[PATCH] f2fs: deny accessing encryption policy if encryption is off

From: Chao Yu
Date: Tue Nov 14 2017 - 06:29:27 EST


This patch adds missing feature check in encryption ioctl interface.

Signed-off-by: Chao Yu <yuchao0@xxxxxxxxxx>
---
fs/f2fs/file.c | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 41a6f1f70416..25038cfc9217 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -1928,6 +1928,9 @@ static int f2fs_ioc_set_encryption_policy(struct file *filp, unsigned long arg)
{
struct inode *inode = file_inode(filp);

+ if (!f2fs_sb_has_crypto(inode->i_sb))
+ return -EOPNOTSUPP;
+
f2fs_update_time(F2FS_I_SB(inode), REQ_TIME);

return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
@@ -1935,6 +1938,8 @@ static int f2fs_ioc_set_encryption_policy(struct file *filp, unsigned long arg)

static int f2fs_ioc_get_encryption_policy(struct file *filp, unsigned long arg)
{
+ if (!f2fs_sb_has_crypto(file_inode(filp)->i_sb))
+ return -EOPNOTSUPP;
return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
}

--
2.15.0.55.gc2ece9dc4de6