eCryptfs

Mount helper doesn't handle all mount flags properly

Bug #917509 reported by Tyler Hicks
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
eCryptfs
Fix Released
Medium
Sergio Peña

Bug Description

Martin Steigerwald reported that mount.ecryptfs doesn't handle all mount options properly:

http://article.gmane.org/gmane.comp.file-systems.ecryptfs.general/78

Martin specifically mentions noatime and noauto, but verification should be performed to be sure that there are not others.

ecryptfs_generate_mount_flags() is the function that handles string-based mount options that aren't meant for kernel consumption. It should be updated to handle all mount options that fall under this category.

Related branches

lp:~sergio-pena/ecryptfs/917509
Dustin Kirkland : Needs Fixing
Tyler Hicks: Needs Fixing
Diff: 311 lines (+85/-166)
3 files modified
src/include/ecryptfs.h (+0/-1)
src/libecryptfs/main.c (+0/-100)
src/utils/mount.ecryptfs.c (+85/-65)
lp:~ecryptfs/ecryptfs/oldtrunk2
lp:ubuntu/quantal/ecryptfs-utils
Sergio Peña (sergio-pena)
Changed in ecryptfs:
assignee: nobody → Sergio Peña (sergio-pena)
status: Triaged → In Progress
Revision history for this message
Sergio Peña (sergio-pena) wrote :

As a suggestion, Tyler told me that we might call /"sbin/mount -i" using exec() instead of adding more flags into ecryptfs_generate_mount_flags().

The idea is a good solution to support all new flags from mount command without touching the ecryptfs code to add others ones.
I looked into some others mount helpers, such as nfs, cifs, smbfs, fuse, to see how they support these flags, but they use the same solution as ecryptfs. They uses mount() API function, and have a bigger list of mount flags that they check before call the mount() function.

mount.fuse is the only one that uses execl() to call a fuse command to mount a directory, but it does not call /sbin/mount; it uses its own fuse command instead; and flags are checked and ignored before calling the command.

Either way, I don't foresee any issues if we use exec() or execl() to call "/sbin/mount -i ecryptfs SOURCE DEST -o OPTS" in order to mount ecryptfs.

Any ideas or comments about this?

Revision history for this message
Tyler Hicks (tyhicks) wrote : [Bug 917509] Re: Mount helper doesn't handle all mount flags properly

On 2012-04-19 16:27:54, Sergio Peña wrote:
> The idea is a good solution to support all new flags from mount
> command without touching the ecryptfs code to add others ones. I
> looked into some others mount helpers, such as nfs, cifs, smbfs, fuse,
> to see how they support these flags, but they use the same solution as
> ecryptfs. They uses mount() API function, and have a bigger list of
> mount flags that they check before call the mount() function.

Hmm... this kind of worries me. I can't imagine why no other mount
helpers would not just execl("/bin/mount", "-i", ...). It makes me think
that we're missing something.

Let's not do it for the setuid root helper (mount.ecryptfs_private) and
just do this for the regular mount helper (mount.ecryptfs) for now. I'd
need more confidence in this approach before rolling it out for a setuid
binary.

> mount.fuse is the only one that uses execl() to call a fuse command to
> mount a directory, but it does not call /sbin/mount; it uses its own
> fuse command instead; and flags are checked and ignored before calling
> the command.

Oddly, I see that fuse does execl("/bin/mount", "-i", "-f", ...) for a
fake mount to update mtab.

Revision history for this message
Tyler Hicks (tyhicks) wrote :

This was released back in ecryptfs-utils-97

Changed in ecryptfs:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.