ext4 crypto: inherit encryption policies on inode and directory create

Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index acd79198b8006f1048626213d3dae443b824ebbb..77a63ff4aeb98d18094c0986121f980159d8e898 100644 (file)
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -2253,7 +2253,19 @@ retry:
                else
                        inode->i_fop = &ext4_file_operations;
                ext4_set_aops(inode);
-               err = ext4_add_nondir(handle, dentry, inode);
+               err = 0;
+#ifdef CONFIG_EXT4_FS_ENCRYPTION
+               if (!err && ext4_encrypted_inode(dir)) {
+                       err = ext4_inherit_context(dir, inode);
+                       if (err) {
+                               clear_nlink(inode);
+                               unlock_new_inode(inode);
+                               iput(inode);
+                       }
+               }
+#endif
+               if (!err)
+                       err = ext4_add_nondir(handle, dentry, inode);
                if (!err && IS_DIRSYNC(dir))
                        ext4_handle_sync(handle);
        }
@@ -2437,6 +2449,13 @@ retry:
        err = ext4_init_new_dir(handle, dir, inode);
        if (err)
                goto out_clear_inode;
+#ifdef CONFIG_EXT4_FS_ENCRYPTION
+       if (ext4_encrypted_inode(dir)) {
+               err = ext4_inherit_context(dir, inode);
+               if (err)
+                       goto out_clear_inode;
+       }
+#endif
        err = ext4_mark_inode_dirty(handle, inode);
        if (!err)
                err = ext4_add_entry(handle, dentry, inode);