aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@us.ibm.com>2008-04-29 03:59:51 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-04-29 11:06:07 -0400
commitf66e883eb6186bc43a79581b67aff7d1a69d0ff1 (patch)
tree9fc1fb65586ff334a1f8c1afb9a43edf077d338f
parent8bf2debd5f7bf12d122124e34fec14af5b1e8ecf (diff)
eCryptfs: integrate eCryptfs device handle into the module.
Update the versioning information. Make the message types generic. Add an outgoing message queue to the daemon struct. Make the functions to parse and write the packet lengths available to the rest of the module. Add functions to create and destroy the daemon structs. Clean up some of the comments and make the code a little more consistent with itself. [akpm@linux-foundation.org: printk fixes] Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/ecryptfs/Makefile2
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h79
-rw-r--r--fs/ecryptfs/keystore.c89
-rw-r--r--fs/ecryptfs/messaging.c479
-rw-r--r--fs/ecryptfs/miscdev.c4
-rw-r--r--fs/ecryptfs/netlink.c8
6 files changed, 435 insertions, 226 deletions
diff --git a/fs/ecryptfs/Makefile b/fs/ecryptfs/Makefile
index 768857015516..1e34a7fd4884 100644
--- a/fs/ecryptfs/Makefile
+++ b/fs/ecryptfs/Makefile
@@ -4,4 +4,4 @@
4 4
5obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o 5obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o
6 6
7ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o netlink.o debug.o 7ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o netlink.o miscdev.o debug.o
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 342e8d37b421..72e117706a68 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -4,7 +4,7 @@
4 * 4 *
5 * Copyright (C) 1997-2003 Erez Zadok 5 * Copyright (C) 1997-2003 Erez Zadok
6 * Copyright (C) 2001-2003 Stony Brook University 6 * Copyright (C) 2001-2003 Stony Brook University
7 * Copyright (C) 2004-2007 International Business Machines Corp. 7 * Copyright (C) 2004-2008 International Business Machines Corp.
8 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 8 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
9 * Trevor S. Highland <trevor.highland@gmail.com> 9 * Trevor S. Highland <trevor.highland@gmail.com>
10 * Tyler Hicks <tyhicks@ou.edu> 10 * Tyler Hicks <tyhicks@ou.edu>
@@ -49,11 +49,13 @@
49#define ECRYPTFS_VERSIONING_POLICY 0x00000008 49#define ECRYPTFS_VERSIONING_POLICY 0x00000008
50#define ECRYPTFS_VERSIONING_XATTR 0x00000010 50#define ECRYPTFS_VERSIONING_XATTR 0x00000010
51#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020 51#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020
52#define ECRYPTFS_VERSIONING_DEVMISC 0x00000040
52#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \ 53#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \
53 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \ 54 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \
54 | ECRYPTFS_VERSIONING_PUBKEY \ 55 | ECRYPTFS_VERSIONING_PUBKEY \
55 | ECRYPTFS_VERSIONING_XATTR \ 56 | ECRYPTFS_VERSIONING_XATTR \
56 | ECRYPTFS_VERSIONING_MULTKEY) 57 | ECRYPTFS_VERSIONING_MULTKEY \
58 | ECRYPTFS_VERSIONING_DEVMISC)
57#define ECRYPTFS_MAX_PASSWORD_LENGTH 64 59#define ECRYPTFS_MAX_PASSWORD_LENGTH 64
58#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH 60#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH
59#define ECRYPTFS_SALT_SIZE 8 61#define ECRYPTFS_SALT_SIZE 8
@@ -73,17 +75,14 @@
73#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32 75#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32
74#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ 76#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ
75#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3) 77#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3)
76#define ECRYPTFS_NLMSG_HELO 100
77#define ECRYPTFS_NLMSG_QUIT 101
78#define ECRYPTFS_NLMSG_REQUEST 102
79#define ECRYPTFS_NLMSG_RESPONSE 103
80#define ECRYPTFS_MAX_PKI_NAME_BYTES 16 78#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
81#define ECRYPTFS_DEFAULT_NUM_USERS 4 79#define ECRYPTFS_DEFAULT_NUM_USERS 4
82#define ECRYPTFS_MAX_NUM_USERS 32768 80#define ECRYPTFS_MAX_NUM_USERS 32768
83#define ECRYPTFS_TRANSPORT_NETLINK 0 81#define ECRYPTFS_TRANSPORT_NETLINK 0
84#define ECRYPTFS_TRANSPORT_CONNECTOR 1 82#define ECRYPTFS_TRANSPORT_CONNECTOR 1
85#define ECRYPTFS_TRANSPORT_RELAYFS 2 83#define ECRYPTFS_TRANSPORT_RELAYFS 2
86#define ECRYPTFS_DEFAULT_TRANSPORT ECRYPTFS_TRANSPORT_NETLINK 84#define ECRYPTFS_TRANSPORT_MISCDEV 3
85#define ECRYPTFS_DEFAULT_TRANSPORT ECRYPTFS_TRANSPORT_MISCDEV
87#define ECRYPTFS_XATTR_NAME "user.ecryptfs" 86#define ECRYPTFS_XATTR_NAME "user.ecryptfs"
88 87
89#define RFC2440_CIPHER_DES3_EDE 0x02 88#define RFC2440_CIPHER_DES3_EDE 0x02
@@ -366,32 +365,62 @@ struct ecryptfs_auth_tok_list_item {
366}; 365};
367 366
368struct ecryptfs_message { 367struct ecryptfs_message {
368 /* Can never be greater than ecryptfs_message_buf_len */
369 /* Used to find the parent msg_ctx */
370 /* Inherits from msg_ctx->index */
369 u32 index; 371 u32 index;
370 u32 data_len; 372 u32 data_len;
371 u8 data[]; 373 u8 data[];
372}; 374};
373 375
374struct ecryptfs_msg_ctx { 376struct ecryptfs_msg_ctx {
375#define ECRYPTFS_MSG_CTX_STATE_FREE 0x0001 377#define ECRYPTFS_MSG_CTX_STATE_FREE 0x01
376#define ECRYPTFS_MSG_CTX_STATE_PENDING 0x0002 378#define ECRYPTFS_MSG_CTX_STATE_PENDING 0x02
377#define ECRYPTFS_MSG_CTX_STATE_DONE 0x0003 379#define ECRYPTFS_MSG_CTX_STATE_DONE 0x03
378 u32 state; 380#define ECRYPTFS_MSG_CTX_STATE_NO_REPLY 0x04
379 unsigned int index; 381 u8 state;
380 unsigned int counter; 382#define ECRYPTFS_MSG_HELO 100
383#define ECRYPTFS_MSG_QUIT 101
384#define ECRYPTFS_MSG_REQUEST 102
385#define ECRYPTFS_MSG_RESPONSE 103
386 u8 type;
387 u32 index;
388 /* Counter converts to a sequence number. Each message sent
389 * out for which we expect a response has an associated
390 * sequence number. The response must have the same sequence
391 * number as the counter for the msg_stc for the message to be
392 * valid. */
393 u32 counter;
394 size_t msg_size;
381 struct ecryptfs_message *msg; 395 struct ecryptfs_message *msg;
382 struct task_struct *task; 396 struct task_struct *task;
383 struct list_head node; 397 struct list_head node;
398 struct list_head daemon_out_list;
384 struct mutex mux; 399 struct mutex mux;
385}; 400};
386 401
387extern unsigned int ecryptfs_transport; 402extern unsigned int ecryptfs_transport;
388 403
389struct ecryptfs_daemon_id { 404struct ecryptfs_daemon;
405
406struct ecryptfs_daemon {
407#define ECRYPTFS_DAEMON_IN_READ 0x00000001
408#define ECRYPTFS_DAEMON_IN_POLL 0x00000002
409#define ECRYPTFS_DAEMON_ZOMBIE 0x00000004
410#define ECRYPTFS_DAEMON_MISCDEV_OPEN 0x00000008
411 u32 flags;
412 u32 num_queued_msg_ctx;
390 pid_t pid; 413 pid_t pid;
391 uid_t uid; 414 uid_t euid;
392 struct hlist_node id_chain; 415 struct task_struct *task;
416 struct mutex mux;
417 struct list_head msg_ctx_out_queue;
418 wait_queue_head_t wait;
419 struct hlist_node euid_chain;
393}; 420};
394 421
422extern struct mutex ecryptfs_daemon_hash_mux;
423
395static inline struct ecryptfs_file_info * 424static inline struct ecryptfs_file_info *
396ecryptfs_file_to_private(struct file *file) 425ecryptfs_file_to_private(struct file *file)
397{ 426{
@@ -593,13 +622,13 @@ int ecryptfs_init_messaging(unsigned int transport);
593void ecryptfs_release_messaging(unsigned int transport); 622void ecryptfs_release_messaging(unsigned int transport);
594 623
595int ecryptfs_send_netlink(char *data, int data_len, 624int ecryptfs_send_netlink(char *data, int data_len,
596 struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type, 625 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
597 u16 msg_flags, pid_t daemon_pid); 626 u16 msg_flags, pid_t daemon_pid);
598int ecryptfs_init_netlink(void); 627int ecryptfs_init_netlink(void);
599void ecryptfs_release_netlink(void); 628void ecryptfs_release_netlink(void);
600 629
601int ecryptfs_send_connector(char *data, int data_len, 630int ecryptfs_send_connector(char *data, int data_len,
602 struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type, 631 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
603 u16 msg_flags, pid_t daemon_pid); 632 u16 msg_flags, pid_t daemon_pid);
604int ecryptfs_init_connector(void); 633int ecryptfs_init_connector(void);
605void ecryptfs_release_connector(void); 634void ecryptfs_release_connector(void);
@@ -642,5 +671,19 @@ int ecryptfs_read_lower_page_segment(struct page *page_for_ecryptfs,
642 size_t offset_in_page, size_t size, 671 size_t offset_in_page, size_t size,
643 struct inode *ecryptfs_inode); 672 struct inode *ecryptfs_inode);
644struct page *ecryptfs_get_locked_page(struct file *file, loff_t index); 673struct page *ecryptfs_get_locked_page(struct file *file, loff_t index);
674int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon);
675int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon, uid_t euid);
676int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
677 size_t *length_size);
678int ecryptfs_write_packet_length(char *dest, size_t size,
679 size_t *packet_size_length);
680int ecryptfs_init_ecryptfs_miscdev(void);
681void ecryptfs_destroy_ecryptfs_miscdev(void);
682int ecryptfs_send_miscdev(char *data, size_t data_size,
683 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
684 u16 msg_flags, struct ecryptfs_daemon *daemon);
685void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx);
686int
687ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, uid_t euid, pid_t pid);
645 688
646#endif /* #ifndef ECRYPTFS_KERNEL_H */ 689#endif /* #ifndef ECRYPTFS_KERNEL_H */
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 682b1b2482c2..e82b457180be 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -65,7 +65,7 @@ static int process_request_key_err(long err_code)
65} 65}
66 66
67/** 67/**
68 * parse_packet_length 68 * ecryptfs_parse_packet_length
69 * @data: Pointer to memory containing length at offset 69 * @data: Pointer to memory containing length at offset
70 * @size: This function writes the decoded size to this memory 70 * @size: This function writes the decoded size to this memory
71 * address; zero on error 71 * address; zero on error
@@ -73,8 +73,8 @@ static int process_request_key_err(long err_code)
73 * 73 *
74 * Returns zero on success; non-zero on error 74 * Returns zero on success; non-zero on error
75 */ 75 */
76static int parse_packet_length(unsigned char *data, size_t *size, 76int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
77 size_t *length_size) 77 size_t *length_size)
78{ 78{
79 int rc = 0; 79 int rc = 0;
80 80
@@ -105,7 +105,7 @@ out:
105} 105}
106 106
107/** 107/**
108 * write_packet_length 108 * ecryptfs_write_packet_length
109 * @dest: The byte array target into which to write the length. Must 109 * @dest: The byte array target into which to write the length. Must
110 * have at least 5 bytes allocated. 110 * have at least 5 bytes allocated.
111 * @size: The length to write. 111 * @size: The length to write.
@@ -114,8 +114,8 @@ out:
114 * 114 *
115 * Returns zero on success; non-zero on error. 115 * Returns zero on success; non-zero on error.
116 */ 116 */
117static int write_packet_length(char *dest, size_t size, 117int ecryptfs_write_packet_length(char *dest, size_t size,
118 size_t *packet_size_length) 118 size_t *packet_size_length)
119{ 119{
120 int rc = 0; 120 int rc = 0;
121 121
@@ -162,8 +162,8 @@ write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key,
162 goto out; 162 goto out;
163 } 163 }
164 message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE; 164 message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE;
165 rc = write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 165 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
166 &packet_size_len); 166 &packet_size_len);
167 if (rc) { 167 if (rc) {
168 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 168 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
169 "header; cannot generate packet length\n"); 169 "header; cannot generate packet length\n");
@@ -172,8 +172,9 @@ write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key,
172 i += packet_size_len; 172 i += packet_size_len;
173 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 173 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
174 i += ECRYPTFS_SIG_SIZE_HEX; 174 i += ECRYPTFS_SIG_SIZE_HEX;
175 rc = write_packet_length(&message[i], session_key->encrypted_key_size, 175 rc = ecryptfs_write_packet_length(&message[i],
176 &packet_size_len); 176 session_key->encrypted_key_size,
177 &packet_size_len);
177 if (rc) { 178 if (rc) {
178 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 179 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
179 "header; cannot generate packet length\n"); 180 "header; cannot generate packet length\n");
@@ -225,7 +226,7 @@ parse_tag_65_packet(struct ecryptfs_session_key *session_key, u8 *cipher_code,
225 rc = -EIO; 226 rc = -EIO;
226 goto out; 227 goto out;
227 } 228 }
228 rc = parse_packet_length(&data[i], &m_size, &data_len); 229 rc = ecryptfs_parse_packet_length(&data[i], &m_size, &data_len);
229 if (rc) { 230 if (rc) {
230 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 231 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
231 "rc = [%d]\n", rc); 232 "rc = [%d]\n", rc);
@@ -304,8 +305,8 @@ write_tag_66_packet(char *signature, u8 cipher_code,
304 goto out; 305 goto out;
305 } 306 }
306 message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE; 307 message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE;
307 rc = write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 308 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
308 &packet_size_len); 309 &packet_size_len);
309 if (rc) { 310 if (rc) {
310 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 311 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
311 "header; cannot generate packet length\n"); 312 "header; cannot generate packet length\n");
@@ -315,8 +316,8 @@ write_tag_66_packet(char *signature, u8 cipher_code,
315 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 316 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
316 i += ECRYPTFS_SIG_SIZE_HEX; 317 i += ECRYPTFS_SIG_SIZE_HEX;
317 /* The encrypted key includes 1 byte cipher code and 2 byte checksum */ 318 /* The encrypted key includes 1 byte cipher code and 2 byte checksum */
318 rc = write_packet_length(&message[i], crypt_stat->key_size + 3, 319 rc = ecryptfs_write_packet_length(&message[i], crypt_stat->key_size + 3,
319 &packet_size_len); 320 &packet_size_len);
320 if (rc) { 321 if (rc) {
321 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 322 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
322 "header; cannot generate packet length\n"); 323 "header; cannot generate packet length\n");
@@ -357,20 +358,25 @@ parse_tag_67_packet(struct ecryptfs_key_record *key_rec,
357 /* verify that everything through the encrypted FEK size is present */ 358 /* verify that everything through the encrypted FEK size is present */
358 if (message_len < 4) { 359 if (message_len < 4) {
359 rc = -EIO; 360 rc = -EIO;
361 printk(KERN_ERR "%s: message_len is [%Zd]; minimum acceptable "
362 "message length is [%d]\n", __func__, message_len, 4);
360 goto out; 363 goto out;
361 } 364 }
362 if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) { 365 if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) {
363 ecryptfs_printk(KERN_ERR, "Type should be ECRYPTFS_TAG_67\n");
364 rc = -EIO; 366 rc = -EIO;
367 printk(KERN_ERR "%s: Type should be ECRYPTFS_TAG_67\n",
368 __func__);
365 goto out; 369 goto out;
366 } 370 }
367 if (data[i++]) { 371 if (data[i++]) {
368 ecryptfs_printk(KERN_ERR, "Status indicator has non zero value"
369 " [%d]\n", data[i-1]);
370 rc = -EIO; 372 rc = -EIO;
373 printk(KERN_ERR "%s: Status indicator has non zero "
374 "value [%d]\n", __func__, data[i-1]);
375
371 goto out; 376 goto out;
372 } 377 }
373 rc = parse_packet_length(&data[i], &key_rec->enc_key_size, &data_len); 378 rc = ecryptfs_parse_packet_length(&data[i], &key_rec->enc_key_size,
379 &data_len);
374 if (rc) { 380 if (rc) {
375 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 381 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
376 "rc = [%d]\n", rc); 382 "rc = [%d]\n", rc);
@@ -378,17 +384,17 @@ parse_tag_67_packet(struct ecryptfs_key_record *key_rec,
378 } 384 }
379 i += data_len; 385 i += data_len;
380 if (message_len < (i + key_rec->enc_key_size)) { 386 if (message_len < (i + key_rec->enc_key_size)) {
381 ecryptfs_printk(KERN_ERR, "message_len [%d]; max len is [%d]\n",
382 message_len, (i + key_rec->enc_key_size));
383 rc = -EIO; 387 rc = -EIO;
388 printk(KERN_ERR "%s: message_len [%Zd]; max len is [%Zd]\n",
389 __func__, message_len, (i + key_rec->enc_key_size));
384 goto out; 390 goto out;
385 } 391 }
386 if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 392 if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
387 ecryptfs_printk(KERN_ERR, "Encrypted key_size [%d] larger than "
388 "the maximum key size [%d]\n",
389 key_rec->enc_key_size,
390 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
391 rc = -EIO; 393 rc = -EIO;
394 printk(KERN_ERR "%s: Encrypted key_size [%Zd] larger than "
395 "the maximum key size [%d]\n", __func__,
396 key_rec->enc_key_size,
397 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
392 goto out; 398 goto out;
393 } 399 }
394 memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size); 400 memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size);
@@ -445,7 +451,7 @@ decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
445 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key), 451 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key),
446 &netlink_message, &netlink_message_length); 452 &netlink_message, &netlink_message_length);
447 if (rc) { 453 if (rc) {
448 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet"); 454 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n");
449 goto out; 455 goto out;
450 } 456 }
451 rc = ecryptfs_send_message(ecryptfs_transport, netlink_message, 457 rc = ecryptfs_send_message(ecryptfs_transport, netlink_message,
@@ -570,8 +576,8 @@ parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat,
570 goto out; 576 goto out;
571 } 577 }
572 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 578 (*new_auth_tok) = &auth_tok_list_item->auth_tok;
573 rc = parse_packet_length(&data[(*packet_size)], &body_size, 579 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
574 &length_size); 580 &length_size);
575 if (rc) { 581 if (rc) {
576 printk(KERN_WARNING "Error parsing packet length; " 582 printk(KERN_WARNING "Error parsing packet length; "
577 "rc = [%d]\n", rc); 583 "rc = [%d]\n", rc);
@@ -704,8 +710,8 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
704 goto out; 710 goto out;
705 } 711 }
706 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 712 (*new_auth_tok) = &auth_tok_list_item->auth_tok;
707 rc = parse_packet_length(&data[(*packet_size)], &body_size, 713 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
708 &length_size); 714 &length_size);
709 if (rc) { 715 if (rc) {
710 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n", 716 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n",
711 rc); 717 rc);
@@ -852,8 +858,8 @@ parse_tag_11_packet(unsigned char *data, unsigned char *contents,
852 rc = -EINVAL; 858 rc = -EINVAL;
853 goto out; 859 goto out;
854 } 860 }
855 rc = parse_packet_length(&data[(*packet_size)], &body_size, 861 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
856 &length_size); 862 &length_size);
857 if (rc) { 863 if (rc) {
858 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 864 printk(KERN_WARNING "Invalid tag 11 packet format\n");
859 goto out; 865 goto out;
@@ -1405,8 +1411,8 @@ write_tag_1_packet(char *dest, size_t *remaining_bytes,
1405 auth_tok->token.private_key.key_size; 1411 auth_tok->token.private_key.key_size;
1406 rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec); 1412 rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec);
1407 if (rc) { 1413 if (rc) {
1408 ecryptfs_printk(KERN_ERR, "Failed to encrypt session key " 1414 printk(KERN_ERR "Failed to encrypt session key via a key "
1409 "via a pki"); 1415 "module; rc = [%d]\n", rc);
1410 goto out; 1416 goto out;
1411 } 1417 }
1412 if (ecryptfs_verbosity > 0) { 1418 if (ecryptfs_verbosity > 0) {
@@ -1430,8 +1436,9 @@ encrypted_session_key_set:
1430 goto out; 1436 goto out;
1431 } 1437 }
1432 dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE; 1438 dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE;
1433 rc = write_packet_length(&dest[(*packet_size)], (max_packet_size - 4), 1439 rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
1434 &packet_size_length); 1440 (max_packet_size - 4),
1441 &packet_size_length);
1435 if (rc) { 1442 if (rc) {
1436 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet " 1443 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet "
1437 "header; cannot generate packet length\n"); 1444 "header; cannot generate packet length\n");
@@ -1489,8 +1496,9 @@ write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents,
1489 goto out; 1496 goto out;
1490 } 1497 }
1491 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE; 1498 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE;
1492 rc = write_packet_length(&dest[(*packet_length)], 1499 rc = ecryptfs_write_packet_length(&dest[(*packet_length)],
1493 (max_packet_size - 4), &packet_size_length); 1500 (max_packet_size - 4),
1501 &packet_size_length);
1494 if (rc) { 1502 if (rc) {
1495 printk(KERN_ERR "Error generating tag 11 packet header; cannot " 1503 printk(KERN_ERR "Error generating tag 11 packet header; cannot "
1496 "generate packet length. rc = [%d]\n", rc); 1504 "generate packet length. rc = [%d]\n", rc);
@@ -1682,8 +1690,9 @@ encrypted_session_key_set:
1682 dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE; 1690 dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE;
1683 /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3) 1691 /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3)
1684 * to get the number of octets in the actual Tag 3 packet */ 1692 * to get the number of octets in the actual Tag 3 packet */
1685 rc = write_packet_length(&dest[(*packet_size)], (max_packet_size - 4), 1693 rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
1686 &packet_size_length); 1694 (max_packet_size - 4),
1695 &packet_size_length);
1687 if (rc) { 1696 if (rc) {
1688 printk(KERN_ERR "Error generating tag 3 packet header; cannot " 1697 printk(KERN_ERR "Error generating tag 3 packet header; cannot "
1689 "generate packet length. rc = [%d]\n", rc); 1698 "generate packet length. rc = [%d]\n", rc);
diff --git a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c
index 9cc2aec27b0d..c6038bd60897 100644
--- a/fs/ecryptfs/messaging.c
+++ b/fs/ecryptfs/messaging.c
@@ -1,7 +1,7 @@
1/** 1/**
2 * eCryptfs: Linux filesystem encryption layer 2 * eCryptfs: Linux filesystem encryption layer
3 * 3 *
4 * Copyright (C) 2004-2006 International Business Machines Corp. 4 * Copyright (C) 2004-2008 International Business Machines Corp.
5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
6 * Tyler Hicks <tyhicks@ou.edu> 6 * Tyler Hicks <tyhicks@ou.edu>
7 * 7 *
@@ -26,13 +26,13 @@ static LIST_HEAD(ecryptfs_msg_ctx_free_list);
26static LIST_HEAD(ecryptfs_msg_ctx_alloc_list); 26static LIST_HEAD(ecryptfs_msg_ctx_alloc_list);
27static struct mutex ecryptfs_msg_ctx_lists_mux; 27static struct mutex ecryptfs_msg_ctx_lists_mux;
28 28
29static struct hlist_head *ecryptfs_daemon_id_hash; 29static struct hlist_head *ecryptfs_daemon_hash;
30static struct mutex ecryptfs_daemon_id_hash_mux; 30struct mutex ecryptfs_daemon_hash_mux;
31static int ecryptfs_hash_buckets; 31static int ecryptfs_hash_buckets;
32#define ecryptfs_uid_hash(uid) \ 32#define ecryptfs_uid_hash(uid) \
33 hash_long((unsigned long)uid, ecryptfs_hash_buckets) 33 hash_long((unsigned long)uid, ecryptfs_hash_buckets)
34 34
35static unsigned int ecryptfs_msg_counter; 35static u32 ecryptfs_msg_counter;
36static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr; 36static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
37 37
38/** 38/**
@@ -40,9 +40,10 @@ static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
40 * @msg_ctx: The context that was acquired from the free list 40 * @msg_ctx: The context that was acquired from the free list
41 * 41 *
42 * Acquires a context element from the free list and locks the mutex 42 * Acquires a context element from the free list and locks the mutex
43 * on the context. Returns zero on success; non-zero on error or upon 43 * on the context. Sets the msg_ctx task to current. Returns zero on
44 * failure to acquire a free context element. Be sure to lock the 44 * success; non-zero on error or upon failure to acquire a free
45 * list mutex before calling. 45 * context element. Must be called with ecryptfs_msg_ctx_lists_mux
46 * held.
46 */ 47 */
47static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx) 48static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx)
48{ 49{
@@ -50,11 +51,11 @@ static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx)
50 int rc; 51 int rc;
51 52
52 if (list_empty(&ecryptfs_msg_ctx_free_list)) { 53 if (list_empty(&ecryptfs_msg_ctx_free_list)) {
53 ecryptfs_printk(KERN_WARNING, "The eCryptfs free " 54 printk(KERN_WARNING "%s: The eCryptfs free "
54 "context list is empty. It may be helpful to " 55 "context list is empty. It may be helpful to "
55 "specify the ecryptfs_message_buf_len " 56 "specify the ecryptfs_message_buf_len "
56 "parameter to be greater than the current " 57 "parameter to be greater than the current "
57 "value of [%d]\n", ecryptfs_message_buf_len); 58 "value of [%d]\n", __func__, ecryptfs_message_buf_len);
58 rc = -ENOMEM; 59 rc = -ENOMEM;
59 goto out; 60 goto out;
60 } 61 }
@@ -75,8 +76,7 @@ out:
75 * ecryptfs_msg_ctx_free_to_alloc 76 * ecryptfs_msg_ctx_free_to_alloc
76 * @msg_ctx: The context to move from the free list to the alloc list 77 * @msg_ctx: The context to move from the free list to the alloc list
77 * 78 *
78 * Be sure to lock the list mutex and the context mutex before 79 * Must be called with ecryptfs_msg_ctx_lists_mux held.
79 * calling.
80 */ 80 */
81static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx) 81static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx)
82{ 82{
@@ -89,36 +89,37 @@ static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx)
89 * ecryptfs_msg_ctx_alloc_to_free 89 * ecryptfs_msg_ctx_alloc_to_free
90 * @msg_ctx: The context to move from the alloc list to the free list 90 * @msg_ctx: The context to move from the alloc list to the free list
91 * 91 *
92 * Be sure to lock the list mutex and the context mutex before 92 * Must be called with ecryptfs_msg_ctx_lists_mux held.
93 * calling.
94 */ 93 */
95static void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx) 94void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx)
96{ 95{
97 list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list); 96 list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list);
98 if (msg_ctx->msg) 97 if (msg_ctx->msg)
99 kfree(msg_ctx->msg); 98 kfree(msg_ctx->msg);
99 msg_ctx->msg = NULL;
100 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE; 100 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE;
101} 101}
102 102
103/** 103/**
104 * ecryptfs_find_daemon_id 104 * ecryptfs_find_daemon_by_euid
105 * @uid: The user id which maps to the desired daemon id 105 * @euid: The effective user id which maps to the desired daemon id
106 * @id: If return value is zero, points to the desired daemon id 106 * @daemon: If return value is zero, points to the desired daemon pointer
107 * pointer
108 * 107 *
109 * Search the hash list for the given user id. Returns zero if the 108 * Must be called with ecryptfs_daemon_hash_mux held.
110 * user id exists in the list; non-zero otherwise. The daemon id hash 109 *
111 * mutex should be held before calling this function. 110 * Search the hash list for the given user id.
111 *
112 * Returns zero if the user id exists in the list; non-zero otherwise.
112 */ 113 */
113static int ecryptfs_find_daemon_id(uid_t uid, struct ecryptfs_daemon_id **id) 114int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon, uid_t euid)
114{ 115{
115 struct hlist_node *elem; 116 struct hlist_node *elem;
116 int rc; 117 int rc;
117 118
118 hlist_for_each_entry(*id, elem, 119 hlist_for_each_entry(*daemon, elem,
119 &ecryptfs_daemon_id_hash[ecryptfs_uid_hash(uid)], 120 &ecryptfs_daemon_hash[ecryptfs_uid_hash(euid)],
120 id_chain) { 121 euid_chain) {
121 if ((*id)->uid == uid) { 122 if ((*daemon)->euid == euid) {
122 rc = 0; 123 rc = 0;
123 goto out; 124 goto out;
124 } 125 }
@@ -128,181 +129,291 @@ out:
128 return rc; 129 return rc;
129} 130}
130 131
131static int ecryptfs_send_raw_message(unsigned int transport, u16 msg_type, 132static int
132 pid_t pid) 133ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len,
134 u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx);
135
136/**
137 * ecryptfs_send_raw_message
138 * @transport: Transport type
139 * @msg_type: Message type
140 * @daemon: Daemon struct for recipient of message
141 *
142 * A raw message is one that does not include an ecryptfs_message
143 * struct. It simply has a type.
144 *
145 * Must be called with ecryptfs_daemon_hash_mux held.
146 *
147 * Returns zero on success; non-zero otherwise
148 */
149static int ecryptfs_send_raw_message(unsigned int transport, u8 msg_type,
150 struct ecryptfs_daemon *daemon)
133{ 151{
152 struct ecryptfs_msg_ctx *msg_ctx;
134 int rc; 153 int rc;
135 154
136 switch(transport) { 155 switch(transport) {
137 case ECRYPTFS_TRANSPORT_NETLINK: 156 case ECRYPTFS_TRANSPORT_NETLINK:
138 rc = ecryptfs_send_netlink(NULL, 0, NULL, msg_type, 0, pid); 157 rc = ecryptfs_send_netlink(NULL, 0, NULL, msg_type, 0,
158 daemon->pid);
159 break;
160 case ECRYPTFS_TRANSPORT_MISCDEV:
161 rc = ecryptfs_send_message_locked(transport, NULL, 0, msg_type,
162 &msg_ctx);
163 if (rc) {
164 printk(KERN_ERR "%s: Error whilst attempting to send "
165 "message via procfs; rc = [%d]\n", __func__, rc);
166 goto out;
167 }
168 /* Raw messages are logically context-free (e.g., no
169 * reply is expected), so we set the state of the
170 * ecryptfs_msg_ctx object to indicate that it should
171 * be freed as soon as the transport sends out the message. */
172 mutex_lock(&msg_ctx->mux);
173 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_NO_REPLY;
174 mutex_unlock(&msg_ctx->mux);
139 break; 175 break;
140 case ECRYPTFS_TRANSPORT_CONNECTOR: 176 case ECRYPTFS_TRANSPORT_CONNECTOR:
141 case ECRYPTFS_TRANSPORT_RELAYFS: 177 case ECRYPTFS_TRANSPORT_RELAYFS:
142 default: 178 default:
143 rc = -ENOSYS; 179 rc = -ENOSYS;
144 } 180 }
181out:
182 return rc;
183}
184
185/**
186 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct
187 * @daemon: Pointer to set to newly allocated daemon struct
188 * @euid: Effective user id for the daemon
189 * @pid: Process id for the daemon
190 *
191 * Must be called ceremoniously while in possession of
192 * ecryptfs_sacred_daemon_hash_mux
193 *
194 * Returns zero on success; non-zero otherwise
195 */
196int
197ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, uid_t euid, pid_t pid)
198{
199 int rc = 0;
200
201 (*daemon) = kzalloc(sizeof(**daemon), GFP_KERNEL);
202 if (!(*daemon)) {
203 rc = -ENOMEM;
204 printk(KERN_ERR "%s: Failed to allocate [%Zd] bytes of "
205 "GFP_KERNEL memory\n", __func__, sizeof(**daemon));
206 goto out;
207 }
208 (*daemon)->euid = euid;
209 (*daemon)->pid = pid;
210 (*daemon)->task = current;
211 mutex_init(&(*daemon)->mux);
212 INIT_LIST_HEAD(&(*daemon)->msg_ctx_out_queue);
213 init_waitqueue_head(&(*daemon)->wait);
214 (*daemon)->num_queued_msg_ctx = 0;
215 hlist_add_head(&(*daemon)->euid_chain,
216 &ecryptfs_daemon_hash[ecryptfs_uid_hash(euid)]);
217out:
145 return rc; 218 return rc;
146} 219}
147 220
148/** 221/**
149 * ecryptfs_process_helo 222 * ecryptfs_process_helo
150 * @transport: The underlying transport (netlink, etc.) 223 * @transport: The underlying transport (netlink, etc.)
151 * @uid: The user ID owner of the message 224 * @euid: The user ID owner of the message
152 * @pid: The process ID for the userspace program that sent the 225 * @pid: The process ID for the userspace program that sent the
153 * message 226 * message
154 * 227 *
155 * Adds the uid and pid values to the daemon id hash. If a uid 228 * Adds the euid and pid values to the daemon euid hash. If an euid
156 * already has a daemon pid registered, the daemon will be 229 * already has a daemon pid registered, the daemon will be
157 * unregistered before the new daemon id is put into the hash list. 230 * unregistered before the new daemon is put into the hash list.
158 * Returns zero after adding a new daemon id to the hash list; 231 * Returns zero after adding a new daemon to the hash list;
159 * non-zero otherwise. 232 * non-zero otherwise.
160 */ 233 */
161int ecryptfs_process_helo(unsigned int transport, uid_t uid, pid_t pid) 234int ecryptfs_process_helo(unsigned int transport, uid_t euid, pid_t pid)
162{ 235{
163 struct ecryptfs_daemon_id *new_id; 236 struct ecryptfs_daemon *new_daemon;
164 struct ecryptfs_daemon_id *old_id; 237 struct ecryptfs_daemon *old_daemon;
165 int rc; 238 int rc;
166 239
167 mutex_lock(&ecryptfs_daemon_id_hash_mux); 240 mutex_lock(&ecryptfs_daemon_hash_mux);
168 new_id = kmalloc(sizeof(*new_id), GFP_KERNEL); 241 rc = ecryptfs_find_daemon_by_euid(&old_daemon, euid);
169 if (!new_id) { 242 if (rc != 0) {
170 rc = -ENOMEM;
171 ecryptfs_printk(KERN_ERR, "Failed to allocate memory; unable "
172 "to register daemon [%d] for user [%d]\n",
173 pid, uid);
174 goto unlock;
175 }
176 if (!ecryptfs_find_daemon_id(uid, &old_id)) {
177 printk(KERN_WARNING "Received request from user [%d] " 243 printk(KERN_WARNING "Received request from user [%d] "
178 "to register daemon [%d]; unregistering daemon " 244 "to register daemon [%d]; unregistering daemon "
179 "[%d]\n", uid, pid, old_id->pid); 245 "[%d]\n", euid, pid, old_daemon->pid);
180 hlist_del(&old_id->id_chain); 246 rc = ecryptfs_send_raw_message(transport, ECRYPTFS_MSG_QUIT,
181 rc = ecryptfs_send_raw_message(transport, ECRYPTFS_NLMSG_QUIT, 247 old_daemon);
182 old_id->pid);
183 if (rc) 248 if (rc)
184 printk(KERN_WARNING "Failed to send QUIT " 249 printk(KERN_WARNING "Failed to send QUIT "
185 "message to daemon [%d]; rc = [%d]\n", 250 "message to daemon [%d]; rc = [%d]\n",
186 old_id->pid, rc); 251 old_daemon->pid, rc);
187 kfree(old_id); 252 hlist_del(&old_daemon->euid_chain);
253 kfree(old_daemon);
188 } 254 }
189 new_id->uid = uid; 255 rc = ecryptfs_spawn_daemon(&new_daemon, euid, pid);
190 new_id->pid = pid; 256 if (rc)
191 hlist_add_head(&new_id->id_chain, 257 printk(KERN_ERR "%s: The gods are displeased with this attempt "
192 &ecryptfs_daemon_id_hash[ecryptfs_uid_hash(uid)]); 258 "to create a new daemon object for euid [%d]; pid [%d]; "
193 rc = 0; 259 "rc = [%d]\n", __func__, euid, pid, rc);
194unlock: 260 mutex_unlock(&ecryptfs_daemon_hash_mux);
195 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 261 return rc;
262}
263
264/**
265 * ecryptfs_exorcise_daemon - Destroy the daemon struct
266 *
267 * Must be called ceremoniously while in possession of
268 * ecryptfs_daemon_hash_mux and the daemon's own mux.
269 */
270int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon)
271{
272 struct ecryptfs_msg_ctx *msg_ctx, *msg_ctx_tmp;
273 int rc = 0;
274
275 mutex_lock(&daemon->mux);
276 if ((daemon->flags & ECRYPTFS_DAEMON_IN_READ)
277 || (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)) {
278 rc = -EBUSY;
279 printk(KERN_WARNING "%s: Attempt to destroy daemon with pid "
280 "[%d], but it is in the midst of a read or a poll\n",
281 __func__, daemon->pid);
282 mutex_unlock(&daemon->mux);
283 goto out;
284 }
285 list_for_each_entry_safe(msg_ctx, msg_ctx_tmp,
286 &daemon->msg_ctx_out_queue, daemon_out_list) {
287 list_del(&msg_ctx->daemon_out_list);
288 daemon->num_queued_msg_ctx--;
289 printk(KERN_WARNING "%s: Warning: dropping message that is in "
290 "the out queue of a dying daemon\n", __func__);
291 ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
292 }
293 hlist_del(&daemon->euid_chain);
294 if (daemon->task)
295 wake_up_process(daemon->task);
296 mutex_unlock(&daemon->mux);
297 memset(daemon, 0, sizeof(*daemon));
298 kfree(daemon);
299out:
196 return rc; 300 return rc;
197} 301}
198 302
199/** 303/**
200 * ecryptfs_process_quit 304 * ecryptfs_process_quit
201 * @uid: The user ID owner of the message 305 * @euid: The user ID owner of the message
202 * @pid: The process ID for the userspace program that sent the 306 * @pid: The process ID for the userspace program that sent the
203 * message 307 * message
204 * 308 *
205 * Deletes the corresponding daemon id for the given uid and pid, if 309 * Deletes the corresponding daemon for the given euid and pid, if
206 * it is the registered that is requesting the deletion. Returns zero 310 * it is the registered that is requesting the deletion. Returns zero
207 * after deleting the desired daemon id; non-zero otherwise. 311 * after deleting the desired daemon; non-zero otherwise.
208 */ 312 */
209int ecryptfs_process_quit(uid_t uid, pid_t pid) 313int ecryptfs_process_quit(uid_t euid, pid_t pid)
210{ 314{
211 struct ecryptfs_daemon_id *id; 315 struct ecryptfs_daemon *daemon;
212 int rc; 316 int rc;
213 317
214 mutex_lock(&ecryptfs_daemon_id_hash_mux); 318 mutex_lock(&ecryptfs_daemon_hash_mux);
215 if (ecryptfs_find_daemon_id(uid, &id)) { 319 rc = ecryptfs_find_daemon_by_euid(&daemon, euid);
216 rc = -EINVAL; 320 if (rc || !daemon) {
217 ecryptfs_printk(KERN_ERR, "Received request from user [%d] to "
218 "unregister unrecognized daemon [%d]\n", uid,
219 pid);
220 goto unlock;
221 }
222 if (id->pid != pid) {
223 rc = -EINVAL; 321 rc = -EINVAL;
224 ecryptfs_printk(KERN_WARNING, "Received request from user [%d] " 322 printk(KERN_ERR "Received request from user [%d] to "
225 "with pid [%d] to unregister daemon [%d]\n", 323 "unregister unrecognized daemon [%d]\n", euid, pid);
226 uid, pid, id->pid); 324 goto out_unlock;
227 goto unlock;
228 } 325 }
229 hlist_del(&id->id_chain); 326 rc = ecryptfs_exorcise_daemon(daemon);
230 kfree(id); 327out_unlock:
231 rc = 0; 328 mutex_unlock(&ecryptfs_daemon_hash_mux);
232unlock:
233 mutex_unlock(&ecryptfs_daemon_id_hash_mux);
234 return rc; 329 return rc;
235} 330}
236 331
237/** 332/**
238 * ecryptfs_process_reponse 333 * ecryptfs_process_reponse
239 * @msg: The ecryptfs message received; the caller should sanity check 334 * @msg: The ecryptfs message received; the caller should sanity check
240 * msg->data_len 335 * msg->data_len and free the memory
241 * @pid: The process ID of the userspace application that sent the 336 * @pid: The process ID of the userspace application that sent the
242 * message 337 * message
243 * @seq: The sequence number of the message 338 * @seq: The sequence number of the message; must match the sequence
339 * number for the existing message context waiting for this
340 * response
341 *
342 * Processes a response message after sending an operation request to
343 * userspace. Some other process is awaiting this response. Before
344 * sending out its first communications, the other process allocated a
345 * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The
346 * response message contains this index so that we can copy over the
347 * response message into the msg_ctx that the process holds a
348 * reference to. The other process is going to wake up, check to see
349 * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then
350 * proceed to read off and process the response message. Returns zero
351 * upon delivery to desired context element; non-zero upon delivery
352 * failure or error.
244 * 353 *
245 * Processes a response message after sending a operation request to 354 * Returns zero on success; non-zero otherwise
246 * userspace. Returns zero upon delivery to desired context element;
247 * non-zero upon delivery failure or error.
248 */ 355 */
249int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t uid, 356int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid,
250 pid_t pid, u32 seq) 357 pid_t pid, u32 seq)
251{ 358{
252 struct ecryptfs_daemon_id *id; 359 struct ecryptfs_daemon *daemon;
253 struct ecryptfs_msg_ctx *msg_ctx; 360 struct ecryptfs_msg_ctx *msg_ctx;
254 int msg_size; 361 size_t msg_size;
255 int rc; 362 int rc;
256 363
257 if (msg->index >= ecryptfs_message_buf_len) { 364 if (msg->index >= ecryptfs_message_buf_len) {
258 rc = -EINVAL; 365 rc = -EINVAL;
259 ecryptfs_printk(KERN_ERR, "Attempt to reference " 366 printk(KERN_ERR "%s: Attempt to reference "
260 "context buffer at index [%d]; maximum " 367 "context buffer at index [%d]; maximum "
261 "allowable is [%d]\n", msg->index, 368 "allowable is [%d]\n", __func__, msg->index,
262 (ecryptfs_message_buf_len - 1)); 369 (ecryptfs_message_buf_len - 1));
263 goto out; 370 goto out;
264 } 371 }
265 msg_ctx = &ecryptfs_msg_ctx_arr[msg->index]; 372 msg_ctx = &ecryptfs_msg_ctx_arr[msg->index];
266 mutex_lock(&msg_ctx->mux); 373 mutex_lock(&msg_ctx->mux);
267 if (ecryptfs_find_daemon_id(msg_ctx->task->euid, &id)) { 374 mutex_lock(&ecryptfs_daemon_hash_mux);
375 rc = ecryptfs_find_daemon_by_euid(&daemon, msg_ctx->task->euid);
376 mutex_unlock(&ecryptfs_daemon_hash_mux);
377 if (rc) {
268 rc = -EBADMSG; 378 rc = -EBADMSG;
269 ecryptfs_printk(KERN_WARNING, "User [%d] received a " 379 printk(KERN_WARNING "%s: User [%d] received a "
270 "message response from process [%d] but does " 380 "message response from process [%d] but does "
271 "not have a registered daemon\n", 381 "not have a registered daemon\n", __func__,
272 msg_ctx->task->euid, pid); 382 msg_ctx->task->euid, pid);
273 goto wake_up; 383 goto wake_up;
274 } 384 }
275 if (msg_ctx->task->euid != uid) { 385 if (msg_ctx->task->euid != euid) {
276 rc = -EBADMSG; 386 rc = -EBADMSG;
277 ecryptfs_printk(KERN_WARNING, "Received message from user " 387 printk(KERN_WARNING "%s: Received message from user "
278 "[%d]; expected message from user [%d]\n", 388 "[%d]; expected message from user [%d]\n", __func__,
279 uid, msg_ctx->task->euid); 389 euid, msg_ctx->task->euid);
280 goto unlock; 390 goto unlock;
281 } 391 }
282 if (id->pid != pid) { 392 if (daemon->pid != pid) {
283 rc = -EBADMSG; 393 rc = -EBADMSG;
284 ecryptfs_printk(KERN_ERR, "User [%d] received a " 394 printk(KERN_ERR "%s: User [%d] sent a message response "
285 "message response from an unrecognized " 395 "from an unrecognized process [%d]\n",
286 "process [%d]\n", msg_ctx->task->euid, pid); 396 __func__, msg_ctx->task->euid, pid);
287 goto unlock; 397 goto unlock;
288 } 398 }
289 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) { 399 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) {
290 rc = -EINVAL; 400 rc = -EINVAL;
291 ecryptfs_printk(KERN_WARNING, "Desired context element is not " 401 printk(KERN_WARNING "%s: Desired context element is not "
292 "pending a response\n"); 402 "pending a response\n", __func__);
293 goto unlock; 403 goto unlock;
294 } else if (msg_ctx->counter != seq) { 404 } else if (msg_ctx->counter != seq) {
295 rc = -EINVAL; 405 rc = -EINVAL;
296 ecryptfs_printk(KERN_WARNING, "Invalid message sequence; " 406 printk(KERN_WARNING "%s: Invalid message sequence; "
297 "expected [%d]; received [%d]\n", 407 "expected [%d]; received [%d]\n", __func__,
298 msg_ctx->counter, seq); 408 msg_ctx->counter, seq);
299 goto unlock; 409 goto unlock;
300 } 410 }
301 msg_size = sizeof(*msg) + msg->data_len; 411 msg_size = (sizeof(*msg) + msg->data_len);
302 msg_ctx->msg = kmalloc(msg_size, GFP_KERNEL); 412 msg_ctx->msg = kmalloc(msg_size, GFP_KERNEL);
303 if (!msg_ctx->msg) { 413 if (!msg_ctx->msg) {
304 rc = -ENOMEM; 414 rc = -ENOMEM;
305 ecryptfs_printk(KERN_ERR, "Failed to allocate memory\n"); 415 printk(KERN_ERR "%s: Failed to allocate [%Zd] bytes of "
416 "GFP_KERNEL memory\n", __func__, msg_size);
306 goto unlock; 417 goto unlock;
307 } 418 }
308 memcpy(msg_ctx->msg, msg, msg_size); 419 memcpy(msg_ctx->msg, msg, msg_size);
@@ -317,34 +428,37 @@ out:
317} 428}
318 429
319/** 430/**
320 * ecryptfs_send_message 431 * ecryptfs_send_message_locked
321 * @transport: The transport over which to send the message (i.e., 432 * @transport: The transport over which to send the message (i.e.,
322 * netlink) 433 * netlink)
323 * @data: The data to send 434 * @data: The data to send
324 * @data_len: The length of data 435 * @data_len: The length of data
325 * @msg_ctx: The message context allocated for the send 436 * @msg_ctx: The message context allocated for the send
437 *
438 * Must be called with ecryptfs_daemon_hash_mux held.
439 *
440 * Returns zero on success; non-zero otherwise
326 */ 441 */
327int ecryptfs_send_message(unsigned int transport, char *data, int data_len, 442static int
328 struct ecryptfs_msg_ctx **msg_ctx) 443ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len,
444 u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx)
329{ 445{
330 struct ecryptfs_daemon_id *id; 446 struct ecryptfs_daemon *daemon;
331 int rc; 447 int rc;
332 448
333 mutex_lock(&ecryptfs_daemon_id_hash_mux); 449 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid);
334 if (ecryptfs_find_daemon_id(current->euid, &id)) { 450 if (rc || !daemon) {
335 mutex_unlock(&ecryptfs_daemon_id_hash_mux);
336 rc = -ENOTCONN; 451 rc = -ENOTCONN;
337 ecryptfs_printk(KERN_ERR, "User [%d] does not have a daemon " 452 printk(KERN_ERR "%s: User [%d] does not have a daemon "
338 "registered\n", current->euid); 453 "registered\n", __func__, current->euid);
339 goto out; 454 goto out;
340 } 455 }
341 mutex_unlock(&ecryptfs_daemon_id_hash_mux);
342 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 456 mutex_lock(&ecryptfs_msg_ctx_lists_mux);
343 rc = ecryptfs_acquire_free_msg_ctx(msg_ctx); 457 rc = ecryptfs_acquire_free_msg_ctx(msg_ctx);
344 if (rc) { 458 if (rc) {
345 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 459 mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
346 ecryptfs_printk(KERN_WARNING, "Could not claim a free " 460 printk(KERN_WARNING "%s: Could not claim a free "
347 "context element\n"); 461 "context element\n", __func__);
348 goto out; 462 goto out;
349 } 463 }
350 ecryptfs_msg_ctx_free_to_alloc(*msg_ctx); 464 ecryptfs_msg_ctx_free_to_alloc(*msg_ctx);
@@ -352,23 +466,50 @@ int ecryptfs_send_message(unsigned int transport, char *data, int data_len,
352 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 466 mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
353 switch (transport) { 467 switch (transport) {
354 case ECRYPTFS_TRANSPORT_NETLINK: 468 case ECRYPTFS_TRANSPORT_NETLINK:
355 rc = ecryptfs_send_netlink(data, data_len, *msg_ctx, 469 rc = ecryptfs_send_netlink(data, data_len, *msg_ctx, msg_type,
356 ECRYPTFS_NLMSG_REQUEST, 0, id->pid); 470 0, daemon->pid);
471 break;
472 case ECRYPTFS_TRANSPORT_MISCDEV:
473 rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type,
474 0, daemon);
357 break; 475 break;
358 case ECRYPTFS_TRANSPORT_CONNECTOR: 476 case ECRYPTFS_TRANSPORT_CONNECTOR:
359 case ECRYPTFS_TRANSPORT_RELAYFS: 477 case ECRYPTFS_TRANSPORT_RELAYFS:
360 default: 478 default:
361 rc = -ENOSYS; 479 rc = -ENOSYS;
362 } 480 }
363 if (rc) { 481 if (rc)
364 printk(KERN_ERR "Error attempting to send message to userspace " 482 printk(KERN_ERR "%s: Error attempting to send message to "
365 "daemon; rc = [%d]\n", rc); 483 "userspace daemon; rc = [%d]\n", __func__, rc);
366 }
367out: 484out:
368 return rc; 485 return rc;
369} 486}
370 487
371/** 488/**
489 * ecryptfs_send_message
490 * @transport: The transport over which to send the message (i.e.,
491 * netlink)
492 * @data: The data to send
493 * @data_len: The length of data
494 * @msg_ctx: The message context allocated for the send
495 *
496 * Grabs ecryptfs_daemon_hash_mux.
497 *
498 * Returns zero on success; non-zero otherwise
499 */
500int ecryptfs_send_message(unsigned int transport, char *data, int data_len,
501 struct ecryptfs_msg_ctx **msg_ctx)
502{
503 int rc;
504
505 mutex_lock(&ecryptfs_daemon_hash_mux);
506 rc = ecryptfs_send_message_locked(transport, data, data_len,
507 ECRYPTFS_MSG_REQUEST, msg_ctx);
508 mutex_unlock(&ecryptfs_daemon_hash_mux);
509 return rc;
510}
511
512/**
372 * ecryptfs_wait_for_response 513 * ecryptfs_wait_for_response
373 * @msg_ctx: The context that was assigned when sending a message 514 * @msg_ctx: The context that was assigned when sending a message
374 * @msg: The incoming message from userspace; not set if rc != 0 515 * @msg: The incoming message from userspace; not set if rc != 0
@@ -377,7 +518,7 @@ out:
377 * of time exceeds ecryptfs_message_wait_timeout. If zero is 518 * of time exceeds ecryptfs_message_wait_timeout. If zero is
378 * returned, msg will point to a valid message from userspace; a 519 * returned, msg will point to a valid message from userspace; a
379 * non-zero value is returned upon failure to receive a message or an 520 * non-zero value is returned upon failure to receive a message or an
380 * error occurs. 521 * error occurs. Callee must free @msg on success.
381 */ 522 */
382int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx, 523int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
383 struct ecryptfs_message **msg) 524 struct ecryptfs_message **msg)
@@ -413,32 +554,32 @@ int ecryptfs_init_messaging(unsigned int transport)
413 554
414 if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) { 555 if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) {
415 ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS; 556 ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS;
416 ecryptfs_printk(KERN_WARNING, "Specified number of users is " 557 printk(KERN_WARNING "%s: Specified number of users is "
417 "too large, defaulting to [%d] users\n", 558 "too large, defaulting to [%d] users\n", __func__,
418 ecryptfs_number_of_users); 559 ecryptfs_number_of_users);
419 } 560 }
420 mutex_init(&ecryptfs_daemon_id_hash_mux); 561 mutex_init(&ecryptfs_daemon_hash_mux);
421 mutex_lock(&ecryptfs_daemon_id_hash_mux); 562 mutex_lock(&ecryptfs_daemon_hash_mux);
422 ecryptfs_hash_buckets = 1; 563 ecryptfs_hash_buckets = 1;
423 while (ecryptfs_number_of_users >> ecryptfs_hash_buckets) 564 while (ecryptfs_number_of_users >> ecryptfs_hash_buckets)
424 ecryptfs_hash_buckets++; 565 ecryptfs_hash_buckets++;
425 ecryptfs_daemon_id_hash = kmalloc(sizeof(struct hlist_head) 566 ecryptfs_daemon_hash = kmalloc((sizeof(struct hlist_head)
426 * ecryptfs_hash_buckets, GFP_KERNEL); 567 * ecryptfs_hash_buckets), GFP_KERNEL);
427 if (!ecryptfs_daemon_id_hash) { 568 if (!ecryptfs_daemon_hash) {
428 rc = -ENOMEM; 569 rc = -ENOMEM;
429 ecryptfs_printk(KERN_ERR, "Failed to allocate memory\n"); 570 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__);
430 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 571 mutex_unlock(&ecryptfs_daemon_hash_mux);
431 goto out; 572 goto out;
432 } 573 }
433 for (i = 0; i < ecryptfs_hash_buckets; i++) 574 for (i = 0; i < ecryptfs_hash_buckets; i++)
434 INIT_HLIST_HEAD(&ecryptfs_daemon_id_hash[i]); 575 INIT_HLIST_HEAD(&ecryptfs_daemon_hash[i]);
435 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 576 mutex_unlock(&ecryptfs_daemon_hash_mux);
436
437 ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx) 577 ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx)
438 * ecryptfs_message_buf_len), GFP_KERNEL); 578 * ecryptfs_message_buf_len),
579 GFP_KERNEL);
439 if (!ecryptfs_msg_ctx_arr) { 580 if (!ecryptfs_msg_ctx_arr) {
440 rc = -ENOMEM; 581 rc = -ENOMEM;
441 ecryptfs_printk(KERN_ERR, "Failed to allocate memory\n"); 582 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__);
442 goto out; 583 goto out;
443 } 584 }
444 mutex_init(&ecryptfs_msg_ctx_lists_mux); 585 mutex_init(&ecryptfs_msg_ctx_lists_mux);
@@ -446,6 +587,7 @@ int ecryptfs_init_messaging(unsigned int transport)
446 ecryptfs_msg_counter = 0; 587 ecryptfs_msg_counter = 0;
447 for (i = 0; i < ecryptfs_message_buf_len; i++) { 588 for (i = 0; i < ecryptfs_message_buf_len; i++) {
448 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node); 589 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node);
590 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].daemon_out_list);
449 mutex_init(&ecryptfs_msg_ctx_arr[i].mux); 591 mutex_init(&ecryptfs_msg_ctx_arr[i].mux);
450 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux); 592 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
451 ecryptfs_msg_ctx_arr[i].index = i; 593 ecryptfs_msg_ctx_arr[i].index = i;
@@ -464,6 +606,11 @@ int ecryptfs_init_messaging(unsigned int transport)
464 if (rc) 606 if (rc)
465 ecryptfs_release_messaging(transport); 607 ecryptfs_release_messaging(transport);
466 break; 608 break;
609 case ECRYPTFS_TRANSPORT_MISCDEV:
610 rc = ecryptfs_init_ecryptfs_miscdev();
611 if (rc)
612 ecryptfs_release_messaging(transport);
613 break;
467 case ECRYPTFS_TRANSPORT_CONNECTOR: 614 case ECRYPTFS_TRANSPORT_CONNECTOR:
468 case ECRYPTFS_TRANSPORT_RELAYFS: 615 case ECRYPTFS_TRANSPORT_RELAYFS:
469 default: 616 default:
@@ -488,27 +635,37 @@ void ecryptfs_release_messaging(unsigned int transport)
488 kfree(ecryptfs_msg_ctx_arr); 635 kfree(ecryptfs_msg_ctx_arr);
489 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 636 mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
490 } 637 }
491 if (ecryptfs_daemon_id_hash) { 638 if (ecryptfs_daemon_hash) {
492 struct hlist_node *elem; 639 struct hlist_node *elem;
493 struct ecryptfs_daemon_id *id; 640 struct ecryptfs_daemon *daemon;
494 int i; 641 int i;
495 642
496 mutex_lock(&ecryptfs_daemon_id_hash_mux); 643 mutex_lock(&ecryptfs_daemon_hash_mux);
497 for (i = 0; i < ecryptfs_hash_buckets; i++) { 644 for (i = 0; i < ecryptfs_hash_buckets; i++) {
498 hlist_for_each_entry(id, elem, 645 int rc;
499 &ecryptfs_daemon_id_hash[i], 646
500 id_chain) { 647 hlist_for_each_entry(daemon, elem,
501 hlist_del(elem); 648 &ecryptfs_daemon_hash[i],
502 kfree(id); 649 euid_chain) {
650 rc = ecryptfs_exorcise_daemon(daemon);
651 if (rc)
652 printk(KERN_ERR "%s: Error whilst "
653 "attempting to destroy daemon; "
654 "rc = [%d]. Dazed and confused, "
655 "but trying to continue.\n",
656 __func__, rc);
503 } 657 }
504 } 658 }
505 kfree(ecryptfs_daemon_id_hash); 659 kfree(ecryptfs_daemon_hash);
506 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 660 mutex_unlock(&ecryptfs_daemon_hash_mux);
507 } 661 }
508 switch(transport) { 662 switch(transport) {
509 case ECRYPTFS_TRANSPORT_NETLINK: 663 case ECRYPTFS_TRANSPORT_NETLINK:
510 ecryptfs_release_netlink(); 664 ecryptfs_release_netlink();
511 break; 665 break;
666 case ECRYPTFS_TRANSPORT_MISCDEV:
667 ecryptfs_destroy_ecryptfs_miscdev();
668 break;
512 case ECRYPTFS_TRANSPORT_CONNECTOR: 669 case ECRYPTFS_TRANSPORT_CONNECTOR:
513 case ECRYPTFS_TRANSPORT_RELAYFS: 670 case ECRYPTFS_TRANSPORT_RELAYFS:
514 default: 671 default:
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c
index 72dfec48ea22..0c559731ae34 100644
--- a/fs/ecryptfs/miscdev.c
+++ b/fs/ecryptfs/miscdev.c
@@ -196,7 +196,7 @@ int ecryptfs_send_miscdev(char *data, size_t data_size,
196 if (!msg_ctx->msg) { 196 if (!msg_ctx->msg) {
197 rc = -ENOMEM; 197 rc = -ENOMEM;
198 printk(KERN_ERR "%s: Out of memory whilst attempting " 198 printk(KERN_ERR "%s: Out of memory whilst attempting "
199 "to kmalloc(%d, GFP_KERNEL)\n", __func__, 199 "to kmalloc(%Zd, GFP_KERNEL)\n", __func__,
200 (sizeof(*msg_ctx->msg) + data_size)); 200 (sizeof(*msg_ctx->msg) + data_size));
201 goto out_unlock; 201 goto out_unlock;
202 } 202 }
@@ -232,7 +232,7 @@ out_unlock:
232 * 232 *
233 * Returns the number of bytes copied into the user buffer 233 * Returns the number of bytes copied into the user buffer
234 */ 234 */
235static int 235static ssize_t
236ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, 236ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count,
237 loff_t *ppos) 237 loff_t *ppos)
238{ 238{
diff --git a/fs/ecryptfs/netlink.c b/fs/ecryptfs/netlink.c
index f638a698dc52..eb70f69d705d 100644
--- a/fs/ecryptfs/netlink.c
+++ b/fs/ecryptfs/netlink.c
@@ -44,7 +44,7 @@ static struct sock *ecryptfs_nl_sock;
44 * upon sending the message; non-zero upon error. 44 * upon sending the message; non-zero upon error.
45 */ 45 */
46int ecryptfs_send_netlink(char *data, int data_len, 46int ecryptfs_send_netlink(char *data, int data_len,
47 struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type, 47 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
48 u16 msg_flags, pid_t daemon_pid) 48 u16 msg_flags, pid_t daemon_pid)
49{ 49{
50 struct sk_buff *skb; 50 struct sk_buff *skb;
@@ -176,20 +176,20 @@ static void ecryptfs_receive_nl_message(struct sk_buff *skb)
176 goto free; 176 goto free;
177 } 177 }
178 switch (nlh->nlmsg_type) { 178 switch (nlh->nlmsg_type) {
179 case ECRYPTFS_NLMSG_RESPONSE: 179 case ECRYPTFS_MSG_RESPONSE:
180 if (ecryptfs_process_nl_response(skb)) { 180 if (ecryptfs_process_nl_response(skb)) {
181 ecryptfs_printk(KERN_WARNING, "Failed to " 181 ecryptfs_printk(KERN_WARNING, "Failed to "
182 "deliver netlink response to " 182 "deliver netlink response to "
183 "requesting operation\n"); 183 "requesting operation\n");
184 } 184 }
185 break; 185 break;
186 case ECRYPTFS_NLMSG_HELO: 186 case ECRYPTFS_MSG_HELO:
187 if (ecryptfs_process_nl_helo(skb)) { 187 if (ecryptfs_process_nl_helo(skb)) {
188 ecryptfs_printk(KERN_WARNING, "Failed to " 188 ecryptfs_printk(KERN_WARNING, "Failed to "
189 "fulfill HELO request\n"); 189 "fulfill HELO request\n");
190 } 190 }
191 break; 191 break;
192 case ECRYPTFS_NLMSG_QUIT: 192 case ECRYPTFS_MSG_QUIT:
193 if (ecryptfs_process_nl_quit(skb)) { 193 if (ecryptfs_process_nl_quit(skb)) {
194 ecryptfs_printk(KERN_WARNING, "Failed to " 194 ecryptfs_printk(KERN_WARNING, "Failed to "
195 "fulfill QUIT request\n"); 195 "fulfill QUIT request\n");