filesystem encryption problem.

Amir Hezarkhani amir6723 at gmail.com
Sun Jul 12 12:50:33 EDT 2015


Thank for replies. About copy_to_user and copy_from_user, whats the better
way?
I dont have much experience in kernel development but I'm trying to learn.
Can you recommend me some books, documents, etc so I can learn more about
filesystems in kernel. I am also interested to learn how mmap works because
I have problems with execution of binary files in my encrypted filesystem.
On Jul 12, 2015 8:30 PM, <kernelnewbies-request at kernelnewbies.org> wrote:

>
>
> On Sun, Jul 12, 2015 at 8:08 PM, Freeman Zhang <
> freeman.zhang1992 at gmail.com> wrote:
>
>> -------- Original Message --------
>> > hello
>> > I am working on adding a simple encryption to file contents in ext4
>> driver
>> > (for learning purposes) I added simple XOR encryption to aio_read and
>> > aio_write functions and it worked until I faced this problem:
>> >
>> > when I open a file in encrypted filesystem using VIM text editor and
>> when I
>> > try to save it it gives me this error:
>> >
>> >>> pointer block id wrong
>> >>> can not find line 1
>> >
>> > and it just corrupts the entire file!
>> >
>> > this is my aio_write function:
>> >
>> > aio_write_enc(struct kiocb *iocb, const struct iovec *iov,
>> >         unsigned long nr_segs, loff_t pos)
>> > {
>> >     size_t i;
>> >     ssize_t ret;
>> >     char *data=vmalloc(sizeof(char)*iov->iov_len);
>> >     copy_from_user(data,iov->iov_base,iov->iov_len);
>> >
>> >     for(i=0;i<iov->iov_len;i++)
>> >     {
>> >         data[i]^=5;
>> >     }
>> >     struct iovec iov_enc= { .iov_base = iov->iov_base, .iov_len =
>> > iov->iov_len };
>> >
>> >     copy_to_user(iov_enc.iov_base,data,iov->iov_len);
>> >     ret=ext4_file_write(iocb,&iov_enc,nr_segs,pos);
>> >     vfree(data);
>> >     return ret;
>> > }
>> >
>> > this just changes the data and then calls original function.
>> >
>> > is there anything wrong with this function? can anyone help me?
>> >
>> >
>> >
>> Hi Amir,
>>
>> I'm not quite sure about what's wrong with your function, but here are
>> two suggestions I got from the list when I did similar things:
>>
>> 1. wrapfs
>> 2. ecryptfs
>>
>> I think you should check these two stackable filesystems if you haven't.
>>
>> Hope this can help a little bit!
>>
>> Freeman
>>
>>
>> _______________________________________________
>> Kernelnewbies mailing list
>> Kernelnewbies at kernelnewbies.org
>> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>>
>>
> Hi Amir,
>
> I agree with Freeman Zhang over here. The way you are doing it is not
> right. There is a mechanism to create stacks of file system and you should
> go down that path.
>
> Having said this, you should definitely debug the issue that you are
> facing. Some pointers : -
> 1. As you have already mentioned that this is happening only for vim and
> not while regular read(using cat, etc), you need to check what vim does
> special to read a file. I would suggest make use of strace and do reading
> with and without vim, maybe you will get something of interest.
> 2. re-read code to check, you might be messing up while write or read.
>
> Apart from these some basic practices you need to follow is : -
>
> 1. check for error conditions, like you missed checking error from
> vmalloc() and the below code will execute even if it failed, this should be
> avoided.
> 2. copy_from_user & again copying back to user is in-efficient.
>
>
> Enjoy life,
> Rohan
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150712/111dc5bb/attachment.html 


More information about the Kernelnewbies mailing list