[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240531033407.GB6505@sol.localdomain>
Date: Thu, 30 May 2024 20:34:07 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Lizhi Xu <lizhi.xu@...driver.com>
Cc: coreteam@...filter.org, davem@...emloft.net, fw@...len.de,
jaegeuk@...nel.org, kadlec@...filter.org, kuba@...nel.org,
linux-fscrypt@...r.kernel.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
pablo@...filter.org,
syzbot+340581ba9dceb7e06fb3@...kaller.appspotmail.com,
syzkaller-bugs@...glegroups.com, tytso@....edu,
adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org
Subject: Re: [PATCH V2] ext4: add casefolded feature check before setup
encrypted info
On Fri, May 31, 2024 at 11:30:44AM +0800, 'Lizhi Xu' via syzkaller-bugs wrote:
> On Thu, 30 May 2024 20:11:33 -0700, Eric Biggers wrote:
> > > Due to the current file system not supporting the casefolded feature, only
> > > i_crypt_info was initialized when creating encrypted information, without actually
> > > setting the sighash. Therefore, when creating an inode, if the system does not
> > > support the casefolded feature, encrypted information will not be created.
> > >
> > > Reported-by: syzbot+340581ba9dceb7e06fb3@...kaller.appspotmail.com
> > > Signed-off-by: Lizhi Xu <lizhi.xu@...driver.com>
> > > ---
> > > fs/ext4/ialloc.c | 3 ++-
> > > 1 file changed, 2 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
> > > index e9bbb1da2d0a..47b75589fdf4 100644
> > > --- a/fs/ext4/ialloc.c
> > > +++ b/fs/ext4/ialloc.c
> > > @@ -983,7 +983,8 @@ struct inode *__ext4_new_inode(struct mnt_idmap *idmap,
> > > ei->i_projid = make_kprojid(&init_user_ns, EXT4_DEF_PROJID);
> > >
> > > if (!(i_flags & EXT4_EA_INODE_FL)) {
> > > - err = fscrypt_prepare_new_inode(dir, inode, &encrypt);
> > > + if (ext4_has_feature_casefold(inode->i_sb))
> > > + err = fscrypt_prepare_new_inode(dir, inode, &encrypt);
> > > if (err)
> > > goto out;
> >
> > No, this is not correct at all. This just disables encryption on filesystems
> > with the casefold feature.
> If filesystems not support casefold feature, Why do I need to setup encrypted
> information when creating a directory? Can encrypted information not include *hash?
Encryption is a separate feature. It is supported both with and without
casefold.
- Eric
Powered by blists - more mailing lists