diff options
| author | Eric Biggers <ebiggers@google.com> | 2016-12-19 14:20:13 -0800 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2016-12-31 00:47:05 -0500 |
| commit | 42d97eb0ade31e1bc537d086842f5d6e766d9d51 (patch) | |
| tree | 04f4a277ddf959f3cabb6a97c7743806d9bd953e /fs/crypto | |
| parent | fe4f6c801c03bc13113d0dc32f02d4ea8ed89ffd (diff) | |
fscrypt: fix renaming and linking special files
Attempting to link a device node, named pipe, or socket file into an
encrypted directory through rename(2) or link(2) always failed with
EPERM. This happened because fscrypt_has_permitted_context() saw that
the file was unencrypted and forbid creating the link. This behavior
was unexpected because such files are never encrypted; only regular
files, directories, and symlinks can be encrypted.
To fix this, make fscrypt_has_permitted_context() always return true on
special files.
This will be covered by a test in my encryption xfstests patchset.
Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt support")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Richard Weinberger <richard@nod.at>
Cc: stable@vger.kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/crypto')
| -rw-r--r-- | fs/crypto/policy.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c index 6ed7c2eebeec..d6cd7ea4851d 100644 --- a/fs/crypto/policy.c +++ b/fs/crypto/policy.c @@ -179,6 +179,11 @@ int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) BUG_ON(1); } + /* No restrictions on file types which are never encrypted */ + if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) && + !S_ISLNK(child->i_mode)) + return 1; + /* no restrictions if the parent directory is not encrypted */ if (!parent->i_sb->s_cop->is_encrypted(parent)) return 1; |