aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs/ecryptfs_kernel.h
diff options
context:
space:
mode:
authorEric Sandeen <sandeen@redhat.com>2008-02-06 04:38:37 -0500
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2008-02-06 13:41:13 -0500
commitaf440f52927e4b6941aa94e3cfc698adb0f22663 (patch)
tree00a7fdc2b09e8e6146f0fd0bc055688d58eea939 /fs/ecryptfs/ecryptfs_kernel.h
parent19e66a67e9b25874cd5e184e7d381ce1b955df11 (diff)
ecryptfs: check for existing key_tfm at mount time
Jeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same cipher & other mount options, created a new ecryptfs_key_tfm_cache item each time, and the cache could grow quite large this way. Looking at this with mhalcrow, we saw that ecryptfs_parse_options() unconditionally called ecryptfs_add_new_key_tfm(), which is what was adding these items. Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new helper function, ecryptfs_tfm_exists(), which checks for the cipher on the cached key_tfm_list, and sets a pointer to it if it exists. This can then be called from ecryptfs_parse_options(), and new key_tfm's can be added only when a cached one is not found. With list locking changes suggested by akpm. Signed-off-by: Eric Sandeen <sandeen@redhat.com> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Cc: Jeff Moyer <jmoyer@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/ecryptfs/ecryptfs_kernel.h')
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index f44f71b7605a..5007f788da01 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -323,6 +323,8 @@ struct ecryptfs_key_tfm {
323 unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1]; 323 unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
324}; 324};
325 325
326extern struct mutex key_tfm_list_mutex;
327
326/** 328/**
327 * This struct is to enable a mount-wide passphrase/salt combo. This 329 * This struct is to enable a mount-wide passphrase/salt combo. This
328 * is more or less a stopgap to provide similar functionality to other 330 * is more or less a stopgap to provide similar functionality to other
@@ -617,6 +619,7 @@ ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name,
617 size_t key_size); 619 size_t key_size);
618int ecryptfs_init_crypto(void); 620int ecryptfs_init_crypto(void);
619int ecryptfs_destroy_crypto(void); 621int ecryptfs_destroy_crypto(void);
622int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
620int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm, 623int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
621 struct mutex **tfm_mutex, 624 struct mutex **tfm_mutex,
622 char *cipher_name); 625 char *cipher_name);