1 files changed, 98 insertions, 3 deletions
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 0f897109759b..508648efa447 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -6,6 +6,8 @@
 * Copyright (C) 2001-2003 Stony Brook University
 * Copyright (C) 2004-2006 International Business Machines Corp.
 *   Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
+ *              Trevor S. Highland <trevor.highland@gmail.com>
+ *              Tyler Hicks <tyhicks@ou.edu>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
@@ -35,7 +37,7 @@
 /* Version verification for shared data structures w/ userspace */
 #define ECRYPTFS_VERSION_MAJOR 0x00
 #define ECRYPTFS_VERSION_MINOR 0x04
-#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x01
+#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x02
 /* These flags indicate which features are supported by the kernel
 * module; userspace tools such as the mount helper read
 * ECRYPTFS_VERSIONING_MASK from a sysfs handle in order to determine
@@ -60,10 +62,24 @@
 #define ECRYPTFS_MAX_KEY_BYTES 64
 #define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512
 #define ECRYPTFS_DEFAULT_IV_BYTES 16
-#define ECRYPTFS_FILE_VERSION 0x01
+#define ECRYPTFS_FILE_VERSION 0x02
 #define ECRYPTFS_DEFAULT_HEADER_EXTENT_SIZE 8192
 #define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096
 #define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192
+#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32
+#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ
+#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3)
+#define ECRYPTFS_NLMSG_HELO 100
+#define ECRYPTFS_NLMSG_QUIT 101
+#define ECRYPTFS_NLMSG_REQUEST 102
+#define ECRYPTFS_NLMSG_RESPONSE 103
+#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
+#define ECRYPTFS_DEFAULT_NUM_USERS 4
+#define ECRYPTFS_MAX_NUM_USERS 32768
+#define ECRYPTFS_TRANSPORT_NETLINK 0
+#define ECRYPTFS_TRANSPORT_CONNECTOR 1
+#define ECRYPTFS_TRANSPORT_RELAYFS 2
+#define ECRYPTFS_DEFAULT_TRANSPORT ECRYPTFS_TRANSPORT_NETLINK
 #define RFC2440_CIPHER_DES3_EDE 0x02
 #define RFC2440_CIPHER_CAST_5 0x03
@@ -77,6 +93,7 @@
 #define ECRYPTFS_SET_FLAG(flag_bit_vector, flag) (flag_bit_vector |= (flag))
 #define ECRYPTFS_CLEAR_FLAG(flag_bit_vector, flag) (flag_bit_vector &= ~(flag))
 #define ECRYPTFS_CHECK_FLAG(flag_bit_vector, flag) (flag_bit_vector & (flag))
+#define RFC2440_CIPHER_RSA 0x01
 /**
 * For convenience, we may need to pass around the encrypted session
@@ -114,6 +131,14 @@ struct ecryptfs_password {
 enum ecryptfs_token_types {ECRYPTFS_PASSWORD, ECRYPTFS_PRIVATE_KEY};
+struct ecryptfs_private_key {
+        u32 key_size;
+        u32 data_len;
+        u8 signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
+        char pki_type[ECRYPTFS_MAX_PKI_NAME_BYTES + 1];
+        u8 data[];
+};
 /* May be a password or a private key */
 struct ecryptfs_auth_tok {
        u16 version; /* 8-bit major and 8-bit minor */
@@ -123,7 +148,7 @@ struct ecryptfs_auth_tok {
        u8 reserved[32];
        union {
                struct ecryptfs_password password;
-                /* Private key is in future eCryptfs releases */
+                struct ecryptfs_private_key private_key;
        } token;
 } __attribute__ ((packed));
@@ -177,8 +202,13 @@ ecryptfs_get_key_payload_data(struct key *key)
 #define ECRYPTFS_DEFAULT_CIPHER "aes"
 #define ECRYPTFS_DEFAULT_KEY_BYTES 16
 #define ECRYPTFS_DEFAULT_HASH "md5"
+#define ECRYPTFS_TAG_1_PACKET_TYPE 0x01
 #define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C
 #define ECRYPTFS_TAG_11_PACKET_TYPE 0xED
+#define ECRYPTFS_TAG_64_PACKET_TYPE 0x40
+#define ECRYPTFS_TAG_65_PACKET_TYPE 0x41
+#define ECRYPTFS_TAG_66_PACKET_TYPE 0x42
+#define ECRYPTFS_TAG_67_PACKET_TYPE 0x43
 #define MD5_DIGEST_SIZE 16
 /**
@@ -271,6 +301,45 @@ struct ecryptfs_auth_tok_list_item {
        struct ecryptfs_auth_tok auth_tok;
 };
+struct ecryptfs_message {
+        u32 index;
+        u32 data_len;
+        u8 data[];
+};
+struct ecryptfs_msg_ctx {
+#define ECRYPTFS_MSG_CTX_STATE_FREE      0x0001
+#define ECRYPTFS_MSG_CTX_STATE_PENDING   0x0002
+#define ECRYPTFS_MSG_CTX_STATE_DONE      0x0003
+        u32 state;
+        unsigned int index;
+        unsigned int counter;
+        struct ecryptfs_message *msg;
+        struct task_struct *task;
+        struct list_head node;
+        struct mutex mux;
+};
+extern struct list_head ecryptfs_msg_ctx_free_list;
+extern struct list_head ecryptfs_msg_ctx_alloc_list;
+extern struct mutex ecryptfs_msg_ctx_lists_mux;
+#define ecryptfs_uid_hash(uid) \
+        hash_long((unsigned long)uid, ecryptfs_hash_buckets)
+extern struct hlist_head *ecryptfs_daemon_id_hash;
+extern struct mutex ecryptfs_daemon_id_hash_mux;
+extern int ecryptfs_hash_buckets;
+extern unsigned int ecryptfs_msg_counter;
+extern struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
+extern unsigned int ecryptfs_transport;
+struct ecryptfs_daemon_id {
+        pid_t pid;
+        uid_t uid;
+        struct hlist_node id_chain;
+};
 static inline struct ecryptfs_file_info *
 ecryptfs_file_to_private(struct file *file)
 {
@@ -391,6 +460,9 @@ extern struct super_operations ecryptfs_sops;
 extern struct dentry_operations ecryptfs_dops;
 extern struct address_space_operations ecryptfs_aops;
 extern int ecryptfs_verbosity;
+extern unsigned int ecryptfs_message_buf_len;
+extern signed long ecryptfs_message_wait_timeout;
+extern unsigned int ecryptfs_number_of_users;
 extern struct kmem_cache *ecryptfs_auth_tok_list_item_cache;
 extern struct kmem_cache *ecryptfs_file_info_cache;
@@ -484,4 +556,27 @@ int ecryptfs_open_lower_file(struct file **lower_file,
                             struct vfsmount *lower_mnt, int flags);
 int ecryptfs_close_lower_file(struct file *lower_file);
+int ecryptfs_process_helo(unsigned int transport, uid_t uid, pid_t pid);
+int ecryptfs_process_quit(uid_t uid, pid_t pid);
+int ecryptfs_process_response(struct ecryptfs_message *msg, pid_t pid, u32 seq);
+int ecryptfs_send_message(unsigned int transport, char *data, int data_len,
+                          struct ecryptfs_msg_ctx **msg_ctx);
+int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
+                               struct ecryptfs_message **emsg);
+int ecryptfs_init_messaging(unsigned int transport);
+void ecryptfs_release_messaging(unsigned int transport);
+int ecryptfs_send_netlink(char *data, int data_len,
+                          struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type,
+                          u16 msg_flags, pid_t daemon_pid);
+int ecryptfs_init_netlink(void);
+void ecryptfs_release_netlink(void);
+int ecryptfs_send_connector(char *data, int data_len,
+                            struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type,
+                            u16 msg_flags, pid_t daemon_pid);
+int ecryptfs_init_connector(void);
+void ecryptfs_release_connector(void);
 #endif /* #ifndef ECRYPTFS_KERNEL_H */

diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index 0f897109759b..508648efa447 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -6,6 +6,8 @@
6	* Copyright (C) 2001-2003 Stony Brook University	6	* Copyright (C) 2001-2003 Stony Brook University
7	* Copyright (C) 2004-2006 International Business Machines Corp.	7	* Copyright (C) 2004-2006 International Business Machines Corp.
8	* Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>	8	* Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
		9	* Trevor S. Highland <trevor.highland@gmail.com>
		10	* Tyler Hicks <tyhicks@ou.edu>
9	*	11	*
10	* This program is free software; you can redistribute it and/or	12	* This program is free software; you can redistribute it and/or
11	* modify it under the terms of the GNU General Public License as	13	* modify it under the terms of the GNU General Public License as
@@ -35,7 +37,7 @@
35	/* Version verification for shared data structures w/ userspace */	37	/* Version verification for shared data structures w/ userspace */
36	#define ECRYPTFS_VERSION_MAJOR 0x00	38	#define ECRYPTFS_VERSION_MAJOR 0x00
37	#define ECRYPTFS_VERSION_MINOR 0x04	39	#define ECRYPTFS_VERSION_MINOR 0x04
38	#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x01	40	#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x02
39	/* These flags indicate which features are supported by the kernel	41	/* These flags indicate which features are supported by the kernel
40	* module; userspace tools such as the mount helper read	42	* module; userspace tools such as the mount helper read
41	* ECRYPTFS_VERSIONING_MASK from a sysfs handle in order to determine	43	* ECRYPTFS_VERSIONING_MASK from a sysfs handle in order to determine
@@ -60,10 +62,24 @@
60	#define ECRYPTFS_MAX_KEY_BYTES 64	62	#define ECRYPTFS_MAX_KEY_BYTES 64
61	#define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512	63	#define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512
62	#define ECRYPTFS_DEFAULT_IV_BYTES 16	64	#define ECRYPTFS_DEFAULT_IV_BYTES 16
63	#define ECRYPTFS_FILE_VERSION 0x01	65	#define ECRYPTFS_FILE_VERSION 0x02
64	#define ECRYPTFS_DEFAULT_HEADER_EXTENT_SIZE 8192	66	#define ECRYPTFS_DEFAULT_HEADER_EXTENT_SIZE 8192
65	#define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096	67	#define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096
66	#define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192	68	#define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192
		69	#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32
		70	#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ
		71	#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3)
		72	#define ECRYPTFS_NLMSG_HELO 100
		73	#define ECRYPTFS_NLMSG_QUIT 101
		74	#define ECRYPTFS_NLMSG_REQUEST 102
		75	#define ECRYPTFS_NLMSG_RESPONSE 103
		76	#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
		77	#define ECRYPTFS_DEFAULT_NUM_USERS 4
		78	#define ECRYPTFS_MAX_NUM_USERS 32768
		79	#define ECRYPTFS_TRANSPORT_NETLINK 0
		80	#define ECRYPTFS_TRANSPORT_CONNECTOR 1
		81	#define ECRYPTFS_TRANSPORT_RELAYFS 2
		82	#define ECRYPTFS_DEFAULT_TRANSPORT ECRYPTFS_TRANSPORT_NETLINK
67		83
68	#define RFC2440_CIPHER_DES3_EDE 0x02	84	#define RFC2440_CIPHER_DES3_EDE 0x02
69	#define RFC2440_CIPHER_CAST_5 0x03	85	#define RFC2440_CIPHER_CAST_5 0x03
@@ -77,6 +93,7 @@
77	#define ECRYPTFS_SET_FLAG(flag_bit_vector, flag) (flag_bit_vector \|= (flag))	93	#define ECRYPTFS_SET_FLAG(flag_bit_vector, flag) (flag_bit_vector \|= (flag))
78	#define ECRYPTFS_CLEAR_FLAG(flag_bit_vector, flag) (flag_bit_vector &= ~(flag))	94	#define ECRYPTFS_CLEAR_FLAG(flag_bit_vector, flag) (flag_bit_vector &= ~(flag))
79	#define ECRYPTFS_CHECK_FLAG(flag_bit_vector, flag) (flag_bit_vector & (flag))	95	#define ECRYPTFS_CHECK_FLAG(flag_bit_vector, flag) (flag_bit_vector & (flag))
		96	#define RFC2440_CIPHER_RSA 0x01
80		97
81	/**	98	/**
82	* For convenience, we may need to pass around the encrypted session	99	* For convenience, we may need to pass around the encrypted session
@@ -114,6 +131,14 @@ struct ecryptfs_password {
114		131
115	enum ecryptfs_token_types {ECRYPTFS_PASSWORD, ECRYPTFS_PRIVATE_KEY};	132	enum ecryptfs_token_types {ECRYPTFS_PASSWORD, ECRYPTFS_PRIVATE_KEY};
116		133
		134	struct ecryptfs_private_key {
		135	u32 key_size;
		136	u32 data_len;
		137	u8 signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
		138	char pki_type[ECRYPTFS_MAX_PKI_NAME_BYTES + 1];
		139	u8 data[];
		140	};
		141
117	/* May be a password or a private key */	142	/* May be a password or a private key */
118	struct ecryptfs_auth_tok {	143	struct ecryptfs_auth_tok {
119	u16 version; /* 8-bit major and 8-bit minor */	144	u16 version; /* 8-bit major and 8-bit minor */
@@ -123,7 +148,7 @@ struct ecryptfs_auth_tok {
123	u8 reserved[32];	148	u8 reserved[32];
124	union {	149	union {
125	struct ecryptfs_password password;	150	struct ecryptfs_password password;
126	/* Private key is in future eCryptfs releases */	151	struct ecryptfs_private_key private_key;
127	} token;	152	} token;
128	} __attribute__ ((packed));	153	} __attribute__ ((packed));
129		154
@@ -177,8 +202,13 @@ ecryptfs_get_key_payload_data(struct key *key)
177	#define ECRYPTFS_DEFAULT_CIPHER "aes"	202	#define ECRYPTFS_DEFAULT_CIPHER "aes"
178	#define ECRYPTFS_DEFAULT_KEY_BYTES 16	203	#define ECRYPTFS_DEFAULT_KEY_BYTES 16
179	#define ECRYPTFS_DEFAULT_HASH "md5"	204	#define ECRYPTFS_DEFAULT_HASH "md5"
		205	#define ECRYPTFS_TAG_1_PACKET_TYPE 0x01
180	#define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C	206	#define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C
181	#define ECRYPTFS_TAG_11_PACKET_TYPE 0xED	207	#define ECRYPTFS_TAG_11_PACKET_TYPE 0xED
		208	#define ECRYPTFS_TAG_64_PACKET_TYPE 0x40
		209	#define ECRYPTFS_TAG_65_PACKET_TYPE 0x41
		210	#define ECRYPTFS_TAG_66_PACKET_TYPE 0x42
		211	#define ECRYPTFS_TAG_67_PACKET_TYPE 0x43
182	#define MD5_DIGEST_SIZE 16	212	#define MD5_DIGEST_SIZE 16
183		213
184	/**	214	/**
@@ -271,6 +301,45 @@ struct ecryptfs_auth_tok_list_item {
271	struct ecryptfs_auth_tok auth_tok;	301	struct ecryptfs_auth_tok auth_tok;
272	};	302	};
273		303
		304	struct ecryptfs_message {
		305	u32 index;
		306	u32 data_len;
		307	u8 data[];
		308	};
		309
		310	struct ecryptfs_msg_ctx {
		311	#define ECRYPTFS_MSG_CTX_STATE_FREE 0x0001
		312	#define ECRYPTFS_MSG_CTX_STATE_PENDING 0x0002
		313	#define ECRYPTFS_MSG_CTX_STATE_DONE 0x0003
		314	u32 state;
		315	unsigned int index;
		316	unsigned int counter;
		317	struct ecryptfs_message *msg;
		318	struct task_struct *task;
		319	struct list_head node;
		320	struct mutex mux;
		321	};
		322
		323	extern struct list_head ecryptfs_msg_ctx_free_list;
		324	extern struct list_head ecryptfs_msg_ctx_alloc_list;
		325	extern struct mutex ecryptfs_msg_ctx_lists_mux;
		326
		327	#define ecryptfs_uid_hash(uid) \
		328	hash_long((unsigned long)uid, ecryptfs_hash_buckets)
		329	extern struct hlist_head *ecryptfs_daemon_id_hash;
		330	extern struct mutex ecryptfs_daemon_id_hash_mux;
		331	extern int ecryptfs_hash_buckets;
		332
		333	extern unsigned int ecryptfs_msg_counter;
		334	extern struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
		335	extern unsigned int ecryptfs_transport;
		336
		337	struct ecryptfs_daemon_id {
		338	pid_t pid;
		339	uid_t uid;
		340	struct hlist_node id_chain;
		341	};
		342
274	static inline struct ecryptfs_file_info *	343	static inline struct ecryptfs_file_info *
275	ecryptfs_file_to_private(struct file *file)	344	ecryptfs_file_to_private(struct file *file)
276	{	345	{
@@ -391,6 +460,9 @@ extern struct super_operations ecryptfs_sops;
391	extern struct dentry_operations ecryptfs_dops;	460	extern struct dentry_operations ecryptfs_dops;
392	extern struct address_space_operations ecryptfs_aops;	461	extern struct address_space_operations ecryptfs_aops;
393	extern int ecryptfs_verbosity;	462	extern int ecryptfs_verbosity;
		463	extern unsigned int ecryptfs_message_buf_len;
		464	extern signed long ecryptfs_message_wait_timeout;
		465	extern unsigned int ecryptfs_number_of_users;
394		466
395	extern struct kmem_cache *ecryptfs_auth_tok_list_item_cache;	467	extern struct kmem_cache *ecryptfs_auth_tok_list_item_cache;
396	extern struct kmem_cache *ecryptfs_file_info_cache;	468	extern struct kmem_cache *ecryptfs_file_info_cache;
@@ -484,4 +556,27 @@ int ecryptfs_open_lower_file(struct file **lower_file,
484	struct vfsmount *lower_mnt, int flags);	556	struct vfsmount *lower_mnt, int flags);
485	int ecryptfs_close_lower_file(struct file *lower_file);	557	int ecryptfs_close_lower_file(struct file *lower_file);
486		558
		559	int ecryptfs_process_helo(unsigned int transport, uid_t uid, pid_t pid);
		560	int ecryptfs_process_quit(uid_t uid, pid_t pid);
		561	int ecryptfs_process_response(struct ecryptfs_message *msg, pid_t pid, u32 seq);
		562	int ecryptfs_send_message(unsigned int transport, char *data, int data_len,
		563	struct ecryptfs_msg_ctx **msg_ctx);
		564	int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
		565	struct ecryptfs_message **emsg);
		566	int ecryptfs_init_messaging(unsigned int transport);
		567	void ecryptfs_release_messaging(unsigned int transport);
		568
		569	int ecryptfs_send_netlink(char *data, int data_len,
		570	struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type,
		571	u16 msg_flags, pid_t daemon_pid);
		572	int ecryptfs_init_netlink(void);
		573	void ecryptfs_release_netlink(void);
		574
		575	int ecryptfs_send_connector(char *data, int data_len,
		576	struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type,
		577	u16 msg_flags, pid_t daemon_pid);
		578	int ecryptfs_init_connector(void);
		579	void ecryptfs_release_connector(void);
		580
		581
487	#endif /* #ifndef ECRYPTFS_KERNEL_H */	582	#endif /* #ifndef ECRYPTFS_KERNEL_H */