tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'ecryptfs-7.0-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs

Pull ecryptfs updates from Tyler Hicks:
"This consists of some really minor typo fixes that fell through the
cracks and some more recent code cleanups:

- Comment typo fixes

- Removal of an unused function declaration

- Use strscpy() instead of the deprecated strcpy()

- Use string copying helpers instead of memcpy() and manually
terminating strings"

* tag 'ecryptfs-7.0-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs:
ecryptfs: Replace memcpy + NUL termination in ecryptfs_copy_filename
ecryptfs: Drop redundant NUL terminations after calling ecryptfs_to_hex
ecryptfs: Replace memcpy + NUL termination in ecryptfs_new_file_context
ecryptfs: Replace strcpy with strscpy in ecryptfs_validate_options
ecryptfs: Replace strcpy with strscpy in ecryptfs_cipher_code_to_string
ecryptfs: Replace strcpy with strscpy in ecryptfs_set_default_crypt_stat_vals
ecryptfs: simplify list initialization in ecryptfs_parse_packet_set()
ecryptfs: Remove unused declartion ecryptfs_fill_zeros()
ecryptfs: Fix packet format comment in parse_tag_67_packet()
ecryptfs: comment typo fix
ecryptfs: keystore: Fix typo 'the the' in comment

Linus Torvalds 233a0c0f 219d7660

+29 -41
+13 -25
fs/ecryptfs/crypto.c
··· 20 20 #include <linux/file.h> 21 21 #include <linux/scatterlist.h> 22 22 #include <linux/slab.h> 23 + #include <linux/string.h> 23 24 #include <linux/unaligned.h> 24 25 #include <linux/kernel.h> 25 26 #include <linux/xattr.h> ··· 646 645 ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, 647 646 mount_crypt_stat); 648 647 ecryptfs_set_default_sizes(crypt_stat); 649 - strcpy(crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER); 648 + strscpy(crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER); 650 649 crypt_stat->key_size = ECRYPTFS_DEFAULT_KEY_BYTES; 651 650 crypt_stat->flags &= ~(ECRYPTFS_KEY_VALID); 652 651 crypt_stat->file_version = ECRYPTFS_FILE_VERSION; ··· 679 678 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 680 679 &ecryptfs_superblock_to_private( 681 680 ecryptfs_inode->i_sb)->mount_crypt_stat; 682 - int cipher_name_len; 683 681 int rc = 0; 684 682 685 683 ecryptfs_set_default_crypt_stat_vals(crypt_stat, mount_crypt_stat); ··· 692 692 "to the inode key sigs; rc = [%d]\n", rc); 693 693 goto out; 694 694 } 695 - cipher_name_len = 696 - strlen(mount_crypt_stat->global_default_cipher_name); 697 - memcpy(crypt_stat->cipher, 698 - mount_crypt_stat->global_default_cipher_name, 699 - cipher_name_len); 700 - crypt_stat->cipher[cipher_name_len] = '\0'; 695 + strscpy(crypt_stat->cipher, 696 + mount_crypt_stat->global_default_cipher_name); 701 697 crypt_stat->key_size = 702 698 mount_crypt_stat->global_default_cipher_key_size; 703 699 ecryptfs_generate_new_key(crypt_stat); ··· 857 861 /** 858 862 * ecryptfs_cipher_code_to_string 859 863 * @str: Destination to write out the cipher name 864 + * @size: Destination buffer size 860 865 * @cipher_code: The code to convert to cipher name string 861 866 * 862 867 * Returns zero on success 863 868 */ 864 - int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code) 869 + int ecryptfs_cipher_code_to_string(char *str, size_t size, u8 cipher_code) 865 870 { 866 871 int rc = 0; 867 872 int i; ··· 870 873 str[0] = '\0'; 871 874 for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) 872 875 if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code) 873 - strcpy(str, ecryptfs_cipher_code_str_map[i].cipher_str); 876 + strscpy(str, ecryptfs_cipher_code_str_map[i].cipher_str, 877 + size); 874 878 if (str[0] == '\0') { 875 879 ecryptfs_printk(KERN_WARNING, "Cipher code not recognized: " 876 880 "[%d]\n", cipher_code); ··· 1218 1220 1219 1221 /** 1220 1222 * ecryptfs_read_xattr_region 1221 - * @page_virt: The vitual address into which to read the xattr data 1223 + * @page_virt: The virtual address into which to read the xattr data 1222 1224 * @ecryptfs_inode: The eCryptfs inode 1223 1225 * 1224 1226 * Attempts to read the crypto metadata from the extended attribute ··· 1418 1420 static int ecryptfs_copy_filename(char **copied_name, size_t *copied_name_size, 1419 1421 const char *name, size_t name_size) 1420 1422 { 1421 - int rc = 0; 1422 - 1423 - (*copied_name) = kmalloc((name_size + 1), GFP_KERNEL); 1424 - if (!(*copied_name)) { 1425 - rc = -ENOMEM; 1426 - goto out; 1427 - } 1428 - memcpy((void *)(*copied_name), (void *)name, name_size); 1429 - (*copied_name)[(name_size)] = '\0'; /* Only for convenience 1430 - * in printing out the 1431 - * string in debug 1432 - * messages */ 1423 + (*copied_name) = kmemdup_nul(name, name_size, GFP_KERNEL); 1424 + if (!(*copied_name)) 1425 + return -ENOMEM; 1433 1426 (*copied_name_size) = name_size; 1434 - out: 1435 - return rc; 1427 + return 0; 1436 1428 } 1437 1429 1438 1430 /**
-1
fs/ecryptfs/debug.c
··· 28 28 ecryptfs_printk(KERN_DEBUG, " * passphrase type\n"); 29 29 ecryptfs_to_hex(salt, auth_tok->token.password.salt, 30 30 ECRYPTFS_SALT_SIZE); 31 - salt[ECRYPTFS_SALT_SIZE * 2] = '\0'; 32 31 ecryptfs_printk(KERN_DEBUG, " * salt = [%s]\n", salt); 33 32 if (auth_tok->token.password.flags & 34 33 ECRYPTFS_PERSISTENT_PASSWORD) {
+1 -2
fs/ecryptfs/ecryptfs_kernel.h
··· 543 543 size_t *decrypted_name_size, 544 544 struct super_block *sb, 545 545 const char *name, size_t name_size); 546 - int ecryptfs_fill_zeros(struct file *file, loff_t new_length); 547 546 int ecryptfs_encrypt_and_encode_filename( 548 547 char **encoded_name, 549 548 size_t *encoded_name_size, ··· 572 573 int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry, 573 574 struct inode *inode); 574 575 u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes); 575 - int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code); 576 + int ecryptfs_cipher_code_to_string(char *str, size_t size, u8 cipher_code); 576 577 void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat); 577 578 int ecryptfs_generate_key_packet_set(char *dest_base, 578 579 struct ecryptfs_crypt_stat *crypt_stat,
+10 -9
fs/ecryptfs/keystore.c
··· 354 354 int rc; 355 355 356 356 /* 357 - * ***** TAG 65 Packet Format ***** 357 + * ***** TAG 67 Packet Format ***** 358 358 * | Content Type | 1 byte | 359 359 * | Status Indicator | 1 byte | 360 360 * | Encrypted File Encryption Key Size | 1 or 2 bytes | ··· 837 837 * @filename: This function kmalloc's the memory for the filename 838 838 * @filename_size: This function sets this to the amount of memory 839 839 * kmalloc'd for the filename 840 - * @packet_size: This function sets this to the the number of octets 840 + * @packet_size: This function sets this to the number of octets 841 841 * in the packet parsed 842 842 * @mount_crypt_stat: The mount-wide cryptographic context 843 843 * @data: The memory location containing the start of the tag 70 ··· 908 908 (*packet_size) += s->packet_size_len; 909 909 ecryptfs_to_hex(s->fnek_sig_hex, &data[(*packet_size)], 910 910 ECRYPTFS_SIG_SIZE); 911 - s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0'; 912 911 (*packet_size) += ECRYPTFS_SIG_SIZE; 913 912 s->cipher_code = data[(*packet_size)++]; 914 - rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code); 913 + rc = ecryptfs_cipher_code_to_string(s->cipher_string, 914 + sizeof(s->cipher_string), 915 + s->cipher_code); 915 916 if (rc) { 916 917 printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n", 917 918 __func__, s->cipher_code); ··· 1130 1129 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, 1131 1130 auth_tok->session_key.decrypted_key_size); 1132 1131 crypt_stat->key_size = auth_tok->session_key.decrypted_key_size; 1133 - rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code); 1132 + rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, 1133 + sizeof(crypt_stat->cipher), 1134 + cipher_code); 1134 1135 if (rc) { 1135 1136 ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n", 1136 1137 cipher_code); ··· 1398 1395 goto out_free; 1399 1396 } 1400 1397 rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, 1398 + sizeof(crypt_stat->cipher), 1401 1399 (u16)data[(*packet_size)]); 1402 1400 if (rc) 1403 1401 goto out_free; ··· 1720 1716 size_t i = 0; 1721 1717 size_t found_auth_tok; 1722 1718 size_t next_packet_is_auth_tok_packet; 1723 - struct list_head auth_tok_list; 1719 + LIST_HEAD(auth_tok_list); 1724 1720 struct ecryptfs_auth_tok *matching_auth_tok; 1725 1721 struct ecryptfs_auth_tok *candidate_auth_tok; 1726 1722 char *candidate_auth_tok_sig; ··· 1733 1729 struct key *auth_tok_key = NULL; 1734 1730 int rc = 0; 1735 1731 1736 - INIT_LIST_HEAD(&auth_tok_list); 1737 1732 /* Parse the header to find as many packets as we can; these will be 1738 1733 * added the our &auth_tok_list */ 1739 1734 next_packet_is_auth_tok_packet = 1; ··· 1780 1777 } 1781 1778 ecryptfs_to_hex(new_auth_tok->token.password.signature, 1782 1779 sig_tmp_space, tag_11_contents_size); 1783 - new_auth_tok->token.password.signature[ 1784 - ECRYPTFS_PASSWORD_SIG_SIZE] = '\0'; 1785 1780 crypt_stat->flags |= ECRYPTFS_ENCRYPTED; 1786 1781 break; 1787 1782 case ECRYPTFS_TAG_1_PACKET_TYPE:
+5 -4
fs/ecryptfs/main.c
··· 23 23 #include <linux/fs_stack.h> 24 24 #include <linux/sysfs.h> 25 25 #include <linux/slab.h> 26 + #include <linux/string.h> 26 27 #include <linux/magic.h> 27 28 #include "ecryptfs_kernel.h" 28 29 ··· 355 354 int cipher_name_len = strlen(ECRYPTFS_DEFAULT_CIPHER); 356 355 357 356 BUG_ON(cipher_name_len > ECRYPTFS_MAX_CIPHER_NAME_SIZE); 358 - strcpy(mount_crypt_stat->global_default_cipher_name, 359 - ECRYPTFS_DEFAULT_CIPHER); 357 + strscpy(mount_crypt_stat->global_default_cipher_name, 358 + ECRYPTFS_DEFAULT_CIPHER); 360 359 } 361 360 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) 362 361 && !ctx->fn_cipher_name_set) 363 - strcpy(mount_crypt_stat->global_default_fn_cipher_name, 364 - mount_crypt_stat->global_default_cipher_name); 362 + strscpy(mount_crypt_stat->global_default_fn_cipher_name, 363 + mount_crypt_stat->global_default_cipher_name); 365 364 if (!ctx->cipher_key_bytes_set) 366 365 mount_crypt_stat->global_default_cipher_key_size = 0; 367 366 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)