• Eric Biggers's avatar
    fscrypto: don't use on-stack buffer for key derivation · 0f0909e2
    Eric Biggers authored
    With the new (in 4.9) option to use a virtually-mapped stack
    (CONFIG_VMAP_STACK), stack buffers cannot be used as input/output for
    the scatterlist crypto API because they may not be directly mappable to
    struct page.  get_crypt_info() was using a stack buffer to hold the
    output from the encryption operation used to derive the per-file key.
    Fix it by using a heap buffer.
    
    This bug could most easily be observed in a CONFIG_DEBUG_SG kernel
    because this allowed the BUG in sg_set_buf() to be triggered.
    
    Cc: stable@vger.kernel.org
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    0f0909e2
keyinfo.c 8.52 KB