]> git.baikalelectronics.ru Git - kernel.git/commit
fscrypto: don't use on-stack buffer for filename encryption
authorEric Biggers <ebiggers@google.com>
Mon, 14 Nov 2016 01:35:52 +0000 (20:35 -0500)
committerTheodore Ts'o <tytso@mit.edu>
Mon, 14 Nov 2016 02:56:19 +0000 (21:56 -0500)
commitf770b42e78d8d7f0b991db979c715f2878568116
tree4bd57b0771375b15111f703784f01753633a7658
parent8f53b40384d0a70be0b4788bac887b5a640c68cf
fscrypto: don't use on-stack buffer for filename encryption

With the new (in 4.9) option to use a virtually-mapped stack
(CONFIG_VMAP_STACK), stack buffers cannot be used as input/output for
the scatterlist crypto API because they may not be directly mappable to
struct page.  For short filenames, fname_encrypt() was encrypting a
stack buffer holding the padded filename.  Fix it by encrypting the
filename in-place in the output buffer, thereby making the temporary
buffer unnecessary.

This bug could most easily be observed in a CONFIG_DEBUG_SG kernel
because this allowed the BUG in sg_set_buf() to be triggered.

Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
fs/crypto/fname.c