drtracing.org Git - deliverable/linux.git/commit

author	Tyler Hicks <tyhicks@canonical.com>
	Tue, 7 Oct 2014 20:51:55 +0000 (15:51 -0500)
committer	Tyler Hicks <tyhicks@canonical.com>
	Thu, 23 Oct 2014 13:11:03 +0000 (09:11 -0400)
commit	332b122d39c9cbff8b799007a825d94b2e7c12f2
tree	3676cdebea8bffb909942ee4e5adb1b7ced2fc0f	tree \| snapshot
parent	c3351dfabf5c78fb5ddc79d0f7b65ebd9e441337	commit \| diff

eCryptfs: Force RO mount when encrypted view is enabled

The ecryptfs_encrypted_view mount option greatly changes the
functionality of an eCryptfs mount. Instead of encrypting and decrypting
lower files, it provides a unified view of the encrypted files in the
lower filesystem. The presence of the ecryptfs_encrypted_view mount
option is intended to force a read-only mount and modifying files is not
supported when the feature is in use. See the following commit for more
information:

e77a56d [PATCH] eCryptfs: Encrypted passthrough

This patch forces the mount to be read-only when the
ecryptfs_encrypted_view mount option is specified by setting the
MS_RDONLY flag on the superblock. Additionally, this patch removes some
broken logic in ecryptfs_open() that attempted to prevent modifications
of files when the encrypted view feature was in use. The check in
ecryptfs_open() was not sufficient to prevent file modifications using
system calls that do not operate on a file descriptor.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Priya Bansal <p.bansal@samsung.com>
Cc: stable@vger.kernel.org # v2.6.21+: e77a56d [PATCH] eCryptfs: Encrypted passthrough

fs/ecryptfs/file.c		diff \| blob \| blame \| history
fs/ecryptfs/main.c		diff \| blob \| blame \| history