filesystem encryption problem.

Rohan Puri rohan.puri15 at gmail.com
Sun Jul 12 13:30:37 EDT 2015


On 12 Jul 2015 22:20, "Amir Hezarkhani" <amir6723 at gmail.com> wrote:
>
> Thank for replies. About copy_to_user and copy_from_user, whats the
better way?
> I dont have much experience in kernel development but I'm trying to
learn. Can you recommend me some books, documents, etc so I can learn more
about filesystems in kernel. I am also interested to learn how mmap works
because I have problems with execution of binary files in my encrypted
filesystem.
>
> On Jul 12, 2015 8:30 PM, <kernelnewbies-request at kernelnewbies.org> wrote:
>>
>>
>>
>> On Sun, Jul 12, 2015 at 8:08 PM, Freeman Zhang <
freeman.zhang1992 at gmail.com> wrote:
>>>
>>> -------- Original Message --------
>>> > hello
>>> > I am working on adding a simple encryption to file contents in ext4
driver
>>> > (for learning purposes) I added simple XOR encryption to aio_read and
>>> > aio_write functions and it worked until I faced this problem:
>>> >
>>> > when I open a file in encrypted filesystem using VIM text editor and
when I
>>> > try to save it it gives me this error:
>>> >
>>> >>> pointer block id wrong
>>> >>> can not find line 1
>>> >
>>> > and it just corrupts the entire file!
>>> >
>>> > this is my aio_write function:
>>> >
>>> > aio_write_enc(struct kiocb *iocb, const struct iovec *iov,
>>> >         unsigned long nr_segs, loff_t pos)
>>> > {
>>> >     size_t i;
>>> >     ssize_t ret;
>>> >     char *data=vmalloc(sizeof(char)*iov->iov_len);
>>> >     copy_from_user(data,iov->iov_base,iov->iov_len);
>>> >
>>> >     for(i=0;i<iov->iov_len;i++)
>>> >     {
>>> >         data[i]^=5;
>>> >     }
>>> >     struct iovec iov_enc= { .iov_base = iov->iov_base, .iov_len =
>>> > iov->iov_len };
>>> >
>>> >     copy_to_user(iov_enc.iov_base,data,iov->iov_len);
>>> >     ret=ext4_file_write(iocb,&iov_enc,nr_segs,pos);
>>> >     vfree(data);
>>> >     return ret;
>>> > }
>>> >
>>> > this just changes the data and then calls original function.
>>> >
>>> > is there anything wrong with this function? can anyone help me?
>>> >
>>> >
>>> >
>>> Hi Amir,
>>>
>>> I'm not quite sure about what's wrong with your function, but here are
>>> two suggestions I got from the list when I did similar things:
>>>
>>> 1. wrapfs
>>> 2. ecryptfs
>>>
>>> I think you should check these two stackable filesystems if you haven't.
>>>
>>> Hope this can help a little bit!
>>>
>>> Freeman
>>>
>>>
>>> _______________________________________________
>>> Kernelnewbies mailing list
>>> Kernelnewbies at kernelnewbies.org
>>> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>>>
>>
>> Hi Amir,
>>
>> I agree with Freeman Zhang over here. The way you are doing it is not
right. There is a mechanism to create stacks of file system and you should
go down that path.
>>
>> Having said this, you should definitely debug the issue that you are
facing. Some pointers : -
>> 1. As you have already mentioned that this is happening only for vim and
not while regular read(using cat, etc), you need to check what vim does
special to read a file. I would suggest make use of strace and do reading
with and without vim, maybe you will get something of interest.
>> 2. re-read code to check, you might be messing up while write or read.
>>
>> Apart from these some basic practices you need to follow is : -
>>
>> 1. check for error conditions, like you missed checking error from
vmalloc() and the below code will execute even if it failed, this should be
avoided.
>> 2. copy_from_user & again copying back to user is in-efficient.
>>
>>
>> Enjoy life,
>> Rohan
>
>
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>

Hi Amir,

Please reply at the bottom. Regarding what's the better way would depend on
how you design stuff.

Following is my recommendation :-

For conceptual knowledge of general file systems the best would be OS book
by Prof Remzi Arpaci-Dusseau.
Excellently explained.

For linux kernel conceptual stuff get hold of Robert love Linux kernel
development.

Read lots of kernel generic filesystem code in FS dir. Lots of basic
functionality is implemented in helper functions present in this dir.

Enjoy life,
Rohan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150712/3014d68e/attachment.html 


More information about the Kernelnewbies mailing list