lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date:   Mon,  2 Dec 2019 21:29:23 -0800
From:   Daniel Rosenberg <drosen@...gle.com>
To:     "Theodore Ts'o" <tytso@....edu>
Cc:     linux-ext4@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        kernel-team@...roid.com, Daniel Rosenberg <drosen@...gle.com>
Subject: [PATCH] tune2fs: Support casefolded encryption

This allows enabling casefold and encryption at the same
time. Fsck still needs to be adjusted to deal wtih this.

Change-Id: Ic9ed63180ef28c36e083cee85ade432e4bfcc654
Signed-off-by: Daniel Rosenberg <drosen@...gle.com>
---
 misc/mke2fs.c  |  9 ---------
 misc/tune2fs.c | 37 ++++++++++++++++++++++++++++++-------
 2 files changed, 30 insertions(+), 16 deletions(-)

diff --git a/misc/mke2fs.c b/misc/mke2fs.c
index da29ab39..879e3914 100644
--- a/misc/mke2fs.c
+++ b/misc/mke2fs.c
@@ -2460,15 +2460,6 @@ profile_error:
 		}
 	}
 
-	if (ext2fs_has_feature_casefold(&fs_param) &&
-	    ext2fs_has_feature_encrypt(&fs_param)) {
-		com_err(program_name, 0, "%s",
-			_("The encrypt and casefold features are not "
-			  "compatible.\nThey can not be both enabled "
-			  "simultaneously.\n"));
-		      exit (1);
-	}
-
 	/* Don't allow user to set both metadata_csum and uninit_bg bits. */
 	if (ext2fs_has_feature_metadata_csum(&fs_param) &&
 	    ext2fs_has_feature_gdt_csum(&fs_param))
diff --git a/misc/tune2fs.c b/misc/tune2fs.c
index c31c9a7c..b19ee5ca 100644
--- a/misc/tune2fs.c
+++ b/misc/tune2fs.c
@@ -101,6 +101,8 @@ static int rewrite_checksums;
 static int feature_64bit;
 static int fsck_requested;
 static char *undo_file;
+static int encoding = 0;
+static char encoding_flags = 0;
 
 int journal_size, journal_flags;
 char *journal_device;
@@ -160,7 +162,8 @@ static __u32 ok_features[3] = {
 		EXT4_FEATURE_INCOMPAT_64BIT |
 		EXT4_FEATURE_INCOMPAT_ENCRYPT |
 		EXT4_FEATURE_INCOMPAT_CSUM_SEED |
-		EXT4_FEATURE_INCOMPAT_LARGEDIR,
+		EXT4_FEATURE_INCOMPAT_LARGEDIR |
+		EXT4_FEATURE_INCOMPAT_CASEFOLD,
 	/* R/O compat */
 	EXT2_FEATURE_RO_COMPAT_LARGE_FILE |
 		EXT4_FEATURE_RO_COMPAT_HUGE_FILE|
@@ -1403,12 +1406,6 @@ mmp_error:
 	}
 
 	if (FEATURE_ON(E2P_FEATURE_INCOMPAT, EXT4_FEATURE_INCOMPAT_ENCRYPT)) {
-		if (ext2fs_has_feature_casefold(sb)) {
-			fputs(_("Cannot enable encrypt feature on filesystems "
-				"with the encoding feature enabled.\n"),
-			      stderr);
-			return 1;
-		}
 		fs->super->s_encrypt_algos[0] =
 			EXT4_ENCRYPTION_MODE_AES_256_XTS;
 		fs->super->s_encrypt_algos[1] =
@@ -2146,6 +2143,24 @@ static int parse_extended_opts(ext2_filsys fs, const char *opts)
 				continue;
 			}
 			ext_mount_opts = strdup(arg);
+		} else if (!strcmp(token, "encoding")) {
+			if (!arg) {
+				r_usage++;
+				continue;
+			}
+
+			encoding = e2p_str2encoding(arg);
+			if (encoding < 0) {
+				fprintf(stderr, _("Invalid encoding: %s"), arg);
+				r_usage++;
+				continue;
+			}
+		} else if (!strcmp(token, "encoding_flags")) {
+			if (!arg) {
+				r_usage++;
+				continue;
+			}
+			encoding_flags = *arg;
 		} else
 			r_usage++;
 	}
@@ -3325,6 +3340,14 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n"
 		       ext_mount_opts);
 		free(ext_mount_opts);
 	}
+	if (encoding > 0) {
+		sb->s_encoding = encoding;
+		ext2fs_mark_super_dirty(fs);
+	}
+	if (encoding_flags) {
+		sb->s_encoding_flags = encoding_flags;
+		ext2fs_mark_super_dirty(fs);
+	}
 
 	free(device_name);
 	remove_error_table(&et_ext2_error_table);
-- 
2.24.0.393.g34dc348eaf-goog

Powered by blists - more mailing lists