From 698851b77a05caffc04a77dbcfeacbbd92ed503c Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 3 Mar 2020 07:43:34 +0100
Subject: [PATCH] 4.9-stable patches

added patches:
	ecryptfs-fix-up-bad-backport-of-fe2e082f5da5b4a0a92ae32978f81507ef37ec66.patch
---
 ...082f5da5b4a0a92ae32978f81507ef37ec66.patch | 82 +++++++++++++++++++
 queue-4.9/series                              |  1 +
 2 files changed, 83 insertions(+)
 create mode 100644 queue-4.9/ecryptfs-fix-up-bad-backport-of-fe2e082f5da5b4a0a92ae32978f81507ef37ec66.patch

diff --git a/queue-4.9/ecryptfs-fix-up-bad-backport-of-fe2e082f5da5b4a0a92ae32978f81507ef37ec66.patch b/queue-4.9/ecryptfs-fix-up-bad-backport-of-fe2e082f5da5b4a0a92ae32978f81507ef37ec66.patch
new file mode 100644
index 00000000000..fa3f366bef0
--- /dev/null
+++ b/queue-4.9/ecryptfs-fix-up-bad-backport-of-fe2e082f5da5b4a0a92ae32978f81507ef37ec66.patch
@@ -0,0 +1,82 @@
+From natechancellor@gmail.com  Tue Mar  3 07:42:32 2020
+From: Nathan Chancellor <natechancellor@gmail.com>
+Date: Mon,  2 Mar 2020 13:39:13 -0700
+Subject: ecryptfs: Fix up bad backport of fe2e082f5da5b4a0a92ae32978f81507ef37ec66
+To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Sasha Levin <sashal@kernel.org>
+Cc: stable@vger.kernel.org, ecryptfs@vger.kernel.org, Wenwen Wang <wenwen@cs.uga.edu>, Tyler Hicks <tyhicks@canonical.com>, Nathan Chancellor <natechancellor@gmail.com>
+Message-ID: <20200302203912.27370-1-natechancellor@gmail.com>
+
+From: Nathan Chancellor <natechancellor@gmail.com>
+
+When doing the 4.9 merge into certain Android trees, I noticed a warning
+from Android's deprecated GCC 4.9.4, which causes a build failure in
+those trees due to basically -Werror:
+
+fs/ecryptfs/keystore.c: In function 'ecryptfs_parse_packet_set':
+fs/ecryptfs/keystore.c:1357:2: warning: 'auth_tok_list_item' may be used
+uninitialized in this function [-Wmaybe-uninitialized]
+  memset(auth_tok_list_item, 0,
+  ^
+fs/ecryptfs/keystore.c:1260:38: note: 'auth_tok_list_item' was declared
+here
+  struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
+                                      ^
+
+GCC 9.2.0 was not able to pick up this warning when I tested it.
+
+Turns out that Clang warns as well when -Wuninitialized is used, which
+is not the case in older stable trees at the moment (but shows value in
+potentially backporting the various warning fixes currently in upstream
+to get more coverage).
+
+fs/ecryptfs/keystore.c:1284:6: warning: variable 'auth_tok_list_item' is
+used uninitialized whenever 'if' condition is true
+[-Wsometimes-uninitialized]
+        if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) {
+            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+fs/ecryptfs/keystore.c:1360:4: note: uninitialized use occurs here
+                        auth_tok_list_item);
+                        ^~~~~~~~~~~~~~~~~~
+fs/ecryptfs/keystore.c:1284:2: note: remove the 'if' if its condition is
+always false
+        if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) {
+        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+fs/ecryptfs/keystore.c:1260:56: note: initialize the variable
+'auth_tok_list_item' to silence this warning
+        struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
+                                                              ^
+                                                               = NULL
+1 warning generated.
+
+Somehow, commit fe2e082f5da5 ("ecryptfs: fix a memory leak bug in
+parse_tag_1_packet()") upstream was not applied in the correct if block
+in 4.4.215, 4.9.215, and 4.14.172, which will indeed lead to use of
+uninitialized memory. Fix it up by undoing the bad backport in those
+trees then reapplying the patch in the proper location.
+
+Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ecryptfs/keystore.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/fs/ecryptfs/keystore.c
++++ b/fs/ecryptfs/keystore.c
+@@ -1285,7 +1285,7 @@ parse_tag_1_packet(struct ecryptfs_crypt
+ 		printk(KERN_ERR "Enter w/ first byte != 0x%.2x\n",
+ 		       ECRYPTFS_TAG_1_PACKET_TYPE);
+ 		rc = -EINVAL;
+-		goto out_free;
++		goto out;
+ 	}
+ 	/* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or
+ 	 * at end of function upon failure */
+@@ -1335,7 +1335,7 @@ parse_tag_1_packet(struct ecryptfs_crypt
+ 		printk(KERN_WARNING "Tag 1 packet contains key larger "
+ 		       "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES");
+ 		rc = -EINVAL;
+-		goto out;
++		goto out_free;
+ 	}
+ 	memcpy((*new_auth_tok)->session_key.encrypted_key,
+ 	       &data[(*packet_size)], (body_size - (ECRYPTFS_SIG_SIZE + 2)));
diff --git a/queue-4.9/series b/queue-4.9/series
index fb429cbb1dc..c7dca2acc41 100644
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -35,3 +35,4 @@ hid-core-increase-hid-report-buffer-size-to-8kib.patch
 hid-hiddev-fix-race-in-in-hiddev_disconnect.patch
 mips-vpe-fix-a-double-free-and-a-memory-leak-in-release_vpe.patch
 i2c-jz4780-silence-log-flood-on-txabrt.patch
+ecryptfs-fix-up-bad-backport-of-fe2e082f5da5b4a0a92ae32978f81507ef37ec66.patch
-- 
2.47.3