ecryptfs team mailing list archive

[Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxx>]

Thanks for reporting this, Kevin. Historically, eCryptfs has not worked
on fuse based filesystems and doesn't get tested on top of them. It
seems there's been an inadvertent change that has allowed it to almost
work properly.

I've been looking at this for a while now and haven't figured out why
the plaintext is being written to the header. It will need some more
investigation.

Thanks again for the report.

** Changed in: ecryptfs
   Importance: Undecided => High

** Changed in: ecryptfs
       Status: New => Confirmed

** Changed in: ecryptfs
     Assignee: (unassigned) => Tyler Hicks (tyhicks)

-- 
ecryptfs over fuseblk lower layer appears to succeed but writes lower layer in plaintext, fails on readback
https://bugs.launchpad.net/bugs/641703
You received this bug notification because you are a member of eCryptfs,
which is a direct subscriber.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Confirmed

Bug description:
ecryptfs 83-0ubuntu3
linux-image-2.6.32-24-generic 2.6.32-24.42

When "ecryptfs" is run over a fuseblk lower layer, such as an ntfs-3g or sshfs lower layer, creating and writing files appears to work. However, trying to read the resulting files either silently fails or produces I/O errors with kernel log entries "Valid eCryptfs headers not found in file header region or xattr region", and when the lower layer is inspected, the contents of the files have been written in plaintext.

Note that, if the mount options permit plaintext passthrough, reads and writes may appear to work for files that are larger than the ecryptfs block size (i.e., it seems that complete 12288-byte blocks will be read, though the last incomplete block will be truncated), but the underlying lower layer has still been written in plaintext.

A session log reproducing the problem is attached.