On Sat, Nov 26, 2016 at 08:20:48PM -0800, Eric Biggers wrote:
>
> I guess I'm okay with that, since struct fscrypt_policy won't have any padding
> bytes because its members are all bytes. Plus it's marked __packed, though I
> think that was a mistake given that the struct isn't stored on disk
On Sat, Nov 26, 2016 at 07:09:01PM -0500, Theodore Ts'o wrote:
> On Mon, Oct 17, 2016 at 09:54:06AM -0700, Eric Biggers wrote:
> > In addition, make the common functions do the copies to and from
> > userspace rather than duplicating this code within each filesystem, and
> > memset the policy to 0
On Mon, Oct 17, 2016 at 09:54:06AM -0700, Eric Biggers wrote:
> Multiple bugs were recently fixed in the "set encryption policy" ioctl.
> To make it clear that fscrypt_process_policy() and fscrypt_get_policy()
> implement ioctls and therefore their implementations must take standard
> security and
On Tue, Oct 18, 2016 at 02:22:07PM +0200, Richard Weinberger wrote:
>
> Hmm, are you sure the change is worth it?
> The patch basically moves a copy_from/to_user() from ext4/f2fs into fscrypto.
>
Hi Richard,
In my opinion consolidating the copy_from/to_user() is worthwhile by itself.
The
Eric,
On Mon, Oct 17, 2016 at 6:54 PM, Eric Biggers wrote:
> Multiple bugs were recently fixed in the "set encryption policy" ioctl.
> To make it clear that fscrypt_process_policy() and fscrypt_get_policy()
> implement ioctls and therefore their implementations must take