ubifs: remove redundant checks for encryption key

In several places, ubifs checked for an encryption key before creating a file in an encrypted directory. This was redundant with fscrypt_setup_filename() or ubifs_new_inode(), and in the case of ubifs_link() it broke linking to special files. So remove the extra checks. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Richard Weinberger <richard@nod.at>
author: Eric Biggers <ebiggers@google.com> 2016-12-19 14:15:48 -0500
committer: Richard Weinberger <richard@nod.at> 2017-01-17 08:34:21 -0500
commit: 3d4b2fcbc980879a1385d5d7d17a4ffd0ee9aa1f (patch)
tree: 1128de57bca013516a3cdfc58cecca9ade73e9df /fs/ubifs
parent: a75467d910135905de60b3af3f11b3693625781e (diff)
1 files changed, 3 insertions, 55 deletions
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
index 1c5331ac9614..528369f3e472 100644
--- a/fs/ubifs/dir.c
+++ b/fs/ubifs/dir.c
@@ -390,16 +390,6 @@ static int do_tmpfile(struct inode *dir, struct dentry *dentry,
        dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
                dentry, mode, dir->i_ino);
-        if (ubifs_crypt_is_encrypted(dir)) {
-                err = fscrypt_get_encryption_info(dir);
-                if (err)
-                        return err;
-                if (!fscrypt_has_encryption_key(dir)) {
-                        return -EPERM;
-                }
-        }
        err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
        if (err)
                return err;
@@ -741,17 +731,9 @@ static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
        ubifs_assert(inode_is_locked(dir));
        ubifs_assert(inode_is_locked(inode));
-        if (ubifs_crypt_is_encrypted(dir)) {
+        if (ubifs_crypt_is_encrypted(dir) &&
-                if (!fscrypt_has_permitted_context(dir, inode))
+            !fscrypt_has_permitted_context(dir, inode))
-                        return -EPERM;
+                return -EPERM;
-                err = fscrypt_get_encryption_info(inode);
-                if (err)
-                        return err;
-                if (!fscrypt_has_encryption_key(inode))
-                        return -EPERM;
-        }
        err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
        if (err)
@@ -1000,17 +982,6 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
        if (err)
                return err;
-        if (ubifs_crypt_is_encrypted(dir)) {
-                err = fscrypt_get_encryption_info(dir);
-                if (err)
-                        goto out_budg;
-                if (!fscrypt_has_encryption_key(dir)) {
-                        err = -EPERM;
-                        goto out_budg;
-                }
-        }
        err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
        if (err)
                goto out_budg;
@@ -1096,17 +1067,6 @@ static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
                return err;
        }
-        if (ubifs_crypt_is_encrypted(dir)) {
-                err = fscrypt_get_encryption_info(dir);
-                if (err)
-                        goto out_budg;
-                if (!fscrypt_has_encryption_key(dir)) {
-                        err = -EPERM;
-                        goto out_budg;
-                }
-        }
        err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
        if (err)
                goto out_budg;
@@ -1231,18 +1191,6 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
                        goto out_inode;
                }
-                err = fscrypt_get_encryption_info(inode);
-                if (err) {
-                        kfree(sd);
-                        goto out_inode;
-                }
-                if (!fscrypt_has_encryption_key(inode)) {
-                        kfree(sd);
-                        err = -EPERM;
-                        goto out_inode;
-                }
                ostr.name = sd->encrypted_path;
                ostr.len = disk_link.len;
author	Eric Biggers <ebiggers@google.com>	2016-12-19 14:15:48 -0500
committer	Richard Weinberger <richard@nod.at>	2017-01-17 08:34:21 -0500
commit	3d4b2fcbc980879a1385d5d7d17a4ffd0ee9aa1f (patch)
tree	1128de57bca013516a3cdfc58cecca9ade73e9df /fs/ubifs
parent	a75467d910135905de60b3af3f11b3693625781e (diff)

diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index 1c5331ac9614..528369f3e472 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c
@@ -390,16 +390,6 @@ static int do_tmpfile(struct inode dir, struct dentry dentry,
390	dbg_gen("dent '%pd', mode %#hx in dir ino %lu",	390	dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
391	dentry, mode, dir->i_ino);	391	dentry, mode, dir->i_ino);
392		392
393	if (ubifs_crypt_is_encrypted(dir)) {
394	err = fscrypt_get_encryption_info(dir);
395	if (err)
396	return err;
397
398	if (!fscrypt_has_encryption_key(dir)) {
399	return -EPERM;
400	}
401	}
402
403	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);	393	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
404	if (err)	394	if (err)
405	return err;	395	return err;
@@ -741,17 +731,9 @@ static int ubifs_link(struct dentry old_dentry, struct inode dir,
741	ubifs_assert(inode_is_locked(dir));	731	ubifs_assert(inode_is_locked(dir));
742	ubifs_assert(inode_is_locked(inode));	732	ubifs_assert(inode_is_locked(inode));
743		733
744	if (ubifs_crypt_is_encrypted(dir)) {	734	if (ubifs_crypt_is_encrypted(dir) &&
745	if (!fscrypt_has_permitted_context(dir, inode))	735	!fscrypt_has_permitted_context(dir, inode))
746	return -EPERM;	736	return -EPERM;
747
748	err = fscrypt_get_encryption_info(inode);
749	if (err)
750	return err;
751
752	if (!fscrypt_has_encryption_key(inode))
753	return -EPERM;
754	}
755		737
756	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);	738	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
757	if (err)	739	if (err)
@@ -1000,17 +982,6 @@ static int ubifs_mkdir(struct inode dir, struct dentry dentry, umode_t mode)
1000	if (err)	982	if (err)
1001	return err;	983	return err;
1002		984
1003	if (ubifs_crypt_is_encrypted(dir)) {
1004	err = fscrypt_get_encryption_info(dir);
1005	if (err)
1006	goto out_budg;
1007
1008	if (!fscrypt_has_encryption_key(dir)) {
1009	err = -EPERM;
1010	goto out_budg;
1011	}
1012	}
1013
1014	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);	985	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1015	if (err)	986	if (err)
1016	goto out_budg;	987	goto out_budg;
@@ -1096,17 +1067,6 @@ static int ubifs_mknod(struct inode dir, struct dentry dentry,
1096	return err;	1067	return err;
1097	}	1068	}
1098		1069
1099	if (ubifs_crypt_is_encrypted(dir)) {
1100	err = fscrypt_get_encryption_info(dir);
1101	if (err)
1102	goto out_budg;
1103
1104	if (!fscrypt_has_encryption_key(dir)) {
1105	err = -EPERM;
1106	goto out_budg;
1107	}
1108	}
1109
1110	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);	1070	err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1111	if (err)	1071	if (err)
1112	goto out_budg;	1072	goto out_budg;
@@ -1231,18 +1191,6 @@ static int ubifs_symlink(struct inode dir, struct dentry dentry,
1231	goto out_inode;	1191	goto out_inode;
1232	}	1192	}
1233		1193
1234	err = fscrypt_get_encryption_info(inode);
1235	if (err) {
1236	kfree(sd);
1237	goto out_inode;
1238	}
1239
1240	if (!fscrypt_has_encryption_key(inode)) {
1241	kfree(sd);
1242	err = -EPERM;
1243	goto out_inode;
1244	}
1245
1246	ostr.name = sd->encrypted_path;	1194	ostr.name = sd->encrypted_path;
1247	ostr.len = disk_link.len;	1195	ostr.len = disk_link.len;
1248		1196