Eric,

On Mon, Oct 17, 2016 at 6:54 PM, Eric Biggers [off-list ref] wrote:

Multiple bugs were recently fixed in the "set encryption policy" ioctl.
To make it clear that fscrypt_process_policy() and fscrypt_get_policy()
implement ioctls and therefore their implementations must take standard
security and correctness precautions, rename them to
fscrypt_ioctl_set_policy() and fscrypt_ioctl_get_policy().  Make the
latter take in a struct file * to make it consistent with the former.

In addition, make the common functions do the copies to and from
userspace rather than duplicating this code within each filesystem, and
memset the policy to 0 to make it clear there is no stack leak.

Signed-off-by: Eric Biggers <redacted>
---
 fs/crypto/policy.c       | 36 +++++++++++++++++++++++-------------
 fs/ext4/ext4.h           |  4 ++--
 fs/ext4/ioctl.c          | 34 +++++-----------------------------
 fs/f2fs/f2fs.h           |  4 ++--
 fs/f2fs/file.c           | 19 ++-----------------
 include/linux/fscrypto.h | 12 ++++++------
 6 files changed, 40 insertions(+), 69 deletions(-)

Hmm, are you sure the change is worth it?
The patch basically moves a copy_from/to_user() from ext4/f2fs into fscrypto.

-- 
Thanks,
//richard