summaryrefslogtreecommitdiff
path: root/fs/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'fs/crypto')
-rw-r--r--fs/crypto/policy.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
index 0f9961eed..f96547f83 100644
--- a/fs/crypto/policy.c
+++ b/fs/crypto/policy.c
@@ -95,10 +95,15 @@ static int create_encryption_context_from_policy(struct inode *inode,
int fscrypt_process_policy(struct inode *inode,
const struct fscrypt_policy *policy)
{
+ if (!inode_owner_or_capable(inode))
+ return -EACCES;
+
if (policy->version != 0)
return -EINVAL;
if (!inode_has_encryption_context(inode)) {
+ if (!S_ISDIR(inode->i_mode))
+ return -EINVAL;
if (!inode->i_sb->s_cop->empty_dir)
return -EOPNOTSUPP;
if (!inode->i_sb->s_cop->empty_dir(inode))