summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Weinberger <richard@nod.at>2016-09-29 20:44:05 +0200
committerRichard Weinberger <richard@nod.at>2016-12-12 23:07:38 +0100
commit959c2de2b30bd09582392105889f68a96cb94fa4 (patch)
tree27766bc06529b2f197bc591e4e176e8d63f7999e
parent700eada82a349f0aeadd43ce4b182b32e4adc5b5 (diff)
downloadop-kernel-dev-959c2de2b30bd09582392105889f68a96cb94fa4.zip
op-kernel-dev-959c2de2b30bd09582392105889f68a96cb94fa4.tar.gz
ubifs: Enforce crypto policy in mmap
We need this extra check in mmap because a process could gain an already opened fd. Signed-off-by: Richard Weinberger <richard@nod.at>
-rw-r--r--fs/ubifs/file.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c
index a9c5cc6..60e789a 100644
--- a/fs/ubifs/file.c
+++ b/fs/ubifs/file.c
@@ -1594,6 +1594,15 @@ static const struct vm_operations_struct ubifs_file_vm_ops = {
static int ubifs_file_mmap(struct file *file, struct vm_area_struct *vma)
{
int err;
+ struct inode *inode = file->f_mapping->host;
+
+ if (ubifs_crypt_is_encrypted(inode)) {
+ err = fscrypt_get_encryption_info(inode);
+ if (err)
+ return -EACCES;
+ if (!fscrypt_has_encryption_key(inode))
+ return -ENOKEY;
+ }
err = generic_file_mmap(file, vma);
if (err)
OpenPOWER on IntegriCloud