1 ext4: don't allow encrypted operations without keys
3 While we allow deletes without the key, the following should not be
6 # cd /vdc/encrypted-dir-without-key
9 -rw-r--r-- 1 root root 0 Dec 27 22:35 6,LKNRJsp209FbXoSvJWzB
10 -rw-r--r-- 1 root root 286 Dec 27 22:35 uRJ5vJh9gE7vcomYMqTAyD
11 # mv uRJ5vJh9gE7vcomYMqTAyD 6,LKNRJsp209FbXoSvJWzB
13 Signed-off-by: Theodore Ts'o <tytso@mit.edu>
15 fs/ext4/namei.c | 12 ++++++++++++
16 1 file changed, 12 insertions(+)
18 diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
19 index eadba919f26b..45a5ba558074 100644
22 @@ -3525,6 +3525,12 @@ static int ext4_rename(struct inode *old_dir, struct dentry *old_dentry,
23 EXT4_I(old_dentry->d_inode)->i_projid)))
26 + if ((ext4_encrypted_inode(old_dir) &&
27 + !fscrypt_has_encryption_key(old_dir)) ||
28 + (ext4_encrypted_inode(new_dir) &&
29 + !fscrypt_has_encryption_key(new_dir)))
32 retval = dquot_initialize(old.dir);
35 @@ -3725,6 +3731,12 @@ static int ext4_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
37 struct timespec ctime;
39 + if ((ext4_encrypted_inode(old_dir) &&
40 + !fscrypt_has_encryption_key(old_dir)) ||
41 + (ext4_encrypted_inode(new_dir) &&
42 + !fscrypt_has_encryption_key(new_dir)))
45 if ((ext4_encrypted_inode(old_dir) ||
46 ext4_encrypted_inode(new_dir)) &&
47 (old_dir != new_dir) &&