[PATCH 4.5 168/200] f2fs crypto: handle unexpected lack of encryption keys

From: Greg Kroah-Hartman
Date: Mon May 02 2016 - 20:58:42 EST


4.5-stable review patch. If anyone has any objections, please let me know.

------------------

From: Chao Yu <chao2.yu@xxxxxxxxxxx>

commit ae1086686487f13130937918ca91d920c1daafcb upstream.

This patch syncs f2fs with commit abdd438b26b4 ("ext4 crypto: handle
unexpected lack of encryption keys") from ext4.

Fix up attempts by users to try to write to a file when they don't
have access to the encryption key.

Signed-off-by: Theodore Ts'o <tytso@xxxxxxx>
Signed-off-by: Chao Yu <chao2.yu@xxxxxxxxxxx>
Signed-off-by: Jaegeuk Kim <jaegeuk@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
fs/f2fs/crypto_policy.c | 3 ++-
fs/f2fs/file.c | 6 +++++-
2 files changed, 7 insertions(+), 2 deletions(-)

--- a/fs/f2fs/crypto_policy.c
+++ b/fs/f2fs/crypto_policy.c
@@ -192,7 +192,8 @@ int f2fs_inherit_context(struct inode *p
return res;

ci = F2FS_I(parent)->i_crypt_info;
- BUG_ON(ci == NULL);
+ if (ci == NULL)
+ return -ENOKEY;

ctx.format = F2FS_ENCRYPTION_CONTEXT_FORMAT_V1;

--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -425,6 +425,8 @@ static int f2fs_file_mmap(struct file *f
err = f2fs_get_encryption_info(inode);
if (err)
return 0;
+ if (!f2fs_encrypted_inode(inode))
+ return -ENOKEY;
}

/* we don't need to use inline_data strictly */
@@ -444,7 +446,9 @@ static int f2fs_file_open(struct inode *
if (!ret && f2fs_encrypted_inode(inode)) {
ret = f2fs_get_encryption_info(inode);
if (ret)
- ret = -EACCES;
+ return -EACCES;
+ if (!f2fs_encrypted_inode(inode))
+ return -ENOKEY;
}
return ret;
}