diff options
-rw-r--r-- | fs/ecryptfs/crypto.c | 8 | ||||
-rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 7 | ||||
-rw-r--r-- | fs/ecryptfs/keystore.c | 43 |
3 files changed, 26 insertions, 32 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 7aa2f48978de..8e9b36df7881 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
@@ -123,9 +123,9 @@ out: | |||
123 | return rc; | 123 | return rc; |
124 | } | 124 | } |
125 | 125 | ||
126 | int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, | 126 | static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, |
127 | char *cipher_name, | 127 | char *cipher_name, |
128 | char *chaining_modifier) | 128 | char *chaining_modifier) |
129 | { | 129 | { |
130 | int cipher_name_len = strlen(cipher_name); | 130 | int cipher_name_len = strlen(cipher_name); |
131 | int chaining_modifier_len = strlen(chaining_modifier); | 131 | int chaining_modifier_len = strlen(chaining_modifier); |
@@ -1859,7 +1859,7 @@ out: | |||
1859 | * should be released by other functions, such as on a superblock put | 1859 | * should be released by other functions, such as on a superblock put |
1860 | * event, regardless of whether this function succeeds for fails. | 1860 | * event, regardless of whether this function succeeds for fails. |
1861 | */ | 1861 | */ |
1862 | int | 1862 | static int |
1863 | ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm, | 1863 | ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm, |
1864 | char *cipher_name, size_t *key_size) | 1864 | char *cipher_name, size_t *key_size) |
1865 | { | 1865 | { |
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index fd6dd585514c..78761e4bdab8 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h | |||
@@ -156,7 +156,6 @@ struct ecryptfs_auth_tok { | |||
156 | } token; | 156 | } token; |
157 | } __attribute__ ((packed)); | 157 | } __attribute__ ((packed)); |
158 | 158 | ||
159 | int ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok); | ||
160 | void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok); | 159 | void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok); |
161 | extern void ecryptfs_to_hex(char *dst, char *src, size_t src_size); | 160 | extern void ecryptfs_to_hex(char *dst, char *src, size_t src_size); |
162 | extern void ecryptfs_from_hex(char *dst, char *src, int dst_size); | 161 | extern void ecryptfs_from_hex(char *dst, char *src, int dst_size); |
@@ -536,9 +535,6 @@ void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); | |||
536 | void ecryptfs_destroy_mount_crypt_stat( | 535 | void ecryptfs_destroy_mount_crypt_stat( |
537 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat); | 536 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat); |
538 | int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat); | 537 | int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat); |
539 | int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, | ||
540 | char *cipher_name, | ||
541 | char *chaining_modifier); | ||
542 | #define ECRYPTFS_LOWER_I_MUTEX_NOT_HELD 0 | 538 | #define ECRYPTFS_LOWER_I_MUTEX_NOT_HELD 0 |
543 | #define ECRYPTFS_LOWER_I_MUTEX_HELD 1 | 539 | #define ECRYPTFS_LOWER_I_MUTEX_HELD 1 |
544 | int ecryptfs_write_inode_size_to_metadata(struct file *lower_file, | 540 | int ecryptfs_write_inode_size_to_metadata(struct file *lower_file, |
@@ -579,13 +575,10 @@ int ecryptfs_generate_key_packet_set(char *dest_base, | |||
579 | struct ecryptfs_crypt_stat *crypt_stat, | 575 | struct ecryptfs_crypt_stat *crypt_stat, |
580 | struct dentry *ecryptfs_dentry, | 576 | struct dentry *ecryptfs_dentry, |
581 | size_t *len, size_t max); | 577 | size_t *len, size_t max); |
582 | int process_request_key_err(long err_code); | ||
583 | int | 578 | int |
584 | ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, | 579 | ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, |
585 | unsigned char *src, struct dentry *ecryptfs_dentry); | 580 | unsigned char *src, struct dentry *ecryptfs_dentry); |
586 | int ecryptfs_truncate(struct dentry *dentry, loff_t new_length); | 581 | int ecryptfs_truncate(struct dentry *dentry, loff_t new_length); |
587 | int ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm, | ||
588 | char *cipher_name, size_t *key_size); | ||
589 | int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode); | 582 | int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode); |
590 | int ecryptfs_inode_set(struct inode *inode, void *lower_inode); | 583 | int ecryptfs_inode_set(struct inode *inode, void *lower_inode); |
591 | void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode); | 584 | void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode); |
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c index a6cbfc16d8a4..09e2340ab783 100644 --- a/fs/ecryptfs/keystore.c +++ b/fs/ecryptfs/keystore.c | |||
@@ -39,7 +39,7 @@ | |||
39 | * determine the type of error, make appropriate log entries, and | 39 | * determine the type of error, make appropriate log entries, and |
40 | * return an error code. | 40 | * return an error code. |
41 | */ | 41 | */ |
42 | int process_request_key_err(long err_code) | 42 | static int process_request_key_err(long err_code) |
43 | { | 43 | { |
44 | int rc = 0; | 44 | int rc = 0; |
45 | 45 | ||
@@ -396,6 +396,27 @@ out: | |||
396 | return rc; | 396 | return rc; |
397 | } | 397 | } |
398 | 398 | ||
399 | static int | ||
400 | ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok) | ||
401 | { | ||
402 | int rc = 0; | ||
403 | |||
404 | (*sig) = NULL; | ||
405 | switch (auth_tok->token_type) { | ||
406 | case ECRYPTFS_PASSWORD: | ||
407 | (*sig) = auth_tok->token.password.signature; | ||
408 | break; | ||
409 | case ECRYPTFS_PRIVATE_KEY: | ||
410 | (*sig) = auth_tok->token.private_key.signature; | ||
411 | break; | ||
412 | default: | ||
413 | printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n", | ||
414 | auth_tok->token_type); | ||
415 | rc = -EINVAL; | ||
416 | } | ||
417 | return rc; | ||
418 | } | ||
419 | |||
399 | /** | 420 | /** |
400 | * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok. | 421 | * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok. |
401 | * @auth_tok: The key authentication token used to decrypt the session key | 422 | * @auth_tok: The key authentication token used to decrypt the session key |
@@ -1082,26 +1103,6 @@ out: | |||
1082 | return rc; | 1103 | return rc; |
1083 | } | 1104 | } |
1084 | 1105 | ||
1085 | int ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok) | ||
1086 | { | ||
1087 | int rc = 0; | ||
1088 | |||
1089 | (*sig) = NULL; | ||
1090 | switch (auth_tok->token_type) { | ||
1091 | case ECRYPTFS_PASSWORD: | ||
1092 | (*sig) = auth_tok->token.password.signature; | ||
1093 | break; | ||
1094 | case ECRYPTFS_PRIVATE_KEY: | ||
1095 | (*sig) = auth_tok->token.private_key.signature; | ||
1096 | break; | ||
1097 | default: | ||
1098 | printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n", | ||
1099 | auth_tok->token_type); | ||
1100 | rc = -EINVAL; | ||
1101 | } | ||
1102 | return rc; | ||
1103 | } | ||
1104 | |||
1105 | /** | 1106 | /** |
1106 | * ecryptfs_parse_packet_set | 1107 | * ecryptfs_parse_packet_set |
1107 | * @crypt_stat: The cryptographic context | 1108 | * @crypt_stat: The cryptographic context |