[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220418130839.9862-1-lhenriques@suse.de>
Date: Mon, 18 Apr 2022 14:08:39 +0100
From: Luís Henriques <lhenriques@...e.de>
To: Jeff Layton <jlayton@...nel.org>, Xiubo Li <xiubli@...hat.com>,
Ilya Dryomov <idryomov@...il.com>
Cc: ceph-devel@...r.kernel.org, linux-kernel@...r.kernel.org,
Luís Henriques <lhenriques@...e.de>
Subject: [PATCH] ceph: prevent snapshots to be created in encrypted locked directories
With snapshot names encryption we can not allow snapshots to be created in
locked directories because the names wouldn't be encrypted. This patch
forces the directory to be unlocked to allow a snapshot to be created.
Signed-off-by: Luís Henriques <lhenriques@...e.de>
---
fs/ceph/dir.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c
index f48f1ff20927..93e2f08102a1 100644
--- a/fs/ceph/dir.c
+++ b/fs/ceph/dir.c
@@ -1071,6 +1071,10 @@ static int ceph_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
err = -EDQUOT;
goto out;
}
+ if ((op == CEPH_MDS_OP_MKSNAP) && !fscrypt_has_encryption_key(dir)) {
+ err = -ENOKEY;
+ goto out;
+ }
req = ceph_mdsc_create_request(mdsc, op, USE_AUTH_MDS);
Powered by blists - more mailing lists