Halaman utama Jelajahi Bantuan
Daftar Masuk
phyus
/
linux-vybrid_public
8
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Jelajahi Sumber

eCryptfs: Fix oops when printing debug info in extent crypto functions

If pages passed to the eCryptfs extent-based crypto functions are not
mapped and the module parameter ecryptfs_verbosity=1 was specified at
loading time, a NULL pointer dereference will occur.

Note that this wouldn't happen on a production system, as you wouldn't
pass ecryptfs_verbosity=1 on a production system. It leaks private
information to the system logs and is for debugging only.

The debugging info printed in these messages is no longer very useful
and rather than doing a kmap() in these debugging paths, it will be
better to simply remove the debugging paths completely.

https://launchpad.net/bugs/913651

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Daniel DeFreez
Cc: <stable@vger.kernel.org>
Tyler Hicks 13 tahun lalu
induk
f2cb933501
melakukan
58ded24f0f
1 mengubah file dengan 0 tambahan dan 40 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 0 40
      fs/ecryptfs/crypto.c

+ 0 - 40
fs/ecryptfs/crypto.c
Tampilan Berkas 

@@ -417,17 +417,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page,
 
 			(unsigned long long)(extent_base + extent_offset), rc);
 
 		goto out;
 
 	}
 
-	if (unlikely(ecryptfs_verbosity > 0)) {
 
-		ecryptfs_printk(KERN_DEBUG, "Encrypting extent "
 
-				"with iv:\n");
 
-		ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes);
 
-		ecryptfs_printk(KERN_DEBUG, "First 8 bytes before "
 
-				"encryption:\n");
 
-		ecryptfs_dump_hex((char *)
 
-				  (page_address(page)
 
-				   + (extent_offset * crypt_stat->extent_size)),
 
-				  8);
 
-	}
 
 	rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0,
 
 					  page, (extent_offset
 
 						 * crypt_stat->extent_size),
 
@@ -440,14 +429,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page,
 
 		goto out;
 
 	}
 
 	rc = 0;
 
-	if (unlikely(ecryptfs_verbosity > 0)) {
 
-		ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16llx]; "
 
-			"rc = [%d]\n",
 
-			(unsigned long long)(extent_base + extent_offset), rc);
 
-		ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "
 
-				"encryption:\n");
 
-		ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8);
 
-	}
 
 out:
 
 	return rc;
 
 }
 
@@ -543,17 +524,6 @@ static int ecryptfs_decrypt_extent(struct page *page,
 
 			(unsigned long long)(extent_base + extent_offset), rc);
 
 		goto out;
 
 	}
 
-	if (unlikely(ecryptfs_verbosity > 0)) {
 
-		ecryptfs_printk(KERN_DEBUG, "Decrypting extent "
 
-				"with iv:\n");
 
-		ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes);
 
-		ecryptfs_printk(KERN_DEBUG, "First 8 bytes before "
 
-				"decryption:\n");
 
-		ecryptfs_dump_hex((char *)
 
-				  (page_address(enc_extent_page)
 
-				   + (extent_offset * crypt_stat->extent_size)),
 
-				  8);
 
-	}
 
 	rc = ecryptfs_decrypt_page_offset(crypt_stat, page,
 
 					  (extent_offset
 
 					   * crypt_stat->extent_size),
 
@@ -567,16 +537,6 @@ static int ecryptfs_decrypt_extent(struct page *page,
 
 		goto out;
 
 	}
 
 	rc = 0;
 
-	if (unlikely(ecryptfs_verbosity > 0)) {
 
-		ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16llx]; "
 
-			"rc = [%d]\n",
 
-			(unsigned long long)(extent_base + extent_offset), rc);
 
-		ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "
 
-				"decryption:\n");
 
-		ecryptfs_dump_hex((char *)(page_address(page)
 
-					   + (extent_offset
 
-					      * crypt_stat->extent_size)), 8);
 
-	}
 
 out:
 
 	return rc;
 
 }