New issue
Advanced search Search tips

Issue 707251 link

Starred by 2 users
Status: WontFix
Owner:
gwendal@chromium.org
Closed: Feb 2018
Cc:
groeck@chromium.org
asavery@chromium.org
sarthakkukreti@chromium.org
hashimoto@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug

Blocked on:
issue 680333


Sign in to add a comment

ext4 crypto: Verify 4.14 impact on directory encryption

Project Member Reported by gwendal@chromium.org, Mar 31 2017 
With Kernel 4.9, directory encryption moved from ext4 to vfs (commit a7550b3 ext4 crypto: migrate into vfs's crypto engine):
- adapt cryptohome to 4.9 kernel. IOCTL definitions may have change.
- ensure a directory created with 4.4 kernel are still readable with 4.9 kernel.

Comment 1 by gwendal@chromium.org, Apr 3 2017

Cc: groeck@chromium.org
Using https://chromium.googlesource.com/chromiumos/third_party/kernel-next, branch chromeos-4.9-merge.

Booting 4.9.20-01951-g6dc5146,  R59-9427.0.0 as image.

Several issues:
- chromeos-startup is not recognizing directory encryption is supported, revert back to ecryptfs.

- ecryptfs is not working when creating a mount with --action=mount --create
2017-04-03T09:46:20.690003-07:00 WARNING cryptohomed[2649]: Could not load the device policy file.
2017-04-03T09:46:20.767392-07:00 WARNING cryptohomed[2649]: Could not load the device policy file.
2017-04-03T09:46:21.457747-07:00 INFO cryptohomed[2649]: Migrated (or created) user directory: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/vault
2017-04-03T09:46:21.460472-07:00 INFO cryptohomed[2649]: Creating pass-through directories /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/vault/user/Cache
2017-04-03T09:46:21.460566-07:00 INFO cryptohomed[2649]: Creating pass-through directories /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/vault/user/Downloads
2017-04-03T09:46:21.460623-07:00 INFO cryptohomed[2649]: Creating pass-through directories /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/vault/user/GCache
2017-04-03T09:46:21.460677-07:00 INFO cryptohomed[2649]: Creating pass-through directories /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/vault/user/GCache/v1
2017-04-03T09:46:21.460734-07:00 INFO cryptohomed[2649]: Creating pass-through directories /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/vault/user/GCache/v1/blobs
2017-04-03T09:46:21.460801-07:00 INFO cryptohomed[2649]: Creating pass-through directories /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/vault/user/GCache/v1/tmp
2017-04-03T09:46:21.461200-07:00 ERR cryptohomed[2649]: Couldn't change owner (1000:1000) of destination path: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/.bash_logout
2017-04-03T09:46:21.461232-07:00 ERR cryptohomed[2649]: Couldn't change owner (1000:1000) of destination path: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/.bash_profile
2017-04-03T09:46:21.461246-07:00 ERR cryptohomed[2649]: Couldn't change owner (1000:1000) of destination path: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/.bashrc
2017-04-03T09:46:21.461289-07:00 INFO cryptohomed[2649]: RecursiveCopy: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/.pki
2017-04-03T09:46:21.461582-07:00 INFO cryptohomed[2649]: RecursiveCopy: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/.pki/nssdb
2017-04-03T09:46:21.463062-07:00 INFO cryptohomed[2649]: RecursiveCopy: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/.ssh
2017-04-03T09:46:21.463331-07:00 INFO cryptohomed[2649]: RecursiveCopy: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/log
2017-04-03T09:46:21.463640-07:00 ERR cryptohomed[2649]: stat() of /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/Downloads failed.: No such file or directory
2017-04-03T09:46:21.463655-07:00 ERR cryptohomed[2649]: Couldn't set up group access on directory: /home/.shadow/0fa71de4407538a93c03a691421dfdbe8fbe10e6/mount/user/Downloads
messages
851 KB View Download

Comment 2 by gwendal@chromium.org, Oct 10 2017

Cc: sarthakkukreti@chromium.org asavery@chromium.org
Summary: ext4 crypto: Verify 4.12 impact on directory encryption (was: ext4 crypto: Verify 4.9 impact on directory encryption)
Need to recheck with 4.12 and R63.

Comment 3 by groeck@chromium.org, Jan 20 2018

Summary: ext4 crypto: Verify 4.14 impact on directory encryption (was: ext4 crypto: Verify 4.12 impact on directory encryption)
4.12 is dead, long live 4.14.

Comment 4 by gwendal@chromium.org, Feb 14 2018

Blockedon: 680333
Status: WontFix (was: Untriaged)
#1: 

chromeos-startup is working fine with 4.4:
. /usr/share/misc/chromeos-common.sh
if ext4_dir_encryption_supported; then echo supported ; fi
supported

Check that user with ext4 crypto is mounted properly.


Downloads directory issue is fixed with https://bugs.chromium.org/p/chromium/issues/detail?id=680333#c43

Comment 5 by groeck@chromium.org, Feb 14 2018 

#4: I am a bit confused. This bug was about chromeos-4.14. It is great that things work with chromeos-4.4, but isn't that besides the point ?

Sign in to add a comment