diff options
Diffstat (limited to 'fs/ecryptfs/crypto.c')
| -rw-r--r-- | fs/ecryptfs/crypto.c | 51 |
1 files changed, 34 insertions, 17 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index f6caeb1d1106..8b65f289ee00 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
| @@ -946,6 +946,8 @@ static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs( | |||
| 946 | list_for_each_entry(global_auth_tok, | 946 | list_for_each_entry(global_auth_tok, |
| 947 | &mount_crypt_stat->global_auth_tok_list, | 947 | &mount_crypt_stat->global_auth_tok_list, |
| 948 | mount_crypt_stat_list) { | 948 | mount_crypt_stat_list) { |
| 949 | if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK) | ||
| 950 | continue; | ||
| 949 | rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); | 951 | rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); |
| 950 | if (rc) { | 952 | if (rc) { |
| 951 | printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); | 953 | printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); |
| @@ -1322,14 +1324,13 @@ static int ecryptfs_write_headers_virt(char *page_virt, size_t max, | |||
| 1322 | } | 1324 | } |
| 1323 | 1325 | ||
| 1324 | static int | 1326 | static int |
| 1325 | ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, | 1327 | ecryptfs_write_metadata_to_contents(struct dentry *ecryptfs_dentry, |
| 1326 | struct dentry *ecryptfs_dentry, | 1328 | char *virt, size_t virt_len) |
| 1327 | char *virt) | ||
| 1328 | { | 1329 | { |
| 1329 | int rc; | 1330 | int rc; |
| 1330 | 1331 | ||
| 1331 | rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, | 1332 | rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, |
| 1332 | 0, crypt_stat->num_header_bytes_at_front); | 1333 | 0, virt_len); |
| 1333 | if (rc) | 1334 | if (rc) |
| 1334 | printk(KERN_ERR "%s: Error attempting to write header " | 1335 | printk(KERN_ERR "%s: Error attempting to write header " |
| 1335 | "information to lower file; rc = [%d]\n", __func__, | 1336 | "information to lower file; rc = [%d]\n", __func__, |
| @@ -1339,7 +1340,6 @@ ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, | |||
| 1339 | 1340 | ||
| 1340 | static int | 1341 | static int |
| 1341 | ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, | 1342 | ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, |
| 1342 | struct ecryptfs_crypt_stat *crypt_stat, | ||
| 1343 | char *page_virt, size_t size) | 1343 | char *page_virt, size_t size) |
| 1344 | { | 1344 | { |
| 1345 | int rc; | 1345 | int rc; |
| @@ -1349,6 +1349,17 @@ ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, | |||
| 1349 | return rc; | 1349 | return rc; |
| 1350 | } | 1350 | } |
| 1351 | 1351 | ||
| 1352 | static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask, | ||
| 1353 | unsigned int order) | ||
| 1354 | { | ||
| 1355 | struct page *page; | ||
| 1356 | |||
| 1357 | page = alloc_pages(gfp_mask | __GFP_ZERO, order); | ||
| 1358 | if (page) | ||
| 1359 | return (unsigned long) page_address(page); | ||
| 1360 | return 0; | ||
| 1361 | } | ||
| 1362 | |||
| 1352 | /** | 1363 | /** |
| 1353 | * ecryptfs_write_metadata | 1364 | * ecryptfs_write_metadata |
| 1354 | * @ecryptfs_dentry: The eCryptfs dentry | 1365 | * @ecryptfs_dentry: The eCryptfs dentry |
| @@ -1365,7 +1376,9 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry) | |||
| 1365 | { | 1376 | { |
| 1366 | struct ecryptfs_crypt_stat *crypt_stat = | 1377 | struct ecryptfs_crypt_stat *crypt_stat = |
| 1367 | &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; | 1378 | &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; |
| 1379 | unsigned int order; | ||
| 1368 | char *virt; | 1380 | char *virt; |
| 1381 | size_t virt_len; | ||
| 1369 | size_t size = 0; | 1382 | size_t size = 0; |
| 1370 | int rc = 0; | 1383 | int rc = 0; |
| 1371 | 1384 | ||
| @@ -1381,33 +1394,35 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry) | |||
| 1381 | rc = -EINVAL; | 1394 | rc = -EINVAL; |
| 1382 | goto out; | 1395 | goto out; |
| 1383 | } | 1396 | } |
| 1397 | virt_len = crypt_stat->num_header_bytes_at_front; | ||
| 1398 | order = get_order(virt_len); | ||
| 1384 | /* Released in this function */ | 1399 | /* Released in this function */ |
| 1385 | virt = (char *)get_zeroed_page(GFP_KERNEL); | 1400 | virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order); |
| 1386 | if (!virt) { | 1401 | if (!virt) { |
| 1387 | printk(KERN_ERR "%s: Out of memory\n", __func__); | 1402 | printk(KERN_ERR "%s: Out of memory\n", __func__); |
| 1388 | rc = -ENOMEM; | 1403 | rc = -ENOMEM; |
| 1389 | goto out; | 1404 | goto out; |
| 1390 | } | 1405 | } |
| 1391 | rc = ecryptfs_write_headers_virt(virt, PAGE_CACHE_SIZE, &size, | 1406 | rc = ecryptfs_write_headers_virt(virt, virt_len, &size, crypt_stat, |
| 1392 | crypt_stat, ecryptfs_dentry); | 1407 | ecryptfs_dentry); |
| 1393 | if (unlikely(rc)) { | 1408 | if (unlikely(rc)) { |
| 1394 | printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", | 1409 | printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", |
| 1395 | __func__, rc); | 1410 | __func__, rc); |
| 1396 | goto out_free; | 1411 | goto out_free; |
| 1397 | } | 1412 | } |
| 1398 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) | 1413 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
| 1399 | rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, | 1414 | rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, virt, |
| 1400 | crypt_stat, virt, size); | 1415 | size); |
| 1401 | else | 1416 | else |
| 1402 | rc = ecryptfs_write_metadata_to_contents(crypt_stat, | 1417 | rc = ecryptfs_write_metadata_to_contents(ecryptfs_dentry, virt, |
| 1403 | ecryptfs_dentry, virt); | 1418 | virt_len); |
| 1404 | if (rc) { | 1419 | if (rc) { |
| 1405 | printk(KERN_ERR "%s: Error writing metadata out to lower file; " | 1420 | printk(KERN_ERR "%s: Error writing metadata out to lower file; " |
| 1406 | "rc = [%d]\n", __func__, rc); | 1421 | "rc = [%d]\n", __func__, rc); |
| 1407 | goto out_free; | 1422 | goto out_free; |
| 1408 | } | 1423 | } |
| 1409 | out_free: | 1424 | out_free: |
| 1410 | free_page((unsigned long)virt); | 1425 | free_pages((unsigned long)virt, order); |
| 1411 | out: | 1426 | out: |
| 1412 | return rc; | 1427 | return rc; |
| 1413 | } | 1428 | } |
| @@ -2206,17 +2221,19 @@ int ecryptfs_decode_and_decrypt_filename(char **plaintext_name, | |||
| 2206 | struct dentry *ecryptfs_dir_dentry, | 2221 | struct dentry *ecryptfs_dir_dentry, |
| 2207 | const char *name, size_t name_size) | 2222 | const char *name, size_t name_size) |
| 2208 | { | 2223 | { |
| 2224 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = | ||
| 2225 | &ecryptfs_superblock_to_private( | ||
| 2226 | ecryptfs_dir_dentry->d_sb)->mount_crypt_stat; | ||
| 2209 | char *decoded_name; | 2227 | char *decoded_name; |
| 2210 | size_t decoded_name_size; | 2228 | size_t decoded_name_size; |
| 2211 | size_t packet_size; | 2229 | size_t packet_size; |
| 2212 | int rc = 0; | 2230 | int rc = 0; |
| 2213 | 2231 | ||
| 2214 | if ((name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) | 2232 | if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) |
| 2233 | && !(mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) | ||
| 2234 | && (name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) | ||
| 2215 | && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, | 2235 | && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, |
| 2216 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) { | 2236 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) { |
| 2217 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = | ||
| 2218 | &ecryptfs_superblock_to_private( | ||
| 2219 | ecryptfs_dir_dentry->d_sb)->mount_crypt_stat; | ||
| 2220 | const char *orig_name = name; | 2237 | const char *orig_name = name; |
| 2221 | size_t orig_name_size = name_size; | 2238 | size_t orig_name_size = name_size; |
| 2222 | 2239 | ||