aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-03-07 15:47:24 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2013-03-07 15:47:24 -0500
commite2e091fd99400029120eeefde062fdf417ab37f6 (patch)
tree85761f03229f8b903238bcf8dc930cad281f4871
parentcd66acb412d3466bb95d3d7621afbea98647a028 (diff)
parent290502bee239062499297916bb7d21d205e99d62 (diff)
Merge tag 'ecryptfs-3.9-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs
Pull ecryptfs fixes from Tyler Hicks: "Minor code cleanups and new Kconfig option to disable /dev/ecryptfs The code cleanups fix up W=1 compiler warnings and some unnecessary checks. The new Kconfig option, defaulting to N, allows the rarely used eCryptfs kernel to userspace communication channel to be compiled out. This may be the first step in it being eventually removed." Hmm. I'm not sure whether these should be called "fixes", and it probably should have gone in the merge window. But I'll let it slide. * tag 'ecryptfs-3.9-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs: eCryptfs: allow userspace messaging to be disabled eCryptfs: Fix redundant error check on ecryptfs_find_daemon_by_euid() ecryptfs: ecryptfs_msg_ctx_alloc_to_free(): remove kfree() redundant null check eCryptfs: decrypt_pki_encrypted_session_key(): remove kfree() redundant null check eCryptfs: remove unneeded checks in virt_to_scatterlist() eCryptfs: Fix -Wmissing-prototypes warnings eCryptfs: Fix -Wunused-but-set-variable warnings eCryptfs: initialize payload_len in keystore.c
-rw-r--r--fs/ecryptfs/Kconfig8
-rw-r--r--fs/ecryptfs/Makefile7
-rw-r--r--fs/ecryptfs/crypto.c9
-rw-r--r--fs/ecryptfs/dentry.c2
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h40
-rw-r--r--fs/ecryptfs/file.c2
-rw-r--r--fs/ecryptfs/inode.c8
-rw-r--r--fs/ecryptfs/keystore.c9
-rw-r--r--fs/ecryptfs/messaging.c5
-rw-r--r--include/linux/ecryptfs.h12
10 files changed, 66 insertions, 36 deletions
diff --git a/fs/ecryptfs/Kconfig b/fs/ecryptfs/Kconfig
index e15ef38c24fa..434aa313f077 100644
--- a/fs/ecryptfs/Kconfig
+++ b/fs/ecryptfs/Kconfig
@@ -12,3 +12,11 @@ config ECRYPT_FS
12 12
13 To compile this file system support as a module, choose M here: the 13 To compile this file system support as a module, choose M here: the
14 module will be called ecryptfs. 14 module will be called ecryptfs.
15
16config ECRYPT_FS_MESSAGING
17 bool "Enable notifications for userspace key wrap/unwrap"
18 depends on ECRYPT_FS
19 help
20 Enables the /dev/ecryptfs entry for use by ecryptfsd. This allows
21 for userspace to wrap/unwrap file encryption keys by other
22 backends, like OpenSSL.
diff --git a/fs/ecryptfs/Makefile b/fs/ecryptfs/Makefile
index 2cc9ee4ad2eb..49678a69947d 100644
--- a/fs/ecryptfs/Makefile
+++ b/fs/ecryptfs/Makefile
@@ -1,7 +1,10 @@
1# 1#
2# Makefile for the Linux 2.6 eCryptfs 2# Makefile for the Linux eCryptfs
3# 3#
4 4
5obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o 5obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o
6 6
7ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o miscdev.o kthread.o debug.o 7ecryptfs-y := dentry.o file.o inode.o main.o super.o mmap.o read_write.o \
8 crypto.o keystore.o kthread.o debug.o
9
10ecryptfs-$(CONFIG_ECRYPT_FS_MESSAGING) += messaging.o miscdev.o
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index a7b0c2dfb3db..d5c25db4398f 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -301,17 +301,14 @@ int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg,
301 while (size > 0 && i < sg_size) { 301 while (size > 0 && i < sg_size) {
302 pg = virt_to_page(addr); 302 pg = virt_to_page(addr);
303 offset = offset_in_page(addr); 303 offset = offset_in_page(addr);
304 if (sg) 304 sg_set_page(&sg[i], pg, 0, offset);
305 sg_set_page(&sg[i], pg, 0, offset);
306 remainder_of_page = PAGE_CACHE_SIZE - offset; 305 remainder_of_page = PAGE_CACHE_SIZE - offset;
307 if (size >= remainder_of_page) { 306 if (size >= remainder_of_page) {
308 if (sg) 307 sg[i].length = remainder_of_page;
309 sg[i].length = remainder_of_page;
310 addr += remainder_of_page; 308 addr += remainder_of_page;
311 size -= remainder_of_page; 309 size -= remainder_of_page;
312 } else { 310 } else {
313 if (sg) 311 sg[i].length = size;
314 sg[i].length = size;
315 addr += size; 312 addr += size;
316 size = 0; 313 size = 0;
317 } 314 }
diff --git a/fs/ecryptfs/dentry.c b/fs/ecryptfs/dentry.c
index 1b5d9af937df..bf12ba5dd223 100644
--- a/fs/ecryptfs/dentry.c
+++ b/fs/ecryptfs/dentry.c
@@ -45,14 +45,12 @@
45static int ecryptfs_d_revalidate(struct dentry *dentry, unsigned int flags) 45static int ecryptfs_d_revalidate(struct dentry *dentry, unsigned int flags)
46{ 46{
47 struct dentry *lower_dentry; 47 struct dentry *lower_dentry;
48 struct vfsmount *lower_mnt;
49 int rc = 1; 48 int rc = 1;
50 49
51 if (flags & LOOKUP_RCU) 50 if (flags & LOOKUP_RCU)
52 return -ECHILD; 51 return -ECHILD;
53 52
54 lower_dentry = ecryptfs_dentry_to_lower(dentry); 53 lower_dentry = ecryptfs_dentry_to_lower(dentry);
55 lower_mnt = ecryptfs_dentry_to_lower_mnt(dentry);
56 if (!lower_dentry->d_op || !lower_dentry->d_op->d_revalidate) 54 if (!lower_dentry->d_op || !lower_dentry->d_op->d_revalidate)
57 goto out; 55 goto out;
58 rc = lower_dentry->d_op->d_revalidate(lower_dentry, flags); 56 rc = lower_dentry->d_op->d_revalidate(lower_dentry, flags);
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 7e2c6f5d7985..dd299b389d4e 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -172,6 +172,19 @@ ecryptfs_get_key_payload_data(struct key *key)
172#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24 172#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24
173#define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32) 173#define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32)
174 174
175#ifdef CONFIG_ECRYPT_FS_MESSAGING
176# define ECRYPTFS_VERSIONING_MASK_MESSAGING (ECRYPTFS_VERSIONING_DEVMISC \
177 | ECRYPTFS_VERSIONING_PUBKEY)
178#else
179# define ECRYPTFS_VERSIONING_MASK_MESSAGING 0
180#endif
181
182#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \
183 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \
184 | ECRYPTFS_VERSIONING_XATTR \
185 | ECRYPTFS_VERSIONING_MULTKEY \
186 | ECRYPTFS_VERSIONING_MASK_MESSAGING \
187 | ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION)
175struct ecryptfs_key_sig { 188struct ecryptfs_key_sig {
176 struct list_head crypt_stat_list; 189 struct list_head crypt_stat_list;
177 char keysig[ECRYPTFS_SIG_SIZE_HEX + 1]; 190 char keysig[ECRYPTFS_SIG_SIZE_HEX + 1];
@@ -399,7 +412,9 @@ struct ecryptfs_daemon {
399 struct hlist_node euid_chain; 412 struct hlist_node euid_chain;
400}; 413};
401 414
415#ifdef CONFIG_ECRYPT_FS_MESSAGING
402extern struct mutex ecryptfs_daemon_hash_mux; 416extern struct mutex ecryptfs_daemon_hash_mux;
417#endif
403 418
404static inline size_t 419static inline size_t
405ecryptfs_lower_header_size(struct ecryptfs_crypt_stat *crypt_stat) 420ecryptfs_lower_header_size(struct ecryptfs_crypt_stat *crypt_stat)
@@ -610,6 +625,7 @@ int
610ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value, 625ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value,
611 size_t size, int flags); 626 size_t size, int flags);
612int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode); 627int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode);
628#ifdef CONFIG_ECRYPT_FS_MESSAGING
613int ecryptfs_process_response(struct ecryptfs_daemon *daemon, 629int ecryptfs_process_response(struct ecryptfs_daemon *daemon,
614 struct ecryptfs_message *msg, u32 seq); 630 struct ecryptfs_message *msg, u32 seq);
615int ecryptfs_send_message(char *data, int data_len, 631int ecryptfs_send_message(char *data, int data_len,
@@ -618,6 +634,24 @@ int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
618 struct ecryptfs_message **emsg); 634 struct ecryptfs_message **emsg);
619int ecryptfs_init_messaging(void); 635int ecryptfs_init_messaging(void);
620void ecryptfs_release_messaging(void); 636void ecryptfs_release_messaging(void);
637#else
638static inline int ecryptfs_init_messaging(void)
639{
640 return 0;
641}
642static inline void ecryptfs_release_messaging(void)
643{ }
644static inline int ecryptfs_send_message(char *data, int data_len,
645 struct ecryptfs_msg_ctx **msg_ctx)
646{
647 return -ENOTCONN;
648}
649static inline int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
650 struct ecryptfs_message **emsg)
651{
652 return -ENOMSG;
653}
654#endif
621 655
622void 656void
623ecryptfs_write_header_metadata(char *virt, 657ecryptfs_write_header_metadata(char *virt,
@@ -655,12 +689,11 @@ int ecryptfs_read_lower_page_segment(struct page *page_for_ecryptfs,
655 size_t offset_in_page, size_t size, 689 size_t offset_in_page, size_t size,
656 struct inode *ecryptfs_inode); 690 struct inode *ecryptfs_inode);
657struct page *ecryptfs_get_locked_page(struct inode *inode, loff_t index); 691struct page *ecryptfs_get_locked_page(struct inode *inode, loff_t index);
658int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon);
659int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon);
660int ecryptfs_parse_packet_length(unsigned char *data, size_t *size, 692int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
661 size_t *length_size); 693 size_t *length_size);
662int ecryptfs_write_packet_length(char *dest, size_t size, 694int ecryptfs_write_packet_length(char *dest, size_t size,
663 size_t *packet_size_length); 695 size_t *packet_size_length);
696#ifdef CONFIG_ECRYPT_FS_MESSAGING
664int ecryptfs_init_ecryptfs_miscdev(void); 697int ecryptfs_init_ecryptfs_miscdev(void);
665void ecryptfs_destroy_ecryptfs_miscdev(void);