ext4: require key for truncate(2) of encrypted file

Currently, filesystems allow truncate(2) on an encrypted file without the encryption key. However, it's impossible to correctly handle the case where the size being truncated to is not a multiple of the filesystem block size, because that would require decrypting the final block, zeroing the part beyond i_size, then encrypting the block. As other modifications to encrypted file contents are prohibited without the key, just prohibit truncate(2) as well, making it fail with ENOKEY. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
author: Eric Biggers <ebiggers@google.com> 2017-06-23 19:48:44 -0400
committer: Theodore Ts'o <tytso@mit.edu> 2017-06-23 19:48:44 -0400
commit: 63136858aecbe86dbd3c3289a3f46ba1b5f92239 (patch)
tree: ed24bdb2cee0c087bde6737539358856c8b3249a /fs/ext4
parent: 66e0aaadce7fc99e91e0b427e2b177e14d0b951b (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 754c2190af31..daed9b38362a 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -5323,6 +5323,14 @@ int ext4_setattr(struct dentry *dentry, struct iattr *attr)
 		loff_t oldsize = inode->i_size;
 		int shrink = (attr->ia_size <= inode->i_size);
 
+		if (ext4_encrypted_inode(inode)) {
+			error = fscrypt_get_encryption_info(inode);
+			if (error)
+				return error;
+			if (!fscrypt_has_encryption_key(inode))
+				return -ENOKEY;
+		}
+
 		if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS))) {
 			struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
author	Eric Biggers <ebiggers@google.com>	2017-06-23 19:48:44 -0400
committer	Theodore Ts'o <tytso@mit.edu>	2017-06-23 19:48:44 -0400
commit	63136858aecbe86dbd3c3289a3f46ba1b5f92239 (patch)
tree	ed24bdb2cee0c087bde6737539358856c8b3249a /fs/ext4
parent	66e0aaadce7fc99e91e0b427e2b177e14d0b951b (diff)