Commit a4a07fe7 authored Oct 15, 2016 by Eric Biggers

UPSTREAM: fscrypto: lock inode while setting encryption policy



commit 8906a8223ad4909b391c5628f7991ebceda30e52 upstream.

i_rwsem needs to be acquired while setting an encryption policy so that
concurrent calls to FS_IOC_SET_ENCRYPTION_POLICY are correctly
serialized (especially the ->get_context() + ->set_context() pair), and
so that new files cannot be created in the directory during or after the
->empty_dir() check.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Richard Weinberger <richard@nod.at>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 3a19419c50c6ee386ca6d22a23acc2df51583d3d)
Change-Id: I67a50f992998f985bd0fe98245c1a2525ce5d261
Signed-off-by: Eric Biggers <ebiggers@google.com>

parent b3708b87

fs/ext4/ioctl.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -648,8 +648,12 @@ resizefs_out:
		if (err)
		goto encryption_policy_out;

		mutex_lock(&inode->i_mutex);

		err = ext4_process_policy(&policy, inode);

		mutex_unlock(&inode->i_mutex);

		mnt_drop_write_file(filp);
		encryption_policy_out:
		return err;