Message ID | 1350571743-2757-2-git-send-email-colin.king@canonical.com |
---|---|
State | New |
Headers | show |
On 10/18/2012 07:49 AM, Colin King wrote: > From: Tim Sally <tsally@atomicpeace.com> > > The issue occurs when eCryptfs is mounted with a cipher supported by > the crypto subsystem but not by eCryptfs. The mount succeeds and an > error does not occur until a write. This change checks for eCryptfs > cipher support at mount time. > > Resolves Launchpad issue #338914, reported by Tyler Hicks in 03/2009. > https://bugs.launchpad.net/ecryptfs/+bug/338914 > > Signed-off-by: Tim Sally <tsally@atomicpeace.com> > Signed-off-by: Tyler Hicks <tyhicks@canonical.com> > (cherry picked from commit 5f5b331d5c21228a6519dcb793fc1629646c51a6) > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > --- > fs/ecryptfs/main.c | 13 +++++++++++++ > 1 file changed, 13 insertions(+) > > diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c > index df217dc..923f6aa 100644 > --- a/fs/ecryptfs/main.c > +++ b/fs/ecryptfs/main.c > @@ -279,6 +279,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > char *fnek_src; > char *cipher_key_bytes_src; > char *fn_cipher_key_bytes_src; > + u8 cipher_code; > > *check_ruid = 0; > > @@ -420,6 +421,18 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, > && !fn_cipher_key_bytes_set) > mount_crypt_stat->global_default_fn_cipher_key_bytes = > mount_crypt_stat->global_default_cipher_key_size; > + > + cipher_code = ecryptfs_code_for_cipher_string( > + mount_crypt_stat->global_default_cipher_name, > + mount_crypt_stat->global_default_cipher_key_size); > + if (!cipher_code) { > + ecryptfs_printk(KERN_ERR, > + "eCryptfs doesn't support cipher: %s", > + mount_crypt_stat->global_default_cipher_name); > + rc = -EINVAL; > + goto out; > + } > + > mutex_lock(&key_tfm_list_mutex); > if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name, > NULL)) { >
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index df217dc..923f6aa 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c @@ -279,6 +279,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, char *fnek_src; char *cipher_key_bytes_src; char *fn_cipher_key_bytes_src; + u8 cipher_code; *check_ruid = 0; @@ -420,6 +421,18 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, && !fn_cipher_key_bytes_set) mount_crypt_stat->global_default_fn_cipher_key_bytes = mount_crypt_stat->global_default_cipher_key_size; + + cipher_code = ecryptfs_code_for_cipher_string( + mount_crypt_stat->global_default_cipher_name, + mount_crypt_stat->global_default_cipher_key_size); + if (!cipher_code) { + ecryptfs_printk(KERN_ERR, + "eCryptfs doesn't support cipher: %s", + mount_crypt_stat->global_default_cipher_name); + rc = -EINVAL; + goto out; + } + mutex_lock(&key_tfm_list_mutex); if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name, NULL)) {