ceph: set DCACHE_NOKEY_NAME in atomic open

Atomic open can act as a lookup if handed a dentry that is negative on
the MDS. Ensure that we set DCACHE_NOKEY_NAME on the dentry in
atomic_open, if we don't have the key for the parent. Otherwise, we can
end up validating the dentry inappropriately if someone later adds a
key.

Reviewed-by: Luís Henriques <lhenriques@suse.de>
Reviewed-by: Xiubo Li <xiubli@redhat.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index d6a244a239c75cfbf656fecc214150723a5b9f4d..04a2cc39da2d4b8bc43914bc39a779bf8d8cee8d 100644 (file)
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -779,6 +779,13 @@ retry:
        req->r_args.open.mask = cpu_to_le32(mask);
        req->r_parent = dir;
        ihold(dir);
+       if (IS_ENCRYPTED(dir)) {
+               if (!fscrypt_has_encryption_key(dir)) {
+                       spin_lock(&dentry->d_lock);
+                       dentry->d_flags |= DCACHE_NOKEY_NAME;
+                       spin_unlock(&dentry->d_lock);
+               }
+       }
 
        if (flags & O_CREAT) {
                struct ceph_file_layout lo;