Message ID | 20200120223201.241390-5-ebiggers@kernel.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | fscrypt preparations for encryption+casefolding | expand |
On Mon, Jan 20, 2020 at 02:31:59PM -0800, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > If userspace provides an invalid fscrypt no-key filename which encodes a > hash value with any of the UBIFS node type bits set (i.e. the high 3 > bits), gracefully report ENOENT rather than triggering ubifs_assert(). > > Test case with kvm-xfstests shell: > > . fs/ubifs/config > . ~/xfstests/common/encrypt > dev=$(__blkdev_to_ubi_volume /dev/vdc) > ubiupdatevol $dev -t > mount $dev /mnt -t ubifs > mkdir /mnt/edir > xfs_io -c set_encpolicy /mnt/edir > rm /mnt/edir/_,,,,,DAAAAAAAAAAAAAAAAAAAAAAAAAA > > With the bug, the following assertion fails on the 'rm' command: > > [ 19.066048] UBIFS error (ubi0:0 pid 379): ubifs_assert_failed: UBIFS assert failed: !(hash & ~UBIFS_S_KEY_HASH_MASK), in fs/ubifs/key.h:170 > > Fixes: f4f61d2cc6d8 ("ubifs: Implement encrypted filenames") > Cc: <stable@vger.kernel.org> # v4.10+ > Signed-off-by: Eric Biggers <ebiggers@google.com> Richard, can you review the two UBIFS patches in this series, and if you're okay with them, provide Acked-by's so that we can take them through the fscrypt tree? They don't conflict with anything currently in the UBIFS tree. Thanks! - Eric
On Tue, Jan 21, 2020 at 04:30:15PM -0800, Eric Biggers wrote: > On Mon, Jan 20, 2020 at 02:31:59PM -0800, Eric Biggers wrote: > > From: Eric Biggers <ebiggers@google.com> > > > > If userspace provides an invalid fscrypt no-key filename which encodes a > > hash value with any of the UBIFS node type bits set (i.e. the high 3 > > bits), gracefully report ENOENT rather than triggering ubifs_assert(). > > > > Test case with kvm-xfstests shell: > > > > . fs/ubifs/config > > . ~/xfstests/common/encrypt > > dev=$(__blkdev_to_ubi_volume /dev/vdc) > > ubiupdatevol $dev -t > > mount $dev /mnt -t ubifs > > mkdir /mnt/edir > > xfs_io -c set_encpolicy /mnt/edir > > rm /mnt/edir/_,,,,,DAAAAAAAAAAAAAAAAAAAAAAAAAA > > > > With the bug, the following assertion fails on the 'rm' command: > > > > [ 19.066048] UBIFS error (ubi0:0 pid 379): ubifs_assert_failed: UBIFS assert failed: !(hash & ~UBIFS_S_KEY_HASH_MASK), in fs/ubifs/key.h:170 > > > > Fixes: f4f61d2cc6d8 ("ubifs: Implement encrypted filenames") > > Cc: <stable@vger.kernel.org> # v4.10+ > > Signed-off-by: Eric Biggers <ebiggers@google.com> > > Richard, can you review the two UBIFS patches in this series, and if you're okay > with them, provide Acked-by's so that we can take them through the fscrypt tree? > They don't conflict with anything currently in the UBIFS tree. > Richard, any objection to us taking these patches through the fscrypt tree? - Eric
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index 636c3222c2308..5f937226976a6 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -228,6 +228,8 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, if (nm.hash) { ubifs_assert(c, fname_len(&nm) == 0); ubifs_assert(c, fname_name(&nm) == NULL); + if (nm.hash & ~UBIFS_S_KEY_HASH_MASK) + goto done; /* ENOENT */ dent_key_init_hash(c, &key, dir->i_ino, nm.hash); err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); } else {