mirror of
https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
synced 2024-11-01 10:33:27 +00:00
323ef68faf
read() calls against a file descriptor connected to a directory are
incorrectly returning EINVAL rather than EISDIR:
[EISDIR]
[XSI] [Option Start] The fildes argument refers to a directory and the
implementation does not allow the directory to be read using read()
or pread(). The readdir() function should be used instead. [Option End]
This occurs because we do not have a .read operation defined for
ecryptfs directories. Connect this up to generic_read_dir().
BugLink: http://bugs.launchpad.net/bugs/719691
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
352 lines
10 KiB
C
352 lines
10 KiB
C
/**
|
|
* eCryptfs: Linux filesystem encryption layer
|
|
*
|
|
* Copyright (C) 1997-2004 Erez Zadok
|
|
* Copyright (C) 2001-2004 Stony Brook University
|
|
* Copyright (C) 2004-2007 International Business Machines Corp.
|
|
* Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
|
|
* Michael C. Thompson <mcthomps@us.ibm.com>
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License as
|
|
* published by the Free Software Foundation; either version 2 of the
|
|
* License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
|
|
* 02111-1307, USA.
|
|
*/
|
|
|
|
#include <linux/file.h>
|
|
#include <linux/poll.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/mount.h>
|
|
#include <linux/pagemap.h>
|
|
#include <linux/security.h>
|
|
#include <linux/compat.h>
|
|
#include <linux/fs_stack.h>
|
|
#include "ecryptfs_kernel.h"
|
|
|
|
/**
|
|
* ecryptfs_read_update_atime
|
|
*
|
|
* generic_file_read updates the atime of upper layer inode. But, it
|
|
* doesn't give us a chance to update the atime of the lower layer
|
|
* inode. This function is a wrapper to generic_file_read. It
|
|
* updates the atime of the lower level inode if generic_file_read
|
|
* returns without any errors. This is to be used only for file reads.
|
|
* The function to be used for directory reads is ecryptfs_read.
|
|
*/
|
|
static ssize_t ecryptfs_read_update_atime(struct kiocb *iocb,
|
|
const struct iovec *iov,
|
|
unsigned long nr_segs, loff_t pos)
|
|
{
|
|
ssize_t rc;
|
|
struct dentry *lower_dentry;
|
|
struct vfsmount *lower_vfsmount;
|
|
struct file *file = iocb->ki_filp;
|
|
|
|
rc = generic_file_aio_read(iocb, iov, nr_segs, pos);
|
|
/*
|
|
* Even though this is a async interface, we need to wait
|
|
* for IO to finish to update atime
|
|
*/
|
|
if (-EIOCBQUEUED == rc)
|
|
rc = wait_on_sync_kiocb(iocb);
|
|
if (rc >= 0) {
|
|
lower_dentry = ecryptfs_dentry_to_lower(file->f_path.dentry);
|
|
lower_vfsmount = ecryptfs_dentry_to_lower_mnt(file->f_path.dentry);
|
|
touch_atime(lower_vfsmount, lower_dentry);
|
|
}
|
|
return rc;
|
|
}
|
|
|
|
struct ecryptfs_getdents_callback {
|
|
void *dirent;
|
|
struct dentry *dentry;
|
|
filldir_t filldir;
|
|
int filldir_called;
|
|
int entries_written;
|
|
};
|
|
|
|
/* Inspired by generic filldir in fs/readdir.c */
|
|
static int
|
|
ecryptfs_filldir(void *dirent, const char *lower_name, int lower_namelen,
|
|
loff_t offset, u64 ino, unsigned int d_type)
|
|
{
|
|
struct ecryptfs_getdents_callback *buf =
|
|
(struct ecryptfs_getdents_callback *)dirent;
|
|
size_t name_size;
|
|
char *name;
|
|
int rc;
|
|
|
|
buf->filldir_called++;
|
|
rc = ecryptfs_decode_and_decrypt_filename(&name, &name_size,
|
|
buf->dentry, lower_name,
|
|
lower_namelen);
|
|
if (rc) {
|
|
printk(KERN_ERR "%s: Error attempting to decode and decrypt "
|
|
"filename [%s]; rc = [%d]\n", __func__, lower_name,
|
|
rc);
|
|
goto out;
|
|
}
|
|
rc = buf->filldir(buf->dirent, name, name_size, offset, ino, d_type);
|
|
kfree(name);
|
|
if (rc >= 0)
|
|
buf->entries_written++;
|
|
out:
|
|
return rc;
|
|
}
|
|
|
|
/**
|
|
* ecryptfs_readdir
|
|
* @file: The eCryptfs directory file
|
|
* @dirent: Directory entry handle
|
|
* @filldir: The filldir callback function
|
|
*/
|
|
static int ecryptfs_readdir(struct file *file, void *dirent, filldir_t filldir)
|
|
{
|
|
int rc;
|
|
struct file *lower_file;
|
|
struct inode *inode;
|
|
struct ecryptfs_getdents_callback buf;
|
|
|
|
lower_file = ecryptfs_file_to_lower(file);
|
|
lower_file->f_pos = file->f_pos;
|
|
inode = file->f_path.dentry->d_inode;
|
|
memset(&buf, 0, sizeof(buf));
|
|
buf.dirent = dirent;
|
|
buf.dentry = file->f_path.dentry;
|
|
buf.filldir = filldir;
|
|
buf.filldir_called = 0;
|
|
buf.entries_written = 0;
|
|
rc = vfs_readdir(lower_file, ecryptfs_filldir, (void *)&buf);
|
|
file->f_pos = lower_file->f_pos;
|
|
if (rc < 0)
|
|
goto out;
|
|
if (buf.filldir_called && !buf.entries_written)
|
|
goto out;
|
|
if (rc >= 0)
|
|
fsstack_copy_attr_atime(inode,
|
|
lower_file->f_path.dentry->d_inode);
|
|
out:
|
|
return rc;
|
|
}
|
|
|
|
struct kmem_cache *ecryptfs_file_info_cache;
|
|
|
|
/**
|
|
* ecryptfs_open
|
|
* @inode: inode speciying file to open
|
|
* @file: Structure to return filled in
|
|
*
|
|
* Opens the file specified by inode.
|
|
*
|
|
* Returns zero on success; non-zero otherwise
|
|
*/
|
|
static int ecryptfs_open(struct inode *inode, struct file *file)
|
|
{
|
|
int rc = 0;
|
|
struct ecryptfs_crypt_stat *crypt_stat = NULL;
|
|
struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
|
|
struct dentry *ecryptfs_dentry = file->f_path.dentry;
|
|
/* Private value of ecryptfs_dentry allocated in
|
|
* ecryptfs_lookup() */
|
|
struct dentry *lower_dentry;
|
|
struct ecryptfs_file_info *file_info;
|
|
|
|
mount_crypt_stat = &ecryptfs_superblock_to_private(
|
|
ecryptfs_dentry->d_sb)->mount_crypt_stat;
|
|
if ((mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
|
|
&& ((file->f_flags & O_WRONLY) || (file->f_flags & O_RDWR)
|
|
|| (file->f_flags & O_CREAT) || (file->f_flags & O_TRUNC)
|
|
|| (file->f_flags & O_APPEND))) {
|
|
printk(KERN_WARNING "Mount has encrypted view enabled; "
|
|
"files may only be read\n");
|
|
rc = -EPERM;
|
|
goto out;
|
|
}
|
|
/* Released in ecryptfs_release or end of function if failure */
|
|
file_info = kmem_cache_zalloc(ecryptfs_file_info_cache, GFP_KERNEL);
|
|
ecryptfs_set_file_private(file, file_info);
|
|
if (!file_info) {
|
|
ecryptfs_printk(KERN_ERR,
|
|
"Error attempting to allocate memory\n");
|
|
rc = -ENOMEM;
|
|
goto out;
|
|
}
|
|
lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry);
|
|
crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
|
|
mutex_lock(&crypt_stat->cs_mutex);
|
|
if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) {
|
|
ecryptfs_printk(KERN_DEBUG, "Setting flags for stat...\n");
|
|
/* Policy code enabled in future release */
|
|
crypt_stat->flags |= (ECRYPTFS_POLICY_APPLIED
|
|
| ECRYPTFS_ENCRYPTED);
|
|
}
|
|
mutex_unlock(&crypt_stat->cs_mutex);
|
|
rc = ecryptfs_init_persistent_file(ecryptfs_dentry);
|
|
if (rc) {
|
|
printk(KERN_ERR "%s: Error attempting to initialize "
|
|
"the persistent file for the dentry with name "
|
|
"[%s]; rc = [%d]\n", __func__,
|
|
ecryptfs_dentry->d_name.name, rc);
|
|
goto out_free;
|
|
}
|
|
if ((ecryptfs_inode_to_private(inode)->lower_file->f_flags & O_ACCMODE)
|
|
== O_RDONLY && (file->f_flags & O_ACCMODE) != O_RDONLY) {
|
|
rc = -EPERM;
|
|
printk(KERN_WARNING "%s: Lower persistent file is RO; eCryptfs "
|
|
"file must hence be opened RO\n", __func__);
|
|
goto out_free;
|
|
}
|
|
ecryptfs_set_file_lower(
|
|
file, ecryptfs_inode_to_private(inode)->lower_file);
|
|
if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) {
|
|
ecryptfs_printk(KERN_DEBUG, "This is a directory\n");
|
|
mutex_lock(&crypt_stat->cs_mutex);
|
|
crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
|
|
mutex_unlock(&crypt_stat->cs_mutex);
|
|
rc = 0;
|
|
goto out;
|
|
}
|
|
mutex_lock(&crypt_stat->cs_mutex);
|
|
if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)
|
|
|| !(crypt_stat->flags & ECRYPTFS_KEY_VALID)) {
|
|
rc = ecryptfs_read_metadata(ecryptfs_dentry);
|
|
if (rc) {
|
|
ecryptfs_printk(KERN_DEBUG,
|
|
"Valid headers not found\n");
|
|
if (!(mount_crypt_stat->flags
|
|
& ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED)) {
|
|
rc = -EIO;
|
|
printk(KERN_WARNING "Either the lower file "
|
|
"is not in a valid eCryptfs format, "
|
|
"or the key could not be retrieved. "
|
|
"Plaintext passthrough mode is not "
|
|
"enabled; returning -EIO\n");
|
|
mutex_unlock(&crypt_stat->cs_mutex);
|
|
goto out_free;
|
|
}
|
|
rc = 0;
|
|
crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
|
|
mutex_unlock(&crypt_stat->cs_mutex);
|
|
goto out;
|
|
}
|
|
}
|
|
mutex_unlock(&crypt_stat->cs_mutex);
|
|
ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = "
|
|
"[0x%.16lx] size: [0x%.16llx]\n", inode, inode->i_ino,
|
|
(unsigned long long)i_size_read(inode));
|
|
goto out;
|
|
out_free:
|
|
kmem_cache_free(ecryptfs_file_info_cache,
|
|
ecryptfs_file_to_private(file));
|
|
out:
|
|
return rc;
|
|
}
|
|
|
|
static int ecryptfs_flush(struct file *file, fl_owner_t td)
|
|
{
|
|
int rc = 0;
|
|
struct file *lower_file = NULL;
|
|
|
|
lower_file = ecryptfs_file_to_lower(file);
|
|
if (lower_file->f_op && lower_file->f_op->flush)
|
|
rc = lower_file->f_op->flush(lower_file, td);
|
|
return rc;
|
|
}
|
|
|
|
static int ecryptfs_release(struct inode *inode, struct file *file)
|
|
{
|
|
kmem_cache_free(ecryptfs_file_info_cache,
|
|
ecryptfs_file_to_private(file));
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
ecryptfs_fsync(struct file *file, int datasync)
|
|
{
|
|
return vfs_fsync(ecryptfs_file_to_lower(file), datasync);
|
|
}
|
|
|
|
static int ecryptfs_fasync(int fd, struct file *file, int flag)
|
|
{
|
|
int rc = 0;
|
|
struct file *lower_file = NULL;
|
|
|
|
lower_file = ecryptfs_file_to_lower(file);
|
|
if (lower_file->f_op && lower_file->f_op->fasync)
|
|
rc = lower_file->f_op->fasync(fd, lower_file, flag);
|
|
return rc;
|
|
}
|
|
|
|
static long
|
|
ecryptfs_unlocked_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
|
|
{
|
|
struct file *lower_file = NULL;
|
|
long rc = -ENOTTY;
|
|
|
|
if (ecryptfs_file_to_private(file))
|
|
lower_file = ecryptfs_file_to_lower(file);
|
|
if (lower_file && lower_file->f_op && lower_file->f_op->unlocked_ioctl)
|
|
rc = lower_file->f_op->unlocked_ioctl(lower_file, cmd, arg);
|
|
return rc;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
static long
|
|
ecryptfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
|
|
{
|
|
struct file *lower_file = NULL;
|
|
long rc = -ENOIOCTLCMD;
|
|
|
|
if (ecryptfs_file_to_private(file))
|
|
lower_file = ecryptfs_file_to_lower(file);
|
|
if (lower_file && lower_file->f_op && lower_file->f_op->compat_ioctl)
|
|
rc = lower_file->f_op->compat_ioctl(lower_file, cmd, arg);
|
|
return rc;
|
|
}
|
|
#endif
|
|
|
|
const struct file_operations ecryptfs_dir_fops = {
|
|
.readdir = ecryptfs_readdir,
|
|
.read = generic_read_dir,
|
|
.unlocked_ioctl = ecryptfs_unlocked_ioctl,
|
|
#ifdef CONFIG_COMPAT
|
|
.compat_ioctl = ecryptfs_compat_ioctl,
|
|
#endif
|
|
.open = ecryptfs_open,
|
|
.flush = ecryptfs_flush,
|
|
.release = ecryptfs_release,
|
|
.fsync = ecryptfs_fsync,
|
|
.fasync = ecryptfs_fasync,
|
|
.splice_read = generic_file_splice_read,
|
|
.llseek = default_llseek,
|
|
};
|
|
|
|
const struct file_operations ecryptfs_main_fops = {
|
|
.llseek = generic_file_llseek,
|
|
.read = do_sync_read,
|
|
.aio_read = ecryptfs_read_update_atime,
|
|
.write = do_sync_write,
|
|
.aio_write = generic_file_aio_write,
|
|
.readdir = ecryptfs_readdir,
|
|
.unlocked_ioctl = ecryptfs_unlocked_ioctl,
|
|
#ifdef CONFIG_COMPAT
|
|
.compat_ioctl = ecryptfs_compat_ioctl,
|
|
#endif
|
|
.mmap = generic_file_mmap,
|
|
.open = ecryptfs_open,
|
|
.flush = ecryptfs_flush,
|
|
.release = ecryptfs_release,
|
|
.fsync = ecryptfs_fsync,
|
|
.fasync = ecryptfs_fasync,
|
|
.splice_read = generic_file_splice_read,
|
|
};
|