diff options
| author | Eric Sandeen <sandeen@redhat.com> | 2008-02-06 04:38:37 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2008-02-06 13:41:13 -0500 |
| commit | af440f52927e4b6941aa94e3cfc698adb0f22663 (patch) | |
| tree | 00a7fdc2b09e8e6146f0fd0bc055688d58eea939 /fs/ecryptfs/main.c | |
| parent | 19e66a67e9b25874cd5e184e7d381ce1b955df11 (diff) | |
ecryptfs: check for existing key_tfm at mount time
Jeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same
cipher & other mount options, created a new ecryptfs_key_tfm_cache item
each time, and the cache could grow quite large this way.
Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
unconditionally called ecryptfs_add_new_key_tfm(), which is what was adding
these items.
Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new
helper function, ecryptfs_tfm_exists(), which checks for the cipher on the
cached key_tfm_list, and sets a pointer to it if it exists. This can then
be called from ecryptfs_parse_options(), and new key_tfm's can be added
only when a cached one is not found.
With list locking changes suggested by akpm.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/ecryptfs/main.c')
| -rw-r--r-- | fs/ecryptfs/main.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index dc620fc16595..778c420e4cac 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c | |||
| @@ -410,9 +410,13 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
| 410 | if (!cipher_key_bytes_set) { | 410 | if (!cipher_key_bytes_set) { |
| 411 | mount_crypt_stat->global_default_cipher_key_size = 0; | 411 | mount_crypt_stat->global_default_cipher_key_size = 0; |
| 412 | } | 412 | } |
| 413 | rc = ecryptfs_add_new_key_tfm( | 413 | mutex_lock(&key_tfm_list_mutex); |
| 414 | NULL, mount_crypt_stat->global_default_cipher_name, | 414 | if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name, |
| 415 | mount_crypt_stat->global_default_cipher_key_size); | 415 | NULL)) |
| 416 | rc = ecryptfs_add_new_key_tfm( | ||
| 417 | NULL, mount_crypt_stat->global_default_cipher_name, | ||
| 418 | mount_crypt_stat->global_default_cipher_key_size); | ||
| 419 | mutex_unlock(&key_tfm_list_mutex); | ||
| 416 | if (rc) { | 420 | if (rc) { |
| 417 | printk(KERN_ERR "Error attempting to initialize cipher with " | 421 | printk(KERN_ERR "Error attempting to initialize cipher with " |
| 418 | "name = [%s] and key size = [%td]; rc = [%d]\n", | 422 | "name = [%s] and key size = [%td]; rc = [%d]\n", |