eCryptfs: do not try to open device files on mknod

[linux-2.6] / fs / ecryptfs / file.c

diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c
index 24749bf0668f0c8d82a887e2b857c347a86a40f5..2c2d60df3f607e99abc81d3caf1579794f32e5e3 100644 (file)
--- a/fs/ecryptfs/file.c
+++ b/fs/ecryptfs/file.c
@@ -192,6 +192,27 @@ static int ecryptfs_open(struct inode *inode, struct file *file)
                                      | ECRYPTFS_ENCRYPTED);
        }
        mutex_unlock(&crypt_stat->cs_mutex);
+       if ((ecryptfs_inode_to_private(inode)->lower_file->f_flags & O_RDONLY)
+           && !(file->f_flags & O_RDONLY)) {
+               rc = -EPERM;
+               printk(KERN_WARNING "%s: Lower persistent file is RO; eCryptfs "
+                      "file must hence be opened RO\n", __func__);
+               goto out;
+       }
+       if (!ecryptfs_inode_to_private(inode)->lower_file) {
+               BUG_ON(!(crypt_stat->flags & ECRYPTFS_DELAY_PERSISTENT));
+               mutex_lock(&crypt_stat->cs_mutex);
+               crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
+               mutex_unlock(&crypt_stat->cs_mutex);
+               rc = ecryptfs_init_persistent_file(ecryptfs_dentry);
+               if (rc) {
+                       printk(KERN_ERR "%s: Error attempting to initialize "
+                              "the persistent file for the dentry with name "
+                              "[%s]; rc = [%d]\n", __func__,
+                              ecryptfs_dentry->d_name.name, rc);
+                       goto out;
+               }
+       }
        ecryptfs_set_file_lower(
                file, ecryptfs_inode_to_private(inode)->lower_file);
        if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) {