From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-it0-f65.google.com ([209.85.214.65]:34915 "EHLO mail-it0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754285AbcLSWVF (ORCPT ); Mon, 19 Dec 2016 17:21:05 -0500 Received: by mail-it0-f65.google.com with SMTP id b123so11987443itb.2 for ; Mon, 19 Dec 2016 14:21:05 -0800 (PST) From: Eric Biggers To: linux-fsdevel@vger.kernel.org Cc: "Theodore Y . Ts'o" , Jaegeuk Kim , Richard Weinberger , Eric Biggers Subject: [PATCH v2 3/5] ext4: consolidate fscrypt_has_permitted_context() checks Date: Mon, 19 Dec 2016 14:20:14 -0800 Message-Id: <1482186016-107643-3-git-send-email-ebiggers3@gmail.com> In-Reply-To: <1482186016-107643-1-git-send-email-ebiggers3@gmail.com> References: <1482186016-107643-1-git-send-email-ebiggers3@gmail.com> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: From: Eric Biggers Now that fscrypt_has_permitted_context() compares the fscrypt_context rather than the fscrypt_info when needed, it is no longer necessary to delay fscrypt_has_permitted_context() from ->lookup() to ->open() for regular files, as introduced in commit ff978b09f973 ("ext4 crypto: move context consistency check to ext4_file_open()"). Therefore the check in ->open(), along with the dget_parent() hack, can be removed. It's also no longer necessary to check the file type before calling fscrypt_has_permitted_context(). This patch should not be applied before my other two patches: fscrypt: fix loophole in one-encryption-policy-per-tree enforcement fscrypt: fix renaming and linking special files Signed-off-by: Eric Biggers --- fs/ext4/file.c | 12 ------------ fs/ext4/namei.c | 10 ++-------- 2 files changed, 2 insertions(+), 20 deletions(-) diff --git a/fs/ext4/file.c b/fs/ext4/file.c index b5f1844..2123cd8 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -398,7 +398,6 @@ static int ext4_file_open(struct inode * inode, struct file * filp) struct super_block *sb = inode->i_sb; struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); struct vfsmount *mnt = filp->f_path.mnt; - struct dentry *dir; struct path path; char buf[64], *cp; int ret; @@ -443,17 +442,6 @@ static int ext4_file_open(struct inode * inode, struct file * filp) return -ENOKEY; } - dir = dget_parent(file_dentry(filp)); - if (ext4_encrypted_inode(d_inode(dir)) && - !fscrypt_has_permitted_context(d_inode(dir), inode)) { - ext4_warning(inode->i_sb, - "Inconsistent encryption contexts: %lu/%lu", - (unsigned long) d_inode(dir)->i_ino, - (unsigned long) inode->i_ino); - dput(dir); - return -EPERM; - } - dput(dir); /* * Set up the jbd2_inode if we are opening the inode for * writing and the journal is present diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index eadba91..eb8b064 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -1612,17 +1612,11 @@ static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsi return ERR_PTR(-EFSCORRUPTED); } if (!IS_ERR(inode) && ext4_encrypted_inode(dir) && - (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && !fscrypt_has_permitted_context(dir, inode)) { - int nokey = ext4_encrypted_inode(inode) && - !fscrypt_has_encryption_key(inode); - iput(inode); - if (nokey) - return ERR_PTR(-ENOKEY); ext4_warning(inode->i_sb, "Inconsistent encryption contexts: %lu/%lu", - (unsigned long) dir->i_ino, - (unsigned long) inode->i_ino); + dir->i_ino, inode->i_ino); + iput(inode); return ERR_PTR(-EPERM); } } -- 2.8.0.rc3.226.g39d4020