Just a security check implementation for the crypt target
---
drivers/md/dm-crypt.c | 18 +++++++++++++++++-
1 files changed, 17 insertions(+), 1 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 3f06df5..af6f319 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -1867,9 +1867,24 @@ static int crypt_iterate_devices(struct dm_target *ti,
return fn(ti, cc->dev, cc->start, ti->len, data);
}
+static int crypt_security(struct dm_target *ti, unsigned int argc, char **argv)
+{
+ int r;
+
+ if (argc < 4) {
+ ti->error = "dm-crypt: Security check: invalid number of parameters";
+ return -EINVAL;
+ }
+ r = dm_check_backing_dev_permission(ti, argv[3]);
+ if (r)
+ ti->error = "dm-crypt: Security check failed";
+
+ return r;
+}
+
static struct target_type crypt_target = {
.name = "crypt",
- .version = {1, 11, 0},
+ .version = {1, 12, 0},
.module = THIS_MODULE,
.ctr = crypt_ctr,
.dtr = crypt_dtr,
@@ -1881,6 +1896,7 @@ static struct target_type crypt_target = {
.message = crypt_message,
.merge = crypt_merge,
.iterate_devices = crypt_iterate_devices,
+ .security = crypt_security
};
static int __init dm_crypt_init(void)
--
1.7.8.6
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
