[PATCH] eCryptfs: Mutex fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The MD5 TFM for an inode might be manipulated concurrently if two
separate reads on the same file occur. The crypt_stat struct for the
same inode may be manipulated concurrently if two open events on the
same inode occur. This patch adds mutex locks to resolve these issues.

Signed-off-by: Michael Halcrow <[email protected]>

---

 fs/ecryptfs/crypto.c |    2 ++
 fs/ecryptfs/file.c   |    6 ++++++
 2 files changed, 8 insertions(+), 0 deletions(-)

13663b8871df88686621ca9b701392235bf838c0
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index a7889cc..39d7ec0 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -97,6 +97,7 @@ static int ecryptfs_calculate_md5(char *
 	int rc = 0;
 	struct scatterlist sg;
 
+	mutex_lock(&crypt_stat->cs_md5_tfm_mutex);
 	sg_init_one(&sg, (u8 *)src, len);
 	if (!crypt_stat->md5_tfm) {
 		crypt_stat->md5_tfm =
@@ -111,6 +112,7 @@ static int ecryptfs_calculate_md5(char *
 	crypto_digest_init(crypt_stat->md5_tfm);
 	crypto_digest_update(crypt_stat->md5_tfm, &sg, 1);
 	crypto_digest_final(crypt_stat->md5_tfm, dst);
+	mutex_unlock(&crypt_stat->cs_md5_tfm_mutex);
 out:
 	return rc;
 }
diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c
index c84e1d2..b707a99 100644
--- a/fs/ecryptfs/file.c
+++ b/fs/ecryptfs/file.c
@@ -232,12 +232,14 @@ static int ecryptfs_open(struct inode *i
 	}
 	lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry);
 	crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
+	mutex_lock(&crypt_stat->cs_mutex);
 	if (!ECRYPTFS_CHECK_FLAG(crypt_stat->flags, ECRYPTFS_POLICY_APPLIED)) {
 		ecryptfs_printk(KERN_DEBUG, "Setting flags for stat...\n");
 		/* Policy code enabled in future release */
 		ECRYPTFS_SET_FLAG(crypt_stat->flags, ECRYPTFS_POLICY_APPLIED);
 		ECRYPTFS_SET_FLAG(crypt_stat->flags, ECRYPTFS_ENCRYPTED);
 	}
+	mutex_unlock(&crypt_stat->cs_mutex);
 	/* This mntget & dget is undone via fput when the file is released */
 	dget(lower_dentry);
 	lower_flags = file->f_flags;
@@ -263,10 +265,12 @@ static int ecryptfs_open(struct inode *i
 		rc = 0;
 		goto out;
 	}
+	mutex_lock(&crypt_stat->cs_mutex);
 	if (i_size_read(lower_inode) == 0) {
 		ecryptfs_printk(KERN_EMERG, "Zero-length lower file; "
 				"ecryptfs_create() had a problem?\n");
 		rc = -ENOENT;
+		mutex_unlock(&crypt_stat->cs_mutex);
 		goto out_puts;
 	} else if (!ECRYPTFS_CHECK_FLAG(crypt_stat->flags,
 					ECRYPTFS_POLICY_APPLIED)
@@ -283,9 +287,11 @@ static int ecryptfs_open(struct inode *i
 			 * as-is to userspace. For release 0.1, we are
 			 * going to default to -EIO. */
 			rc = -EIO;
+			mutex_unlock(&crypt_stat->cs_mutex);
 			goto out_puts;
 		}
 	}
+	mutex_unlock(&crypt_stat->cs_mutex);
 	ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = [0x%.16x] "
 			"size: [0x%.16x]\n", inode, inode->i_ino,
 			i_size_read(inode));
-- 
1.3.3

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux