On Mon, Dec 19, 2011 at 4:31 PM, Tyler Hicks <tyhicks@xxxxxxxxxxxxx> wrote: > statfs() calls on eCryptfs files returned the wrong filesystem type and, > when using filename encryption, the wrong maximum filename length. > > If mount-wide filename encryption is enabled, the cipher block size and > the lower filesystem's max filename length will determine the max > eCryptfs filename length. Pre-tested, known good lengths are used when > the lower filesystem's namelen is 255 and a cipher with 8 or 16 byte > block sizes is used. In other, less common cases, we fall back to a safe > rounded-down estimate when determining the eCryptfs namelen. > > https://launchpad.net/bugs/885744 > > Signed-off-by: Tyler Hicks <tyhicks@xxxxxxxxxxxxx> > Reported-by: Kees Cook <keescook@xxxxxxxxxxxx> Looks good! Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -Kees -- Kees Cook ChromeOS Security -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
