ecryptfs returns EINVAL rather than EISDIR on read() on directory

Bug #719691 reported by Mark Schreiber on 2011-02-15
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eCryptfs
Undecided
Tyler Hicks
linux (Ubuntu)
Low
Andy Whitcroft
Lucid
Low
Colin Ian King

Bug Description

Binary package hint: linux-generic

When using ecryptfs (the filesystem used for encrypted home directories on Ubuntu by default), attempts to read(2)/read(3) from an open()ed directory return EINVAL, rather than EISDIR. This causes, for example, grep to spit out errors.

Test case:
(on an ecryptfs mount, broken)
$ mkdir foo
$ grep blah foo
grep: foo: Invalid argument
$ strace -fe open,read grep blah foo
[clip]
open("foo", O_RDONLY) = 3
read(3, 0x7fe000, 32768) = -1 EINVAL (Invalid argument)
[clip]

(on ext4, working correctly)
$ mkdir foo
$ grep blah foo
$ strace -fe open,read grep blah foo
[clip]
open("foo", O_RDONLY) = 3
read(3, 0x890000, 32768) = -1 EISDIR (Is a directory)

According to SUSv2, the ecryptfs behavior is indeed incorrect:
[EINVAL]
    [OB XSR] [Option Start] The STREAM or multiplexer referenced by fildes is linked (directly or indirectly) downstream from a multiplexer. [Option End]
[EISDIR]
    [XSI] [Option Start] The fildes argument refers to a directory and the implementation does not allow the directory to be read using read() or pread(). The readdir() function should be used instead. [Option End]

Mark Schreiber (mark7) on 2011-02-16
description: updated
Andy Whitcroft (apw) on 2011-02-16
affects: linux-meta (Ubuntu) → linux (Ubuntu)
Changed in linux (Ubuntu):
status: New → Triaged
Andy Whitcroft (apw) on 2011-02-16
Changed in linux (Ubuntu):
assignee: nobody → Andy Whitcroft (apw)
status: Triaged → In Progress
Andy Whitcroft (apw) wrote :

Confirmed that this behaviour is present. Seems that ecryptfs is not using the common directory read. Looks to be simple to fix, will spin a patch for testing.

Changed in linux (Ubuntu):
importance: Undecided → Low
Andy Whitcroft (apw) wrote :

Ok I think this is easy to fix. I have a patch for this and applied it to a recent Natty kernel for testing. Could you test the kernels below and confirm they work for you. Kernels are at the URL below:

    http://people.canonical.com/~apw/lp719691-natty/

Please report back here. Thanks.

Mark Schreiber (mark7) wrote :

Tested the x86_64 kernel on a Lucid box (unfortunately, didn't have access to the Karmic box that problem was originally produced on) and can confirm that on the stock kernel, the problem is present, and on your patched kernel, the problem is resolved.

Sweet turnaround on that, Andy -- a patch and test kernel build in less than the time it took me to next check my email.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.38-4.31

---------------
linux (2.6.38-4.31) natty; urgency=low

  [ Andy Whitcroft ]

  * add in bugs closed by upstream patches pulled in by rebases
  * rebase to 795abaf1e4e188c4171e3cd3dbb11a9fcacaf505
  * [Config] enable CONFIG_VSX to allow use of vector instuctions
  * resync with maverick 98defa1c5773a3d7e4c524967eb01d5bae035816
  * rebase to mainline v2.6.38-rc5
  * SAUCE: ecryptfs: read on a directory should return EISDIR if not
    supported
    - LP: #719691

  [ Colin Ian King ]

  * SAUCE: Dell All-In-One: Remove need for Dell module alias

  [ Manoj Iyer ]

  * SAUCE: (drop after 2.6.38) add ricoh 0xe823 pci id.
    - LP: #717435

  [ Tim Gardner ]

  * [Config] CONFIG_CRYPTO_CRC32C_INTEL=y

  [ Upstream Kernel Changes ]

  * Quirk to fix suspend/resume on Lenovo Edge 11,13,14,15
    - LP: #702434
  * vfs: fix BUG_ON() in fs/namei.c:1461

  [ Vladislav P ]

  * SAUCE: Release BTM while sleeping to avoid deadlock.
    - LP: #713837

  [ Major Kernel Changes ]

  * rebase from v2.6.38-rc4 to v2.6.38-rc5
    - LP: #579276
    - LP: #715877
    - LP: #713769
  * resync with Maverick Ubuntu-2.6.35-27.47
 -- Andy Whitcroft <email address hidden> Fri, 11 Feb 2011 17:24:09 +0000

Changed in linux (Ubuntu):
status: In Progress → Fix Released
Tyler Hicks (tyhicks) wrote :

Linus released this fix in 2.6.38-rc6. Thanks Andy!

Changed in ecryptfs:
assignee: nobody → Tyler Hicks (tyhicks)
status: New → Fix Released
Colin Ian King (colin-king) wrote :

SRU Justification:

Impact: Read on an ecryptfs directory should return EISDIR if not
supported however currently EINVAL is being returned rather than
EISDIR.

Fix: With this patch a .read operation for ecryptfs directories is
connected up to generic_read_dir() which then performs the correct
behavior.

Testcase:

See comment #1 in the bug report.

Tim Gardner (timg-tpi) on 2012-02-16
Changed in linux (Ubuntu Lucid):
status: New → Fix Committed
Herton R. Krzesinski (herton) wrote :

The commit for this issue in Lucid is an early application of a commit that will be coming in via upstream stable (2.6.32.58). As such it is not subject to the standard bug verification process.

tags: added: verification-done-lucid
Changed in linux (Ubuntu Lucid):
assignee: nobody → Colin King (colin-king)
importance: Undecided → Low
Colin Ian King (colin-king) wrote :

Tested and verified working for Lucid -proposed i386 2.6.32-40.87

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.32-40.87

---------------
linux (2.6.32-40.87) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #947375

  [ Upstream Kernel Changes ]

  * IB/mlx4: pass SMP vendor-specific attribute MADs to firmware
    - LP: #932043
  * mm/filemap_xip.c: fix race condition in xip_file_fault()
    - LP: #932043
  * NFSv4: Fix up the callers of nfs4_state_end_reclaim_reboot
    - LP: #932043
  * NFSv4: The state manager shouldn't exit on errors that were handled
    - LP: #932043
  * NFSv4: Ensure the state manager handles NFS4ERR_NO_GRACE correctly
    - LP: #932043
  * NFSv4: Handle NFS4ERR_GRACE when recovering an expired lease.
    - LP: #932043
  * NFSv4: Fix open recovery
    - LP: #932043
  * rpc client can not deal with ENOSOCK, so translate it into ENOCONN
    - LP: #932043
  * udf: Mark LVID buffer as uptodate before marking it dirty
    - LP: #932043
  * eCryptfs: Infinite loop due to overflow in ecryptfs_write()
    - LP: #932043
  * atmel_lcdfb: fix usage of CONTRAST_CTR in suspend/resume
    - LP: #932043
  * Staging: asus_oled: fix image processing
    - LP: #932043
  * Staging: android: binder: Don't call dump_stack in binder_vma_open
    - LP: #932043
  * Staging: android: binder: Fix crashes when sharing a binder file
    between processes
    - LP: #932043
  * usb: gadget: zero: fix bug in loopback autoresume handling
    - LP: #932043
  * usb: Skip PCI USB quirk handling for Netlogic XLP
    - LP: #932043
  * USB: usbserial: add new PID number (0xa951) to the ftdi driver
    - LP: #932043
  * mmc: cb710 core: Add missing spin_lock_init for irq_lock of struct
    cb710_chip
    - LP: #932043
  * net: fix sk_forward_alloc corruptions
    - LP: #932043
  * net: sock_queue_err_skb() dont mess with sk_forward_alloc
    - LP: #932043
  * Linux 2.6.32.57
    - LP: #932043
  * Ban ecryptfs over ecryptfs
    - LP: #932987
  * eCryptfs: Remove mmap from directory operations
    - LP: #400443
  * eCryptfs: Use notify_change for truncating lower inodes
    - LP: #451368
  * ecryptfs: read on a directory should return EISDIR if not supported
    - LP: #719691
  * eCryptfs: Remove extra d_delete in ecryptfs_rmdir
    - LP: #723518
  * eCryptfs: Clear i_nlink in rmdir
    - LP: #723518
  * KVM: Device assignment permission checks
    - LP: #897812
    - CVE-2011-4347
  * block: Fix io_context leak after clone with CLONE_IO
    - LP: #940743
    - CVE-2012-0879
  * block: Fix io_context leak after failure of clone with CLONE_IO
    - LP: #940743
    - CVE-2012-0879
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * drm/i915: Fix TV Out refresh rate.
    - LP: #945114
  * Linux 2.6.32.57+drm33.23
    - LP: #945114
 -- Herton Ronaldo Krzesinski <email address hidden> Mon, 05 Mar 2012 16:09:18 -0300

Changed in linux (Ubuntu Lucid):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers