lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20190822121725.22550-1-lczerner@redhat.com>
Date:   Thu, 22 Aug 2019 14:17:25 +0200
From:   Lukas Czerner <lczerner@...hat.com>
To:     linux-ext4@...r.kernel.org
Subject: [PATCH v2 2/2] tune2fs: Warn if page size != blocksize when enabling encrypt

With encrypt feature enabled the file system block size must match
system page size. Currently tune2fs will not complain at all when we try
to enable encrypt on a file system that does not satisfy this
requirement for the system. Add a warning for this case.

Signed-off-by: Lukas Czerner <lczerner@...hat.com>
---
 misc/tune2fs.c | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/misc/tune2fs.c b/misc/tune2fs.c
index 7d2d38d7..f1604447 100644
--- a/misc/tune2fs.c
+++ b/misc/tune2fs.c
@@ -130,6 +130,8 @@ void do_findfs(int argc, char **argv);
 int journal_enable_debug = -1;
 #endif
 
+static int sys_page_size = 4096;
+
 static void usage(void)
 {
 	fprintf(stderr,
@@ -1407,6 +1409,30 @@ mmp_error:
 			      stderr);
 			return 1;
 		}
+
+		/*
+		 * When encrypt feature is enabled, the file system blocksize
+		 * needs to match system page size otherwise the file system
+		 * won't mount.
+		 */
+		if (fs->blocksize != sys_page_size) {
+			if (!f_flag) {
+				com_err(program_name, 0,
+					_("Encryption feature requested, but "
+					  "block size (%dB) does not match "
+					  "system page size (%dB). File "
+					  "system won't be usable on this "
+					  "system"),
+					fs->blocksize, sys_page_size);
+				proceed_question(-1);
+			}
+			fprintf(stderr,_("Warning: Encrypt feature enabled, "
+					 "but block size (%dB) does not match "
+					 "system page size (%dB), forced to "
+					 "cointinue\n"),
+				fs->blocksize, sys_page_size);
+		}
+
 		fs->super->s_encrypt_algos[0] =
 			EXT4_ENCRYPTION_MODE_AES_256_XTS;
 		fs->super->s_encrypt_algos[1] =
@@ -2844,6 +2870,7 @@ int main(int argc, char **argv)
 int tune2fs_main(int argc, char **argv)
 #endif  /* BUILD_AS_LIB */
 {
+	long sysval;
 	errcode_t retval;
 	ext2_filsys fs;
 	struct ext2_super_block *sb;
@@ -2879,6 +2906,18 @@ int tune2fs_main(int argc, char **argv)
 #endif
 		io_ptr = unix_io_manager;
 
+	/* Determine the system page size if possible */
+#ifdef HAVE_SYSCONF
+#if (!defined(_SC_PAGESIZE) && defined(_SC_PAGE_SIZE))
+#define _SC_PAGESIZE _SC_PAGE_SIZE
+#endif
+#ifdef _SC_PAGESIZE
+	sysval = sysconf(_SC_PAGESIZE);
+	if (sysval > 0)
+		sys_page_size = sysval;
+#endif /* _SC_PAGESIZE */
+#endif /* HAVE_SYSCONF */
+
 retry_open:
 	if ((open_flag & EXT2_FLAG_RW) == 0 || f_flag)
 		open_flag |= EXT2_FLAG_SKIP_MMP;
-- 
2.21.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ