The issue occurs when eCryptfs is mounted with a cipher supported by the crypto subsystem but not by eCryptfs. The mount succeeds and an error does not occur until a write. This change checks for eCryptfs cipher support at mount time. Resolves Launchpad issue #338914, reported by Tyler Hicks in 03/2009. https://bugs.launchpad.net/ecryptfs/+bug/338914 Signed-off-by: Tim Sally <tsally@xxxxxxxxxxxxxxx> --- fs/ecryptfs/main.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index df217dc..4eb1fc6 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c @@ -279,6 +279,8 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, char *fnek_src; char *cipher_key_bytes_src; char *fn_cipher_key_bytes_src; + struct ecryptfs_key_tfm *key_tfm = NULL; + u8 cipher_code; *check_ruid = 0; @@ -456,6 +458,28 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, goto out; } } + + if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name, + &key_tfm)) { + ecryptfs_printk(KERN_ERR, + "Cipher %s was not initalized correctly.\n", + mount_crypt_stat->global_default_cipher_name); + rc = -EINVAL; + mutex_unlock(&key_tfm_list_mutex); + goto out; + } + + cipher_code = ecryptfs_code_for_cipher_string(key_tfm->cipher_name, + key_tfm->key_size); + if (!cipher_code) { + ecryptfs_printk(KERN_ERR, + "eCryptfs doesn't support: %s blocksize %zu.\n", + key_tfm->cipher_name, key_tfm->key_size); + rc = -EINVAL; + mutex_unlock(&key_tfm_list_mutex); + goto out; + } + mutex_unlock(&key_tfm_list_mutex); rc = ecryptfs_init_global_auth_toks(mount_crypt_stat); if (rc) -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
