On Mon, Oct 17, 2016 at 09:54:06AM -0700, Eric Biggers wrote: > Multiple bugs were recently fixed in the "set encryption policy" ioctl. > To make it clear that fscrypt_process_policy() and fscrypt_get_policy() > implement ioctls and therefore their implementations must take standard > security and correctness precautions, rename them to > fscrypt_ioctl_set_policy() and fscrypt_ioctl_get_policy(). Make the > latter take in a struct file * to make it consistent with the former. > > In addition, make the common functions do the copies to and from > userspace rather than duplicating this code within each filesystem, and > memset the policy to 0 to make it clear there is no stack leak. > Ted, do you have any interest in taking this patch for 4.10? Thanks, Eric -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
