Sasha Levin discovered a bug when fuzzing /dev/ecryptfs. The code behind /dev/ecryptfs never considered the possibility that file descriptors may be inherited or passed to other processes. Additionally, far too many BUG() calls were used throughout the messaging code. The eCryptfs messaging code was originally implemented using netlink. Several years ago, it was converted to a miscdev driver but it retained some of the concepts that were specific to netlink. The first patch is a minimalist approach at solving the bug Sasha discovered. The second patch removes some cruft. The last patch leverages the file-based miscdev approach to simplify the implementation. Tyler --- fs/ecryptfs/ecryptfs_kernel.h | 22 ++----- fs/ecryptfs/messaging.c | 136 +++++------------------------------------ fs/ecryptfs/miscdev.c | 91 ++++++++------------------- 3 files changed, 48 insertions(+), 201 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
