lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200707214704.GD3426938@gmail.com> Date: Tue, 7 Jul 2020 14:47:04 -0700 From: Eric Biggers <ebiggers@...nel.org> To: Florian Schmaus <flo@...kplace.eu>, Theodore Ts'o <tytso@....edu> Cc: linux-ext4@...r.kernel.org Subject: Re: [PATCH v2] e4crypt: if salt is explicitly provided to add_key, then use it On Tue, Jul 07, 2020 at 10:27:30AM +0200, Florian Schmaus wrote: > Providing -S and a path to 'add_key' previously exhibit an unintuitive exhibit => exhibited > behavior: instead of using the salt explicitly provided by the user, > e4crypt would use the salt obtained via EXT4_IOC_GET_ENCRYPTION_PWSALT > on the path. This was because set_policy() was still called with NULL > as salt. > > With this change we now remember the explicitly provided salt (if any) > and use it as argument for set_policy(). > > Eventually > > e4crypt add_key -S s:my-spicy-salt /foo > > will now actually use 'my-spicy-salt' and not something else as salt > for the policy set on /foo. > > Signed-off-by: Florian Schmaus <flo@...kplace.eu> > --- > > Notes: > - Clarify -S description in man page. > - Do not store a reference to salt_list entry, as it > could be reallocated causing a use-after-free. > - Only parse the salts of the path arguments if no > salt was explicitly specified. > > misc/e4crypt.8.in | 4 +++- > misc/e4crypt.c | 18 ++++++++++++++---- > 2 files changed, 17 insertions(+), 5 deletions(-) > > diff --git a/misc/e4crypt.8.in b/misc/e4crypt.8.in > index 75b968a0..fe9372cf 100644 > --- a/misc/e4crypt.8.in > +++ b/misc/e4crypt.8.in > @@ -48,7 +48,9 @@ values are 4, 8, 16, and 32. > If one or more directory paths are specified, e4crypt will try to > set the policy of those directories to use the key just added by the > .B add_key > -command. > +command. If a salt was explicitly specified, then it will be used > +to derive the encryption key of those directories. Otherwise a > +directory-specific default salt will be used. > .TP > .B e4crypt get_policy \fIpath\fR ... > Print the policy for the directories specified on the command line. > diff --git a/misc/e4crypt.c b/misc/e4crypt.c > index 2ae6254a..67d25d88 100644 > --- a/misc/e4crypt.c > +++ b/misc/e4crypt.c > @@ -26,6 +26,7 @@ > #include <getopt.h> > #include <dirent.h> > #include <errno.h> > +#include <stdbool.h> I'd like to use <stdbool.h> too, but I'm not sure if it's allowed in e2fsprogs; this would be the first use. Everywhere else seems to just use int, 0, and 1. Ted, is stdbool.h allowed in e2fsprogs? > + if (!explicit_salt) > + for (i = optind; i < argc; i++) > + parse_salt(argv[i], PARSE_FLAGS_FORCE_FN); There should be braces at the outer level (following Linux kernel coding style): if (!explicit_salt) { for (i = optind; i < argc; i++) parse_salt(argv[i], PARSE_FLAGS_FORCE_FN); } Otherwise this patch looks fine. Hopefully people aren't depending on this bug being present. - Eric
Powered by blists - more mailing lists