file.c 11.2 KB
Newer Older
1
// SPDX-License-Identifier: GPL-2.0-or-later
2 3 4 5 6
/**
 * eCryptfs: Linux filesystem encryption layer
 *
 * Copyright (C) 1997-2004 Erez Zadok
 * Copyright (C) 2001-2004 Stony Brook University
7
 * Copyright (C) 2004-2007 International Business Machines Corp.
8 9 10 11 12 13
 *   Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
 *   		Michael C. Thompson <mcthomps@us.ibm.com>
 */

#include <linux/file.h>
#include <linux/poll.h>
14
#include <linux/slab.h>
15 16 17 18
#include <linux/mount.h>
#include <linux/pagemap.h>
#include <linux/security.h>
#include <linux/compat.h>
19
#include <linux/fs_stack.h>
20 21 22 23 24 25 26 27 28 29 30 31 32
#include "ecryptfs_kernel.h"

/**
 * ecryptfs_read_update_atime
 *
 * generic_file_read updates the atime of upper layer inode.  But, it
 * doesn't give us a chance to update the atime of the lower layer
 * inode.  This function is a wrapper to generic_file_read.  It
 * updates the atime of the lower level inode if generic_file_read
 * returns without any errors. This is to be used only for file reads.
 * The function to be used for directory reads is ecryptfs_read.
 */
static ssize_t ecryptfs_read_update_atime(struct kiocb *iocb,
33
				struct iov_iter *to)
34
{
35
	ssize_t rc;
36
	struct path *path;
37 38
	struct file *file = iocb->ki_filp;

39
	rc = generic_file_read_iter(iocb, to);
40
	if (rc >= 0) {
41 42
		path = ecryptfs_dentry_to_lower_path(file->f_path.dentry);
		touch_atime(path);
43 44 45 46 47
	}
	return rc;
}

struct ecryptfs_getdents_callback {
48
	struct dir_context ctx;
Al Viro's avatar
Al Viro committed
49
	struct dir_context *caller;
50
	struct super_block *sb;
51 52 53 54
	int filldir_called;
	int entries_written;
};

55
/* Inspired by generic filldir in fs/readdir.c */
56
static int
57 58
ecryptfs_filldir(struct dir_context *ctx, const char *lower_name,
		 int lower_namelen, loff_t offset, u64 ino, unsigned int d_type)
59 60
{
	struct ecryptfs_getdents_callback *buf =
61
		container_of(ctx, struct ecryptfs_getdents_callback, ctx);
62
	size_t name_size;
63
	char *name;
64 65 66
	int rc;

	buf->filldir_called++;
67
	rc = ecryptfs_decode_and_decrypt_filename(&name, &name_size,
68
						  buf->sb, lower_name,
69 70
						  lower_namelen);
	if (rc) {
71 72 73 74 75 76 77 78 79 80 81 82 83 84
		if (rc != -EINVAL) {
			ecryptfs_printk(KERN_DEBUG,
					"%s: Error attempting to decode and decrypt filename [%s]; rc = [%d]\n",
					__func__, lower_name, rc);
			return rc;
		}

		/* Mask -EINVAL errors as these are most likely due a plaintext
		 * filename present in the lower filesystem despite filename
		 * encryption being enabled. One unavoidable example would be
		 * the "lost+found" dentry in the root directory of an Ext4
		 * filesystem.
		 */
		return 0;
85
	}
86

Al Viro's avatar
Al Viro committed
87 88
	buf->caller->pos = buf->ctx.pos;
	rc = !dir_emit(buf->caller, name, name_size, ino, d_type);
89
	kfree(name);
Al Viro's avatar
Al Viro committed
90
	if (!rc)
91
		buf->entries_written++;
92

93 94 95 96 97
	return rc;
}

/**
 * ecryptfs_readdir
98
 * @file: The eCryptfs directory file
Al Viro's avatar
Al Viro committed
99
 * @ctx: The actor to feed the entries to
100
 */
Al Viro's avatar
Al Viro committed
101
static int ecryptfs_readdir(struct file *file, struct dir_context *ctx)
102 103 104
{
	int rc;
	struct file *lower_file;
105
	struct inode *inode = file_inode(file);
Al Viro's avatar
Al Viro committed
106 107 108
	struct ecryptfs_getdents_callback buf = {
		.ctx.actor = ecryptfs_filldir,
		.caller = ctx,
109
		.sb = inode->i_sb,
Al Viro's avatar
Al Viro committed
110
	};
111
	lower_file = ecryptfs_file_to_lower(file);
112
	rc = iterate_dir(lower_file, &buf.ctx);
Al Viro's avatar
Al Viro committed
113
	ctx->pos = buf.ctx.pos;
114 115 116 117
	if (rc < 0)
		goto out;
	if (buf.filldir_called && !buf.entries_written)
		goto out;
118
	if (rc >= 0)
119
		fsstack_copy_attr_atime(inode,
Al Viro's avatar
Al Viro committed
120
					file_inode(lower_file));
121
out:
122 123 124 125 126
	return rc;
}

struct kmem_cache *ecryptfs_file_info_cache;

127 128
static int read_or_initialize_metadata(struct dentry *dentry)
{
129
	struct inode *inode = d_inode(dentry);
130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168
	struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
	struct ecryptfs_crypt_stat *crypt_stat;
	int rc;

	crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
	mount_crypt_stat = &ecryptfs_superblock_to_private(
						inode->i_sb)->mount_crypt_stat;
	mutex_lock(&crypt_stat->cs_mutex);

	if (crypt_stat->flags & ECRYPTFS_POLICY_APPLIED &&
	    crypt_stat->flags & ECRYPTFS_KEY_VALID) {
		rc = 0;
		goto out;
	}

	rc = ecryptfs_read_metadata(dentry);
	if (!rc)
		goto out;

	if (mount_crypt_stat->flags & ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED) {
		crypt_stat->flags &= ~(ECRYPTFS_I_SIZE_INITIALIZED
				       | ECRYPTFS_ENCRYPTED);
		rc = 0;
		goto out;
	}

	if (!(mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED) &&
	    !i_size_read(ecryptfs_inode_to_lower(inode))) {
		rc = ecryptfs_initialize_file(dentry, inode);
		if (!rc)
			goto out;
	}

	rc = -EIO;
out:
	mutex_unlock(&crypt_stat->cs_mutex);
	return rc;
}

169 170 171 172 173 174 175 176 177 178 179 180 181
static int ecryptfs_mmap(struct file *file, struct vm_area_struct *vma)
{
	struct file *lower_file = ecryptfs_file_to_lower(file);
	/*
	 * Don't allow mmap on top of file systems that don't support it
	 * natively.  If FILESYSTEM_MAX_STACK_DEPTH > 2 or ecryptfs
	 * allows recursive mounting, this will need to be extended.
	 */
	if (!lower_file->f_op->mmap)
		return -ENODEV;
	return generic_file_mmap(file, vma);
}

182 183
/**
 * ecryptfs_open
184
 * @inode: inode specifying file to open
185 186 187 188 189 190 191 192 193 194
 * @file: Structure to return filled in
 *
 * Opens the file specified by inode.
 *
 * Returns zero on success; non-zero otherwise
 */
static int ecryptfs_open(struct inode *inode, struct file *file)
{
	int rc = 0;
	struct ecryptfs_crypt_stat *crypt_stat = NULL;
195
	struct dentry *ecryptfs_dentry = file->f_path.dentry;
196 197 198 199 200
	/* Private value of ecryptfs_dentry allocated in
	 * ecryptfs_lookup() */
	struct ecryptfs_file_info *file_info;

	/* Released in ecryptfs_release or end of function if failure */
201
	file_info = kmem_cache_zalloc(ecryptfs_file_info_cache, GFP_KERNEL);
202 203 204 205 206 207 208 209 210
	ecryptfs_set_file_private(file, file_info);
	if (!file_info) {
		ecryptfs_printk(KERN_ERR,
				"Error attempting to allocate memory\n");
		rc = -ENOMEM;
		goto out;
	}
	crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
	mutex_lock(&crypt_stat->cs_mutex);
211
	if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) {
212 213
		ecryptfs_printk(KERN_DEBUG, "Setting flags for stat...\n");
		/* Policy code enabled in future release */
214 215
		crypt_stat->flags |= (ECRYPTFS_POLICY_APPLIED
				      | ECRYPTFS_ENCRYPTED);
216 217
	}
	mutex_unlock(&crypt_stat->cs_mutex);
218
	rc = ecryptfs_get_lower_file(ecryptfs_dentry, inode);
219 220
	if (rc) {
		printk(KERN_ERR "%s: Error attempting to initialize "
221
			"the lower file for the dentry with name "
David Howells's avatar
David Howells committed
222 223
			"[%pd]; rc = [%d]\n", __func__,
			ecryptfs_dentry, rc);
224
		goto out_free;
225
	}
226 227
	if ((ecryptfs_inode_to_private(inode)->lower_file->f_flags & O_ACCMODE)
	    == O_RDONLY && (file->f_flags & O_ACCMODE) != O_RDONLY) {
228
		rc = -EPERM;
229
		printk(KERN_WARNING "%s: Lower file is RO; eCryptfs "
230
		       "file must hence be opened RO\n", __func__);
231
		goto out_put;
232
	}
233 234
	ecryptfs_set_file_lower(
		file, ecryptfs_inode_to_private(inode)->lower_file);
235 236 237
	rc = read_or_initialize_metadata(ecryptfs_dentry);
	if (rc)
		goto out_put;
238 239 240
	ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = "
			"[0x%.16lx] size: [0x%.16llx]\n", inode, inode->i_ino,
			(unsigned long long)i_size_read(inode));
241
	goto out;
242 243
out_put:
	ecryptfs_put_lower_file(inode);
244
out_free:
245 246 247 248 249 250
	kmem_cache_free(ecryptfs_file_info_cache,
			ecryptfs_file_to_private(file));
out:
	return rc;
}

251 252
/**
 * ecryptfs_dir_open
253
 * @inode: inode specifying file to open
254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289
 * @file: Structure to return filled in
 *
 * Opens the file specified by inode.
 *
 * Returns zero on success; non-zero otherwise
 */
static int ecryptfs_dir_open(struct inode *inode, struct file *file)
{
	struct dentry *ecryptfs_dentry = file->f_path.dentry;
	/* Private value of ecryptfs_dentry allocated in
	 * ecryptfs_lookup() */
	struct ecryptfs_file_info *file_info;
	struct file *lower_file;

	/* Released in ecryptfs_release or end of function if failure */
	file_info = kmem_cache_zalloc(ecryptfs_file_info_cache, GFP_KERNEL);
	ecryptfs_set_file_private(file, file_info);
	if (unlikely(!file_info)) {
		ecryptfs_printk(KERN_ERR,
				"Error attempting to allocate memory\n");
		return -ENOMEM;
	}
	lower_file = dentry_open(ecryptfs_dentry_to_lower_path(ecryptfs_dentry),
				 file->f_flags, current_cred());
	if (IS_ERR(lower_file)) {
		printk(KERN_ERR "%s: Error attempting to initialize "
			"the lower file for the dentry with name "
			"[%pd]; rc = [%ld]\n", __func__,
			ecryptfs_dentry, PTR_ERR(lower_file));
		kmem_cache_free(ecryptfs_file_info_cache, file_info);
		return PTR_ERR(lower_file);
	}
	ecryptfs_set_file_lower(file, lower_file);
	return 0;
}

290 291
static int ecryptfs_flush(struct file *file, fl_owner_t td)
{
292 293
	struct file *lower_file = ecryptfs_file_to_lower(file);

Al Viro's avatar
Al Viro committed
294
	if (lower_file->f_op->flush) {
295 296 297 298 299
		filemap_write_and_wait(file->f_mapping);
		return lower_file->f_op->flush(lower_file, td);
	}

	return 0;
300 301 302 303
}

static int ecryptfs_release(struct inode *inode, struct file *file)
{
304
	ecryptfs_put_lower_file(inode);
305 306 307
	kmem_cache_free(ecryptfs_file_info_cache,
			ecryptfs_file_to_private(file));
	return 0;
308 309
}

310 311 312 313 314 315 316 317 318 319 320 321 322
static int ecryptfs_dir_release(struct inode *inode, struct file *file)
{
	fput(ecryptfs_file_to_lower(file));
	kmem_cache_free(ecryptfs_file_info_cache,
			ecryptfs_file_to_private(file));
	return 0;
}

static loff_t ecryptfs_dir_llseek(struct file *file, loff_t offset, int whence)
{
	return vfs_llseek(ecryptfs_file_to_lower(file), offset, whence);
}

323
static int
324
ecryptfs_fsync(struct file *file, loff_t start, loff_t end, int datasync)
325
{
326 327
	int rc;

328
	rc = file_write_and_wait(file);
329 330 331
	if (rc)
		return rc;

332
	return vfs_fsync(ecryptfs_file_to_lower(file), datasync);
333 334 335 336 337 338 339 340
}

static int ecryptfs_fasync(int fd, struct file *file, int flag)
{
	int rc = 0;
	struct file *lower_file = NULL;

	lower_file = ecryptfs_file_to_lower(file);
Al Viro's avatar
Al Viro committed
341
	if (lower_file->f_op->fasync)
342 343 344 345
		rc = lower_file->f_op->fasync(fd, lower_file, flag);
	return rc;
}

346 347 348
static long
ecryptfs_unlocked_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{
349
	struct file *lower_file = ecryptfs_file_to_lower(file);
350 351
	long rc = -ENOTTY;

352 353 354 355 356 357 358 359 360
	if (!lower_file->f_op->unlocked_ioctl)
		return rc;

	switch (cmd) {
	case FITRIM:
	case FS_IOC_GETFLAGS:
	case FS_IOC_SETFLAGS:
	case FS_IOC_GETVERSION:
	case FS_IOC_SETVERSION:
361
		rc = lower_file->f_op->unlocked_ioctl(lower_file, cmd, arg);
362 363 364 365 366 367
		fsstack_copy_attr_all(file_inode(file), file_inode(lower_file));

		return rc;
	default:
		return rc;
	}
368 369 370 371 372 373
}

#ifdef CONFIG_COMPAT
static long
ecryptfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{
374
	struct file *lower_file = ecryptfs_file_to_lower(file);
375 376
	long rc = -ENOIOCTLCMD;

377 378 379 380 381 382 383 384
	if (!lower_file->f_op->compat_ioctl)
		return rc;

	switch (cmd) {
	case FS_IOC32_GETFLAGS:
	case FS_IOC32_SETFLAGS:
	case FS_IOC32_GETVERSION:
	case FS_IOC32_SETVERSION:
385
		rc = lower_file->f_op->compat_ioctl(lower_file, cmd, arg);
386 387 388 389 390 391
		fsstack_copy_attr_all(file_inode(file), file_inode(lower_file));

		return rc;
	default:
		return rc;
	}
392 393
}
#endif
394 395

const struct file_operations ecryptfs_dir_fops = {
396
	.iterate_shared = ecryptfs_readdir,
397
	.read = generic_read_dir,
398 399 400 401
	.unlocked_ioctl = ecryptfs_unlocked_ioctl,
#ifdef CONFIG_COMPAT
	.compat_ioctl = ecryptfs_compat_ioctl,
#endif
402 403
	.open = ecryptfs_dir_open,
	.release = ecryptfs_dir_release,
404
	.fsync = ecryptfs_fsync,
405
	.llseek = ecryptfs_dir_llseek,
406 407 408
};

const struct file_operations ecryptfs_main_fops = {
409
	.llseek = generic_file_llseek,
410
	.read_iter = ecryptfs_read_update_atime,
411
	.write_iter = generic_file_write_iter,
412 413 414 415
	.unlocked_ioctl = ecryptfs_unlocked_ioctl,
#ifdef CONFIG_COMPAT
	.compat_ioctl = ecryptfs_compat_ioctl,
#endif
416
	.mmap = ecryptfs_mmap,
417 418 419 420 421
	.open = ecryptfs_open,
	.flush = ecryptfs_flush,
	.release = ecryptfs_release,
	.fsync = ecryptfs_fsync,
	.fasync = ecryptfs_fasync,
422
	.splice_read = generic_file_splice_read,
423
};