• Michael Halcrow's avatar
    eCryptfs: Privileged kthread for lower file opens · 746f1e55
    Michael Halcrow authored
    eCryptfs would really like to have read-write access to all files in the
    lower filesystem.  Right now, the persistent lower file may be opened
    read-only if the attempt to open it read-write fails.  One way to keep
    from having to do that is to have a privileged kthread that can open the
    lower persistent file on behalf of the user opening the eCryptfs file;
    this patch implements this functionality.
    
    This patch will properly allow a less-privileged user to open the eCryptfs
    file, followed by a more-privileged user opening the eCryptfs file, with
    the first user only being able to read and the second user being able to
    both read and write.  eCryptfs currently does this wrong; it will wind up
    calling vfs_write() on a file that was opened read-only.  This is fixed in
    this patch.
    Signed-off-by: default avatarMichael Halcrow <mhalcrow@us.ibm.com>
    Cc: Dave Kleikamp <shaggy@austin.ibm.com>
    Cc: Serge Hallyn <serue@us.ibm.com>
    Cc: Eric Sandeen <sandeen@redhat.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    746f1e55
main.c 23.5 KB