Bug 553670
| Summary: | filesystem mounted with ecryptfs_xattr option could not be written | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Jan Tluka <jtluka> |
| Component: | kernel | Assignee: | Eric Sandeen <esandeen> |
| Status: | CLOSED ERRATA | QA Contact: | Red Hat Kernel QE team <kernel-qe> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 5.5 | CC: | esandeen, syeghiay |
| Target Milestone: | rc | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-03-30 07:42:39 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Jan Tluka
2010-01-08 16:10:57 UTC
(Where do we set severity of regressions in tech-preview code....?)
Anyway:
ecryptfs_write_metadata():
virt_len = crypt_stat->num_header_bytes_at_front;
order = get_order(virt_len);
/* Released in this function */
virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order);
if (!virt) {
printk(KERN_ERR "%s: Out of memory\n", __func__);
rc = -ENOMEM;
goto out;
}
For xattr metadata:
if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
crypt_stat->num_header_bytes_at_front = 0;
I think get_order(0) returns -1, and this would not make
ecryptfs_get_zeroed_pages happy.
... quick check ... yeah it's trying to allocate order-52 pages or so.
Need to look upstream to see if it's broken there too.
It is broken upstream as well. FWIW it's a regression from 8faece5f906725c10e7a1f6caf84452abadbdc7b
eCryptfs: Allocate a variable number of pages for file headers
which was in itself a security fix.
-Eric
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index fbb6e5e..fbad859 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -1381,7 +1381,10 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry)
rc = -EINVAL;
goto out;
}
- virt_len = crypt_stat->num_header_bytes_at_front;
+ if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
+ virt_len = ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
+ else
+ virt_len = crypt_stat->num_header_bytes_at_front;
order = get_order(virt_len);
/* Released in this function */
virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order);
seems to fix it, I'll send it upstream.
Sent to rhkernel-list on 15 Feb 2010. This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release. in kernel-2.6.18-190.el5 You can download this test kernel from http://people.redhat.com/jwilson/el5 Please update the appropriate value in the Verified field (cf_verified) to indicate this fix has been successfully verified. Include a comment with verification details. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2010-0178.html |