From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:48024 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750714AbdAWPez (ORCPT ); Mon, 23 Jan 2017 10:34:55 -0500 Subject: Patch "libceph: ceph_x_encrypt_buflen() takes in_len" has been added to the 4.9-stable tree To: idryomov@gmail.com, gregkh@linuxfoundation.org, sage@redhat.com Cc: , From: Date: Mon, 23 Jan 2017 16:35:04 +0100 Message-ID: <14851857049199@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled libceph: ceph_x_encrypt_buflen() takes in_len to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: libceph-ceph_x_encrypt_buflen-takes-in_len.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From 36721ece1e84a25130c4befb930509b3f96de020 Mon Sep 17 00:00:00 2001 From: Ilya Dryomov Date: Fri, 2 Dec 2016 16:35:06 +0100 Subject: libceph: ceph_x_encrypt_buflen() takes in_len From: Ilya Dryomov commit 36721ece1e84a25130c4befb930509b3f96de020 upstream. Pass what's going to be encrypted - that's msg_b, not ticket_blob. ceph_x_encrypt_buflen() returns the upper bound, so this doesn't change the maxlen calculation, but makes it a bit clearer. Signed-off-by: Ilya Dryomov Reviewed-by: Sage Weil Signed-off-by: Greg Kroah-Hartman --- net/ceph/auth_x.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- a/net/ceph/auth_x.c +++ b/net/ceph/auth_x.c @@ -308,8 +308,8 @@ static int ceph_x_build_authorizer(struc if (ret) goto out_au; - maxlen = sizeof(*msg_a) + sizeof(msg_b) + - ceph_x_encrypt_buflen(ticket_blob_len); + maxlen = sizeof(*msg_a) + ticket_blob_len + + ceph_x_encrypt_buflen(sizeof(msg_b)); dout(" need len %d\n", maxlen); if (au->buf && au->buf->alloc_len < maxlen) { ceph_buffer_put(au->buf); @@ -350,11 +350,12 @@ static int ceph_x_build_authorizer(struc p, end - p); if (ret < 0) goto out_au; + p += ret; + WARN_ON(p > end); au->buf->vec.iov_len = p - au->buf->vec.iov_base; dout(" built authorizer nonce %llx len %d\n", au->nonce, (int)au->buf->vec.iov_len); - BUG_ON(au->buf->vec.iov_len > maxlen); return 0; out_au: Patches currently in stable-queue which might be from idryomov@gmail.com are queue-4.9/libceph-switch-ceph_x_decrypt-to-ceph_crypt.patch queue-4.9/libceph-introduce-ceph_x_encrypt_offset.patch queue-4.9/libceph-rename-and-align-ceph_x_authorizer-reply_buf.patch queue-4.9/libceph-ceph_x_encrypt_buflen-takes-in_len.patch queue-4.9/libceph-introduce-ceph_crypt-for-in-place-en-decryption.patch queue-4.9/libceph-old_key-in-process_one_ticket-is-redundant.patch queue-4.9/libceph-tweak-calcu_signature-a-little.patch queue-4.9/libceph-remove-now-unused-ceph_-en-de-crypt-functions.patch queue-4.9/ceph-fix-bad-endianness-handling-in-parse_reply_info_extra.patch queue-4.9/libceph-switch-ceph_x_encrypt-to-ceph_crypt.patch