linux-stable.git/fs/ecryptfs/inode.c, branch v3.2.2 Linux kernel stable tree eCryptfs: Prevent file create race condition 2011-11-23T21:39:38+00:00 Tyler Hicks tyhicks@canonical.com 2011-11-21T23:31:02+00:00 b59db43ad4434519feb338eacb01d77eb50825c5 The file creation path prematurely called d_instantiate() and unlock_new_inode() before the eCryptfs inode info was fully allocated and initialized and before the eCryptfs metadata was written to the lower file. This could result in race conditions in subsequent file and inode operations leading to unexpected error conditions or a null pointer dereference while attempting to use the unallocated memory. https://launchpad.net/bugs/813146 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Cc: stable@kernel.org 
The file creation path prematurely called d_instantiate() and
unlock_new_inode() before the eCryptfs inode info was fully
allocated and initialized and before the eCryptfs metadata was written
to the lower file.

This could result in race conditions in subsequent file and inode
operations leading to unexpected error conditions or a null pointer
dereference while attempting to use the unallocated memory.

https://launchpad.net/bugs/813146

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Cc: stable@kernel.org
filesystems: add set_nlink() 2011-11-02T11:53:43+00:00 Miklos Szeredi mszeredi@suse.cz 2011-10-28T12:13:29+00:00 bfe8684869601dacfcb2cd69ef8cfd9045f62170 Replace remaining direct i_nlink updates with a new set_nlink() updater function. Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Tested-by: Toshiyuki Okajima <toshi.okajima@jp.fujitsu.com> Signed-off-by: Christoph Hellwig <hch@lst.de> 
Replace remaining direct i_nlink updates with a new set_nlink()
updater function.

Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Tested-by: Toshiyuki Okajima <toshi.okajima@jp.fujitsu.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
ecryptfs: Make inode bdi consistent with superblock bdi 2011-07-29T04:48:26+00:00 Thieu Le thieule@chromium.org 2011-07-26T23:15:10+00:00 985ca0e626e195ea08a1a82b8dbeb6719747429a Make the inode mapping bdi consistent with the superblock bdi so that dirty pages are flushed properly. Signed-off-by: Thieu Le <thieule@chromium.org> Cc: <stable@kernel.org> [2.6.39+] Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 
Make the inode mapping bdi consistent with the superblock bdi so that
dirty pages are flushed properly.

Signed-off-by: Thieu Le <thieule@chromium.org>
Cc: <stable@kernel.org> [2.6.39+]
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
don't pass nameidata to vfs_create() from ecryptfs_create() 2011-07-20T05:43:54+00:00 Al Viro viro@zeniv.linux.org.uk 2011-06-26T01:08:31+00:00 bf6c7f6c7bd0ea779757d35b5fdc9f9157f056b3 Instead of playing with removal of LOOKUP_OPEN, mangling (and restoring) nd->path, just pass NULL to vfs_create(). The whole point of what's being done there is to suppress any attempts to open file by underlying fs, which is what nd == NULL indicates. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Instead of playing with removal of LOOKUP_OPEN, mangling (and
restoring) nd->path, just pass NULL to vfs_create().  The whole
point of what's being done there is to suppress any attempts
to open file by underlying fs, which is what nd == NULL indicates.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
ecryptfs_inode_permission() doesn't need to bail out on RCU 2011-07-20T05:43:38+00:00 Al Viro viro@zeniv.linux.org.uk 2011-06-21T05:01:59+00:00 beefebf1aa611242e022e71bae87034f415d3314 ... now that inode_permission() can take MAY_NOT_BLOCK and handle it properly. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
... now that inode_permission() can take MAY_NOT_BLOCK and handle it
properly.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
->permission() sanitizing: don't pass flags to ->permission() 2011-07-20T05:43:24+00:00 Al Viro viro@zeniv.linux.org.uk 2011-06-20T23:28:19+00:00 10556cb21a0d0b24d95f00ea6df16f599a3345b2 not used by the instances anymore. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
not used by the instances anymore.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
eCryptfs: Cleanup and optimize ecryptfs_lookup_interpose() 2011-05-29T19:24:24+00:00 Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T09:56:23+00:00 778aeb42a708d2a57e491d2cbb5a1e74f61270b9 ecryptfs_lookup_interpose() has turned into spaghetti code over the years. This is an effort to clean it up. - Shorten overly descriptive variable names such as ecryptfs_dentry - Simplify gotos and error paths - Create helper function for reading plaintext i_size from metadata It also includes an optimization when reading i_size from the metadata. A complete page-sized kmem_cache_alloc() was being done to read in 16 bytes of metadata. The buffer for that is now statically declared. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 
ecryptfs_lookup_interpose() has turned into spaghetti code over the
years. This is an effort to clean it up.

 - Shorten overly descriptive variable names such as ecryptfs_dentry
 - Simplify gotos and error paths
 - Create helper function for reading plaintext i_size from metadata

It also includes an optimization when reading i_size from the metadata.
A complete page-sized kmem_cache_alloc() was being done to read in 16
bytes of metadata. The buffer for that is now statically declared.

Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
eCryptfs: Fix new inode race condition 2011-05-29T19:23:39+00:00 Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T08:49:02+00:00 3b06b3ebf44170c90c893c6c80916db6e922b9f2 Only unlock and d_add() new inodes after the plaintext inode size has been read from the lower filesystem. This fixes a race condition that was sometimes seen during a multi-job kernel build in an eCryptfs mount. https://bugzilla.kernel.org/show_bug.cgi?id=36002 Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Reported-by: David <david@unsolicited.net> Tested-by: David <david@unsolicited.net> 
Only unlock and d_add() new inodes after the plaintext inode size has
been read from the lower filesystem. This fixes a race condition that
was sometimes seen during a multi-job kernel build in an eCryptfs mount.

https://bugzilla.kernel.org/show_bug.cgi?id=36002

Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Reported-by: David <david@unsolicited.net>
Tested-by: David <david@unsolicited.net>
eCryptfs: Cleanup inode initialization code 2011-05-29T17:51:17+00:00 Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T07:16:51+00:00 5ccf92037c7c6e6f28175fd245284923f939259f The eCryptfs inode get, initialization, and dentry interposition code has two separate paths. One is for when dentry interposition is needed after doing things like a mkdir in the lower filesystem and the other is needed after a lookup. Unlocking new inodes and doing a d_add() needs to happen at different times, depending on which type of dentry interposing is being done. This patch cleans up the inode get and initialization code paths and splits them up so that the locking and d_add() differences mentioned above can be handled appropriately in a later patch. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Tested-by: David <david@unsolicited.net> 
The eCryptfs inode get, initialization, and dentry interposition code
has two separate paths. One is for when dentry interposition is needed
after doing things like a mkdir in the lower filesystem and the other
is needed after a lookup. Unlocking new inodes and doing a d_add() needs
to happen at different times, depending on which type of dentry
interposing is being done.

This patch cleans up the inode get and initialization code paths and
splits them up so that the locking and d_add() differences mentioned
above can be handled appropriately in a later patch.

Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Tested-by: David <david@unsolicited.net>
eCryptfs: Consolidate inode functions into inode.c 2011-05-29T17:49:53+00:00 Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-05-24T02:18:20+00:00 c4f790736ca8d7d86883c5aee2ba1caa15cd8da3 These functions should live in inode.c since their focus is on inodes and they're primarily used by functions in inode.c. Also does a simple cleanup of ecryptfs_inode_test() and rolls ecryptfs_init_inode() into ecryptfs_inode_set(). Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Tested-by: David <david@unsolicited.net> 
These functions should live in inode.c since their focus is on inodes
and they're primarily used by functions in inode.c.

Also does a simple cleanup of ecryptfs_inode_test() and rolls
ecryptfs_init_inode() into ecryptfs_inode_set().

Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Tested-by: David <david@unsolicited.net>