search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
add patch use-swap-in-memswap
[ext4-patch-queue.git] / crypto-handle-unexpected-missing-keys
blob5d536bd4b6f7eb6bda5fb1c10311d06ca180c1c6
1 ext4 crypto: handle unexpected lack of encryption keys
2
3 Fix up attempts by users to try to write to a file when they don't
4 have access to the encryption key.
5
6 Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 ---
8  fs/ext4/crypto.c        |  3 ++-
9  fs/ext4/crypto_policy.c |  3 ++-
10  fs/ext4/file.c          | 17 ++++++++++-------
11  3 files changed, 14 insertions(+), 9 deletions(-)
12
13 diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c
14 index ac2419c..6634478 100644
15 --- a/fs/ext4/crypto.c
16 +++ b/fs/ext4/crypto.c
17 @@ -104,7 +104,8 @@ struct ext4_crypto_ctx *ext4_get_crypto_ctx(struct inode *inode)
18         unsigned long flags;
19         struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
20  
21 -       BUG_ON(ci == NULL);
22 +       if (ci == NULL)
23 +               return ERR_PTR(-ENOKEY);
24  
25         /*
26          * We first try getting the ctx from a free list because in
27 diff --git a/fs/ext4/crypto_policy.c b/fs/ext4/crypto_policy.c
28 index a1d434d..02c4e5d 100644
29 --- a/fs/ext4/crypto_policy.c
30 +++ b/fs/ext4/crypto_policy.c
31 @@ -183,7 +183,8 @@ int ext4_inherit_context(struct inode *parent, struct inode *child)
32         if (res < 0)
33                 return res;
34         ci = EXT4_I(parent)->i_crypt_info;
35 -       BUG_ON(ci == NULL);
36 +       if (ci == NULL)
37 +               return -ENOKEY;
38  
39         ctx.format = EXT4_ENCRYPTION_CONTEXT_FORMAT_V1;
40         if (DUMMY_ENCRYPTION_ENABLED(EXT4_SB(parent->i_sb))) {
41 diff --git a/fs/ext4/file.c b/fs/ext4/file.c
42 index 875ca6b..ac517f1 100644
43 --- a/fs/ext4/file.c
44 +++ b/fs/ext4/file.c
45 @@ -226,6 +226,8 @@ static int ext4_file_mmap(struct file *file, struct vm_area_struct *vma)
46                 int err = ext4_get_encryption_info(inode);
47                 if (err)
48                         return 0;
49 +               if (ext4_encryption_info(inode) == NULL)
50 +                       return -ENOKEY;
51         }
52         file_accessed(file);
53         if (IS_DAX(file_inode(file))) {
54 @@ -278,6 +280,13 @@ static int ext4_file_open(struct inode * inode, struct file * filp)
55                         ext4_journal_stop(handle);
56                 }
57         }
58 +       if (ext4_encrypted_inode(inode)) {
59 +               ret = ext4_get_encryption_info(inode);
60 +               if (ret)
61 +                       return -EACCES;
62 +               if (ext4_encryption_info(inode) == NULL)
63 +                       return -ENOKEY;
64 +       }
65         /*
66          * Set up the jbd2_inode if we are opening the inode for
67          * writing and the journal is present
68 @@ -287,13 +296,7 @@ static int ext4_file_open(struct inode * inode, struct file * filp)
69                 if (ret < 0)
70                         return ret;
71         }
72 -       ret = dquot_file_open(inode, filp);
73 -       if (!ret && ext4_encrypted_inode(inode)) {
74 -               ret = ext4_get_encryption_info(inode);
75 -               if (ret)
76 -                       ret = -EACCES;
77 -       }
78 -       return ret;
79 +       return dquot_file_open(inode, filp);
80  }
81  
82  /*
Ext4 Patch Queue