lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240531033044.1335098-1-lizhi.xu@windriver.com>
Date: Fri, 31 May 2024 11:30:44 +0800
From: Lizhi Xu <lizhi.xu@...driver.com>
To: <ebiggers@...nel.org>
CC: <coreteam@...filter.org>, <davem@...emloft.net>, <fw@...len.de>,
        <jaegeuk@...nel.org>, <kadlec@...filter.org>, <kuba@...nel.org>,
        <linux-fscrypt@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <lizhi.xu@...driver.com>, <netdev@...r.kernel.org>,
        <netfilter-devel@...r.kernel.org>, <pablo@...filter.org>,
        <syzbot+340581ba9dceb7e06fb3@...kaller.appspotmail.com>,
        <syzkaller-bugs@...glegroups.com>, <tytso@....edu>,
        <adilger.kernel@...ger.ca>, <linux-ext4@...r.kernel.org>
Subject: Re: [PATCH V2] ext4: add casefolded feature check before setup encrypted info

On Thu, 30 May 2024 20:11:33 -0700, Eric Biggers wrote:
> > Due to the current file system not supporting the casefolded feature, only 
> > i_crypt_info was initialized when creating encrypted information, without actually
> > setting the sighash. Therefore, when creating an inode, if the system does not 
> > support the casefolded feature, encrypted information will not be created.
> > 
> > Reported-by: syzbot+340581ba9dceb7e06fb3@...kaller.appspotmail.com
> > Signed-off-by: Lizhi Xu <lizhi.xu@...driver.com>
> > ---
> >  fs/ext4/ialloc.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
> > index e9bbb1da2d0a..47b75589fdf4 100644
> > --- a/fs/ext4/ialloc.c
> > +++ b/fs/ext4/ialloc.c
> > @@ -983,7 +983,8 @@ struct inode *__ext4_new_inode(struct mnt_idmap *idmap,
> >  		ei->i_projid = make_kprojid(&init_user_ns, EXT4_DEF_PROJID);
> >  
> >  	if (!(i_flags & EXT4_EA_INODE_FL)) {
> > -		err = fscrypt_prepare_new_inode(dir, inode, &encrypt);
> > +		if (ext4_has_feature_casefold(inode->i_sb))
> > +			err = fscrypt_prepare_new_inode(dir, inode, &encrypt);
> >  		if (err)
> >  			goto out;
> 
> No, this is not correct at all.  This just disables encryption on filesystems
> with the casefold feature.
If filesystems not support casefold feature, Why do I need to setup encrypted
information when creating a directory? Can encrypted information not include *hash?
> 
> As I said before, please also use the correct mailing lists.
Added.

Lizhi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ