From: Hongjie Fang <hongjiefang@xxxxxxxxxxxx> commit 5858bdad4d0d0fc18bf29f34c3ac836e0b59441f upstream. The directory may have been removed when entering fscrypt_ioctl_set_policy(). If so, the empty_dir() check will return error for ext4 file system. ext4_rmdir() sets i_size = 0, then ext4_empty_dir() reports an error because 'inode->i_size < EXT4_DIR_REC_LEN(1) + EXT4_DIR_REC_LEN(2)'. If the fs is mounted with errors=panic, it will trigger a panic issue. Add the check IS_DEADDIR() to fix this problem. Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt support") Cc: <stable@xxxxxxxxxxxxxxx> # v4.1+ Signed-off-by: Hongjie Fang <hongjiefang@xxxxxxxxxxxx> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/ext4/crypto_policy.c | 2 ++ fs/f2fs/crypto_policy.c | 2 ++ 2 files changed, 4 insertions(+) --- a/fs/ext4/crypto_policy.c +++ b/fs/ext4/crypto_policy.c @@ -111,6 +111,8 @@ int ext4_process_policy(const struct ext if (!ext4_inode_has_encryption_context(inode)) { if (!S_ISDIR(inode->i_mode)) return -EINVAL; + if (IS_DEADDIR(inode)) + return -ENOENT; if (!ext4_empty_dir(inode)) return -ENOTEMPTY; return ext4_create_encryption_context_from_policy(inode, --- a/fs/f2fs/crypto_policy.c +++ b/fs/f2fs/crypto_policy.c @@ -99,6 +99,8 @@ int f2fs_process_policy(const struct f2f return -EINVAL; if (!f2fs_inode_has_encryption_context(inode)) { + if (IS_DEADDIR(inode)) + return -ENOENT; if (!f2fs_empty_dir(inode)) return -ENOTEMPTY; return f2fs_create_encryption_context_from_policy(inode,