eCryptfs: Ensure i_size is set in ecryptfs_getattr()

If the eCryptfs inode size was not set in the ecryptfs_lookup() path, we
need to force another read in ecryptfs_getattr() so that userspace gets a
valid st_size.

This could happen if stat was called on an eCryptfs inode that had not
yet been initialized. If the read of the eCryptfs metadata during
ecryptfs_lookup() was interrupted, it would result in an inode with an
i_size equal to that of the lower file (the ECRYPTFS_I_SIZE_INITIALIZED
flag would also not be set). ecryptfs_getattr() would then fill the
kstat using the bad i_size. If the file was then opened, a full parsing
of the metadata occurred and i_size would be properly set. But the
amount of readable data would not match what was reported earlier in the
flawed stat.

The fix is to check for the ECRYPTFS_I_SIZE_INITIALIZED flag and if it
is not set, make sure that the lower file is an eCryptfs-encrypted file
and then read the decrypted i_size from the metdata.

ecryptfs_i_size_read() was changed to return errors if there was a
problem reading the decrypted i_size from the metadata. It previously
ignored those errors because ecryptfs_lookup_interpose() was the
only caller and it needed to ignore the errors so that non-eCryptfs
files in the lower filesystem could be looked up.

Signed-off-by: Tyler Hicks <>
1 file changed