Patchwork [jaunty,Upstream] : eCryptfs: Handle unrecognized tag 3 cipher codes

login
register
mail settings
Submitter Surbhi Palande
Date Oct. 22, 2009, 8:43 p.m.
Message ID <1256244229-26433-1-git-send-email-surbhi.palande@canonical.com>
Download mbox | patch
Permalink /patch/36744/
State Accepted
Headers show

Comments

Surbhi Palande - Oct. 22, 2009, 8:43 p.m.
SRU  Justification: 
Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
directory ~/Private using Emacs.

Fix: The cherry picked patch with the upstream commit id
"b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
fix a cipher code was not recognized and as a result memory was not allocated
to some pointer. However this pointer was freed even when the allocation was
not done. This fix, prevents the freeing of memory when the cipher is not
recognised and memory is not allocated.

Testcase: The reporter of the bug, has verified that this patch has fixed this
bug for him.
Tim Gardner - Oct. 22, 2009, 8:52 p.m.
Surbhi Palande wrote:
> SRU  Justification: 
> Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
> directory ~/Private using Emacs.
> 
> Fix: The cherry picked patch with the upstream commit id
> "b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
> fix a cipher code was not recognized and as a result memory was not allocated
> to some pointer. However this pointer was freed even when the allocation was
> not done. This fix, prevents the freeing of memory when the cipher is not
> recognised and memory is not allocated.
> 
> Testcase: The reporter of the bug, has verified that this patch has fixed this
> bug for him.
> 
> ===
> 
> From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
> From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> Date: Tue, 11 Aug 2009 00:36:32 -0500
> Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes
> 
> BugLink: https://bugs.launchpad.net/bugs/415252
> 
> Returns an error when an unrecognized cipher code is present in a tag 3
> packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
> crypt_stat->tfm error pointer to NULL to ensure that it will not be
> incorrectly freed in ecryptfs_destroy_crypt_stat().
> 
> Acked-by: Serge Hallyn <serue@us.ibm.com>
> Cc: ecryptfs-devel@lists.launchpad.net
> Cc: stable <stable@kernel.org>
> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> (cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
> Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>
> ---
>  fs/ecryptfs/crypto.c   |    1 +
>  fs/ecryptfs/keystore.c |   10 +++++++---
>  2 files changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index 8b65f28..bbf080b 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -814,6 +814,7 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
>  	kfree(full_alg_name);
>  	if (IS_ERR(crypt_stat->tfm)) {
>  		rc = PTR_ERR(crypt_stat->tfm);
> +		crypt_stat->tfm = NULL;
>  		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
>  				"Error initializing cipher [%s]\n",
>  				crypt_stat->cipher);
> diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
> index 37bcb43..b41af15 100644
> --- a/fs/ecryptfs/keystore.c
> +++ b/fs/ecryptfs/keystore.c
> @@ -1317,8 +1317,10 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		rc = -EINVAL;
>  		goto out_free;
>  	}
> -	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> -				       (u16)data[(*packet_size)]);
> +	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> +					    (u16)data[(*packet_size)]);
> +	if (rc)
> +		goto out_free;
>  	/* A little extra work to differentiate among the AES key
>  	 * sizes; see RFC2440 */
>  	switch(data[(*packet_size)++]) {
> @@ -1329,7 +1331,9 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		crypt_stat->key_size =
>  			(*new_auth_tok)->session_key.encrypted_key_size;
>  	}
> -	ecryptfs_init_crypt_ctx(crypt_stat);
> +	rc = ecryptfs_init_crypt_ctx(crypt_stat);
> +	if (rc)
> +		goto out_free;
>  	if (unlikely(data[(*packet_size)++] != 0x03)) {
>  		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
>  		rc = -ENOSYS;

ACK
John Johansen - Oct. 22, 2009, 9:20 p.m.
Surbhi Palande wrote:
> SRU  Justification: 
> Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
> directory ~/Private using Emacs.
> 
> Fix: The cherry picked patch with the upstream commit id
> "b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
> fix a cipher code was not recognized and as a result memory was not allocated
> to some pointer. However this pointer was freed even when the allocation was
> not done. This fix, prevents the freeing of memory when the cipher is not
> recognised and memory is not allocated.
> 
> Testcase: The reporter of the bug, has verified that this patch has fixed this
> bug for him.
> 
> ===
> 
> From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
> From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> Date: Tue, 11 Aug 2009 00:36:32 -0500
> Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes
> 
> BugLink: https://bugs.launchpad.net/bugs/415252
> 
> Returns an error when an unrecognized cipher code is present in a tag 3
> packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
> crypt_stat->tfm error pointer to NULL to ensure that it will not be
> incorrectly freed in ecryptfs_destroy_crypt_stat().
> 
> Acked-by: Serge Hallyn <serue@us.ibm.com>
> Cc: ecryptfs-devel@lists.launchpad.net
> Cc: stable <stable@kernel.org>
> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> (cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
> Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>
> ---
>  fs/ecryptfs/crypto.c   |    1 +
>  fs/ecryptfs/keystore.c |   10 +++++++---
>  2 files changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index 8b65f28..bbf080b 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -814,6 +814,7 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
>  	kfree(full_alg_name);
>  	if (IS_ERR(crypt_stat->tfm)) {
>  		rc = PTR_ERR(crypt_stat->tfm);
> +		crypt_stat->tfm = NULL;
>  		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
>  				"Error initializing cipher [%s]\n",
>  				crypt_stat->cipher);
> diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
> index 37bcb43..b41af15 100644
> --- a/fs/ecryptfs/keystore.c
> +++ b/fs/ecryptfs/keystore.c
> @@ -1317,8 +1317,10 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		rc = -EINVAL;
>  		goto out_free;
>  	}
> -	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> -				       (u16)data[(*packet_size)]);
> +	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> +					    (u16)data[(*packet_size)]);
> +	if (rc)
> +		goto out_free;
>  	/* A little extra work to differentiate among the AES key
>  	 * sizes; see RFC2440 */
>  	switch(data[(*packet_size)++]) {
> @@ -1329,7 +1331,9 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		crypt_stat->key_size =
>  			(*new_auth_tok)->session_key.encrypted_key_size;
>  	}
> -	ecryptfs_init_crypt_ctx(crypt_stat);
> +	rc = ecryptfs_init_crypt_ctx(crypt_stat);
> +	if (rc)
> +		goto out_free;
>  	if (unlikely(data[(*packet_size)++] != 0x03)) {
>  		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
>  		rc = -ENOSYS;

ACK
Stefan Bader - Oct. 22, 2009, 9:21 p.m.
Surbhi Palande wrote:
> SRU  Justification: 
> Impact:  Bug in the Ecryptfs disallowed saving the file under the ecryptfs
> directory ~/Private using Emacs.
> 
> Fix: The cherry picked patch with the upstream commit id
> "b0105eaefa7cce8f4a941d0fc6354b250d30e745" fixed this bug. Previous to this
> fix a cipher code was not recognized and as a result memory was not allocated
> to some pointer. However this pointer was freed even when the allocation was
> not done. This fix, prevents the freeing of memory when the cipher is not
> recognised and memory is not allocated.
> 
> Testcase: The reporter of the bug, has verified that this patch has fixed this
> bug for him.
> 
> ===
> 
> From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
> From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> Date: Tue, 11 Aug 2009 00:36:32 -0500
> Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes
> 
> BugLink: https://bugs.launchpad.net/bugs/415252
> 
> Returns an error when an unrecognized cipher code is present in a tag 3
> packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
> crypt_stat->tfm error pointer to NULL to ensure that it will not be
> incorrectly freed in ecryptfs_destroy_crypt_stat().
> 
> Acked-by: Serge Hallyn <serue@us.ibm.com>
> Cc: ecryptfs-devel@lists.launchpad.net
> Cc: stable <stable@kernel.org>
> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
> (cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
> Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>

Acked-by: Stefan Bader <stefan.bader@canonical.com>

> ---
>  fs/ecryptfs/crypto.c   |    1 +
>  fs/ecryptfs/keystore.c |   10 +++++++---
>  2 files changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index 8b65f28..bbf080b 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -814,6 +814,7 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
>  	kfree(full_alg_name);
>  	if (IS_ERR(crypt_stat->tfm)) {
>  		rc = PTR_ERR(crypt_stat->tfm);
> +		crypt_stat->tfm = NULL;
>  		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
>  				"Error initializing cipher [%s]\n",
>  				crypt_stat->cipher);
> diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
> index 37bcb43..b41af15 100644
> --- a/fs/ecryptfs/keystore.c
> +++ b/fs/ecryptfs/keystore.c
> @@ -1317,8 +1317,10 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		rc = -EINVAL;
>  		goto out_free;
>  	}
> -	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> -				       (u16)data[(*packet_size)]);
> +	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
> +					    (u16)data[(*packet_size)]);
> +	if (rc)
> +		goto out_free;
>  	/* A little extra work to differentiate among the AES key
>  	 * sizes; see RFC2440 */
>  	switch(data[(*packet_size)++]) {
> @@ -1329,7 +1331,9 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
>  		crypt_stat->key_size =
>  			(*new_auth_tok)->session_key.encrypted_key_size;
>  	}
> -	ecryptfs_init_crypt_ctx(crypt_stat);
> +	rc = ecryptfs_init_crypt_ctx(crypt_stat);
> +	if (rc)
> +		goto out_free;
>  	if (unlikely(data[(*packet_size)++] != 0x03)) {
>  		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
>  		rc = -ENOSYS;
Stefan Bader - Oct. 24, 2009, 7:10 p.m.
Applied

Patch

===

From d2504c185b312650445d95d2cfeac80309af237a Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Date: Tue, 11 Aug 2009 00:36:32 -0500
Subject: [PATCH] [jaunty] [Upstream]: eCryptfs: Handle unrecognized tag 3 cipher codes

BugLink: https://bugs.launchpad.net/bugs/415252

Returns an error when an unrecognized cipher code is present in a tag 3
packet or an ecryptfs_crypt_stat cannot be initialized.  Also sets an
crypt_stat->tfm error pointer to NULL to ensure that it will not be
incorrectly freed in ecryptfs_destroy_crypt_stat().

Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: ecryptfs-devel@lists.launchpad.net
Cc: stable <stable@kernel.org>
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
(cherry picked from commit b0105eaefa7cce8f4a941d0fc6354b250d30e745)
Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>
---
 fs/ecryptfs/crypto.c   |    1 +
 fs/ecryptfs/keystore.c |   10 +++++++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 8b65f28..bbf080b 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -814,6 +814,7 @@  int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
 	kfree(full_alg_name);
 	if (IS_ERR(crypt_stat->tfm)) {
 		rc = PTR_ERR(crypt_stat->tfm);
+		crypt_stat->tfm = NULL;
 		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
 				"Error initializing cipher [%s]\n",
 				crypt_stat->cipher);
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 37bcb43..b41af15 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -1317,8 +1317,10 @@  parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
 		rc = -EINVAL;
 		goto out_free;
 	}
-	ecryptfs_cipher_code_to_string(crypt_stat->cipher,
-				       (u16)data[(*packet_size)]);
+	rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
+					    (u16)data[(*packet_size)]);
+	if (rc)
+		goto out_free;
 	/* A little extra work to differentiate among the AES key
 	 * sizes; see RFC2440 */
 	switch(data[(*packet_size)++]) {
@@ -1329,7 +1331,9 @@  parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
 		crypt_stat->key_size =
 			(*new_auth_tok)->session_key.encrypted_key_size;
 	}
-	ecryptfs_init_crypt_ctx(crypt_stat);
+	rc = ecryptfs_init_crypt_ctx(crypt_stat);
+	if (rc)
+		goto out_free;
 	if (unlikely(data[(*packet_size)++] != 0x03)) {
 		printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
 		rc = -ENOSYS;