eCryptfs

kernel cipher support detection lags behind kernel crypto module name changes

Bug #994813 reported by Tyler Hicks
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eCryptfs
Fix Released
Low
Tyler Hicks

Bug Description

Should cipher_list.c be updated with newer module names? There was commit to add blowfish_generic.ko for kernels >= 3.2, but for example twofish.ko hasn't existed since 2.6.36 (was renamed to twofish_generic.ko). Also serpent.ko has been renamed to serpent_generic.ko in >= 3.3.

Revision history for this message
Tyler Hicks (tyhicks) wrote :

Rather than try to keep up with the kernel crypto api changes, I'd like to remove the unnessarily complicated kerner cipher detection code. It is over-engineered, does things that it probably shouldn't do, makes assumptions that it shouldn't, etc.

The eCryptfs kernel code behind the mount() syscall already checks to make sure that the kernel supports the cipher and keysize specified in the mount options. Lets just let that do the checking. ecryptfs-utils will just have to maintain a list of ciphers that the eCryptfs kernel code may support, prompt the user for all of those, and then let the kernel handle the error checking.

Changed in ecryptfs:
assignee: nobody → Tyler Hicks (tyhicks)
importance: Undecided → Low
status: New → In Progress
Tyler Hicks (tyhicks)
Changed in ecryptfs:
status: In Progress → Fix Committed
summary: - kernel cipher support detection lags behindkernel crypto api changes
+ kernel cipher support detection lags behind kernel crypto api changes
summary: - kernel cipher support detection lags behind kernel crypto api changes
+ kernel cipher support detection lags behind kernel crypto module name
+ changes
Revision history for this message
Jussi Kivilinna (jukivili) wrote :

Just noticed while checking the patch... blowfish is defined in libecryptfs with blocksize of 16 bytes, while it really has 8 byte/64bit blocksize.

http://lxr.linux.no/linux+v3.3.4/include/crypto/blowfish.h#L11

Revision history for this message
Tyler Hicks (tyhicks) wrote : [Bug 994813] kernel cipher support detection lags behind kernel crypto module name changes

On 2012-05-05 09:00:03, Jussi Kivilinna wrote:
> Just noticed while checking the patch... blowfish is defined in
> libecryptfs with blocksize of 16 bytes, while it really has 8 byte/64bit
> blocksize.

Nice catch! Fixed in revno 688.

Dustin Kirkland  (kirkland)
Changed in ecryptfs:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.