Commit 82e12f1
dm crypt: wipe kernel key copy after IV initialization
commit dc94902 upstream.
Loading key via kernel keyring service erases the internal
key copy immediately after we pass it in crypto layer. This is
wrong because IV is initialized later and we use wrong key
for the initialization (instead of real key there's just zeroed
block).
The bug may cause data corruption if key is loaded via kernel keyring
service first and later same crypt device is reactivated using exactly
same key in hexbyte representation, or vice versa. The bug (and fix)
affects only ciphers using following IVs: essiv, lmk and tcw.
Fixes: c538f6e ("dm crypt: add ability to use keys from the kernel key retention service")
Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Reviewed-by: Milan Broz <gmazyland@gmail.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>1 parent 6b8fdea commit 82e12f1
1 file changed
Lines changed: 8 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2058 | 2058 | | |
2059 | 2059 | | |
2060 | 2060 | | |
2061 | | - | |
2062 | | - | |
2063 | | - | |
2064 | 2061 | | |
2065 | 2062 | | |
2066 | 2063 | | |
| |||
2528 | 2525 | | |
2529 | 2526 | | |
2530 | 2527 | | |
| 2528 | + | |
| 2529 | + | |
| 2530 | + | |
| 2531 | + | |
2531 | 2532 | | |
2532 | 2533 | | |
2533 | 2534 | | |
| |||
2966 | 2967 | | |
2967 | 2968 | | |
2968 | 2969 | | |
| 2970 | + | |
| 2971 | + | |
| 2972 | + | |
2969 | 2973 | | |
2970 | 2974 | | |
2971 | 2975 | | |
| |||
3012 | 3016 | | |
3013 | 3017 | | |
3014 | 3018 | | |
3015 | | - | |
| 3019 | + | |
3016 | 3020 | | |
3017 | 3021 | | |
3018 | 3022 | | |
| |||
0 commit comments