diff options
author | Michael Halcrow <mhalcrow@us.ibm.com> | 2007-10-16 04:27:55 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-16 12:43:10 -0400 |
commit | 956159c3d6e7eed61da0aaee740fbfba52849ff8 (patch) | |
tree | b4b14bbda404eda6ce6d9604e6024f3a647dfc8c /fs/ecryptfs | |
parent | e0869cc144174c5e3e2671cb40fdecac44d71855 (diff) |
eCryptfs: kmem_cache objects for multiple keys; init/exit functions
Introduce kmem_cache objects for handling multiple keys per inode. Add calls
in the module init and exit code to call the key list
initialization/destruction functions.
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/ecryptfs')
-rw-r--r-- | fs/ecryptfs/main.c | 44 |
1 files changed, 36 insertions, 8 deletions
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index 6e2170c96c02..0387f0d73cd0 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c | |||
@@ -240,14 +240,11 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
240 | int cipher_name_set = 0; | 240 | int cipher_name_set = 0; |
241 | int cipher_key_bytes; | 241 | int cipher_key_bytes; |
242 | int cipher_key_bytes_set = 0; | 242 | int cipher_key_bytes_set = 0; |
243 | struct key *auth_tok_key = NULL; | ||
244 | struct ecryptfs_auth_tok *auth_tok = NULL; | ||
245 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = | 243 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = |
246 | &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; | 244 | &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; |
247 | substring_t args[MAX_OPT_ARGS]; | 245 | substring_t args[MAX_OPT_ARGS]; |
248 | int token; | 246 | int token; |
249 | char *sig_src; | 247 | char *sig_src; |
250 | char *sig_dst; | ||
251 | char *debug_src; | 248 | char *debug_src; |
252 | char *cipher_name_dst; | 249 | char *cipher_name_dst; |
253 | char *cipher_name_src; | 250 | char *cipher_name_src; |
@@ -258,6 +255,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
258 | rc = -EINVAL; | 255 | rc = -EINVAL; |
259 | goto out; | 256 | goto out; |
260 | } | 257 | } |
258 | ecryptfs_init_mount_crypt_stat(mount_crypt_stat); | ||
261 | while ((p = strsep(&options, ",")) != NULL) { | 259 | while ((p = strsep(&options, ",")) != NULL) { |
262 | if (!*p) | 260 | if (!*p) |
263 | continue; | 261 | continue; |
@@ -334,12 +332,10 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
334 | p); | 332 | p); |
335 | } | 333 | } |
336 | } | 334 | } |
337 | /* Do not support lack of mount-wide signature in 0.1 | ||
338 | * release */ | ||
339 | if (!sig_set) { | 335 | if (!sig_set) { |
340 | rc = -EINVAL; | 336 | rc = -EINVAL; |
341 | ecryptfs_printk(KERN_ERR, "You must supply a valid " | 337 | ecryptfs_printk(KERN_ERR, "You must supply at least one valid " |
342 | "passphrase auth tok signature as a mount " | 338 | "auth tok signature as a mount " |
343 | "parameter; see the eCryptfs README\n"); | 339 | "parameter; see the eCryptfs README\n"); |
344 | goto out; | 340 | goto out; |
345 | } | 341 | } |
@@ -615,6 +611,21 @@ static struct ecryptfs_cache_info { | |||
615 | .name = "ecryptfs_key_record_cache", | 611 | .name = "ecryptfs_key_record_cache", |
616 | .size = sizeof(struct ecryptfs_key_record), | 612 | .size = sizeof(struct ecryptfs_key_record), |
617 | }, | 613 | }, |
614 | { | ||
615 | .cache = &ecryptfs_key_sig_cache, | ||
616 | .name = "ecryptfs_key_sig_cache", | ||
617 | .size = sizeof(struct ecryptfs_key_sig), | ||
618 | }, | ||
619 | { | ||
620 | .cache = &ecryptfs_global_auth_tok_cache, | ||
621 | .name = "ecryptfs_global_auth_tok_cache", | ||
622 | .size = sizeof(struct ecryptfs_global_auth_tok), | ||
623 | }, | ||
624 | { | ||
625 | .cache = &ecryptfs_key_tfm_cache, | ||
626 | .name = "ecryptfs_key_tfm_cache", | ||
627 | .size = sizeof(struct ecryptfs_key_tfm), | ||
628 | }, | ||
618 | }; | 629 | }; |
619 | 630 | ||
620 | static void ecryptfs_free_kmem_caches(void) | 631 | static void ecryptfs_free_kmem_caches(void) |
@@ -717,7 +728,8 @@ static struct ecryptfs_version_str_map_elem { | |||
717 | {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"}, | 728 | {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"}, |
718 | {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"}, | 729 | {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"}, |
719 | {ECRYPTFS_VERSIONING_POLICY, "policy"}, | 730 | {ECRYPTFS_VERSIONING_POLICY, "policy"}, |
720 | {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"} | 731 | {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"}, |
732 | {ECRYPTFS_VERSIONING_MULTKEY, "multiple keys per file"} | ||
721 | }; | 733 | }; |
722 | 734 | ||
723 | static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff) | 735 | static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff) |
@@ -782,6 +794,12 @@ out: | |||
782 | 794 | ||
783 | static void do_sysfs_unregistration(void) | 795 | static void do_sysfs_unregistration(void) |
784 | { | 796 | { |
797 | int rc; | ||
798 | |||
799 | if ((rc = ecryptfs_destruct_crypto())) { | ||
800 | printk(KERN_ERR "Failure whilst attempting to destruct crypto; " | ||
801 | "rc = [%d]\n", rc); | ||
802 | } | ||
785 | sysfs_remove_file(&ecryptfs_subsys.kobj, | 803 | sysfs_remove_file(&ecryptfs_subsys.kobj, |
786 | &sysfs_attr_version.attr); | 804 | &sysfs_attr_version.attr); |
787 | sysfs_remove_file(&ecryptfs_subsys.kobj, | 805 | sysfs_remove_file(&ecryptfs_subsys.kobj, |
@@ -830,6 +848,16 @@ static int __init ecryptfs_init(void) | |||
830 | do_sysfs_unregistration(); | 848 | do_sysfs_unregistration(); |
831 | unregister_filesystem(&ecryptfs_fs_type); | 849 | unregister_filesystem(&ecryptfs_fs_type); |
832 | ecryptfs_free_kmem_caches(); | 850 | ecryptfs_free_kmem_caches(); |
851 | goto out; | ||
852 | } | ||
853 | rc = ecryptfs_init_crypto(); | ||
854 | if (rc) { | ||
855 | printk(KERN_ERR "Failure whilst attempting to init crypto; " | ||
856 | "rc = [%d]\n", rc); | ||
857 | do_sysfs_unregistration(); | ||
858 | unregister_filesystem(&ecryptfs_fs_type); | ||
859 | ecryptfs_free_kmem_caches(); | ||
860 | goto out; | ||
833 | } | 861 | } |
834 | out: | 862 | out: |
835 | return rc; | 863 | return rc; |