• Tyler Hicks's avatar
    eCryptfs: don't pass fs-specific ioctl commands through · ba4e25ac
    Tyler Hicks authored
    commit 6d65261a upstream.
    
    eCryptfs can't be aware of what to expect when after passing an
    arbitrary ioctl command through to the lower filesystem. The ioctl
    command may trigger an action in the lower filesystem that is
    incompatible with eCryptfs.
    
    One specific example is when one attempts to use the Btrfs clone
    ioctl command when the source file is in the Btrfs filesystem that
    eCryptfs is mounted on top of and the destination fd is from a new file
    created in the eCryptfs mount. The ioctl syscall incorrectly returns
    success because the command is passed down to Btrfs which thinks that it
    was able to do the clone operation. However, the result is an empty
    eCryptfs file.
    
    This patch allows the trim, {g,s}etflags, and {g,s}etversion ioctl
    commands through and then copies up the inode metadata from the lower
    inode to the eCryptfs inode to catch any changes made to the lower
    inode's metadata. Those five ioctl commands are mostly common across all
    filesystems but the whitelist may need to be further pruned in the
    future.
    
    https://bugzilla.kernel.org/show_bug.cgi?id=93691
    https://launchpad.net/bugs/1305335Signed-off-by: default avatarTyler Hicks <tyhicks@canonical.com>
    Cc: Rocko <rockorequin@hotmail.com>
    Cc: Colin Ian King <colin.king@canonical.com>
    [lizf: Backported to 3.4:
     - adjust context
     - there's no file_inode(), so open-code it]
    Signed-off-by: default avatarZefan Li <lizefan@huawei.com>
    ba4e25ac
file.c 10.7 KB