aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs
diff options
context:
space:
mode:
Diffstat (limited to 'fs/ecryptfs')
-rw-r--r--fs/ecryptfs/crypto.c21
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h1
-rw-r--r--fs/ecryptfs/inode.c37
-rw-r--r--fs/ecryptfs/main.c14
-rw-r--r--fs/ecryptfs/messaging.c82
-rw-r--r--fs/ecryptfs/miscdev.c43
-rw-r--r--fs/ecryptfs/mmap.c11
-rw-r--r--fs/ecryptfs/read_write.c32
-rw-r--r--fs/ecryptfs/super.c7
9 files changed, 95 insertions, 153 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 8b65f289ee00..b91851f1cda3 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -483,15 +483,7 @@ int ecryptfs_encrypt_page(struct page *page)
483 ecryptfs_inode = page->mapping->host; 483 ecryptfs_inode = page->mapping->host;
484 crypt_stat = 484 crypt_stat =
485 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 485 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
486 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 486 BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
487 rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page,
488 0, PAGE_CACHE_SIZE);
489 if (rc)
490 printk(KERN_ERR "%s: Error attempting to copy "
491 "page at index [%ld]\n", __func__,
492 page->index);
493 goto out;
494 }
495 enc_extent_page = alloc_page(GFP_USER); 487 enc_extent_page = alloc_page(GFP_USER);
496 if (!enc_extent_page) { 488 if (!enc_extent_page) {
497 rc = -ENOMEM; 489 rc = -ENOMEM;
@@ -620,16 +612,7 @@ int ecryptfs_decrypt_page(struct page *page)
620 ecryptfs_inode = page->mapping->host; 612 ecryptfs_inode = page->mapping->host;
621 crypt_stat = 613 crypt_stat =
622 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 614 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
623 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 615 BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
624 rc = ecryptfs_read_lower_page_segment(page, page->index, 0,
625 PAGE_CACHE_SIZE,
626 ecryptfs_inode);
627 if (rc)
628 printk(KERN_ERR "%s: Error attempting to copy "
629 "page at index [%ld]\n", __func__,
630 page->index);
631 goto out;
632 }
633 enc_extent_page = alloc_page(GFP_USER); 616 enc_extent_page = alloc_page(GFP_USER);
634 if (!enc_extent_page) { 617 if (!enc_extent_page) {
635 rc = -ENOMEM; 618 rc = -ENOMEM;
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 064c5820e4e5..00b30a2d5466 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -269,6 +269,7 @@ struct ecryptfs_crypt_stat {
269#define ECRYPTFS_ENCRYPT_FILENAMES 0x00000800 269#define ECRYPTFS_ENCRYPT_FILENAMES 0x00000800
270#define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00001000 270#define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00001000
271#define ECRYPTFS_ENCFN_USE_FEK 0x00002000 271#define ECRYPTFS_ENCFN_USE_FEK 0x00002000
272#define ECRYPTFS_UNLINK_SIGS 0x00004000
272 u32 flags; 273 u32 flags;
273 unsigned int file_version; 274 unsigned int file_version;
274 size_t iv_bytes; 275 size_t iv_bytes;
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
index 55b3145b8072..2f0945d63297 100644
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -379,9 +379,11 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode,
379 goto out_d_drop; 379 goto out_d_drop;
380 } 380 }
381 lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent); 381 lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent);
382 mutex_lock(&lower_dir_dentry->d_inode->i_mutex);
382 lower_dentry = lookup_one_len(ecryptfs_dentry->d_name.name, 383 lower_dentry = lookup_one_len(ecryptfs_dentry->d_name.name,
383 lower_dir_dentry, 384 lower_dir_dentry,
384 ecryptfs_dentry->d_name.len); 385 ecryptfs_dentry->d_name.len);
386 mutex_unlock(&lower_dir_dentry->d_inode->i_mutex);
385 if (IS_ERR(lower_dentry)) { 387 if (IS_ERR(lower_dentry)) {
386 rc = PTR_ERR(lower_dentry); 388 rc = PTR_ERR(lower_dentry);
387 printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " 389 printk(KERN_ERR "%s: lookup_one_len() returned [%d] on "
@@ -406,9 +408,11 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode,
406 "filename; rc = [%d]\n", __func__, rc); 408 "filename; rc = [%d]\n", __func__, rc);
407 goto out_d_drop; 409 goto out_d_drop;
408 } 410 }
411 mutex_lock(&lower_dir_dentry->d_inode->i_mutex);
409 lower_dentry = lookup_one_len(encrypted_and_encoded_name, 412 lower_dentry = lookup_one_len(encrypted_and_encoded_name,
410 lower_dir_dentry, 413 lower_dir_dentry,
411 encrypted_and_encoded_name_size - 1); 414 encrypted_and_encoded_name_size - 1);
415 mutex_unlock(&lower_dir_dentry->d_inode->i_mutex);
412 if (IS_ERR(lower_dentry)) { 416 if (IS_ERR(lower_dentry)) {
413 rc = PTR_ERR(lower_dentry); 417 rc = PTR_ERR(lower_dentry);
414 printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " 418 printk(KERN_ERR "%s: lookup_one_len() returned [%d] on "
@@ -636,8 +640,9 @@ static int
636ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) 640ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
637{ 641{
638 char *lower_buf; 642 char *lower_buf;
643 size_t lower_bufsiz;
639 struct dentry *lower_dentry; 644 struct dentry *lower_dentry;
640 struct ecryptfs_crypt_stat *crypt_stat; 645 struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
641 char *plaintext_name; 646 char *plaintext_name;
642 size_t plaintext_name_size; 647 size_t plaintext_name_size;
643 mm_segment_t old_fs; 648 mm_segment_t old_fs;
@@ -648,12 +653,21 @@ ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
648 rc = -EINVAL; 653 rc = -EINVAL;
649 goto out; 654 goto out;
650 } 655 }
651 crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; 656 mount_crypt_stat = &ecryptfs_superblock_to_private(
657 dentry->d_sb)->mount_crypt_stat;
658 /*
659 * If the lower filename is encrypted, it will result in a significantly
660 * longer name. If needed, truncate the name after decode and decrypt.
661 */
662 if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)
663 lower_bufsiz = PATH_MAX;
664 else
665 lower_bufsiz = bufsiz;
652 /* Released in this function */ 666 /* Released in this function */
653 lower_buf = kmalloc(bufsiz, GFP_KERNEL); 667 lower_buf = kmalloc(lower_bufsiz, GFP_KERNEL);
654 if (lower_buf == NULL) { 668 if (lower_buf == NULL) {
655 printk(KERN_ERR "%s: Out of memory whilst attempting to " 669 printk(KERN_ERR "%s: Out of memory whilst attempting to "
656 "kmalloc [%d] bytes\n", __func__, bufsiz); 670 "kmalloc [%zd] bytes\n", __func__, lower_bufsiz);
657 rc = -ENOMEM; 671 rc = -ENOMEM;
658 goto out; 672 goto out;
659 } 673 }
@@ -661,7 +675,7 @@ ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
661 set_fs(get_ds()); 675 set_fs(get_ds());
662 rc = lower_dentry->d_inode->i_op->readlink(lower_dentry, 676 rc = lower_dentry->d_inode->i_op->readlink(lower_dentry,
663 (char __user *)lower_buf, 677 (char __user *)lower_buf,
664 bufsiz); 678 lower_bufsiz);
665 set_fs(old_fs); 679 set_fs(old_fs);
666 if (rc >= 0) { 680 if (rc >= 0) {
667 rc = ecryptfs_decode_and_decrypt_filename(&plaintext_name, 681 rc = ecryptfs_decode_and_decrypt_filename(&plaintext_name,
@@ -674,7 +688,9 @@ ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
674 rc); 688 rc);
675 goto out_free_lower_buf; 689 goto out_free_lower_buf;
676 } 690 }
677 rc = copy_to_user(buf, plaintext_name, plaintext_name_size); 691 /* Check for bufsiz <= 0 done in sys_readlinkat() */
692 rc = copy_to_user(buf, plaintext_name,
693 min((size_t) bufsiz, plaintext_name_size));
678 if (rc) 694 if (rc)
679 rc = -EFAULT; 695 rc = -EFAULT;
680 else 696 else
@@ -814,6 +830,13 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
814 size_t num_zeros = (PAGE_CACHE_SIZE 830 size_t num_zeros = (PAGE_CACHE_SIZE
815 - (new_length & ~PAGE_CACHE_MASK)); 831 - (new_length & ~PAGE_CACHE_MASK));
816 832
833 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
834 rc = vmtruncate(inode, new_length);
835 if (rc)
836 goto out_free;
837 rc = vmtruncate(lower_dentry->d_inode, new_length);
838 goto out_free;
839 }
817 if (num_zeros) { 840 if (num_zeros) {
818 char *zeros_virt; 841 char *zeros_virt;
819 842
@@ -915,8 +938,6 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
915 } 938 }
916 rc = 0; 939 rc = 0;
917 crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED); 940 crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
918 mutex_unlock(&crypt_stat->cs_mutex);
919 goto out;
920 } 941 }
921 } 942 }
922 mutex_unlock(&crypt_stat->cs_mutex); 943 mutex_unlock(&crypt_stat->cs_mutex);
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index aed56c25539b..ccabd5faa04d 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -190,14 +190,14 @@ int ecryptfs_interpose(struct dentry *lower_dentry, struct dentry *dentry,
190 init_special_inode(inode, lower_inode->i_mode, 190 init_special_inode(inode, lower_inode->i_mode,
191 lower_inode->i_rdev); 191 lower_inode->i_rdev);
192 dentry->d_op = &ecryptfs_dops; 192 dentry->d_op = &ecryptfs_dops;
193 if (flags & ECRYPTFS_INTERPOSE_FLAG_D_ADD)
194 d_add(dentry, inode);
195 else
196 d_instantiate(dentry, inode);
197 fsstack_copy_attr_all(inode, lower_inode, NULL); 193 fsstack_copy_attr_all(inode, lower_inode, NULL);
198 /* This size will be overwritten for real files w/ headers and 194 /* This size will be overwritten for real files w/ headers and
199 * other metadata */ 195 * other metadata */
200 fsstack_copy_inode_size(inode, lower_inode); 196 fsstack_copy_inode_size(inode, lower_inode);
197 if (flags & ECRYPTFS_INTERPOSE_FLAG_D_ADD)
198 d_add(dentry, inode);
199 else
200 d_instantiate(dentry, inode);
201out: 201out:
202 return rc; 202 return rc;
203} 203}
@@ -208,7 +208,7 @@ enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig,
208 ecryptfs_opt_passthrough, ecryptfs_opt_xattr_metadata, 208 ecryptfs_opt_passthrough, ecryptfs_opt_xattr_metadata,
209 ecryptfs_opt_encrypted_view, ecryptfs_opt_fnek_sig, 209 ecryptfs_opt_encrypted_view, ecryptfs_opt_fnek_sig,
210 ecryptfs_opt_fn_cipher, ecryptfs_opt_fn_cipher_key_bytes, 210 ecryptfs_opt_fn_cipher, ecryptfs_opt_fn_cipher_key_bytes,
211 ecryptfs_opt_err }; 211 ecryptfs_opt_unlink_sigs, ecryptfs_opt_err };
212 212
213static const match_table_t tokens = { 213static const match_table_t tokens = {
214 {ecryptfs_opt_sig, "sig=%s"}, 214 {ecryptfs_opt_sig, "sig=%s"},
@@ -222,6 +222,7 @@ static const match_table_t tokens = {
222 {ecryptfs_opt_fnek_sig, "ecryptfs_fnek_sig=%s"}, 222 {ecryptfs_opt_fnek_sig, "ecryptfs_fnek_sig=%s"},
223 {ecryptfs_opt_fn_cipher, "ecryptfs_fn_cipher=%s"}, 223 {ecryptfs_opt_fn_cipher, "ecryptfs_fn_cipher=%s"},
224 {ecryptfs_opt_fn_cipher_key_bytes, "ecryptfs_fn_key_bytes=%u"}, 224 {ecryptfs_opt_fn_cipher_key_bytes, "ecryptfs_fn_key_bytes=%u"},
225 {ecryptfs_opt_unlink_sigs, "ecryptfs_unlink_sigs"},
225 {ecryptfs_opt_err, NULL} 226 {ecryptfs_opt_err, NULL}
226}; 227};
227 228
@@ -402,6 +403,9 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options)
402 fn_cipher_key_bytes; 403 fn_cipher_key_bytes;
403 fn_cipher_key_bytes_set = 1; 404 fn_cipher_key_bytes_set = 1;
404 break; 405 break;
406 case ecryptfs_opt_unlink_sigs:
407 mount_crypt_stat->flags |= ECRYPTFS_UNLINK_SIGS;
408 break;
405 case ecryptfs_opt_err: 409 case ecryptfs_opt_err:
406 default: 410 default:
407 printk(KERN_WARNING 411 printk(KERN_WARNING
diff --git a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c
index 295e7fa56755..f1c17e87c5fb 100644
--- a/fs/ecryptfs/messaging.c
+++ b/fs/ecryptfs/messaging.c
@@ -133,45 +133,6 @@ out:
133 return rc; 133 return rc;
134} 134}
135 135
136static int
137ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type,
138 struct ecryptfs_msg_ctx **msg_ctx);
139
140/**
141 * ecryptfs_send_raw_message
142 * @msg_type: Message type
143 * @daemon: Daemon struct for recipient of message
144 *
145 * A raw message is one that does not include an ecryptfs_message
146 * struct. It simply has a type.
147 *
148 * Must be called with ecryptfs_daemon_hash_mux held.
149 *
150 * Returns zero on success; non-zero otherwise
151 */
152static int ecryptfs_send_raw_message(u8 msg_type,
153 struct ecryptfs_daemon *daemon)
154{
155 struct ecryptfs_msg_ctx *msg_ctx;
156 int rc;
157
158 rc = ecryptfs_send_message_locked(NULL, 0, msg_type, &msg_ctx);
159 if (rc) {
160 printk(KERN_ERR "%s: Error whilst attempting to send "
161 "message to ecryptfsd; rc = [%d]\n", __func__, rc);
162 goto out;
163 }
164 /* Raw messages are logically context-free (e.g., no
165 * reply is expected), so we set the state of the
166 * ecryptfs_msg_ctx object to indicate that it should
167 * be freed as soon as the message is sent. */
168 mutex_lock(&msg_ctx->mux);
169 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_NO_REPLY;
170 mutex_unlock(&msg_ctx->mux);
171out:
172 return rc;
173}
174
175/** 136/**
176 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct 137 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct
177 * @daemon: Pointer to set to newly allocated daemon struct 138 * @daemon: Pointer to set to newly allocated daemon struct
@@ -212,49 +173,6 @@ out:
212} 173}
213 174
214/** 175/**
215 * ecryptfs_process_helo
216 * @euid: The user ID owner of the message
217 * @user_ns: The namespace in which @euid applies
218 * @pid: The process ID for the userspace program that sent the
219 * message
220 *
221 * Adds the euid and pid values to the daemon euid hash. If an euid
222 * already has a daemon pid registered, the daemon will be
223 * unregistered before the new daemon is put into the hash list.
224 * Returns zero after adding a new daemon to the hash list;
225 * non-zero otherwise.
226 */
227int ecryptfs_process_helo(uid_t euid, struct user_namespace *user_ns,
228 struct pid *pid)
229{
230 struct ecryptfs_daemon *new_daemon;
231 struct ecryptfs_daemon *old_daemon;
232 int rc;
233
234 mutex_lock(&ecryptfs_daemon_hash_mux);
235 rc = ecryptfs_find_daemon_by_euid(&old_daemon, euid, user_ns);
236 if (rc != 0) {
237 printk(KERN_WARNING "Received request from user [%d] "
238 "to register daemon [0x%p]; unregistering daemon "
239 "[0x%p]\n", euid, pid, old_daemon->pid);
240 rc = ecryptfs_send_raw_message(ECRYPTFS_MSG_QUIT, old_daemon);
241 if (rc)
242 printk(KERN_WARNING "Failed to send QUIT "
243 "message to daemon [0x%p]; rc = [%d]\n",
244 old_daemon->pid, rc);
245 hlist_del(&old_daemon->euid_chain);
246 kfree(old_daemon);
247 }
248 rc = ecryptfs_spawn_daemon(&new_daemon, euid, user_ns, pid);
249 if (rc)
250 printk(KERN_ERR "%s: The gods are displeased with this attempt "
251 "to create a new daemon object for euid [%d]; pid "
252 "[0x%p]; rc = [%d]\n", __func__, euid, pid, rc);
253 mutex_unlock(&ecryptfs_daemon_hash_mux);
254 return rc;
255}
256
257/**
258 * ecryptfs_exorcise_daemon - Destroy the daemon struct 176 * ecryptfs_exorcise_daemon - Destroy the daemon struct
259 * 177 *
260 * Must be called ceremoniously while in possession of 178 * Must be called ceremoniously while in possession of
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c
index a67fea655f49..4ec8f61ccf5a 100644
--- a/fs/ecryptfs/miscdev.c
+++ b/fs/ecryptfs/miscdev.c
@@ -193,26 +193,20 @@ int ecryptfs_send_miscdev(char *data, size_t data_size,
193 int rc = 0; 193 int rc = 0;
194 194
195 mutex_lock(&msg_ctx->mux); 195 mutex_lock(&msg_ctx->mux);
196 if (data) { 196 msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size),
197 msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size), 197 GFP_KERNEL);
198 GFP_KERNEL); 198 if (!msg_ctx->msg) {
199 if (!msg_ctx->msg) { 199 rc = -ENOMEM;
200 rc = -ENOMEM; 200 printk(KERN_ERR "%s: Out of memory whilst attempting "
201 printk(KERN_ERR "%s: Out of memory whilst attempting " 201 "to kmalloc(%zd, GFP_KERNEL)\n", __func__,
202 "to kmalloc(%zd, GFP_KERNEL)\n", __func__, 202 (sizeof(*msg_ctx->msg) + data_size));
203 (sizeof(*msg_ctx->msg) + data_size)); 203 goto out_unlock;
204 goto out_unlock; 204 }
205 }
206 } else
207 msg_ctx->msg = NULL;
208 msg_ctx->msg->index = msg_ctx->index; 205 msg_ctx->msg->index = msg_ctx->index;
209 msg_ctx->msg->data_len = data_size; 206 msg_ctx->msg->data_len = data_size;
210 msg_ctx->type = msg_type; 207 msg_ctx->type = msg_type;
211 if (data) { 208 memcpy(msg_ctx->msg->data, data, data_size);
212 memcpy(msg_ctx->msg->data, data, data_size); 209 msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size);
213 msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size);
214 } else
215 msg_ctx->msg_size = 0;
216 mutex_lock(&daemon->mux); 210 mutex_lock(&daemon->mux);
217 list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); 211 list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue);
218 daemon->num_queued_msg_ctx++; 212 daemon->num_queued_msg_ctx++;
@@ -418,18 +412,13 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf,
418 412
419 if (count == 0) 413 if (count == 0)
420 goto out; 414 goto out;
421 data = kmalloc(count, GFP_KERNEL); 415
422 if (!data) { 416 data = memdup_user(buf, count);
423 printk(KERN_ERR "%s: Out of memory whilst attempting to " 417 if (IS_ERR(data)) {
424 "kmalloc([%zd], GFP_KERNEL)\n", __func__, count); 418 printk(KERN_ERR "%s: memdup_user returned error [%ld]\n",
419 __func__, PTR_ERR(data));
425 goto out; 420 goto out;
426 } 421 }
427 rc = copy_from_user(data, buf, count);
428 if (rc) {
429 printk(KERN_ERR "%s: copy_from_user returned error [%d]\n",
430 __func__, rc);
431 goto out_free;
432 }
433 sz = count; 422 sz = count;
434 i = 0; 423 i = 0;
435 switch (data[i++]) { 424 switch (data[i++]) {
diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c
index 46cec2b69796..5c6bab9786e3 100644
--- a/fs/ecryptfs/mmap.c
+++ b/fs/ecryptfs/mmap.c
@@ -449,6 +449,7 @@ int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode)
449 struct ecryptfs_crypt_stat *crypt_stat; 449 struct ecryptfs_crypt_stat *crypt_stat;
450 450
451 crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; 451 crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
452 BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
452 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) 453 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
453 return ecryptfs_write_inode_size_to_xattr(ecryptfs_inode); 454 return ecryptfs_write_inode_size_to_xattr(ecryptfs_inode);
454 else 455 else
@@ -490,6 +491,16 @@ static int ecryptfs_write_end(struct file *file,
490 ecryptfs_printk(KERN_DEBUG, "Not a new file\n"); 491 ecryptfs_printk(KERN_DEBUG, "Not a new file\n");
491 ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page" 492 ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page"
492 "(page w/ index = [0x%.16x], to = [%d])\n", index, to); 493 "(page w/ index = [0x%.16x], to = [%d])\n", index, to);
494 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
495 rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, 0,
496 to);
497 if (!rc) {
498 rc = copied;
499 fsstack_copy_inode_size(ecryptfs_inode,
500 ecryptfs_inode_to_lower(ecryptfs_inode));
501 }
502 goto out;
503 }
493 /* Fills in zeros if 'to' goes beyond inode size */ 504 /* Fills in zeros if 'to' goes beyond inode size */
494 rc = fill_zeros_to_end_of_page(page, to); 505 rc = fill_zeros_to_end_of_page(page, to);
495 if (rc) { 506 if (rc) {
diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c
index 75c2ea9fee35..a137c6ea2fee 100644
--- a/fs/ecryptfs/read_write.c
+++ b/fs/ecryptfs/read_write.c
@@ -117,13 +117,15 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset,
117 size_t size) 117 size_t size)
118{ 118{
119 struct page *ecryptfs_page; 119 struct page *ecryptfs_page;
120 struct ecryptfs_crypt_stat *crypt_stat;
121 struct inode *ecryptfs_inode = ecryptfs_file->f_dentry->d_inode;
120 char *ecryptfs_page_virt; 122 char *ecryptfs_page_virt;
121 loff_t ecryptfs_file_size = 123 loff_t ecryptfs_file_size = i_size_read(ecryptfs_inode);
122 i_size_read(ecryptfs_file->f_dentry->d_inode);
123 loff_t data_offset = 0; 124 loff_t data_offset = 0;
124 loff_t pos; 125 loff_t pos;
125 int rc = 0; 126 int rc = 0;
126 127
128 crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
127 /* 129 /*
128 * if we are writing beyond current size, then start pos 130 * if we are writing beyond current size, then start pos
129 * at the current size - we'll fill in zeros from there. 131 * at the current size - we'll fill in zeros from there.
@@ -184,7 +186,13 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset,
184 flush_dcache_page(ecryptfs_page); 186 flush_dcache_page(ecryptfs_page);
185 SetPageUptodate(ecryptfs_page); 187 SetPageUptodate(ecryptfs_page);
186 unlock_page(ecryptfs_page); 188 unlock_page(ecryptfs_page);
187 rc = ecryptfs_encrypt_page(ecryptfs_page); 189 if (crypt_stat->flags & ECRYPTFS_ENCRYPTED)
190 rc = ecryptfs_encrypt_page(ecryptfs_page);
191 else
192 rc = ecryptfs_write_lower_page_segment(ecryptfs_inode,
193 ecryptfs_page,
194 start_offset_in_page,
195 data_offset);
188 page_cache_release(ecryptfs_page); 196 page_cache_release(ecryptfs_page);
189 if (rc) { 197 if (rc) {
190 printk(KERN_ERR "%s: Error encrypting " 198 printk(KERN_ERR "%s: Error encrypting "
@@ -194,14 +202,16 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset,
194 pos += num_bytes; 202 pos += num_bytes;
195 } 203 }
196 if ((offset + size) > ecryptfs_file_size) { 204 if ((offset + size) > ecryptfs_file_size) {
197 i_size_write(ecryptfs_file->f_dentry->d_inode, (offset + size)); 205 i_size_write(ecryptfs_inode, (offset + size));
198 rc = ecryptfs_write_inode_size_to_metadata( 206 if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) {
199 ecryptfs_file->f_dentry->d_inode); 207 rc = ecryptfs_write_inode_size_to_metadata(
200 if (rc) { 208 ecryptfs_inode);
201 printk(KERN_ERR "Problem with " 209 if (rc) {
202 "ecryptfs_write_inode_size_to_metadata; " 210 printk(KERN_ERR "Problem with "
203 "rc = [%d]\n", rc); 211 "ecryptfs_write_inode_size_to_metadata; "
204 goto out; 212 "rc = [%d]\n", rc);
213 goto out;
214 }
205 } 215 }
206 } 216 }
207out: 217out:
diff --git a/fs/ecryptfs/super.c b/fs/ecryptfs/super.c
index c27ac2b358a1..fa4c7e7d15d9 100644
--- a/fs/ecryptfs/super.c
+++ b/fs/ecryptfs/super.c
@@ -170,7 +170,10 @@ static int ecryptfs_show_options(struct seq_file *m, struct vfsmount *mnt)
170 list_for_each_entry(walker, 170 list_for_each_entry(walker,
171 &mount_crypt_stat->global_auth_tok_list, 171 &mount_crypt_stat->global_auth_tok_list,
172 mount_crypt_stat_list) { 172 mount_crypt_stat_list) {
173 seq_printf(m, ",ecryptfs_sig=%s", walker->sig); 173 if (walker->flags & ECRYPTFS_AUTH_TOK_FNEK)
174 seq_printf(m, ",ecryptfs_fnek_sig=%s", walker->sig);
175 else
176 seq_printf(m, ",ecryptfs_sig=%s", walker->sig);
174 } 177 }
175 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 178 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
176 179
@@ -186,6 +189,8 @@ static int ecryptfs_show_options(struct seq_file *m, struct vfsmount *mnt)
186 seq_printf(m, ",ecryptfs_xattr_metadata"); 189 seq_printf(m, ",ecryptfs_xattr_metadata");
187 if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) 190 if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
188 seq_printf(m, ",ecryptfs_encrypted_view"); 191 seq_printf(m, ",ecryptfs_encrypted_view");
192 if (mount_crypt_stat->flags & ECRYPTFS_UNLINK_SIGS)
193 seq_printf(m, ",ecryptfs_unlink_sigs");
189 194
190 return 0; 195 return 0;
191} 196}