Commit 84814d64 authored by Tyler Hicks's avatar Tyler Hicks Committed by Linus Torvalds

eCryptfs: don't encrypt file key with filename key

eCryptfs has file encryption keys (FEK), file encryption key encryption
keys (FEKEK), and filename encryption keys (FNEK).  The per-file FEK is
encrypted with one or more FEKEKs and stored in the header of the
encrypted file.  I noticed that the FEK is also being encrypted by the
FNEK.  This is a problem if a user wants to use a different FNEK than
their FEKEK, as their file contents will still be accessible with the
FNEK.

This is a minimalistic patch which prevents the FNEKs signatures from
being copied to the inode signatures list.  Ultimately, it keeps the FEK
from being encrypted with a FNEK.
Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
Cc: Serge Hallyn <serue@us.ibm.com>
Acked-by: default avatarDustin Kirkland <kirkland@canonical.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 15e7b876
...@@ -946,6 +946,8 @@ static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs( ...@@ -946,6 +946,8 @@ static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs(
list_for_each_entry(global_auth_tok, list_for_each_entry(global_auth_tok,
&mount_crypt_stat->global_auth_tok_list, &mount_crypt_stat->global_auth_tok_list,
mount_crypt_stat_list) { mount_crypt_stat_list) {
if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK)
continue;
rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig);
if (rc) { if (rc) {
printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc);
......
...@@ -328,6 +328,7 @@ struct ecryptfs_dentry_info { ...@@ -328,6 +328,7 @@ struct ecryptfs_dentry_info {
*/ */
struct ecryptfs_global_auth_tok { struct ecryptfs_global_auth_tok {
#define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 #define ECRYPTFS_AUTH_TOK_INVALID 0x00000001
#define ECRYPTFS_AUTH_TOK_FNEK 0x00000002
u32 flags; u32 flags;
struct list_head mount_crypt_stat_list; struct list_head mount_crypt_stat_list;
struct key *global_auth_tok_key; struct key *global_auth_tok_key;
...@@ -696,7 +697,7 @@ ecryptfs_write_header_metadata(char *virt, ...@@ -696,7 +697,7 @@ ecryptfs_write_header_metadata(char *virt,
int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig); int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig);
int int
ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
char *sig); char *sig, u32 global_auth_tok_flags);
int ecryptfs_get_global_auth_tok_for_sig( int ecryptfs_get_global_auth_tok_for_sig(
struct ecryptfs_global_auth_tok **global_auth_tok, struct ecryptfs_global_auth_tok **global_auth_tok,
struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig); struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig);
......
...@@ -2375,7 +2375,7 @@ struct kmem_cache *ecryptfs_global_auth_tok_cache; ...@@ -2375,7 +2375,7 @@ struct kmem_cache *ecryptfs_global_auth_tok_cache;
int int
ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
char *sig) char *sig, u32 global_auth_tok_flags)
{ {
struct ecryptfs_global_auth_tok *new_auth_tok; struct ecryptfs_global_auth_tok *new_auth_tok;
int rc = 0; int rc = 0;
...@@ -2389,6 +2389,7 @@ ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, ...@@ -2389,6 +2389,7 @@ ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
goto out; goto out;
} }
memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX);
new_auth_tok->flags = global_auth_tok_flags;
new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
list_add(&new_auth_tok->mount_crypt_stat_list, list_add(&new_auth_tok->mount_crypt_stat_list,
......
...@@ -319,7 +319,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) ...@@ -319,7 +319,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
case ecryptfs_opt_ecryptfs_sig: case ecryptfs_opt_ecryptfs_sig:
sig_src = args[0].from; sig_src = args[0].from;
rc = ecryptfs_add_global_auth_tok(mount_crypt_stat, rc = ecryptfs_add_global_auth_tok(mount_crypt_stat,
sig_src); sig_src, 0);
if (rc) { if (rc) {
printk(KERN_ERR "Error attempting to register " printk(KERN_ERR "Error attempting to register "
"global sig; rc = [%d]\n", rc); "global sig; rc = [%d]\n", rc);
...@@ -370,7 +370,8 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) ...@@ -370,7 +370,8 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
ECRYPTFS_SIG_SIZE_HEX] = '\0'; ECRYPTFS_SIG_SIZE_HEX] = '\0';
rc = ecryptfs_add_global_auth_tok( rc = ecryptfs_add_global_auth_tok(
mount_crypt_stat, mount_crypt_stat,
mount_crypt_stat->global_default_fnek_sig); mount_crypt_stat->global_default_fnek_sig,
ECRYPTFS_AUTH_TOK_FNEK);
if (rc) { if (rc) {
printk(KERN_ERR "Error attempting to register " printk(KERN_ERR "Error attempting to register "
"global fnek sig [%s]; rc = [%d]\n", "global fnek sig [%s]; rc = [%d]\n",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment