lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110729170932.GC29604@boyd.l.tihix.com>
Date:	Fri, 29 Jul 2011 12:09:32 -0500
From:	Tyler Hicks <tyhicks@...ux.vnet.ibm.com>
To:	Roberto Sassu <roberto.sassu@...ito.it>
Cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	kirkland@...onical.com, ecryptfs-devel@...ts.launchpad.net,
	hilld@...arystorm.net
Subject: Re: [PATCH] eCryptfs: fix compile error

On Fri Jul 29, 2011 at 06:51:04PM +0200, Roberto Sassu <roberto.sassu@...ito.it> wrote:
> This patch fixes the compile error reported at the address:
> 
> https://bugzilla.kernel.org/show_bug.cgi?id=40292
> 
> The problem arises when compiling eCryptfs as built-in and the 'encrypted'
> key type as a module. The patch enables the 'encrypted' key type support
> for eCryptfs only when both components are compiled as built-in, both as
> modules or eCryptfs as a module and the 'encrypted' key type as built-in.
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@...ito.it>
> Reported-by: David Hill <hilld@...arystorm.net>
> ---
>  fs/ecryptfs/ecryptfs_kernel.h |    4 +++-
>  1 files changed, 3 insertions(+), 1 deletions(-)
> 
> diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
> index b36c557..a2da660 100644
> --- a/fs/ecryptfs/ecryptfs_kernel.h
> +++ b/fs/ecryptfs/ecryptfs_kernel.h
> @@ -79,7 +79,9 @@ struct ecryptfs_page_crypt_context {
>  	} param;
>  };
> 
> -#if defined(CONFIG_ENCRYPTED_KEYS) || defined(CONFIG_ENCRYPTED_KEYS_MODULE)
> +#if (defined(CONFIG_ECRYPT_FS) && defined(CONFIG_ENCRYPTED_KEYS)) || \
> +	(defined(CONFIG_ECRYPT_FS_MODULE) && \
> +	(defined(CONFIG_ENCRYPTED_KEYS) || defined(CONFIG_ENCRYPTED_KEYS_MODULE)))

Thanks for the patch, Roberto.

Shouldn't this be handled in the Kconfig? It seems like it would be
better to force the encrypted key type to be built-in if eCryptfs is
configured to be built-in.

With this patch, a user could have CONFIG_ENCRYPTED_KEYS=m and
CONFIG_ECRYPT_FS=y, but still hit potentially confusing error conditions
when trying to use encrypted key support with eCryptfs.

Tyler

>  static inline struct ecryptfs_auth_tok *
>  ecryptfs_get_encrypted_key_payload_data(struct key *key)
>  {
> -- 
> 1.7.6
> 


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ