Ubuntu
linux package

ecryptfs: Could not parse tag 70 packet from filename

Bug #357345 reported by Dustin Kirkland 
24
This bug affects 2 people
Affects Status Importance Assigned to Milestone
eCryptfs
Fix Released
Medium
Tyler Hicks
linux (Ubuntu)
Fix Released
Undecided
Unassigned
Jaunty
Fix Released
Medium
Tim Gardner
Ubuntu jaunty-updates

Bug Description

My dmesg is flooded with these on an up-to-date jaunty kernel.

[ 45.653441] ecryptfs_parse_tag_70_packet: max_packet_size is [56]; real packet size is [51]
[ 45.653444] ecryptfs_decode_and_decrypt_filename: Could not parse tag 70 packet from filename; copying through filename as-is

This was initially reported in Bug #331082. I'm opening here because it's a separate issue.

Looking at the underlying data, I cannot find any non-encrypted filenames.

Furthermore, I don't see any encrypted filenames in my cleartext mountpoint.

Please let me know how I can help debug this issue, Tyler.

:-Dustin

Dustin Kirkland  (kirkland)
Changed in linux (Ubuntu):
assignee: nobody → tyhicks
importance: Undecided → Medium
status: New → Confirmed
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Please apply this patch, reproduce and let me know what filename(s) are causing this issue.

Tyler Hicks (tyhicks)
Changed in ecryptfs:
assignee: nobody → tyhicks
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: Confirmed → In Progress
Revision history for this message
Tyler Hicks (tyhicks) wrote :
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Assigned the Linux task to Tim Gardner. Nominating for Jaunty SRU, hopefully this will make it into a Jaunty update kernel. Definitely not an RC blocker.

:-Dustin

Changed in linux (Ubuntu):
assignee: Tyler Hicks (tyhicks) → Tim Gardner (timg-tpi)
Revision history for this message
Tyler Hicks (tyhicks) wrote :

I meant to mention that this condition looks to be harmless. I was finally able to reproduce it on my system while building the kernel in an eCryptfs mount. make seemed to handle this correctly by passing a larger bufsiz to readlink() after receiving the truncated, encrypted target. I haven't heard of any application failures from this.

Tim Gardner (timg-tpi)
summary: - Could not parse tag 70 packet from filename
+ ecryptfs: Could not parse tag 70 packet from filename
Revision history for this message
Tim Gardner (timg-tpi) wrote :

SRU Justification

Impact: Soft linked file names can produce alarming warnings in dmesg
(and are not actually encrypted, thereby leaking information)

Patch: http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=commit;h=a63b7d7beeaa1f8f33369cab6419831fa8991e40

Patch Description: When using filename encryption with eCryptfs, the value of the symlink in the lower filesystem is encrypted and stored as a Tag 70 packet. This results in a longer symlink target than if the target value wasn't encrypted.

Test Case: dmesg flood stops

Changed in linux (Ubuntu Jaunty):
milestone: none → jaunty-updates
status: In Progress → Fix Committed
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Merged upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ff91fad2db543325d7221c26ff42d7df3c574064

Changed in ecryptfs:
status: In Progress → Fix Committed
Revision history for this message
Tim Gardner (timg-tpi) wrote :

It's in Linus tree, so I think we can consider the patch effectively released.

Changed in linux (Ubuntu):
assignee: Tim Gardner (timg-tpi) → nobody
importance: Medium → Undecided
milestone: jaunty-updates → none
status: Fix Committed → Fix Released
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Released in 2.6.30-rc4: http://thread.gmane.org/gmane.linux.kernel/829860

Changed in ecryptfs:
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

Accepted linux into jaunty-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

tags: added: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.28-13.44

---------------
linux (2.6.28-13.44) jaunty-proposed; urgency=low

  [ Stefan Bader ]

  * Revert "SAUCE: [jaunty] ALSA: Add retry for Intel8x0 clock measurement"
  * Revert "SAUCE: [jaunty] ALSA: Fix clock and buffer calculations for
    Intel8x0"
  * Revert "SAUCE: [jaunty] ALSA: Fix buffer positions and checks"

linux (2.6.28-12.43) jaunty-proposed; urgency=low

  [ Amit Kucheria ]

  * Enable SYN_COOKIES for iop32x and versatile flavours
    - LP: #361687
  * SAUCE: Quirk for BT USB device on MacbookPro to be reset before use
    - LP: #332443

  [ Brad Figg ]

  * [jaunty] Add missing mvsas (Marvel SAS 6440) module configuration.
    - LP: #352336

  [ Chuck Short ]

  * SAUCE: [USB] Unusual Device support for Gold MP3 Player Energy
    - LP: #125250

  [ Daniel T Chen ]

  * SAUCE: [jaunty] ALSA: Fix buffer positions and checks
    - LP: #345627
  * SAUCE: [jaunty] ALSA: Fix clock and buffer calculations for Intel8x0
    - LP: #345627
  * SAUCE: [jaunty] ALSA: Add retry for Intel8x0 clock measurement
    - LP: #345627

  [ Luke Yelavich ]

  * disable CONFIG_SND_HDA_INPUT_BEEP on amd64 and i386
    - LP: #331589

  [ Makito SHIOKAWA ]

  * [ARM] 5404/1: Fix condition in arm_elf_read_implies_exec() to set
    READ_IMPLIES_EXEC
    - LP: #364358

  [ Manoj Iyer ]

  * SAUCE: Added quirk to fix key release for Samsung NC20
    - LP: #360247

  [ Oleg Nesterov ]

  * posix timers: fix RLIMIT_CPU && fork()
    - LP: #361508

  [ Scott James Remnant ]

  * [Config] Disable libusual and the ub driver
    - LP: #364538

  [ Stefan Bader ]

  * Disable unwanted staging builds
    - LP: #366144
  * Remove prism2_usb driver from ubuntu and use the one from staging
    - LP: #325366
  * SAUCE: Make rtl8187se depend on WIRELESS_EXT
    - LP: #366144
  * Disable CONFIG_RTL8187SE for armel.versatile
    - LP: #366144

  [ Tejun Heo ]

  * libata: handle SEMB signature better
    - LP: #257790

  [ Tim Gardner ]

  * Set USB_SERIAL=m for i386/amd64
    - LP: #345002
  * SAUCE: Jaunty - aic79xx - set reset delay to 5 seconds, down from 15.
    - LP: #79542
  * SAUCE: (drop after 2.6.28) Wifi suspend/resume scan timeout fixes
    - LP: #336055
  * Sony laptop: Sony Vaio laptops do not enable wwan power by default.
    - LP: #364678

  [ Tyler Hicks ]

  * SAUCE: (drop after 2.6.28) eCryptfs: Larger buffer for encrypted
    symlink targets
    - LP: #357345

  [ Upstream Kernel Changes ]

  * V4L/DVB (9999): gspca - zc3xx: Webcam 046d:089d added.
    - LP: #326674
  * V4L/DVB (10044): gspca - pac7311: Webcam 093a:2620 added.
    - LP: #363195
  * hwmon: (it87) Add support for the ITE IT8720F
    - LP: #357766
  * vgacon: Return the upper half of 512 character fonts
    - LP: #355057
  * drm/i915: add support for G41 chipset
    - LP: #365958

 -- Stefan Bader <email address hidden> Mon, 25 May 2009 17:30:40 +0200

Changed in linux (Ubuntu Jaunty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.