fscrypt: require that fscrypt_encrypt_symlink() already has key

Now that all filesystems have been converted to use fscrypt_prepare_new_inode(), the encryption key for new symlink inodes is now already set up whenever we try to encrypt the symlink target. Enforce this rather than try to set up the key again when it may be too late to do so safely. Acked-by: Jeff Layton <jlayton@kernel.org> Link: https://lore.kernel.org/r/20200917041136.178600-9-ebiggers@kernel.orgSigned-off-by: Eric Biggers <ebiggers@google.com>

fscrypt: require that fscrypt_encrypt_symlink() already has key
Now that all filesystems have been converted to use fscrypt_prepare_new_inode(), the encryption key for new symlink inodes is now already set up whenever we try to encrypt the symlink target. Enforce this rather than try to set up the key again when it may be too late to do so safely. Acked-by: Jeff Layton <jlayton@kernel.org> Link: https://lore.kernel.org/r/20200917041136.178600-9-ebiggers@kernel.orgSigned-off-by: Eric Biggers <ebiggers@google.com>
4cc1a3e7 · Eric Biggers · e9d5e31d · 4cc1a3e7
Commit 4cc1a3e7 authored Sep 16, 2020 by Eric Biggers
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 3 deletions

fs/crypto/hooks.c fs/crypto/hooks.c +7 -3

No files found.
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -217,9 +217,13 @@ int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
 	struct fscrypt_symlink_data *sd;
 	unsigned int ciphertext_len;

-	err = fscrypt_require_key(inode);
-	if (err)
-		return err;
+	/*
+	 * fscrypt_prepare_new_inode() should have already set up the new
+	 * symlink inode's encryption key.  We don't wait until now to do it,
+	 * since we may be in a filesystem transaction now.
+	 */
+	if (WARN_ON_ONCE(!fscrypt_has_encryption_key(inode)))
+		return -ENOKEY;

 	if (disk_link->name) {
 		/* filesystem-provided buffer */