[jaunty,Upstream] : eCryptfs: Handle unrecognized tag 3 cipher codes

Submitted by Surbhi Palande on Oct. 22, 2009, 8:43 p.m.

Details

Message ID 1256244229-26433-1-git-send-email-surbhi.palande@canonical.com
State Accepted
Headers show

Commit Message

Surbhi Palande Oct. 22, 2009, 8:43 p.m.
SRU  Justification: 
Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
directory ~/Private using Emacs.

Fix: The cherry picked patch with the upstream commit id
"b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
fix a cipher code was not recognized and as a result memory was not allocated
to some pointer. However this pointer was freed even when the allocation was
not done. This fix, prevents the freeing of memory when the cipher is not
recognised and memory is not allocated.

Testcase: The reporter of the bug, has verified that this patch has fixed this
bug for him.

Comments

Tim Gardner Oct. 22, 2009, 8:52 p.m.
Surbhi Palande wrote:
> SRU  Justification: 
> Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
> directory ~/Private using Emacs.
> 
> Fix: The cherry picked patch with the upstream commit id
> "b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
> fix a cipher code was not recognized and as a result memory was not allocated
> to some pointer. However this pointer was freed even when the allocation was
> not done. This fix, prevents the freeing of memory when the cipher is not
> recognised and memory is not allocated.
> 
> Testcase: The reporter of the bug, has verified that this patch has fixed this
> bug for him.
> 
> ===
> 
> From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
> From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> Date: Tue, 11 Aug 2009 00:36:32 -0500
> Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes
> 
> BugLink: https://bugs.launchpad.net/bugs/415252
> 
> Returns an error when an unrecognized cipher code is present in a tag 3
> packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
> crypt_stat->tfm error pointer to NULL to ensure that it will not be
> incorrectly freed in ecryptfs_destroy_crypt_stat().
> 
> Acked-by: Serge Hallyn <serue@us.ibm.com>
> Cc: ecryptfs-devel@lists.launchpad.net
> Cc: stable <stable@kernel.org>
> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> (cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
> Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>
> ---
>  fs/ecryptfs/crypto.c   |    1 +
>  fs/ecryptfs/keystore.c |   10 +++++++---
>  2 files changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index 8b65f28..bbf080b 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -814,6 +814,7 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
>  	kfree(full_alg_name);
>  	if (IS_ERR(crypt_stat->tfm)) {
>  		rc = PTR_ERR(crypt_stat->tfm);
> +		crypt_stat->tfm = NULL;
>  		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
>  				"Error initializing cipher [%s]\n",
>  				crypt_stat->cipher);
> diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
> index 37bcb43..b41af15 100644
> --- a/fs/ecryptfs/keystore.c
> +++ b/fs/ecryptfs/keystore.c
> @@ -1317,8 +1317,10 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		rc = -EINVAL;
>  		goto out_free;
>  	}
> -	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> -				       (u16)data[(*packet_size)]);
> +	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> +					    (u16)data[(*packet_size)]);
> +	if (rc)
> +		goto out_free;
>  	/* A little extra work to differentiate among the AES key
>  	 * sizes; see RFC2440 */
>  	switch(data[(*packet_size)++]) {
> @@ -1329,7 +1331,9 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		crypt_stat->key_size =
>  			(*new_auth_tok)->session_key.encrypted_key_size;
>  	}
> -	ecryptfs_init_crypt_ctx(crypt_stat);
> +	rc = ecryptfs_init_crypt_ctx(crypt_stat);
> +	if (rc)
> +		goto out_free;
>  	if (unlikely(data[(*packet_size)++] != 0x03)) {
>  		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
>  		rc = -ENOSYS;

ACK
John Johansen Oct. 22, 2009, 9:20 p.m.
Surbhi Palande wrote:
> SRU  Justification: 
> Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
> directory ~/Private using Emacs.
> 
> Fix: The cherry picked patch with the upstream commit id
> "b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
> fix a cipher code was not recognized and as a result memory was not allocated
> to some pointer. However this pointer was freed even when the allocation was
> not done. This fix, prevents the freeing of memory when the cipher is not
> recognised and memory is not allocated.
> 
> Testcase: The reporter of the bug, has verified that this patch has fixed this
> bug for him.
> 
> ===
> 
> From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
> From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> Date: Tue, 11 Aug 2009 00:36:32 -0500
> Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes
> 
> BugLink: https://bugs.launchpad.net/bugs/415252
> 
> Returns an error when an unrecognized cipher code is present in a tag 3
> packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
> crypt_stat->tfm error pointer to NULL to ensure that it will not be
> incorrectly freed in ecryptfs_destroy_crypt_stat().
> 
> Acked-by: Serge Hallyn <serue@us.ibm.com>
> Cc: ecryptfs-devel@lists.launchpad.net
> Cc: stable <stable@kernel.org>
> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> (cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
> Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>
> ---
>  fs/ecryptfs/crypto.c   |    1 +
>  fs/ecryptfs/keystore.c |   10 +++++++---
>  2 files changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index 8b65f28..bbf080b 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -814,6 +814,7 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
>  	kfree(full_alg_name);
>  	if (IS_ERR(crypt_stat->tfm)) {
>  		rc = PTR_ERR(crypt_stat->tfm);
> +		crypt_stat->tfm = NULL;
>  		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
>  				"Error initializing cipher [%s]\n",
>  				crypt_stat->cipher);
> diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
> index 37bcb43..b41af15 100644
> --- a/fs/ecryptfs/keystore.c
> +++ b/fs/ecryptfs/keystore.c
> @@ -1317,8 +1317,10 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		rc = -EINVAL;
>  		goto out_free;
>  	}
> -	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> -				       (u16)data[(*packet_size)]);
> +	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> +					    (u16)data[(*packet_size)]);
> +	if (rc)
> +		goto out_free;
>  	/* A little extra work to differentiate among the AES key
>  	 * sizes; see RFC2440 */
>  	switch(data[(*packet_size)++]) {
> @@ -1329,7 +1331,9 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		crypt_stat->key_size =
>  			(*new_auth_tok)->session_key.encrypted_key_size;
>  	}
> -	ecryptfs_init_crypt_ctx(crypt_stat);
> +	rc = ecryptfs_init_crypt_ctx(crypt_stat);
> +	if (rc)
> +		goto out_free;
>  	if (unlikely(data[(*packet_size)++] != 0x03)) {
>  		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
>  		rc = -ENOSYS;

ACK
Stefan Bader Oct. 22, 2009, 9:21 p.m.
Surbhi Palande wrote:
> SRU  Justification: 
> Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
> directory ~/Private using Emacs.
> 
> Fix: The cherry picked patch with the upstream commit id
> "b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
> fix a cipher code was not recognized and as a result memory was not allocated
> to some pointer. However this pointer was freed even when the allocation was
> not done. This fix, prevents the freeing of memory when the cipher is not
> recognised and memory is not allocated.
> 
> Testcase: The reporter of the bug, has verified that this patch has fixed this
> bug for him.
> 
> ===
> 
> From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
> From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> Date: Tue, 11 Aug 2009 00:36:32 -0500
> Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes
> 
> BugLink: https://bugs.launchpad.net/bugs/415252
> 
> Returns an error when an unrecognized cipher code is present in a tag 3
> packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
> crypt_stat->tfm error pointer to NULL to ensure that it will not be
> incorrectly freed in ecryptfs_destroy_crypt_stat().
> 
> Acked-by: Serge Hallyn <serue@us.ibm.com>
> Cc: ecryptfs-devel@lists.launchpad.net
> Cc: stable <stable@kernel.org>
> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> (cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
> Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>

Acked-by: Stefan Bader <stefan.bader@canonical.com>

> ---
>  fs/ecryptfs/crypto.c   |    1 +
>  fs/ecryptfs/keystore.c |   10 +++++++---
>  2 files changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index 8b65f28..bbf080b 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -814,6 +814,7 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
>  	kfree(full_alg_name);
>  	if (IS_ERR(crypt_stat->tfm)) {
>  		rc = PTR_ERR(crypt_stat->tfm);
> +		crypt_stat->tfm = NULL;
>  		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
>  				"Error initializing cipher [%s]\n",
>  				crypt_stat->cipher);
> diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
> index 37bcb43..b41af15 100644
> --- a/fs/ecryptfs/keystore.c
> +++ b/fs/ecryptfs/keystore.c
> @@ -1317,8 +1317,10 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		rc = -EINVAL;
>  		goto out_free;
>  	}
> -	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> -				       (u16)data[(*packet_size)]);
> +	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> +					    (u16)data[(*packet_size)]);
> +	if (rc)
> +		goto out_free;
>  	/* A little extra work to differentiate among the AES key
>  	 * sizes; see RFC2440 */
>  	switch(data[(*packet_size)++]) {
> @@ -1329,7 +1331,9 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		crypt_stat->key_size =
>  			(*new_auth_tok)->session_key.encrypted_key_size;
>  	}
> -	ecryptfs_init_crypt_ctx(crypt_stat);
> +	rc = ecryptfs_init_crypt_ctx(crypt_stat);
> +	if (rc)
> +		goto out_free;
>  	if (unlikely(data[(*packet_size)++] != 0x03)) {
>  		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
>  		rc = -ENOSYS;
Stefan Bader Oct. 24, 2009, 7:10 p.m.
Applied

Patch hide | download patch | download mbox

===

From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Date: Tue, 11 Aug 2009 00:36:32 -0500
Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes

BugLink: https://bugs.launchpad.net/bugs/415252

Returns an error when an unrecognized cipher code is present in a tag 3
packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
crypt_stat->tfm error pointer to NULL to ensure that it will not be
incorrectly freed in ecryptfs_destroy_crypt_stat().

Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: ecryptfs-devel@lists.launchpad.net
Cc: stable <stable@kernel.org>
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
(cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>
---
 fs/ecryptfs/crypto.c   |    1 +
 fs/ecryptfs/keystore.c |   10 +++++++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 8b65f28..bbf080b 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -814,6 +814,7 @@  int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
 	kfree(full_alg_name);
 	if (IS_ERR(crypt_stat->tfm)) {
 		rc = PTR_ERR(crypt_stat->tfm);
+		crypt_stat->tfm = NULL;
 		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
 				"Error initializing cipher [%s]\n",
 				crypt_stat->cipher);
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 37bcb43..b41af15 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -1317,8 +1317,10 @@  parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
 		rc = -EINVAL;
 		goto out_free;
 	}
-	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
-				       (u16)data[(*packet_size)]);
+	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
+					    (u16)data[(*packet_size)]);
+	if (rc)
+		goto out_free;
 	/* A little extra work to differentiate among the AES key
 	 * sizes; see RFC2440 */
 	switch(data[(*packet_size)++]) {
@@ -1329,7 +1331,9 @@  parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
 		crypt_stat->key_size =
 			(*new_auth_tok)->session_key.encrypted_key_size;
 	}
-	ecryptfs_init_crypt_ctx(crypt_stat);
+	rc = ecryptfs_init_crypt_ctx(crypt_stat);
+	if (rc)
+		goto out_free;
 	if (unlikely(data[(*packet_size)++] != 0x03)) {
 		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
 		rc = -ENOSYS;