Hi Tyler, thanks for commenting on this. I'm trying to get encryptfs going over a remote filesystem, and xattrs are the only practical place to put crypto headers due to file reading speeds: https://www.amazon.com/clouddrive/
And in particular, if you go to read any part of a file, you have to get the whole file: https://developer.amazon.com/public/apis/experience/cloud-drive/content/nodes You can imagine in a directory with many things, or even just a few huge things, an 'ls -al' can make the system start downloading a lot while also appearing to hang. To get ecryptfs working practically on this kind of remote filesystem, we'd have to use xattrs. Do you know what would be involved for a fix? I'd be happy to contribute if you could point me in the right direction. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1612492 Title: remounting breaks size reporting and rsync Status in eCryptfs: Confirmed Status in ecryptfs-utils: Invalid Status in linux package in Ubuntu: Confirmed Bug description: Sorry to resurrect an old bug, it looks like a fix applied a while back may end up breaking rsync. For reference, it looks like the decision in this bug fix was to pass on the encrypted file size on disk to stat calls looking at the unencrypted mount: https://bugs.launchpad.net/ecryptfs/+bug/390833 For reference, to reproduce: mkdir /mnt/raw mkdir /mnt/decrypted dd if=/dev/urandom of=file.out2 bs=1MB count=100 mount -t ecryptfs -o ecryptfs_passthrough=n,no_sig_cache,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_xattr,ecryptfs_enable_filename_crypto=y,passphrase_passwd=SECRET,ecryptfs_fnek_sig=SECRET /mnt/raw /mnt/decrypted rsync file.out2 /mnt/decrypted/ stat /mnt/decrypted/file.out2 # you get size 100000000 umount /mnt/decrypted/ mount -t ecryptfs -o ecryptfs_passthrough=n,no_sig_cache,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_xattr,ecryptfs_enable_filename_crypto=y,passphrase_passwd=SECRET,ecryptfs_fnek_sig=SECRET /mnt/raw /mnt/decrypted stat /mnt/decrypted/file.out2 # you get size 100003840 What this means in practice is any additional rsyncs to that target after remounting will see the file size as different than the original, and issue a full new copy. My use case is ecryptfs over a remote file system, so rsync is no better than cp. Would it be possible to make file size reporting consistent, and reflective of the size of the file as a reader would see it? To manage notifications about this bug go to: https://bugs.launchpad.net/ecryptfs/+bug/1612492/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
