From patchwork Thu Dec 15 19:19:43 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 706225 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3tfkQ460k1z9sBR for ; Fri, 16 Dec 2016 06:43:24 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="H14ffvrP"; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753736AbcLOTnQ (ORCPT ); Thu, 15 Dec 2016 14:43:16 -0500 Received: from mail-pg0-f66.google.com ([74.125.83.66]:34209 "EHLO mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752803AbcLOTnN (ORCPT ); Thu, 15 Dec 2016 14:43:13 -0500 Received: by mail-pg0-f66.google.com with SMTP id e9so7103546pgc.1; Thu, 15 Dec 2016 11:43:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=+IKpOEAPGrgEZ6x7MXfxz0YzSIv4oLrLIlc5aPo/1eQ=; b=H14ffvrPKdvlGXN3iHn3gclCM/LJVBsJzFooK+ZUtlB7qzBx0JeTM0gVchQTB0DjvP eRiCYGLI7c2mQt6HCMi30tTVZYIinX9lgVzsrx+1X8jYM1iZTQgoZe+Oq98ggOv+nsqy qaLjP1ymoY5vmQGDnmXGMFTRJM6U4qhxTaHgRV38zbrfDMChJDcRmnBmbWxvZ1a2UdoQ 2XeEcm5SCFY/pHliDIVVbvRdFruqvNfQZ4P46YPIM5AdfOBpPbJnrIQ+xUlzwmSQgUpO Y1zeDTTd371INaYMAtHN4FvBgZGAwkmuX18xzFJM2RReJTiNlOgwss/b9gRBqBgUJa9A XO5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=+IKpOEAPGrgEZ6x7MXfxz0YzSIv4oLrLIlc5aPo/1eQ=; b=ptt+wQssYXhr1fWUBRlSwIuEAyPmaRdPBeob4nIcRWhqBkzRnekVRO2TCunAr+2dJA ID90ryBn++P8hKmamuVcNDiQ2cfAvE36MjkcZKEbPA0OWQSr4C5Ag7Eu9ykikS1l22sg kUuslCdt0S0cCHYF1zUKNpRMdWvY1NoreigTz3dp1uG5V3/YIz+hKKbWfvxHgueXKEbu NJdFJx5//dbxWiET5tj0DAH4I/a1jD99mmUla1SHR9AKVyQGkYAezPxzfh3dRnLF8uMP VtkhCNaoSpRQuBrJ37tBjWpw2LaK0eZLxySxS17y5dSjSPOig7oyNWBo8pDpUVGnPeuS Z5yg== X-Gm-Message-State: AKaTC01lvt5bcjcbW7J49uLVoYaExEWIn1DpRq9YYzo2dXwRbd1cDonjOPCAwFltyMUKhg== X-Received: by 10.99.122.92 with SMTP id j28mr4756403pgn.64.1481829852023; Thu, 15 Dec 2016 11:24:12 -0800 (PST) Received: from ebiggers-linuxstation.kir.corp.google.com ([100.119.30.131]) by smtp.gmail.com with ESMTPSA id c22sm6390976pgn.12.2016.12.15.11.24.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 15 Dec 2016 11:24:11 -0800 (PST) From: Eric Biggers To: linux-fsdevel@vger.kernel.org Cc: "Theodore Y . Ts'o" , Jaegeuk Kim , linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, Richard Weinberger , David Gstir , Eric Biggers Subject: [PATCH 2/3] fscrypt: fix renaming and linking special files Date: Thu, 15 Dec 2016 11:19:43 -0800 Message-Id: <1481829584-50218-2-git-send-email-ebiggers3@gmail.com> X-Mailer: git-send-email 2.8.0.rc3.226.g39d4020 In-Reply-To: <1481829584-50218-1-git-send-email-ebiggers3@gmail.com> References: <1481829584-50218-1-git-send-email-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers Attempting to link a device node, named pipe, or socket file into an encrypted directory through rename(2) or link(2) always failed with EPERM. This happened because fscrypt_permitted_context() saw that the file was unencrypted and forbid creating the link. This behavior was unexpected because such files are never encrypted; only regular files, directories, and symlinks can be encrypted. To fix this, make fscrypt_has_permitted_context() always return true on special files. This will be covered by a test in my encryption xfstests patchset. Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt support") Signed-off-by: Eric Biggers Reviewed-by: Richard Weinberger --- fs/crypto/policy.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c index 5de0633..2e50cbc 100644 --- a/fs/crypto/policy.c +++ b/fs/crypto/policy.c @@ -198,6 +198,11 @@ int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) if (!cops->is_encrypted(parent)) return 1; + /* No restrictions on file types which are never encrypted */ + if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) && + !S_ISLNK(child->i_mode)) + return 1; + /* Encrypted directories must not contain unencrypted files */ if (!cops->is_encrypted(child)) return 0;