Commit 93c3fe40 authored by Tyler Hicks's avatar Tyler Hicks

eCryptfs: Fix encrypted file name lookup regression

Fixes a regression caused by 21edad32

When file name encryption was enabled, ecryptfs_lookup() failed to use
the encrypted and encoded version of the upper, plaintext, file name
when performing a lookup in the lower file system. This made it
impossible to lookup existing encrypted file names and any newly created
files would have plaintext file names in the lower file system.

https://bugs.launchpad.net/ecryptfs/+bug/623087Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
parent 7371a382
...@@ -2169,7 +2169,6 @@ int ecryptfs_encrypt_and_encode_filename( ...@@ -2169,7 +2169,6 @@ int ecryptfs_encrypt_and_encode_filename(
(ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE
+ encoded_name_no_prefix_size); + encoded_name_no_prefix_size);
(*encoded_name)[(*encoded_name_size)] = '\0'; (*encoded_name)[(*encoded_name_size)] = '\0';
(*encoded_name_size)++;
} else { } else {
rc = -EOPNOTSUPP; rc = -EOPNOTSUPP;
} }
......
...@@ -349,7 +349,7 @@ int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, ...@@ -349,7 +349,7 @@ int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry,
/** /**
* ecryptfs_new_lower_dentry * ecryptfs_new_lower_dentry
* @ename: The name of the new dentry. * @name: The name of the new dentry.
* @lower_dir_dentry: Parent directory of the new dentry. * @lower_dir_dentry: Parent directory of the new dentry.
* @nd: nameidata from last lookup. * @nd: nameidata from last lookup.
* *
...@@ -386,20 +386,19 @@ ecryptfs_new_lower_dentry(struct qstr *name, struct dentry *lower_dir_dentry, ...@@ -386,20 +386,19 @@ ecryptfs_new_lower_dentry(struct qstr *name, struct dentry *lower_dir_dentry,
* ecryptfs_lookup_one_lower * ecryptfs_lookup_one_lower
* @ecryptfs_dentry: The eCryptfs dentry that we are looking up * @ecryptfs_dentry: The eCryptfs dentry that we are looking up
* @lower_dir_dentry: lower parent directory * @lower_dir_dentry: lower parent directory
* @name: lower file name
* *
* Get the lower dentry from vfs. If lower dentry does not exist yet, * Get the lower dentry from vfs. If lower dentry does not exist yet,
* create it. * create it.
*/ */
static struct dentry * static struct dentry *
ecryptfs_lookup_one_lower(struct dentry *ecryptfs_dentry, ecryptfs_lookup_one_lower(struct dentry *ecryptfs_dentry,
struct dentry *lower_dir_dentry) struct dentry *lower_dir_dentry, struct qstr *name)
{ {
struct nameidata nd; struct nameidata nd;
struct vfsmount *lower_mnt; struct vfsmount *lower_mnt;
struct qstr *name;
int err; int err;
name = &ecryptfs_dentry->d_name;
lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt( lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt(
ecryptfs_dentry->d_parent)); ecryptfs_dentry->d_parent));
err = vfs_path_lookup(lower_dir_dentry, lower_mnt, name->name , 0, &nd); err = vfs_path_lookup(lower_dir_dentry, lower_mnt, name->name , 0, &nd);
...@@ -434,6 +433,7 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, ...@@ -434,6 +433,7 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode,
size_t encrypted_and_encoded_name_size; size_t encrypted_and_encoded_name_size;
struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL;
struct dentry *lower_dir_dentry, *lower_dentry; struct dentry *lower_dir_dentry, *lower_dentry;
struct qstr lower_name;
int rc = 0; int rc = 0;
ecryptfs_dentry->d_op = &ecryptfs_dops; ecryptfs_dentry->d_op = &ecryptfs_dops;
...@@ -444,9 +444,17 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, ...@@ -444,9 +444,17 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode,
goto out_d_drop; goto out_d_drop;
} }
lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent); lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent);
lower_name.name = ecryptfs_dentry->d_name.name;
lower_name.len = ecryptfs_dentry->d_name.len;
lower_name.hash = ecryptfs_dentry->d_name.hash;
if (lower_dir_dentry->d_op && lower_dir_dentry->d_op->d_hash) {
rc = lower_dir_dentry->d_op->d_hash(lower_dir_dentry,
&lower_name);
if (rc < 0)
goto out_d_drop;
}
lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry, lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry,
lower_dir_dentry); lower_dir_dentry, &lower_name);
if (IS_ERR(lower_dentry)) { if (IS_ERR(lower_dentry)) {
rc = PTR_ERR(lower_dentry); rc = PTR_ERR(lower_dentry);
ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned " ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned "
...@@ -471,8 +479,17 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, ...@@ -471,8 +479,17 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode,
"filename; rc = [%d]\n", __func__, rc); "filename; rc = [%d]\n", __func__, rc);
goto out_d_drop; goto out_d_drop;
} }
lower_name.name = encrypted_and_encoded_name;
lower_name.len = encrypted_and_encoded_name_size;
lower_name.hash = full_name_hash(lower_name.name, lower_name.len);
if (lower_dir_dentry->d_op && lower_dir_dentry->d_op->d_hash) {
rc = lower_dir_dentry->d_op->d_hash(lower_dir_dentry,
&lower_name);
if (rc < 0)
goto out_d_drop;
}
lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry, lower_dentry = ecryptfs_lookup_one_lower(ecryptfs_dentry,
lower_dir_dentry); lower_dir_dentry, &lower_name);
if (IS_ERR(lower_dentry)) { if (IS_ERR(lower_dentry)) {
rc = PTR_ERR(lower_dentry); rc = PTR_ERR(lower_dentry);
ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned " ecryptfs_printk(KERN_DEBUG, "%s: lookup_one_lower() returned "
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment