[RFC PATCH v2 3/3] Adds support for security checks in the crypt target

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Just a security check implementation for the crypt target

---
 drivers/md/dm-crypt.c |   18 +++++++++++++++++-
 1 files changed, 17 insertions(+), 1 deletions(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 3f06df5..af6f319 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -1867,9 +1867,24 @@ static int crypt_iterate_devices(struct dm_target *ti,
 	return fn(ti, cc->dev, cc->start, ti->len, data);
 }
 
+static int crypt_security(struct dm_target *ti, unsigned int argc, char **argv)
+{
+	int r;
+
+	if (argc < 4) {
+		ti->error = "dm-crypt: Security check: invalid number of parameters";
+		return -EINVAL;
+	}
+	r = dm_check_backing_dev_permission(ti, argv[3]);
+	if (r)
+		ti->error = "dm-crypt: Security check failed";
+
+	return r;
+}
+
 static struct target_type crypt_target = {
 	.name   = "crypt",
-	.version = {1, 11, 0},
+	.version = {1, 12, 0},
 	.module = THIS_MODULE,
 	.ctr    = crypt_ctr,
 	.dtr    = crypt_dtr,
@@ -1881,6 +1896,7 @@ static struct target_type crypt_target = {
 	.message = crypt_message,
 	.merge  = crypt_merge,
 	.iterate_devices = crypt_iterate_devices,
+	.security = crypt_security
 };
 
 static int __init dm_crypt_init(void)
-- 
1.7.8.6

--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel


[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux