summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorChao Yu <chao2.yu@samsung.com>2016-02-14 11:58:35 +0100
committerJaegeuk Kim <jaegeuk@kernel.org>2016-02-23 01:07:23 +0100
commitae1086686487f13130937918ca91d920c1daafcb (patch)
tree7868f8e4b1850e6f4ea2492567203ccae695c7ee /fs
parentf2fs crypto: make sure the encryption info is initialized on opendir(2) (diff)
downloadlinux-ae1086686487f13130937918ca91d920c1daafcb.tar.xz
linux-ae1086686487f13130937918ca91d920c1daafcb.zip
f2fs crypto: handle unexpected lack of encryption keys
This patch syncs f2fs with commit abdd438b26b4 ("ext4 crypto: handle unexpected lack of encryption keys") from ext4. Fix up attempts by users to try to write to a file when they don't have access to the encryption key. Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Diffstat (limited to 'fs')
-rw-r--r--fs/f2fs/crypto_policy.c3
-rw-r--r--fs/f2fs/file.c6
2 files changed, 7 insertions, 2 deletions
diff --git a/fs/f2fs/crypto_policy.c b/fs/f2fs/crypto_policy.c
index d4a96af513c2..596f02490f27 100644
--- a/fs/f2fs/crypto_policy.c
+++ b/fs/f2fs/crypto_policy.c
@@ -192,7 +192,8 @@ int f2fs_inherit_context(struct inode *parent, struct inode *child,
return res;
ci = F2FS_I(parent)->i_crypt_info;
- BUG_ON(ci == NULL);
+ if (ci == NULL)
+ return -ENOKEY;
ctx.format = F2FS_ENCRYPTION_CONTEXT_FORMAT_V1;
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 05f5f2f8f8fd..8dea19500120 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -424,6 +424,8 @@ static int f2fs_file_mmap(struct file *file, struct vm_area_struct *vma)
err = f2fs_get_encryption_info(inode);
if (err)
return 0;
+ if (!f2fs_encrypted_inode(inode))
+ return -ENOKEY;
}
/* we don't need to use inline_data strictly */
@@ -443,7 +445,9 @@ static int f2fs_file_open(struct inode *inode, struct file *filp)
if (!ret && f2fs_encrypted_inode(inode)) {
ret = f2fs_get_encryption_info(inode);
if (ret)
- ret = -EACCES;
+ return -EACCES;
+ if (!f2fs_encrypted_inode(inode))
+ return -ENOKEY;
}
return ret;
}