lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 30 Apr 2022 22:08:50 -0700 From: Eric Biggers <ebiggers@...nel.org> To: linux-fscrypt@...r.kernel.org, linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net Cc: Lukas Czerner <lczerner@...hat.com>, Theodore Ts'o <tytso@....edu>, Jaegeuk Kim <jaegeuk@...nel.org>, Jeff Layton <jlayton@...nel.org> Subject: [PATCH v2 0/7] test_dummy_encryption fixes and cleanups This series cleans up and fixes the way that ext4 and f2fs handle the test_dummy_encryption mount option: - Patches 1-2 make test_dummy_encryption consistently require that the 'encrypt' feature flag already be enabled and that CONFIG_FS_ENCRYPTION be enabled. Note, this will cause xfstest ext4/053 to start failing; my xfstests patch "ext4/053: update the test_dummy_encryption tests" will fix that. - Patches 3-7 replace the fscrypt_set_test_dummy_encryption() helper function with new functions that work properly with the new mount API, by splitting up the parsing, checking, and applying steps. These fix bugs that were introduced when ext4 started using the new mount API. We can either take all these patches through the fscrypt tree, or we can take them in multiple cycles as follows: 1. patch 1 via ext4, patch 2 via f2fs, patch 3-4 via fscrypt 2. patch 5 via ext4, patch 6 via f2fs 3. patch 7 via fscrypt Ted and Jaegeuk, let me know what you prefer. Changed v1 => v2: - Added patches 2-7 - Also reject test_dummy_encryption when !CONFIG_FS_ENCRYPTION Eric Biggers (7): ext4: only allow test_dummy_encryption when supported f2fs: reject test_dummy_encryption when !CONFIG_FS_ENCRYPTION fscrypt: factor out fscrypt_policy_to_key_spec() fscrypt: add new helper functions for test_dummy_encryption ext4: fix up test_dummy_encryption handling for new mount API f2fs: use the updated test_dummy_encryption helper functions fscrypt: remove fscrypt_set_test_dummy_encryption() fs/crypto/fscrypt_private.h | 6 +- fs/crypto/keyring.c | 64 +++++++++++--- fs/crypto/keysetup.c | 20 +---- fs/crypto/policy.c | 121 +++++++++++++------------ fs/ext4/ext4.h | 6 -- fs/ext4/super.c | 172 ++++++++++++++++++++---------------- fs/f2fs/super.c | 28 ++++-- include/linux/fscrypt.h | 41 ++++++++- 8 files changed, 280 insertions(+), 178 deletions(-) base-commit: 8013d1d3d2e33236dee13a133fba49ad55045e79 -- 2.36.0
Powered by blists - more mailing lists