diff options
| author | Eric Biggers <ebiggers@google.com> | 2016-11-13 20:35:52 -0500 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2016-11-13 21:56:19 -0500 |
| commit | 08ae877f4e9123ee2a70e8e16cc8c3131ba07dba (patch) | |
| tree | 4bd57b0771375b15111f703784f01753633a7658 /net/ipv4/ipmr.c | |
| parent | 9c4bb8a3a9b4de21753053d667310c2b7cb39916 (diff) | |
| download | linux-08ae877f4e9123ee2a70e8e16cc8c3131ba07dba.tar.bz2 | |
fscrypto: don't use on-stack buffer for filename encryption
With the new (in 4.9) option to use a virtually-mapped stack
(CONFIG_VMAP_STACK), stack buffers cannot be used as input/output for
the scatterlist crypto API because they may not be directly mappable to
struct page. For short filenames, fname_encrypt() was encrypting a
stack buffer holding the padded filename. Fix it by encrypting the
filename in-place in the output buffer, thereby making the temporary
buffer unnecessary.
This bug could most easily be observed in a CONFIG_DEBUG_SG kernel
because this allowed the BUG in sg_set_buf() to be triggered.
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'net/ipv4/ipmr.c')
0 files changed, 0 insertions, 0 deletions