aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@us.ibm.com>2007-10-16 04:27:58 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-16 12:43:11 -0400
commit146a46063b282375015d4b2dad4a94f206bbea4e (patch)
tree6cda58777b94ab8c402e34df5cc24449776ad87f
parentf648104a0d44d7c551f8025ad7e50c4815d3b6eb (diff)
eCryptfs: fix Tag 11 writing code
Fix up the Tag 11 writing code to handle size limits and boundaries more explicitly. It looks like the packet length was 1 shorter than it should have been, chopping off the last byte of the key identifier. This is largely inconsequential, since it is not much more likely that a key identifier collision will occur with 7 bytes rather than 8. This patch fixes the packet to use the full number of bytes that were originally intended to be used for the key identifier. Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/ecryptfs/keystore.c39
1 files changed, 22 insertions, 17 deletions
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index aedff506899e..190e2a01d8bd 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -1449,47 +1449,52 @@ out:
1449 * Returns zero on success; non-zero on error. 1449 * Returns zero on success; non-zero on error.
1450 */ 1450 */
1451static int 1451static int
1452write_tag_11_packet(char *dest, int max, char *contents, size_t contents_length, 1452write_tag_11_packet(char *dest, int *remaining_bytes, char *contents,
1453 size_t *packet_length) 1453 size_t contents_length, size_t *packet_length)
1454{ 1454{
1455 size_t packet_size_length; 1455 size_t packet_size_length;
1456 size_t max_packet_size;
1456 int rc = 0; 1457 int rc = 0;
1457 1458
1458 (*packet_length) = 0; 1459 (*packet_length) = 0;
1459 if ((13 + contents_length) > max) { 1460 /* This format is inspired by OpenPGP; see RFC 2440
1461 * packet tag 11 */
1462 max_packet_size = (1 /* Tag 11 identifier */
1463 + 3 /* Max Tag 11 packet size */
1464 + 1 /* Binary format specifier */
1465 + 1 /* Filename length */
1466 + 8 /* Filename ("_CONSOLE") */
1467 + 4 /* Modification date */
1468 + contents_length); /* Literal data */
1469 if (max_packet_size > (*remaining_bytes)) {
1470 printk(KERN_ERR "Packet length larger than maximum allowable; "
1471 "need up to [%d] bytes, but there are only [%d] "
1472 "available\n", max_packet_size, (*remaining_bytes));
1460 rc = -EINVAL; 1473 rc = -EINVAL;
1461 ecryptfs_printk(KERN_ERR, "Packet length larger than "
1462 "maximum allowable\n");
1463 goto out; 1474 goto out;
1464 } 1475 }
1465 /* General packet header */
1466 /* Packet tag */
1467 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE; 1476 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE;
1468 /* Packet length */
1469 rc = write_packet_length(&dest[(*packet_length)], 1477 rc = write_packet_length(&dest[(*packet_length)],
1470 (13 + contents_length), &packet_size_length); 1478 (max_packet_size - 4), &packet_size_length);
1471 if (rc) { 1479 if (rc) {
1472 ecryptfs_printk(KERN_ERR, "Error generating tag 11 packet " 1480 printk(KERN_ERR "Error generating tag 11 packet header; cannot "
1473 "header; cannot generate packet length\n"); 1481 "generate packet length. rc = [%d]\n", rc);
1474 goto out; 1482 goto out;
1475 } 1483 }
1476 (*packet_length) += packet_size_length; 1484 (*packet_length) += packet_size_length;
1477 /* Tag 11 specific */ 1485 dest[(*packet_length)++] = 0x62; /* binary data format specifier */
1478 /* One-octet field that describes how the data is formatted */
1479 dest[(*packet_length)++] = 0x62; /* binary data */
1480 /* One-octet filename length followed by filename */
1481 dest[(*packet_length)++] = 8; 1486 dest[(*packet_length)++] = 8;
1482 memcpy(&dest[(*packet_length)], "_CONSOLE", 8); 1487 memcpy(&dest[(*packet_length)], "_CONSOLE", 8);
1483 (*packet_length) += 8; 1488 (*packet_length) += 8;
1484 /* Four-octet number indicating modification date */
1485 memset(&dest[(*packet_length)], 0x00, 4); 1489 memset(&dest[(*packet_length)], 0x00, 4);
1486 (*packet_length) += 4; 1490 (*packet_length) += 4;
1487 /* Remainder is literal data */
1488 memcpy(&dest[(*packet_length)], contents, contents_length); 1491 memcpy(&dest[(*packet_length)], contents, contents_length);
1489 (*packet_length) += contents_length; 1492 (*packet_length) += contents_length;
1490 out: 1493 out:
1491 if (rc) 1494 if (rc)
1492 (*packet_length) = 0; 1495 (*packet_length) = 0;
1496 else
1497 (*remaining_bytes) -= (*packet_length);
1493 return rc; 1498 return rc;
1494} 1499}
1495 1500