If we have an encrypted dentry, then we need to test whether a new key might have been established or removed. Do that before we test anything else about the dentry. Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx> --- fs/ceph/dir.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index b3f2741becdb..cc85933413b9 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1695,6 +1695,12 @@ static int ceph_d_revalidate(struct dentry *dentry, unsigned int flags) dout("d_revalidate %p '%pd' inode %p offset 0x%llx\n", dentry, dentry, inode, ceph_dentry(dentry)->offset); + if (IS_ENCRYPTED(dir)) { + valid = fscrypt_d_revalidate(dentry, flags); + if (valid <= 0) + return valid; + } + mdsc = ceph_sb_to_client(dir->i_sb)->mdsc; /* always trust cached snapped dentries, snapdir dentry */ -- 2.26.2