Patchwork [1/1] eCryptfs: Copy up lower inode attrs after setting lower xattr

login
register
mail settings
Submitter Colin King
Date March 12, 2012, 9:01 p.m.
Message ID <1331586097-22789-2-git-send-email-colin.king@canonical.com>
Download mbox | patch
Permalink /patch/146251/
State New
Headers show

Comments

Colin King - March 12, 2012, 9:01 p.m.
From: Colin Ian King <colin.king@canonical.com>

After passing through a ->setxattr() call, eCryptfs needs to copy the
inode attributes from the lower inode to the eCryptfs inode, as they
may have changed in the lower filesystem's ->setxattr() path.

One example is if an extended attribute containing a POSIX Access
Control List is being set. The new ACL may cause the lower filesystem to
modify the mode of the lower inode and the eCryptfs inode would need to
be updated to reflect the new mode.

https://launchpad.net/bugs/926292

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Sebastien Bacher <seb128@ubuntu.com>
Cc: John Johansen <john.johansen@canonical.com>
Cc: <stable@vger.kernel.org>
(backport of upstream commit 5d58bd2bb0e9b3576a5ae26879a73e6c30cd3914)
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 fs/ecryptfs/inode.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)
Herton Ronaldo Krzesinski - March 12, 2012, 9:14 p.m.
On Mon, Mar 12, 2012 at 09:01:37PM +0000, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> After passing through a ->setxattr() call, eCryptfs needs to copy the
> inode attributes from the lower inode to the eCryptfs inode, as they
> may have changed in the lower filesystem's ->setxattr() path.
> 
> One example is if an extended attribute containing a POSIX Access
> Control List is being set. The new ACL may cause the lower filesystem to
> modify the mode of the lower inode and the eCryptfs inode would need to
> be updated to reflect the new mode.
> 
> https://launchpad.net/bugs/926292
> 
> Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
> Reported-by: Sebastien Bacher <seb128@ubuntu.com>
> Cc: John Johansen <john.johansen@canonical.com>
> Cc: <stable@vger.kernel.org>
> (backport of upstream commit 5d58bd2bb0e9b3576a5ae26879a73e6c30cd3914)
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>  fs/ecryptfs/inode.c |    2 ++
>  1 files changed, 2 insertions(+), 0 deletions(-)
> 
> diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> index 90a6087..645da17 100644
> --- a/fs/ecryptfs/inode.c
> +++ b/fs/ecryptfs/inode.c
> @@ -1035,6 +1035,8 @@ ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value,
>  	rc = lower_dentry->d_inode->i_op->setxattr(lower_dentry, name, value,
>  						   size, flags);
>  	mutex_unlock(&lower_dentry->d_inode->i_mutex);
> +	if (!rc)
> +		fsstack_copy_attr_all(dentry->d_inode, lower_dentry->d_inode, NULL);
>  out:
>  	return rc;
>  }
> -- 
> 1.7.0.4
> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
Andy Whitcroft - March 12, 2012, 9:46 p.m.
On Mon, Mar 12, 2012 at 09:01:37PM +0000, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> After passing through a ->setxattr() call, eCryptfs needs to copy the
> inode attributes from the lower inode to the eCryptfs inode, as they
> may have changed in the lower filesystem's ->setxattr() path.
> 
> One example is if an extended attribute containing a POSIX Access
> Control List is being set. The new ACL may cause the lower filesystem to
> modify the mode of the lower inode and the eCryptfs inode would need to
> be updated to reflect the new mode.
> 
> https://launchpad.net/bugs/926292
> 
> Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
> Reported-by: Sebastien Bacher <seb128@ubuntu.com>
> Cc: John Johansen <john.johansen@canonical.com>
> Cc: <stable@vger.kernel.org>
> (backport of upstream commit 5d58bd2bb0e9b3576a5ae26879a73e6c30cd3914)
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>  fs/ecryptfs/inode.c |    2 ++
>  1 files changed, 2 insertions(+), 0 deletions(-)
> 
> diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> index 90a6087..645da17 100644
> --- a/fs/ecryptfs/inode.c
> +++ b/fs/ecryptfs/inode.c
> @@ -1035,6 +1035,8 @@ ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value,
>  	rc = lower_dentry->d_inode->i_op->setxattr(lower_dentry, name, value,
>  						   size, flags);
>  	mutex_unlock(&lower_dentry->d_inode->i_mutex);
> +	if (!rc)
> +		fsstack_copy_attr_all(dentry->d_inode, lower_dentry->d_inode, NULL);
>  out:
>  	return rc;
>  }

Looks to do what is claimed.

Acked-by: Andy Whitcroft <apw@canonical.com>

-apw

Patch

diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
index 90a6087..645da17 100644
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -1035,6 +1035,8 @@  ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value,
 	rc = lower_dentry->d_inode->i_op->setxattr(lower_dentry, name, value,
 						   size, flags);
 	mutex_unlock(&lower_dentry->d_inode->i_mutex);
+	if (!rc)
+		fsstack_copy_attr_all(dentry->d_inode, lower_dentry->d_inode, NULL);
 out:
 	return rc;
 }