Linux kernel source tree https://git.amat.us/linux/atom/fs/ecryptfs/read_write.c?h=v3.0.36 2012-02-13T19:06:09Z 2012-02-13T19:06:09Z Li Wang liwang@nudt.edu.cn 2012-01-19T01:44:36Z urn:sha1:1a11d5d7fb7988a92e798dfbed7cdd350c0701cc commit 684a3ff7e69acc7c678d1a1394fe9e757993fd34 upstream. ecryptfs_write() can enter an infinite loop when truncating a file to a size larger than 4G. This only happens on architectures where size_t is represented by 32 bits. This was caused by a size_t overflow due to it incorrectly being used to store the result of a calculation which uses potentially large values of type loff_t. [tyhicks@canonical.com: rewrite subject and commit message] Signed-off-by: Li Wang <liwang@nudt.edu.cn> Signed-off-by: Yunchuan Wen <wenyunchuan@kylinos.com.cn> Reviewed-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-02-03T17:18:50Z Tyler Hicks tyhicks@canonical.com 2012-01-19T00:30:04Z urn:sha1:a8d66a0b58b353d47b05891fd20b3bdc4c8a8015 commit 5e6f0d769017cc49207ef56996e42363ec26c1f0 upstream. ecryptfs_write() handles the truncation of eCryptfs inodes. It grabs a page, zeroes out the appropriate portions, and then encrypts the page before writing it to the lower filesystem. It was unkillable and due to the lack of sparse file support could result in tying up a large portion of system resources, while encrypting pages of zeros, with no way for the truncate operation to be stopped from userspace. This patch adds the ability for ecryptfs_write() to detect a pending fatal signal and return as gracefully as possible. The intent is to leave the lower file in a useable state, while still allowing a user to break out of the encryption loop. If a pending fatal signal is detected, the eCryptfs inode size is updated to reflect the modified inode size and then -EINTR is returned. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2011-08-16T01:31:41Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2011-08-05T03:58:51Z urn:sha1:8c9729a2ca6291a80c4d0473ae64f2b7a547cc9e commit f61500e000eedc0c7a0201200a7f00ba5529c002 upstream. When an eCryptfs inode's lower file has been closed, and the pointer has been set to NULL, return an error when trying to do a lower read or write rather than calling BUG(). https://bugzilla.kernel.org/show_bug.cgi?id=37292 Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2011-03-28T06:47:45Z Thieu Le thieule@chromium.org 2011-03-09T00:26:03Z urn:sha1:57db4e8d73ef2b5e94a3f412108dff2576670a8a Change the write path to encrypt the data only when the page is written to disk in ecryptfs_writepage. Previously, ecryptfs encrypts the page in ecryptfs_write_end which means that if there are multiple write requests to the same page, ecryptfs ends up re-encrypting that page over and over again. This patch minimizes the number of encryptions needed. Signed-off-by: Thieu Le <thieule@chromium.org> [tyhicks: Changed NULL .drop_inode sop pointer to generic_drop_inode] Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 2010-05-21T22:31:28Z Al Viro viro@zeniv.linux.org.uk 2010-05-21T15:09:58Z urn:sha1:48c1e44aceca577aa35be509714bd9ec4b4c3837 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2010-05-21T22:31:28Z Al Viro viro@zeniv.linux.org.uk 2010-05-21T15:02:14Z urn:sha1:02bd97997a07a89cb9311c7f00864cfc785c37f9 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2009-09-23T14:10:34Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2009-09-17T00:04:20Z urn:sha1:96a7b9c2f5df899f302ade45cf17ad753fe130fd Errors returned from vfs_read() and vfs_write() calls to the lower filesystem were being masked as -EINVAL. This caused some confusion to users who saw EINVAL instead of ENOSPC when the disk was full, for instance. Also, the actual bytes read or written were not accessible by callers to ecryptfs_read_lower() and ecryptfs_write_lower(), which may be useful in some cases. This patch updates the error handling logic where those functions are called in order to accept positive return codes indicating success. Cc: Eric Sandeen <esandeen@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: ecryptfs-devel@lists.launchpad.net Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 2009-04-22T08:54:13Z Tyler Hicks tyhicks@linux.vnet.ibm.com 2009-04-13T20:29:27Z urn:sha1:13a791b4e63eb0537a7f804a340d6527485983b4 ecryptfs_passthrough is a mount option that allows eCryptfs to allow data to be written to non-eCryptfs files in the lower filesystem. The passthrough option was causing data corruption due to it not always being treated as a non-eCryptfs file. The first 8 bytes of an eCryptfs file contains the decrypted file size. This value was being written to the non-eCryptfs files, too. Also, extra 0x00 characters were being written to make the file size a multiple of PAGE_CACHE_SIZE. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> 2008-06-06T18:29:09Z Michael Halcrow mhalcrow@us.ibm.com 2008-06-06T05:46:02Z urn:sha1:d3e49afbb66109613c3474f2273f5830ac2dcb09 The page decrypt calls in ecryptfs_write() are both pointless and buggy. Pointless because ecryptfs_get_locked_page() has already brought the page up to date, and buggy because prior mmap writes will just be blown away by the decrypt call. This patch also removes the declaration of a now-nonexistent function ecryptfs_write_zeros(). Thanks to Eric Sandeen and David Kleikamp for helping to track this down. Eric said: fsx w/ mmap dies quickly ( < 100 ops) without this, and survives nicely (to millions of ops+) with it in place. Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Cc: Eric Sandeen <sandeen@redhat.com> Cc: Dave Kleikamp <shaggy@austin.ibm.com> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-04-29T15:06:06Z Harvey Harrison harvey.harrison@gmail.com 2008-04-29T07:59:48Z urn:sha1:18d1dbf1d401e8f9d74cf1cf799fdb19cff150c6 __FUNCTION__ is gcc-specific, use __func__ Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>