Merge remote-tracking branch 'security/next'

[karo-tx-linux.git] / fs / ext4 / crypto_key.c

diff --git a/fs/ext4/crypto_key.c b/fs/ext4/crypto_key.c
index 5c52c79dea4625c4a73d7d6195da9c1e39d6f02b..c5882b36e5582d0005582d0fe3ac86cab70d9c9c 100644 (file)
--- a/fs/ext4/crypto_key.c
+++ b/fs/ext4/crypto_key.c
@@ -71,7 +71,6 @@ static int ext4_derive_key_aes(char deriving_key[EXT4_AES_128_ECB_KEY_SIZE],
                                     EXT4_AES_256_XTS_KEY_SIZE, NULL);
        res = crypto_ablkcipher_encrypt(req);
        if (res == -EINPROGRESS || res == -EBUSY) {
-               BUG_ON(req->base.data != &ecr);
                wait_for_completion(&ecr.completion);
                res = ecr.res;
        }
@@ -208,7 +207,12 @@ retry:
                goto out;
        }
        crypt_info->ci_keyring_key = keyring_key;
-       BUG_ON(keyring_key->type != &key_type_logon);
+       if (keyring_key->type != &key_type_logon) {
+               printk_once(KERN_WARNING
+                           "ext4: key type must be logon\n");
+               res = -ENOKEY;
+               goto out;
+       }
        ukp = user_key_payload(keyring_key);
        if (ukp->datalen != sizeof(struct ext4_encryption_key)) {
                res = -EINVAL;
@@ -217,7 +221,13 @@ retry:
        master_key = (struct ext4_encryption_key *)ukp->data;
        BUILD_BUG_ON(EXT4_AES_128_ECB_KEY_SIZE !=
                     EXT4_KEY_DERIVATION_NONCE_SIZE);
-       BUG_ON(master_key->size != EXT4_AES_256_XTS_KEY_SIZE);
+       if (master_key->size != EXT4_AES_256_XTS_KEY_SIZE) {
+               printk_once(KERN_WARNING
+                           "ext4: key size incorrect: %d\n",
+                           master_key->size);
+               res = -ENOKEY;
+               goto out;
+       }
        res = ext4_derive_key_aes(ctx.nonce, master_key->raw,
                                  raw_key);
        if (res)