Ubuntu 11.04 natty Linux ubuntu 2.6.38-11-generic #50-Ubuntu SMP Mon Sep 12 21:17:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
I'm now reproducing the problem in a VMware virtual machine by repeatedly md5sum scanning a subset of files on that 17GB directory as small as 119 MB. (If I scan too small a directory, some sort of caching seems to happen and I don't see any errors.) What is happening is that the sizes of some files are changing on some subsequent md5sum passes. Usually when one stat()s the file, one gets the actual size of the unencrypted file. Occasionally, the size of the underlying *encrypted* file is substituted for the real file size and so the md5sum sums some extra bytes that it shouldn't. It's tricky to get at the bad content of the file, since to do so I'd have to actually copy every file to a temporary location, check to see if the size of the copy matched the original, and complain if not. I'll work on doing that. Until then, here is an example. Here is the correct file, md5sum, and size (61440): 9a601197629e5c0b68ecad8d039d1b51 23 1575321 33056 2 777 777 0 61440 1316934939 1163069184 1316934615 4096 136 /home/idallen- ecryptfs/[filename] When I repeated the md5sum scanning over and over, suddenly I got this: a wrong md5sum and wrong file size (69632): e26ef8caef4c1eca7672a6e0678b3190 23 1575321 33056 2 777 777 0 69632 1316934939 1163069184 1316934615 4096 136 /home/idallen- ecryptfs/[filename] Where does 69632 come from? Well, look at the encrypted file size that corresponds to that inode: # find /mnt/sdb1/idallen-ecryptfs/.Private -inum 1575321 -ls 1575321 68 -r--r----- 2 idallen idallen 69632 Nov 9 2006 /mnt/sdb1/idallen-ecryptfs/.Private/[...] There it is! The underlying *encrypted* file size is bleeding up to be the (incorrect) size of the *unencrypted* file on some passes. I'm also seeing these errors in kern.log, but these messages don't always appear when I'm seeing corruption, so I don't know how to relate them: [...] Sep 25 20:43:12 ubuntu kernel: [59348.543107] ecryptfs_decrypt_page: Error attempting to read lower page; rc = [-4] Sep 25 20:43:12 ubuntu kernel: [59348.543113] ecryptfs_readpage: Error decrypting page; rc = [-4] Sep 25 21:59:10 ubuntu kernel: [63906.460167] ecryptfs_read_and_validate_header_region: Error reading header region; rc = [-4] Sep 25 21:59:10 ubuntu kernel: [63906.460334] Valid eCryptfs headers not found in file header region or xattr region Sep 25 21:59:10 ubuntu kernel: [63906.460336] Either the lower file is not in a valid eCryptfs format, or the key could not be retrieved. Plaintext passthrough mode is not enabled; returning -EIO -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/509180 Title: ecryptfs sometimes seems to add trailing garbage to encrypted files To manage notifications about this bug go to: https://bugs.launchpad.net/ecryptfs/+bug/509180/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
