aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@us.ibm.com>2007-10-16 04:27:55 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-16 12:43:10 -0400
commit956159c3d6e7eed61da0aaee740fbfba52849ff8 (patch)
treeb4b14bbda404eda6ce6d9604e6024f3a647dfc8c
parente0869cc144174c5e3e2671cb40fdecac44d71855 (diff)
eCryptfs: kmem_cache objects for multiple keys; init/exit functions
Introduce kmem_cache objects for handling multiple keys per inode. Add calls in the module init and exit code to call the key list initialization/destruction functions. Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat
-rw-r--r--fs/ecryptfs/main.c44
1 files changed, 36 insertions, 8 deletions
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index 6e2170c96c02..0387f0d73cd0 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -240,14 +240,11 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
240 int cipher_name_set = 0; 240 int cipher_name_set = 0;
241 int cipher_key_bytes; 241 int cipher_key_bytes;
242 int cipher_key_bytes_set = 0; 242 int cipher_key_bytes_set = 0;
243 struct key *auth_tok_key = NULL;
244 struct ecryptfs_auth_tok *auth_tok = NULL;
245 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 243 struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
246 &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; 244 &ecryptfs_superblock_to_private(sb)->mount_crypt_stat;
247 substring_t args[MAX_OPT_ARGS]; 245 substring_t args[MAX_OPT_ARGS];
248 int token; 246 int token;
249 char *sig_src; 247 char *sig_src;
250 char *sig_dst;
251 char *debug_src; 248 char *debug_src;
252 char *cipher_name_dst; 249 char *cipher_name_dst;
253 char *cipher_name_src; 250 char *cipher_name_src;
@@ -258,6 +255,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
258 rc = -EINVAL; 255 rc = -EINVAL;
259 goto out; 256 goto out;
260 } 257 }
258 ecryptfs_init_mount_crypt_stat(mount_crypt_stat);
261 while ((p = strsep(&options, ",")) != NULL) { 259 while ((p = strsep(&options, ",")) != NULL) {
262 if (!*p) 260 if (!*p)
263 continue; 261 continue;
@@ -334,12 +332,10 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
334 p); 332 p);
335 } 333 }
336 } 334 }
337 /* Do not support lack of mount-wide signature in 0.1
338 * release */
339 if (!sig_set) { 335 if (!sig_set) {
340 rc = -EINVAL; 336 rc = -EINVAL;
341 ecryptfs_printk(KERN_ERR, "You must supply a valid " 337 ecryptfs_printk(KERN_ERR, "You must supply at least one valid "
342 "passphrase auth tok signature as a mount " 338 "auth tok signature as a mount "
343 "parameter; see the eCryptfs README\n"); 339 "parameter; see the eCryptfs README\n");
344 goto out; 340 goto out;
345 } 341 }
@@ -615,6 +611,21 @@ static struct ecryptfs_cache_info {
615 .name = "ecryptfs_key_record_cache", 611 .name = "ecryptfs_key_record_cache",
616 .size = sizeof(struct ecryptfs_key_record), 612 .size = sizeof(struct ecryptfs_key_record),
617 }, 613 },
614 {
615 .cache = &ecryptfs_key_sig_cache,
616 .name = "ecryptfs_key_sig_cache",
617 .size = sizeof(struct ecryptfs_key_sig),
618 },
619 {
620 .cache = &ecryptfs_global_auth_tok_cache,
621 .name = "ecryptfs_global_auth_tok_cache",
622 .size = sizeof(struct ecryptfs_global_auth_tok),
623 },
624 {
625 .cache = &ecryptfs_key_tfm_cache,
626 .name = "ecryptfs_key_tfm_cache",
627 .size = sizeof(struct ecryptfs_key_tfm),
628 },
618}; 629};
619 630
620static void ecryptfs_free_kmem_caches(void) 631static void ecryptfs_free_kmem_caches(void)
@@ -717,7 +728,8 @@ static struct ecryptfs_version_str_map_elem {
717 {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"}, 728 {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"},
718 {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"}, 729 {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"},
719 {ECRYPTFS_VERSIONING_POLICY, "policy"}, 730 {ECRYPTFS_VERSIONING_POLICY, "policy"},
720 {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"} 731 {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"},
732 {ECRYPTFS_VERSIONING_MULTKEY, "multiple keys per file"}
721}; 733};
722 734
723static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff) 735static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff)
@@ -782,6 +794,12 @@ out:
782 794
783static void do_sysfs_unregistration(void) 795static void do_sysfs_unregistration(void)
784{ 796{
797 int rc;
798
799 if ((rc = ecryptfs_destruct_crypto())) {
800 printk(KERN_ERR "Failure whilst attempting to destruct crypto; "
801 "rc = [%d]\n", rc);
802 }
785 sysfs_remove_file(&ecryptfs_subsys.kobj, 803 sysfs_remove_file(&ecryptfs_subsys.kobj,
786 &sysfs_attr_version.attr); 804 &sysfs_attr_version.attr);
787 sysfs_remove_file(&ecryptfs_subsys.kobj, 805 sysfs_remove_file(&ecryptfs_subsys.kobj,
@@ -830,6 +848,16 @@ static int __init ecryptfs_init(void)
830 do_sysfs_unregistration(); 848 do_sysfs_unregistration();
831 unregister_filesystem(&ecryptfs_fs_type); 849 unregister_filesystem(&ecryptfs_fs_type);
832 ecryptfs_free_kmem_caches(); 850 ecryptfs_free_kmem_caches();
851 goto out;
852 }
853 rc = ecryptfs_init_crypto();
854 if (rc) {
855 printk(KERN_ERR "Failure whilst attempting to init crypto; "
856 "rc = [%d]\n", rc);
857 do_sysfs_unregistration();
858 unregister_filesystem(&ecryptfs_fs_type);
859 ecryptfs_free_kmem_caches();
860 goto out;
833 } 861 }
834out: 862out:
835 return rc; 863 return rc;
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-25 02:30:41 -0400