diff options
author | Michael Halcrow <mhalcrow@us.ibm.com> | 2009-01-06 17:42:00 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-01-06 18:59:22 -0500 |
commit | addd65ad8d19a7d7982130b16f957d5d01d3f8df (patch) | |
tree | 2263b4a4b7a6269410bd161a3995d2b4af3f7bcf /fs/ecryptfs/inode.c | |
parent | 51ca58dcc9f0d6b1e78954d08bd4954fb6a1421c (diff) |
eCryptfs: Filename Encryption: filldir, lookup, and readlink
Make the requisite modifications to ecryptfs_filldir(), ecryptfs_lookup(),
and ecryptfs_readlink() to call out to filename encryption functions.
Propagate filename encryption policy flags from mount-wide crypt_stat to
inode crypt_stat.
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: Dustin Kirkland <dustin.kirkland@gmail.com>
Cc: Eric Sandeen <sandeen@redhat.com>
Cc: Tyler Hicks <tchicks@us.ibm.com>
Cc: David Kleikamp <shaggy@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/ecryptfs/inode.c')
-rw-r--r-- | fs/ecryptfs/inode.c | 294 |
1 files changed, 167 insertions, 127 deletions
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 0111906a8877..38309ce94d71 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c | |||
@@ -228,8 +228,7 @@ ecryptfs_create(struct inode *directory_inode, struct dentry *ecryptfs_dentry, | |||
228 | { | 228 | { |
229 | int rc; | 229 | int rc; |
230 | 230 | ||
231 | /* ecryptfs_do_create() calls ecryptfs_interpose(), which opens | 231 | /* ecryptfs_do_create() calls ecryptfs_interpose() */ |
232 | * the crypt_stat->lower_file (persistent file) */ | ||
233 | rc = ecryptfs_do_create(directory_inode, ecryptfs_dentry, mode, nd); | 232 | rc = ecryptfs_do_create(directory_inode, ecryptfs_dentry, mode, nd); |
234 | if (unlikely(rc)) { | 233 | if (unlikely(rc)) { |
235 | ecryptfs_printk(KERN_WARNING, "Failed to create file in" | 234 | ecryptfs_printk(KERN_WARNING, "Failed to create file in" |
@@ -244,141 +243,91 @@ out: | |||
244 | } | 243 | } |
245 | 244 | ||
246 | /** | 245 | /** |
247 | * ecryptfs_lookup | 246 | * ecryptfs_lookup_and_interpose_lower - Perform a lookup |
248 | * @dir: inode | ||
249 | * @dentry: The dentry | ||
250 | * @nd: nameidata, may be NULL | ||
251 | * | ||
252 | * Find a file on disk. If the file does not exist, then we'll add it to the | ||
253 | * dentry cache and continue on to read it from the disk. | ||
254 | */ | 247 | */ |
255 | static struct dentry *ecryptfs_lookup(struct inode *dir, struct dentry *dentry, | 248 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, |
256 | struct nameidata *nd) | 249 | struct dentry *lower_dentry, |
250 | struct ecryptfs_crypt_stat *crypt_stat, | ||
251 | struct inode *ecryptfs_dir_inode, | ||
252 | struct nameidata *ecryptfs_nd) | ||
257 | { | 253 | { |
258 | int rc = 0; | ||
259 | struct dentry *lower_dir_dentry; | 254 | struct dentry *lower_dir_dentry; |
260 | struct dentry *lower_dentry; | ||
261 | struct vfsmount *lower_mnt; | 255 | struct vfsmount *lower_mnt; |
262 | char *encoded_name; | 256 | struct inode *lower_inode; |
263 | int encoded_namelen; | ||
264 | struct ecryptfs_crypt_stat *crypt_stat = NULL; | ||
265 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; | 257 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; |
266 | char *page_virt = NULL; | 258 | char *page_virt = NULL; |
267 | struct inode *lower_inode; | ||
268 | u64 file_size; | 259 | u64 file_size; |
260 | int rc = 0; | ||
269 | 261 | ||
270 | lower_dir_dentry = ecryptfs_dentry_to_lower(dentry->d_parent); | 262 | lower_dir_dentry = lower_dentry->d_parent; |
271 | dentry->d_op = &ecryptfs_dops; | 263 | lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt( |
272 | if ((dentry->d_name.len == 1 && !strcmp(dentry->d_name.name, ".")) | 264 | ecryptfs_dentry->d_parent)); |
273 | || (dentry->d_name.len == 2 | ||
274 | && !strcmp(dentry->d_name.name, ".."))) { | ||
275 | d_drop(dentry); | ||
276 | goto out; | ||
277 | } | ||
278 | encoded_namelen = ecryptfs_encode_filename(crypt_stat, | ||
279 | dentry->d_name.name, | ||
280 | dentry->d_name.len, | ||
281 | &encoded_name); | ||
282 | if (encoded_namelen < 0) { | ||
283 | rc = encoded_namelen; | ||
284 | d_drop(dentry); | ||
285 | goto out; | ||
286 | } | ||
287 | ecryptfs_printk(KERN_DEBUG, "encoded_name = [%s]; encoded_namelen " | ||
288 | "= [%d]\n", encoded_name, encoded_namelen); | ||
289 | lower_dentry = lookup_one_len(encoded_name, lower_dir_dentry, | ||
290 | encoded_namelen - 1); | ||
291 | kfree(encoded_name); | ||
292 | if (IS_ERR(lower_dentry)) { | ||
293 | ecryptfs_printk(KERN_ERR, "ERR from lower_dentry\n"); | ||
294 | rc = PTR_ERR(lower_dentry); | ||
295 | d_drop(dentry); | ||
296 | goto out; | ||
297 | } | ||
298 | lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt(dentry->d_parent)); | ||
299 | ecryptfs_printk(KERN_DEBUG, "lower_dentry = [%p]; lower_dentry->" | ||
300 | "d_name.name = [%s]\n", lower_dentry, | ||
301 | lower_dentry->d_name.name); | ||
302 | lower_inode = lower_dentry->d_inode; | 265 | lower_inode = lower_dentry->d_inode; |
303 | fsstack_copy_attr_atime(dir, lower_dir_dentry->d_inode); | 266 | fsstack_copy_attr_atime(ecryptfs_dir_inode, lower_dir_dentry->d_inode); |
304 | BUG_ON(!atomic_read(&lower_dentry->d_count)); | 267 | BUG_ON(!atomic_read(&lower_dentry->d_count)); |
305 | ecryptfs_set_dentry_private(dentry, | 268 | ecryptfs_set_dentry_private(ecryptfs_dentry, |
306 | kmem_cache_alloc(ecryptfs_dentry_info_cache, | 269 | kmem_cache_alloc(ecryptfs_dentry_info_cache, |
307 | GFP_KERNEL)); | 270 | GFP_KERNEL)); |
308 | if (!ecryptfs_dentry_to_private(dentry)) { | 271 | if (!ecryptfs_dentry_to_private(ecryptfs_dentry)) { |
309 | rc = -ENOMEM; | 272 | rc = -ENOMEM; |
310 | ecryptfs_printk(KERN_ERR, "Out of memory whilst attempting " | 273 | printk(KERN_ERR "%s: Out of memory whilst attempting " |
311 | "to allocate ecryptfs_dentry_info struct\n"); | 274 | "to allocate ecryptfs_dentry_info struct\n", |
275 | __func__); | ||
312 | goto out_dput; | 276 | goto out_dput; |
313 | } | 277 | } |
314 | ecryptfs_set_dentry_lower(dentry, lower_dentry); | 278 | ecryptfs_set_dentry_lower(ecryptfs_dentry, lower_dentry); |
315 | ecryptfs_set_dentry_lower_mnt(dentry, lower_mnt); | 279 | ecryptfs_set_dentry_lower_mnt(ecryptfs_dentry, lower_mnt); |
316 | if (!lower_dentry->d_inode) { | 280 | if (!lower_dentry->d_inode) { |
317 | /* We want to add because we couldn't find in lower */ | 281 | /* We want to add because we couldn't find in lower */ |
318 | d_add(dentry, NULL); | 282 | d_add(ecryptfs_dentry, NULL); |
319 | goto out; | 283 | goto out; |
320 | } | 284 | } |
321 | rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, | 285 | rc = ecryptfs_interpose(lower_dentry, ecryptfs_dentry, |
322 | ECRYPTFS_INTERPOSE_FLAG_D_ADD); | 286 | ecryptfs_dir_inode->i_sb, 1); |
323 | if (rc) { | 287 | if (rc) { |
324 | ecryptfs_printk(KERN_ERR, "Error interposing\n"); | 288 | printk(KERN_ERR "%s: Error interposing; rc = [%d]\n", |
289 | __func__, rc); | ||
325 | goto out; | 290 | goto out; |
326 | } | 291 | } |
327 | if (S_ISDIR(lower_inode->i_mode)) { | 292 | if (S_ISDIR(lower_inode->i_mode)) |
328 | ecryptfs_printk(KERN_DEBUG, "Is a directory; returning\n"); | ||
329 | goto out; | 293 | goto out; |
330 | } | 294 | if (S_ISLNK(lower_inode->i_mode)) |
331 | if (S_ISLNK(lower_inode->i_mode)) { | ||
332 | ecryptfs_printk(KERN_DEBUG, "Is a symlink; returning\n"); | ||
333 | goto out; | 295 | goto out; |
334 | } | 296 | if (special_file(lower_inode->i_mode)) |
335 | if (special_file(lower_inode->i_mode)) { | ||
336 | ecryptfs_printk(KERN_DEBUG, "Is a special file; returning\n"); | ||
337 | goto out; | 297 | goto out; |
338 | } | 298 | if (!ecryptfs_nd) |
339 | if (!nd) { | ||
340 | ecryptfs_printk(KERN_DEBUG, "We have a NULL nd, just leave" | ||
341 | "as we *think* we are about to unlink\n"); | ||
342 | goto out; | 299 | goto out; |
343 | } | ||
344 | /* Released in this function */ | 300 | /* Released in this function */ |
345 | page_virt = kmem_cache_zalloc(ecryptfs_header_cache_2, | 301 | page_virt = kmem_cache_zalloc(ecryptfs_header_cache_2, GFP_USER); |
346 | GFP_USER); | ||
347 | if (!page_virt) { | 302 | if (!page_virt) { |
303 | printk(KERN_ERR "%s: Cannot kmem_cache_zalloc() a page\n", | ||
304 | __func__); | ||
348 | rc = -ENOMEM; | 305 | rc = -ENOMEM; |
349 | ecryptfs_printk(KERN_ERR, | ||
350 | "Cannot ecryptfs_kmalloc a page\n"); | ||
351 | goto out; | 306 | goto out; |
352 | } | 307 | } |
353 | crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; | 308 | if (!ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->lower_file) { |
354 | if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) | 309 | rc = ecryptfs_init_persistent_file(ecryptfs_dentry); |
355 | ecryptfs_set_default_sizes(crypt_stat); | ||
356 | if (!ecryptfs_inode_to_private(dentry->d_inode)->lower_file) { | ||
357 | rc = ecryptfs_init_persistent_file(dentry); | ||
358 | if (rc) { | 310 | if (rc) { |
359 | printk(KERN_ERR "%s: Error attempting to initialize " | 311 | printk(KERN_ERR "%s: Error attempting to initialize " |
360 | "the persistent file for the dentry with name " | 312 | "the persistent file for the dentry with name " |
361 | "[%s]; rc = [%d]\n", __func__, | 313 | "[%s]; rc = [%d]\n", __func__, |
362 | dentry->d_name.name, rc); | 314 | ecryptfs_dentry->d_name.name, rc); |
363 | goto out; | 315 | goto out_free_kmem; |
364 | } | 316 | } |
365 | } | 317 | } |
366 | rc = ecryptfs_read_and_validate_header_region(page_virt, | 318 | rc = ecryptfs_read_and_validate_header_region(page_virt, |
367 | dentry->d_inode); | 319 | ecryptfs_dentry->d_inode); |
368 | if (rc) { | 320 | if (rc) { |
369 | rc = ecryptfs_read_and_validate_xattr_region(page_virt, dentry); | 321 | rc = ecryptfs_read_and_validate_xattr_region(page_virt, |
322 | ecryptfs_dentry); | ||
370 | if (rc) { | 323 | if (rc) { |
371 | printk(KERN_DEBUG "Valid metadata not found in header " | ||
372 | "region or xattr region; treating file as " | ||
373 | "unencrypted\n"); | ||
374 | rc = 0; | 324 | rc = 0; |
375 | kmem_cache_free(ecryptfs_header_cache_2, page_virt); | 325 | goto out_free_kmem; |
376 | goto out; | ||
377 | } | 326 | } |
378 | crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; | 327 | crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; |
379 | } | 328 | } |
380 | mount_crypt_stat = &ecryptfs_superblock_to_private( | 329 | mount_crypt_stat = &ecryptfs_superblock_to_private( |
381 | dentry->d_sb)->mount_crypt_stat; | 330 | ecryptfs_dentry->d_sb)->mount_crypt_stat; |
382 | if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) { | 331 | if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) { |
383 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) | 332 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
384 | file_size = (crypt_stat->num_header_bytes_at_front | 333 | file_size = (crypt_stat->num_header_bytes_at_front |
@@ -388,14 +337,103 @@ static struct dentry *ecryptfs_lookup(struct inode *dir, struct dentry *dentry, | |||
388 | } else { | 337 | } else { |
389 | file_size = get_unaligned_be64(page_virt); | 338 | file_size = get_unaligned_be64(page_virt); |
390 | } | 339 | } |
391 | i_size_write(dentry->d_inode, (loff_t)file_size); | 340 | i_size_write(ecryptfs_dentry->d_inode, (loff_t)file_size); |
341 | out_free_kmem: | ||
392 | kmem_cache_free(ecryptfs_header_cache_2, page_virt); | 342 | kmem_cache_free(ecryptfs_header_cache_2, page_virt); |
393 | goto out; | 343 | goto out; |
394 | |||
395 | out_dput: | 344 | out_dput: |
396 | dput(lower_dentry); | 345 | dput(lower_dentry); |
397 | d_drop(dentry); | 346 | d_drop(ecryptfs_dentry); |
398 | out: | 347 | out: |
348 | return rc; | ||
349 | } | ||
350 | |||
351 | /** | ||
352 | * ecryptfs_lookup | ||
353 | * @ecryptfs_dir_inode: The eCryptfs directory inode | ||
354 | * @ecryptfs_dentry: The eCryptfs dentry that we are looking up | ||
355 | * @ecryptfs_nd: nameidata; may be NULL | ||
356 | * | ||
357 | * Find a file on disk. If the file does not exist, then we'll add it to the | ||
358 | * dentry cache and continue on to read it from the disk. | ||
359 | */ | ||
360 | static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | ||
361 | struct dentry *ecryptfs_dentry, | ||
362 | struct nameidata *ecryptfs_nd) | ||
363 | { | ||
364 | char *encrypted_and_encoded_name = NULL; | ||
365 | int encrypted_and_encoded_name_size; | ||
366 | struct ecryptfs_crypt_stat *crypt_stat = NULL; | ||
367 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; | ||
368 | struct ecryptfs_inode_info *inode_info; | ||
369 | struct dentry *lower_dir_dentry, *lower_dentry; | ||
370 | int rc = 0; | ||
371 | |||
372 | ecryptfs_dentry->d_op = &ecryptfs_dops; | ||
373 | if ((ecryptfs_dentry->d_name.len == 1 | ||
374 | && !strcmp(ecryptfs_dentry->d_name.name, ".")) | ||
375 | || (ecryptfs_dentry->d_name.len == 2 | ||
376 | && !strcmp(ecryptfs_dentry->d_name.name, ".."))) { | ||
377 | goto out_d_drop; | ||
378 | } | ||
379 | lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent); | ||
380 | lower_dentry = lookup_one_len(ecryptfs_dentry->d_name.name, | ||
381 | lower_dir_dentry, | ||
382 | ecryptfs_dentry->d_name.len); | ||
383 | if (IS_ERR(lower_dentry)) { | ||
384 | rc = PTR_ERR(lower_dentry); | ||
385 | printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " | ||
386 | "lower_dentry = [%s]\n", __func__, rc, | ||
387 | ecryptfs_dentry->d_name.name); | ||
388 | goto out_d_drop; | ||
389 | } | ||
390 | if (lower_dentry->d_inode) | ||
391 | goto lookup_and_interpose; | ||
392 | inode_info = ecryptfs_inode_to_private(ecryptfs_dentry->d_inode); | ||
393 | if (inode_info) { | ||
394 | crypt_stat = &inode_info->crypt_stat; | ||
395 | /* TODO: lock for crypt_stat comparison */ | ||
396 | if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) | ||
397 | ecryptfs_set_default_sizes(crypt_stat); | ||
398 | } | ||
399 | if (crypt_stat) | ||
400 | mount_crypt_stat = crypt_stat->mount_crypt_stat; | ||
401 | else | ||
402 | mount_crypt_stat = &ecryptfs_superblock_to_private( | ||
403 | ecryptfs_dentry->d_sb)->mount_crypt_stat; | ||
404 | if (!(crypt_stat && (crypt_stat->flags & ECRYPTFS_ENCRYPT_FILENAMES)) | ||
405 | && !(mount_crypt_stat && (mount_crypt_stat->flags | ||
406 | & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) | ||
407 | goto lookup_and_interpose; | ||
408 | dput(lower_dentry); | ||
409 | rc = ecryptfs_encrypt_and_encode_filename( | ||
410 | &encrypted_and_encoded_name, &encrypted_and_encoded_name_size, | ||
411 | crypt_stat, mount_crypt_stat, ecryptfs_dentry->d_name.name, | ||
412 | ecryptfs_dentry->d_name.len); | ||
413 | if (rc) { | ||
414 | printk(KERN_ERR "%s: Error attempting to encrypt and encode " | ||
415 | "filename; rc = [%d]\n", __func__, rc); | ||
416 | goto out_d_drop; | ||
417 | } | ||
418 | lower_dentry = lookup_one_len(encrypted_and_encoded_name, | ||
419 | lower_dir_dentry, | ||
420 | encrypted_and_encoded_name_size - 1); | ||
421 | if (IS_ERR(lower_dentry)) { | ||
422 | rc = PTR_ERR(lower_dentry); | ||
423 | printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " | ||
424 | "lower_dentry = [%s]\n", __func__, rc, | ||
425 | encrypted_and_encoded_name); | ||
426 | goto out_d_drop; | ||
427 | } | ||
428 | lookup_and_interpose: | ||
429 | rc = ecryptfs_lookup_and_interpose_lower(ecryptfs_dentry, lower_dentry, | ||
430 | crypt_stat, ecryptfs_dir_inode, | ||
431 | ecryptfs_nd); | ||
432 | goto out; | ||
433 | out_d_drop: | ||
434 | d_drop(ecryptfs_dentry); | ||
435 | out: | ||
436 | kfree(encrypted_and_encoded_name); | ||
399 | return ERR_PTR(rc); | 437 | return ERR_PTR(rc); |
400 | } | 438 | } |
401 | 439 | ||
@@ -466,19 +504,21 @@ static int ecryptfs_symlink(struct inode *dir, struct dentry *dentry, | |||
466 | struct dentry *lower_dentry; | 504 | struct dentry *lower_dentry; |
467 | struct dentry *lower_dir_dentry; | 505 | struct dentry *lower_dir_dentry; |
468 | char *encoded_symname; | 506 | char *encoded_symname; |
469 | int encoded_symlen; | 507 | size_t encoded_symlen; |
470 | struct ecryptfs_crypt_stat *crypt_stat = NULL; | 508 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; |
471 | 509 | ||
472 | lower_dentry = ecryptfs_dentry_to_lower(dentry); | 510 | lower_dentry = ecryptfs_dentry_to_lower(dentry); |
473 | dget(lower_dentry); | 511 | dget(lower_dentry); |
474 | lower_dir_dentry = lock_parent(lower_dentry); | 512 | lower_dir_dentry = lock_parent(lower_dentry); |
475 | encoded_symlen = ecryptfs_encode_filename(crypt_stat, symname, | 513 | mount_crypt_stat = &ecryptfs_superblock_to_private( |
476 | strlen(symname), | 514 | dir->i_sb)->mount_crypt_stat; |
477 | &encoded_symname); | 515 | rc = ecryptfs_encrypt_and_encode_filename(&encoded_symname, |
478 | if (encoded_symlen < 0) { | 516 | &encoded_symlen, |
479 | rc = encoded_symlen; | 517 | NULL, |
518 | mount_crypt_stat, symname, | ||
519 | strlen(symname)); | ||
520 | if (rc) | ||
480 | goto out_lock; | 521 | goto out_lock; |
481 | } | ||
482 | rc = vfs_symlink(lower_dir_dentry->d_inode, lower_dentry, | 522 | rc = vfs_symlink(lower_dir_dentry->d_inode, lower_dentry, |
483 | encoded_symname); | 523 | encoded_symname); |
484 | kfree(encoded_symname); | 524 | kfree(encoded_symname); |
@@ -602,52 +642,54 @@ out_lock: | |||
602 | } | 642 | } |
603 | 643 | ||
604 | static int | 644 | static int |
605 | ecryptfs_readlink(struct dentry *dentry, char __user * buf, int bufsiz) | 645 | ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) |
606 | { | 646 | { |
607 | int rc; | ||
608 | struct dentry *lower_dentry; | ||
609 | char *decoded_name; | ||
610 | char *lower_buf; | 647 | char *lower_buf; |
611 | mm_segment_t old_fs; | 648 | struct dentry *lower_dentry; |
612 | struct ecryptfs_crypt_stat *crypt_stat; | 649 | struct ecryptfs_crypt_stat *crypt_stat; |
650 | char *plaintext_name; | ||
651 | size_t plaintext_name_size; | ||
652 | mm_segment_t old_fs; | ||
653 | int rc; | ||
613 | 654 | ||
614 | lower_dentry = ecryptfs_dentry_to_lower(dentry); | 655 | lower_dentry = ecryptfs_dentry_to_lower(dentry); |
615 | if (!lower_dentry->d_inode->i_op->readlink) { | 656 | if (!lower_dentry->d_inode->i_op->readlink) { |
616 | rc = -EINVAL; | 657 | rc = -EINVAL; |
617 | goto out; | 658 | goto out; |
618 | } | 659 | } |
660 | crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; | ||
619 | /* Released in this function */ | 661 | /* Released in this function */ |
620 | lower_buf = kmalloc(bufsiz, GFP_KERNEL); | 662 | lower_buf = kmalloc(bufsiz, GFP_KERNEL); |
621 | if (lower_buf == NULL) { | 663 | if (lower_buf == NULL) { |
622 | ecryptfs_printk(KERN_ERR, "Out of memory\n"); | 664 | printk(KERN_ERR "%s: Out of memory whilst attempting to " |
665 | "kmalloc [%d] bytes\n", __func__, bufsiz); | ||
623 | rc = -ENOMEM; | 666 | rc = -ENOMEM; |
624 | goto out; | 667 | goto out; |
625 | } | 668 | } |
626 | old_fs = get_fs(); | 669 | old_fs = get_fs(); |
627 | set_fs(get_ds()); | 670 | set_fs(get_ds()); |
628 | ecryptfs_printk(KERN_DEBUG, "Calling readlink w/ " | ||
629 | "lower_dentry->d_name.name = [%s]\n", | ||
630 | lower_dentry->d_name.name); | ||
631 | rc = lower_dentry->d_inode->i_op->readlink(lower_dentry, | 671 | rc = lower_dentry->d_inode->i_op->readlink(lower_dentry, |
632 | (char __user *)lower_buf, | 672 | (char __user *)lower_buf, |
633 | bufsiz); | 673 | bufsiz); |
634 | set_fs(old_fs); | 674 | set_fs(old_fs); |
635 | if (rc >= 0) { | 675 | if (rc >= 0) { |
636 | crypt_stat = NULL; | 676 | rc = ecryptfs_decode_and_decrypt_filename(&plaintext_name, |
637 | rc = ecryptfs_decode_filename(crypt_stat, lower_buf, rc, | 677 | &plaintext_name_size, |
638 | &decoded_name); | 678 | dentry, lower_buf, |
639 | if (rc == -ENOMEM) | 679 | rc); |
680 | if (rc) { | ||
681 | printk(KERN_ERR "%s: Error attempting to decode and " | ||
682 | "decrypt filename; rc = [%d]\n", __func__, | ||
683 | rc); | ||
640 | goto out_free_lower_buf; | 684 | goto out_free_lower_buf; |
641 | if (rc > 0) { | ||
642 | ecryptfs_printk(KERN_DEBUG, "Copying [%d] bytes " | ||
643 | "to userspace: [%*s]\n", rc, | ||
644 | decoded_name); | ||
645 | if (copy_to_user(buf, decoded_name, rc)) | ||
646 | rc = -EFAULT; | ||
647 | } | 685 | } |
648 | kfree(decoded_name); | 686 | rc = copy_to_user(buf, plaintext_name, plaintext_name_size); |
649 | fsstack_copy_attr_atime(dentry->d_inode, | 687 | if (rc) |
650 | lower_dentry->d_inode); | 688 | rc = -EFAULT; |
689 | else | ||
690 | rc = plaintext_name_size; | ||
691 | kfree(plaintext_name); | ||
692 | fsstack_copy_attr_atime(dentry->d_inode, lower_dentry->d_inode); | ||
651 | } | 693 | } |
652 | out_free_lower_buf: | 694 | out_free_lower_buf: |
653 | kfree(lower_buf); | 695 | kfree(lower_buf); |
@@ -669,8 +711,6 @@ static void *ecryptfs_follow_link(struct dentry *dentry, struct nameidata *nd) | |||
669 | } | 711 | } |
670 | old_fs = get_fs(); | 712 | old_fs = get_fs(); |
671 | set_fs(get_ds()); | 713 | set_fs(get_ds()); |
672 | ecryptfs_printk(KERN_DEBUG, "Calling readlink w/ " | ||
673 | "dentry->d_name.name = [%s]\n", dentry->d_name.name); | ||
674 | rc = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len); | 714 | rc = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len); |
675 | set_fs(old_fs); | 715 | set_fs(old_fs); |
676 | if (rc < 0) | 716 | if (rc < 0) |