From 2faff9d1dfc560da3bfba6a8ab0c30246fd6c1cb Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Sun, 7 Feb 2016 19:35:05 -0500
Subject: ext4 crypto: revalidate dentry after adding or removing the key

commit 28b4c263961c47da84ed8b5be0b5116bad1133eb upstream.

Add a validation check for dentries for encrypted directory to make
sure we're not caching stale data after a key has been added or removed.

Also check to make sure that status of the encryption key is updated
when readdir(2) is executed.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 fs/ext4/dir.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'fs/ext4/dir.c')

diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c
index 1d1bca74f844..6d17f31a31d7 100644
--- a/fs/ext4/dir.c
+++ b/fs/ext4/dir.c
@@ -111,6 +111,12 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
 	int dir_has_error = 0;
 	struct ext4_str fname_crypto_str = {.name = NULL, .len = 0};
 
+	if (ext4_encrypted_inode(inode)) {
+		err = ext4_get_encryption_info(inode);
+		if (err && err != -ENOKEY)
+			return err;
+	}
+
 	if (is_dx_dir(inode)) {
 		err = ext4_dx_readdir(file, ctx);
 		if (err != ERR_BAD_DX_DIR) {
-- 
cgit v1.2.3