[PATCH 4.4 048/103] f2fs: check entire encrypted bigname when finding a dentry

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Eric Biggers <ebiggers@google.com>,
	Jaegeuk Kim <jaegeuk@kernel.org>, Theodore Tso <tytso@mit.edu>
Subject: [PATCH 4.4 048/103] f2fs: check entire encrypted bigname when finding a dentry
Date: Tue, 23 May 2017 22:09:14 +0200	[thread overview]
Message-ID: <20170523200900.891968056@linuxfoundation.org> (raw)
In-Reply-To: <20170523200856.903752266@linuxfoundation.org>

4.4-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Jaegeuk Kim <jaegeuk@kernel.org>

commit 6332cd32c8290a80e929fc044dc5bdba77396e33 upstream.

If user has no key under an encrypted dir, fscrypt gives digested dentries.
Previously, when looking up a dentry, f2fs only checks its hash value with
first 4 bytes of the digested dentry, which didn't handle hash collisions fully.
This patch enhances to check entire dentry bytes likewise ext4.

Eric reported how to reproduce this issue by:

 # seq -f "edir/abcdefghijklmnopqrstuvwxyz012345%.0f" 100000 | xargs touch
 # find edir -type f | xargs stat -c %i | sort | uniq | wc -l
100000
 # sync
 # echo 3 > /proc/sys/vm/drop_caches
 # keyctl new_session
 # find edir -type f | xargs stat -c %i | sort | uniq | wc -l
99999

Cc: <stable@vger.kernel.org>
Reported-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
(fixed f2fs_dentry_hash() to work even when the hash is 0)
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>


---
 fs/f2fs/dir.c    |   32 +++++++++++++++++++++-----------
 fs/f2fs/f2fs.h   |    3 ++-
 fs/f2fs/hash.c   |    7 ++++++-
 fs/f2fs/inline.c |    4 ++--
 4 files changed, 31 insertions(+), 15 deletions(-)

--- a/fs/f2fs/dir.c
+++ b/fs/f2fs/dir.c
@@ -124,19 +124,29 @@ struct f2fs_dir_entry *find_target_dentr
 
 		de = &d->dentry[bit_pos];
 
-		/* encrypted case */
+		if (de->hash_code != namehash)
+			goto not_match;
+
 		de_name.name = d->filename[bit_pos];
 		de_name.len = le16_to_cpu(de->name_len);
 
-		/* show encrypted name */
-		if (fname->hash) {
-			if (de->hash_code == fname->hash)
-				goto found;
-		} else if (de_name.len == name->len &&
-			de->hash_code == namehash &&
-			!memcmp(de_name.name, name->name, name->len))
+#ifdef CONFIG_F2FS_FS_ENCRYPTION
+		if (unlikely(!name->name)) {
+			if (fname->usr_fname->name[0] == '_') {
+				if (de_name.len >= 16 &&
+					!memcmp(de_name.name + de_name.len - 16,
+						fname->crypto_buf.name + 8, 16))
+					goto found;
+				goto not_match;
+			}
+			name->name = fname->crypto_buf.name;
+			name->len = fname->crypto_buf.len;
+		}
+#endif
+		if (de_name.len == name->len &&
+				!memcmp(de_name.name, name->name, name->len))
 			goto found;
-
+not_match:
 		if (max_slots && max_len > *max_slots)
 			*max_slots = max_len;
 		max_len = 0;
@@ -170,7 +180,7 @@ static struct f2fs_dir_entry *find_in_le
 	int max_slots;
 	f2fs_hash_t namehash;
 
-	namehash = f2fs_dentry_hash(&name);
+	namehash = f2fs_dentry_hash(&name, fname);
 
 	f2fs_bug_on(F2FS_I_SB(dir), level > MAX_DIR_HASH_DEPTH);
 
@@ -547,7 +557,7 @@ int __f2fs_add_link(struct inode *dir, c
 
 	level = 0;
 	slots = GET_DENTRY_SLOTS(new_name.len);
-	dentry_hash = f2fs_dentry_hash(&new_name);
+	dentry_hash = f2fs_dentry_hash(&new_name, NULL);
 
 	current_depth = F2FS_I(dir)->i_current_depth;
 	if (F2FS_I(dir)->chash == dentry_hash) {
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -1722,7 +1722,8 @@ void f2fs_msg(struct super_block *, cons
 /*
  * hash.c
  */
-f2fs_hash_t f2fs_dentry_hash(const struct qstr *);
+f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info,
+				struct f2fs_filename *fname);
 
 /*
  * node.c
--- a/fs/f2fs/hash.c
+++ b/fs/f2fs/hash.c
@@ -70,7 +70,8 @@ static void str2hashbuf(const unsigned c
 		*buf++ = pad;
 }
 
-f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info)
+f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info,
+				struct f2fs_filename *fname)
 {
 	__u32 hash;
 	f2fs_hash_t f2fs_hash;
@@ -79,6 +80,10 @@ f2fs_hash_t f2fs_dentry_hash(const struc
 	const unsigned char *name = name_info->name;
 	size_t len = name_info->len;
 
+	/* encrypted bigname case */
+	if (fname && !fname->disk_name.name)
+		return cpu_to_le32(fname->hash);
+
 	if (is_dot_dotdot(name_info))
 		return 0;
 
--- a/fs/f2fs/inline.c
+++ b/fs/f2fs/inline.c
@@ -303,7 +303,7 @@ struct f2fs_dir_entry *find_in_inline_di
 	if (IS_ERR(ipage))
 		return NULL;
 
-	namehash = f2fs_dentry_hash(&name);
+	namehash = f2fs_dentry_hash(&name, fname);
 
 	inline_dentry = inline_data_addr(ipage);
 
@@ -468,7 +468,7 @@ int f2fs_add_inline_entry(struct inode *
 
 	f2fs_wait_on_page_writeback(ipage, NODE);
 
-	name_hash = f2fs_dentry_hash(name);
+	name_hash = f2fs_dentry_hash(name, NULL);
 	make_dentry_ptr(NULL, &d, (void *)dentry_blk, 2);
 	f2fs_update_dentry(ino, mode, &d, name, name_hash, bit_pos);

next prev parent reply	other threads:[~2017-05-23 20:37 UTC|newest]

Thread overview: 118+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-23 20:08 [PATCH 4.4 000/103] 4.4.70-stable review Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 001/103] usb: misc: legousbtower: Fix buffers on stack Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 002/103] usb: misc: legousbtower: Fix memory leak Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 003/103] USB: ene_usb6250: fix DMA to the stack Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 004/103] watchdog: pcwd_usb: fix NULL-deref at probe Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 005/103] char: lp: fix possible integer overflow in lp_setup() Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 006/103] USB: core: replace %p with %pK Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 007/103] ARM: tegra: paz00: Mark panel regulator as enabled on boot Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 008/103] tpm_crb: check for bad response size Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 009/103] infiniband: call ipv6 route lookup via the stub interface Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 010/103] dm btree: fix for dm_btree_find_lowest_key() Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 011/103] dm raid: select the Kconfig option CONFIG_MD_RAID0 Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 012/103] dm bufio: avoid a possible ABBA deadlock Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 013/103] dm bufio: check new buffer allocation watermark every 30 seconds Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 014/103] dm cache metadata: fail operations if fail_io mode has been established Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 015/103] dm bufio: make the parameter "retain_bytes" unsigned long Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 016/103] dm thin metadata: call precommit before saving the roots Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 017/103] dm space map disk: fix some book keeping in the disk space map Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 018/103] md: update slab_cache before releasing new stripes when stripes resizing Greg Kroah-Hartman
2017-05-30 13:16   ` Ben Hutchings
2017-05-30 17:27     ` Shaohua Li
2017-05-23 20:08 ` [PATCH 4.4 019/103] rtlwifi: rtl8821ae: setup 8812ae RFE according to device type Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 020/103] mwifiex: pcie: fix cmd_buf use-after-free in remove/reset Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 024/103] regulator: tps65023: Fix inverted core enable logic Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 025/103] s390/kdump: Add final note Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 026/103] s390/cputime: fix incorrect system time Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 027/103] ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 028/103] ath9k_htc: fix NULL-deref at probe Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 029/103] drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark calculations Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 030/103] drm/amdgpu: Make display watermark calculations more accurate Greg Kroah-Hartman
2017-06-01 11:13   ` Ben Hutchings
2017-06-06 17:46     ` Mario Kleiner
2017-06-08 10:49       ` Ben Hutchings
2017-05-23 20:08 ` [PATCH 4.4 031/103] drm/nouveau/therm: remove ineffective workarounds for alarm bugs Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 032/103] drm/nouveau/tmr: ack interrupt before processing alarms Greg Kroah-Hartman
2017-05-23 20:08 ` [PATCH 4.4 033/103] drm/nouveau/tmr: fix corruption of the pending list when rescheduling an alarm Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 034/103] drm/nouveau/tmr: avoid processing completed alarms when adding a new one Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 035/103] drm/nouveau/tmr: handle races with hw when updating the next alarm time Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 036/103] cdc-acm: fix possible invalid access when processing notification Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 037/103] proc: Fix unbalanced hard link numbers Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 038/103] of: fix sparse warning in of_pci_range_parser_one Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 039/103] iio: dac: ad7303: fix channel description Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 040/103] pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes Greg Kroah-Hartman
2017-06-01 11:55   ` Ben Hutchings
2017-06-01 13:44     ` Eric W. Biederman
2017-05-23 20:09 ` [PATCH 4.4 041/103] pid_ns: Fix race between setnsed fork() and zap_pid_ns_processes() Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 042/103] USB: serial: ftdi_sio: fix setting latency for unprivileged users Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 043/103] USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 044/103] ext4 crypto: dont let data integrity writebacks fail with ENOMEM Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 045/103] ext4 crypto: fix some error handling Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 047/103] fscrypt: fix context consistency check when key(s) unavailable Greg Kroah-Hartman
2017-05-23 20:09 ` Greg Kroah-Hartman [this message]
2017-05-23 20:09 ` [PATCH 4.4 049/103] fscrypt: avoid collisions when presenting long encrypted filenames Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 050/103] sched/fair: Do not announce throttled next buddy in dequeue_task_fair() Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 051/103] sched/fair: Initialize throttle_count for new task-groups lazily Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 052/103] usb: host: xhci-plat: propagate return value of platform_get_irq() Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 053/103] xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 054/103] usb: host: xhci-mem: allocate zeroed Scratchpad Buffer Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 055/103] net: irda: irda-usb: fix firmware name on big-endian hosts Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 056/103] [media] usbvision: fix NULL-deref at probe Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 057/103] [media] mceusb: " Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 058/103] [media] ttusb2: limit messages to buffer size Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 059/103] usb: musb: tusb6010_omap: Do not reset the other directions packet size Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 060/103] USB: iowarrior: fix info ioctl on big-endian hosts Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 061/103] usb: serial: option: add Telit ME910 support Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 063/103] USB: serial: mct_u232: fix big-endian baud-rate handling Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 064/103] USB: serial: io_ti: fix div-by-zero in set_termios Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 065/103] USB: hub: fix SS hub-descriptor handling Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 066/103] USB: hub: fix non-SS " Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 067/103] tty: Prevent ldisc drivers from re-using stale tty fields Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 069/103] iio: proximity: as3935: fix as3935_write Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 071/103] [media] gspca: konica: add missing endpoint sanity check Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 072/103] [media] s5p-mfc: Fix unbalanced call to clock management Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 073/103] [media] dib0700: fix NULL-deref at probe Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 074/103] [media] zr364xx: enforce minimum size when reading header Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 075/103] [media] dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops Greg Kroah-Hartman
2017-06-02 11:34   ` Ben Hutchings
2017-05-23 20:09 ` [PATCH 4.4 076/103] [media] cx231xx-audio: fix init error path Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 077/103] [media] cx231xx-audio: fix NULL-deref at probe Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 078/103] [media] cx231xx-cards: " Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 079/103] powerpc/book3s/mce: Move add_taint() later in virtual mode Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 080/103] powerpc/pseries: Fix of_node_put() underflow during DLPAR remove Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 081/103] powerpc/64e: Fix hang when debugging programs with relocated kernel Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 082/103] ARM: dts: at91: sama5d3_xplained: fix ADC vref Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 083/103] ARM: dts: at91: sama5d3_xplained: not all ADC channels are available Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 084/103] arm64: xchg: hazard against entire exchange variable Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 085/103] arm64: uaccess: ensure extension of access_ok() addr Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 086/103] arm64: documentation: document tagged pointer stack constraints Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 087/103] xc2028: Fix use-after-free bug properly Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 088/103] mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 089/103] staging: rtl8192e: fix 2 byte alignment of register BSSIDR Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 090/103] staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of EPROM_CMD Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 091/103] iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 092/103] metag/uaccess: Fix access_ok() Greg Kroah-Hartman
2017-05-23 20:09 ` [PATCH 4.4 093/103] metag/uaccess: Check access_ok in strncpy_from_user Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 094/103] stackprotector: Increase the per-task stack canarys random range from 32 bits to 64 bits on 64-bit platforms Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 095/103] uwb: fix device quirk on big-endian hosts Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 096/103] genirq: Fix chained interrupt data ordering Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 097/103] osf_wait4(): fix infoleak Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 098/103] tracing/kprobes: Enforce kprobes teardown after testing Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 099/103] PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 101/103] drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2 Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 102/103] nfsd: encoders mustnt use unitialized values in error cases Greg Kroah-Hartman
2017-05-23 20:10 ` [PATCH 4.4 103/103] drivers: char: mem: Check for address space wraparound with mmap() Greg Kroah-Hartman
2017-05-24  4:01 ` [PATCH 4.4 000/103] 4.4.70-stable review Guenter Roeck
2017-05-24  6:50   ` Greg Kroah-Hartman
2017-05-24  6:55     ` Greg Kroah-Hartman
     [not found] ` <59252147.91471c0a.7a474.26e6@mx.google.com>
2017-05-24  7:03   ` Greg Kroah-Hartman
2017-05-24  9:26     ` Thomas Voegtle
2017-05-24 11:35       ` Greg Kroah-Hartman
2017-05-24 12:04         ` Thomas Voegtle
2017-05-24 12:53           ` Greg Kroah-Hartman
2017-05-24 12:47     ` Guenter Roeck
2017-05-24 12:58       ` Mark Brown
2017-05-24 13:18         ` Guenter Roeck
2017-05-24 15:08           ` Mark Brown
2017-05-24 13:33         ` Guenter Roeck
2017-05-24 20:22 ` Guenter Roeck

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170523200900.891968056@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=ebiggers@google.com \
    --cc=jaegeuk@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=stable@vger.kernel.org \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).