iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Theodore Ts'o d9cdc90331 ext4 crypto: enforce context consistency 
Enforce the following inheritance policy:

1) An unencrypted directory may contain encrypted or unencrypted files
or directories.

2) All files or directories in a directory must be protected using the
same key as their containing directory.

As a result, assuming the following setup:

mke2fs -t ext4 -Fq -O encrypt /dev/vdc
mount -t ext4 /dev/vdc /vdc
mkdir /vdc/a /vdc/b /vdc/c
echo foo | e4crypt add_key /vdc/a
echo bar | e4crypt add_key /vdc/b
for i in a b c ; do cp /etc/motd /vdc/$i/motd-$i ; done

Then we will see the following results:

cd /vdc
mv a b			# will fail; /vdc/a and /vdc/b have different keys
mv b/motd-b a		# will fail, see above
ln a/motd-a b		# will fail, see above
mv c a	    		# will fail; all inodes in an encrypted directory
   	  		#	must be encrypted
ln c/motd-c b		# will fail, see above
mv a/motd-a c		# will succeed
mv c/motd-a a		# will succeed

Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2015-04-12 00:55:08 -04:00
..
9p
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
adfs
adfs: add __printf verification, fix format/argument mismatches
2014-08-08 15:57:24 -07:00
affs
fs/affs/super.c: fix switch indentation
2015-02-17 14:34:53 -08:00
afs
Merge branch 'for-3.20/bdi' of git://git.kernel.dk/linux-block
2015-02-12 13:50:21 -08:00
autofs4
autofs4 copy_dev_ioctl(): keep the value of ->size we'd used for allocation
2015-02-22 11:43:34 -05:00
befs
fs/befs/linuxvfs.c: remove unnecessary casting
2015-02-17 14:34:50 -08:00
bfs
fs/bfs: use bfs prefix for dump_imap
2014-08-08 15:57:24 -07:00
btrfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
2015-02-26 10:34:24 -08:00
cachefiles
Cachefiles: Fix up scripted S_ISDIR/S_ISREG/S_ISLNK conversions
2015-02-22 11:38:41 -05:00
ceph
Merge branch 'for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-02-22 17:42:14 -08:00
cifs
Revert "locks: keep a count of locks on the flctx lists"
2015-02-16 14:32:03 -05:00
coda
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
configfs
configfs: Fix potential NULL d_inode dereference
2015-02-20 04:56:43 -05:00
cramfs
fs/cramfs/inode.c: use linux/uaccess.h
2014-08-08 15:57:25 -07:00
debugfs
debugfs: leave freeing a symlink body until inode eviction
2015-02-22 11:38:43 -05:00
devpts
dlm
netlink: make nlmsg_end() and genlmsg_end() void
2015-01-18 01:03:45 -05:00
ecryptfs
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
efivarfs
* Move efivarfs from the misc filesystem section to pseudo filesystem,
2015-01-29 19:16:40 +01:00
efs
fs/efs/namei.c: return is not a function
2014-08-08 15:57:18 -07:00
exofs
vfs: remove get_xip_mem
2015-02-16 17:56:03 -08:00
exportfs
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
ext2
ext2: get rid of most mentions of XIP in ext2
2015-02-16 17:56:04 -08:00
ext3
ext3: destroy sbi mutexes in put_super
2015-01-05 11:13:55 +01:00
ext4
ext4 crypto: enforce context consistency
2015-04-12 00:55:08 -04:00
f2fs
Merge tag 'for-f2fs-3.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs
2015-02-12 19:28:50 -08:00
fat
fs: fat: use MSDOS_SB macro to get msdos_sb_info
2015-02-17 14:34:51 -08:00
freevxfs
fscache
fs/fscache/object-list.c: use __seq_open_private()
2014-10-13 17:52:21 +01:00
fuse
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
gfs2
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
hfs
fs/hfs/catalog.c: fix comparison bug in hfs_cat_keycmp
2014-12-10 17:41:16 -08:00
hfsplus
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
hostfs
hostfs: support rename flags
2014-08-07 14:40:09 -04:00
hpfs
fs/hpfs/dnode.c: fix suspect code indent
2014-08-08 15:57:22 -07:00
hppfs
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
hugetlbfs
fs: remove mapping->backing_dev_info
2015-01-20 14:03:05 -07:00
isofs
isofs: Fix bug in the way to check if the year is a leap year
2015-01-07 09:51:49 +01:00
jbd
jbd: Deletion of an unnecessary check before the function call "iput"
2014-11-18 10:15:29 +01:00
jbd2
jbd2: complain about descriptor block checksum errors
2015-01-19 15:59:58 -05:00
jffs2
Merge branch 'for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-02-22 17:42:14 -08:00
jfs
Merge branch 'lazytime' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-02-17 16:12:34 -08:00
kernfs
kernfs: remove KERNFS_STATIC_NAME
2015-02-13 21:21:36 -08:00
lockd
Merge branch 'for-3.20' of git://linux-nfs.org/~bfields/linux
2015-02-12 10:39:41 -08:00
logfs
fs/logfs/readwrite.c: kernel-doc warning fixes
2014-08-06 18:01:12 -07:00
minix
minix zmap block counts calculation fix
2014-08-08 15:57:20 -07:00
ncpfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-02-17 14:56:45 -08:00
nfs
NFSv4.1: Clean up bind_conn_to_session
2015-02-18 13:11:09 -08:00
nfs_common
lockd: move lockd's grace period handling into its own module
2014-09-17 16:33:11 -04:00
nfsd
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
nilfs2
nilfs2: fix potential memory overrun on inode
2015-02-28 09:57:51 -08:00
nls
notify
fanotify: Fix up scripted S_ISDIR/S_ISREG/S_ISLNK conversions
2015-02-22 11:38:42 -05:00
ntfs
fs: export inode_to_bdi and use it in favor of mapping->backing_dev_info
2015-01-20 14:03:04 -07:00
ocfs2
ocfs2: set append dio as a ro compat feature
2015-02-16 17:56:05 -08:00
omfs
FS/OMFS: block number sanity check during fill_super operation
2014-10-14 02:18:22 +02:00
openpromfs
overlayfs
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
proc
procfs: fix race between symlink removals and traversals
2015-02-22 11:43:12 -05:00
pstore
pstore: Fix sprintf format specifier in pstore_dump()
2015-01-16 16:01:29 -08:00
qnx4
qnx6
fs/qnx6: update debugging to current functions
2014-08-08 15:57:26 -07:00
quota
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2015-02-10 15:52:38 -08:00
ramfs
fs: remove mapping->backing_dev_info
2015-01-20 14:03:05 -07:00
reiserfs
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
romfs
fs: remove mapping->backing_dev_info
2015-01-20 14:03:05 -07:00
squashfs
Squashfs: Add LZ4 compression configuration option
2014-11-27 18:48:44 +00:00
sysfs
driver core patches for 3.20-rc1
2015-02-15 11:11:47 -08:00
sysv
ubifs
Merge branch 'for-linus-v3.20' of git://git.infradead.org/linux-ubifs
2015-02-15 10:11:39 -08:00
udf
udf: remove bool assignment to 0/1
2015-02-05 16:34:25 +01:00
ufs
fs/ufs/super.c: fix potential race condition
2015-02-17 14:34:51 -08:00
xfs
xfs: cancel failed transaction in xfs_fs_commit_blocks()
2015-02-24 10:15:18 +11:00
aio.c
fs/aio.c: Remove duplicate function name in pr_debug messages
2015-02-20 04:56:44 -05:00
anon_inodes.c
attr.c
bad_inode.c
don't bother with most of the bad_file_ops methods
2015-02-20 04:03:58 -05:00
binfmt_aout.c
assorted conversions to %p[dD]
2014-11-19 13:01:20 -05:00
binfmt_elf_fdpic.c
handle suicide on late failure exits in execve() in search_binary_handler()
2014-10-09 02:39:00 -04:00
binfmt_elf.c
x86, mm/ASLR: Fix stack randomization on 64-bit systems
2015-02-19 12:21:36 +01:00
binfmt_em86.c
syscalls: implement execveat() system call
2014-12-13 12:42:51 -08:00
binfmt_flat.c
binfmt_misc.c
unfuck binfmt_misc.c (broken by commit e6084d4)
2014-12-17 08:27:14 -05:00
binfmt_script.c
syscalls: implement execveat() system call
2014-12-13 12:42:51 -08:00
block_dev.c
Merge branch 'for-3.20/core' of git://git.kernel.dk/linux-block
2015-02-12 14:13:23 -08:00
buffer.c
fs: clarify rate limit suppressed buffer I/O errors
2014-10-21 13:55:11 -06:00
char_dev.c
fs: introduce f_op->mmap_capabilities for nommu mmap support
2015-01-20 14:02:58 -07:00
compat_binfmt_elf.c
compat_ioctl.c
compat.c
vfs: make first argument of dir_context.actor typed
2014-10-31 17:48:54 -04:00
coredump.c
coredump: Fix typo in comment
2015-02-20 04:56:44 -05:00
dax.c
dax: add dax_zero_page_range
2015-02-16 17:56:04 -08:00
dcache.c
VFS: Split DCACHE_FILE_TYPE into regular and special types
2015-02-22 11:38:38 -05:00
dcookies.c
direct-io.c
fuse: honour max_read and max_write in direct_io mode
2014-09-26 21:16:51 -04:00
drop_caches.c
vmscan: per memory cgroup slab shrinkers
2015-02-12 18:54:09 -08:00
eventfd.c
eventfd: don't take the spinlock in eventfd_poll
2015-02-17 14:34:52 -08:00
eventpoll.c
epoll: optimize setting task running after blocking
2015-02-13 21:21:40 -08:00
exec.c
fs: create proper filename objects using getname_kernel()
2015-01-23 00:22:20 -05:00
fcntl.c
vfs: renumber FMODE_NONOTIFY and add to uniqueness check
2015-01-08 15:10:52 -08:00
fhandle.c
file_table.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-10-13 11:28:42 +02:00
file.c
fs/file.c: replace get_unused_fd() with get_unused_fd_flags(0)
2014-12-10 17:41:10 -08:00
filesystems.c
fs_pin.c
switch the IO-triggering parts of umount to fs_pin
2015-01-25 23:17:29 -05:00
fs_struct.c
fs-writeback.c
fs: add dirtytime_expire_seconds sysctl
2015-03-17 12:23:32 -04:00
inode.c
Merge branch 'lazytime' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-02-17 16:12:34 -08:00
internal.h
trylock_super(): replacement for grab_super_passive()
2015-02-22 11:38:42 -05:00
ioctl.c
fsioctl.c: make generic_block_fiemap() signal-tolerant
2015-02-10 14:30:30 -08:00
Kconfig
dax: does not work correctly with virtual aliasing caches
2015-02-16 17:56:04 -08:00
Kconfig.binfmt
fs/binfmt_som: Drop kernel support for HP-UX SOM binaries
2015-02-17 16:29:36 +01:00
libfs.c
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
locks.c
locks: fix list insertion when lock is split in two
2015-02-17 17:08:23 -05:00
Makefile
Merge branch 'parisc-3.20-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux
2015-02-17 14:25:58 -08:00
mbcache.c
mount.h
switch the IO-triggering parts of umount to fs_pin
2015-01-25 23:17:29 -05:00
mpage.c
vfs: guard end of device for mpage interface
2014-10-09 22:25:53 -04:00
namei.c
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
namespace.c
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
no-block.c
nsfs.c
take the targets of /proc/*/ns/* symlinks to separate fs
2014-12-10 21:30:20 -05:00
open.c
Merge branch 'getname2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-02-17 15:27:47 -08:00
pipe.c
pnode.c
mnt: Move the clear of MNT_LOCKED from copy_tree to it's callers.
2014-12-02 10:46:50 -06:00
pnode.h
posix_acl.c
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
proc_namespace.c
vfs: add support for a lazytime mount option
2015-02-05 02:45:00 -05:00
read_write.c
Merge branch 'iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-02-17 15:48:33 -08:00
readdir.c
vfs: make first argument of dir_context.actor typed
2014-10-31 17:48:54 -04:00
select.c
all arches, signal: move restart_block to struct task_struct
2015-02-12 18:54:12 -08:00
seq_file.c
bitmap, cpumask, nodemask: remove dedicated formatting functions
2015-02-13 21:21:39 -08:00
signalfd.c
fs: Convert show_fdinfo functions to void
2014-11-05 14:13:23 -05:00
splice.c
fs: add vfs_iter_{read,write} helpers
2015-01-29 00:13:13 -05:00
stack.c
fs: fix comment for 'CONFIG_LBADF'
2014-08-26 09:35:56 +02:00
stat.c
statfs.c
super.c
trylock_super(): replacement for grab_super_passive()
2015-02-22 11:38:42 -05:00
sync.c
vfs: add support for a lazytime mount option
2015-02-05 02:45:00 -05:00
timerfd.c
fs: Convert show_fdinfo functions to void
2014-11-05 14:13:23 -05:00
utimes.c
xattr.c
new helper: audit_file()
2014-11-19 13:01:26 -05:00