[PATCH] dm crypt: reject odd-length hex keys

Next message: Samuel Moelius: "[PATCH] dm dust: use target-relative sectors in badblock messages"
Previous message: Rob Clark: "Re: [PATCH 5/6] drm/msm/a6xx: Fix IRQ storm during msm_recovery test"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Samuel Moelius

Date: Mon Jun 08 2026 - 20:22:36 EST

dm-crypt accepts hexadecimal keys with an odd number of digits. The
parser converts pairs of hex digits into bytes, so the final nibble is
ignored rather than contributing to the configured key.

This makes two different table strings select the same key material and
hides configuration mistakes from userspace.

Reject odd-length hex keys before converting them to bytes.

Assisted-by: Codex:gpt-5.5-cyber-preview
Signed-off-by: Samuel Moelius <sam.moelius@xxxxxxxxxxxxxxx>
---
drivers/md/dm-crypt.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 608b617fb817..a5ae34cc42bf 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -2558,11 +2558,18 @@ static int crypt_set_keyring_key(struct crypt_config *cc, const char *key_string

static int get_key_size(char **key_string)
{
+ size_t key_len;
char *colon, dummy;
int ret;

- if (*key_string[0] != ':')
- return strlen(*key_string) >> 1;
+ if (*key_string[0] != ':') {
+ key_len = strlen(*key_string);
+
+ if (strcmp(*key_string, "-") && (key_len & 1))
+ return -EINVAL;
+
+ return key_len >> 1;
+ }

/* look for next ':' in key string */
colon = strpbrk(*key_string + 1, ":");
@@ -2588,7 +2595,12 @@ static int crypt_set_keyring_key(struct crypt_config *cc, const char *key_string

static int get_key_size(char **key_string)
{
- return (*key_string[0] == ':') ? -EINVAL : (int)(strlen(*key_string) >> 1);
+ size_t key_len = strlen(*key_string);
+
+ if (*key_string[0] == ':' || (strcmp(*key_string, "-") && (key_len & 1)))
+ return -EINVAL;
+
+ return key_len >> 1;
}

#endif /* CONFIG_KEYS */
--
2.43.0