eCryptfs: don't encrypt file key with filename key
authorTyler Hicks <tyhicks@linux.vnet.ibm.com>
Fri, 13 Mar 2009 20:51:59 +0000 (13:51 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Sat, 14 Mar 2009 18:57:22 +0000 (11:57 -0700)
eCryptfs has file encryption keys (FEK), file encryption key encryption
keys (FEKEK), and filename encryption keys (FNEK).  The per-file FEK is
encrypted with one or more FEKEKs and stored in the header of the
encrypted file.  I noticed that the FEK is also being encrypted by the
FNEK.  This is a problem if a user wants to use a different FNEK than
their FEKEK, as their file contents will still be accessible with the
FNEK.

This is a minimalistic patch which prevents the FNEKs signatures from
being copied to the inode signatures list.  Ultimately, it keeps the FEK
from being encrypted with a FNEK.

Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Cc: Serge Hallyn <serue@us.ibm.com>
Acked-by: Dustin Kirkland <kirkland@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/ecryptfs/crypto.c
fs/ecryptfs/ecryptfs_kernel.h
fs/ecryptfs/keystore.c
fs/ecryptfs/main.c

index f6caeb1d110621e7c24c1ab0b714f5774e333a93..bdca1f4b3a3e834d14a5913caf45dc7871b2734c 100644 (file)
@@ -946,6 +946,8 @@ static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs(
        list_for_each_entry(global_auth_tok,
                            &mount_crypt_stat->global_auth_tok_list,
                            mount_crypt_stat_list) {
+               if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK)
+                       continue;
                rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig);
                if (rc) {
                        printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc);
index c11fc95714abe5208f7eecdbe7f528e9ab0befd3..eb2267eca1fe5966b63acfb59dc79727a1c034cc 100644 (file)
@@ -328,6 +328,7 @@ struct ecryptfs_dentry_info {
  */
 struct ecryptfs_global_auth_tok {
 #define ECRYPTFS_AUTH_TOK_INVALID 0x00000001
+#define ECRYPTFS_AUTH_TOK_FNEK    0x00000002
        u32 flags;
        struct list_head mount_crypt_stat_list;
        struct key *global_auth_tok_key;
@@ -696,7 +697,7 @@ ecryptfs_write_header_metadata(char *virt,
 int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig);
 int
 ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
-                          char *sig);
+                          char *sig, u32 global_auth_tok_flags);
 int ecryptfs_get_global_auth_tok_for_sig(
        struct ecryptfs_global_auth_tok **global_auth_tok,
        struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig);
index ff539420cc6f0f4f319bd37ebe82123ae3c691d2..e4a6223c314594c71402ef373ee0e6e092d55bd3 100644 (file)
@@ -2375,7 +2375,7 @@ struct kmem_cache *ecryptfs_global_auth_tok_cache;
 
 int
 ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
-                            char *sig)
+                            char *sig, u32 global_auth_tok_flags)
 {
        struct ecryptfs_global_auth_tok *new_auth_tok;
        int rc = 0;
@@ -2389,6 +2389,7 @@ ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
                goto out;
        }
        memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX);
+       new_auth_tok->flags = global_auth_tok_flags;
        new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
        mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
        list_add(&new_auth_tok->mount_crypt_stat_list,
index 789cf2e1be1e65f545ee1e746eab4fdf66ca190a..aed56c25539bcdede1c4f6056f44c575baceb87a 100644 (file)
@@ -319,7 +319,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
                case ecryptfs_opt_ecryptfs_sig:
                        sig_src = args[0].from;
                        rc = ecryptfs_add_global_auth_tok(mount_crypt_stat,
-                                                         sig_src);
+                                                         sig_src, 0);
                        if (rc) {
                                printk(KERN_ERR "Error attempting to register "
                                       "global sig; rc = [%d]\n", rc);
@@ -370,7 +370,8 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
                                ECRYPTFS_SIG_SIZE_HEX] = '\0';
                        rc = ecryptfs_add_global_auth_tok(
                                mount_crypt_stat,
-                               mount_crypt_stat->global_default_fnek_sig);
+                               mount_crypt_stat->global_default_fnek_sig,
+                               ECRYPTFS_AUTH_TOK_FNEK);
                        if (rc) {
                                printk(KERN_ERR "Error attempting to register "
                                       "global fnek sig [%s]; rc = [%d]\n",