On 2017/10/31 17:16, Sheng Yong wrote:
>
>
> On 2017/10/31 15:57, Chao Yu wrote:
>> On 2017/10/31 9:38, Sheng Yong wrote:
>>> If a file is encrypted, its content is cipher text on the storage. So
>>> there is no need to dump an encrypted file.
>>
>> IMO, if user have encryption key, it still has chance to read that file,
>> right? So how about keeping this functionality?
> Nope. When we dump an encrypted file, we only get the cipher data. If we want
> to decrypt the data, we must provide a method to writeback the data directly>
> to the device. Then we get a chance to get the correct plain data. Otherwise,
> if we simply copy the dumped file to filesystem, it doesn't work.
I just thought we can provider the cipher data and encryption policy info,
then particular filesystem can provider specified interface to recover this
file, maybe via DIO or ioctl.
Maybe we can discuss with google developer that how can we handle dumpfile
flow with encrypted regular.
Anyway, enable/disable this functionality are both okay to me.
Reviewed-by: Chao Yu <yuch...@huawei.com>
Thanks,
>
> thanks,
> Sheng
>>
>> Thanks,
>>
>>>
>>> Signed-off-by: Sheng Yong <shengyo...@huawei.com>
>>> ---
>>> fsck/dump.c | 12 ++++++++----
>>> 1 file changed, 8 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/fsck/dump.c b/fsck/dump.c
>>> index 01889fd..d11e8e2 100644
>>> --- a/fsck/dump.c
>>> +++ b/fsck/dump.c
>>> @@ -410,12 +410,17 @@ static void dump_file(struct f2fs_sb_info *sbi,
>>> struct node_info *ni,
>>> struct f2fs_inode *inode = &node_blk->i;
>>> u32 imode = le32_to_cpu(inode->i_mode);
>>> u32 namelen = le32_to_cpu(inode->i_namelen);
>>> - unsigned char name[F2FS_NAME_LEN + 1] = {0};
>>> + char name[F2FS_NAME_LEN + 1] = {0};
>>> char path[1024] = {0};
>>> char ans[255] = {0};
>>> - int enc_name = file_enc_name(inode);
>>> + int is_encrypted = file_is_encrypt(inode);
>>> int ret;
>>>
>>> + if (is_encrypted) {
>>> + MSG(force, "File is encrypted\n");
>>> + return;
>>> + }
>>> +
>>> if (!S_ISREG(imode) || namelen == 0 || namelen > F2FS_NAME_LEN) {
>>> MSG(force, "Not a regular file or wrong name info\n\n");
>>> return;
>>> @@ -433,8 +438,7 @@ dump:
>>> ASSERT(ret >= 0);
>>>
>>> /* make a file */
>>> - namelen = convert_encrypted_name(inode->i_name, namelen,
>>> - name, enc_name);
>>> + strncpy(name, (const char *)inode->i_name, namelen);
>>> name[namelen] = 0;
>>> sprintf(path, "./lost_found/%s", name);
>>>
>>>
>>
>>
>> .
>>
>
>
> .
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
