From patchwork Fri Dec 15 17:42:24 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 849323 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=65.50.211.133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="ApASXoRR"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=infradead.org header.i=@infradead.org header.b="sNOXyV2Q"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="eWoeLZa9"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3yyyjx1bQ9z9t2d for ; Sat, 16 Dec 2017 04:54:29 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=xp8zva6+h9X5dmK2NRJZeZ/34V0MiNyUqBDsGL4wrL0=; b=ApASXoRRORDRMcyLAn1c3cn95r EstmmKIKK0X/P8I+D90YQX+dP3hgdlMMvI/BtHxc/XSBfniS8rcAG5h/eX8fqF3k4P2zGif1WcPob pn2QUIDiiaCPGiIAf32+K7aaG5qvfqjPo7SV/08y1x0gLn3o7IDQkmiFUvWGtp23GMvTU3mdru6Xi z2dch59QB6XjI87sT0w5+T0Zk9C1wOuaC3JwPQ+vSI9wJ63SZr0EFb1yuwSDYIKSKA7buxjYnQGs3 jGka8QiZq/bLHu/x+DSEDjsx1vS7+DJYLaSVZVQP5FfngH1Iaa2Oxt2GtRI7QOntifmCoEevN6TfK oE9Kh1mg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1ePuBH-0006Ts-EL; Fri, 15 Dec 2017 17:53:55 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1ePu5B-0008OY-4X for linux-mtd@bombadil.infradead.org; Fri, 15 Dec 2017 17:47:37 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=References:In-Reply-To:Message-Id:Date: Subject:Cc:To:From:Sender:Reply-To:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=JAiOz/3QrE0rAodowH9PM2A5jkngLcjS2NkTU1O4YZ4=; b=sNOXyV2QRU1TsD/ZKt2VXUIfm MQ4COR4Q/Wa/+v6Lmfhda1GZJm4GaKCRlEooYkG0b+R8AKWGp7PBeLGYtx93oeD+3t7OIzT3PJ61N p/JIk3kgCA1Yq3oCnatv/W7+s4b0hpM7R7JLEMHLhVKikG+l/h8r9pjSufAmYaRtby1QRce5+PaBp 0gCbTFQC7UuVGJYw+Xf8qSGAG2U1JUV0IQVf/dqpLU5LLy0oHXqqYv69urBw/OE78U1wdbFSYlWET 72mhOws/7PUQZrCvoYUqjfU0ER+VngWiRH6ASCW+3hvwVccHx1O8QVzajhMr5l42nI+66wR3XjrRG iQjgbis/w==; Received: from mail-pg0-x243.google.com ([2607:f8b0:400e:c05::243]) by casper.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1ePu50-0004mV-LB for linux-mtd@lists.infradead.org; Fri, 15 Dec 2017 17:47:28 +0000 Received: by mail-pg0-x243.google.com with SMTP id o2so6251091pgc.8 for ; Fri, 15 Dec 2017 09:47:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=JAiOz/3QrE0rAodowH9PM2A5jkngLcjS2NkTU1O4YZ4=; b=eWoeLZa9c6SfB41X8dZixZ/a3uU42EGVlYmOPcPyTn+KN7+AYdIIbSCBmAWNPBBvkb LWwjzyc2JisEsc+GvRDwwI5dd40N0HvCZS78JS50IJZ0/xE9ah6mh0nNkfPxdBLus/Z3 Xyf/EaxZrP+L7dGCMZbXCXaDKvt+7xcHh5C+XIs07hZNX1tHCsb6rVedm0KaKGlfPIGE JzJxjxW/dBP+4Mj3/ioPHxIgQ5O/Mkix/PAC4QQPxpxfMPw4mQcpduokPZm1AHABAOwM nYCAFgOy18Bu3QCS/EhB7X3NiVUL1rRXn/tbxBL5h1BeVwgjw9KPGkjxTsZTeT6sImVw z+iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=JAiOz/3QrE0rAodowH9PM2A5jkngLcjS2NkTU1O4YZ4=; b=FVKtaNpDlXOqNY7SHIy9jPLy6MmN3cNEN+SS29ju9N6zpaZ2igR+v8Gw3lHpE07pz6 dIgxefwQRFZ4Clf8GdJho9JDdhmWCOnxuQsFZBp0zQLBWARhB6o/mqdZqvekGyTGVh26 JmfqByipMgXQC3sbWbTYnOFWR1nfHXUN++2S+m/sL9NZLMa+ZaGoOQdOnq15g61R82Sj X5Gnq8iuhafPObUSC3cBS2NZan6MvkD+Rn9KoYwh5KfyYf3K87D0lK5xO1OBNn7OrfQu Tdgs39+Zcy/wzP98U0Quepc/Y9awGXGZ6E4PnNOr6eRnCHyyw8I/SqaHOr5W3bL+k67d Ue+A== X-Gm-Message-State: AKGB3mKJCO0YQ9kGQ+JI4CQtvwx1pkipsUjLxCe3kZ04i4UGIN3LLDc0 tmvgC7dOmAuPa65DpEW8VdA= X-Google-Smtp-Source: ACJfBosJRXoFf0k3qNUOpKOQ9CAVMIMoGggA1RVvbWxMBJth3zm6konHDQpq1CuY37JxOvV+9qTYiQ== X-Received: by 10.84.242.69 with SMTP id c5mr14022880pll.73.1513360023980; Fri, 15 Dec 2017 09:47:03 -0800 (PST) Received: from zzz.localdomain (c-67-185-97-198.hsd1.wa.comcast.net. [67.185.97.198]) by smtp.gmail.com with ESMTPSA id j62sm12980149pfc.18.2017.12.15.09.47.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 15 Dec 2017 09:47:03 -0800 (PST) From: Eric Biggers To: linux-fscrypt@vger.kernel.org Subject: [PATCH 23/24] fscrypt: fix up fscrypt_fname_encrypted_size() for internal use Date: Fri, 15 Dec 2017 09:42:24 -0800 Message-Id: <20171215174225.31583-24-ebiggers3@gmail.com> X-Mailer: git-send-email 2.15.1 In-Reply-To: <20171215174225.31583-1-ebiggers3@gmail.com> References: <20171215174225.31583-1-ebiggers3@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20171215_174726_843860_DB0A4950 X-CRM114-Status: GOOD ( 17.59 ) X-Spam-Score: -1.8 (-) X-Spam-Report: SpamAssassin version 3.4.1 on casper.infradead.org summary: Content analysis details: (-1.8 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400e:c05:0:0:0:243 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (ebiggers3[at]gmail.com) 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (ebiggers3[at]gmail.com) -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Theodore Y . Ts'o" , Eric Biggers , linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , linux-ext4@vger.kernel.org MIME-Version: 1.0 Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Eric Biggers Filesystems don't need fscrypt_fname_encrypted_size() anymore, so unexport it and move it to fscrypt_private.h. We also never calculate the encrypted size of a filename without having the fscrypt_info present since it is needed to know the amount of NUL-padding which is determined by the encryption policy, and also we will always truncate the NUL-padding to the maximum filename length. Therefore, also make fscrypt_fname_encrypted_size() assume that the fscrypt_info is present, and make it truncate the returned length to the specified max_len. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 31 +++++++++++++++---------------- fs/crypto/fscrypt_private.h | 3 +++ fs/crypto/hooks.c | 10 +++++----- include/linux/fscrypt_notsupp.h | 8 -------- include/linux/fscrypt_supp.h | 1 - 5 files changed, 23 insertions(+), 30 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 44ddd094b7c5..e33f3d3c5ade 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -191,17 +191,20 @@ static int digest_decode(const char *src, int len, char *dst) return cp - dst; } -u32 fscrypt_fname_encrypted_size(const struct inode *inode, u32 ilen) +bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len, + u32 max_len, u32 *encrypted_len_ret) { - int padding = 32; - struct fscrypt_info *ci = inode->i_crypt_info; - - if (ci) - padding = 4 << (ci->ci_flags & FS_POLICY_FLAGS_PAD_MASK); - ilen = max(ilen, (u32)FS_CRYPTO_BLOCK_SIZE); - return round_up(ilen, padding); + int padding = 4 << (inode->i_crypt_info->ci_flags & + FS_POLICY_FLAGS_PAD_MASK); + u32 encrypted_len; + + if (orig_len > max_len) + return false; + encrypted_len = max(orig_len, (u32)FS_CRYPTO_BLOCK_SIZE); + encrypted_len = round_up(encrypted_len, padding); + *encrypted_len_ret = min(encrypted_len, max_len); + return true; } -EXPORT_SYMBOL(fscrypt_fname_encrypted_size); /** * fscrypt_fname_alloc_buffer - allocate a buffer for presented filenames @@ -342,14 +345,10 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname, return ret; if (dir->i_crypt_info) { - unsigned int max_len = dir->i_sb->s_cop->max_namelen(dir); - - if (iname->len > max_len) + if (!fscrypt_fname_encrypted_size(dir, iname->len, + dir->i_sb->s_cop->max_namelen(dir), + &fname->crypto_buf.len)) return -ENAMETOOLONG; - - fname->crypto_buf.len = - min(fscrypt_fname_encrypted_size(dir, iname->len), - max_len); fname->crypto_buf.name = kmalloc(fname->crypto_buf.len, GFP_NOFS); if (!fname->crypto_buf.name) diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 053917587200..ad6722bae8b7 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -110,6 +110,9 @@ extern struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx, /* fname.c */ extern int fname_encrypt(struct inode *inode, const struct qstr *iname, u8 *out, unsigned int olen); +extern bool fscrypt_fname_encrypted_size(const struct inode *inode, + u32 orig_len, u32 max_len, + u32 *encrypted_len_ret); /* keyinfo.c */ extern void __exit fscrypt_essiv_cleanup(void); diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c index ff20cacdea94..3e84d92215a1 100644 --- a/fs/crypto/hooks.c +++ b/fs/crypto/hooks.c @@ -139,12 +139,12 @@ int __fscrypt_prepare_symlink(struct inode *dir, unsigned int len, * counting it (even though it is meaningless for ciphertext) is simpler * for now since filesystems will assume it is there and subtract it. */ - if (sizeof(struct fscrypt_symlink_data) + len > max_len) + if (!fscrypt_fname_encrypted_size(dir, len, + max_len - sizeof(struct fscrypt_symlink_data), + &disk_link->len)) return -ENAMETOOLONG; - disk_link->len = min_t(unsigned int, - sizeof(struct fscrypt_symlink_data) + - fscrypt_fname_encrypted_size(dir, len), - max_len); + disk_link->len += sizeof(struct fscrypt_symlink_data); + disk_link->name = NULL; return 0; } diff --git a/include/linux/fscrypt_notsupp.h b/include/linux/fscrypt_notsupp.h index c9592e307df5..342eb97e0476 100644 --- a/include/linux/fscrypt_notsupp.h +++ b/include/linux/fscrypt_notsupp.h @@ -131,14 +131,6 @@ static inline void fscrypt_free_filename(struct fscrypt_name *fname) return; } -static inline u32 fscrypt_fname_encrypted_size(const struct inode *inode, - u32 ilen) -{ - /* never happens */ - WARN_ON(1); - return 0; -} - static inline int fscrypt_fname_alloc_buffer(const struct inode *inode, u32 max_encrypted_len, struct fscrypt_str *crypto_str) diff --git a/include/linux/fscrypt_supp.h b/include/linux/fscrypt_supp.h index e00191deb0d6..2dd5767c77b0 100644 --- a/include/linux/fscrypt_supp.h +++ b/include/linux/fscrypt_supp.h @@ -107,7 +107,6 @@ static inline void fscrypt_free_filename(struct fscrypt_name *fname) kfree(fname->crypto_buf.name); } -extern u32 fscrypt_fname_encrypted_size(const struct inode *, u32); extern int fscrypt_fname_alloc_buffer(const struct inode *, u32, struct fscrypt_str *); extern void fscrypt_fname_free_buffer(struct fscrypt_str *);