lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 Mar 2022 11:30:57 -0400 From: Jeff Layton <jlayton@...nel.org> To: ceph-devel@...r.kernel.org Cc: xiubli@...hat.com, idryomov@...il.com, lhenriques@...e.de, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH v12 21/54] ceph: set DCACHE_NOKEY_NAME in atomic open Atomic open can act as a lookup if handed a dentry that is negative on the MDS. Ensure that we set DCACHE_NOKEY_NAME on the dentry in atomic_open, if we don't have the key for the parent. Otherwise, we can end up validating the dentry inappropriately if someone later adds a key. Reviewed-by: Xiubo Li <xiubli@...hat.com> Reviewed-by: Luís Henriques <lhenriques@...e.de> Signed-off-by: Jeff Layton <jlayton@...nel.org> --- fs/ceph/file.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/fs/ceph/file.c b/fs/ceph/file.c index 5832dcea2d8c..f9f7dc4c902d 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -760,6 +760,13 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, req->r_args.open.mask = cpu_to_le32(mask); req->r_parent = dir; ihold(dir); + if (IS_ENCRYPTED(dir)) { + if (!fscrypt_has_encryption_key(dir)) { + spin_lock(&dentry->d_lock); + dentry->d_flags |= DCACHE_NOKEY_NAME; + spin_unlock(&dentry->d_lock); + } + } if (flags & O_CREAT) { struct ceph_file_layout lo; -- 2.35.1
Powered by blists - more mailing lists