diff options
author | Theodore Ts'o <tytso@mit.edu> | 2015-05-31 13:35:39 -0400 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2015-05-31 13:35:39 -0400 |
commit | abdd438b26b409eaccf9c847fcf9c3ab52f1959e (patch) | |
tree | 4473a3667ab265065f0ce81b49d76e8c095b19d2 /fs/ext4/file.c | |
parent | 4d3c4e5b8cae3bb45ba933a22670504239958aa1 (diff) | |
download | lwn-abdd438b26b409eaccf9c847fcf9c3ab52f1959e.tar.gz lwn-abdd438b26b409eaccf9c847fcf9c3ab52f1959e.zip |
ext4 crypto: handle unexpected lack of encryption keys
Fix up attempts by users to try to write to a file when they don't
have access to the encryption key.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ext4/file.c')
-rw-r--r-- | fs/ext4/file.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/fs/ext4/file.c b/fs/ext4/file.c index 875ca6b95a4b..ac517f15741c 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -226,6 +226,8 @@ static int ext4_file_mmap(struct file *file, struct vm_area_struct *vma) int err = ext4_get_encryption_info(inode); if (err) return 0; + if (ext4_encryption_info(inode) == NULL) + return -ENOKEY; } file_accessed(file); if (IS_DAX(file_inode(file))) { @@ -278,6 +280,13 @@ static int ext4_file_open(struct inode * inode, struct file * filp) ext4_journal_stop(handle); } } + if (ext4_encrypted_inode(inode)) { + ret = ext4_get_encryption_info(inode); + if (ret) + return -EACCES; + if (ext4_encryption_info(inode) == NULL) + return -ENOKEY; + } /* * Set up the jbd2_inode if we are opening the inode for * writing and the journal is present @@ -287,13 +296,7 @@ static int ext4_file_open(struct inode * inode, struct file * filp) if (ret < 0) return ret; } - ret = dquot_file_open(inode, filp); - if (!ret && ext4_encrypted_inode(inode)) { - ret = ext4_get_encryption_info(inode); - if (ret) - ret = -EACCES; - } - return ret; + return dquot_file_open(inode, filp); } /* |