ext4 crypto: revalidate dentry after adding or removing the key

commit 28b4c263961c47da84ed8b5be0b5116bad1133eb upstream. Add a validation check for dentries for encrypted directory to make sure we're not caching stale data after a key has been added or removed. Also check to make sure that status of the encryption key is updated when readdir(2) is executed. Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Theodore Ts'o <tytso@mit.edu> 2016-02-07 19:35:05 -0500
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2017-05-08 07:46:02 +0200
commit: 2faff9d1dfc560da3bfba6a8ab0c30246fd6c1cb (patch)
tree: fe2de7191aafd020e80d08243c5c3349fad1f42d /fs/ext4/dir.c
parent: e2968fb8e7980dccc199dac2593ad476db20969f (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c
index 1d1bca74f844..6d17f31a31d7 100644
--- a/fs/ext4/dir.c
+++ b/fs/ext4/dir.c
@@ -111,6 +111,12 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
 	int dir_has_error = 0;
 	struct ext4_str fname_crypto_str = {.name = NULL, .len = 0};
 
+	if (ext4_encrypted_inode(inode)) {
+		err = ext4_get_encryption_info(inode);
+		if (err && err != -ENOKEY)
+			return err;
+	}
+
 	if (is_dx_dir(inode)) {
 		err = ext4_dx_readdir(file, ctx);
 		if (err != ERR_BAD_DX_DIR) {
author	Theodore Ts'o <tytso@mit.edu>	2016-02-07 19:35:05 -0500
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2017-05-08 07:46:02 +0200
commit	2faff9d1dfc560da3bfba6a8ab0c30246fd6c1cb (patch)
tree	fe2de7191aafd020e80d08243c5c3349fad1f42d /fs/ext4/dir.c
parent	e2968fb8e7980dccc199dac2593ad476db20969f (diff)