aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs
diff options
context:
space:
mode:
authorTyler Hicks <tyhicks@canonical.com>2013-04-06 03:41:48 -0400
committerTyler Hicks <tyhicks@canonical.com>2013-06-07 20:28:25 -0400
commit9c6043f41222b448a314b0b8370f33b579f777ea (patch)
tree9ce1fceedb274ed8ed223d5fcb770fe7cc23b2e8 /fs/ecryptfs
parent28916d1ac1dd658773717e8eddc7c4ceeefc19b8 (diff)
eCryptfs: Decrypt pages in-place
When reading in a page, eCryptfs would allocate a helper page, fill it with encrypted data from the lower filesytem, and then decrypt the data from the encrypted page and store the result in the eCryptfs page cache page. The crypto API supports in-place crypto operations which means that the allocation of the helper page is unnecessary when decrypting. This patch gets rid of the unneeded page allocation by reading encrypted data from the lower filesystem directly into the page cache page. The page cache page is then decrypted in-place. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Diffstat (limited to 'fs/ecryptfs')
-rw-r--r--fs/ecryptfs/crypto.c21
1 files changed, 5 insertions, 16 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index ec640ebcdea8..35b409bda841 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -586,8 +586,7 @@ int ecryptfs_decrypt_page(struct page *page)
586{ 586{
587 struct inode *ecryptfs_inode; 587 struct inode *ecryptfs_inode;
588 struct ecryptfs_crypt_stat *crypt_stat; 588 struct ecryptfs_crypt_stat *crypt_stat;
589 char *enc_extent_virt; 589 char *page_virt;
590 struct page *enc_extent_page = NULL;
591 unsigned long extent_offset; 590 unsigned long extent_offset;
592 loff_t lower_offset; 591 loff_t lower_offset;
593 int rc = 0; 592 int rc = 0;
@@ -596,19 +595,12 @@ int ecryptfs_decrypt_page(struct page *page)
596 crypt_stat = 595 crypt_stat =
597 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 596 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
598 BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); 597 BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
599 enc_extent_page = alloc_page(GFP_USER);
600 if (!enc_extent_page) {
601 rc = -ENOMEM;
602 ecryptfs_printk(KERN_ERR, "Error allocating memory for "
603 "encrypted extent\n");
604 goto out;
605 }
606 598
607 lower_offset = lower_offset_for_page(crypt_stat, page); 599 lower_offset = lower_offset_for_page(crypt_stat, page);
608 enc_extent_virt = kmap(enc_extent_page); 600 page_virt = kmap(page);
609 rc = ecryptfs_read_lower(enc_extent_virt, lower_offset, PAGE_CACHE_SIZE, 601 rc = ecryptfs_read_lower(page_virt, lower_offset, PAGE_CACHE_SIZE,
610 ecryptfs_inode); 602 ecryptfs_inode);
611 kunmap(enc_extent_page); 603 kunmap(page);
612 if (rc < 0) { 604 if (rc < 0) {
613 ecryptfs_printk(KERN_ERR, 605 ecryptfs_printk(KERN_ERR,
614 "Error attempting to read lower page; rc = [%d]\n", 606 "Error attempting to read lower page; rc = [%d]\n",
@@ -619,7 +611,7 @@ int ecryptfs_decrypt_page(struct page *page)
619 for (extent_offset = 0; 611 for (extent_offset = 0;
620 extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); 612 extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size);
621 extent_offset++) { 613 extent_offset++) {
622 rc = ecryptfs_decrypt_extent(page, crypt_stat, enc_extent_page, 614 rc = ecryptfs_decrypt_extent(page, crypt_stat, page,
623 extent_offset); 615 extent_offset);
624 if (rc) { 616 if (rc) {
625 printk(KERN_ERR "%s: Error encrypting extent; " 617 printk(KERN_ERR "%s: Error encrypting extent; "
@@ -628,9 +620,6 @@ int ecryptfs_decrypt_page(struct page *page)
628 } 620 }
629 } 621 }
630out: 622out:
631 if (enc_extent_page) {
632 __free_page(enc_extent_page);
633 }
634 return rc; 623 return rc;
635} 624}
636 625