Bug#315624: paranoia mode is key for reproducing this

Wed, 29 Jun 2005 16:23:44 -0700 

On Tuesday 28 June 2005 16:31, Valient Gough wrote:

> The patch from my previous mail should work.  I will be releasing a new
> version after I've had a chance for more testing.

I did some testing today and found that the previous patch caused a problem as 
big as the one it solved -- IV headers of new files not properly initialized 
with the patch.  The attached patch is an improvement, although it is not 
optimal speed-wise as it re-introduces a per-file lock in the read pipeline.  
Still a work in progress.

regards,
Valient

--- old-encfs-1.2/encfs/FileNode.cpp	2005-05-17 21:01:55.000000000 +0200
+++ new-encfs-1.2/encfs/FileNode.cpp	2005-06-30 01:00:04.000000000 +0200
@@ -21,6 +21,7 @@
 
 #include <errno.h>
 #include <sys/stat.h>
+#include <sys/types.h>
 #include <fcntl.h>
 #include <unistd.h>
 #include <sys/fsuid.h>
@@ -129,6 +130,15 @@
     return _pname.c_str();
 }
 
+static bool setIV(const Ptr<FileIO> &io, uint64_t iv)
+{
+    struct stat stbuf;
+    if((io->getAttr(&stbuf) < 0) || S_ISREG(stbuf.st_mode))
+	return io->setIV( iv );
+    else
+	return true;
+}
+
 bool FileNode::setName( const char *plaintextName_, const char *cipherName_,
 	uint64_t iv, bool setIVFirst )
 {
@@ -137,7 +147,7 @@
     rDebug("calling setIV on %s", cipherName_);
     if(setIVFirst)
     {
-	if(externalIVChaining && !io->setIV( iv ))
+	if(externalIVChaining && !setIV(io, iv))
 	    return false;
 
 	// now change the name..
@@ -161,7 +171,7 @@
 	    io->setFileName( cipherName_ );
 	}
 
-	if(externalIVChaining && !io->setIV( iv ))
+	if(externalIVChaining && !setIV(io, iv))
 	{
 	    _pname = oldPName;
 	    _cname = oldCName;
@@ -245,9 +255,11 @@
     req.dataLen = size;
     req.data = data;
 
-    // seems like it should be safe to let reads go on at the same time as
-    // everything else..
-    //Lock _lock( mutex );
+    // TODO: remove this lock.  This was not used in 1.2.2 and below, but there
+    // seems to be a race condition in the MAC header processing which affects
+    // paranoia mode users.  Better play it safe until the race can be
+    // eliminated.
+    Lock _lock( mutex );
     rAssert( refCnt > 0 );
     rAssert( retainCount > 0 );

Attachment: pgprPybtsxwZn.pgp
Description: PGP signature

Reply via email to