write in 30M

hc

2024-02-20 ea08eeccae9297f7aabd2ef7f0c2517ac4549acc

 kernel/fs/ecryptfs/keystore.c
..
..
@@ -1,3 +1,4 @@
1
+// SPDX-License-Identifier: GPL-2.0-or-later
1
2
 /**
2
3
  * eCryptfs: Linux filesystem encryption layer
3
4
  * In-kernel key management code.  Includes functions to parse and
..
..
@@ -8,21 +9,6 @@
8
9
  *   Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
9
10
  *              Michael C. Thompson <mcthomps@us.ibm.com>
10
11
  *              Trevor S. Highland <trevor.highland@gmail.com>
11
- *
12
- * This program is free software; you can redistribute it and/or
13
- * modify it under the terms of the GNU General Public License as
14
- * published by the Free Software Foundation; either version 2 of the
15
- * License, or (at your option) any later version.
16
- *
17
- * This program is distributed in the hope that it will be useful, but
18
- * WITHOUT ANY WARRANTY; without even the implied warranty of
19
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
20
- * General Public License for more details.
21
- *
22
- * You should have received a copy of the GNU General Public License
23
- * along with this program; if not, write to the Free Software
24
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
25
- * 02111-1307, USA.
26
12
  */
27
13
 
28
14
 #include <crypto/hash.h>
..
..
@@ -769,7 +755,6 @@
769
755
 	}
770
756
 
771
757
 	s->hash_desc->tfm = s->hash_tfm;
772
-	s->hash_desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
773
758
 
774
759
 	rc = crypto_shash_digest(s->hash_desc,
775
760
 				 (u8 *)s->auth_tok->token.password.session_key_encryption_key,
..
..
@@ -853,7 +838,7 @@
853
838
 out_release_free_unlock:
854
839
 	crypto_free_shash(s->hash_tfm);
855
840
 out_free_unlock:
856
-	kzfree(s->block_aligned_filename);
841
+	kfree_sensitive(s->block_aligned_filename);
857
842
 out_unlock:
858
843
 	mutex_unlock(s->tfm_mutex);
859
844
 out:
..
..
@@ -862,7 +847,7 @@
862
847
 		key_put(auth_tok_key);
863
848
 	}
864
849
 	skcipher_request_free(s->skcipher_req);
865
-	kzfree(s->hash_desc);
850
+	kfree_sensitive(s->hash_desc);
866
851
 	kfree(s);
867
852
 	return rc;
868
853
 }
..
..
@@ -1063,8 +1048,9 @@
1063
1048
 		       "rc = [%d]\n", __func__, rc);
1064
1049
 		goto out_free_unlock;
1065
1050
 	}
1066
-	while (s->decrypted_filename[s->i] != '\0'
1067
-	       && s->i < s->block_aligned_filename_size)
1051
+
1052
+	while (s->i < s->block_aligned_filename_size &&
1053
+	       s->decrypted_filename[s->i] != '\0')
1068
1054
 		s->i++;
1069
1055
 	if (s->i == s->block_aligned_filename_size) {
1070
1056
 		printk(KERN_WARNING "%s: Invalid tag 70 packet; could not "
..
..
@@ -1626,9 +1612,9 @@
1626
1612
 	int rc = 0;
1627
1613
 
1628
1614
 	(*auth_tok_key) = request_key(&key_type_user, sig, NULL);
1629
-	if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) {
1615
+	if (IS_ERR(*auth_tok_key)) {
1630
1616
 		(*auth_tok_key) = ecryptfs_get_encrypted_key(sig);
1631
-		if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) {
1617
+		if (IS_ERR(*auth_tok_key)) {
1632
1618
 			printk(KERN_ERR "Could not find key with description: [%s]\n",
1633
1619
 			      sig);
1634
1620
 			rc = process_request_key_err(PTR_ERR(*auth_tok_key));
..
..
@@ -2218,9 +2204,9 @@
2218
2204
 	if (mount_crypt_stat->global_default_cipher_key_size == 0) {
2219
2205
 		printk(KERN_WARNING "No key size specified at mount; "
2220
2206
 		       "defaulting to [%d]\n",
2221
-		       crypto_skcipher_default_keysize(tfm));
2207
+		       crypto_skcipher_max_keysize(tfm));
2222
2208
 		mount_crypt_stat->global_default_cipher_key_size =
2223
-			crypto_skcipher_default_keysize(tfm);
2209
+			crypto_skcipher_max_keysize(tfm);
2224
2210
 	}
2225
2211
 	if (crypt_stat->key_size == 0)
2226
2212
 		crypt_stat->key_size =