robot @ 2017-03-10 21:49 UTC (permalink / raw)
Cc: kbuild-all, jaegeuk, linux-f2fs-devel, linux-kernel, chao, Chao Yu
[-- Attachment #1: Type: text/plain, Size: 2287 bytes --]
Hi Chao,
[auto build test WARNING on f2fs/dev]
[also build test WARNING on v4.11-rc1 next-20170309]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Chao-Yu/f2fs-don-t-allow-rename-unencrypted-file-to-encrypted-directory/20170311-052705
base: https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git dev
config: i386-randconfig-x005-201710 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All warnings (new ones prefixed by >>):
fs/f2fs/namei.c: In function 'f2fs_cross_rename':
>> fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
vim +858 fs/f2fs/namei.c
842 struct f2fs_sb_info *sbi = F2FS_I_SB(old_dir);
843 struct inode *old_inode = d_inode(old_dentry);
844 struct inode *new_inode = d_inode(new_dentry);
845 struct page *old_dir_page, *new_dir_page;
846 struct page *old_page, *new_page;
847 struct f2fs_dir_entry *old_dir_entry = NULL, *new_dir_entry = NULL;
848 struct f2fs_dir_entry *old_entry, *new_entry;
849 int old_nlink = 0, new_nlink = 0;
850 int err = -ENOENT;
851
852 if ((f2fs_encrypted_inode(old_dir) &&
853 !fscrypt_has_encryption_key(old_dir)) ||
854 (f2fs_encrypted_inode(new_dir) &&
855 !fscrypt_has_encryption_key(new_dir)))
856 return -ENOKEY;
857
> 858 if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
859 f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
860 return -EPERM;
861
862 if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
863 (old_dir != new_dir) &&
864 (!fscrypt_has_permitted_context(new_dir, old_inode) ||
865 !fscrypt_has_permitted_context(old_dir, new_inode)))
866 return -EPERM;
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 26281 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
2017-03-08 12:08 ` Chao Yu
@ 2017-03-10 22:14 ` kbuild test robot
-1 siblings, 0 replies; 10+ messages in thread
From: kbuild test robot @ 2017-03-10 22:14 UTC (permalink / raw)
To: Chao Yu
Cc: kbuild-all, jaegeuk, linux-f2fs-devel, linux-kernel, chao, Chao Yu
[-- Attachment #1: Type: text/plain, Size: 3746 bytes --]
Hi Chao,
[auto build test WARNING on f2fs/dev]
[also build test WARNING on v4.11-rc1 next-20170309]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Chao-Yu/f2fs-don-t-allow-rename-unencrypted-file-to-encrypted-directory/20170311-052705
base: https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git dev
config: x86_64-randconfig-n0-03110505 (attached as .config)
compiler: gcc-4.8 (Debian 4.8.4-1) 4.8.4
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64
All warnings (new ones prefixed by >>):
In file included from include/linux/linkage.h:4:0,
from include/linux/fs.h:4,
from fs/f2fs/namei.c:11:
fs/f2fs/namei.c: In function 'f2fs_cross_rename':
fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
include/linux/compiler.h:160:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^
>> fs/f2fs/namei.c:858:2: note: in expansion of macro 'if'
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
include/linux/compiler.h:160:42: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^
>> fs/f2fs/namei.c:858:2: note: in expansion of macro 'if'
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
include/linux/compiler.h:171:16: note: in definition of macro '__trace_if'
______r = !!(cond); \
^
>> fs/f2fs/namei.c:858:2: note: in expansion of macro 'if'
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
vim +/if +858 fs/f2fs/namei.c
842 struct f2fs_sb_info *sbi = F2FS_I_SB(old_dir);
843 struct inode *old_inode = d_inode(old_dentry);
844 struct inode *new_inode = d_inode(new_dentry);
845 struct page *old_dir_page, *new_dir_page;
846 struct page *old_page, *new_page;
847 struct f2fs_dir_entry *old_dir_entry = NULL, *new_dir_entry = NULL;
848 struct f2fs_dir_entry *old_entry, *new_entry;
849 int old_nlink = 0, new_nlink = 0;
850 int err = -ENOENT;
851
852 if ((f2fs_encrypted_inode(old_dir) &&
853 !fscrypt_has_encryption_key(old_dir)) ||
854 (f2fs_encrypted_inode(new_dir) &&
855 !fscrypt_has_encryption_key(new_dir)))
856 return -ENOKEY;
857
> 858 if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
859 f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
860 return -EPERM;
861
862 if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
863 (old_dir != new_dir) &&
864 (!fscrypt_has_permitted_context(new_dir, old_inode) ||
865 !fscrypt_has_permitted_context(old_dir, new_inode)))
866 return -EPERM;
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 26748 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory
@ 2017-03-10 22:14 ` kbuild test robot
0 siblings, 0 replies; 10+ messages in thread
From: kbuild test robot @ 2017-03-10 22:14 UTC (permalink / raw)
Cc: kbuild-all, jaegeuk, linux-f2fs-devel, linux-kernel, chao, Chao Yu
[-- Attachment #1: Type: text/plain, Size: 3746 bytes --]
Hi Chao,
[auto build test WARNING on f2fs/dev]
[also build test WARNING on v4.11-rc1 next-20170309]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Chao-Yu/f2fs-don-t-allow-rename-unencrypted-file-to-encrypted-directory/20170311-052705
base: https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git dev
config: x86_64-randconfig-n0-03110505 (attached as .config)
compiler: gcc-4.8 (Debian 4.8.4-1) 4.8.4
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64
All warnings (new ones prefixed by >>):
In file included from include/linux/linkage.h:4:0,
from include/linux/fs.h:4,
from fs/f2fs/namei.c:11:
fs/f2fs/namei.c: In function 'f2fs_cross_rename':
fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
include/linux/compiler.h:160:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^
>> fs/f2fs/namei.c:858:2: note: in expansion of macro 'if'
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
include/linux/compiler.h:160:42: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^
>> fs/f2fs/namei.c:858:2: note: in expansion of macro 'if'
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
fs/f2fs/namei.c:858:36: warning: suggest parentheses around '&&' within '||' [-Wparentheses]
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
include/linux/compiler.h:171:16: note: in definition of macro '__trace_if'
______r = !!(cond); \
^
>> fs/f2fs/namei.c:858:2: note: in expansion of macro 'if'
if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
^
vim +/if +858 fs/f2fs/namei.c
842 struct f2fs_sb_info *sbi = F2FS_I_SB(old_dir);
843 struct inode *old_inode = d_inode(old_dentry);
844 struct inode *new_inode = d_inode(new_dentry);
845 struct page *old_dir_page, *new_dir_page;
846 struct page *old_page, *new_page;
847 struct f2fs_dir_entry *old_dir_entry = NULL, *new_dir_entry = NULL;
848 struct f2fs_dir_entry *old_entry, *new_entry;
849 int old_nlink = 0, new_nlink = 0;
850 int err = -ENOENT;
851
852 if ((f2fs_encrypted_inode(old_dir) &&
853 !fscrypt_has_encryption_key(old_dir)) ||
854 (f2fs_encrypted_inode(new_dir) &&
855 !fscrypt_has_encryption_key(new_dir)))
856 return -ENOKEY;
857
> 858 if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
859 f2fs_encrypted_inode(new_dir) && !f2fs_encrypted_inode(old_inode))
860 return -EPERM;
861
862 if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
863 (old_dir != new_dir) &&
864 (!fscrypt_has_permitted_context(new_dir, old_inode) ||
865 !fscrypt_has_permitted_context(old_dir, new_inode)))
866 return -EPERM;
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 26748 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2017-03-10 22:15 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-08 12:08 [PATCH] f2fs: don't allow rename unencrypted file to encrypted directory Chao Yu
2017-03-08 12:08 ` Chao Yu
2017-03-08 13:35 ` [f2fs-dev] " Kinglong Mee
2017-03-08 13:35 ` Kinglong Mee
2017-03-09 1:33 ` [f2fs-dev] " Chao Yu
2017-03-09 1:33 ` Chao Yu
2017-03-10 21:49 ` kbuild test robot
2017-03-10 21:49 ` kbuild test robot
2017-03-10 22:14 ` kbuild test robot
2017-03-10 22:14 ` kbuild test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.