Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5f5b331d authored by Tim Sally's avatar Tim Sally Committed by Tyler Hicks
Browse files

eCryptfs: check for eCryptfs cipher support at mount 

The issue occurs when eCryptfs is mounted with a cipher supported by
the crypto subsystem but not by eCryptfs. The mount succeeds and an
error does not occur until a write. This change checks for eCryptfs
cipher support at mount time.

Resolves Launchpad issue #338914, reported by Tyler Hicks in 03/2009.
https://bugs.launchpad.net/ecryptfs/+bug/338914



Signed-off-by: default avatarTim Sally <tsally@atomicpeace.com>
Signed-off-by: default avatarTyler Hicks <tyhicks@canonical.com>
parent 821f7494

fs/ecryptfs/main.c

+13 −0
Original line number Diff line number Diff line
@@ -279,6 +279,7 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, 
	char *fnek_src;

	char *cipher_key_bytes_src;

	char *fn_cipher_key_bytes_src;

	u8 cipher_code;



	*check_ruid = 0;
@@ -420,6 +421,18 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, 
	    && !fn_cipher_key_bytes_set)

		mount_crypt_stat->global_default_fn_cipher_key_bytes =

			mount_crypt_stat->global_default_cipher_key_size;



	cipher_code = ecryptfs_code_for_cipher_string(

		mount_crypt_stat->global_default_cipher_name,

		mount_crypt_stat->global_default_cipher_key_size);

	if (!cipher_code) {

		ecryptfs_printk(KERN_ERR,

				"eCryptfs doesn't support cipher: %s",

				mount_crypt_stat->global_default_cipher_name);

		rc = -EINVAL;

		goto out;

	}



	mutex_lock(&key_tfm_list_mutex);

	if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,

				 NULL)) {