fscrypt allows renaming an encrypted file from an encrypted directory
into an unencrypted directory. But it leaves the file encrypted,
sitting in an unencrypted directory, which can lead to unexpected
issues.
So just prevent this kind of rename, and adapt sanity-sec test_47
accordingly.
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I38e17caa4786c1c8d80a363a826a5aa298eb0980
Reviewed-on: https://review.whamcloud.com/43404
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: James Simmons <jsimmons@infradead.org>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
#endif
if (err)
RETURN(err);
+ /* we prevent an encrypted file from being renamed
+ * into an unencrypted dir
+ */
+ if (IS_ENCRYPTED(src) && !IS_ENCRYPTED(tgt))
+ RETURN(-EXDEV);
if (src_dchild->d_inode)
mode = src_dchild->d_inode->i_mode;
(pattr->la_projid != tpattr->la_projid)))
RETURN(-EXDEV);
+ /* we prevent an encrypted file from being renamed
+ * into an unencrypted dir
+ */
+ if ((cattr->la_valid & LA_FLAGS &&
+ cattr->la_flags & LUSTRE_ENCRYPT_FL) &&
+ !(tpattr->la_valid & LA_FLAGS &&
+ tpattr->la_flags & LUSTRE_ENCRYPT_FL))
+ RETURN(-EXDEV);
+
rc = mdd_may_delete(env, src_pobj, pattr, sobj, cattr, NULL, 1, 0);
if (rc)
RETURN(rc);
error "link from encrypted to unencrypted dir should succeed"
rm -f $tmpfile
- mrename $testfile2 $tmpfile ||
- error "rename from encrypted to unencrypted dir should succeed"
+ mrename $testfile2 $tmpfile &&
+ error "rename from encrypted to unencrypted dir should fail"
+ touch $tmpfile
dd if=/dev/zero of=$testfile bs=512K count=1
mkdir $DIR/$tdir/mydir