diff options
| author | Luís Henriques <lhenriques@suse.de> | 2022-08-25 09:31:31 -0400 |
|---|---|---|
| committer | Ilya Dryomov <idryomov@gmail.com> | 2023-08-24 11:24:36 +0200 |
| commit | abd4fc775857cda97cde08d500a60b00617b8168 (patch) | |
| tree | cdd5f46027892a263f62ae2e788365403fe3b5dc /fs/ceph | |
| parent | dd66df0053ef84add5e684df517aa9b498342381 (diff) | |
| download | linux-abd4fc775857cda97cde08d500a60b00617b8168.tar.gz linux-abd4fc775857cda97cde08d500a60b00617b8168.tar.bz2 linux-abd4fc775857cda97cde08d500a60b00617b8168.zip | |
ceph: prevent snapshot creation in encrypted locked directories
With snapshot names encryption we can not allow snapshots to be created in
locked directories because the names wouldn't be encrypted. This patch
forces the directory to be unlocked to allow a snapshot to be created.
Signed-off-by: Luís Henriques <lhenriques@suse.de>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Xiubo Li <xiubli@redhat.com>
Reviewed-by: Milind Changire <mchangir@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Diffstat (limited to 'fs/ceph')
| -rw-r--r-- | fs/ceph/dir.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 4990886a366c..0e4f8e07022d 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1090,6 +1090,11 @@ static int ceph_mkdir(struct mnt_idmap *idmap, struct inode *dir, err = -EDQUOT; goto out; } + if ((op == CEPH_MDS_OP_MKSNAP) && IS_ENCRYPTED(dir) && + !fscrypt_has_encryption_key(dir)) { + err = -ENOKEY; + goto out; + } req = ceph_mdsc_create_request(mdsc, op, USE_AUTH_MDS); |