Bug #53417
openlibrbd/crypto: Uninitialized image data may be gibberish
0%
Description
By convention, librbd returns zeros when reading uninitialized image data.
When using encryption, this convention is not guaranteed.
Specifically, this can happen when non-sparse reads are issued to the OSDs,
such in the case where the reads are smaller than rbd_sparse_read_threshold_bytes.
In such cases, the OSD reads will return zeros, which will be decrypted by the crypto object dispatch layer.
Reproducing this issue is therefore easy:
Create an empty RBD image.
Format the image to use encryption (e.g. rbd encryption format with LUKS1/2).
Make sure rbd_sparse_read_threshold_bytes is set to 64KB (default).
Open the image (rbd_open) and load encryption (rbd_encryption_load).
Read 4K of data (nevermind the offset, could be offset 0 for exmaple).
Instead of zeros you will get decrypted zeros (looks like random data).