[PATCH 1/1] ubifs: support authentication, for ro mount, when no key is given

Sascha Hauer s.hauer at pengutronix.de
Fri Jun 26 00:31:20 EDT 2020


Hi Torben,

On Thu, Jun 25, 2020 at 05:59:27PM +0200, Torben Hohn wrote:
> diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
> index 7fc2f3f07c16..ec95f1f50e5e 100644
> --- a/fs/ubifs/super.c
> +++ b/fs/ubifs/super.c
> @@ -1291,6 +1291,17 @@ static int mount_ubifs(struct ubifs_info *c)
>  			err = -EINVAL;
>  			goto out_free;
>  		}
> +	} else if (c->auth_hash_name) {
> +		if (IS_ENABLED(CONFIG_UBIFS_FS_AUTHENTICATION)) {
> +			err = ubifs_init_authentication_read_only(c);
> +			if (err)
> +				goto out_free;
> +		} else {
> +			ubifs_err(c, "auth_hash_name, but UBIFS is built without"
> +				  " authentication support");
> +			err = -EINVAL;
> +			goto out_free;
> +		}
>  	}

In case we don't have a key available for HMAC and can only verify the
FS is correctly signed then we have to be sure that we are mounting
readonly. This means the above needs an additional check for
c->ro_mount.

Once we can be sure that UBIFS is in readonly mode when we can't do HMAC
then there's no point in adding a ubifs_authenticated_write(), because
the places where you call it will never be hit in a readonly mounted
filesystem.

Regards,
 Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |



More information about the linux-mtd mailing list