In commit d9cdc9033181 ("ext4 crypto: enforce context consistency") we
declared that:
2) All files or directories in a directory must be protected using the
same key as their containing directory.
But in f2fs_cross_rename there is a vulnerability that allow to cross
rename unencrypted file into encrypted directory, it needs to be refused.
Signed-off-by: Chao Yu <[email protected]>
---
fs/f2fs/namei.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c
index 25c073f6c7d4..8de684b84cb9 100644
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@@ -855,6 +855,10 @@ static int f2fs_cross_rename(struct inode *old_dir, struct
dentry *old_dentry,
!fscrypt_has_encryption_key(new_dir)))
return -ENOKEY;
+ if (f2fs_encrypted_inode(old_dir) && !f2fs_encrypted_inode(new_inode) ||
+ f2fs_encrypted_inode(new_dir) &&
!f2fs_encrypted_inode(old_inode))
+ return -EPERM;
+
if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) &&
(old_dir != new_dir) &&
(!fscrypt_has_permitted_context(new_dir, old_inode) ||
--
2.8.2.295.g3f1c1d0
------------------------------------------------------------------------------
Announcing the Oxford Dictionaries API! The API offers world-renowned
dictionary content that is easy and intuitive to access. Sign up for an
account today to start using our lexical data to power your apps and
projects. Get started today and enter our developer competition.
http://sdm.link/oxford
_______________________________________________
Linux-f2fs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
