commit 28b4c263961c47da84ed8b5be0b5116bad1133eb
author Theodore Ts'o <tytso@mit.edu> Sun Feb 07 19:35:05 2016 -0500
committer Theodore Ts'o <tytso@mit.edu> Sun Feb 07 19:35:05 2016 -0500
tree cf169b33d19264de0af048876e0276f06430f726
parent 36f90b0a2ddd60823fe193a85e60ff1906c2a9b3

ext4 crypto: revalidate dentry after adding or removing the key

Add a validation check for dentries for encrypted directory to make
sure we're not caching stale data after a key has been added or removed.

Also check to make sure that status of the encryption key is updated
when readdir(2) is executed.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fs/ext4/namei.c

diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 06574dd..5de8483 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1558,6 +1558,24 @@
 	struct ext4_dir_entry_2 *de;
 	struct buffer_head *bh;
 
+       if (ext4_encrypted_inode(dir)) {
+               int res = ext4_get_encryption_info(dir);
+
+		/*
+		 * This should be a properly defined flag for
+		 * dentry->d_flags when we uplift this to the VFS.
+		 * d_fsdata is set to (void *) 1 if if the dentry is
+		 * created while the directory was encrypted and we
+		 * don't have access to the key.
+		 */
+	       dentry->d_fsdata = NULL;
+	       if (ext4_encryption_info(dir))
+		       dentry->d_fsdata = (void *) 1;
+	       d_set_d_op(dentry, &ext4_encrypted_d_ops);
+	       if (res && res != -ENOKEY)
+		       return ERR_PTR(res);
+       }
+
 	if (dentry->d_name.len > EXT4_NAME_LEN)
 		return ERR_PTR(-ENAMETOOLONG);