diff options
author | Eric Biggers <ebiggers@google.com> | 2020-07-27 10:41:58 -0700 |
---|---|---|
committer | Eric Biggers <ebiggers@google.com> | 2020-07-30 14:21:50 -0700 |
commit | 55e32c54bbd5741cad462c9ee00c453c72fa74b9 (patch) | |
tree | 6976dfd203e60c9f95f2e8394ced4de2f45db72b /fs/crypto | |
parent | 880253eacd304dad1143aeaed0a6f7bd389a783a (diff) |
fscrypt: don't load ->i_crypt_info before it's known to be valid
In fscrypt_set_bio_crypt_ctx(), ->i_crypt_info isn't known to be
non-NULL until we check fscrypt_inode_uses_inline_crypto(). So, load
->i_crypt_info after the check rather than before. This makes no
difference currently, but it prevents people from introducing bugs where
the pointer is dereferenced when it may be NULL.
Suggested-by: Dave Chinner <david@fromorbit.com>
Cc: Satya Tangirala <satyat@google.com>
Link: https://lore.kernel.org/r/20200727174158.121456-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Diffstat (limited to 'fs/crypto')
-rw-r--r-- | fs/crypto/inline_crypt.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/crypto/inline_crypt.c b/fs/crypto/inline_crypt.c index dfb06375099a..b6b8574caa13 100644 --- a/fs/crypto/inline_crypt.c +++ b/fs/crypto/inline_crypt.c @@ -244,11 +244,12 @@ static void fscrypt_generate_dun(const struct fscrypt_info *ci, u64 lblk_num, void fscrypt_set_bio_crypt_ctx(struct bio *bio, const struct inode *inode, u64 first_lblk, gfp_t gfp_mask) { - const struct fscrypt_info *ci = inode->i_crypt_info; + const struct fscrypt_info *ci; u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE]; if (!fscrypt_inode_uses_inline_crypto(inode)) return; + ci = inode->i_crypt_info; fscrypt_generate_dun(ci, first_lblk, dun); bio_crypt_set_ctx(bio, &ci->ci_enc_key.blk_key->base, dun, gfp_mask); |