From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Subject: Re: [PATCH] fscrypt: verify that the crypto_skcipher has the correct ivsize
Date: Fri, 3 Jan 2020 08:58:14 -0800 [thread overview]
Message-ID: <20200103165813.GD19521@gmail.com> (raw)
In-Reply-To: <20191209203918.225691-1-ebiggers@kernel.org>
On Mon, Dec 09, 2019 at 12:39:18PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> As a sanity check, verify that the allocated crypto_skcipher actually
> has the ivsize that fscrypt is assuming it has. This will always be the
> case unless there's a bug. But if there ever is such a bug (e.g. like
> there was in earlier versions of the ESSIV conversion patch [1]) it's
> preferable for it to be immediately obvious, and not rely on the
> ciphertext verification tests failing due to uninitialized IV bytes.
>
> [1] https://lkml.kernel.org/linux-crypto/20190702215517.GA69157@gmail.com/
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
> fs/crypto/keysetup.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
> index c9f4fe955971f..39fdea79e912f 100644
> --- a/fs/crypto/keysetup.c
> +++ b/fs/crypto/keysetup.c
> @@ -91,6 +91,10 @@ struct crypto_skcipher *fscrypt_allocate_skcipher(struct fscrypt_mode *mode,
> pr_info("fscrypt: %s using implementation \"%s\"\n",
> mode->friendly_name, crypto_skcipher_driver_name(tfm));
> }
> + if (WARN_ON(crypto_skcipher_ivsize(tfm) != mode->ivsize)) {
> + err = -EINVAL;
> + goto err_free_tfm;
> + }
> crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
> err = crypto_skcipher_setkey(tfm, raw_key, mode->keysize);
> if (err)
> --
> 2.24.0.393.g34dc348eaf-goog
>
Applied to fscrypt.git#master for 5.6.
- Eric
prev parent reply other threads:[~2020-01-03 16:58 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-09 20:39 [PATCH] fscrypt: verify that the crypto_skcipher has the correct ivsize Eric Biggers
2020-01-03 16:58 ` Eric Biggers [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200103165813.GD19521@gmail.com \
--to=ebiggers@kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).