diff options
author | Chao Yu <chao2.yu@samsung.com> | 2016-02-14 11:58:35 +0100 |
---|---|---|
committer | Jaegeuk Kim <jaegeuk@kernel.org> | 2016-02-23 01:07:23 +0100 |
commit | ae1086686487f13130937918ca91d920c1daafcb (patch) | |
tree | 7868f8e4b1850e6f4ea2492567203ccae695c7ee /fs | |
parent | f2fs crypto: make sure the encryption info is initialized on opendir(2) (diff) | |
download | linux-ae1086686487f13130937918ca91d920c1daafcb.tar.xz linux-ae1086686487f13130937918ca91d920c1daafcb.zip |
f2fs crypto: handle unexpected lack of encryption keys
This patch syncs f2fs with commit abdd438b26b4 ("ext4 crypto: handle
unexpected lack of encryption keys") from ext4.
Fix up attempts by users to try to write to a file when they don't
have access to the encryption key.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Chao Yu <chao2.yu@samsung.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/f2fs/crypto_policy.c | 3 | ||||
-rw-r--r-- | fs/f2fs/file.c | 6 |
2 files changed, 7 insertions, 2 deletions
diff --git a/fs/f2fs/crypto_policy.c b/fs/f2fs/crypto_policy.c index d4a96af513c2..596f02490f27 100644 --- a/fs/f2fs/crypto_policy.c +++ b/fs/f2fs/crypto_policy.c @@ -192,7 +192,8 @@ int f2fs_inherit_context(struct inode *parent, struct inode *child, return res; ci = F2FS_I(parent)->i_crypt_info; - BUG_ON(ci == NULL); + if (ci == NULL) + return -ENOKEY; ctx.format = F2FS_ENCRYPTION_CONTEXT_FORMAT_V1; diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 05f5f2f8f8fd..8dea19500120 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -424,6 +424,8 @@ static int f2fs_file_mmap(struct file *file, struct vm_area_struct *vma) err = f2fs_get_encryption_info(inode); if (err) return 0; + if (!f2fs_encrypted_inode(inode)) + return -ENOKEY; } /* we don't need to use inline_data strictly */ @@ -443,7 +445,9 @@ static int f2fs_file_open(struct inode *inode, struct file *filp) if (!ret && f2fs_encrypted_inode(inode)) { ret = f2fs_get_encryption_info(inode); if (ret) - ret = -EACCES; + return -EACCES; + if (!f2fs_encrypted_inode(inode)) + return -ENOKEY; } return ret; } |