On 2024-10-07 10:27:42, Eric Sandeen wrote: > Under the new mount API, mount options are parsed one at a time. > Any validation that examines multiple options must be done after parsing > is complete, so factor out a ecryptfs_validate_options() which can be > called separately. > > To facilitate this, temporarily move the local variables that tracked > whether various options have been set in the parsing function, into the > ecryptfs_mount_crypt_stat structure so that they can be examined later. > > These will be moved to a more ephemeral struct in the mount api conversion > patch to follow. > > Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx> Thanks, Eric! I was going to push back on storing the *_set bools in the ecryptfs_mount_crypt_stat struct since those bools only meant to be short lived and that struct lives for the lifetime of the mount. However, I see you clean that up in the following patch. Acked-by: Tyler Hicks <code@xxxxxxxxxxx> Tyler > --- > fs/ecryptfs/ecryptfs_kernel.h | 7 +++++ > fs/ecryptfs/main.c | 55 ++++++++++++++++++++--------------- > 2 files changed, 38 insertions(+), 24 deletions(-) > > diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h > index c586c5db18b5..d359ec085a70 100644 > --- a/fs/ecryptfs/ecryptfs_kernel.h > +++ b/fs/ecryptfs/ecryptfs_kernel.h > @@ -343,6 +343,13 @@ struct ecryptfs_mount_crypt_stat { > unsigned char global_default_fn_cipher_name[ > ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1]; > char global_default_fnek_sig[ECRYPTFS_SIG_SIZE_HEX + 1]; > + /* Mount option status trackers */ > + bool check_ruid; > + bool sig_set; > + bool cipher_name_set; > + bool cipher_key_bytes_set; > + bool fn_cipher_name_set; > + bool fn_cipher_key_bytes_set; > }; > > /* superblock private data. */ > diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c > index 577c56302314..d03f1c6ccc1c 100644 > --- a/fs/ecryptfs/main.c > +++ b/fs/ecryptfs/main.c > @@ -239,18 +239,12 @@ static void ecryptfs_init_mount_crypt_stat( > * > * Returns zero on success; non-zero on error > */ > -static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > - uid_t *check_ruid) > +static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options) > { > char *p; > int rc = 0; > - int sig_set = 0; > - int cipher_name_set = 0; > - int fn_cipher_name_set = 0; > int cipher_key_bytes; > - int cipher_key_bytes_set = 0; > int fn_cipher_key_bytes; > - int fn_cipher_key_bytes_set = 0; > struct ecryptfs_mount_crypt_stat *mount_crypt_stat = > &sbi->mount_crypt_stat; > substring_t args[MAX_OPT_ARGS]; > @@ -261,9 +255,6 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > char *fnek_src; > char *cipher_key_bytes_src; > char *fn_cipher_key_bytes_src; > - u8 cipher_code; > - > - *check_ruid = 0; > > if (!options) { > rc = -EINVAL; > @@ -285,14 +276,14 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > "global sig; rc = [%d]\n", rc); > goto out; > } > - sig_set = 1; > + mount_crypt_stat->sig_set = 1; > break; > case ecryptfs_opt_cipher: > case ecryptfs_opt_ecryptfs_cipher: > cipher_name_src = args[0].from; > strscpy(mount_crypt_stat->global_default_cipher_name, > cipher_name_src); > - cipher_name_set = 1; > + mount_crypt_stat->cipher_name_set = 1; > break; > case ecryptfs_opt_ecryptfs_key_bytes: > cipher_key_bytes_src = args[0].from; > @@ -301,7 +292,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > &cipher_key_bytes_src, 0); > mount_crypt_stat->global_default_cipher_key_size = > cipher_key_bytes; > - cipher_key_bytes_set = 1; > + mount_crypt_stat->cipher_key_bytes_set = 1; > break; > case ecryptfs_opt_passthrough: > mount_crypt_stat->flags |= > @@ -340,7 +331,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > fn_cipher_name_src = args[0].from; > strscpy(mount_crypt_stat->global_default_fn_cipher_name, > fn_cipher_name_src); > - fn_cipher_name_set = 1; > + mount_crypt_stat->fn_cipher_name_set = 1; > break; > case ecryptfs_opt_fn_cipher_key_bytes: > fn_cipher_key_bytes_src = args[0].from; > @@ -349,7 +340,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > &fn_cipher_key_bytes_src, 0); > mount_crypt_stat->global_default_fn_cipher_key_bytes = > fn_cipher_key_bytes; > - fn_cipher_key_bytes_set = 1; > + mount_crypt_stat->fn_cipher_key_bytes_set = 1; > break; > case ecryptfs_opt_unlink_sigs: > mount_crypt_stat->flags |= ECRYPTFS_UNLINK_SIGS; > @@ -359,7 +350,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY; > break; > case ecryptfs_opt_check_dev_ruid: > - *check_ruid = 1; > + mount_crypt_stat->check_ruid = 1; > break; > case ecryptfs_opt_err: > default: > @@ -368,14 +359,25 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > __func__, p); > } > } > - if (!sig_set) { > + > +out: > + return rc; > +} > + > +static int ecryptfs_validate_options( > + struct ecryptfs_mount_crypt_stat *mount_crypt_stat) > +{ > + int rc = 0; > + u8 cipher_code; > + > + if (!mount_crypt_stat->sig_set) { > rc = -EINVAL; > ecryptfs_printk(KERN_ERR, "You must supply at least one valid " > "auth tok signature as a mount " > "parameter; see the eCryptfs README\n"); > goto out; > } > - if (!cipher_name_set) { > + if (!mount_crypt_stat->cipher_name_set) { > int cipher_name_len = strlen(ECRYPTFS_DEFAULT_CIPHER); > > BUG_ON(cipher_name_len > ECRYPTFS_MAX_CIPHER_NAME_SIZE); > @@ -383,13 +385,13 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > ECRYPTFS_DEFAULT_CIPHER); > } > if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) > - && !fn_cipher_name_set) > + && !mount_crypt_stat->fn_cipher_name_set) > strcpy(mount_crypt_stat->global_default_fn_cipher_name, > mount_crypt_stat->global_default_cipher_name); > - if (!cipher_key_bytes_set) > + if (!mount_crypt_stat->cipher_key_bytes_set) > mount_crypt_stat->global_default_cipher_key_size = 0; > if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) > - && !fn_cipher_key_bytes_set) > + && !mount_crypt_stat->fn_cipher_key_bytes_set) > mount_crypt_stat->global_default_fn_cipher_key_bytes = > mount_crypt_stat->global_default_cipher_key_size; > > @@ -469,7 +471,6 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags > const char *err = "Getting sb failed"; > struct inode *inode; > struct path path; > - uid_t check_ruid; > int rc; > > sbi = kmem_cache_zalloc(ecryptfs_sb_info_cache, GFP_KERNEL); > @@ -484,12 +485,17 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags > goto out; > } > > - rc = ecryptfs_parse_options(sbi, raw_data, &check_ruid); > + rc = ecryptfs_parse_options(sbi, raw_data); > if (rc) { > err = "Error parsing options"; > goto out; > } > mount_crypt_stat = &sbi->mount_crypt_stat; > + rc = ecryptfs_validate_options(mount_crypt_stat); > + if (rc) { > + err = "Error validationg options"; > + goto out; > + } > > s = sget(fs_type, NULL, set_anon_super, flags, NULL); > if (IS_ERR(s)) { > @@ -529,7 +535,8 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags > goto out_free; > } > > - if (check_ruid && !uid_eq(d_inode(path.dentry)->i_uid, current_uid())) { > + if (mount_crypt_stat->check_ruid && > + !uid_eq(d_inode(path.dentry)->i_uid, current_uid())) { > rc = -EPERM; > printk(KERN_ERR "Mount of device (uid: %d) not owned by " > "requested user (uid: %d)\n", > -- > 2.46.0 >