Just a security check implementation for the crypt target --- drivers/md/dm-crypt.c | 18 +++++++++++++++++- 1 files changed, 17 insertions(+), 1 deletions(-) diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index 3f06df5..af6f319 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -1867,9 +1867,24 @@ static int crypt_iterate_devices(struct dm_target *ti, return fn(ti, cc->dev, cc->start, ti->len, data); } +static int crypt_security(struct dm_target *ti, unsigned int argc, char **argv) +{ + int r; + + if (argc < 4) { + ti->error = "dm-crypt: Security check: invalid number of parameters"; + return -EINVAL; + } + r = dm_check_backing_dev_permission(ti, argv[3]); + if (r) + ti->error = "dm-crypt: Security check failed"; + + return r; +} + static struct target_type crypt_target = { .name = "crypt", - .version = {1, 11, 0}, + .version = {1, 12, 0}, .module = THIS_MODULE, .ctr = crypt_ctr, .dtr = crypt_dtr, @@ -1881,6 +1896,7 @@ static struct target_type crypt_target = { .message = crypt_message, .merge = crypt_merge, .iterate_devices = crypt_iterate_devices, + .security = crypt_security }; static int __init dm_crypt_init(void) -- 1.7.8.6 -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel