aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs/main.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/ecryptfs/main.c')
-rw-r--r--fs/ecryptfs/main.c74
1 files changed, 69 insertions, 5 deletions
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index fe41ab1566ee..26fe405a5763 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -3,9 +3,10 @@
3 * 3 *
4 * Copyright (C) 1997-2003 Erez Zadok 4 * Copyright (C) 1997-2003 Erez Zadok
5 * Copyright (C) 2001-2003 Stony Brook University 5 * Copyright (C) 2001-2003 Stony Brook University
6 * Copyright (C) 2004-2006 International Business Machines Corp. 6 * Copyright (C) 2004-2007 International Business Machines Corp.
7 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 7 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
8 * Michael C. Thompson <mcthomps@us.ibm.com> 8 * Michael C. Thompson <mcthomps@us.ibm.com>
9 * Tyler Hicks <tyhicks@ou.edu>
9 * 10 *
10 * This program is free software; you can redistribute it and/or 11 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License as 12 * modify it under the terms of the GNU General Public License as
@@ -48,6 +49,43 @@ MODULE_PARM_DESC(ecryptfs_verbosity,
48 "Initial verbosity level (0 or 1; defaults to " 49 "Initial verbosity level (0 or 1; defaults to "
49 "0, which is Quiet)"); 50 "0, which is Quiet)");
50 51
52/**
53 * Module parameter that defines the number of netlink message buffer
54 * elements
55 */
56unsigned int ecryptfs_message_buf_len = ECRYPTFS_DEFAULT_MSG_CTX_ELEMS;
57
58module_param(ecryptfs_message_buf_len, uint, 0);
59MODULE_PARM_DESC(ecryptfs_message_buf_len,
60 "Number of message buffer elements");
61
62/**
63 * Module parameter that defines the maximum guaranteed amount of time to wait
64 * for a response through netlink. The actual sleep time will be, more than
65 * likely, a small amount greater than this specified value, but only less if
66 * the netlink message successfully arrives.
67 */
68signed long ecryptfs_message_wait_timeout = ECRYPTFS_MAX_MSG_CTX_TTL / HZ;
69
70module_param(ecryptfs_message_wait_timeout, long, 0);
71MODULE_PARM_DESC(ecryptfs_message_wait_timeout,
72 "Maximum number of seconds that an operation will "
73 "sleep while waiting for a message response from "
74 "userspace");
75
76/**
77 * Module parameter that is an estimate of the maximum number of users
78 * that will be concurrently using eCryptfs. Set this to the right
79 * value to balance performance and memory use.
80 */
81unsigned int ecryptfs_number_of_users = ECRYPTFS_DEFAULT_NUM_USERS;
82
83module_param(ecryptfs_number_of_users, uint, 0);
84MODULE_PARM_DESC(ecryptfs_number_of_users, "An estimate of the number of "
85 "concurrent users of eCryptfs");
86
87unsigned int ecryptfs_transport = ECRYPTFS_DEFAULT_TRANSPORT;
88
51void __ecryptfs_printk(const char *fmt, ...) 89void __ecryptfs_printk(const char *fmt, ...)
52{ 90{
53 va_list args; 91 va_list args;
@@ -124,7 +162,8 @@ out:
124enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig, ecryptfs_opt_debug, 162enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig, ecryptfs_opt_debug,
125 ecryptfs_opt_ecryptfs_debug, ecryptfs_opt_cipher, 163 ecryptfs_opt_ecryptfs_debug, ecryptfs_opt_cipher,
126 ecryptfs_opt_ecryptfs_cipher, ecryptfs_opt_ecryptfs_key_bytes, 164 ecryptfs_opt_ecryptfs_cipher, ecryptfs_opt_ecryptfs_key_bytes,
127 ecryptfs_opt_passthrough, ecryptfs_opt_err }; 165 ecryptfs_opt_passthrough, ecryptfs_opt_xattr_metadata,
166 ecryptfs_opt_encrypted_view, ecryptfs_opt_err };
128 167
129static match_table_t tokens = { 168static match_table_t tokens = {
130 {ecryptfs_opt_sig, "sig=%s"}, 169 {ecryptfs_opt_sig, "sig=%s"},
@@ -135,6 +174,8 @@ static match_table_t tokens = {
135 {ecryptfs_opt_ecryptfs_cipher, "ecryptfs_cipher=%s"}, 174 {ecryptfs_opt_ecryptfs_cipher, "ecryptfs_cipher=%s"},
136 {ecryptfs_opt_ecryptfs_key_bytes, "ecryptfs_key_bytes=%u"}, 175 {ecryptfs_opt_ecryptfs_key_bytes, "ecryptfs_key_bytes=%u"},
137 {ecryptfs_opt_passthrough, "ecryptfs_passthrough"}, 176 {ecryptfs_opt_passthrough, "ecryptfs_passthrough"},
177 {ecryptfs_opt_xattr_metadata, "ecryptfs_xattr_metadata"},
178 {ecryptfs_opt_encrypted_view, "ecryptfs_encrypted_view"},
138 {ecryptfs_opt_err, NULL} 179 {ecryptfs_opt_err, NULL}
139}; 180};
140 181
@@ -275,6 +316,16 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
275 mount_crypt_stat->flags |= 316 mount_crypt_stat->flags |=
276 ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED; 317 ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED;
277 break; 318 break;
319 case ecryptfs_opt_xattr_metadata:
320 mount_crypt_stat->flags |=
321 ECRYPTFS_XATTR_METADATA_ENABLED;
322 break;
323 case ecryptfs_opt_encrypted_view:
324 mount_crypt_stat->flags |=
325 ECRYPTFS_XATTR_METADATA_ENABLED;
326 mount_crypt_stat->flags |=
327 ECRYPTFS_ENCRYPTED_VIEW_ENABLED;
328 break;
278 case ecryptfs_opt_err: 329 case ecryptfs_opt_err:
279 default: 330 default:
280 ecryptfs_printk(KERN_WARNING, 331 ecryptfs_printk(KERN_WARNING,
@@ -347,9 +398,10 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
347 rc = -EINVAL; 398 rc = -EINVAL;
348 goto out; 399 goto out;
349 } 400 }
350 if (auth_tok->token_type != ECRYPTFS_PASSWORD) { 401 if (auth_tok->token_type != ECRYPTFS_PASSWORD
402 && auth_tok->token_type != ECRYPTFS_PRIVATE_KEY) {
351 ecryptfs_printk(KERN_ERR, "Invalid auth_tok structure " 403 ecryptfs_printk(KERN_ERR, "Invalid auth_tok structure "
352 "returned from key\n"); 404 "returned from key query\n");
353 rc = -EINVAL; 405 rc = -EINVAL;
354 goto out; 406 goto out;
355 } 407 }
@@ -590,6 +642,11 @@ static struct ecryptfs_cache_info {
590 .size = PAGE_CACHE_SIZE, 642 .size = PAGE_CACHE_SIZE,
591 }, 643 },
592 { 644 {
645 .cache = &ecryptfs_xattr_cache,
646 .name = "ecryptfs_xattr_cache",
647 .size = PAGE_CACHE_SIZE,
648 },
649 {
593 .cache = &ecryptfs_lower_page_cache, 650 .cache = &ecryptfs_lower_page_cache,
594 .name = "ecryptfs_lower_page_cache", 651 .name = "ecryptfs_lower_page_cache",
595 .size = PAGE_CACHE_SIZE, 652 .size = PAGE_CACHE_SIZE,
@@ -695,7 +752,8 @@ static struct ecryptfs_version_str_map_elem {
695 {ECRYPTFS_VERSIONING_PASSPHRASE, "passphrase"}, 752 {ECRYPTFS_VERSIONING_PASSPHRASE, "passphrase"},
696 {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"}, 753 {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"},
697 {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"}, 754 {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"},
698 {ECRYPTFS_VERSIONING_POLICY, "policy"} 755 {ECRYPTFS_VERSIONING_POLICY, "policy"},
756 {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"}
699}; 757};
700 758
701static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff) 759static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff)
@@ -794,6 +852,11 @@ static int __init ecryptfs_init(void)
794 ecryptfs_free_kmem_caches(); 852 ecryptfs_free_kmem_caches();
795 goto out; 853 goto out;
796 } 854 }
855 rc = ecryptfs_init_messaging(ecryptfs_transport);
856 if (rc) {
857 ecryptfs_printk(KERN_ERR, "Failure occured while attempting to "
858 "initialize the eCryptfs netlink socket\n");
859 }
797out: 860out:
798 return rc; 861 return rc;
799} 862}
@@ -805,6 +868,7 @@ static void __exit ecryptfs_exit(void)
805 sysfs_remove_file(&ecryptfs_subsys.kset.kobj, 868 sysfs_remove_file(&ecryptfs_subsys.kset.kobj,
806 &sysfs_attr_version_str.attr); 869 &sysfs_attr_version_str.attr);
807 subsystem_unregister(&ecryptfs_subsys); 870 subsystem_unregister(&ecryptfs_subsys);
871 ecryptfs_release_messaging(ecryptfs_transport);
808 unregister_filesystem(&ecryptfs_fs_type); 872 unregister_filesystem(&ecryptfs_fs_type);
809 ecryptfs_free_kmem_caches(); 873 ecryptfs_free_kmem_caches();
810} 874}
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-20 21:12:36 -0400