summaryrefslogtreecommitdiffstats
path: root/fs/ext4/namei.c
diff options
context:
space:
mode:
authorTheodore Ts'o <tytso@mit.edu>2016-02-08 06:54:26 +0100
committerTheodore Ts'o <tytso@mit.edu>2016-02-08 06:54:26 +0100
commitff978b09f973db0d0597704eba350a994d7729e6 (patch)
tree75f1066159641b2e1cc9891a7d6ccd5cb3b29826 /fs/ext4/namei.c
parentext4 crypto: revalidate dentry after adding or removing the key (diff)
downloadlinux-ff978b09f973db0d0597704eba350a994d7729e6.tar.xz
linux-ff978b09f973db0d0597704eba350a994d7729e6.zip
ext4 crypto: move context consistency check to ext4_file_open()
In the case where the per-file key for the directory is cached, but root does not have access to the key needed to derive the per-file key for the files in the directory, we allow the lookup to succeed, so that lstat(2) and unlink(2) can suceed. However, if a program tries to open the file, it will get an ENOKEY error. Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to '')
-rw-r--r--fs/ext4/namei.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 5de8483f0062..48e4b8907826 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1603,11 +1603,15 @@ static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsi
return ERR_PTR(-EFSCORRUPTED);
}
if (!IS_ERR(inode) && ext4_encrypted_inode(dir) &&
- (S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode) ||
- S_ISLNK(inode->i_mode)) &&
+ (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
!ext4_is_child_context_consistent_with_parent(dir,
inode)) {
+ int nokey = ext4_encrypted_inode(inode) &&
+ !ext4_encryption_info(inode);
+
iput(inode);
+ if (nokey)
+ return ERR_PTR(-ENOKEY);
ext4_warning(inode->i_sb,
"Inconsistent encryption contexts: %lu/%lu\n",
(unsigned long) dir->i_ino,