ext4 crypto: revalidate dentry after adding or removing the key

		return size;

		return size;

	return 0;

	return 0;

}

}

/*

 * Validate dentries for encrypted directories to make sure we aren't

 * potentially caching stale data after a key has been added or

 * removed.

 */

static int ext4_d_revalidate(struct dentry *dentry, unsigned int flags)

{

	struct inode *dir = d_inode(dentry->d_parent);

	struct ext4_crypt_info *ci = EXT4_I(dir)->i_crypt_info;

	int dir_has_key, cached_with_key;

	if (!ext4_encrypted_inode(dir))

		return 0;

	if (ci && ci->ci_keyring_key &&

	    (ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) |

					  (1 << KEY_FLAG_REVOKED) |

					  (1 << KEY_FLAG_DEAD))))

		ci = NULL;

	/* this should eventually be an flag in d_flags */

	cached_with_key = dentry->d_fsdata != NULL;

	dir_has_key = (ci != NULL);

	/*

	 * If the dentry was cached without the key, and it is a

	 * negative dentry, it might be a valid name.  We can't check

	 * if the key has since been made available due to locking

	 * reasons, so we fail the validation so ext4_lookup() can do

	 * this check.

	 *

	 * We also fail the validation if the dentry was created with

	 * the key present, but we no longer have the key, or vice versa.

	 */

	if ((!cached_with_key && d_is_negative(dentry)) ||

	    (!cached_with_key && dir_has_key) ||

	    (cached_with_key && !dir_has_key)) {

#if 0				/* Revalidation debug */

		char buf[80];

		char *cp = simple_dname(dentry, buf, sizeof(buf));

		if (IS_ERR(cp))

			cp = (char *) "???";

		pr_err("revalidate: %s %p %d %d %d\n", cp, dentry->d_fsdata,

		       cached_with_key, d_is_negative(dentry),

		       dir_has_key);

#endif

		return 0;

	}

	return 1;

}

const struct dentry_operations ext4_encrypted_d_ops = {

	.d_revalidate = ext4_d_revalidate,

};

	int dir_has_error = 0;

	int dir_has_error = 0;

	struct ext4_str fname_crypto_str = {.name = NULL, .len = 0};

	struct ext4_str fname_crypto_str = {.name = NULL, .len = 0};

	if (ext4_encrypted_inode(inode)) {

		err = ext4_get_encryption_info(inode);

		if (err && err != -ENOKEY)

			return err;

	}

	if (is_dx_dir(inode)) {

	if (is_dx_dir(inode)) {

		err = ext4_dx_readdir(file, ctx);

		err = ext4_dx_readdir(file, ctx);

		if (err != ERR_BAD_DX_DIR) {

		if (err != ERR_BAD_DX_DIR) {

int ext4_decrypt(struct page *page);

int ext4_decrypt(struct page *page);

int ext4_encrypted_zeroout(struct inode *inode, ext4_lblk_t lblk,

int ext4_encrypted_zeroout(struct inode *inode, ext4_lblk_t lblk,

			   ext4_fsblk_t pblk, ext4_lblk_t len);

			   ext4_fsblk_t pblk, ext4_lblk_t len);

extern const struct dentry_operations ext4_encrypted_d_ops;

#ifdef CONFIG_EXT4_FS_ENCRYPTION

#ifdef CONFIG_EXT4_FS_ENCRYPTION

int ext4_init_crypto(void);

int ext4_init_crypto(void);

	struct ext4_dir_entry_2 *de;

	struct ext4_dir_entry_2 *de;

	struct buffer_head *bh;

	struct buffer_head *bh;

       if (ext4_encrypted_inode(dir)) {

               int res = ext4_get_encryption_info(dir);

		/*

		 * This should be a properly defined flag for

		 * dentry->d_flags when we uplift this to the VFS.

		 * d_fsdata is set to (void *) 1 if if the dentry is

		 * created while the directory was encrypted and we

		 * don't have access to the key.

		 */

	       dentry->d_fsdata = NULL;

	       if (ext4_encryption_info(dir))

		       dentry->d_fsdata = (void *) 1;

	       d_set_d_op(dentry, &ext4_encrypted_d_ops);

	       if (res && res != -ENOKEY)

		       return ERR_PTR(res);

       }

	if (dentry->d_name.len > EXT4_NAME_LEN)

	if (dentry->d_name.len > EXT4_NAME_LEN)

		return ERR_PTR(-ENAMETOOLONG);

		return ERR_PTR(-ENAMETOOLONG);