1. 19 Apr, 2010 5 commits
    • Tyler Hicks's avatar
      eCryptfs: Turn lower lookup error messages into debug messages · 9f37622f
      Tyler Hicks authored
      Vaugue warnings about ENAMETOOLONG errors when looking up an encrypted
      file name have caused many users to become concerned about their data.
      Since this is a rather harmless condition, I'm moving this warning to
      only be printed when the ecryptfs_verbosity module param is 1.
      Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
      9f37622f
    • Tyler Hicks's avatar
      eCryptfs: Copy lower directory inode times and size on link · 3a8380c0
      Tyler Hicks authored
      The timestamps and size of a lower inode involved in a link() call was
      being copied to the upper parent inode.  Instead, we should be
      copying lower parent inode's timestamps and size to the upper parent
      inode.  I discovered this bug using the POSIX test suite at Tuxera.
      Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
      3a8380c0
    • Jeff Mahoney's avatar
      ecryptfs: fix use with tmpfs by removing d_drop from ecryptfs_destroy_inode · 133b8f9d
      Jeff Mahoney authored
      Since tmpfs has no persistent storage, it pins all its dentries in memory
      so they have d_count=1 when other file systems would have d_count=0.
      ->lookup is only used to create new dentries. If the caller doesn't
      instantiate it, it's freed immediately at dput(). ->readdir reads
      directly from the dcache and depends on the dentries being hashed.
      
      When an ecryptfs mount is mounted, it associates the lower file and dentry
      with the ecryptfs files as they're accessed. When it's umounted and
      destroys all the in-memory ecryptfs inodes, it fput's the lower_files and
      d_drop's the lower_dentries. Commit 4981e081 added this and a d_delete in
      2008 and several months later commit caeeeecf removed the d_delete. I
      believe the d_drop() needs to be removed as well.
      
      The d_drop effectively hides any file that has been accessed via ecryptfs
      from the underlying tmpfs since it depends on it being hashed for it to
      be accessible. I've removed the d_drop on my development node and see no
      ill effects with basic testing on both tmpfs and persistent storage.
      
      As a side effect, after ecryptfs d_drops the dentries on tmpfs, tmpfs
      BUGs on umount. This is due to the dentries being unhashed.
      tmpfs->kill_sb is kill_litter_super which calls d_genocide to drop
      the reference pinning the dentry. It skips unhashed and negative dentries,
      but shrink_dcache_for_umount_subtree doesn't. Since those dentries
      still have an elevated d_count, we get a BUG().
      
      This patch removes the d_drop call and fixes both issues.
      
      This issue was reported at:
      https://bugzilla.novell.com/show_bug.cgi?id=567887Reported-by: default avatarÁrpád Bíró <biroa@demasz.hu>
      Signed-off-by: default avatarJeff Mahoney <jeffm@suse.com>
      Cc: Dustin Kirkland <kirkland@canonical.com>
      Cc: stable@kernel.org
      Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
      133b8f9d
    • Christian Pulvermacher's avatar
      ecryptfs: fix error code for missing xattrs in lower fs · cfce08c6
      Christian Pulvermacher authored
      If the lower file system driver has extended attributes disabled,
      ecryptfs' own access functions return -ENOSYS instead of -EOPNOTSUPP.
      This breaks execution of programs in the ecryptfs mount, since the
      kernel expects the latter error when checking for security
      capabilities in xattrs.
      Signed-off-by: default avatarChristian Pulvermacher <pulvermacher@gmx.de>
      Cc: stable@kernel.org
      Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
      cfce08c6
    • Tyler Hicks's avatar
      eCryptfs: Decrypt symlink target for stat size · 3a60a168
      Tyler Hicks authored
      Create a getattr handler for eCryptfs symlinks that is capable of
      reading the lower target and decrypting its path.  Prior to this patch,
      a stat's st_size field would represent the strlen of the encrypted path,
      while readlink() would return the strlen of the decrypted path.  This
      could lead to confusion in some userspace applications, since the two
      values should be equal.
      
      https://bugs.launchpad.net/bugs/524919Reported-by: default avatarLoïc Minier <loic.minier@canonical.com>
      Cc: stable@kernel.org
      Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
      3a60a168
  2. 23 Mar, 2010 4 commits
  3. 20 Mar, 2010 3 commits
  4. 19 Mar, 2010 28 commits