filesystem encryption problem.

Rohan Puri rohan.puri15 at gmail.com
Sun Jul 12 11:03:33 EDT 2015 

On Sun, Jul 12, 2015 at 8:08 PM, Freeman Zhang <freeman.zhang1992 at gmail.com>
wrote:

> -------- Original Message --------
> > hello
> > I am working on adding a simple encryption to file contents in ext4
> driver
> > (for learning purposes) I added simple XOR encryption to aio_read and
> > aio_write functions and it worked until I faced this problem:
> >
> > when I open a file in encrypted filesystem using VIM text editor and
> when I
> > try to save it it gives me this error:
> >
> >>> pointer block id wrong
> >>> can not find line 1
> >
> > and it just corrupts the entire file!
> >
> > this is my aio_write function:
> >
> > aio_write_enc(struct kiocb *iocb, const struct iovec *iov,
> >         unsigned long nr_segs, loff_t pos)
> > {
> >     size_t i;
> >     ssize_t ret;
> >     char *data=vmalloc(sizeof(char)*iov->iov_len);
> >     copy_from_user(data,iov->iov_base,iov->iov_len);
> >
> >     for(i=0;i<iov->iov_len;i++)
> >     {
> >         data[i]^=5;
> >     }
> >     struct iovec iov_enc= { .iov_base = iov->iov_base, .iov_len =
> > iov->iov_len };
> >
> >     copy_to_user(iov_enc.iov_base,data,iov->iov_len);
> >     ret=ext4_file_write(iocb,&iov_enc,nr_segs,pos);
> >     vfree(data);
> >     return ret;
> > }
> >
> > this just changes the data and then calls original function.
> >
> > is there anything wrong with this function? can anyone help me?
> >
> >
> >
> Hi Amir,
>
> I'm not quite sure about what's wrong with your function, but here are
> two suggestions I got from the list when I did similar things:
>
> 1. wrapfs
> 2. ecryptfs
>
> I think you should check these two stackable filesystems if you haven't.
>
> Hope this can help a little bit!
>
> Freeman
>
>
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>
>
Hi Amir,

I agree with Freeman Zhang over here. The way you are doing it is not
right. There is a mechanism to create stacks of file system and you should
go down that path.

Having said this, you should definitely debug the issue that you are
facing. Some pointers : -
1. As you have already mentioned that this is happening only for vim and
not while regular read(using cat, etc), you need to check what vim does
special to read a file. I would suggest make use of strace and do reading
with and without vim, maybe you will get something of interest.
2. re-read code to check, you might be messing up while write or read.

Apart from these some basic practices you need to follow is : -

1. check for error conditions, like you missed checking error from
vmalloc() and the below code will execute even if it failed, this should be
avoided.
2. copy_from_user & again copying back to user is in-efficient.


Enjoy life,
Rohan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150712/b26a2e91/attachment.html

More information about the Kernelnewbies mailing list