Revert "ecryptfs: forbid opening files without mmap handler"
This reverts commit 2f36db71009304b3f0b95afacd8eba1f9f046b87.
It fixed a local root exploit but also introduced a dependency on
the lower file system implementing an mmap operation just to open a file,
which is a bit of a heavy hammer. The right fix is to have mmap depend
on the existence of the mmap handler instead.
Change-Id: I29aea438b02dda1170384cbc3629b705bd7b0273
Tracked-On: https://jira01.devtools.intel.com/browse/AW-2810
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Cc: stable@vger.kernel.org
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reviewed-on: https://android.intel.com/553592
Reviewed-by: Louis, FabienX <fabienx.louis@intel.com>
Tested-by: Louis, FabienX <fabienx.louis@intel.com>
Reviewed-by: Dubray, SimonX <simonx.dubray@intel.com>
Reviewed-by: Mahe, Erwan <erwan.mahe@intel.com>
Reviewed-by: Ledentec, AlexandreX <alexandrex.ledentec@intel.com>
Reviewed-by: Tasayco Loarte, VictorX <victorx.tasayco.loarte@intel.com>
Tested-by: Tasayco Loarte, VictorX <victorx.tasayco.loarte@intel.com>
Reviewed-by: Maalem, Saadi <saadi.maalem@intel.com>
diff --git a/fs/ecryptfs/kthread.c b/fs/ecryptfs/kthread.c
index 930ab06..f1ea610 100644
--- a/fs/ecryptfs/kthread.c
+++ b/fs/ecryptfs/kthread.c
@@ -147,7 +147,7 @@
flags |= IS_RDONLY(lower_dentry->d_inode) ? O_RDONLY : O_RDWR;
(*lower_file) = dentry_open(&req.path, flags, cred);
if (!IS_ERR(*lower_file))
- goto have_file;
+ goto out;
if ((flags & O_ACCMODE) == O_RDONLY) {
rc = PTR_ERR((*lower_file));
goto out;
@@ -165,16 +165,8 @@
mutex_unlock(&ecryptfs_kthread_ctl.mux);
wake_up(&ecryptfs_kthread_ctl.wait);
wait_for_completion(&req.done);
- if (IS_ERR(*lower_file)) {
+ if (IS_ERR(*lower_file))
rc = PTR_ERR(*lower_file);
- goto out;
- }
-have_file:
- if ((*lower_file)->f_op->mmap == NULL) {
- fput(*lower_file);
- *lower_file = NULL;
- rc = -EMEDIUMTYPE;
- }
out:
return rc;
}