This is a note to let you know that I've just added the patch titled f2fs: don't allow encrypted operations without keys to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: f2fs-don-t-allow-encrypted-operations-without-keys.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 363fa4e078cbdc97a172c19d19dc04b41b52ebc8 Mon Sep 17 00:00:00 2001 From: Jaegeuk Kim <jaegeuk@xxxxxxxxxx> Date: Wed, 28 Dec 2016 17:31:15 -0800 Subject: f2fs: don't allow encrypted operations without keys From: Jaegeuk Kim <jaegeuk@xxxxxxxxxx> commit 363fa4e078cbdc97a172c19d19dc04b41b52ebc8 upstream. This patch fixes the renaming bug on encrypted filenames, which was pointed by (ext4: don't allow encrypted operations without keys) Cc: Theodore Ts'o <tytso@xxxxxxx> Reviewed-by: Chao Yu <yuchao0@xxxxxxxxxx> Signed-off-by: Jaegeuk Kim <jaegeuk@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/f2fs/namei.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) --- a/fs/f2fs/namei.c +++ b/fs/f2fs/namei.c @@ -597,6 +597,12 @@ static int f2fs_rename(struct inode *old struct f2fs_dir_entry *new_entry; int err = -ENOENT; + if ((f2fs_encrypted_inode(old_dir) && + !fscrypt_has_encryption_key(old_dir)) || + (f2fs_encrypted_inode(new_dir) && + !fscrypt_has_encryption_key(new_dir))) + return -ENOKEY; + if ((old_dir != new_dir) && f2fs_encrypted_inode(new_dir) && !f2fs_is_child_context_consistent_with_parent(new_dir, old_inode)) { @@ -755,6 +761,12 @@ static int f2fs_cross_rename(struct inod int old_nlink = 0, new_nlink = 0; int err = -ENOENT; + if ((f2fs_encrypted_inode(old_dir) && + !fscrypt_has_encryption_key(old_dir)) || + (f2fs_encrypted_inode(new_dir) && + !fscrypt_has_encryption_key(new_dir))) + return -ENOKEY; + if ((f2fs_encrypted_inode(old_dir) || f2fs_encrypted_inode(new_dir)) && (old_dir != new_dir) && (!f2fs_is_child_context_consistent_with_parent(new_dir, Patches currently in stable-queue which might be from jaegeuk@xxxxxxxxxx are queue-4.4/f2fs-don-t-allow-encrypted-operations-without-keys.patch