From: Hongjie Fang hongjiefang@asrmicro.com

commit 5858bdad4d0d0fc18bf29f34c3ac836e0b59441f upstream. [Please apply to 4.4-stable.]

The directory may have been removed when entering fscrypt_ioctl_set_policy(). If so, the empty_dir() check will return error for ext4 file system.

ext4_rmdir() sets i_size = 0, then ext4_empty_dir() reports an error because 'inode->i_size < EXT4_DIR_REC_LEN(1) + EXT4_DIR_REC_LEN(2)'. If the fs is mounted with errors=panic, it will trigger a panic issue.

Add the check IS_DEADDIR() to fix this problem.

Fixes: 9bd8212f981e ("ext4 crypto: add encryption policy and password salt support") Cc: stable@vger.kernel.org # v4.1+ Signed-off-by: Hongjie Fang hongjiefang@asrmicro.com Signed-off-by: Eric Biggers ebiggers@google.com --- fs/ext4/crypto_policy.c | 2 ++ fs/f2fs/crypto_policy.c | 2 ++ 2 files changed, 4 insertions(+)

diff --git a/fs/ext4/crypto_policy.c b/fs/ext4/crypto_policy.c index e4f4fc4e56abee..77bd7bfb632913 100644 --- a/fs/ext4/crypto_policy.c +++ b/fs/ext4/crypto_policy.c @@ -111,6 +111,8 @@ int ext4_process_policy(const struct ext4_encryption_policy *policy, if (!ext4_inode_has_encryption_context(inode)) { if (!S_ISDIR(inode->i_mode)) return -EINVAL; + if (IS_DEADDIR(inode)) + return -ENOENT; if (!ext4_empty_dir(inode)) return -ENOTEMPTY; return ext4_create_encryption_context_from_policy(inode, diff --git a/fs/f2fs/crypto_policy.c b/fs/f2fs/crypto_policy.c index 884f3f0fe29d32..613ca32ec24887 100644 --- a/fs/f2fs/crypto_policy.c +++ b/fs/f2fs/crypto_policy.c @@ -99,6 +99,8 @@ int f2fs_process_policy(const struct f2fs_encryption_policy *policy, return -EINVAL;

if (!f2fs_inode_has_encryption_context(inode)) { + if (IS_DEADDIR(inode)) + return -ENOENT; if (!f2fs_empty_dir(inode)) return -ENOTEMPTY; return f2fs_create_encryption_context_from_policy(inode,