This is a note to let you know that I've just added the patch titled f2fs crypto: replace some BUG_ON()'s with error checks to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: f2fs-crypto-replace-some-bug_on-s-with-error-checks.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 66aa3e1274fcf887e9d6501a68163270fc7718e7 Mon Sep 17 00:00:00 2001 From: Jaegeuk Kim <jaegeuk@xxxxxxxxxx> Date: Fri, 5 Feb 2016 19:19:01 -0800 Subject: f2fs crypto: replace some BUG_ON()'s with error checks From: Jaegeuk Kim <jaegeuk@xxxxxxxxxx> commit 66aa3e1274fcf887e9d6501a68163270fc7718e7 upstream. This patch adopts: ext4 crypto: replace some BUG_ON()'s with error checks Signed-off-by: Theodore Ts'o <tytso@xxxxxxx> Signed-off-by: Jaegeuk Kim <jaegeuk@xxxxxxxxxx> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/f2fs/crypto.c | 1 - fs/f2fs/crypto_fname.c | 2 -- fs/f2fs/crypto_key.c | 15 ++++++++++++--- 3 files changed, 12 insertions(+), 6 deletions(-) --- a/fs/f2fs/crypto.c +++ b/fs/f2fs/crypto.c @@ -362,7 +362,6 @@ static int f2fs_page_crypto(struct f2fs_ else res = crypto_ablkcipher_encrypt(req); if (res == -EINPROGRESS || res == -EBUSY) { - BUG_ON(req->base.data != &ecr); wait_for_completion(&ecr.completion); res = ecr.res; } --- a/fs/f2fs/crypto_fname.c +++ b/fs/f2fs/crypto_fname.c @@ -124,7 +124,6 @@ static int f2fs_fname_encrypt(struct ino ablkcipher_request_set_crypt(req, &src_sg, &dst_sg, ciphertext_len, iv); res = crypto_ablkcipher_encrypt(req); if (res == -EINPROGRESS || res == -EBUSY) { - BUG_ON(req->base.data != &ecr); wait_for_completion(&ecr.completion); res = ecr.res; } @@ -180,7 +179,6 @@ static int f2fs_fname_decrypt(struct ino ablkcipher_request_set_crypt(req, &src_sg, &dst_sg, iname->len, iv); res = crypto_ablkcipher_decrypt(req); if (res == -EINPROGRESS || res == -EBUSY) { - BUG_ON(req->base.data != &ecr); wait_for_completion(&ecr.completion); res = ecr.res; } --- a/fs/f2fs/crypto_key.c +++ b/fs/f2fs/crypto_key.c @@ -75,7 +75,6 @@ static int f2fs_derive_key_aes(char deri F2FS_AES_256_XTS_KEY_SIZE, NULL); res = crypto_ablkcipher_encrypt(req); if (res == -EINPROGRESS || res == -EBUSY) { - BUG_ON(req->base.data != &ecr); wait_for_completion(&ecr.completion); res = ecr.res; } @@ -189,7 +188,11 @@ int f2fs_get_encryption_info(struct inod keyring_key = NULL; goto out; } - BUG_ON(keyring_key->type != &key_type_logon); + if (keyring_key->type != &key_type_logon) { + printk_once(KERN_WARNING "f2fs: key type must be logon\n"); + res = -ENOKEY; + goto out; + } ukp = user_key_payload(keyring_key); if (ukp->datalen != sizeof(struct f2fs_encryption_key)) { res = -EINVAL; @@ -198,7 +201,13 @@ int f2fs_get_encryption_info(struct inod master_key = (struct f2fs_encryption_key *)ukp->data; BUILD_BUG_ON(F2FS_AES_128_ECB_KEY_SIZE != F2FS_KEY_DERIVATION_NONCE_SIZE); - BUG_ON(master_key->size != F2FS_AES_256_XTS_KEY_SIZE); + if (master_key->size != F2FS_AES_256_XTS_KEY_SIZE) { + printk_once(KERN_WARNING + "f2fs: key size incorrect: %d\n", + master_key->size); + res = -ENOKEY; + goto out; + } res = f2fs_derive_key_aes(ctx.nonce, master_key->raw, raw_key); if (res) Patches currently in stable-queue which might be from jaegeuk@xxxxxxxxxx are queue-4.4/fscrypto-require-write-access-to-mount-to-set-encryption-policy.patch queue-4.4/f2fs-crypto-add-missing-locking-for-keyring_key-access.patch queue-4.4/f2fs-crypto-replace-some-bug_on-s-with-error-checks.patch