1
linux/fs/ecryptfs
Tyler Hicks 069ddcda37 eCryptfs: Copy up POSIX ACL and read-only flags from lower mount
When the eCryptfs mount options do not include '-o acl', but the lower
filesystem's mount options do include 'acl', the MS_POSIXACL flag is not
flipped on in the eCryptfs super block flags. This flag is what the VFS
checks in do_last() when deciding if the current umask should be applied
to a newly created inode's mode or not. When a default POSIX ACL mask is
set on a directory, the current umask is incorrectly applied to new
inodes created in the directory. This patch ignores the MS_POSIXACL flag
passed into ecryptfs_mount() and sets the flag on the eCryptfs super
block depending on the flag's presence on the lower super block.

Additionally, it is incorrect to allow a writeable eCryptfs mount on top
of a read-only lower mount. This missing check did not allow writes to
the read-only lower mount because permissions checks are still performed
on the lower filesystem's objects but it is best to simply not allow a
rw mount on top of ro mount. However, a ro eCryptfs mount on top of a rw
mount is valid and still allowed.

https://launchpad.net/bugs/1009207

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Stefan Beller <stefanbeller@googlemail.com>
Cc: John Johansen <john.johansen@canonical.com>
2012-07-08 12:51:43 -05:00
..
crypto.c eCryptfs: Improve statfs reporting 2012-02-16 16:06:21 -06:00
debug.c
dentry.c eCryptfs: Handle NULL nameidata pointers 2011-02-21 14:45:57 -06:00
ecryptfs_kernel.h eCryptfs: Improve statfs reporting 2012-02-16 16:06:21 -06:00
file.c switch touch_atime to struct path 2012-03-20 21:29:41 -04:00
inode.c get rid of pointless allocations and copying in ecryptfs_follow_link() 2012-05-29 23:28:40 -04:00
Kconfig eCryptfs: fix compile error 2011-08-09 13:42:46 -05:00
keystore.c eCryptfs: Improve statfs reporting 2012-02-16 16:06:21 -06:00
kthread.c eCryptfs: Properly check for O_RDONLY flag before doing privileged open 2012-07-03 16:34:09 -07:00
main.c eCryptfs: Copy up POSIX ACL and read-only flags from lower mount 2012-07-08 12:51:43 -05:00
Makefile
messaging.c userns: Use cred->user_ns instead of cred->user->user_ns 2012-04-07 16:55:51 -07:00
miscdev.c eCryptfs: Gracefully refuse miscdev file ops on inherited/passed files 2012-07-06 15:51:12 -05:00
mmap.c ecryptfs: remove the second argument of k[un]map_atomic() 2012-02-16 16:06:27 -06:00
read_write.c ecryptfs: remove the second argument of k[un]map_atomic() 2012-02-16 16:06:27 -06:00
super.c vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00