Issue with encrypted filenames on UBIFS
Nicolas Feignon
nicolas.feignon at mobile-devices.fr
Tue Oct 3 06:01:58 PDT 2017
Hi,
I'm encountering an issue with filesystem encryption on UBIFS. I'm using Kernel
4.13.3.
The encryption of filenames does not work correctly for filenames of more that
16 characters. It works fine if the names are shorter. Here's what I get:
[~/writeDir]# touch aaaaaaaaaaaaaaaa # 16 characters
[~/writeDir]# ls
ls: cannot access aaaaaaaaaaaaaaaa>*0ѐL9: No such file or directory
aaaaaaaaaaaaaaaa?>??*0?????n??L9
I set the policy with:
[~]# openssl rand 64 > key
[~]# fscryptctl insert_key < key
a5bb6bff407f6f67
[~]# fscryptctl set_policy a5bb6bff407f6f67 writeDir/
I get the issue for all encryption modes and padding values altough the length
of filenames at which it doesn't work varies.
With the default padding of 32 and AES-256-CTS encryption mode, it does not
work for length >= 16 and <= 32, length >= 48 and <= 64...
I took a look at fs/crypto/fname.c but I can't figure out the problem. It seems
like it's an overflow somewhere.
Best regards,
Nicolas
More information about the linux-mtd
mailing list