Strona główna Odkrywaj Pomoc
Zaloguj się
GfA
/
linux_kernel
5
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

ext4 crypto: replace some BUG_ON()'s with error checks

Buggy (or hostile) userspace should not be able to cause the kernel to
crash.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Theodore Ts'o 10 lat temu
rodzic
3684de8ca2
commit
687c3c36e7
4 zmienionych plików z 15 dodań i 7 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 0 1
      fs/ext4/crypto.c
  2. 0 2
      fs/ext4/crypto_fname.c
  3. 13 3
      fs/ext4/crypto_key.c
  4. 2 1
      fs/ext4/crypto_policy.c

+ 0 - 1
fs/ext4/crypto.c
Wyświetl plik 

@@ -295,7 +295,6 @@ static int ext4_page_crypto(struct inode *inode,
 
 	else
 
 		res = crypto_ablkcipher_encrypt(req);
 
 	if (res == -EINPROGRESS || res == -EBUSY) {
 
-		BUG_ON(req->base.data != &ecr);
 
 		wait_for_completion(&ecr.completion);
 
 		res = ecr.res;
 
 	}

+ 0 - 2
fs/ext4/crypto_fname.c
Wyświetl plik 

@@ -120,7 +120,6 @@ static int ext4_fname_encrypt(struct inode *inode,
 
 	ablkcipher_request_set_crypt(req, &src_sg, &dst_sg, ciphertext_len, iv);
 
 	res = crypto_ablkcipher_encrypt(req);
 
 	if (res == -EINPROGRESS || res == -EBUSY) {
 
-		BUG_ON(req->base.data != &ecr);
 
 		wait_for_completion(&ecr.completion);
 
 		res = ecr.res;
 
 	}
 
@@ -182,7 +181,6 @@ static int ext4_fname_decrypt(struct inode *inode,
 
 	ablkcipher_request_set_crypt(req, &src_sg, &dst_sg, iname->len, iv);
 
 	res = crypto_ablkcipher_decrypt(req);
 
 	if (res == -EINPROGRESS || res == -EBUSY) {
 
-		BUG_ON(req->base.data != &ecr);
 
 		wait_for_completion(&ecr.completion);
 
 		res = ecr.res;
 
 	}

+ 13 - 3
fs/ext4/crypto_key.c
Wyświetl plik 

@@ -71,7 +71,6 @@ static int ext4_derive_key_aes(char deriving_key[EXT4_AES_128_ECB_KEY_SIZE],
 
 				     EXT4_AES_256_XTS_KEY_SIZE, NULL);
 
 	res = crypto_ablkcipher_encrypt(req);
 
 	if (res == -EINPROGRESS || res == -EBUSY) {
 
-		BUG_ON(req->base.data != &ecr);
 
 		wait_for_completion(&ecr.completion);
 
 		res = ecr.res;
 
 	}
 
@@ -208,7 +207,12 @@ retry:
 
 		goto out;
 
 	}
 
 	crypt_info->ci_keyring_key = keyring_key;
 
-	BUG_ON(keyring_key->type != &key_type_logon);
 
+	if (keyring_key->type != &key_type_logon) {
 
+		printk_once(KERN_WARNING
 
+			    "ext4: key type must be logon\n");
 
+		res = -ENOKEY;
 
+		goto out;
 
+	}
 
 	ukp = ((struct user_key_payload *)keyring_key->payload.data);
 
 	if (ukp->datalen != sizeof(struct ext4_encryption_key)) {
 
 		res = -EINVAL;
 
@@ -217,7 +221,13 @@ retry:
 
 	master_key = (struct ext4_encryption_key *)ukp->data;
 
 	BUILD_BUG_ON(EXT4_AES_128_ECB_KEY_SIZE !=
 
 		     EXT4_KEY_DERIVATION_NONCE_SIZE);
 
-	BUG_ON(master_key->size != EXT4_AES_256_XTS_KEY_SIZE);
 
+	if (master_key->size != EXT4_AES_256_XTS_KEY_SIZE) {
 
+		printk_once(KERN_WARNING
 
+			    "ext4: key size incorrect: %d\n",
 
+			    master_key->size);
 
+		res = -ENOKEY;
 
+		goto out;
 
+	}
 
 	res = ext4_derive_key_aes(ctx.nonce, master_key->raw,
 
 				  raw_key);
 
 	if (res)

+ 2 - 1
fs/ext4/crypto_policy.c
Wyświetl plik 

@@ -150,7 +150,8 @@ int ext4_is_child_context_consistent_with_parent(struct inode *parent,
 
 
 	if ((parent == NULL) || (child == NULL)) {
 
 		pr_err("parent %p child %p\n", parent, child);
 
-		BUG_ON(1);
 
+		WARN_ON(1);	/* Should never happen */
 
+		return 0;
 
 	}
 
 	/* no restrictions if the parent directory is not encrypted */
 
 	if (!ext4_encrypted_inode(parent))