aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs/main.c
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@us.ibm.com>2007-02-12 03:53:44 -0500
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-02-12 12:48:36 -0500
commitdddfa461fc8951f9b5f951c13565b6cac678635a (patch)
treeeaf51d6825bd97087b9c700f7010ed08e3f83047 /fs/ecryptfs/main.c
parent88b4a07e6610f4c93b08b0bb103318218db1e9f6 (diff)
[PATCH] eCryptfs: Public key; packet management
Public key support code. This reads and writes packets in the header that contain public key encrypted file keys. It calls the messaging code in the previous patch to send and receive encryption and decryption request packets from the userspace daemon. [akpm@osdl.org: cleab fix] Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/ecryptfs/main.c')
-rw-r--r--fs/ecryptfs/main.c49
1 files changed, 47 insertions, 2 deletions
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index fe41ab1566e..87f05c4bd50 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -6,6 +6,7 @@
6 * Copyright (C) 2004-2006 International Business Machines Corp. 6 * Copyright (C) 2004-2006 International Business Machines Corp.
7 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 7 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
8 * Michael C. Thompson <mcthomps@us.ibm.com> 8 * Michael C. Thompson <mcthomps@us.ibm.com>
9 * Tyler Hicks <tyhicks@ou.edu>
9 * 10 *
10 * This program is free software; you can redistribute it and/or 11 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License as 12 * modify it under the terms of the GNU General Public License as
@@ -48,6 +49,43 @@ MODULE_PARM_DESC(ecryptfs_verbosity,
48 "Initial verbosity level (0 or 1; defaults to " 49 "Initial verbosity level (0 or 1; defaults to "
49 "0, which is Quiet)"); 50 "0, which is Quiet)");
50 51
52/**
53 * Module parameter that defines the number of netlink message buffer
54 * elements
55 */
56unsigned int ecryptfs_message_buf_len = ECRYPTFS_DEFAULT_MSG_CTX_ELEMS;
57
58module_param(ecryptfs_message_buf_len, uint, 0);
59MODULE_PARM_DESC(ecryptfs_message_buf_len,
60 "Number of message buffer elements");
61
62/**
63 * Module parameter that defines the maximum guaranteed amount of time to wait
64 * for a response through netlink. The actual sleep time will be, more than
65 * likely, a small amount greater than this specified value, but only less if
66 * the netlink message successfully arrives.
67 */
68signed long ecryptfs_message_wait_timeout = ECRYPTFS_MAX_MSG_CTX_TTL / HZ;
69
70module_param(ecryptfs_message_wait_timeout, long, 0);
71MODULE_PARM_DESC(ecryptfs_message_wait_timeout,
72 "Maximum number of seconds that an operation will "
73 "sleep while waiting for a message response from "
74 "userspace");
75
76/**
77 * Module parameter that is an estimate of the maximum number of users
78 * that will be concurrently using eCryptfs. Set this to the right
79 * value to balance performance and memory use.
80 */
81unsigned int ecryptfs_number_of_users = ECRYPTFS_DEFAULT_NUM_USERS;
82
83module_param(ecryptfs_number_of_users, uint, 0);
84MODULE_PARM_DESC(ecryptfs_number_of_users, "An estimate of the number of "
85 "concurrent users of eCryptfs");
86
87unsigned int ecryptfs_transport = ECRYPTFS_DEFAULT_TRANSPORT;
88
51void __ecryptfs_printk(const char *fmt, ...) 89void __ecryptfs_printk(const char *fmt, ...)
52{ 90{
53 va_list args; 91 va_list args;
@@ -347,9 +385,10 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
347 rc = -EINVAL; 385 rc = -EINVAL;
348 goto out; 386 goto out;
349 } 387 }
350 if (auth_tok->token_type != ECRYPTFS_PASSWORD) { 388 if (auth_tok->token_type != ECRYPTFS_PASSWORD
389 && auth_tok->token_type != ECRYPTFS_PRIVATE_KEY) {
351 ecryptfs_printk(KERN_ERR, "Invalid auth_tok structure " 390 ecryptfs_printk(KERN_ERR, "Invalid auth_tok structure "
352 "returned from key\n"); 391 "returned from key query\n");
353 rc = -EINVAL; 392 rc = -EINVAL;
354 goto out; 393 goto out;
355 } 394 }
@@ -794,6 +833,11 @@ static int __init ecryptfs_init(void)
794 ecryptfs_free_kmem_caches(); 833 ecryptfs_free_kmem_caches();
795 goto out; 834 goto out;
796 } 835 }
836 rc = ecryptfs_init_messaging(ecryptfs_transport);
837 if (rc) {
838 ecryptfs_printk(KERN_ERR, "Failure occured while attempting to "
839 "initialize the eCryptfs netlink socket\n");
840 }
797out: 841out:
798 return rc; 842 return rc;
799} 843}
@@ -805,6 +849,7 @@ static void __exit ecryptfs_exit(void)
805 sysfs_remove_file(&ecryptfs_subsys.kset.kobj, 849 sysfs_remove_file(&ecryptfs_subsys.kset.kobj,
806 &sysfs_attr_version_str.attr); 850 &sysfs_attr_version_str.attr);
807 subsystem_unregister(&ecryptfs_subsys); 851 subsystem_unregister(&ecryptfs_subsys);
852 ecryptfs_release_messaging(ecryptfs_transport);
808 unregister_filesystem(&ecryptfs_fs_type); 853 unregister_filesystem(&ecryptfs_fs_type);
809 ecryptfs_free_kmem_caches(); 854 ecryptfs_free_kmem_caches();
810} 855}