Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 888d57bb authored by Joe Perches's avatar Joe Perches Committed by Tyler Hicks
Browse files

fs/ecryptfs: Add printf format/argument verification and fix fallout 



Add __attribute__((format... to __ecryptfs_printk
Make formats and arguments match.
Add casts to (unsigned long long) for %llu.

Signed-off-by: default avatarJoe Perches <joe@perches.com>
[tyhicks: 80 columns cleanup and fixed typo]
Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
parent 0abe1169

fs/ecryptfs/crypto.c

+12 −14
Original line number Diff line number Diff line
@@ -413,10 +413,9 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, 
	rc = ecryptfs_derive_iv(extent_iv, crypt_stat,

				(extent_base + extent_offset));

	if (rc) {

		ecryptfs_printk(KERN_ERR, "Error attempting to "

				"derive IV for extent [0x%.16x]; "

				"rc = [%d]\n", (extent_base + extent_offset),

				rc);

		ecryptfs_printk(KERN_ERR, "Error attempting to derive IV for "

			"extent [0x%.16llx]; rc = [%d]\n",

			(unsigned long long)(extent_base + extent_offset), rc);

		goto out;

	}

	if (unlikely(ecryptfs_verbosity > 0)) {
@@ -443,9 +442,9 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, 
	}

	rc = 0;

	if (unlikely(ecryptfs_verbosity > 0)) {

		ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; "

				"rc = [%d]\n", (extent_base + extent_offset),

				rc);

		ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16llx]; "

			"rc = [%d]\n",

			(unsigned long long)(extent_base + extent_offset), rc);

		ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "

				"encryption:\n");

		ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8);
@@ -540,10 +539,9 @@ static int ecryptfs_decrypt_extent(struct page *page, 
	rc = ecryptfs_derive_iv(extent_iv, crypt_stat,

				(extent_base + extent_offset));

	if (rc) {

		ecryptfs_printk(KERN_ERR, "Error attempting to "

				"derive IV for extent [0x%.16x]; "

				"rc = [%d]\n", (extent_base + extent_offset),

				rc);

		ecryptfs_printk(KERN_ERR, "Error attempting to derive IV for "

			"extent [0x%.16llx]; rc = [%d]\n",

			(unsigned long long)(extent_base + extent_offset), rc);

		goto out;

	}

	if (unlikely(ecryptfs_verbosity > 0)) {
@@ -571,9 +569,9 @@ static int ecryptfs_decrypt_extent(struct page *page, 
	}

	rc = 0;

	if (unlikely(ecryptfs_verbosity > 0)) {

		ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; "

				"rc = [%d]\n", (extent_base + extent_offset),

				rc);

		ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16llx]; "

			"rc = [%d]\n",

			(unsigned long long)(extent_base + extent_offset), rc);

		ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "

				"decryption:\n");

		ecryptfs_dump_hex((char *)(page_address(page)

fs/ecryptfs/ecryptfs_kernel.h

+1 −0
Original line number Diff line number Diff line
@@ -583,6 +583,7 @@ ecryptfs_set_dentry_lower_mnt(struct dentry *dentry, struct vfsmount *lower_mnt) 


#define ecryptfs_printk(type, fmt, arg...) \

        __ecryptfs_printk(type "%s: " fmt, __func__, ## arg);

__attribute__ ((format(printf, 1, 2)))

void __ecryptfs_printk(const char *fmt, ...);



extern const struct file_operations ecryptfs_main_fops;

fs/ecryptfs/file.c

+3 −3
Original line number Diff line number Diff line
@@ -241,9 +241,9 @@ static int ecryptfs_open(struct inode *inode, struct file *file) 
		}

	}

	mutex_unlock(&crypt_stat->cs_mutex);

	ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = [0x%.16x] "

			"size: [0x%.16x]\n", inode, inode->i_ino,

			i_size_read(inode));

	ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = "

			"[0x%.16lx] size: [0x%.16llx]\n", inode, inode->i_ino,

			(unsigned long long)i_size_read(inode));

	goto out;

out_free:

	kmem_cache_free(ecryptfs_file_info_cache,

fs/ecryptfs/keystore.c

+3 −3
Original line number Diff line number Diff line
@@ -59,7 +59,7 @@ static int process_request_key_err(long err_code) 
		break;

	default:

		ecryptfs_printk(KERN_WARNING, "Unknown error code: "

				"[0x%.16x]\n", err_code);

				"[0x%.16lx]\n", err_code);

		rc = -EINVAL;

	}

	return rc;
@@ -1864,8 +1864,8 @@ found_matching_auth_tok: 
				"session key for authentication token with sig "

				"[%.*s]; rc = [%d]. Removing auth tok "

				"candidate from the list and searching for "

				"the next match.\n", candidate_auth_tok_sig,

				ECRYPTFS_SIG_SIZE_HEX, rc);

				"the next match.\n", ECRYPTFS_SIG_SIZE_HEX,

				candidate_auth_tok_sig,	rc);

		list_for_each_entry_safe(auth_tok_list_item,

					 auth_tok_list_item_tmp,

					 &auth_tok_list, list) {

fs/ecryptfs/main.c

+4 −3
Original line number Diff line number Diff line
@@ -810,9 +810,10 @@ static int __init ecryptfs_init(void) 
		ecryptfs_printk(KERN_ERR, "The eCryptfs extent size is "

				"larger than the host's page size, and so "

				"eCryptfs cannot run on this system. The "

				"default eCryptfs extent size is [%d] bytes; "

				"the page size is [%d] bytes.\n",

				ECRYPTFS_DEFAULT_EXTENT_SIZE, PAGE_CACHE_SIZE);

				"default eCryptfs extent size is [%u] bytes; "

				"the page size is [%lu] bytes.\n",

				ECRYPTFS_DEFAULT_EXTENT_SIZE,

				(unsigned long)PAGE_CACHE_SIZE);

		goto out;

	}

	rc = ecryptfs_init_kmem_caches();