Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753561AbcKMOpc (ORCPT ); Sun, 13 Nov 2016 09:45:32 -0500 Received: from mail-wm0-f65.google.com ([74.125.82.65]:35988 "EHLO mail-wm0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752603AbcKMOpa (ORCPT ); Sun, 13 Nov 2016 09:45:30 -0500 Subject: Re: dm-crypt accepts '+' in the key To: Mikulas Patocka , Ondrej Kozina , Mike Snitzer , Alexey Dobriyan References: Cc: dm-devel@redhat.com, linux-kernel@vger.kernel.org From: Milan Broz Message-ID: <3ee83e71-78e0-7ba3-0fb4-5d906f66aa04@gmail.com> Date: Sun, 13 Nov 2016 15:45:27 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 949 Lines: 23 On 11/12/2016 09:20 PM, Mikulas Patocka wrote: > Hi > > dm-crypt uses the function kstrtou8 to decode the encryption key. kstrtou8 > calls kstrtoull and kstrtoull skips the first character if it is '+'. > > Consequently, it is possible to load keys with '+' in it. For example, > this is possible: > > dmsetup create cr --table "0 131072 crypt aes-cbc-essiv:sha256 +0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0 0 /dev/debian/tmptest 0" > > Should this be fixed in dm-crypt or in kstrtou8? A fix in kstrtou8 could > be more appropriate, but we don't know how many other kernel parts depend > on this "skip plus" behavior... I would way it should be checked in both places... For dmcrypt, it should validate input here and should not accept anything in key field in dm table that is not in hexa representation. (Is this regression since code switched from simple_strtoul to kstrtou8 or this bug was there always?) Milan