diff options
Diffstat (limited to 'fs/ecryptfs')
| -rw-r--r-- | fs/ecryptfs/crypto.c | 49 | ||||
| -rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 1 | ||||
| -rw-r--r-- | fs/ecryptfs/inode.c | 32 |
3 files changed, 44 insertions, 38 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index bdca1f4b3a3e..8b65f289ee00 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
| @@ -1324,14 +1324,13 @@ static int ecryptfs_write_headers_virt(char *page_virt, size_t max, | |||
| 1324 | } | 1324 | } |
| 1325 | 1325 | ||
| 1326 | static int | 1326 | static int |
| 1327 | ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, | 1327 | ecryptfs_write_metadata_to_contents(struct dentry *ecryptfs_dentry, |
| 1328 | struct dentry *ecryptfs_dentry, | 1328 | char *virt, size_t virt_len) |
| 1329 | char *virt) | ||
| 1330 | { | 1329 | { |
| 1331 | int rc; | 1330 | int rc; |
| 1332 | 1331 | ||
| 1333 | rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, | 1332 | rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, |
| 1334 | 0, crypt_stat->num_header_bytes_at_front); | 1333 | 0, virt_len); |
| 1335 | if (rc) | 1334 | if (rc) |
| 1336 | printk(KERN_ERR "%s: Error attempting to write header " | 1335 | printk(KERN_ERR "%s: Error attempting to write header " |
| 1337 | "information to lower file; rc = [%d]\n", __func__, | 1336 | "information to lower file; rc = [%d]\n", __func__, |
| @@ -1341,7 +1340,6 @@ ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, | |||
| 1341 | 1340 | ||
| 1342 | static int | 1341 | static int |
| 1343 | ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, | 1342 | ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, |
| 1344 | struct ecryptfs_crypt_stat *crypt_stat, | ||
| 1345 | char *page_virt, size_t size) | 1343 | char *page_virt, size_t size) |
| 1346 | { | 1344 | { |
| 1347 | int rc; | 1345 | int rc; |
| @@ -1351,6 +1349,17 @@ ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, | |||
| 1351 | return rc; | 1349 | return rc; |
| 1352 | } | 1350 | } |
| 1353 | 1351 | ||
| 1352 | static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask, | ||
| 1353 | unsigned int order) | ||
| 1354 | { | ||
| 1355 | struct page *page; | ||
| 1356 | |||
| 1357 | page = alloc_pages(gfp_mask | __GFP_ZERO, order); | ||
| 1358 | if (page) | ||
| 1359 | return (unsigned long) page_address(page); | ||
| 1360 | return 0; | ||
| 1361 | } | ||
| 1362 | |||
| 1354 | /** | 1363 | /** |
| 1355 | * ecryptfs_write_metadata | 1364 | * ecryptfs_write_metadata |
| 1356 | * @ecryptfs_dentry: The eCryptfs dentry | 1365 | * @ecryptfs_dentry: The eCryptfs dentry |
| @@ -1367,7 +1376,9 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry) | |||
| 1367 | { | 1376 | { |
| 1368 | struct ecryptfs_crypt_stat *crypt_stat = | 1377 | struct ecryptfs_crypt_stat *crypt_stat = |
| 1369 | &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; | 1378 | &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; |
| 1379 | unsigned int order; | ||
| 1370 | char *virt; | 1380 | char *virt; |
| 1381 | size_t virt_len; | ||
| 1371 | size_t size = 0; | 1382 | size_t size = 0; |
| 1372 | int rc = 0; | 1383 | int rc = 0; |
| 1373 | 1384 | ||
| @@ -1383,33 +1394,35 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry) | |||
| 1383 | rc = -EINVAL; | 1394 | rc = -EINVAL; |
| 1384 | goto out; | 1395 | goto out; |
| 1385 | } | 1396 | } |
| 1397 | virt_len = crypt_stat->num_header_bytes_at_front; | ||
| 1398 | order = get_order(virt_len); | ||
| 1386 | /* Released in this function */ | 1399 | /* Released in this function */ |
| 1387 | virt = (char *)get_zeroed_page(GFP_KERNEL); | 1400 | virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order); |
| 1388 | if (!virt) { | 1401 | if (!virt) { |
| 1389 | printk(KERN_ERR "%s: Out of memory\n", __func__); | 1402 | printk(KERN_ERR "%s: Out of memory\n", __func__); |
| 1390 | rc = -ENOMEM; | 1403 | rc = -ENOMEM; |
| 1391 | goto out; | 1404 | goto out; |
| 1392 | } | 1405 | } |
| 1393 | rc = ecryptfs_write_headers_virt(virt, PAGE_CACHE_SIZE, &size, | 1406 | rc = ecryptfs_write_headers_virt(virt, virt_len, &size, crypt_stat, |
| 1394 | crypt_stat, ecryptfs_dentry); | 1407 | ecryptfs_dentry); |
| 1395 | if (unlikely(rc)) { | 1408 | if (unlikely(rc)) { |
| 1396 | printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", | 1409 | printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", |
| 1397 | __func__, rc); | 1410 | __func__, rc); |
| 1398 | goto out_free; | 1411 | goto out_free; |
| 1399 | } | 1412 | } |
| 1400 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) | 1413 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
| 1401 | rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, | 1414 | rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, virt, |
| 1402 | crypt_stat, virt, size); | 1415 | size); |
| 1403 | else | 1416 | else |
| 1404 | rc = ecryptfs_write_metadata_to_contents(crypt_stat, | 1417 | rc = ecryptfs_write_metadata_to_contents(ecryptfs_dentry, virt, |
| 1405 | ecryptfs_dentry, virt); | 1418 | virt_len); |
| 1406 | if (rc) { | 1419 | if (rc) { |
| 1407 | printk(KERN_ERR "%s: Error writing metadata out to lower file; " | 1420 | printk(KERN_ERR "%s: Error writing metadata out to lower file; " |
| 1408 | "rc = [%d]\n", __func__, rc); | 1421 | "rc = [%d]\n", __func__, rc); |
| 1409 | goto out_free; | 1422 | goto out_free; |
| 1410 | } | 1423 | } |
| 1411 | out_free: | 1424 | out_free: |
| 1412 | free_page((unsigned long)virt); | 1425 | free_pages((unsigned long)virt, order); |
| 1413 | out: | 1426 | out: |
| 1414 | return rc; | 1427 | return rc; |
| 1415 | } | 1428 | } |
| @@ -2208,17 +2221,19 @@ int ecryptfs_decode_and_decrypt_filename(char **plaintext_name, | |||
| 2208 | struct dentry *ecryptfs_dir_dentry, | 2221 | struct dentry *ecryptfs_dir_dentry, |
| 2209 | const char *name, size_t name_size) | 2222 | const char *name, size_t name_size) |
| 2210 | { | 2223 | { |
| 2224 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = | ||
| 2225 | &ecryptfs_superblock_to_private( | ||
| 2226 | ecryptfs_dir_dentry->d_sb)->mount_crypt_stat; | ||
| 2211 | char *decoded_name; | 2227 | char *decoded_name; |
| 2212 | size_t decoded_name_size; | 2228 | size_t decoded_name_size; |
| 2213 | size_t packet_size; | 2229 | size_t packet_size; |
| 2214 | int rc = 0; | 2230 | int rc = 0; |
| 2215 | 2231 | ||
| 2216 | if ((name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) | 2232 | if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) |
| 2233 | && !(mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) | ||
| 2234 | && (name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) | ||
| 2217 | && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, | 2235 | && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, |
| 2218 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) { | 2236 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) { |
| 2219 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = | ||
| 2220 | &ecryptfs_superblock_to_private( | ||
| 2221 | ecryptfs_dir_dentry->d_sb)->mount_crypt_stat; | ||
| 2222 | const char *orig_name = name; | 2237 | const char *orig_name = name; |
| 2223 | size_t orig_name_size = name_size; | 2238 | size_t orig_name_size = name_size; |
| 2224 | 2239 | ||
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index eb2267eca1fe..ac749d4d644f 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h | |||
| @@ -620,7 +620,6 @@ int ecryptfs_interpose(struct dentry *hidden_dentry, | |||
| 620 | u32 flags); | 620 | u32 flags); |
| 621 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | 621 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, |
| 622 | struct dentry *lower_dentry, | 622 | struct dentry *lower_dentry, |
| 623 | struct ecryptfs_crypt_stat *crypt_stat, | ||
| 624 | struct inode *ecryptfs_dir_inode, | 623 | struct inode *ecryptfs_dir_inode, |
| 625 | struct nameidata *ecryptfs_nd); | 624 | struct nameidata *ecryptfs_nd); |
| 626 | int ecryptfs_decode_and_decrypt_filename(char **decrypted_name, | 625 | int ecryptfs_decode_and_decrypt_filename(char **decrypted_name, |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 5697899a168d..55b3145b8072 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c | |||
| @@ -246,7 +246,6 @@ out: | |||
| 246 | */ | 246 | */ |
| 247 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | 247 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, |
| 248 | struct dentry *lower_dentry, | 248 | struct dentry *lower_dentry, |
| 249 | struct ecryptfs_crypt_stat *crypt_stat, | ||
| 250 | struct inode *ecryptfs_dir_inode, | 249 | struct inode *ecryptfs_dir_inode, |
| 251 | struct nameidata *ecryptfs_nd) | 250 | struct nameidata *ecryptfs_nd) |
| 252 | { | 251 | { |
| @@ -254,6 +253,7 @@ int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | |||
| 254 | struct vfsmount *lower_mnt; | 253 | struct vfsmount *lower_mnt; |
| 255 | struct inode *lower_inode; | 254 | struct inode *lower_inode; |
| 256 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; | 255 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; |
| 256 | struct ecryptfs_crypt_stat *crypt_stat; | ||
| 257 | char *page_virt = NULL; | 257 | char *page_virt = NULL; |
| 258 | u64 file_size; | 258 | u64 file_size; |
| 259 | int rc = 0; | 259 | int rc = 0; |
| @@ -314,6 +314,11 @@ int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | |||
| 314 | goto out_free_kmem; | 314 | goto out_free_kmem; |
| 315 | } | 315 | } |
| 316 | } | 316 | } |
| 317 | crypt_stat = &ecryptfs_inode_to_private( | ||
| 318 | ecryptfs_dentry->d_inode)->crypt_stat; | ||
| 319 | /* TODO: lock for crypt_stat comparison */ | ||
| 320 | if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) | ||
| 321 | ecryptfs_set_default_sizes(crypt_stat); | ||
| 317 | rc = ecryptfs_read_and_validate_header_region(page_virt, | 322 | rc = ecryptfs_read_and_validate_header_region(page_virt, |
| 318 | ecryptfs_dentry->d_inode); | 323 | ecryptfs_dentry->d_inode); |
| 319 | if (rc) { | 324 | if (rc) { |
| @@ -362,9 +367,7 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
| 362 | { | 367 | { |
| 363 | char *encrypted_and_encoded_name = NULL; | 368 | char *encrypted_and_encoded_name = NULL; |
| 364 | size_t encrypted_and_encoded_name_size; | 369 | size_t encrypted_and_encoded_name_size; |
| 365 | struct ecryptfs_crypt_stat *crypt_stat = NULL; | ||
| 366 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; | 370 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; |
| 367 | struct ecryptfs_inode_info *inode_info; | ||
| 368 | struct dentry *lower_dir_dentry, *lower_dentry; | 371 | struct dentry *lower_dir_dentry, *lower_dentry; |
| 369 | int rc = 0; | 372 | int rc = 0; |
| 370 | 373 | ||
| @@ -388,26 +391,15 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
| 388 | } | 391 | } |
| 389 | if (lower_dentry->d_inode) | 392 | if (lower_dentry->d_inode) |
| 390 | goto lookup_and_interpose; | 393 | goto lookup_and_interpose; |
| 391 | inode_info = ecryptfs_inode_to_private(ecryptfs_dentry->d_inode); | 394 | mount_crypt_stat = &ecryptfs_superblock_to_private( |
| 392 | if (inode_info) { | 395 | ecryptfs_dentry->d_sb)->mount_crypt_stat; |
| 393 | crypt_stat = &inode_info->crypt_stat; | 396 | if (!(mount_crypt_stat |
| 394 | /* TODO: lock for crypt_stat comparison */ | 397 | && (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) |
| 395 | if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) | ||
| 396 | ecryptfs_set_default_sizes(crypt_stat); | ||
| 397 | } | ||
| 398 | if (crypt_stat) | ||
| 399 | mount_crypt_stat = crypt_stat->mount_crypt_stat; | ||
| 400 | else | ||
| 401 | mount_crypt_stat = &ecryptfs_superblock_to_private( | ||
| 402 | ecryptfs_dentry->d_sb)->mount_crypt_stat; | ||
| 403 | if (!(crypt_stat && (crypt_stat->flags & ECRYPTFS_ENCRYPT_FILENAMES)) | ||
| 404 | && !(mount_crypt_stat && (mount_crypt_stat->flags | ||
| 405 | & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) | ||
| 406 | goto lookup_and_interpose; | 398 | goto lookup_and_interpose; |
| 407 | dput(lower_dentry); | 399 | dput(lower_dentry); |
| 408 | rc = ecryptfs_encrypt_and_encode_filename( | 400 | rc = ecryptfs_encrypt_and_encode_filename( |
| 409 | &encrypted_and_encoded_name, &encrypted_and_encoded_name_size, | 401 | &encrypted_and_encoded_name, &encrypted_and_encoded_name_size, |
| 410 | crypt_stat, mount_crypt_stat, ecryptfs_dentry->d_name.name, | 402 | NULL, mount_crypt_stat, ecryptfs_dentry->d_name.name, |
| 411 | ecryptfs_dentry->d_name.len); | 403 | ecryptfs_dentry->d_name.len); |
| 412 | if (rc) { | 404 | if (rc) { |
| 413 | printk(KERN_ERR "%s: Error attempting to encrypt and encode " | 405 | printk(KERN_ERR "%s: Error attempting to encrypt and encode " |
| @@ -426,7 +418,7 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
| 426 | } | 418 | } |
| 427 | lookup_and_interpose: | 419 | lookup_and_interpose: |
| 428 | rc = ecryptfs_lookup_and_interpose_lower(ecryptfs_dentry, lower_dentry, | 420 | rc = ecryptfs_lookup_and_interpose_lower(ecryptfs_dentry, lower_dentry, |
| 429 | crypt_stat, ecryptfs_dir_inode, | 421 | ecryptfs_dir_inode, |
| 430 | ecryptfs_nd); | 422 | ecryptfs_nd); |
| 431 | goto out; | 423 | goto out; |
| 432 | out_d_drop: | 424 | out_d_drop: |