#include "ubifs.h" static int ubifs_crypt_get_context(struct inode *inode, void *ctx, size_t len) { return ubifs_xattr_get(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len); } static int ubifs_crypt_set_context(struct inode *inode, const void *ctx, size_t len, void *fs_data) { return ubifs_xattr_set(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len, 0); } static bool ubifs_crypt_empty_dir(struct inode *inode) { return ubifs_check_dir_empty(inode) == 0; } static unsigned int ubifs_crypt_max_namelen(struct inode *inode) { if (S_ISLNK(inode->i_mode)) return UBIFS_MAX_INO_DATA; else return UBIFS_MAX_NLEN; } static int ubifs_key_prefix(struct inode *inode, u8 **key) { static char prefix[] = "ubifs:"; *key = prefix; return sizeof(prefix) - 1; } int ubifs_encrypt(const struct inode *inode, struct ubifs_data_node *dn, unsigned int in_len, unsigned int *out_len, int block) { struct ubifs_info *c = inode->i_sb->s_fs_info; void *p = &dn->data; struct page *ret; unsigned int pad_len = round_up(in_len, UBIFS_CIPHER_BLOCK_SIZE); ubifs_assert(pad_len <= *out_len); dn->compr_size = cpu_to_le16(in_len); /* pad to full block cipher length */ if (pad_len != in_len) memset(p + in_len, 0, pad_len - in_len); ret = fscrypt_encrypt_page(inode, virt_to_page(&dn->data), pad_len, offset_in_page(&dn->data), block, GFP_NOFS); if (IS_ERR(ret)) { ubifs_err(c, "fscrypt_encrypt_page failed: %ld", PTR_ERR(ret)); return PTR_ERR(ret); } *out_len = pad_len; return 0; } int ubifs_decrypt(const struct inode *inode, struct ubifs_data_node *dn, unsigned int *out_len, int block) { struct ubifs_info *c = inode->i_sb->s_fs_info; int err; unsigned int clen = le16_to_cpu(dn->compr_size); unsigned int dlen = *out_len; if (clen <= 0 || clen > UBIFS_BLOCK_SIZE || clen > dlen) { ubifs_err(c, "bad compr_size: %i", clen); return -EINVAL; } ubifs_assert(dlen <= UBIFS_BLOCK_SIZE); err = fscrypt_decrypt_page(inode, virt_to_page(&dn->data), dlen, offset_in_page(&dn->data), block); if (err) { ubifs_err(c, "fscrypt_decrypt_page failed: %i", err); return err; } *out_len = clen; return 0; } struct fscrypt_operations ubifs_crypt_operations = { .flags = FS_CFLG_OWN_PAGES, .get_context = ubifs_crypt_get_context, .set_context = ubifs_crypt_set_context, .is_encrypted = __ubifs_crypt_is_encrypted, .empty_dir = ubifs_crypt_empty_dir, .max_namelen = ubifs_crypt_max_namelen, .key_prefix = ubifs_key_prefix, }; ca3efb04eab2f791'/>
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
authorJ. Bruce Fields <bfields@redhat.com>2017-01-31 11:37:50 -0500
committerJ. Bruce Fields <bfields@redhat.com>2017-01-31 12:29:24 -0500
commit034dd34ff4916ec1f8f74e39ca3efb04eab2f791 (patch)
tree366c2655cd0aba018d268e36413d633e4dbe8baf /net/sunrpc/auth_gss
parent41f53350a0f36a7b8e31bec0d0ca907e028ab4cd (diff)
svcrpc: fix oops in absence of krb5 module
Olga Kornievskaia says: "I ran into this oops in the nfsd (below) (4.10-rc3 kernel). To trigger this I had a client (unsuccessfully) try to mount the server with krb5 where the server doesn't have the rpcsec_gss_krb5 module built." The problem is that rsci.cred is copied from a svc_cred structure that gss_proxy didn't properly initialize. Fix that. [120408.542387] general protection fault: 0000 [#1] SMP ... [120408.565724] CPU: 0 PID: 3601 Comm: nfsd Not tainted 4.10.0-rc3+ #16 [120408.567037] Hardware name: VMware, Inc. VMware Virtual = Platform/440BX Desktop Reference Platform, BIOS 6.00 07/02/2015 [120408.569225] task: ffff8800776f95c0 task.stack: ffffc90003d58000 [120408.570483] RIP: 0010:gss_mech_put+0xb/0x20 [auth_rpcgss] ... [120408.584946] ? rsc_free+0x55/0x90 [auth_rpcgss] [120408.585901] gss_proxy_save_rsc+0xb2/0x2a0 [auth_rpcgss] [120408.587017] svcauth_gss_proxy_init+0x3cc/0x520 [auth_rpcgss] [120408.588257] ? __enqueue_entity+0x6c/0x70 [120408.589101] svcauth_gss_accept+0x391/0xb90 [auth_rpcgss] [120408.590212] ? try_to_wake_up+0x4a/0x360 [120408.591036] ? wake_up_process+0x15/0x20 [120408.592093] ? svc_xprt_do_enqueue+0x12e/0x2d0 [sunrpc] [120408.593177] svc_authenticate+0xe1/0x100 [sunrpc] [120408.594168] svc_process_common+0x203/0x710 [sunrpc] [120408.595220] svc_process+0x105/0x1c0 [sunrpc] [120408.596278] nfsd+0xe9/0x160 [nfsd] [120408.597060] kthread+0x101/0x140 [120408.597734] ? nfsd_destroy+0x60/0x60 [nfsd] [120408.598626] ? kthread_park+0x90/0x90 [120408.599448] ret_from_fork+0x22/0x30 Fixes: 1d658336b05f "SUNRPC: Add RPC based upcall mechanism for RPCGSS auth" Cc: stable@vger.kernel.org Cc: Simo Sorce <simo@redhat.com> Reported-by: Olga Kornievskaia <kolga@netapp.com> Tested-by: Olga Kornievskaia <kolga@netapp.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/gss_rpc_xdr.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/sunrpc/auth_gss/gss_rpc_xdr.c b/net/sunrpc/auth_gss/gss_rpc_xdr.c