summaryrefslogtreecommitdiffstats
path: root/fs/crypto/crypto.c
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2016-09-15 19:32:11 +0200
committerTheodore Ts'o <tytso@mit.edu>2016-09-15 19:32:11 +0200
commit8f39850dffa9cba0f6920ff907710bcddc7f2a26 (patch)
tree981f9f701c25c4bf160fae1101476a5f516f5a03 /fs/crypto/crypto.c
parentext4: fix memory leak when symlink decryption fails (diff)
downloadlinux-8f39850dffa9cba0f6920ff907710bcddc7f2a26.tar.xz
linux-8f39850dffa9cba0f6920ff907710bcddc7f2a26.zip
fscrypto: improved validation when loading inode encryption metadata
- Validate fscrypt_context.format and fscrypt_context.flags. If unrecognized values are set, then the kernel may not know how to interpret the encrypted file, so it should fail the operation. - Validate that AES_256_XTS is used for contents and that AES_256_CTS is used for filenames. It was previously possible for the kernel to accept these reversed, though it would have taken manual editing of the block device. This was not intended. - Fail cleanly rather than BUG()-ing if a file has an unexpected type. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/crypto/crypto.c')
0 files changed, 0 insertions, 0 deletions