linux/fs/ecryptfs
Eric Sandeen 87b811c3f9 ecryptfs: fix memory corruption when storing crypto info in xattrs
When ecryptfs allocates space to write crypto headers into, before copying
it out to file headers or to xattrs, it looks at the value of
crypt_stat->num_header_bytes_at_front to determine how much space it
needs.  This is also used as the file offset to the actual encrypted data,
so for xattr-stored crypto info, the value was zero.

So, we kzalloc'd 0 bytes, and then ran off to write to that memory.
(Which returned as ZERO_SIZE_PTR, so we explode quickly).

The right answer is to always allocate a page to write into; the current
code won't ever write more than that (this is enforced by the
(PAGE_CACHE_SIZE - offset) length in the call to
ecryptfs_generate_key_packet_set).  To be explicit about this, we now send
in a "max" parameter, rather than magically using PAGE_CACHE_SIZE there.

Also, since the pointer we pass down the callchain eventually gets the
virt_to_page() treatment, we should be using a alloc_page variant, not
kzalloc (see also 7fcba05437)

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Acked-by: Michael Halcrow <mhalcrow@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-30 11:38:46 -07:00
..
crypto.c ecryptfs: fix memory corruption when storing crypto info in xattrs 2008-10-30 11:38:46 -07:00
debug.c
dentry.c eCryptfs: Swap dput() and mntput() 2008-03-19 18:53:36 -07:00
ecryptfs_kernel.h eCryptfs: remove netlink transport 2008-10-16 11:21:39 -07:00
file.c eCryptfs: remove retry loop in ecryptfs_readdir() 2008-10-16 11:21:38 -07:00
inode.c [PATCH] kill nameidata passing to permission(), rename to inode_permission() 2008-07-26 20:53:31 -04:00
keystore.c eCryptfs: remove netlink transport 2008-10-16 11:21:39 -07:00
kthread.c eCryptfs: Privileged kthread for lower file opens 2008-07-24 10:47:30 -07:00
main.c [PATCH] assorted path_lookup() -> kern_path() conversions 2008-10-23 05:12:52 -04:00
Makefile eCryptfs: remove netlink transport 2008-10-16 11:21:39 -07:00
messaging.c eCryptfs: remove netlink transport 2008-10-16 11:21:39 -07:00
miscdev.c ecryptfs: discard ecryptfsd registration messages in miscdev 2008-07-24 10:47:31 -07:00
mmap.c ecryptfs: convert to use new aops 2008-10-16 11:21:39 -07:00
read_write.c eCryptfs: remove unnecessary page decrypt call 2008-06-06 11:29:09 -07:00
super.c ecryptfs: remove debug as mount option, and warn if set via modprobe 2008-02-06 10:41:12 -08:00