xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fscrypt: fix keyring memory leak on mount failure

Browse Source 
commit ccd30a476f8e864732de220bd50e6f372f5ebcab upstream.

Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for
fscrypt_master_key") moved the keyring destruction from __put_super() to
generic_shutdown_super() so that the filesystem's block device(s) are
still available.  Unfortunately, this causes a memory leak in the case
where a mount is attempted with the test_dummy_encryption mount option,
but the mount fails after the option has already been processed.

To fix this, attempt the keyring destruction in both places.

Reported-by: syzbot+104c2a89561289cec13e@syzkaller.appspotmail.com
Fixes: d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Link: https://lore.kernel.org/r/20221011213838.209879-1-ebiggers@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Eric Biggers
2022-11-04 16:38:00 -07:00
committed by Greg Kroah-Hartman
parent 391cceee6d
commit 29997a6fa6
3 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
fs/crypto/keyring.c
View File

@@ -202,14 +202,19 @@ static int allocate_filesystem_keyring(struct super_block *sb)
}
/*
* This is called at unmount time to release all encryption keys that have been
* added to the filesystem, along with the keyring that contains them.
* Release all encryption keys that have been added to the filesystem, along
* with the keyring that contains them.
*
* Note that besides clearing and freeing memory, this might need to evict keys
* from the keyslots of an inline crypto engine. Therefore, this must be called
* while the filesystem's underlying block device(s) are still available.
* This is called at unmount time. The filesystem's underlying block device(s)
* are still available at this time; this is important because after user file
* accesses have been allowed, this function may need to evict keys from the
* keyslots of an inline crypto engine, which requires the block device(s).
*
* This is also called when the super_block is being freed. This is needed to
* avoid a memory leak if mounting fails after the "test_dummy_encryption"
* option was processed, as in that case the unmount-time call isn't made.
*/
void fscrypt_sb_delete(struct super_block *sb)
void fscrypt_destroy_keyring(struct super_block *sb)
{
struct fscrypt_keyring *keyring = sb->s_master_keys;
size_t i;