lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Jun 2021 22:02:12 -0400 From: "Theodore Ts'o" <tytso@....edu> To: Daniel Rosenberg <drosen@...gle.com> Cc: Eric Biggers <ebiggers@...nel.org>, Andreas Dilger <adilger.kernel@...ger.ca>, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, Gabriel Krisman Bertazi <krisman@...labora.com>, kernel-team@...roid.com Subject: Re: [PATCH] ext4: Fix no-key deletion for encrypt+casefold On Sat, May 22, 2021 at 12:41:32AM +0000, Daniel Rosenberg wrote: > commit 471fbbea7ff7 ("ext4: handle casefolding with encryption") is > missing a few checks for the encryption key which are needed to > support deleting enrypted casefolded files when the key is not > present. > > Note from ebiggers: > (These checks for the encryption key are still racy since they happen > too late, but apparently they worked well enough...) > > This bug made it impossible to delete encrypted+casefolded directories > without the encryption key, due to errors like: > > W : EXT4-fs warning (device vdc): __ext4fs_dirhash:270: inode #49202: comm Binder:378_4: Siphash requires key > > Repro steps in kvm-xfstests test appliance: > mkfs.ext4 -F -E encoding=utf8 -O encrypt /dev/vdc > mount /vdc > mkdir /vdc/dir > chattr +F /vdc/dir > keyid=$(head -c 64 /dev/zero | xfs_io -c add_enckey /vdc | awk '{print $NF}') > xfs_io -c "set_encpolicy $keyid" /vdc/dir > for i in `seq 1 100`; do > mkdir /vdc/dir/$i > done > xfs_io -c "rm_enckey $keyid" /vdc > rm -rf /vdc/dir # fails with the bug > > Fixes: 471fbbea7ff7 ("ext4: handle casefolding with encryption") > Signed-off-by: Daniel Rosenberg <drosen@...gle.com> Applied, thanks. - Ted
Powered by blists - more mailing lists