aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs
diff options
context:
space:
mode:
Diffstat (limited to 'fs/ecryptfs')
-rw-r--r--fs/ecryptfs/Makefile2
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h79
-rw-r--r--fs/ecryptfs/keystore.c89
-rw-r--r--fs/ecryptfs/messaging.c479
-rw-r--r--fs/ecryptfs/miscdev.c4
-rw-r--r--fs/ecryptfs/netlink.c8
6 files changed, 435 insertions, 226 deletions
diff --git a/fs/ecryptfs/Makefile b/fs/ecryptfs/Makefile
index 768857015516..1e34a7fd4884 100644
--- a/fs/ecryptfs/Makefile
+++ b/fs/ecryptfs/Makefile
@@ -4,4 +4,4 @@
4 4
5obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o 5obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o
6 6
7ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o netlink.o debug.o 7ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o netlink.o miscdev.o debug.o
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 342e8d37b421..72e117706a68 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -4,7 +4,7 @@
4 * 4 *
5 * Copyright (C) 1997-2003 Erez Zadok 5 * Copyright (C) 1997-2003 Erez Zadok
6 * Copyright (C) 2001-2003 Stony Brook University 6 * Copyright (C) 2001-2003 Stony Brook University
7 * Copyright (C) 2004-2007 International Business Machines Corp. 7 * Copyright (C) 2004-2008 International Business Machines Corp.
8 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 8 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
9 * Trevor S. Highland <trevor.highland@gmail.com> 9 * Trevor S. Highland <trevor.highland@gmail.com>
10 * Tyler Hicks <tyhicks@ou.edu> 10 * Tyler Hicks <tyhicks@ou.edu>
@@ -49,11 +49,13 @@
49#define ECRYPTFS_VERSIONING_POLICY 0x00000008 49#define ECRYPTFS_VERSIONING_POLICY 0x00000008
50#define ECRYPTFS_VERSIONING_XATTR 0x00000010 50#define ECRYPTFS_VERSIONING_XATTR 0x00000010
51#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020 51#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020
52#define ECRYPTFS_VERSIONING_DEVMISC 0x00000040
52#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \ 53#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \
53 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \ 54 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \
54 | ECRYPTFS_VERSIONING_PUBKEY \ 55 | ECRYPTFS_VERSIONING_PUBKEY \
55 | ECRYPTFS_VERSIONING_XATTR \ 56 | ECRYPTFS_VERSIONING_XATTR \
56 | ECRYPTFS_VERSIONING_MULTKEY) 57 | ECRYPTFS_VERSIONING_MULTKEY \
58 | ECRYPTFS_VERSIONING_DEVMISC)
57#define ECRYPTFS_MAX_PASSWORD_LENGTH 64 59#define ECRYPTFS_MAX_PASSWORD_LENGTH 64
58#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH 60#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH
59#define ECRYPTFS_SALT_SIZE 8 61#define ECRYPTFS_SALT_SIZE 8
@@ -73,17 +75,14 @@
73#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32 75#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32
74#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ 76#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ
75#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3) 77#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3)
76#define ECRYPTFS_NLMSG_HELO 100
77#define ECRYPTFS_NLMSG_QUIT 101
78#define ECRYPTFS_NLMSG_REQUEST 102
79#define ECRYPTFS_NLMSG_RESPONSE 103
80#define ECRYPTFS_MAX_PKI_NAME_BYTES 16 78#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
81#define ECRYPTFS_DEFAULT_NUM_USERS 4 79#define ECRYPTFS_DEFAULT_NUM_USERS 4
82#define ECRYPTFS_MAX_NUM_USERS 32768 80#define ECRYPTFS_MAX_NUM_USERS 32768
83#define ECRYPTFS_TRANSPORT_NETLINK 0 81#define ECRYPTFS_TRANSPORT_NETLINK 0
84#define ECRYPTFS_TRANSPORT_CONNECTOR 1 82#define ECRYPTFS_TRANSPORT_CONNECTOR 1
85#define ECRYPTFS_TRANSPORT_RELAYFS 2 83#define ECRYPTFS_TRANSPORT_RELAYFS 2
86#define ECRYPTFS_DEFAULT_TRANSPORT ECRYPTFS_TRANSPORT_NETLINK 84#define ECRYPTFS_TRANSPORT_MISCDEV 3
85#define ECRYPTFS_DEFAULT_TRANSPORT ECRYPTFS_TRANSPORT_MISCDEV
87#define ECRYPTFS_XATTR_NAME "user.ecryptfs" 86#define ECRYPTFS_XATTR_NAME "user.ecryptfs"
88 87
89#define RFC2440_CIPHER_DES3_EDE 0x02 88#define RFC2440_CIPHER_DES3_EDE 0x02
@@ -366,32 +365,62 @@ struct ecryptfs_auth_tok_list_item {
366}; 365};
367 366
368struct ecryptfs_message { 367struct ecryptfs_message {
368 /* Can never be greater than ecryptfs_message_buf_len */
369 /* Used to find the parent msg_ctx */
370 /* Inherits from msg_ctx->index */
369 u32 index; 371 u32 index;
370 u32 data_len; 372 u32 data_len;
371 u8 data[]; 373 u8 data[];
372}; 374};
373 375
374struct ecryptfs_msg_ctx { 376struct ecryptfs_msg_ctx {
375#define ECRYPTFS_MSG_CTX_STATE_FREE 0x0001 377#define ECRYPTFS_MSG_CTX_STATE_FREE 0x01
376#define ECRYPTFS_MSG_CTX_STATE_PENDING 0x0002 378#define ECRYPTFS_MSG_CTX_STATE_PENDING 0x02
377#define ECRYPTFS_MSG_CTX_STATE_DONE 0x0003 379#define ECRYPTFS_MSG_CTX_STATE_DONE 0x03
378 u32 state; 380#define ECRYPTFS_MSG_CTX_STATE_NO_REPLY 0x04
379 unsigned int index; 381 u8 state;
380 unsigned int counter; 382#define ECRYPTFS_MSG_HELO 100
383#define ECRYPTFS_MSG_QUIT 101
384#define ECRYPTFS_MSG_REQUEST 102
385#define ECRYPTFS_MSG_RESPONSE 103
386 u8 type;
387 u32 index;
388 /* Counter converts to a sequence number. Each message sent
389 * out for which we expect a response has an associated
390 * sequence number. The response must have the same sequence
391 * number as the counter for the msg_stc for the message to be
392 * valid. */
393 u32 counter;
394 size_t msg_size;
381 struct ecryptfs_message *msg; 395 struct ecryptfs_message *msg;
382 struct task_struct *task; 396 struct task_struct *task;
383 struct list_head node; 397 struct list_head node;
398 struct list_head daemon_out_list;
384 struct mutex mux; 399 struct mutex mux;
385}; 400};
386 401
387extern unsigned int ecryptfs_transport; 402extern unsigned int ecryptfs_transport;
388 403
389struct ecryptfs_daemon_id { 404struct ecryptfs_daemon;
405
406struct ecryptfs_daemon {
407#define ECRYPTFS_DAEMON_IN_READ 0x00000001
408#define ECRYPTFS_DAEMON_IN_POLL 0x00000002
409#define ECRYPTFS_DAEMON_ZOMBIE 0x00000004
410#define ECRYPTFS_DAEMON_MISCDEV_OPEN 0x00000008
411 u32 flags;
412 u32 num_queued_msg_ctx;
390 pid_t pid; 413 pid_t pid;
391 uid_t uid; 414 uid_t euid;
392 struct hlist_node id_chain; 415 struct task_struct *task;
416 struct mutex mux;
417 struct list_head msg_ctx_out_queue;
418 wait_queue_head_t wait;
419 struct hlist_node euid_chain;
393}; 420};
394 421
422extern struct mutex ecryptfs_daemon_hash_mux;
423
395static inline struct ecryptfs_file_info * 424static inline struct ecryptfs_file_info *
396ecryptfs_file_to_private(struct file *file) 425ecryptfs_file_to_private(struct file *file)
397{ 426{
@@ -593,13 +622,13 @@ int ecryptfs_init_messaging(unsigned int transport);
593void ecryptfs_release_messaging(unsigned int transport); 622void ecryptfs_release_messaging(unsigned int transport);
594 623
595int ecryptfs_send_netlink(char *data, int data_len, 624int ecryptfs_send_netlink(char *data, int data_len,
596 struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type, 625 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
597 u16 msg_flags, pid_t daemon_pid); 626 u16 msg_flags, pid_t daemon_pid);
598int ecryptfs_init_netlink(void); 627int ecryptfs_init_netlink(void);
599void ecryptfs_release_netlink(void); 628void ecryptfs_release_netlink(void);
600 629
601int ecryptfs_send_connector(char *data, int data_len, 630int ecryptfs_send_connector(char *data, int data_len,
602 struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type, 631 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
603 u16 msg_flags, pid_t daemon_pid); 632 u16 msg_flags, pid_t daemon_pid);
604int ecryptfs_init_connector(void); 633int ecryptfs_init_connector(void);
605void ecryptfs_release_connector(void); 634void ecryptfs_release_connector(void);
@@ -642,5 +671,19 @@ int ecryptfs_read_lower_page_segment(struct page *page_for_ecryptfs,
642 size_t offset_in_page, size_t size, 671 size_t offset_in_page, size_t size,
643 struct inode *ecryptfs_inode); 672 struct inode *ecryptfs_inode);
644struct page *ecryptfs_get_locked_page(struct file *file, loff_t index); 673struct page *ecryptfs_get_locked_page(struct file *file, loff_t index);
674int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon);
675int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon, uid_t euid);
676int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
677 size_t *length_size);
678int ecryptfs_write_packet_length(char *dest, size_t size,
679 size_t *packet_size_length);
680int ecryptfs_init_ecryptfs_miscdev(void);
681void ecryptfs_destroy_ecryptfs_miscdev(void);
682int ecryptfs_send_miscdev(char *data, size_t data_size,
683 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
684 u16 msg_flags, struct ecryptfs_daemon *daemon);
685void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx);
686int
687ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, uid_t euid, pid_t pid);
645 688
646#endif /* #ifndef ECRYPTFS_KERNEL_H */ 689#endif /* #ifndef ECRYPTFS_KERNEL_H */
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 682b1b2482c2..e82b457180be 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -65,7 +65,7 @@ static int process_request_key_err(long err_code)
65} 65}
66 66
67/** 67/**
68 * parse_packet_length 68 * ecryptfs_parse_packet_length
69 * @data: Pointer to memory containing length at offset 69 * @data: Pointer to memory containing length at offset
70 * @size: This function writes the decoded size to this memory 70 * @size: This function writes the decoded size to this memory
71 * address; zero on error 71 * address; zero on error
@@ -73,8 +73,8 @@ static int process_request_key_err(long err_code)
73 * 73 *
74 * Returns zero on success; non-zero on error 74 * Returns zero on success; non-zero on error
75 */ 75 */
76static int parse_packet_length(unsigned char *data, size_t *size, 76int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
77 size_t *length_size) 77 size_t *length_size)
78{ 78{
79 int rc = 0; 79 int rc = 0;
80 80
@@ -105,7 +105,7 @@ out:
105} 105}
106 106
107/** 107/**
108 * write_packet_length 108 * ecryptfs_write_packet_length
109 * @dest: The byte array target into which to write the length. Must 109 * @dest: The byte array target into which to write the length. Must
110 * have at least 5 bytes allocated. 110 * have at least 5 bytes allocated.
111 * @size: The length to write. 111 * @size: The length to write.
@@ -114,8 +114,8 @@ out:
114 * 114 *
115 * Returns zero on success; non-zero on error. 115 * Returns zero on success; non-zero on error.
116 */ 116 */
117static int write_packet_length(char *dest, size_t size, 117int ecryptfs_write_packet_length(char *dest, size_t size,
118 size_t *packet_size_length) 118 size_t *packet_size_length)
119{ 119{
120 int rc = 0; 120 int rc = 0;
121 121
@@ -162,8 +162,8 @@ write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key,
162 goto out; 162 goto out;
163 } 163 }
164 message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE; 164 message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE;
165 rc = write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 165 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
166 &packet_size_len); 166 &packet_size_len);
167 if (rc) { 167 if (rc) {
168 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 168 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
169 "header; cannot generate packet length\n"); 169 "header; cannot generate packet length\n");
@@ -172,8 +172,9 @@ write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key,
172 i += packet_size_len; 172 i += packet_size_len;
173 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 173 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
174 i += ECRYPTFS_SIG_SIZE_HEX; 174 i += ECRYPTFS_SIG_SIZE_HEX;
175 rc = write_packet_length(&message[i], session_key->encrypted_key_size, 175 rc = ecryptfs_write_packet_length(&message[i],
176 &packet_size_len); 176 session_key->encrypted_key_size,
177 &packet_size_len);
177 if (rc) { 178 if (rc) {
178 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 179 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
179 "header; cannot generate packet length\n"); 180 "header; cannot generate packet length\n");
@@ -225,7 +226,7 @@ parse_tag_65_packet(struct ecryptfs_session_key *session_key, u8 *cipher_code,
225 rc = -EIO; 226 rc = -EIO;
226 goto out; 227 goto out;
227 } 228 }
228 rc = parse_packet_length(&data[i], &m_size, &data_len); 229 rc = ecryptfs_parse_packet_length(&data[i], &m_size, &data_len);
229 if (rc) { 230 if (rc) {
230 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 231 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
231 "rc = [%d]\n", rc); 232 "rc = [%d]\n", rc);
@@ -304,8 +305,8 @@ write_tag_66_packet(char *signature, u8 cipher_code,
304 goto out; 305 goto out;
305 } 306 }
306 message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE; 307 message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE;
307 rc = write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 308 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
308 &packet_size_len); 309 &packet_size_len);
309 if (rc) { 310 if (rc) {
310 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 311 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
311 "header; cannot generate packet length\n"); 312 "header; cannot generate packet length\n");
@@ -315,8 +316,8 @@ write_tag_66_packet(char *signature, u8 cipher_code,
315 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 316 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
316 i += ECRYPTFS_SIG_SIZE_HEX; 317 i += ECRYPTFS_SIG_SIZE_HEX;
317 /* The encrypted key includes 1 byte cipher code and 2 byte checksum */ 318 /* The encrypted key includes 1 byte cipher code and 2 byte checksum */
318 rc = write_packet_length(&message[i], crypt_stat->key_size + 3, 319 rc = ecryptfs_write_packet_length(&message[i], crypt_stat->key_size + 3,
319 &packet_size_len); 320 &packet_size_len);
320 if (rc) { 321 if (rc) {
321 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 322 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
322 "header; cannot generate packet length\n"); 323 "header; cannot generate packet length\n");
@@ -357,20 +358,25 @@ parse_tag_67_packet(struct ecryptfs_key_record *key_rec,
357 /* verify that everything through the encrypted FEK size is present */ 358 /* verify that everything through the encrypted FEK size is present */
358 if (message_len < 4) { 359 if (message_len < 4) {
359 rc = -EIO; 360 rc = -EIO;
361 printk(KERN_ERR "%s: message_len is [%Zd]; minimum acceptable "
362 "message length is [%d]\n", __func__, message_len, 4);
360 goto out; 363 goto out;
361 } 364 }
362 if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) { 365 if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) {
363 ecryptfs_printk(KERN_ERR, "Type should be ECRYPTFS_TAG_67\n");
364 rc = -EIO; 366 rc = -EIO;
367 printk(KERN_ERR "%s: Type should be ECRYPTFS_TAG_67\n",
368 __func__);
365 goto out; 369 goto out;
366 } 370 }
367 if (data[i++]) { 371 if (data[i++]) {
368 ecryptfs_printk(KERN_ERR, "Status indicator has non zero value"
369 " [%d]\n", data[i-1]);
370 rc = -EIO; 372 rc = -EIO;
373 printk(KERN_ERR "%s: Status indicator has non zero "
374 "value [%d]\n", __func__, data[i-1]);
375
371 goto out; 376 goto out;
372 } 377 }
373 rc = parse_packet_length(&data[i], &key_rec->enc_key_size, &data_len); 378 rc = ecryptfs_parse_packet_length(&data[i], &key_rec->enc_key_size,
379 &data_len);
374 if (rc) { 380 if (rc) {
375 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 381 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
376 "rc = [%d]\n", rc); 382 "rc = [%d]\n", rc);
@@ -378,17 +384,17 @@ parse_tag_67_packet(struct ecryptfs_key_record *key_rec,
378 } 384 }
379 i += data_len; 385 i += data_len;
380 if (message_len < (i + key_rec->enc_key_size)) { 386 if (message_len < (i + key_rec->enc_key_size)) {
381 ecryptfs_printk(KERN_ERR, "message_len [%d]; max len is [%d]\n",
382 message_len, (i + key_rec->enc_key_size));
383 rc = -EIO; 387 rc = -EIO;
388 printk(KERN_ERR "%s: message_len [%Zd]; max len is [%Zd]\n",
389 __func__, message_len, (i + key_rec->enc_key_size));
384 goto out; 390 goto out;
385 } 391 }
386 if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 392 if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
387 ecryptfs_printk(KERN_ERR, "Encrypted key_size [%d] larger than "
388 "the maximum key size [%d]\n",
389 key_rec->enc_key_size,
390 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
391 rc = -EIO; 393 rc = -EIO;
394 printk(KERN_ERR "%s: Encrypted key_size [%Zd] larger than "
395 "the maximum key size [%d]\n", __func__,
396 key_rec->enc_key_size,
397 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
392 goto out; 398 goto out;
393 } 399 }
394 memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size); 400 memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size);
@@ -445,7 +451,7 @@ decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
445 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key), 451 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key),
446 &netlink_message, &netlink_message_length); 452 &netlink_message, &netlink_message_length);
447 if (rc) { 453 if (rc) {
448 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet"); 454 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n");
449 goto out; 455 goto out;
450 } 456 }
451 rc = ecryptfs_send_message(ecryptfs_transport, netlink_message, 457 rc = ecryptfs_send_message(ecryptfs_transport, netlink_message,
@@ -570,8 +576,8 @@ parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat,
570 goto out; 576 goto out;
571 } 577 }
572 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 578 (*new_auth_tok) = &auth_tok_list_item->auth_tok;
573 rc = parse_packet_length(&data[(*packet_size)], &body_size, 579 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
574 &length_size); 580 &length_size);
575 if (rc) { 581 if (rc) {
576 printk(KERN_WARNING "Error parsing packet length; " 582 printk(KERN_WARNING "Error parsing packet length; "
577 "rc = [%d]\n", rc); 583 "rc = [%d]\n", rc);
@@ -704,8 +710,8 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
704 goto out; 710 goto out;
705 } 711 }
706 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 712 (*new_auth_tok) = &auth_tok_list_item->auth_tok;
707 rc = parse_packet_length(&data[(*packet_size)], &body_size, 713 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
708 &length_size); 714 &length_size);
709 if (rc) { 715 if (rc) {
710 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n", 716 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n",
711 rc); 717 rc);
@@ -852,8 +858,8 @@ parse_tag_11_packet(unsigned char *data, unsigned char *contents,
852 rc = -EINVAL; 858 rc = -EINVAL;
853 goto out; 859 goto out;
854 } 860 }
855 rc = parse_packet_length(&data[(*packet_size)], &body_size, 861 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
856 &length_size); 862 &length_size);
857 if (rc) { 863 if (rc) {
858 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 864 printk(KERN_WARNING "Invalid tag 11 packet format\n");
859 goto out; 865 goto out;
@@ -1405,8 +1411,8 @@ write_tag_1_packet(char *dest, size_t *remaining_bytes,
1405 auth_tok->token.private_key.key_size; 1411 auth_tok->token.private_key.key_size;
1406 rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec); 1412 rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec);
1407 if (rc) { 1413 if (rc) {
1408 ecryptfs_printk(KERN_ERR, "Failed to encrypt session key " 1414 printk(KERN_ERR "Failed to encrypt session key via a key "
1409 "via a pki"); 1415 "module; rc = [%d]\n", rc);
1410 goto out; 1416 goto out;
1411 } 1417 }
1412 if (ecryptfs_verbosity > 0) { 1418 if (ecryptfs_verbosity > 0) {
@@ -1430,8 +1436,9 @@ encrypted_session_key_set:
1430 goto out; 1436 goto out;
1431 } 1437 }
1432 dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE; 1438 dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE;
1433 rc = write_packet_length(&dest[(*packet_size)], (max_packet_size - 4), 1439 rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
1434 &packet_size_length); 1440 (max_packet_size - 4),
1441 &packet_size_length);
1435 if (rc) { 1442 if (rc) {
1436 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet " 1443 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet "
1437 "header; cannot generate packet length\n"); 1444 "header; cannot generate packet length\n");
@@ -1489,8 +1496,9 @@ write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents,
1489 goto out; 1496 goto out;
1490 } 1497 }
1491 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE; 1498 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE;
1492 rc = write_packet_length(&dest[(*packet_length)], 1499 rc = ecryptfs_write_packet_length(&dest[(*packet_length)],
1493 (max_packet_size - 4), &packet_size_length); 1500 (max_packet_size - 4),
1501 &packet_size_length);
1494 if (rc) { 1502 if (rc) {
1495 printk(KERN_ERR "Error generating tag 11 packet header; cannot " 1503 printk(KERN_ERR "Error generating tag 11 packet header; cannot "
1496 "generate packet length. rc = [%d]\n", rc); 1504 "generate packet length. rc = [%d]\n", rc);
@@ -1682,8 +1690,9 @@ encrypted_session_key_set:
1682 dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE; 1690 dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE;
1683 /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3) 1691 /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3)
1684 * to get the number of octets in the actual Tag 3 packet */ 1692 * to get the number of octets in the actual Tag 3 packet */
1685 rc = write_packet_length(&dest[(*packet_size)], (max_packet_size - 4), 1693 rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
1686 &packet_size_length); 1694 (max_packet_size - 4),
1695 &packet_size_length);
1687 if (rc) { 1696 if (rc) {
1688 printk(KERN_ERR "Error generating tag 3 packet header; cannot " 1697 printk(KERN_ERR "Error generating tag 3 packet header; cannot "
1689 "generate packet length. rc = [%d]\n", rc); 1698 "generate packet length. rc = [%d]\n", rc);
diff --git a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c
index 9cc2aec27b0d..c6038bd60897 100644
--- a/fs/ecryptfs/messaging.c
+++ b/fs/ecryptfs/messaging.c
@@ -1,7 +1,7 @@
1/** 1/**
2 * eCryptfs: Linux filesystem encryption layer 2 * eCryptfs: Linux filesystem encryption layer
3 * 3 *
4 * Copyright (C) 2004-2006 International Business Machines Corp. 4 * Copyright (C) 2004-2008 International Business Machines Corp.
5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
6 * Tyler Hicks <tyhicks@ou.edu> 6 * Tyler Hicks <tyhicks@ou.edu>
7 * 7 *
@@ -26,13 +26,13 @@ static LIST_HEAD(ecryptfs_msg_ctx_free_list);
26static LIST_HEAD(ecryptfs_msg_ctx_alloc_list); 26static LIST_HEAD(ecryptfs_msg_ctx_alloc_list);
27static struct mutex ecryptfs_msg_ctx_lists_mux; 27static struct mutex ecryptfs_msg_ctx_lists_mux;
28 28
29static struct hlist_head *ecryptfs_daemon_id_hash; 29static struct hlist_head *ecryptfs_daemon_hash;
30static struct mutex ecryptfs_daemon_id_hash_mux; 30struct mutex ecryptfs_daemon_hash_mux;
31static int ecryptfs_hash_buckets; 31static int ecryptfs_hash_buckets;
32#define ecryptfs_uid_hash(uid) \ 32#define ecryptfs_uid_hash(uid) \
33 hash_long((unsigned long)uid, ecryptfs_hash_buckets) 33 hash_long((unsigned long)uid, ecryptfs_hash_buckets)
34 34
35static unsigned int ecryptfs_msg_counter; 35static u32 ecryptfs_msg_counter;
36static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr; 36static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
37 37
38/** 38/**
@@ -40,9 +40,10 @@ static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
40 * @msg_ctx: The context that was acquired from the free list 40 * @msg_ctx: The context that was acquired from the free list
41 * 41 *
42 * Acquires a context element from the free list and locks the mutex 42 * Acquires a context element from the free list and locks the mutex
43 * on the context. Returns zero on success; non-zero on error or upon 43 * on the context. Sets the msg_ctx task to current. Returns zero on
44 * failure to acquire a free context element. Be sure to lock the 44 * success; non-zero on error or upon failure to acquire a free
45 * list mutex before calling. 45 * context element. Must be called with ecryptfs_msg_ctx_lists_mux
46 * held.
46 */ 47 */
47static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx) 48static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx)
48{ 49{
@@ -50,11 +51,11 @@ static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx)
50 int rc; 51 int rc;
51 52
52 if (list_empty(&ecryptfs_msg_ctx_free_list)) { 53 if (list_empty(&ecryptfs_msg_ctx_free_list)) {
53 ecryptfs_printk(KERN_WARNING, "The eCryptfs free " 54 printk(KERN_WARNING "%s: The eCryptfs free "
54 "context list is empty. It may be helpful to " 55 "context list is empty. It may be helpful to "
55 "specify the ecryptfs_message_buf_len " 56 "specify the ecryptfs_message_buf_len "
56 "parameter to be greater than the current " 57 "parameter to be greater than the current "
57 "value of [%d]\n", ecryptfs_message_buf_len); 58 "value of [%d]\n", __func__, ecryptfs_message_buf_len);
58 rc = -ENOMEM; 59 rc = -ENOMEM;
59 goto out; 60 goto out;
60 } 61 }
@@ -75,8 +76,7 @@ out:
75 * ecryptfs_msg_ctx_free_to_alloc 76 * ecryptfs_msg_ctx_free_to_alloc
76 * @msg_ctx: The context to move from the free list to the alloc list 77 * @msg_ctx: The context to move from the free list to the alloc list
77 * 78 *
78 * Be sure to lock the list mutex and the context mutex before 79 * Must be called with ecryptfs_msg_ctx_lists_mux held.
79 * calling.
80 */ 80 */
81static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx) 81static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx)
82{ 82{
@@ -89,36 +89,37 @@ static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx)
89 * ecryptfs_msg_ctx_alloc_to_free 89 * ecryptfs_msg_ctx_alloc_to_free
90 * @msg_ctx: The context to move from the alloc list to the free list 90 * @msg_ctx: The context to move from the alloc list to the free list
91 * 91 *
92 * Be sure to lock the list mutex and the context mutex before 92 * Must be called with ecryptfs_msg_ctx_lists_mux held.
93 * calling.
94 */ 93 */
95static void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx) 94void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx)
96{ 95{
97 list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list); 96 list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list);
98 if (msg_ctx->msg) 97 if (msg_ctx->msg)
99 kfree(msg_ctx->msg); 98 kfree(msg_ctx->msg);
99 msg_ctx->msg = NULL;
100 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE; 100 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE;
101} 101}
102 102
103/** 103/**
104 * ecryptfs_find_daemon_id 104 * ecryptfs_find_daemon_by_euid
105 * @uid: The user id which maps to the desired daemon id 105 * @euid: The effective user id which maps to the desired daemon id
106 * @id: If return value is zero, points to the desired daemon id 106 * @daemon: If return value is zero, points to the desired daemon pointer
107 * pointer
108 * 107 *
109 * Search the hash list for the given user id. Returns zero if the 108 * Must be called with ecryptfs_daemon_hash_mux held.
110 * user id exists in the list; non-zero otherwise. The daemon id hash 109 *
111 * mutex should be held before calling this function. 110 * Search the hash list for the given user id.
111 *
112 * Returns zero if the user id exists in the list; non-zero otherwise.
112 */ 113 */
113static int ecryptfs_find_daemon_id(uid_t uid, struct ecryptfs_daemon_id **id) 114int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon, uid_t euid)
114{ 115{
115 struct hlist_node *elem; 116 struct hlist_node *elem;
116 int rc; 117 int rc;
117 118
118 hlist_for_each_entry(*id, elem, 119 hlist_for_each_entry(*daemon, elem,
119 &ecryptfs_daemon_id_hash[ecryptfs_uid_hash(uid)], 120 &ecryptfs_daemon_hash[ecryptfs_uid_hash(euid)],
120 id_chain) { 121 euid_chain) {
121 if ((*id)->uid == uid) { 122 if ((*daemon)->euid == euid) {
122 rc = 0; 123 rc = 0;
123 goto out; 124 goto out;
124 } 125 }
@@ -128,181 +129,291 @@ out:
128 return rc; 129 return rc;
129} 130}
130 131
131static int ecryptfs_send_raw_message(unsigned int transport, u16 msg_type, 132static int
132 pid_t pid) 133ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len,
134 u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx);
135
136/**
137 * ecryptfs_send_raw_message
138 * @transport: Transport type
139 * @msg_type: Message type
140 * @daemon: Daemon struct for recipient of message
141 *
142 * A raw message is one that does not include an ecryptfs_message
143 * struct. It simply has a type.
144 *
145 * Must be called with ecryptfs_daemon_hash_mux held.
146 *
147 * Returns zero on success; non-zero otherwise
148 */
149static int ecryptfs_send_raw_message(unsigned int transport, u8 msg_type,
150 struct ecryptfs_daemon *daemon)
133{ 151{
152 struct ecryptfs_msg_ctx *msg_ctx;
134 int rc; 153 int rc;
135 154
136 switch(transport) { 155 switch(transport) {
137 case ECRYPTFS_TRANSPORT_NETLINK: 156 case ECRYPTFS_TRANSPORT_NETLINK:
138 rc = ecryptfs_send_netlink(NULL, 0, NULL, msg_type, 0, pid); 157 rc = ecryptfs_send_netlink(NULL, 0, NULL, msg_type, 0,
158 daemon->pid);
159 break;
160 case ECRYPTFS_TRANSPORT_MISCDEV:
161 rc = ecryptfs_send_message_locked(transport, NULL, 0, msg_type,
162 &msg_ctx);
163 if (rc) {
164 printk(KERN_ERR "%s: Error whilst attempting to send "
165 "message via procfs; rc = [%d]\n", __func__, rc);
166 goto out;
167 }
168 /* Raw messages are logically context-free (e.g., no
169 * reply is expected), so we set the state of the
170 * ecryptfs_msg_ctx object to indicate that it should
171 * be freed as soon as the transport sends out the message. */
172 mutex_lock(&msg_ctx->mux);
173 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_NO_REPLY;
174 mutex_unlock(&msg_ctx->mux);
139 break; 175 break;
140 case ECRYPTFS_TRANSPORT_CONNECTOR: 176 case ECRYPTFS_TRANSPORT_CONNECTOR:
141 case ECRYPTFS_TRANSPORT_RELAYFS: 177 case ECRYPTFS_TRANSPORT_RELAYFS:
142 default: 178 default:
143 rc = -ENOSYS; 179 rc = -ENOSYS;
144 } 180 }
181out:
182 return rc;
183}
184
185/**
186 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct
187 * @daemon: Pointer to set to newly allocated daemon struct
188 * @euid: Effective user id for the daemon
189 * @pid: Process id for the daemon
190 *
191 * Must be called ceremoniously while in possession of
192 * ecryptfs_sacred_daemon_hash_mux
193 *
194 * Returns zero on success; non-zero otherwise
195 */
196int
197ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, uid_t euid, pid_t pid)
198{
199 int rc = 0;
200
201 (*daemon) = kzalloc(sizeof(**daemon), GFP_KERNEL);
202 if (!(*daemon)) {
203 rc = -ENOMEM;
204 printk(KERN_ERR "%s: Failed to allocate [%Zd] bytes of "
205 "GFP_KERNEL memory\n", __func__, sizeof(**daemon));
206 goto out;
207 }
208 (*daemon)->euid = euid;
209 (*daemon)->pid = pid;
210 (*daemon)->task = current;
211 mutex_init(&(*daemon)->mux);
212 INIT_LIST_HEAD(&(*daemon)->msg_ctx_out_queue);
213 init_waitqueue_head(&(*daemon)->wait);
214 (*daemon)->num_queued_msg_ctx = 0;
215 hlist_add_head(&(*daemon)->euid_chain,
216 &ecryptfs_daemon_hash[ecryptfs_uid_hash(euid)]);
217out:
145 return rc; 218 return rc;
146} 219}
147 220
148/** 221/**
149 * ecryptfs_process_helo 222 * ecryptfs_process_helo
150 * @transport: The underlying transport (netlink, etc.) 223 * @transport: The underlying transport (netlink, etc.)
151 * @uid: The user ID owner of the message 224 * @euid: The user ID owner of the message
152 * @pid: The process ID for the userspace program that sent the 225 * @pid: The process ID for the userspace program that sent the
153 * message 226 * message
154 * 227 *
155 * Adds the uid and pid values to the daemon id hash. If a uid 228 * Adds the euid and pid values to the daemon euid hash. If an euid
156 * already has a daemon pid registered, the daemon will be 229 * already has a daemon pid registered, the daemon will be
157 * unregistered before the new daemon id is put into the hash list. 230 * unregistered before the new daemon is put into the hash list.
158 * Returns zero after adding a new daemon id to the hash list; 231 * Returns zero after adding a new daemon to the hash list;
159 * non-zero otherwise. 232 * non-zero otherwise.
160 */ 233 */
161int ecryptfs_process_helo(unsigned int transport, uid_t uid, pid_t pid) 234int ecryptfs_process_helo(unsigned int transport, uid_t euid, pid_t pid)
162{ 235{
163 struct ecryptfs_daemon_id *new_id; 236 struct ecryptfs_daemon *new_daemon;
164 struct ecryptfs_daemon_id *old_id; 237 struct ecryptfs_daemon *old_daemon;
165 int rc; 238 int rc;
166 239
167 mutex_lock(&ecryptfs_daemon_id_hash_mux); 240 mutex_lock(&ecryptfs_daemon_hash_mux);
168 new_id = kmalloc(sizeof(*new_id), GFP_KERNEL); 241 rc = ecryptfs_find_daemon_by_euid(&old_daemon, euid);
169 if (!new_id) { 242 if (rc != 0) {
170 rc = -ENOMEM;
171 ecryptfs_printk(KERN_ERR, "Failed to allocate memory; unable "
172 "to register daemon [%d] for user [%d]\n",
173 pid, uid);
174 goto unlock;
175 }
176 if (!ecryptfs_find_daemon_id(uid, &old_id)) {
177 printk(KERN_WARNING "Received request from user [%d] " 243 printk(KERN_WARNING "Received request from user [%d] "
178 "to register daemon [%d]; unregistering daemon " 244 "to register daemon [%d]; unregistering daemon "
179 "[%d]\n", uid, pid, old_id->pid); 245 "[%d]\n", euid, pid, old_daemon->pid);
180 hlist_del(&old_id->id_chain); 246 rc = ecryptfs_send_raw_message(transport, ECRYPTFS_MSG_QUIT,
181 rc = ecryptfs_send_raw_message(transport, ECRYPTFS_NLMSG_QUIT, 247 old_daemon);
182 old_id->pid);
183 if (rc) 248 if (rc)
184 printk(KERN_WARNING "Failed to send QUIT " 249 printk(KERN_WARNING "Failed to send QUIT "
185 "message to daemon [%d]; rc = [%d]\n", 250 "message to daemon [%d]; rc = [%d]\n",
186 old_id->pid, rc); 251 old_daemon->pid, rc);
187 kfree(old_id); 252 hlist_del(&old_daemon->euid_chain);
253 kfree(old_daemon);
188 } 254 }
189 new_id->uid = uid; 255 rc = ecryptfs_spawn_daemon(&new_daemon, euid, pid);
190 new_id->pid = pid; 256 if (rc)
191 hlist_add_head(&new_id->id_chain, 257 printk(KERN_ERR "%s: The gods are displeased with this attempt "
192 &ecryptfs_daemon_id_hash[ecryptfs_uid_hash(uid)]); 258 "to create a new daemon object for euid [%d]; pid [%d]; "
193 rc = 0; 259 "rc = [%d]\n", __func__, euid, pid, rc);
194unlock: 260 mutex_unlock(&ecryptfs_daemon_hash_mux);
195 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 261 return rc;
262}
263
264/**
265 * ecryptfs_exorcise_daemon - Destroy the daemon struct
266 *
267 * Must be called ceremoniously while in possession of
268 * ecryptfs_daemon_hash_mux and the daemon's own mux.
269 */
270int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon)
271{
272 struct ecryptfs_msg_ctx *msg_ctx, *msg_ctx_tmp;
273 int rc = 0;
274
275 mutex_lock(&daemon->mux);
276 if ((daemon->flags & ECRYPTFS_DAEMON_IN_READ)
277 || (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)) {
278 rc = -EBUSY;
279 printk(KERN_WARNING "%s: Attempt to destroy daemon with pid "
280 "[%d], but it is in the midst of a read or a poll\n",
281 __func__, daemon->pid);
282 mutex_unlock(&daemon->mux);
283 goto out;
284 }
285 list_for_each_entry_safe(msg_ctx, msg_ctx_tmp,
286 &daemon->msg_ctx_out_queue, daemon_out_list) {
287 list_del(&msg_ctx->daemon_out_list);
288 daemon->num_queued_msg_ctx--;
289 printk(KERN_WARNING "%s: Warning: dropping message that is in "
290 "the out queue of a dying daemon\n", __func__);
291 ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
292 }
293 hlist_del(&daemon->euid_chain);
294 if (daemon->task)
295 wake_up_process(daemon->task);
296 mutex_unlock(&daemon->mux);
297 memset(daemon, 0, sizeof(*daemon));
298 kfree(daemon);
299out:
196 return rc; 300 return rc;
197} 301}
198 302
199/** 303/**
200 * ecryptfs_process_quit 304 * ecryptfs_process_quit
201 * @uid: The user ID owner of the message 305 * @euid: The user ID owner of the message
202 * @pid: The process ID for the userspace program that sent the 306 * @pid: The process ID for the userspace program that sent the
203 * message 307 * message
204 * 308 *
205 * Deletes the corresponding daemon id for the given uid and pid, if 309 * Deletes the corresponding daemon for the given euid and pid, if
206 * it is the registered that is requesting the deletion. Returns zero 310 * it is the registered that is requesting the deletion. Returns zero
207 * after deleting the desired daemon id; non-zero otherwise. 311 * after deleting the desired daemon; non-zero otherwise.
208 */ 312 */
209int ecryptfs_process_quit(uid_t uid, pid_t pid) 313int ecryptfs_process_quit(uid_t euid, pid_t pid)
210{ 314{
211 struct ecryptfs_daemon_id *id; 315 struct ecryptfs_daemon *daemon;
212 int rc; 316 int rc;
213 317
214 mutex_lock(&ecryptfs_daemon_id_hash_mux); 318 mutex_lock(&ecryptfs_daemon_hash_mux);
215 if (ecryptfs_find_daemon_id(uid, &id)) { 319 rc = ecryptfs_find_daemon_by_euid(&daemon, euid);
216 rc = -EINVAL; 320 if (rc || !daemon) {
217 ecryptfs_printk(KERN_ERR, "Received request from user [%d] to "
218 "unregister unrecognized daemon [%d]\n", uid,
219 pid);
220 goto unlock;
221 }
222 if (id->pid != pid) {
223 rc = -EINVAL; 321 rc = -EINVAL;
224 ecryptfs_printk(KERN_WARNING, "Received request from user [%d] " 322 printk(KERN_ERR "Received request from user [%d] to "
225 "with pid [%d] to unregister daemon [%d]\n", 323 "unregister unrecognized daemon [%d]\n", euid, pid);
226 uid, pid, id->pid); 324 goto out_unlock;
227 goto unlock;
228 } 325 }
229 hlist_del(&id->id_chain); 326 rc = ecryptfs_exorcise_daemon(daemon);
230 kfree(id); 327out_unlock:
231 rc = 0; 328 mutex_unlock(&ecryptfs_daemon_hash_mux);
232unlock:
233 mutex_unlock(&ecryptfs_daemon_id_hash_mux);
234 return rc; 329 return rc;
235} 330}
236 331
237/** 332/**
238 * ecryptfs_process_reponse 333 * ecryptfs_process_reponse
239 * @msg: The ecryptfs message received; the caller should sanity check 334 * @msg: The ecryptfs message received; the caller should sanity check
240 * msg->data_len 335 * msg->data_len and free the memory
241 * @pid: The process ID of the userspace application that sent the 336 * @pid: The process ID of the userspace application that sent the
242 * message 337 * message
243 * @seq: The sequence number of the message 338 * @seq: The sequence number of the message; must match the sequence
339 * number for the existing message context waiting for this
340 * response
341 *
342 * Processes a response message after sending an operation request to
343 * userspace. Some other process is awaiting this response. Before
344 * sending out its first communications, the other process allocated a
345 * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The
346 * response message contains this index so that we can copy over the
347 * response message into the msg_ctx that the process holds a
348 * reference to. The other process is going to wake up, check to see
349 * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then
350 * proceed to read off and process the response message. Returns zero
351 * upon delivery to desired context element; non-zero upon delivery
352 * failure or error.
244 * 353 *
245 * Processes a response message after sending a operation request to 354 * Returns zero on success; non-zero otherwise
246 * userspace. Returns zero upon delivery to desired context element;
247 * non-zero upon delivery failure or error.
248 */ 355 */
249int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t uid, 356int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid,
250 pid_t pid, u32 seq) 357 pid_t pid, u32 seq)
251{ 358{
252 struct ecryptfs_daemon_id *id; 359 struct ecryptfs_daemon *daemon;
253 struct ecryptfs_msg_ctx *msg_ctx; 360 struct ecryptfs_msg_ctx *msg_ctx;
254 int msg_size; 361 size_t msg_size;
255 int rc; 362 int rc;
256 363
257 if (msg->index >= ecryptfs_message_buf_len) { 364 if (msg->index >= ecryptfs_message_buf_len) {
258 rc = -EINVAL; 365 rc = -EINVAL;
259 ecryptfs_printk(KERN_ERR, "Attempt to reference " 366 printk(KERN_ERR "%s: Attempt to reference "
260 "context buffer at index [%d]; maximum " 367 "context buffer at index [%d]; maximum "
261 "allowable is [%d]\n", msg->index, 368 "allowable is [%d]\n", __func__, msg->index,
262 (ecryptfs_message_buf_len - 1)); 369 (ecryptfs_message_buf_len - 1));
263 goto out; 370 goto out;
264 } 371 }
265 msg_ctx = &ecryptfs_msg_ctx_arr[msg->index]; 372 msg_ctx = &ecryptfs_msg_ctx_arr[msg->index];
266 mutex_lock(&msg_ctx->mux); 373 mutex_lock(&msg_ctx->mux);
267 if (ecryptfs_find_daemon_id(msg_ctx->task->euid, &id)) { 374 mutex_lock(&ecryptfs_daemon_hash_mux);
375 rc = ecryptfs_find_daemon_by_euid(&daemon, msg_ctx->task->euid);
376 mutex_unlock(&ecryptfs_daemon_hash_mux);
377 if (rc) {
268 rc = -EBADMSG; 378 rc = -EBADMSG;
269 ecryptfs_printk(KERN_WARNING, "User [%d] received a " 379 printk(KERN_WARNING "%s: User [%d] received a "
270 "message response from process [%d] but does " 380 "message response from process [%d] but does "
271 "not have a registered daemon\n", 381 "not have a registered daemon\n", __func__,
272 msg_ctx->task->euid, pid); 382 msg_ctx->task->euid, pid);
273 goto wake_up; 383 goto wake_up;
274 } 384 }
275 if (msg_ctx->task->euid != uid) { 385 if (msg_ctx->task->euid != euid) {
276 rc = -EBADMSG; 386 rc = -EBADMSG;
277 ecryptfs_printk(KERN_WARNING, "Received message from user " 387 printk(KERN_WARNING "%s: Received message from user "
278 "[%d]; expected message from user [%d]\n", 388 "[%d]; expected message from user [%d]\n", __func__,
279 uid, msg_ctx->task->euid); 389 euid, msg_ctx->task->euid);
280 goto unlock; 390 goto unlock;
281 } 391 }
282 if (id->pid != pid) { 392 if (daemon->pid != pid) {
283 rc = -EBADMSG; 393 rc = -EBADMSG;
284 ecryptfs_printk(KERN_ERR, "User [%d] received a " 394 printk(KERN_ERR "%s: User [%d] sent a message response "
285 "message response from an unrecognized " 395 "from an unrecognized process [%d]\n",
286 "process [%d]\n", msg_ctx->task->euid, pid); 396 __func__, msg_ctx->task->euid, pid);
287 goto unlock; 397 goto unlock;
288 } 398 }
289 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) { 399 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) {
290 rc = -EINVAL; 400 rc = -EINVAL;
291 ecryptfs_printk(KERN_WARNING, "Desired context element is not " 401 printk(KERN_WARNING "%s: Desired context element is not "
292 "pending a response\n"); 402 "pending a response\n", __func__);
293 goto unlock; 403 goto unlock;
294 } else if (msg_ctx->counter != seq) { 404 } else if (msg_ctx->counter != seq) {
295 rc = -EINVAL; 405 rc = -EINVAL;
296 ecryptfs_printk(KERN_WARNING, "Invalid message sequence; " 406 printk(KERN_WARNING "%s: Invalid message sequence; "
297 "expected [%d]; received [%d]\n", 407 "expected [%d]; received [%d]\n", __func__,
298 msg_ctx->counter, seq); 408 msg_ctx->counter, seq);
299 goto unlock; 409 goto unlock;
300 } 410 }
301 msg_size = sizeof(*msg) + msg->data_len; 411 msg_size = (sizeof(*msg) + msg->data_len);
302 msg_ctx->msg = kmalloc(msg_size, GFP_KERNEL); 412 msg_ctx->msg = kmalloc(msg_size, GFP_KERNEL);
303 if (!msg_ctx->msg) { 413 if (!msg_ctx->msg) {
304 rc = -ENOMEM; 414 rc = -ENOMEM;
305 ecryptfs_printk(KERN_ERR, "Failed to allocate memory\n"); 415 printk(KERN_ERR "%s: Failed to allocate [%Zd] bytes of "
416 "GFP_KERNEL memory\n", __func__, msg_size);
306 goto unlock; 417 goto unlock;
307 } 418 }
308 memcpy(msg_ctx->msg, msg, msg_size); 419 memcpy(msg_ctx->msg, msg, msg_size);
@@ -317,34 +428,37 @@ out:
317} 428}
318 429
319/** 430/**
320 * ecryptfs_send_message 431 * ecryptfs_send_message_locked
321 * @transport: The transport over which to send the message (i.e., 432 * @transport: The transport over which to send the message (i.e.,
322 * netlink) 433 * netlink)
323 * @data: The data to send 434 * @data: The data to send
324 * @data_len: The length of data 435 * @data_len: The length of data
325 * @msg_ctx: The message context allocated for the send 436 * @msg_ctx: The message context allocated for the send
437 *
438 * Must be called with ecryptfs_daemon_hash_mux held.
439 *
440 * Returns zero on success; non-zero otherwise
326 */ 441 */
327int ecryptfs_send_message(unsigned int transport, char *data, int data_len, 442static int
328 struct ecryptfs_msg_ctx **msg_ctx) 443ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len,
444 u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx)
329{ 445{
330 struct ecryptfs_daemon_id *id; 446 struct ecryptfs_daemon *daemon;
331 int rc; 447 int rc;
332 448
333 mutex_lock(&ecryptfs_daemon_id_hash_mux); 449 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid);
334 if (ecryptfs_find_daemon_id(current->euid, &id)) { 450 if (rc || !daemon) {
335 mutex_unlock(&ecryptfs_daemon_id_hash_mux);
336 rc = -ENOTCONN; 451 rc = -ENOTCONN;
337 ecryptfs_printk(KERN_ERR, "User [%d] does not have a daemon " 452 printk(KERN_ERR "%s: User [%d] does not have a daemon "
338 "registered\n", current->euid); 453 "registered\n", __func__, current->euid);
339 goto out; 454 goto out;
340 } 455 }
341 mutex_unlock(&ecryptfs_daemon_id_hash_mux);
342 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 456 mutex_lock(&ecryptfs_msg_ctx_lists_mux);
343 rc = ecryptfs_acquire_free_msg_ctx(msg_ctx); 457 rc = ecryptfs_acquire_free_msg_ctx(msg_ctx);
344 if (rc) { 458 if (rc) {
345 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 459 mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
346 ecryptfs_printk(KERN_WARNING, "Could not claim a free " 460 printk(KERN_WARNING "%s: Could not claim a free "
347 "context element\n"); 461 "context element\n", __func__);
348 goto out; 462 goto out;
349 } 463 }
350 ecryptfs_msg_ctx_free_to_alloc(*msg_ctx); 464 ecryptfs_msg_ctx_free_to_alloc(*msg_ctx);
@@ -352,23 +466,50 @@ int ecryptfs_send_message(unsigned int transport, char *data, int data_len,
352 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 466 mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
353 switch (transport) { 467 switch (transport) {
354 case ECRYPTFS_TRANSPORT_NETLINK: 468 case ECRYPTFS_TRANSPORT_NETLINK:
355 rc = ecryptfs_send_netlink(data, data_len, *msg_ctx, 469 rc = ecryptfs_send_netlink(data, data_len, *msg_ctx, msg_type,
356 ECRYPTFS_NLMSG_REQUEST, 0, id->pid); 470 0, daemon->pid);
471 break;
472 case ECRYPTFS_TRANSPORT_MISCDEV:
473 rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type,
474 0, daemon);
357 break; 475 break;
358 case ECRYPTFS_TRANSPORT_CONNECTOR: 476 case ECRYPTFS_TRANSPORT_CONNECTOR:
359 case ECRYPTFS_TRANSPORT_RELAYFS: 477 case ECRYPTFS_TRANSPORT_RELAYFS:
360 default: 478 default:
361 rc = -ENOSYS; 479 rc = -ENOSYS;
362 } 480 }
363 if (rc) { 481 if (rc)
364 printk(KERN_ERR "Error attempting to send message to userspace " 482 printk(KERN_ERR "%s: Error attempting to send message to "
365 "daemon; rc = [%d]\n", rc); 483 "userspace daemon; rc = [%d]\n", __func__, rc);
366 }
367out: 484out:
368 return rc; 485 return rc;
369} 486}
370 487
371/** 488/**
489 * ecryptfs_send_message
490 * @transport: The transport over which to send the message (i.e.,
491 * netlink)
492 * @data: The data to send
493 * @data_len: The length of data
494 * @msg_ctx: The message context allocated for the send
495 *
496 * Grabs ecryptfs_daemon_hash_mux.
497 *
498 * Returns zero on success; non-zero otherwise
499 */
500int ecryptfs_send_message(unsigned int transport, char *data, int data_len,
501 struct ecryptfs_msg_ctx **msg_ctx)
502{
503 int rc;
504
505 mutex_lock(&ecryptfs_daemon_hash_mux);
506 rc = ecryptfs_send_message_locked(transport, data, data_len,
507 ECRYPTFS_MSG_REQUEST, msg_ctx);
508 mutex_unlock(&ecryptfs_daemon_hash_mux);
509 return rc;
510}
511
512/**
372 * ecryptfs_wait_for_response 513 * ecryptfs_wait_for_response
373 * @msg_ctx: The context that was assigned when sending a message 514 * @msg_ctx: The context that was assigned when sending a message
374 * @msg: The incoming message from userspace; not set if rc != 0 515 * @msg: The incoming message from userspace; not set if rc != 0
@@ -377,7 +518,7 @@ out:
377 * of time exceeds ecryptfs_message_wait_timeout. If zero is 518 * of time exceeds ecryptfs_message_wait_timeout. If zero is
378 * returned, msg will point to a valid message from userspace; a 519 * returned, msg will point to a valid message from userspace; a
379 * non-zero value is returned upon failure to receive a message or an 520 * non-zero value is returned upon failure to receive a message or an
380 * error occurs. 521 * error occurs. Callee must free @msg on success.
381 */ 522 */
382int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx, 523int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
383 struct ecryptfs_message **msg) 524 struct ecryptfs_message **msg)
@@ -413,32 +554,32 @@ int ecryptfs_init_messaging(unsigned int transport)
413 554
414 if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) { 555 if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) {
415 ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS; 556 ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS;
416 ecryptfs_printk(KERN_WARNING, "Specified number of users is " 557 printk(KERN_WARNING "%s: Specified number of users is "
417 "too large, defaulting to [%d] users\n", 558 "too large, defaulting to [%d] users\n", __func__,
418 ecryptfs_number_of_users); 559 ecryptfs_number_of_users);
419 } 560 }
420 mutex_init(&ecryptfs_daemon_id_hash_mux); 561 mutex_init(&ecryptfs_daemon_hash_mux);
421 mutex_lock(&ecryptfs_daemon_id_hash_mux); 562 mutex_lock(&ecryptfs_daemon_hash_mux);
422 ecryptfs_hash_buckets = 1; 563 ecryptfs_hash_buckets = 1;
423 while (ecryptfs_number_of_users >> ecryptfs_hash_buckets) 564 while (ecryptfs_number_of_users >> ecryptfs_hash_buckets)
424 ecryptfs_hash_buckets++; 565 ecryptfs_hash_buckets++;
425 ecryptfs_daemon_id_hash = kmalloc(sizeof(struct hlist_head) 566 ecryptfs_daemon_hash = kmalloc((sizeof(struct hlist_head)
426 * ecryptfs_hash_buckets, GFP_KERNEL); 567 * ecryptfs_hash_buckets), GFP_KERNEL);
427 if (!ecryptfs_daemon_id_hash) { 568 if (!ecryptfs_daemon_hash) {
428 rc = -ENOMEM; 569 rc = -ENOMEM;
429 ecryptfs_printk(KERN_ERR, "Failed to allocate memory\n"); 570 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__);
430 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 571 mutex_unlock(&ecryptfs_daemon_hash_mux);
431 goto out; 572 goto out;
432 } 573 }
433 for (i = 0; i < ecryptfs_hash_buckets; i++) 574 for (i = 0; i < ecryptfs_hash_buckets; i++)
434 INIT_HLIST_HEAD(&ecryptfs_daemon_id_hash[i]); 575 INIT_HLIST_HEAD(&ecryptfs_daemon_hash[i]);
435 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 576 mutex_unlock(&ecryptfs_daemon_hash_mux);
436
437 ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx) 577 ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx)
438 * ecryptfs_message_buf_len), GFP_KERNEL); 578 * ecryptfs_message_buf_len),
579 GFP_KERNEL);
439 if (!ecryptfs_msg_ctx_arr) { 580 if (!ecryptfs_msg_ctx_arr) {
440 rc = -ENOMEM; 581 rc = -ENOMEM;
441 ecryptfs_printk(KERN_ERR, "Failed to allocate memory\n"); 582 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__);
442 goto out; 583 goto out;
443 } 584 }
444 mutex_init(&ecryptfs_msg_ctx_lists_mux); 585 mutex_init(&ecryptfs_msg_ctx_lists_mux);
@@ -446,6 +587,7 @@ int ecryptfs_init_messaging(unsigned int transport)
446 ecryptfs_msg_counter = 0; 587 ecryptfs_msg_counter = 0;
447 for (i = 0; i < ecryptfs_message_buf_len; i++) { 588 for (i = 0; i < ecryptfs_message_buf_len; i++) {
448 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node); 589 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node);
590 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].daemon_out_list);
449 mutex_init(&ecryptfs_msg_ctx_arr[i].mux); 591 mutex_init(&ecryptfs_msg_ctx_arr[i].mux);
450 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux); 592 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
451 ecryptfs_msg_ctx_arr[i].index = i; 593 ecryptfs_msg_ctx_arr[i].index = i;
@@ -464,6 +606,11 @@ int ecryptfs_init_messaging(unsigned int transport)
464 if (rc) 606 if (rc)
465 ecryptfs_release_messaging(transport); 607 ecryptfs_release_messaging(transport);
466 break; 608 break;
609 case ECRYPTFS_TRANSPORT_MISCDEV:
610 rc = ecryptfs_init_ecryptfs_miscdev();
611 if (rc)
612 ecryptfs_release_messaging(transport);
613 break;
467 case ECRYPTFS_TRANSPORT_CONNECTOR: 614 case ECRYPTFS_TRANSPORT_CONNECTOR:
468 case ECRYPTFS_TRANSPORT_RELAYFS: 615 case ECRYPTFS_TRANSPORT_RELAYFS:
469 default: 616 default:
@@ -488,27 +635,37 @@ void ecryptfs_release_messaging(unsigned int transport)
488 kfree(ecryptfs_msg_ctx_arr); 635 kfree(ecryptfs_msg_ctx_arr);
489 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 636 mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
490 } 637 }
491 if (ecryptfs_daemon_id_hash) { 638 if (ecryptfs_daemon_hash) {
492 struct hlist_node *elem; 639 struct hlist_node *elem;
493 struct ecryptfs_daemon_id *id; 640 struct ecryptfs_daemon *daemon;
494 int i; 641 int i;
495 642
496 mutex_lock(&ecryptfs_daemon_id_hash_mux); 643 mutex_lock(&ecryptfs_daemon_hash_mux);
497 for (i = 0; i < ecryptfs_hash_buckets; i++) { 644 for (i = 0; i < ecryptfs_hash_buckets; i++) {
498 hlist_for_each_entry(id, elem, 645 int rc;
499 &ecryptfs_daemon_id_hash[i], 646
500 id_chain) { 647 hlist_for_each_entry(daemon, elem,
501 hlist_del(elem); 648 &ecryptfs_daemon_hash[i],
502 kfree(id); 649 euid_chain) {
650 rc = ecryptfs_exorcise_daemon(daemon);
651 if (rc)
652 printk(KERN_ERR "%s: Error whilst "
653 "attempting to destroy daemon; "
654 "rc = [%d]. Dazed and confused, "
655 "but trying to continue.\n",
656 __func__, rc);
503 } 657 }
504 } 658 }
505 kfree(ecryptfs_daemon_id_hash); 659 kfree(ecryptfs_daemon_hash);
506 mutex_unlock(&ecryptfs_daemon_id_hash_mux); 660 mutex_unlock(&ecryptfs_daemon_hash_mux);
507 } 661 }
508 switch(transport) { 662 switch(transport) {
509 case ECRYPTFS_TRANSPORT_NETLINK: 663 case ECRYPTFS_TRANSPORT_NETLINK:
510 ecryptfs_release_netlink(); 664 ecryptfs_release_netlink();
511 break; 665 break;
666 case ECRYPTFS_TRANSPORT_MISCDEV:
667 ecryptfs_destroy_ecryptfs_miscdev();
668 break;
512 case ECRYPTFS_TRANSPORT_CONNECTOR: 669 case ECRYPTFS_TRANSPORT_CONNECTOR:
513 case ECRYPTFS_TRANSPORT_RELAYFS: 670 case ECRYPTFS_TRANSPORT_RELAYFS:
514 default: 671 default:
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c
index 72dfec48ea22..0c559731ae34 100644
--- a/fs/ecryptfs/miscdev.c
+++ b/fs/ecryptfs/miscdev.c
@@ -196,7 +196,7 @@ int ecryptfs_send_miscdev(char *data, size_t data_size,
196 if (!msg_ctx->msg) { 196 if (!msg_ctx->msg) {
197 rc = -ENOMEM; 197 rc = -ENOMEM;
198 printk(KERN_ERR "%s: Out of memory whilst attempting " 198 printk(KERN_ERR "%s: Out of memory whilst attempting "
199 "to kmalloc(%d, GFP_KERNEL)\n", __func__, 199 "to kmalloc(%Zd, GFP_KERNEL)\n", __func__,
200 (sizeof(*msg_ctx->msg) + data_size)); 200 (sizeof(*msg_ctx->msg) + data_size));
201 goto out_unlock; 201 goto out_unlock;
202 } 202 }
@@ -232,7 +232,7 @@ out_unlock:
232 * 232 *
233 * Returns the number of bytes copied into the user buffer 233 * Returns the number of bytes copied into the user buffer
234 */ 234 */
235static int 235static ssize_t
236ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, 236ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count,
237 loff_t *ppos) 237 loff_t *ppos)
238{ 238{
diff --git a/fs/ecryptfs/netlink.c b/fs/ecryptfs/netlink.c
index f638a698dc52..eb70f69d705d 100644
--- a/fs/ecryptfs/netlink.c
+++ b/fs/ecryptfs/netlink.c
@@ -44,7 +44,7 @@ static struct sock *ecryptfs_nl_sock;
44 * upon sending the message; non-zero upon error. 44 * upon sending the message; non-zero upon error.
45 */ 45 */
46int ecryptfs_send_netlink(char *data, int data_len, 46int ecryptfs_send_netlink(char *data, int data_len,
47 struct ecryptfs_msg_ctx *msg_ctx, u16 msg_type, 47 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
48 u16 msg_flags, pid_t daemon_pid) 48 u16 msg_flags, pid_t daemon_pid)
49{ 49{
50 struct sk_buff *skb; 50 struct sk_buff *skb;
@@ -176,20 +176,20 @@ static void ecryptfs_receive_nl_message(struct sk_buff *skb)
176 goto free; 176 goto free;
177 } 177 }
178 switch (nlh->nlmsg_type) { 178 switch (nlh->nlmsg_type) {
179 case ECRYPTFS_NLMSG_RESPONSE: 179 case ECRYPTFS_MSG_RESPONSE:
180 if (ecryptfs_process_nl_response(skb)) { 180 if (ecryptfs_process_nl_response(skb)) {
181 ecryptfs_printk(KERN_WARNING, "Failed to " 181 ecryptfs_printk(KERN_WARNING, "Failed to "
182 "deliver netlink response to " 182 "deliver netlink response to "
183 "requesting operation\n"); 183 "requesting operation\n");
184 } 184 }
185 break; 185 break;
186 case ECRYPTFS_NLMSG_HELO: 186 case ECRYPTFS_MSG_HELO:
187 if (ecryptfs_process_nl_helo(skb)) { 187 if (ecryptfs_process_nl_helo(skb)) {
188 ecryptfs_printk(KERN_WARNING, "Failed to " 188 ecryptfs_printk(KERN_WARNING, "Failed to "
189 "fulfill HELO request\n"); 189 "fulfill HELO request\n");
190 } 190 }
191 break; 191 break;
192 case ECRYPTFS_NLMSG_QUIT: 192 case ECRYPTFS_MSG_QUIT:
193 if (ecryptfs_process_nl_quit(skb)) { 193 if (ecryptfs_process_nl_quit(skb)) {
194 ecryptfs_printk(KERN_WARNING, "Failed to " 194 ecryptfs_printk(KERN_WARNING, "Failed to "
195 "fulfill QUIT request\n"); 195 "fulfill QUIT request\n");