aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/ecryptfs/crypto.c8
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h7
-rw-r--r--fs/ecryptfs/keystore.c43
3 files changed, 26 insertions, 32 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 7aa2f48978de..8e9b36df7881 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -123,9 +123,9 @@ out:
123 return rc; 123 return rc;
124} 124}
125 125
126int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, 126static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name,
127 char *cipher_name, 127 char *cipher_name,
128 char *chaining_modifier) 128 char *chaining_modifier)
129{ 129{
130 int cipher_name_len = strlen(cipher_name); 130 int cipher_name_len = strlen(cipher_name);
131 int chaining_modifier_len = strlen(chaining_modifier); 131 int chaining_modifier_len = strlen(chaining_modifier);
@@ -1859,7 +1859,7 @@ out:
1859 * should be released by other functions, such as on a superblock put 1859 * should be released by other functions, such as on a superblock put
1860 * event, regardless of whether this function succeeds for fails. 1860 * event, regardless of whether this function succeeds for fails.
1861 */ 1861 */
1862int 1862static int
1863ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm, 1863ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm,
1864 char *cipher_name, size_t *key_size) 1864 char *cipher_name, size_t *key_size)
1865{ 1865{
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index fd6dd585514c..78761e4bdab8 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -156,7 +156,6 @@ struct ecryptfs_auth_tok {
156 } token; 156 } token;
157} __attribute__ ((packed)); 157} __attribute__ ((packed));
158 158
159int ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok);
160void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok); 159void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok);
161extern void ecryptfs_to_hex(char *dst, char *src, size_t src_size); 160extern void ecryptfs_to_hex(char *dst, char *src, size_t src_size);
162extern void ecryptfs_from_hex(char *dst, char *src, int dst_size); 161extern void ecryptfs_from_hex(char *dst, char *src, int dst_size);
@@ -536,9 +535,6 @@ void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat);
536void ecryptfs_destroy_mount_crypt_stat( 535void ecryptfs_destroy_mount_crypt_stat(
537 struct ecryptfs_mount_crypt_stat *mount_crypt_stat); 536 struct ecryptfs_mount_crypt_stat *mount_crypt_stat);
538int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat); 537int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat);
539int ecryptfs_crypto_api_algify_cipher_name(char **algified_name,
540 char *cipher_name,
541 char *chaining_modifier);
542#define ECRYPTFS_LOWER_I_MUTEX_NOT_HELD 0 538#define ECRYPTFS_LOWER_I_MUTEX_NOT_HELD 0
543#define ECRYPTFS_LOWER_I_MUTEX_HELD 1 539#define ECRYPTFS_LOWER_I_MUTEX_HELD 1
544int ecryptfs_write_inode_size_to_metadata(struct file *lower_file, 540int ecryptfs_write_inode_size_to_metadata(struct file *lower_file,
@@ -579,13 +575,10 @@ int ecryptfs_generate_key_packet_set(char *dest_base,
579 struct ecryptfs_crypt_stat *crypt_stat, 575 struct ecryptfs_crypt_stat *crypt_stat,
580 struct dentry *ecryptfs_dentry, 576 struct dentry *ecryptfs_dentry,
581 size_t *len, size_t max); 577 size_t *len, size_t max);
582int process_request_key_err(long err_code);
583int 578int
584ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, 579ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat,
585 unsigned char *src, struct dentry *ecryptfs_dentry); 580 unsigned char *src, struct dentry *ecryptfs_dentry);
586int ecryptfs_truncate(struct dentry *dentry, loff_t new_length); 581int ecryptfs_truncate(struct dentry *dentry, loff_t new_length);
587int ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm,
588 char *cipher_name, size_t *key_size);
589int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode); 582int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode);
590int ecryptfs_inode_set(struct inode *inode, void *lower_inode); 583int ecryptfs_inode_set(struct inode *inode, void *lower_inode);
591void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode); 584void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode);
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index a6cbfc16d8a4..09e2340ab783 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -39,7 +39,7 @@
39 * determine the type of error, make appropriate log entries, and 39 * determine the type of error, make appropriate log entries, and
40 * return an error code. 40 * return an error code.
41 */ 41 */
42int process_request_key_err(long err_code) 42static int process_request_key_err(long err_code)
43{ 43{
44 int rc = 0; 44 int rc = 0;
45 45
@@ -396,6 +396,27 @@ out:
396 return rc; 396 return rc;
397} 397}
398 398
399static int
400ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok)
401{
402 int rc = 0;
403
404 (*sig) = NULL;
405 switch (auth_tok->token_type) {
406 case ECRYPTFS_PASSWORD:
407 (*sig) = auth_tok->token.password.signature;
408 break;
409 case ECRYPTFS_PRIVATE_KEY:
410 (*sig) = auth_tok->token.private_key.signature;
411 break;
412 default:
413 printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n",
414 auth_tok->token_type);
415 rc = -EINVAL;
416 }
417 return rc;
418}
419
399/** 420/**
400 * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok. 421 * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok.
401 * @auth_tok: The key authentication token used to decrypt the session key 422 * @auth_tok: The key authentication token used to decrypt the session key
@@ -1082,26 +1103,6 @@ out:
1082 return rc; 1103 return rc;
1083} 1104}
1084 1105
1085int ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok)
1086{
1087 int rc = 0;
1088
1089 (*sig) = NULL;
1090 switch (auth_tok->token_type) {
1091 case ECRYPTFS_PASSWORD:
1092 (*sig) = auth_tok->token.password.signature;
1093 break;
1094 case ECRYPTFS_PRIVATE_KEY:
1095 (*sig) = auth_tok->token.private_key.signature;
1096 break;
1097 default:
1098 printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n",
1099 auth_tok->token_type);
1100 rc = -EINVAL;
1101 }
1102 return rc;
1103}
1104
1105/** 1106/**
1106 * ecryptfs_parse_packet_set 1107 * ecryptfs_parse_packet_set
1107 * @crypt_stat: The cryptographic context 1108 * @crypt_stat: The cryptographic context