ecryptfs: forbid opening files without mmap handler

author Jann Horn <jannh@google.com>

Wed, 1 Jun 2016 09:55:06 +0000 (11:55 +0200)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Fri, 24 Jun 2016 17:18:20 +0000 (10:18 -0700)
author Jann Horn <jannh@google.com>
Wed, 1 Jun 2016 09:55:06 +0000 (11:55 +0200)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 24 Jun 2016 17:18:20 +0000 (10:18 -0700)
diff --git a/fs/ecryptfs/kthread.c b/fs/ecryptfs/kthread.c

index 866bb18efefea9953250ba1cbdc145e7d4be49af..e818f5ac7a2692b6bb5c1a132d7bbfd967ad956a 100644 (file)
--- a/fs/ecryptfs/kthread.c
+++ b/fs/ecryptfs/kthread.c
@@ -25,6 +25,7 @@
  #include <linux/slab.h>
  #include <linux/wait.h>
  #include <linux/mount.h>
+#include <linux/file.h>
  #include "ecryptfs_kernel.h"
  
  struct ecryptfs_open_req {
@@ -147,7 +148,7 @@ int ecryptfs_privileged_open(struct file **lower_file,
         flags |= IS_RDONLY(d_inode(lower_dentry)) ? O_RDONLY : O_RDWR;
         (*lower_file) = dentry_open(&req.path, flags, cred);
         if (!IS_ERR(*lower_file))
-               goto out;
+               goto have_file;
         if ((flags & O_ACCMODE) == O_RDONLY) {
                 rc = PTR_ERR((*lower_file));
                 goto out;
@@ -165,8 +166,16 @@ int ecryptfs_privileged_open(struct file **lower_file,
         mutex_unlock(&ecryptfs_kthread_ctl.mux);
         wake_up(&ecryptfs_kthread_ctl.wait);
         wait_for_completion(&req.done);
-       if (IS_ERR(*lower_file))
+       if (IS_ERR(*lower_file)) {
                 rc = PTR_ERR(*lower_file);
+               goto out;
+       }
+have_file:
+       if ((*lower_file)->f_op->mmap == NULL) {
+               fput(*lower_file);
+               *lower_file = NULL;
+               rc = -EMEDIUMTYPE;
+       }
  out:
         return rc;
  }
author	Jann Horn <jannh@google.com>
	Wed, 1 Jun 2016 09:55:06 +0000 (11:55 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 24 Jun 2016 17:18:20 +0000 (10:18 -0700)