2015-06-11 15:31:13

by Seunghun Lee

[permalink] [raw]
Subject: [PATCH] ext4 crypto: prevent mount when blocksize != pagesize

Encryption mode is unsupported when blocksize != pagesize.

Signed-off-by: Seunghun Lee <[email protected]>
---
fs/ext4/super.c | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 31e85be..032c9e3 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1583,6 +1583,15 @@ static int handle_mount_opt(struct super_block *sb, char *opt, int token,
IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, arg);
} else if (token == Opt_test_dummy_encryption) {
#ifdef CONFIG_EXT4_FS_ENCRYPTION
+ int blocksize =
+ BLOCK_SIZE << le32_to_cpu(sbi->s_es->s_log_block_size);
+
+ if (blocksize != PAGE_CACHE_SIZE) {
+ ext4_msg(sb, KERN_ERR,
+ "unsupported blocksize for Test dummy encryption mode");
+ return -1;
+ }
+
sbi->s_mount_flags |= EXT4_MF_TEST_DUMMY_ENCRYPTION;
ext4_msg(sb, KERN_WARNING,
"Test dummy encryption mode enabled");
--
2.3.5


2015-06-13 03:45:54

by Theodore Ts'o

[permalink] [raw]
Subject: Re: [PATCH] ext4 crypto: prevent mount when blocksize != pagesize

On Fri, Jun 12, 2015 at 12:12:47AM +0900, Seunghun Lee wrote:
> Encryption mode is unsupported when blocksize != pagesize.
>
> Signed-off-by: Seunghun Lee <[email protected]>

This only checks for blocksize != pagesize in the case where the test
dummy encryption mount option is given. We need to check also for the
case when the file system has the encryption feature set. So this is
the better check.

- Ted

commit 660947160c07e42b6c5def33a1977da09567ed55
Author: Theodore Ts'o <[email protected]>
Date: Fri Jun 12 23:44:33 2015 -0400

ext4 crypto: fail the mount if blocksize != pagesize

We currently don't correctly handle the case where blocksize !=
pagesize, so disallow the mount in those cases.

Signed-off-by: Theodore Ts'o <[email protected]>

diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 31e85be..e13fe40 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -4065,7 +4065,15 @@ no_journal:
}
}

- if (unlikely(sbi->s_mount_flags & EXT4_MF_TEST_DUMMY_ENCRYPTION) &&
+ if ((DUMMY_ENCRYPTION_ENABLED(sbi) ||
+ EXT4_HAS_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_ENCRYPT)) &&
+ (blocksize != PAGE_CACHE_SIZE)) {
+ ext4_msg(sb, KERN_ERR,
+ "Unsupported blocksize for fs encryption");
+ goto failed_mount_wq;
+ }
+
+ if (DUMMY_ENCRYPTION_ENABLED(sbi) &&
!(sb->s_flags & MS_RDONLY) &&
!EXT4_HAS_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_ENCRYPT)) {
EXT4_SET_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_ENCRYPT);