Statement:

This issue did not affect versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 and 7; and kernel-rt packages as shipped with Red Hat Enterprise MRG 2 and Red Hat Enterprise Linux 7.

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2015:1272 https://rhn.redhat.com/errata/RHSA-2015-1272.html

(In reply to Wade Mealing from comment #2)
> Statement:
> 
> This issue did not affect versions of the Linux kernel as shipped with Red
> Hat Enterprise Linux 5 and 7; and kernel-rt packages as shipped with Red Hat
> Enterprise MRG 2 and Red Hat Enterprise Linux 7.

why not did affect to rhel 7, it has the seam code with rhel 6?

case 2:
			dst[dst_byte_offset++] |= (src_byte);
			dst[dst_byte_offset] = 0;
			current_bit_offset = 0;

3ks

Gday Tomsun,

You're correct it does seem to have the same code as EL6, however the encryptfs code is not enabled on EL7.

You may see some similarly named CONFIG_ECRYPT_FS functions in the kernel are not included to be built.

/home/wmealing/rpmbuild/BUILD/kernel-3.10.0-229.el7/linux-3.10.0-229.el6.x86_64
[wmealing@work-desktop linux-3.10.0-229.el6.x86_64]$ cat .config |grep ECRYPT
# CONFIG_ECRYPT_FS is not set

You may however see similarly named symbols in the kernel:

[root@unused-9-133 ~]# cat /proc/kallsyms  |grep ecryptfs_|head -n 3
ffffffff81266f70 T ecryptfs_get_auth_tok_key
ffffffff81266f90 T ecryptfs_get_versions
ffffffff81266fc0 T ecryptfs_fill_auth_tok

But these are helper functions generated by CONFIG_ENCRYPTED_KEYS kernel config options, not be encryptfs itself.

If you have any further options, please open a ticket with a Red Hat support staff member.

Thanks.

Wade Mealing
Product Security