- ecryptfs-set-the-key-size-from-the-default-for-the-mount.patch removed from -mm tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The patch titled

     ecryptfs: set the key size from the default for the mount

has been removed from the -mm tree.  Its filename is

     ecryptfs-set-the-key-size-from-the-default-for-the-mount.patch

This patch was dropped because it was folded into ecryptfs-fs-makefile-and-fs-kconfig.patch

------------------------------------------------------
Subject: ecryptfs: set the key size from the default for the mount
From: Mike Halcrow <mhalcrow@xxxxxxxxxx>

Remove the hard-coded key size and use the one specified through the mount
parameter.

Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---

 fs/ecryptfs/crypto.c |   34 +++++++++++++++++++++-------------
 1 file changed, 21 insertions(+), 13 deletions(-)

diff -puN fs/ecryptfs/crypto.c~ecryptfs-set-the-key-size-from-the-default-for-the-mount fs/ecryptfs/crypto.c
--- a/fs/ecryptfs/crypto.c~ecryptfs-set-the-key-size-from-the-default-for-the-mount
+++ a/fs/ecryptfs/crypto.c
@@ -747,8 +747,10 @@ int ecryptfs_init_crypt_ctx(struct ecryp
 		goto out;
 	}
 	ecryptfs_printk(KERN_DEBUG,
-			"Initializing cipher [%s]; strlen = [%d]\n",
-			crypt_stat->cipher, (int)strlen(crypt_stat->cipher));
+			"Initializing cipher [%s]; strlen = [%d]; "
+			"key_size_bits = [%d]\n",
+			crypt_stat->cipher, (int)strlen(crypt_stat->cipher),
+			crypt_stat->key_size_bits);
 	if (crypt_stat->tfm) {
 		rc = 0;
 		goto out;
@@ -833,6 +835,18 @@ out:
 	return rc;
 }
 
+static void ecryptfs_generate_new_key(struct ecryptfs_crypt_stat *crypt_stat)
+{
+	get_random_bytes(crypt_stat->key, (crypt_stat->key_size_bits >> 3));
+	ECRYPTFS_SET_FLAG(crypt_stat->flags, ECRYPTFS_KEY_VALID);
+	ecryptfs_compute_root_iv(crypt_stat);
+	if (unlikely(ecryptfs_verbosity > 0)) {
+		ecryptfs_printk(KERN_DEBUG, "Generated new session key:\n");
+		ecryptfs_dump_hex(crypt_stat->key,
+				  crypt_stat->key_size_bits / 8);
+	}
+}
+
 /**
  * ecryptfs_set_default_crypt_stat_vals
  * @crypt_stat
@@ -842,19 +856,10 @@ out:
 static void
 ecryptfs_set_default_crypt_stat_vals(struct ecryptfs_crypt_stat *crypt_stat)
 {
-	int key_size_bits = ECRYPTFS_DEFAULT_KEY_BYTES * 8;
-
 	ecryptfs_set_default_sizes(crypt_stat);
 	strcpy(crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER);
-	crypt_stat->key_size_bits = key_size_bits;
-	get_random_bytes(crypt_stat->key, key_size_bits / 8);
-	ECRYPTFS_SET_FLAG(crypt_stat->flags, ECRYPTFS_KEY_VALID);
-	ecryptfs_compute_root_iv(crypt_stat);
-	if (unlikely(ecryptfs_verbosity > 0)) {
-		ecryptfs_printk(KERN_DEBUG, "Generated new session key:\n");
-		ecryptfs_dump_hex(crypt_stat->key,
-				  crypt_stat->key_size_bits / 8);
-	}
+	crypt_stat->key_size_bits = ECRYPTFS_DEFAULT_KEY_BYTES << 3;
+	ECRYPTFS_CLEAR_FLAG(crypt_stat->flags, ECRYPTFS_KEY_VALID);
 	crypt_stat->file_version = ECRYPTFS_FILE_VERSION;
 }
 
@@ -904,6 +909,9 @@ int ecryptfs_new_file_context(struct den
 		       mount_crypt_stat->global_default_cipher_name,
 		       cipher_name_len);
 		crypt_stat->cipher[cipher_name_len] = '\0';
+		crypt_stat->key_size_bits =
+			mount_crypt_stat->global_default_cipher_key_bits;
+		ecryptfs_generate_new_key(crypt_stat);
 	} else
 		/* We should not encounter this scenario since we
 		 * should detect lack of global_auth_tok at mount time
_

Patches currently in -mm which might be from mhalcrow@xxxxxxxxxx are

origin.patch
ecryptfs-fs-makefile-and-fs-kconfig.patch
ecryptfs-set-the-key-size-from-the-default-for-the-mount.patch
ecryptfs-check-for-weak-keys.patch
ecryptfs-add-define-values-for-cipher-codes-from-rfc2440-openpgp.patch
ecryptfs-convert-bits-to-bytes.patch
ecryptfs-more-elegant-aes-key-size-manipulation.patch
ecryptfs-more-intelligent-use-of-tfm-objects.patch
ecryptfs-remove-debugging-cruft.patch
ecryptfs-get_sb_dev-fix.patch
ecryptfs-validate-minimum-header-extent-size.patch
ecryptfs-validate-body-size.patch
ecryptfs-validate-packet-length-prior-to-parsing-add-comments.patch
ecryptfs-use-the-passed-in-max-value-as-the-upper-bound.patch
ecryptfs-change-the-maximum-size-check-when-writing-header.patch
ecryptfs-print-the-actual-option-that-is-problematic.patch
ecryptfs-add-a-maintainers-entry.patch
ecryptfs-partial-signed-integer-to-size_t-conversion-updated-ii.patch
ecryptfs-graceful-handling-of-mount-error.patch
ecryptfs-fix-printk-format-warnings.patch
ecryptfs-associate-vfsmount-with-dentry-rather-than-superblock.patch
ecryptfs-mntput-lower-mount-on-umount_begin.patch
vfs-make-filldir_t-and-struct-kstat-deal-in-64-bit-inode-numbers-ecryptfs.patch
make-kmem_cache_destroy-return-void-ecryptfs.patch
ecryptfs-inode-numbering-fixes.patch
ecryptfs-versioning-fixes.patch
ecryptfs-versioning-fixes-tidy.patch
ecryptfs-grab-lock-on-lower_page-in-ecryptfs_sync_page.patch
ecryptfs-enable-plaintext-passthrough.patch

-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Kernel Newbies FAQ]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Photo]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux