• Tyler Hicks's avatar
    eCryptfs: Initialize empty lower files when opening them · e3ccaa97
    Tyler Hicks authored
    Historically, eCryptfs has only initialized lower files in the
    ecryptfs_create() path. Lower file initialization is the act of writing
    the cryptographic metadata from the inode's crypt_stat to the header of
    the file. The ecryptfs_open() path already expects that metadata to be
    in the header of the file.
    
    A number of users have reported empty lower files in beneath their
    eCryptfs mounts. Most of the causes for those empty files being left
    around have been addressed, but the presence of empty files causes
    problems due to the lack of proper cryptographic metadata.
    
    To transparently solve this problem, this patch initializes empty lower
    files in the ecryptfs_open() error path. If the metadata is unreadable
    due to the lower inode size being 0, plaintext passthrough support is
    not in use, and the metadata is stored in the header of the file (as
    opposed to the user.ecryptfs extended attribute), the lower file will be
    initialized.
    
    The number of nested conditionals in ecryptfs_open() was getting out of
    hand, so a helper function was created. To avoid the same nested
    conditional problem, the conditional logic was reversed inside of the
    helper function.
    
    https://launchpad.net/bugs/911507Signed-off-by: default avatarTyler Hicks <tyhicks@canonical.com>
    Cc: John Johansen <john.johansen@canonical.com>
    Cc: Colin Ian King <colin.king@canonical.com>
    e3ccaa97
file.c 11.1 KB