From patchwork Fri Mar 23 19:23:45 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890158 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="jnQiA/nY"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDM37P1z9s0w for ; Sat, 24 Mar 2018 06:31:15 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752526AbeCWTbO (ORCPT ); Fri, 23 Mar 2018 15:31:14 -0400 Received: from mail-pl0-f66.google.com ([209.85.160.66]:40946 "EHLO mail-pl0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752310AbeCWTbN (ORCPT ); Fri, 23 Mar 2018 15:31:13 -0400 Received: by mail-pl0-f66.google.com with SMTP id x4-v6so8024824pln.7; Fri, 23 Mar 2018 12:31:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=vr8GmxXpgLmA5C0Dl9ItuF3rRnLnihEwvnBXxb8oKI8=; b=jnQiA/nYsUh8iRdj5aS2b25f+oOiQhirn6T4onS1puUi6KjLPRk+LWrJPwuVAjeKg5 qAtXSL3wZJ5KIEYhYRDYAg1QeQGgTnI44OECBdUb98SYWi1KrlKGXax2/WAqA5Cq2qpx K2lpDGeV690isMqpzREfYKcMpTnwlblTt+WK1F/xE1qrSBDN9mo0/nPsSGDNDHRIZuc4 +IvEQxG+fQAfR2RH0z9YZ97ndCQWG7NetdpmPngt5Q+rZYwNVw4glU0SUaDxZ9y3MSmE /v22P6YhYPtQsAEKemNffKu5dxQL6/nZnMMGxspS+TVNal5sQH7BpYID9lp3cnabfi5d aKDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=vr8GmxXpgLmA5C0Dl9ItuF3rRnLnihEwvnBXxb8oKI8=; b=iLYL/iCVNhZm9RySwtSCle+2T9+eMu6mkbjbBYoA9OxJ1jGtcnN7X55JHGywiErbwn hSSBpkFOZelTi3yCFNKKcbNFvUVvVC3DgrwO0S4OsJ2kgC9t0tfG6cydJAT9zUsRRDiB u/I0iQyaE/NeHjVTfGHR/cyDrqf+2979CYbhElV7v6n7Kw9DwFszz+WCdYq7WUE2baSb 1h1ldkIHnY+ZpFyxWsrb0Mvc0H0crKXnS96TMTA1itQdmzJ/j0Ca8q8v70IkyYF1mEiE rAqvxbPwByvw6B6RWJeyEiXU14V7L6VchHzxSuwmWLeLVNQpO8khocXuYk360r15pnWL pMyw== X-Gm-Message-State: AElRT7F6Nl6GHCCx0bcOdr0dgbSlEKsbLekkC8YjdnhpNMKR0c604K3k MYXAZCZ+8Rlh0L6MGwUn+2iUDV4j X-Google-Smtp-Source: AG47ELsaDevUFZdCzyE7Et8C6oJdSrKUx5GJBllIixQRXhBvsPE2g6CUwGZv9hz8sDCXzhPw1MOA2w== X-Received: by 2002:a17:902:b703:: with SMTP id d3-v6mr30193262pls.209.1521833473020; Fri, 23 Mar 2018 12:31:13 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:12 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 01/14] fscrypt: remove unnecessary NULL check when allocating skcipher Date: Fri, 23 Mar 2018 12:23:45 -0700 Message-Id: <20180323192358.95691-2-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers crypto_alloc_skcipher() returns an ERR_PTR() on failure, not NULL. Remove the unnecessary check for NULL. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 96a1eae9e51d..8099388f5581 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -320,8 +320,8 @@ int fscrypt_get_encryption_info(struct inode *inode) goto out; } ctfm = crypto_alloc_skcipher(cipher_str, 0, 0); - if (!ctfm || IS_ERR(ctfm)) { - res = ctfm ? PTR_ERR(ctfm) : -ENOMEM; + if (IS_ERR(ctfm)) { + res = PTR_ERR(ctfm); pr_debug("%s: error %d (inode %lu) allocating crypto tfm\n", __func__, res, inode->i_ino); goto out; From patchwork Fri Mar 23 19:23:46 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890171 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="XcXthgnJ"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDp4fmSz9rxs for ; Sat, 24 Mar 2018 06:31:38 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752532AbeCWTbQ (ORCPT ); Fri, 23 Mar 2018 15:31:16 -0400 Received: from mail-pl0-f67.google.com ([209.85.160.67]:41362 "EHLO mail-pl0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752378AbeCWTbO (ORCPT ); Fri, 23 Mar 2018 15:31:14 -0400 Received: by mail-pl0-f67.google.com with SMTP id b7-v6so8030786plr.8; Fri, 23 Mar 2018 12:31:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ZSsjXvQgxRItubPbJRfa/894s7hhah/T1TdHyiC5DoE=; b=XcXthgnJ2xNYvY9CQZAFnHxwFDui3EaRn99x4vdbXdL+6PSYZIio8RYouh+iajxFwm UgoS/dZ4iuCeQYU14hRDLYG1zLfsGNfUuevK8p7dUKNXYvClbcpk04avpMHRtb+lSIxo edUIwtsS8AKSqs8BScQPzQ2NFtcCOhTQKPKHslnxwAHWbmhbyVjaAvP7BYzFl8eC4K+W 5VDW9Lafsq7xOS8UJVkdcxPBaJysmZDf8PzQpUqiRJqxUVj8spfrTVisZrER/BDlhaKY lvFM/MxZA2BsgvAptLUSEYVPBBA1bEBjosOwEFUzUaUzFPMLUw7isPUvWIPlOcrvy6O9 Icog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ZSsjXvQgxRItubPbJRfa/894s7hhah/T1TdHyiC5DoE=; b=rhgcSK34/D8Ekj8Wg8rHQlwss8taZINZgpN0ac5Dg+RjeiJtee1TWCzUrj4Zp8p6NG 0xcTk5S7jDlMF77nNts+XfnELgi5jDjpdP1gSTjqC+vrSpisFoyGIsIM9+4/u8W63wWm 4VihYxJFBKefiUG2Dq6beUqfr7uL1xSbrskues7XbCQHmYHOIcoOPNqHo3lr52fowUub PLbGsU1BTMuLvC7It5/hEKEl2eHzsXM1ElCew3ABZLKcod66GU5xyZLwMy3PygaT7eis 3VC2HRYFPXeqyaipTC4cgufwDYAffQ+LH8ErSGSaNtIA0kZ66/ZwkZ0nea+3OKkmZAyN fWWg== X-Gm-Message-State: AElRT7GUbLNPun0e5CcrH6MbwZ8u8opFhIo9p3Sco0ga1PW77d4lUR1H rgaU18lPWLteRaLtjee0Cn/wWvQ2 X-Google-Smtp-Source: AG47ELvDvXKTrK+HsoKOa7Vvjs6kZJrr00wpz5Pd/n7jytIpxyOgV4kpAVId6M7ADhxrUljMfFD3xg== X-Received: by 2002:a17:902:6bc3:: with SMTP id m3-v6mr23466545plt.363.1521833473678; Fri, 23 Mar 2018 12:31:13 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:13 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 02/14] fscrypt: remove error messages for skcipher_request_alloc() failure Date: Fri, 23 Mar 2018 12:23:46 -0700 Message-Id: <20180323192358.95691-3-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers skcipher_request_alloc() can only fail due to lack of memory, and in that case the memory allocator will have already printed a detailed error message. Thus, remove the redundant error messages from fscrypt. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 6 +----- fs/crypto/fname.c | 10 ++-------- 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index f2b2d8408a01..58761d816751 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -156,12 +156,8 @@ int fscrypt_do_page_crypto(const struct inode *inode, fscrypt_direction_t rw, } req = skcipher_request_alloc(tfm, gfp_flags); - if (!req) { - printk_ratelimited(KERN_ERR - "%s: crypto_request_alloc() failed\n", - __func__); + if (!req) return -ENOMEM; - } skcipher_request_set_callback( req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index e33f3d3c5ade..3b5164b159cb 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -59,11 +59,8 @@ int fname_encrypt(struct inode *inode, const struct qstr *iname, /* Set up the encryption request */ req = skcipher_request_alloc(tfm, GFP_NOFS); - if (!req) { - printk_ratelimited(KERN_ERR - "%s: skcipher_request_alloc() failed\n", __func__); + if (!req) return -ENOMEM; - } skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); @@ -108,11 +105,8 @@ static int fname_decrypt(struct inode *inode, /* Allocate request */ req = skcipher_request_alloc(tfm, GFP_NOFS); - if (!req) { - printk_ratelimited(KERN_ERR - "%s: crypto_request_alloc() failed\n", __func__); + if (!req) return -ENOMEM; - } skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); From patchwork Fri Mar 23 19:23:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890159 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="hCLyTR/H"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDQ4VTpz9s0w for ; Sat, 24 Mar 2018 06:31:18 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752534AbeCWTbR (ORCPT ); Fri, 23 Mar 2018 15:31:17 -0400 Received: from mail-pf0-f196.google.com ([209.85.192.196]:39473 "EHLO mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752527AbeCWTbP (ORCPT ); Fri, 23 Mar 2018 15:31:15 -0400 Received: by mail-pf0-f196.google.com with SMTP id u5so5107170pfh.6; Fri, 23 Mar 2018 12:31:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Pn31iKo5bdUwZ7Mo55qbnWvCVFkKjitsfJYQf968F+8=; b=hCLyTR/H/vGUwZ6FsD8PP/c4q9Lfo6b+ePRn95tVK9ZYz6bcEswx+FRPBezUYjA+AL G48nDh/8lRqMykE/5X+IpEiTLxMms7RxK/aRaso+3YIQ80NK3/HXEBr/81+uYGwu2XfW giDQWUQuSsg20JdmiFK/0Zg8hCXtUnLG/Q4EKbow1nGc90Grw0mIzJQDhAbs1KxUswcB yPOkFQDC1PFeTNlRq5BLHaH7E8OumwSJ0nCux/87qWlF//8c1tDvw3xMNG80/oUyomIQ ok9Dec4ZFfDbehFNsTE1Z87b62XwgNSRz7rtbzUFgoumM9tpOG0SZAJHIUBHdaK6vS4f 71Bg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Pn31iKo5bdUwZ7Mo55qbnWvCVFkKjitsfJYQf968F+8=; b=kbGDztqhBrNGBdCsK9Xv7faSRG4ocq0eyRVSVnJBaY6738XgeHN5+254935RIkPtj0 tBqMzp7PiZ3Ejbg5LLnHo2H8R4eD6Q9cnscA61aY9UpyPLz4YrDnfIwulEnEWegcJOFH nLwRicIZB+maea/FXKhhG6IcU0h1BG5ChjvoXYKeiNCvuiEpPJajBAcTALppgg/wDObn +DIJkvPASeLQWJzIReqNqWbjxEvKhLd/W2khr2aV3vQv2rxTF05L57F0Fq+HjMsiRzmZ nTY2Xy1Hnl//X7/e9iIb1MZc1Z08gOoHk9eug6rOrqcxorWroBlkR2PPqX8j+E3tuD8y ozMQ== X-Gm-Message-State: AElRT7FW8TdpGndsrLQbfzfL4S4JmFxVVNj/oylC85l8Yck5YLNKdBFk N5CDj7+O5yzoacmqUtjNNbrWGd9h X-Google-Smtp-Source: AG47ELu3ibsOrWnKZYUNgDs374Fi+BWY+pVOXROIc9rEIlAzhpE/+KJ6bnGnYJzEIzWpl4lZeXzJDQ== X-Received: by 10.99.136.194 with SMTP id l185mr22234844pgd.419.1521833474519; Fri, 23 Mar 2018 12:31:14 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:13 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 03/14] fscrypt: remove WARN_ON_ONCE() when decryption fails Date: Fri, 23 Mar 2018 12:23:47 -0700 Message-Id: <20180323192358.95691-4-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers If decrypting a block fails, fscrypt did a WARN_ON_ONCE(). But WARN is meant for kernel bugs, which this isn't; this could be hit by fuzzers using fault injection, for example. Also, there is already a proper warning message logged in fscrypt_do_page_crypto(), so the WARN doesn't add much. Just remove the unnessary WARN. Signed-off-by: Eric Biggers --- fs/crypto/bio.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/fs/crypto/bio.c b/fs/crypto/bio.c index 0d5e6a569d58..771c8684826b 100644 --- a/fs/crypto/bio.c +++ b/fs/crypto/bio.c @@ -43,12 +43,10 @@ static void completion_pages(struct work_struct *work) int ret = fscrypt_decrypt_page(page->mapping->host, page, PAGE_SIZE, 0, page->index); - if (ret) { - WARN_ON_ONCE(1); + if (ret) SetPageError(page); - } else { + else SetPageUptodate(page); - } unlock_page(page); } fscrypt_release_ctx(ctx); From patchwork Fri Mar 23 19:23:48 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890161 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="sG/CBBwQ"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDT692Bz9rxs for ; Sat, 24 Mar 2018 06:31:21 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752560AbeCWTbU (ORCPT ); Fri, 23 Mar 2018 15:31:20 -0400 Received: from mail-pg0-f66.google.com ([74.125.83.66]:39121 "EHLO mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752326AbeCWTbQ (ORCPT ); Fri, 23 Mar 2018 15:31:16 -0400 Received: by mail-pg0-f66.google.com with SMTP id a19so4949285pgw.6; Fri, 23 Mar 2018 12:31:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YpZ6Sve//aGCh+mVMcLIpXwQcOBr3Bqh1NBsIvkzkx0=; b=sG/CBBwQ0C3hUuoNakhiZ/K/QE21n8Fg/8ndafTkr1BJf7sRHfIH/ZNEqYhbaJ7hA1 dYs737c7WLHNJCQC2cGGK611SxPPPVfBAjHPN3pdMgbvd+hpIaeEMMxsczVjOWe4HF1o 5wQzdSfud8RanW/qNXqJnpA4UOdIKoRnSztF5qUR9zYwp1wGqVGwb/Tz9ZFh5FaE3Qbk vDkHohU+eo9FaLzZZ9Vb8FBCijxNizV8HjrQYXexvF/sviVuKg2lsJtyMV4g3/Sbl23I CkbTJuZ1l+a4ti9Ab/rChhtTAoIhguhq1h7+eWWeDrCQ2iKeu+MWvPv2YuozM7uRzXGC Ryqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YpZ6Sve//aGCh+mVMcLIpXwQcOBr3Bqh1NBsIvkzkx0=; b=B2E7S+iseY+7HLNws112Q4O6GEPE9Zwy3ebCHGcFJR7/1UPts6I/5MAWXH3AH1caRg 0Yjth+elzEJNwS6KZ4wNbC9bE8Pw6F98AIClKO2BVVl/8y1+/7E8JxyTO9j/pn/rIamC A/MgJl0vS8zHBAGDOjga+JBKe8UUzq9mkL0n4ikKlMtftoKMiTVVlWJnlhb+yGCRJQ2s 8uXt5jhHgBnvV7XbUMV2BMpBGYmR2HmjNvFwjyFhHXskpvEX5Zm8/DwOJRHem+vB5iao wnMvkjcW9Y392O1YaLa/sMM+pW1edx5ulPIrjaOo7AnqqcdZrrJSrlMHRlfW0YXHw/Gg uXvw== X-Gm-Message-State: AElRT7Ho86RfHZopMCQPNan5GRHynZt6Ex9Dv7E22xdrfY3HCiV7LYB/ nS6la/ImgQv6aGFux2HHXJRorCrM X-Google-Smtp-Source: AG47ELsV6I1LCByB4fQsugHd8IGLtCI2LRjGAwbFUfI5CrODs8B0Hzi5SihSUp27cc6hnstrvAnyNg== X-Received: by 10.101.83.199 with SMTP id z7mr22312145pgr.105.1521833475433; Fri, 23 Mar 2018 12:31:15 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:14 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 04/14] fscrypt: remove stale comment from fscrypt_d_revalidate() Date: Fri, 23 Mar 2018 12:23:48 -0700 Message-Id: <20180323192358.95691-5-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index 58761d816751..d22887f689ad 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -322,7 +322,6 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) return 0; } - /* this should eventually be an flag in d_flags */ spin_lock(&dentry->d_lock); cached_with_key = dentry->d_flags & DCACHE_ENCRYPTED_WITH_KEY; spin_unlock(&dentry->d_lock); From patchwork Fri Mar 23 19:23:49 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890160 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="mCsfDTv2"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDS5wKVz9s0w for ; Sat, 24 Mar 2018 06:31:20 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752540AbeCWTbT (ORCPT ); Fri, 23 Mar 2018 15:31:19 -0400 Received: from mail-pf0-f193.google.com ([209.85.192.193]:44708 "EHLO mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752378AbeCWTbR (ORCPT ); Fri, 23 Mar 2018 15:31:17 -0400 Received: by mail-pf0-f193.google.com with SMTP id m68so5105052pfm.11; Fri, 23 Mar 2018 12:31:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Va95w6fmA9Co1/uxsgf3HdEVuaibFN6JiufFqrpPhyg=; b=mCsfDTv2BQr+iM2ySyRRJuFV+F7CmXUPwv+K5gQgkH1HjY0qFwJ/YEfa1it7sU+p5C vREvdUtFHb6s0O6xN4SCIaibM9/eoZXDaMfx429tRy5jaxIcksjcWy8IcMc8dsZMhTcX 20tbpk++H5j5azRgn7SBqHi3EjUNuZffS/QAkOFWlnWev4ek9bpeo6IiX0vOw1PBr1Uc ToHLsqD4+8C10GulCh3PBbnweMrGqOfrLiSYkNYErfUoknmWnjaV4CfPavYdAD9EmAjk 05NjG+ywq75K9jsU1LZGLvdFeKGxis34qL4o5g5WVxIbEwu1AisuNCgh17Z7XPGH3uHt pmjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Va95w6fmA9Co1/uxsgf3HdEVuaibFN6JiufFqrpPhyg=; b=jS6Xiik+BC3qfBdv+V21WKgSjvd3XyfMoQHOvRqMF5Ef8fkJMcCHoOKOf7cAoU3VWI g30RK7bfZDVyOWgCmg0+MdT34WCSatuZid30sTrvHMTBjGvgjdcpoCgkXTb96VdxaGn4 jLXofJsn/rgSiMOosC2vuOsuw43vlFdIDBT32lsmZIrpIf1U63Sv7MUfgg56lJ/JXuca MMJkgMIzQ89++66+Wzmxu3s+YSPpwsQAOpiOeAmqBg6nP18ITLDm/2RiZ9iM4PKxk8oO giufFaE1N+4SYCoOYoJI2uevurObF/flSrC/VBZduOxsBRhmA6ShAhMeexAdD6BBC4OS u+xw== X-Gm-Message-State: AElRT7HySY2umF4fbJlYeTxe0FFZG1eo8wRHO9ufrhD+r8Qb20UIwYcH d/Z68CBwtp4Y86t/An3R5w7VbP2h X-Google-Smtp-Source: AG47ELt43g59Jcp+ZSUu4lwIeHQbCDZjBJjI/v3vDQe4XHohE/W7Y0sspE2urwV67BScCECYQlWX+A== X-Received: by 10.101.92.138 with SMTP id a10mr21915660pgt.129.1521833476278; Fri, 23 Mar 2018 12:31:16 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:15 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 05/14] fscrypt: don't clear flags on crypto transform Date: Fri, 23 Mar 2018 12:23:49 -0700 Message-Id: <20180323192358.95691-6-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers fscrypt is clearing the flags on the crypto_skcipher it allocates for each inode. But, this is unnecessary and may cause problems in the future because it will even clear flags that are meant to be internal to the crypto API, e.g. CRYPTO_TFM_NEED_KEY. Remove the unnecessary flag clearing. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 8099388f5581..1435a1c81010 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -327,7 +327,6 @@ int fscrypt_get_encryption_info(struct inode *inode) goto out; } crypt_info->ci_ctfm = ctfm; - crypto_skcipher_clear_flags(ctfm, ~0); crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_REQ_WEAK_KEY); /* * if the provided key is longer than keysize, we use the first From patchwork Fri Mar 23 19:23:50 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890162 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="A4cHZjJO"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDW0FsWz9s0w for ; Sat, 24 Mar 2018 06:31:23 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752569AbeCWTbV (ORCPT ); Fri, 23 Mar 2018 15:31:21 -0400 Received: from mail-pg0-f67.google.com ([74.125.83.67]:44171 "EHLO mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752536AbeCWTbR (ORCPT ); Fri, 23 Mar 2018 15:31:17 -0400 Received: by mail-pg0-f67.google.com with SMTP id v26so2436354pge.11; Fri, 23 Mar 2018 12:31:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=BY9DJPH2NsbJiHf4i2wvXwTKbDPP2nvvkfQ4RpGdhO0=; b=A4cHZjJO9clJk7HzzvUd5XWRDQmvC2i//kDqRpQFdZDRd58CpStkTA0E+jeFuy3n8t p/nzbS+GVRUV+QsSXCPqy50MTjB6uMTOBytFGxOfXk/6xD3M+HljeqRH/g5RhFAA7qAZ Pq7Mje9EAZS8YxofYWNwQUUy8+8IOZBHLv+41h9Bd+UDFT8nLP4mvPpI1ZcbMAhDH7HU KHY/5bHDix+nPIgWLkJXGaF+Q5gg/2I3M+YzvGgbdrfFIT2wY92nlCWZn8fBRYxvnNXQ zyZwzjG1HRpd6bC8yBZN64eIrhEe4EEvZ3qByD3a+e903cwBqfuMPU1KYyeAjshd4zmG Xcgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=BY9DJPH2NsbJiHf4i2wvXwTKbDPP2nvvkfQ4RpGdhO0=; b=GtHv9HoK5uNKGtQa8BP1YDW25pcRDLQTVnWNB+QjFwAp8hHZDSNEBlKHCy3NJPg54v 1XbqQP/fiqpZNC7auMFnsa5LD2gBmLMCcaADOHLwcJRpIBRyLZ+RoWa9qECeO+v4aIcp yg5fEuabpdtJjPOG/YEm35AuV0PFl7QVuPeEps7RBhWvpTvA9K9PT59ZEB0vaQqHbQUd NE7jlHD56kMRh8SuPXoWaHQl9fSkzrGSw7ayrj8aPHNV/3tg66yqCqq3HGTs9rrMFclv p3qcJgZJ7TvtLHofFDk73PQ63+9/iuc6GMjQSiicjDcu9JA4nATU3r0F+sVWySeqQejh 8t3Q== X-Gm-Message-State: AElRT7GF7m3L4/X6XYFzhYPvBzhCQwUImJND/xUFmmfqOCnn7SLdpJn7 qslRxzC54POGNS4Vr40mHH/JKVMM X-Google-Smtp-Source: AG47ELtDnwgAJKVMkd9ki5zga4PiftxJX5gpFxtMgHpJ0eJ38LRHptUc+52QEAN8m2SwVOVI41TAJw== X-Received: by 10.99.114.86 with SMTP id c22mr21525182pgn.72.1521833477149; Fri, 23 Mar 2018 12:31:17 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:16 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 06/14] fscrypt: don't special-case EOPNOTSUPP from fscrypt_get_encryption_info() Date: Fri, 23 Mar 2018 12:23:50 -0700 Message-Id: <20180323192358.95691-7-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers In fscrypt_setup_filename(), remove the unnecessary check for fscrypt_get_encryption_info() returning EOPNOTSUPP. There's no reason to handle this error differently from any other. I think there may have been some confusion because the "notsupp" version of fscrypt_get_encryption_info() returns EOPNOTSUPP -- but that's not applicable from inside fs/crypto/. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 3b5164b159cb..8088a606c0aa 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -335,7 +335,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname, return 0; } ret = fscrypt_get_encryption_info(dir); - if (ret && ret != -EOPNOTSUPP) + if (ret) return ret; if (dir->i_crypt_info) { From patchwork Fri Mar 23 19:23:51 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890172 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Fe9qaQJn"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDq4g1Tz9s1b for ; Sat, 24 Mar 2018 06:31:39 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752559AbeCWTbi (ORCPT ); Fri, 23 Mar 2018 15:31:38 -0400 Received: from mail-pf0-f195.google.com ([209.85.192.195]:36908 "EHLO mail-pf0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752324AbeCWTbT (ORCPT ); Fri, 23 Mar 2018 15:31:19 -0400 Received: by mail-pf0-f195.google.com with SMTP id t16so882078pfh.4; Fri, 23 Mar 2018 12:31:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=LjgC7/TFnUw4PPDWmwXnZkp0LGc9WN/usAoVPx586r0=; b=Fe9qaQJnDduZl2ycz+kNMY0aivxvFsPSRGZzaB/kcE5E8nC3YVfRkAzi6ym18vHiR4 BDRKBoQeU/+FbOxJL9o6G453bs7RREUA+3fOLgjntx6EUycKpzgT9ALN2Xh9HvuYKOXq W0GbaR4zSpxh/dYPvG1XyzY7boupdF9y/OfTrnIOLNAYP+t4z4Uk+qyQqZ3IiTTnYvjY s4gdmeTx3R2tvTowNHuH5L57ZE0KgVRNj4RbMNnlqlL01n4gEAdZA7kxgECFFenNNgvn S8o/99u8osLclGeuavQuKXQmK+noQciNXg48p9qgHHWrjOA/C70MgUhvakWQ18Oaf+7X tdaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=LjgC7/TFnUw4PPDWmwXnZkp0LGc9WN/usAoVPx586r0=; b=kjSiCdTJN4bruJjCSzNE22763p3WTPeX5jImyolei4uBVKGcqKdpJWP2+e6kQzhnb7 1dmvU9oPi8D6kChR8tlgKauNz3DQQeWSpyFU2Ia4OhGpcV902HQzxhNRYhpHffBvOVba ku8MsL5TtlhaTXbMD+uDZi++QJq4bXTbcD4+5OyGCo3zgIGwzph+Yanyx4YBWkTpwxRX EPwqfwIfkOD1/JZFyLY6OhWds7qav2elbC/IBDaiU02u7zArBaoo0PXBJ/dtCXEIyLcc C3K3GBCRRrx0/YmB3MkrXxT3M3C4ns2QUAjZPCgQDDc5Jt9zdOZNaSuPRZ4Dl1MTFfNR bRag== X-Gm-Message-State: AElRT7FvfmpfEFmT3CfVOwAQmugLkV4mkW0nX/NMqSB2hktsPagKL2vd yuQtPVMAZ05zIfWs5oIHJD2RGWn8 X-Google-Smtp-Source: AG47ELseNKJ9ng/IOFioLjnOXTX6xeJmgcEZeBuxkOD1KgWjE9tdgHuQBbIXcLsNUT9V/sjH2s0V2w== X-Received: by 10.99.143.69 with SMTP id r5mr7927721pgn.159.1521833478059; Fri, 23 Mar 2018 12:31:18 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:17 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 07/14] fscrypt: drop max_namelen check from fname_decrypt() Date: Fri, 23 Mar 2018 12:23:51 -0700 Message-Id: <20180323192358.95691-8-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers fname_decrypt() returns an error if the input filename is longer than the inode's ->max_namelen() as given by the filesystem. But, this doesn't actually make sense because the filesystem provided the input filename in the first place, where it was subject to the filesystem's limits. And fscrypt_decrypt() has no internal limit itself. Thus, remove this unnecessary check. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 8088a606c0aa..cc9590b5f371 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -93,14 +93,11 @@ static int fname_decrypt(struct inode *inode, struct skcipher_request *req = NULL; DECLARE_CRYPTO_WAIT(wait); struct scatterlist src_sg, dst_sg; - struct fscrypt_info *ci = inode->i_crypt_info; - struct crypto_skcipher *tfm = ci->ci_ctfm; + struct crypto_skcipher *tfm = inode->i_crypt_info->ci_ctfm; int res = 0; char iv[FS_CRYPTO_BLOCK_SIZE]; - unsigned lim; - lim = inode->i_sb->s_cop->max_namelen(inode); - if (iname->len <= 0 || iname->len > lim) + if (iname->len <= 0) return -EIO; /* Allocate request */ From patchwork Fri Mar 23 19:23:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890170 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="HtlfYxps"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDm4pQlz9s0w for ; Sat, 24 Mar 2018 06:31:36 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752620AbeCWTbf (ORCPT ); Fri, 23 Mar 2018 15:31:35 -0400 Received: from mail-pl0-f66.google.com ([209.85.160.66]:46608 "EHLO mail-pl0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752559AbeCWTbT (ORCPT ); Fri, 23 Mar 2018 15:31:19 -0400 Received: by mail-pl0-f66.google.com with SMTP id f5-v6so8019466plj.13; Fri, 23 Mar 2018 12:31:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=EWJOxZaS0Q8k4pFBP58bHrrzrKT+Pts3f4jLsBZ5tUc=; b=HtlfYxpsAVtOjrTzSF5F/rqbW3n1aDtnY1HNIv2hEPRx+PcYIF7vdF8TMF3zSv4mk3 a9PvEfShCgV+aAkXEoRfZeSlqx/1BKmIngwAtoxpejKpEXGUlb/d5on9sn+8qaeDw57b OrH3muulH5coAhWcOTFs63OPRmQvM7x6u7Ic82VB1XxlOtyEWFqCNk556fuwMDiXzIwN vsPRbYfz0bSk40upscNDY0ngKEoX7qLA2A3UWvjXxXv5NGW2HAWyoNngT7LEKiu+iCwZ 6hALVlOAJGQyAT8LAjo1oaUK2MztttN8gY7kxDII1VZu7i6OtOVg7xsXjnDNwz7yIJxS zeuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=EWJOxZaS0Q8k4pFBP58bHrrzrKT+Pts3f4jLsBZ5tUc=; b=Sfnaw6NFu2GHUG2w4ELUfB9ljbcveusbS0u1xsW/Vhp+S5oIUsFMoYjiOGLWikB6bX 0PEaouoa/Eqw9hNQ99O7AknGv/RL6V+KFGadDb0vYRkSKxXLUbgCnL23eHhMVzFvap8N y7d8dkYbc4ateq2fVmrusDAVOuwGPLD3uAXaePUqTghwg8MokRGB71ml39finlPlUAC2 zrmLDlP0COLVicSzRFDPu3gWcSPpzhQnqaSWxkl6lwMLh1ZVeTcD/IzfBxMXB+8c5ddp XJIBULzF2jND7X0uCHyQzRKcuLtIsCszu28eoKMwQ0S1r272fGbFd+nljB6C/q11WlpR vP/g== X-Gm-Message-State: AElRT7HVEAPk8oYx4dMZvlydtI+6+gOkJUsywIECLjYxUKCXtGgGfhHT neEnuoXIFuSHva02S8G5E3w/ihrR X-Google-Smtp-Source: AG47ELvtndGBY5niG4eHV0WeRG/z3ka/PD3FeZqJEf7bbmm1SUS0qacyIuqgrmi1ARTrZ1HBCk+rCw== X-Received: by 2002:a17:902:7102:: with SMTP id a2-v6mr30372329pll.87.1521833478963; Fri, 23 Mar 2018 12:31:18 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:18 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 08/14] fscrypt: drop empty name check from fname_decrypt() Date: Fri, 23 Mar 2018 12:23:52 -0700 Message-Id: <20180323192358.95691-9-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers fname_decrypt() is validating that the encrypted filename is nonempty. However, earlier a stronger precondition was already enforced: the encrypted filename must be at least 16 (FS_CRYPTO_BLOCK_SIZE) bytes. Drop the redundant check for an empty filename. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index cc9590b5f371..c4eb3a235ae4 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -97,9 +97,6 @@ static int fname_decrypt(struct inode *inode, int res = 0; char iv[FS_CRYPTO_BLOCK_SIZE]; - if (iname->len <= 0) - return -EIO; - /* Allocate request */ req = skcipher_request_alloc(tfm, GFP_NOFS); if (!req) From patchwork Fri Mar 23 19:23:53 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890169 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="BAGtOVM4"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDl5294z9s0w for ; Sat, 24 Mar 2018 06:31:35 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752613AbeCWTbe (ORCPT ); Fri, 23 Mar 2018 15:31:34 -0400 Received: from mail-pl0-f68.google.com ([209.85.160.68]:44154 "EHLO mail-pl0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752563AbeCWTbU (ORCPT ); Fri, 23 Mar 2018 15:31:20 -0400 Received: by mail-pl0-f68.google.com with SMTP id 9-v6so8021326ple.11; Fri, 23 Mar 2018 12:31:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=jg7uWDdDwkDKNhboestHo/v9jXXY5OGBPD+gqcHk+xU=; b=BAGtOVM40E/p7gBcdW3qvRcVSsQPXg4T6tsadKjQ722HKdMVhA57T3cqrojBjddoo0 juhW9svk4/OxuJ9qpBDhI3fGyy8rAPBLQGkTpEs20tsRywctH8FcLYlxEwSt6wWOF5Vk uA4i/e1/2CIBDRJsQ2Zv0gRxyQfyqwVUtS9Q9JwcbUfk6PRRS9SbaKuJWKFf3sHMKJsc h+TF19Q7+pG+wjJGvekMn9/Cq2gIdmEfZlzhFMqXAYla81BDqsclv+hS9Dg8iEf9Xjj1 2yfi7L2ocfD9TM9bUwpRCLXH22vVkyuZhmjCy+szLXQHu/tV8PB8esX7qQ9PTYJ+oVjN Hxzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=jg7uWDdDwkDKNhboestHo/v9jXXY5OGBPD+gqcHk+xU=; b=t98f76sEsyJdI9U60/5dmn+9xVJ6umgk7yuNjwILuBU+jNEXWvT1j1n854TWkDI6FY q9z2pXMYUf9kZJyASo2UKQUFTa7N5xpF2DMcnJuvzonoazNBIoUfYmabJlKNMcRdJij0 R1cks9/dAC08iURgghoBojKDOI4yWDsfDvRYovxOBtUCeAF9eBcc9pYUUGsRSEp7bkoG SDWpvQdyn2UqJPII3hcTv6dj43qMBgTTLm/yFsJuhn2fxme2fkPbOYMPy1ZpYrZu4jeX sH0gZwXRfnZciGj+HDWRrI2Rt/TJvFdYG7evyIUvbHGYOK34sP/JLRXwLOGPpphpR5TR V0Ww== X-Gm-Message-State: AElRT7EyE4ngL7YPx7+OM3hnmKArQIDhCFc5PJJJNfaRJxJD2fX4+Cxb RTu8T+bl+BVa5+9BHnfe7zsb4wwt X-Google-Smtp-Source: AG47ELvOq71y9dglw7CCIcnFDgTlr5MimwfSkJG7yKoUclocX5kvs2zJB8Q5iG5YcZENKiv2zF/8uw== X-Received: by 2002:a17:902:9a42:: with SMTP id x2-v6mr18157317plv.201.1521833479838; Fri, 23 Mar 2018 12:31:19 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:19 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 09/14] fscrypt: make fscrypt_operations.max_namelen an integer Date: Fri, 23 Mar 2018 12:23:53 -0700 Message-Id: <20180323192358.95691-10-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers Now ->max_namelen() is only called to limit the filename length when adding NUL padding, and only for real filenames -- not symlink targets. It also didn't give the correct length for symlink targets anyway since it forgot to subtract 'sizeof(struct fscrypt_symlink_data)'. Thus, change ->max_namelen from a function to a simple 'unsigned int' that gives the filesystem's maximum filename length. Signed-off-by: Eric Biggers --- fs/crypto/fname.c | 2 +- fs/ext4/super.c | 8 +------- fs/f2fs/super.c | 8 +------- fs/ubifs/crypto.c | 10 +--------- include/linux/fscrypt_supp.h | 2 +- 5 files changed, 5 insertions(+), 25 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index c4eb3a235ae4..39091fc31e98 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -334,7 +334,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname, if (dir->i_crypt_info) { if (!fscrypt_fname_encrypted_size(dir, iname->len, - dir->i_sb->s_cop->max_namelen(dir), + dir->i_sb->s_cop->max_namelen, &fname->crypto_buf.len)) return -ENAMETOOLONG; fname->crypto_buf.name = kmalloc(fname->crypto_buf.len, diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 39bf464c35f1..63242840b1af 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -1235,19 +1235,13 @@ static bool ext4_dummy_context(struct inode *inode) return DUMMY_ENCRYPTION_ENABLED(EXT4_SB(inode->i_sb)); } -static unsigned ext4_max_namelen(struct inode *inode) -{ - return S_ISLNK(inode->i_mode) ? inode->i_sb->s_blocksize : - EXT4_NAME_LEN; -} - static const struct fscrypt_operations ext4_cryptops = { .key_prefix = "ext4:", .get_context = ext4_get_context, .set_context = ext4_set_context, .dummy_context = ext4_dummy_context, .empty_dir = ext4_empty_dir, - .max_namelen = ext4_max_namelen, + .max_namelen = EXT4_NAME_LEN, }; #endif diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 8173ae688814..d4c9d580d32f 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -1802,18 +1802,12 @@ static int f2fs_set_context(struct inode *inode, const void *ctx, size_t len, ctx, len, fs_data, XATTR_CREATE); } -static unsigned f2fs_max_namelen(struct inode *inode) -{ - return S_ISLNK(inode->i_mode) ? - inode->i_sb->s_blocksize : F2FS_NAME_LEN; -} - static const struct fscrypt_operations f2fs_cryptops = { .key_prefix = "f2fs:", .get_context = f2fs_get_context, .set_context = f2fs_set_context, .empty_dir = f2fs_empty_dir, - .max_namelen = f2fs_max_namelen, + .max_namelen = F2FS_NAME_LEN, }; #endif diff --git a/fs/ubifs/crypto.c b/fs/ubifs/crypto.c index 616a688f5d8f..55c508fe8131 100644 --- a/fs/ubifs/crypto.c +++ b/fs/ubifs/crypto.c @@ -24,14 +24,6 @@ static bool ubifs_crypt_empty_dir(struct inode *inode) return ubifs_check_dir_empty(inode) == 0; } -static unsigned int ubifs_crypt_max_namelen(struct inode *inode) -{ - if (S_ISLNK(inode->i_mode)) - return UBIFS_MAX_INO_DATA; - else - return UBIFS_MAX_NLEN; -} - int ubifs_encrypt(const struct inode *inode, struct ubifs_data_node *dn, unsigned int in_len, unsigned int *out_len, int block) { @@ -89,5 +81,5 @@ const struct fscrypt_operations ubifs_crypt_operations = { .get_context = ubifs_crypt_get_context, .set_context = ubifs_crypt_set_context, .empty_dir = ubifs_crypt_empty_dir, - .max_namelen = ubifs_crypt_max_namelen, + .max_namelen = UBIFS_MAX_NLEN, }; diff --git a/include/linux/fscrypt_supp.h b/include/linux/fscrypt_supp.h index c9c2cc26bc62..5080cb1bec4c 100644 --- a/include/linux/fscrypt_supp.h +++ b/include/linux/fscrypt_supp.h @@ -29,7 +29,7 @@ struct fscrypt_operations { int (*set_context)(struct inode *, const void *, size_t, void *); bool (*dummy_context)(struct inode *); bool (*empty_dir)(struct inode *); - unsigned (*max_namelen)(struct inode *); + unsigned int max_namelen; }; struct fscrypt_ctx { From patchwork Fri Mar 23 19:23:54 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890165 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="gbFFFg2z"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDb6Pdqz9rxs for ; Sat, 24 Mar 2018 06:31:27 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752600AbeCWTb0 (ORCPT ); Fri, 23 Mar 2018 15:31:26 -0400 Received: from mail-pg0-f66.google.com ([74.125.83.66]:37191 "EHLO mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752326AbeCWTbV (ORCPT ); Fri, 23 Mar 2018 15:31:21 -0400 Received: by mail-pg0-f66.google.com with SMTP id n11so4948492pgp.4; Fri, 23 Mar 2018 12:31:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=5wb8IX7wJNOB3Q/Ln5fBcnr4G+TY29tj8OSRUnB9bYk=; b=gbFFFg2zCBOdAZT3aTNWUxVR3DTlZqK7oRaAk4DyoxNrMqFPnOEuOko8yqp+wmmruD gvjtE939B9VWVfgT7f6H23TkK1cfCthkL2YOUz2wH5H5u0I/7E5oHym8Z+c8FHzrnXaf pcRjbW52AAfaTzRrzEvh0scNcZcBzqWIItYO2fGJ+D5XWV1VR8Md3EkEauF3d9WviuXi C5Aqc+VKYosWYMCpE/uh3vh5zlNCG9VW1BiG60vzH7F/apSfGkwiD9vCxaTlGulWTess acc9OSFA911OkNfz5gGovrnZSEOezk86jV0RHdYWmGqn/Yjmt0WK4dmjOo75R29b9djU MUug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=5wb8IX7wJNOB3Q/Ln5fBcnr4G+TY29tj8OSRUnB9bYk=; b=n5Fl9N7tbWT85jSDoJGG4JHh01gAbd4d+uPVjPMV3m8+K/pL8HCep+Ts8zavtmsRo/ 78dXp/cFAzZ34PaKIHBk+Yk2ZPLbqUbPUEvzm53hT+3dJ4g6G2mQlz2unttRYtJabXoi +kRUkB4gM718cZb+3LymfHDcnh8WosrTxvg5UnlAuaWbaUL1aztqTeo/j/pTTJHveeTv jMyGSsJ3nQgK5GQ/bDdzvsE0GWR8YebiaTL+3zCKPK/61lYaS5VW7IoTYvdHmRECymss W8R/G++P+VKwQhClU4j2/P3Trjzag14UfmnjAzqU7ZZ3HDirJDpuUf0CshF/2oTv0lcY G7kw== X-Gm-Message-State: AElRT7EAt68uV7lgTiU8QPBveJcmapU8d72u2qcDZVMXBS7DssPG52+Z PJ0TMX8cYBb14SmMDh5zESrVesGt X-Google-Smtp-Source: AG47ELvJEn0sVqAOEHbVCQFJnpFl3zjXLjMk+LTJYVGSe/tKdOolMN7hlGxFA5WaCtz6/LGrAkmCgw== X-Received: by 10.98.157.199 with SMTP id a68mr24852424pfk.237.1521833480732; Fri, 23 Mar 2018 12:31:20 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:20 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 10/14] fscrypt: remove unnecessary check for non-logon key type Date: Fri, 23 Mar 2018 12:23:54 -0700 Message-Id: <20180323192358.95691-11-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers We're passing 'key_type_logon' to request_key(), so the found key is guaranteed to be of type "logon". Thus, there is no reason to check later that the key is really a "logon" key. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 1435a1c81010..4913a4d5204f 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -89,12 +89,6 @@ static int validate_user_key(struct fscrypt_info *crypt_info, return PTR_ERR(keyring_key); down_read(&keyring_key->sem); - if (keyring_key->type != &key_type_logon) { - printk_once(KERN_WARNING - "%s: key type must be logon\n", __func__); - res = -ENOKEY; - goto out; - } ukp = user_key_payload_locked(keyring_key); if (!ukp) { /* key was revoked before we acquired its semaphore */ From patchwork Fri Mar 23 19:23:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890164 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="LS+WCCsO"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDZ501nz9rxs for ; Sat, 24 Mar 2018 06:31:26 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752587AbeCWTbZ (ORCPT ); Fri, 23 Mar 2018 15:31:25 -0400 Received: from mail-pl0-f65.google.com ([209.85.160.65]:45377 "EHLO mail-pl0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752536AbeCWTbW (ORCPT ); Fri, 23 Mar 2018 15:31:22 -0400 Received: by mail-pl0-f65.google.com with SMTP id n15-v6so8024480plp.12; Fri, 23 Mar 2018 12:31:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=2f8dOI8gDSdPu87w+kqglFTs+RIQh4v8wJH5zBeH0dg=; b=LS+WCCsOxs/Jh5MEtnhdhHE4eOOmsnj/oFmr79iJDMEmZPJDNDv8L6Qv4+dY5rAi9b W37WE248AIqTNpBUsSqmbdjJbp2wFQygcBpE7qg/5DRajR5XQYplpbdxiaVhQ/f+lMj/ 2+/P4Vcj5Hr5Ca5Zufc75VqobdvBNOVgXySD04BaddAm5NP/TgTQP3bE7hRZCe3TrfR3 GsWcoVKibYbVyj1++Flnd2Zoip870lenPG89NL+eFlxjAyC6sW2DJdq69caySSSQTuaS 47BDCkr3hrrJRZMPJEifHc9wB/p1JM+xW0pf+EsZNE9Pn/61qK6inK6U/Gp8VSxzdezu hLNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=2f8dOI8gDSdPu87w+kqglFTs+RIQh4v8wJH5zBeH0dg=; b=ppoAVDFsj77s5XpsjOo/PidGz7aVBirocWWDzTAD+d4aC3txXL9kgJEPVnv+pFliHW xhcPSdwvZsZF66ujysyp4/YOWQMIvUiP2r22l2oyom7uloEuY6RNWiq4Lz0AdGv0x2p+ VQVwqaozkQElvohkbvf2RDiiQKB9n6jwO6PGYzA6tWPDVlTeufvKlGamobHHVnzLjGdW yapfjL6DQT8UnU2pGC10oU+icEaXh7FHFwEXFggrPi6iWSXxr3elZ0nRhVmIgyFvmZUh XMEsU32ikFWujv/+LTSuR2O9Ah8IMHRZH4mJoe8Qi87GigDXq3i1tMbg2ZxxBV5sq4QB H2eA== X-Gm-Message-State: AElRT7H8GIcRqTufMaHZ3WqFvFQ6v6s0q/8ZvWGBEpeE6WqXigSwkfxh tsesuqwdF4nRjp9zvU3hCXfkBgVt X-Google-Smtp-Source: AG47ELuOiEAmczXrjZBmCBNQA6zx0I/Vh0wVVzU49uKUU8I75UlPBUR53NJSG3w1Q4ycJkZBwzORwg== X-Received: by 2002:a17:902:1006:: with SMTP id b6-v6mr1338636pla.252.1521833481611; Fri, 23 Mar 2018 12:31:21 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:20 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 11/14] fscrypt: remove internal key size constants Date: Fri, 23 Mar 2018 12:23:55 -0700 Message-Id: <20180323192358.95691-12-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers With one exception, the internal key size constants such as FS_AES_256_XTS_KEY_SIZE are only used for the 'available_modes' array, where they really only serve to obfuscate what the values are. Also some of the constants are unused, and the key sizes tend to be in the names of the algorithms anyway. In the past these values were also misused, e.g. we used to have FS_AES_256_XTS_KEY_SIZE in places that technically should have been FS_MAX_KEY_SIZE. The exception is that FS_AES_128_ECB_KEY_SIZE is used for key derivation. But it's more appropriate to use FS_KEY_DERIVATION_NONCE_SIZE for that instead. Thus, just put the sizes directly in the 'available_modes' array. Signed-off-by: Eric Biggers --- fs/crypto/fscrypt_private.h | 10 +--------- fs/crypto/keyinfo.c | 19 +++++++------------ 2 files changed, 8 insertions(+), 21 deletions(-) diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index bf0bbba783f8..a3697397e190 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -18,15 +18,7 @@ /* Encryption parameters */ #define FS_IV_SIZE 16 -#define FS_AES_128_ECB_KEY_SIZE 16 -#define FS_AES_128_CBC_KEY_SIZE 16 -#define FS_AES_128_CTS_KEY_SIZE 16 -#define FS_AES_256_GCM_KEY_SIZE 32 -#define FS_AES_256_CBC_KEY_SIZE 32 -#define FS_AES_256_CTS_KEY_SIZE 32 -#define FS_AES_256_XTS_KEY_SIZE 64 - -#define FS_KEY_DERIVATION_NONCE_SIZE 16 +#define FS_KEY_DERIVATION_NONCE_SIZE 16 /** * Encryption context for inode diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 4913a4d5204f..0a134f985681 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -27,7 +27,7 @@ static struct crypto_shash *essiv_hash_tfm; * * Return: Zero on success; non-zero otherwise. */ -static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE], +static int derive_key_aes(u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], const struct fscrypt_key *source_key, u8 derived_raw_key[FS_MAX_KEY_SIZE]) { @@ -52,7 +52,7 @@ static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE], CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); res = crypto_skcipher_setkey(tfm, deriving_key, - FS_AES_128_ECB_KEY_SIZE); + FS_KEY_DERIVATION_NONCE_SIZE); if (res < 0) goto out; @@ -100,7 +100,6 @@ static int validate_user_key(struct fscrypt_info *crypt_info, goto out; } master_key = (struct fscrypt_key *)ukp->data; - BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE); if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE || master_key->size % AES_BLOCK_SIZE != 0) { @@ -121,15 +120,11 @@ static const struct { const char *cipher_str; int keysize; } available_modes[] = { - [FS_ENCRYPTION_MODE_AES_256_XTS] = { "xts(aes)", - FS_AES_256_XTS_KEY_SIZE }, - [FS_ENCRYPTION_MODE_AES_256_CTS] = { "cts(cbc(aes))", - FS_AES_256_CTS_KEY_SIZE }, - [FS_ENCRYPTION_MODE_AES_128_CBC] = { "cbc(aes)", - FS_AES_128_CBC_KEY_SIZE }, - [FS_ENCRYPTION_MODE_AES_128_CTS] = { "cts(cbc(aes))", - FS_AES_128_CTS_KEY_SIZE }, - [FS_ENCRYPTION_MODE_SPECK128_256_XTS] = { "xts(speck128)", 64 }, + [FS_ENCRYPTION_MODE_AES_256_XTS] = { "xts(aes)", 64 }, + [FS_ENCRYPTION_MODE_AES_256_CTS] = { "cts(cbc(aes))", 32 }, + [FS_ENCRYPTION_MODE_AES_128_CBC] = { "cbc(aes)", 16 }, + [FS_ENCRYPTION_MODE_AES_128_CTS] = { "cts(cbc(aes))", 16 }, + [FS_ENCRYPTION_MODE_SPECK128_256_XTS] = { "xts(speck128)", 64 }, [FS_ENCRYPTION_MODE_SPECK128_256_CTS] = { "cts(cbc(speck128))", 32 }, }; From patchwork Fri Mar 23 19:23:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890168 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="LyQUfge1"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDj5MS1z9s0w for ; Sat, 24 Mar 2018 06:31:33 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752610AbeCWTbc (ORCPT ); Fri, 23 Mar 2018 15:31:32 -0400 Received: from mail-pf0-f196.google.com ([209.85.192.196]:35794 "EHLO mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752570AbeCWTbX (ORCPT ); Fri, 23 Mar 2018 15:31:23 -0400 Received: by mail-pf0-f196.google.com with SMTP id y186so5115375pfb.2; Fri, 23 Mar 2018 12:31:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=wOWv3m5QuA3rfYjCX2CN8Wj9EK9PRw9zNWAgP5QXvFc=; b=LyQUfge1a2ZfZyQQ6LIqM74pcHhJFliIhi3gRxMh1rmPxfY4RwOYfimJhyWS4ndK/G bAU0WLlmpTgKynPAf7l2tgwrhI/ZUidMF6aTAnUIil8qlzQElsawpspJ/YmTyCX/n413 s7rJ9qzaEbFjym8pnMIxc5okVGpb/CfNH38EVaTnBd36kpzWTncOpKVQMqN9nldGZI7/ WZQaZ47k7HwSC4xgB/8RSh47JKK3yKgo3jyiejsQ/7/osSCEGfhJnYoPSb4jzVGzK1Y0 xRq1eP1UMuEYRvi03anHQtkab01kj3LNQrzGr+f/LoAJXWFGgHjpiC4ZgPgl0s/jBcFo v4yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=wOWv3m5QuA3rfYjCX2CN8Wj9EK9PRw9zNWAgP5QXvFc=; b=kpwSZldZqDO020QjaX+pThmR8zjTkuE19La6uYsGuBWyQTUuMcK22VGpUQA6cFV3T3 KFZgi53YgQNXtQPMbmvAjhALkS7p1zDp+zfYXnB0xctpGeZITZ65S4NBx4y6RI7lRE0B 6jnpqvEhjmRfydx+8D30g/xr77/xgDaKNTCwifIuyoUsDtCDiryDvZZmW9kzJKKzv4Rj 9R0jZ7ny3vLsdXtL6SbOHd14Lujf1l8Ie065Hjp3GwO5xbrzhrkN7HSvPvPhKhGuJaEc xPDa7KZJe97P+N9vUc4OmKEN0/Bh3xYh10Zti+1WU4n6/VTVfLmUPN/Fu4DsnLivnbKw cerg== X-Gm-Message-State: AElRT7HjxyWsviGawlM4VczXCoBdPMvqTQfve1eFjO+vYDbxt8lrYMid OhQo5jHJlIucfL5gzThlJhqV3sWU X-Google-Smtp-Source: AG47ELuO4HzF3qaYZihXvCgZzk+Kktx9aAoTWmzb597RQyl1IQaFvBJYtnz/5yfoJeAUnfcp5CY7wA== X-Received: by 10.98.220.218 with SMTP id c87mr21124060pfl.198.1521833482465; Fri, 23 Mar 2018 12:31:22 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:21 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 12/14] fscrypt: use a common logging function Date: Fri, 23 Mar 2018 12:23:56 -0700 Message-Id: <20180323192358.95691-13-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers Use a common function for fscrypt warning and error messages so that all the messages are consistently ratelimited, include the "fscrypt:" prefix, and include the filesystem name if applicable. Also fix up a few of the log messages to be more descriptive. Signed-off-by: Eric Biggers --- fs/crypto/crypto.c | 28 +++++++++++++++++++++++++--- fs/crypto/fname.c | 10 ++++++---- fs/crypto/fscrypt_private.h | 8 ++++++++ fs/crypto/hooks.c | 5 +++-- fs/crypto/keyinfo.c | 27 +++++++++++++++------------ 5 files changed, 57 insertions(+), 21 deletions(-) diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c index d22887f689ad..a40d7d73b633 100644 --- a/fs/crypto/crypto.c +++ b/fs/crypto/crypto.c @@ -174,9 +174,10 @@ int fscrypt_do_page_crypto(const struct inode *inode, fscrypt_direction_t rw, res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); skcipher_request_free(req); if (res) { - printk_ratelimited(KERN_ERR - "%s: crypto_skcipher_encrypt() returned %d\n", - __func__, res); + fscrypt_err(inode->i_sb, + "%scryption failed for inode %lu, block %llu: %d", + (rw == FS_DECRYPT ? "de" : "en"), + inode->i_ino, lblk_num, res); return res; } return 0; @@ -416,6 +417,27 @@ int fscrypt_initialize(unsigned int cop_flags) return res; } +void fscrypt_msg(struct super_block *sb, const char *level, + const char *fmt, ...) +{ + static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, + DEFAULT_RATELIMIT_BURST); + struct va_format vaf; + va_list args; + + if (!__ratelimit(&rs)) + return; + + va_start(args, fmt); + vaf.fmt = fmt; + vaf.va = &args; + if (sb) + printk("%sfscrypt (%s): %pV\n", level, sb->s_id, &vaf); + else + printk("%sfscrypt: %pV\n", level, &vaf); + va_end(args); +} + /** * fscrypt_init() - Set up for fs encryption. */ diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 39091fc31e98..d7a0f682ca12 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -71,8 +71,9 @@ int fname_encrypt(struct inode *inode, const struct qstr *iname, res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); skcipher_request_free(req); if (res < 0) { - printk_ratelimited(KERN_ERR - "%s: Error (error code %d)\n", __func__, res); + fscrypt_err(inode->i_sb, + "Filename encryption failed for inode %lu: %d", + inode->i_ino, res); return res; } @@ -115,8 +116,9 @@ static int fname_decrypt(struct inode *inode, res = crypto_wait_req(crypto_skcipher_decrypt(req), &wait); skcipher_request_free(req); if (res < 0) { - printk_ratelimited(KERN_ERR - "%s: Error (error code %d)\n", __func__, res); + fscrypt_err(inode->i_sb, + "Filename decryption failed for inode %lu: %d", + inode->i_ino, res); return res; } diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index a3697397e190..37562394c5de 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -104,6 +104,14 @@ extern struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx, gfp_t gfp_flags); extern const struct dentry_operations fscrypt_d_ops; +extern void __printf(3, 4) __cold +fscrypt_msg(struct super_block *sb, const char *level, const char *fmt, ...); + +#define fscrypt_warn(sb, fmt, ...) \ + fscrypt_msg(sb, KERN_WARNING, fmt, ##__VA_ARGS__) +#define fscrypt_err(sb, fmt, ...) \ + fscrypt_msg(sb, KERN_ERR, fmt, ##__VA_ARGS__) + /* fname.c */ extern int fname_encrypt(struct inode *inode, const struct qstr *iname, u8 *out, unsigned int olen); diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c index bec06490fb13..926e5df20ec3 100644 --- a/fs/crypto/hooks.c +++ b/fs/crypto/hooks.c @@ -39,8 +39,9 @@ int fscrypt_file_open(struct inode *inode, struct file *filp) dir = dget_parent(file_dentry(filp)); if (IS_ENCRYPTED(d_inode(dir)) && !fscrypt_has_permitted_context(d_inode(dir), inode)) { - pr_warn_ratelimited("fscrypt: inconsistent encryption contexts: %lu/%lu", - d_inode(dir)->i_ino, inode->i_ino); + fscrypt_warn(inode->i_sb, + "inconsistent encryption contexts: %lu/%lu", + d_inode(dir)->i_ino, inode->i_ino); err = -EPERM; } dput(dir); diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 0a134f985681..477e2d1fa04e 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -103,9 +103,8 @@ static int validate_user_key(struct fscrypt_info *crypt_info, if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE || master_key->size % AES_BLOCK_SIZE != 0) { - printk_once(KERN_WARNING - "%s: key size incorrect: %d\n", - __func__, master_key->size); + fscrypt_warn(NULL, "key size incorrect: %u", + master_key->size); res = -ENOKEY; goto out; } @@ -134,9 +133,10 @@ static int determine_cipher_type(struct fscrypt_info *ci, struct inode *inode, u32 mode; if (!fscrypt_valid_enc_modes(ci->ci_data_mode, ci->ci_filename_mode)) { - pr_warn_ratelimited("fscrypt: inode %lu uses unsupported encryption modes (contents mode %d, filenames mode %d)\n", - inode->i_ino, - ci->ci_data_mode, ci->ci_filename_mode); + fscrypt_warn(inode->i_sb, + "inode %lu uses unsupported encryption modes (contents mode %d, filenames mode %d)", + inode->i_ino, ci->ci_data_mode, + ci->ci_filename_mode); return -EINVAL; } @@ -175,8 +175,9 @@ static int derive_essiv_salt(const u8 *key, int keysize, u8 *salt) tfm = crypto_alloc_shash("sha256", 0, 0); if (IS_ERR(tfm)) { - pr_warn_ratelimited("fscrypt: error allocating SHA-256 transform: %ld\n", - PTR_ERR(tfm)); + fscrypt_warn(NULL, + "error allocating SHA-256 transform: %ld", + PTR_ERR(tfm)); return PTR_ERR(tfm); } prev_tfm = cmpxchg(&essiv_hash_tfm, NULL, tfm); @@ -311,8 +312,9 @@ int fscrypt_get_encryption_info(struct inode *inode) ctfm = crypto_alloc_skcipher(cipher_str, 0, 0); if (IS_ERR(ctfm)) { res = PTR_ERR(ctfm); - pr_debug("%s: error %d (inode %lu) allocating crypto tfm\n", - __func__, res, inode->i_ino); + fscrypt_warn(inode->i_sb, + "error allocating '%s' transform for inode %lu: %d", + cipher_str, inode->i_ino, res); goto out; } crypt_info->ci_ctfm = ctfm; @@ -329,8 +331,9 @@ int fscrypt_get_encryption_info(struct inode *inode) crypt_info->ci_data_mode == FS_ENCRYPTION_MODE_AES_128_CBC) { res = init_essiv_generator(crypt_info, raw_key, keysize); if (res) { - pr_debug("%s: error %d (inode %lu) allocating essiv tfm\n", - __func__, res, inode->i_ino); + fscrypt_warn(inode->i_sb, + "error initializing ESSIV generator for inode %lu: %d", + inode->i_ino, res); goto out; } } From patchwork Fri Mar 23 19:23:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890166 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Lk3xG9ax"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDd1MWpz9s0w for ; Sat, 24 Mar 2018 06:31:29 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752326AbeCWTb1 (ORCPT ); Fri, 23 Mar 2018 15:31:27 -0400 Received: from mail-pf0-f196.google.com ([209.85.192.196]:36283 "EHLO mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752573AbeCWTbY (ORCPT ); Fri, 23 Mar 2018 15:31:24 -0400 Received: by mail-pf0-f196.google.com with SMTP id 68so5107311pfx.3; Fri, 23 Mar 2018 12:31:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=XPrBtGPuSdYFvYTeaUVRypIuMEFyfWvqaYYVpfbSn9M=; b=Lk3xG9axEiNgY4ly/DzjT+2RKNOgKM2TXIm7pihQJEoLBkX4ToJ625wNsQ54Azj4bx AiCjdRNHFQ+OJbVvdEMdoqQm1OSAmLo8yEEgbyqORRO8P6kX08IudWzgBoualcjaEmzc usuTObozut6Rr0d/N0mL9jasDtpm1Ca0YjYhcOtdxadmQDg6768MkGRMwDUSGoVp/XXj yhhUDX5t/UPBgpd8TN556SF7re7GSrScWzDd2G2VYi04feFxH3ZiPBeZxJCtkd5hSOU8 WjW4pTZOijb5/aWl16A0vBqD8YVuZJI+8SpLJsBjrIIe5z48rhlwKA3xvZ+8Cg8L5BR4 xmQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=XPrBtGPuSdYFvYTeaUVRypIuMEFyfWvqaYYVpfbSn9M=; b=lUmik1Q0+7AQQKWGW+0nSFnJhNT9sMGWJHFy5cg+r3vQUuzjDqDwy8K7ne892iFKFB fBEw5bQwAbxj1Vf9kNquLdXWpLpXjldYFIOCMzsXVkVziwT3NKmQQq/jHf/KyCl6PDMN G2n6T4glpGwQODzgKBDw6FARgpHCAOromXaKGlpnmo5BJiLpmLPPiyo4oea5QMoZ5lNg CCWHQ84QcLb5b8pyx6uqbzsT3BReZntd8iqUCOQeEil80FOkDW8Erz5hJY8UMxcm8AHU o5zjMPuJ9FOvYx4vDWVfxo9dE/pZq0Xdz3YE7KgPBxMyVK7kXA6Isz85S89vXjgEp6dL ofbg== X-Gm-Message-State: AElRT7E1xpdbwSlK4kcCawWkAkVIP+6A5+MXZmB1/ZKSZTtFQ1IvNfn6 9kQZ6G+0kFvBAFKLKsBttZ9dAZF3 X-Google-Smtp-Source: AG47ELtT64e1AyAjvTWDf2eCgN9bbCYXNnUX75XtfHT4jCqMB4S6CPA5RRH8WlugSh1cKtTYfEVOWw== X-Received: by 10.98.102.131 with SMTP id s3mr18347026pfj.89.1521833483380; Fri, 23 Mar 2018 12:31:23 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:22 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 13/14] fscrypt: separate key lookup from key derivation Date: Fri, 23 Mar 2018 12:23:57 -0700 Message-Id: <20180323192358.95691-14-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers Refactor the confusingly-named function 'validate_user_key()' into a new function 'find_and_derive_key()' which first finds the keyring key, then does the key derivation. Among other benefits this avoids the strange behavior we had previously where if key derivation failed for some reason, then we would fall back to the alternate key prefix. Now, we'll only fall back to the alternate key prefix if a valid key isn't found. This patch also improves the warning messages that are logged when the keyring key's payload is invalid. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 122 +++++++++++++++++++++++++++----------------- 1 file changed, 74 insertions(+), 48 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index 477e2d1fa04e..f00bf1437c3c 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -27,7 +27,7 @@ static struct crypto_shash *essiv_hash_tfm; * * Return: Zero on success; non-zero otherwise. */ -static int derive_key_aes(u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], +static int derive_key_aes(const u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], const struct fscrypt_key *source_key, u8 derived_raw_key[FS_MAX_KEY_SIZE]) { @@ -67,52 +67,88 @@ static int derive_key_aes(u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], return res; } -static int validate_user_key(struct fscrypt_info *crypt_info, - struct fscrypt_context *ctx, u8 *raw_key, - const char *prefix, int min_keysize) +/* + * Search the current task's subscribed keyrings for a "logon" key with + * description prefix:descriptor, and if found acquire a read lock on it and + * return a pointer to its validated payload in *payload_ret. + */ +static struct key * +find_and_lock_process_key(const char *prefix, + const u8 descriptor[FS_KEY_DESCRIPTOR_SIZE], + unsigned int min_keysize, + const struct fscrypt_key **payload_ret) { char *description; - struct key *keyring_key; - struct fscrypt_key *master_key; + struct key *key; const struct user_key_payload *ukp; - int res; + const struct fscrypt_key *payload; description = kasprintf(GFP_NOFS, "%s%*phN", prefix, - FS_KEY_DESCRIPTOR_SIZE, - ctx->master_key_descriptor); + FS_KEY_DESCRIPTOR_SIZE, descriptor); if (!description) - return -ENOMEM; + return ERR_PTR(-ENOMEM); - keyring_key = request_key(&key_type_logon, description, NULL); + key = request_key(&key_type_logon, description, NULL); kfree(description); - if (IS_ERR(keyring_key)) - return PTR_ERR(keyring_key); - down_read(&keyring_key->sem); - - ukp = user_key_payload_locked(keyring_key); - if (!ukp) { - /* key was revoked before we acquired its semaphore */ - res = -EKEYREVOKED; - goto out; + if (IS_ERR(key)) + return key; + + down_read(&key->sem); + ukp = user_key_payload_locked(key); + + if (!ukp) /* was the key revoked before we acquired its semaphore? */ + goto invalid; + + payload = (const struct fscrypt_key *)ukp->data; + + if (ukp->datalen != sizeof(struct fscrypt_key) || + payload->size < 1 || payload->size > FS_MAX_KEY_SIZE) { + fscrypt_warn(NULL, + "key with description '%s' has invalid payload", + key->description); + goto invalid; } - if (ukp->datalen != sizeof(struct fscrypt_key)) { - res = -EINVAL; - goto out; + + if (payload->size < min_keysize || + payload->size % AES_BLOCK_SIZE != 0) { + fscrypt_warn(NULL, + "key with description '%s' is too short or is misaligned (got %u bytes, need %u+ bytes)", + key->description, payload->size, min_keysize); + goto invalid; } - master_key = (struct fscrypt_key *)ukp->data; - if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE - || master_key->size % AES_BLOCK_SIZE != 0) { - fscrypt_warn(NULL, "key size incorrect: %u", - master_key->size); - res = -ENOKEY; - goto out; + *payload_ret = payload; + return key; + +invalid: + up_read(&key->sem); + key_put(key); + return ERR_PTR(-ENOKEY); +} + +/* Find the master key, then derive the inode's actual encryption key */ +static int find_and_derive_key(const struct inode *inode, + const struct fscrypt_context *ctx, + u8 *derived_key, unsigned int derived_keysize) +{ + struct key *key; + const struct fscrypt_key *payload; + int err; + + key = find_and_lock_process_key(FS_KEY_DESC_PREFIX, + ctx->master_key_descriptor, + derived_keysize, &payload); + if (key == ERR_PTR(-ENOKEY) && inode->i_sb->s_cop->key_prefix) { + key = find_and_lock_process_key(inode->i_sb->s_cop->key_prefix, + ctx->master_key_descriptor, + derived_keysize, &payload); } - res = derive_key_aes(ctx->nonce, master_key, raw_key); -out: - up_read(&keyring_key->sem); - key_put(keyring_key); - return res; + if (IS_ERR(key)) + return PTR_ERR(key); + err = derive_key_aes(ctx->nonce, payload, derived_key); + up_read(&key->sem); + key_put(key); + return err; } static const struct { @@ -295,20 +331,10 @@ int fscrypt_get_encryption_info(struct inode *inode) if (!raw_key) goto out; - res = validate_user_key(crypt_info, &ctx, raw_key, FS_KEY_DESC_PREFIX, - keysize); - if (res && inode->i_sb->s_cop->key_prefix) { - int res2 = validate_user_key(crypt_info, &ctx, raw_key, - inode->i_sb->s_cop->key_prefix, - keysize); - if (res2) { - if (res2 == -ENOKEY) - res = -ENOKEY; - goto out; - } - } else if (res) { + res = find_and_derive_key(inode, &ctx, raw_key, keysize); + if (res) goto out; - } + ctfm = crypto_alloc_skcipher(cipher_str, 0, 0); if (IS_ERR(ctfm)) { res = PTR_ERR(ctfm); From patchwork Fri Mar 23 19:23:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 890167 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Gv3C2sZO"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 407DDf3Wh4z9rxs for ; Sat, 24 Mar 2018 06:31:30 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752573AbeCWTb1 (ORCPT ); Fri, 23 Mar 2018 15:31:27 -0400 Received: from mail-pl0-f67.google.com ([209.85.160.67]:41377 "EHLO mail-pl0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752575AbeCWTbZ (ORCPT ); Fri, 23 Mar 2018 15:31:25 -0400 Received: by mail-pl0-f67.google.com with SMTP id b7-v6so8031054plr.8; Fri, 23 Mar 2018 12:31:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=WEchPWaRQLQniiPIj+sl10TxVPcDKRMiXIxFk/rWxTQ=; b=Gv3C2sZO6+/GqyW3ryoC+8QxZglFx/jTDh48TbsV12KOJcze2pDFe+wquFfeFOIxGk Ma2vLl+Ff3dihZO0vHlcJYwp6ezvmNeeQ1l9rKH9FCWxU8DL/BUe/pzUrUiTbjpVyY12 hY4iY4dtYm2HG52um5HtcsutRvRr2rF+kH3ebgm5oCyaA9bnovp7+7ybFqNCCnQFEPPg owPoQ2MPFCcqxOi3hBVQ95S7dzVThidfIQQm1ae9wLtJS/o8IoE4nJ2p1ckdiedd41fb bTQr7EP7ZM+4kfchtP6/DXADLWiMqfhcp2DX+hU5qdpm7FYmmd4d/+yhkRuXQwFzpHSi xP6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=WEchPWaRQLQniiPIj+sl10TxVPcDKRMiXIxFk/rWxTQ=; b=CDeqm/fG064W61ve/kHlUoA0g0ZE3G8AYN6dGqX18QuODdAAT+lcJwvmyqvp8g9m8o 9wh3wTCHtonwrb/6jzeZreCeeMNbilGLuLYgsROTdP5lB1SEf6ZM5G7wkdkoLeyhV0JY fNxWTmReMwbZHwhUFdlmAxmZJsrfBTwMhG5ZgQw5G9DbU+MWdxupEBgqXgcf2QbwCThY eErHp2rTzlYjba6/ixFBzLiyfSnp5W2d2IfE6IYpBwksOVW1rR80ddhXn/RRjiQL6JcW lbZQF95/b4SS0jxs5QTX3SJXlX0VEijsaKGsCT8++4gdm+5J9lYh70fb2wDj7JznG2fe ZjWg== X-Gm-Message-State: AElRT7F0uPSCLCQBiqYx1SGc7tYdQviON8m3f+20yIf/aMHXa/a+tH59 fX1YSSLd7A1zukotrXEI5MsOJYsw X-Google-Smtp-Source: AG47ELsfNe/jKPDh4MQ2KdrXy1eK/8GmjDJ1cXE5X9c5VaUKdlxTxUq1nUPGt3FDZcS7E9a6S1hxoA== X-Received: by 2002:a17:902:9a05:: with SMTP id v5-v6mr30559786plp.69.1521833484344; Fri, 23 Mar 2018 12:31:24 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([2620:15c:17:3:dc28:5c82:b905:e8a8]) by smtp.gmail.com with ESMTPSA id x1sm20924545pfk.144.2018.03.23.12.31.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Mar 2018 12:31:23 -0700 (PDT) From: Eric Biggers To: linux-fscrypt@vger.kernel.org, "Theodore Y . Ts'o" Cc: linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, Jaegeuk Kim , Eric Biggers Subject: [PATCH 14/14] fscrypt: only derive the needed portion of the key Date: Fri, 23 Mar 2018 12:23:58 -0700 Message-Id: <20180323192358.95691-15-ebiggers3@gmail.com> X-Mailer: git-send-email 2.17.0.rc0.231.g781580f067-goog In-Reply-To: <20180323192358.95691-1-ebiggers3@gmail.com> References: <20180323192358.95691-1-ebiggers3@gmail.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Eric Biggers Currently the key derivation function in fscrypt uses the master key length as the amount of output key material to derive. This works, but it means we can waste time deriving more key material than is actually used, e.g. most commonly, deriving 64 bytes for directories which only take a 32-byte AES-256-CTS-CBC key. It also forces us to validate that the master key length is a multiple of AES_BLOCK_SIZE, which wouldn't otherwise be necessary. Fix it to only derive the needed length key. Signed-off-by: Eric Biggers --- fs/crypto/keyinfo.c | 39 ++++++++++++++++----------------------- 1 file changed, 16 insertions(+), 23 deletions(-) diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c index f00bf1437c3c..81cd7ea86c07 100644 --- a/fs/crypto/keyinfo.c +++ b/fs/crypto/keyinfo.c @@ -19,17 +19,16 @@ static struct crypto_shash *essiv_hash_tfm; -/** - * derive_key_aes() - Derive a key using AES-128-ECB - * @deriving_key: Encryption key used for derivation. - * @source_key: Source key to which to apply derivation. - * @derived_raw_key: Derived raw key. +/* + * Key derivation function. This generates the derived key by encrypting the + * master key with AES-128-ECB using the inode's nonce as the AES key. * - * Return: Zero on success; non-zero otherwise. + * The master key must be at least as long as the derived key. If the master + * key is longer, then only the first 'derived_keysize' bytes are used. */ -static int derive_key_aes(const u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], - const struct fscrypt_key *source_key, - u8 derived_raw_key[FS_MAX_KEY_SIZE]) +static int derive_key_aes(const u8 *master_key, + const struct fscrypt_context *ctx, + u8 *derived_key, unsigned int derived_keysize) { int res = 0; struct skcipher_request *req = NULL; @@ -51,14 +50,13 @@ static int derive_key_aes(const u8 deriving_key[FS_KEY_DERIVATION_NONCE_SIZE], skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, crypto_req_done, &wait); - res = crypto_skcipher_setkey(tfm, deriving_key, - FS_KEY_DERIVATION_NONCE_SIZE); + res = crypto_skcipher_setkey(tfm, ctx->nonce, sizeof(ctx->nonce)); if (res < 0) goto out; - sg_init_one(&src_sg, source_key->raw, source_key->size); - sg_init_one(&dst_sg, derived_raw_key, source_key->size); - skcipher_request_set_crypt(req, &src_sg, &dst_sg, source_key->size, + sg_init_one(&src_sg, master_key, derived_keysize); + sg_init_one(&dst_sg, derived_key, derived_keysize); + skcipher_request_set_crypt(req, &src_sg, &dst_sg, derived_keysize, NULL); res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); out: @@ -109,10 +107,9 @@ find_and_lock_process_key(const char *prefix, goto invalid; } - if (payload->size < min_keysize || - payload->size % AES_BLOCK_SIZE != 0) { + if (payload->size < min_keysize) { fscrypt_warn(NULL, - "key with description '%s' is too short or is misaligned (got %u bytes, need %u+ bytes)", + "key with description '%s' is too short (got %u bytes, need %u+ bytes)", key->description, payload->size, min_keysize); goto invalid; } @@ -145,7 +142,7 @@ static int find_and_derive_key(const struct inode *inode, } if (IS_ERR(key)) return PTR_ERR(key); - err = derive_key_aes(ctx->nonce, payload, derived_key); + err = derive_key_aes(payload->raw, ctx, derived_key, derived_keysize); up_read(&key->sem); key_put(key); return err; @@ -327,7 +324,7 @@ int fscrypt_get_encryption_info(struct inode *inode) * crypto API as part of key derivation. */ res = -ENOMEM; - raw_key = kmalloc(FS_MAX_KEY_SIZE, GFP_NOFS); + raw_key = kmalloc(keysize, GFP_NOFS); if (!raw_key) goto out; @@ -345,10 +342,6 @@ int fscrypt_get_encryption_info(struct inode *inode) } crypt_info->ci_ctfm = ctfm; crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_REQ_WEAK_KEY); - /* - * if the provided key is longer than keysize, we use the first - * keysize bytes of the derived key only - */ res = crypto_skcipher_setkey(ctfm, raw_key, keysize); if (res) goto out;