From: Luís Henriques <lhenriques@xxxxxxx>
With snapshot names encryption we can not allow snapshots to be created in
locked directories because the names wouldn't be encrypted. This patch
forces the directory to be unlocked to allow a snapshot to be created.
Tested-by: Luís Henriques <lhenriques@xxxxxxx>
Tested-by: Venky Shankar <vshankar@xxxxxxxxxx>
Reviewed-by: Xiubo Li <xiubli@xxxxxxxxxx>
Signed-off-by: Luís Henriques <lhenriques@xxxxxxx>
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
---
fs/ceph/dir.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c
index 0ca5dd36e414..bac2397e0fc9 100644
--- a/fs/ceph/dir.c
+++ b/fs/ceph/dir.c
@@ -1084,6 +1084,11 @@ static int ceph_mkdir(struct mnt_idmap *idmap, struct inode *dir,
err = -EDQUOT;
goto out;
}
+ if ((op == CEPH_MDS_OP_MKSNAP) && IS_ENCRYPTED(dir) &&
+ !fscrypt_has_encryption_key(dir)) {
+ err = -ENOKEY;
+ goto out;
+ }
req = ceph_mdsc_create_request(mdsc, op, USE_AUTH_MDS);
--
2.40.1
