dm-crypt: recheck the integrity tag after a failure - linux/linux-stable.git

diff options

author	Mikulas Patocka <mpatocka@redhat.com>	2024-02-19 21:31:11 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-03-01 13:26:31 +0100
commit	5583552eec30eb58acac404948e50609b070cb98 (patch)
tree	e0faecdc406779e5580616896e643e0ca50832ad /drivers/usb/cdns3/cdns3-debug.h
parent	287abdcb9e2b0836716655908d8f4cccd0925da8 (diff)

dm-crypt: recheck the integrity tag after a failure

commit 42e15d12070b4ff9af2b980f1b65774c2dab0507 upstream. If a userspace process reads (with O_DIRECT) multiple blocks into the same buffer, dm-crypt reports an authentication error [1]. The error is reported in a log and it may cause RAID leg being kicked out of the array. This commit fixes dm-crypt, so that if integrity verification fails, the data is read again into a kernel buffer (where userspace can't modify it) and the integrity tag is rechecked. If the recheck succeeds, the content of the kernel buffer is copied into the user buffer; if the recheck fails, an integrity error is reported. [1] https://people.redhat.com/~mpatocka/testcases/blk-auth-modify/read2.c Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Cc: stable@vger.kernel.org Signed-off-by: Mike Snitzer <snitzer@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'drivers/usb/cdns3/cdns3-debug.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: