* WTF: patch "[PATCH] fscrypt: fix the test_dummy_encryption mount option" was seriously submitted to be applied to the 4.9-stable tree?
@ 2017-01-09 8:30 gregkh
2017-01-09 15:46 ` Theodore Ts'o
0 siblings, 1 reply; 2+ messages in thread
From: gregkh @ 2017-01-09 8:30 UTC (permalink / raw)
To: tytso; +Cc: stable
The patch below was submitted to be applied to the 4.9-stable tree.
I fail to see how this patch meets the stable kernel rules as found at
Documentation/stable_kernel_rules.txt.
I could be totally wrong, and if so, please respond to
<stable@vger.kernel.org> and let me know why this patch should be
applied. Otherwise, it is now dropped from my patch queues, never to be
seen again.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
>From fe4f6c801c03bc13113d0dc32f02d4ea8ed89ffd Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@mit.edu>
Date: Tue, 27 Dec 2016 19:46:27 -0500
Subject: [PATCH] fscrypt: fix the test_dummy_encryption mount option
Commit f1c131b45410a: "crypto: xts - Convert to skcipher" now fails
the setkey operation if the AES key is the same as the tweak key.
Previously this check was only done if FIPS mode is enabled. Now this
check is also done if weak key checking was requested. This is
reasonable, but since we were using the dummy key which was a constant
series of 0x42 bytes, it now caused dummy encrpyption test mode to
fail.
Fix this by using 0x42... and 0x24... for the two keys, so they are
different.
Fixes: f1c131b45410a202eb45cc55980a7a9e4e4b4f40
Cc: stable@vger.kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c
index 6eeea1dcba41..95cd4c3b06c3 100644
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -248,7 +248,8 @@ retry:
goto out;
if (fscrypt_dummy_context_enabled(inode)) {
- memset(raw_key, 0x42, FS_AES_256_XTS_KEY_SIZE);
+ memset(raw_key, 0x42, keysize/2);
+ memset(raw_key+keysize/2, 0x24, keysize - (keysize/2));
goto got_key;
}
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: WTF: patch "[PATCH] fscrypt: fix the test_dummy_encryption mount option" was seriously submitted to be applied to the 4.9-stable tree?
2017-01-09 8:30 WTF: patch "[PATCH] fscrypt: fix the test_dummy_encryption mount option" was seriously submitted to be applied to the 4.9-stable tree? gregkh
@ 2017-01-09 15:46 ` Theodore Ts'o
0 siblings, 0 replies; 2+ messages in thread
From: Theodore Ts'o @ 2017-01-09 15:46 UTC (permalink / raw)
To: gregkh; +Cc: stable
On Mon, Jan 09, 2017 at 09:30:43AM +0100, gregkh@linuxfoundation.org wrote:
> The patch below was submitted to be applied to the 4.9-stable tree.
>
> I fail to see how this patch meets the stable kernel rules as found at
> Documentation/stable_kernel_rules.txt.
>
> I could be totally wrong, and if so, please respond to
> <stable@vger.kernel.org> and let me know why this patch should be
> applied. Otherwise, it is now dropped from my patch queues, never to be
> seen again.
Yes, I screwed up, sorry. I added the Fixes line, and then later
said, "hmm, there's a fixes line, I should add a cc: stable" line.
Technically the bug *does* exist in 4.9 and older kernels, and was
only exposed post-4.9, but it's for a testing option that no one
should care about in production anyway. So there's no need for this
to be in the stable trees.
Cheers,
- Ted
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-01-09 15:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-09 8:30 WTF: patch "[PATCH] fscrypt: fix the test_dummy_encryption mount option" was seriously submitted to be applied to the 4.9-stable tree? gregkh
2017-01-09 15:46 ` Theodore Ts'o
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).