fscrypt: new helper function - fscrypt_prepare_link()

Introduce a helper function which prepares to link an inode into a possibly-encrypted directory. It handles setting up the target directory's encryption key, then verifying that the link won't violate the constraint that all files in an encrypted directory tree use the same encryption policy. Acked-by: Dave Chinner <dchinner@redhat.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
author: Eric Biggers <ebiggers@google.com> 2017-10-09 12:15:41 -0700
committer: Theodore Ts'o <tytso@mit.edu> 2017-10-18 19:52:38 -0400
commit: 0ea87a9644ebb5c9a3b100585d10533366de3269 (patch)
tree: 3934cd8c3a6f16ecbabd3b2909dba12bfde6b4ce /fs/crypto
parent: efcc7ae2c9172d9a7ae94afdaf066a7abf0b9a90 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index 069088e91ea9..8b90217320dd 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -47,3 +47,18 @@ int fscrypt_file_open(struct inode *inode, struct file *filp)
 	return err;
 }
 EXPORT_SYMBOL_GPL(fscrypt_file_open);
+
+int __fscrypt_prepare_link(struct inode *inode, struct inode *dir)
+{
+	int err;
+
+	err = fscrypt_require_key(dir);
+	if (err)
+		return err;
+
+	if (!fscrypt_has_permitted_context(dir, inode))
+		return -EPERM;
+
+	return 0;
+}
+EXPORT_SYMBOL_GPL(__fscrypt_prepare_link);
author	Eric Biggers <ebiggers@google.com>	2017-10-09 12:15:41 -0700
committer	Theodore Ts'o <tytso@mit.edu>	2017-10-18 19:52:38 -0400
commit	0ea87a9644ebb5c9a3b100585d10533366de3269 (patch)
tree	3934cd8c3a6f16ecbabd3b2909dba12bfde6b4ce /fs/crypto
parent	efcc7ae2c9172d9a7ae94afdaf066a7abf0b9a90 (diff)