diff options
Diffstat (limited to 'fs/ecryptfs')
-rw-r--r-- | fs/ecryptfs/crypto.c | 21 | ||||
-rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 1 | ||||
-rw-r--r-- | fs/ecryptfs/inode.c | 37 | ||||
-rw-r--r-- | fs/ecryptfs/main.c | 14 | ||||
-rw-r--r-- | fs/ecryptfs/messaging.c | 82 | ||||
-rw-r--r-- | fs/ecryptfs/miscdev.c | 43 | ||||
-rw-r--r-- | fs/ecryptfs/mmap.c | 11 | ||||
-rw-r--r-- | fs/ecryptfs/read_write.c | 32 | ||||
-rw-r--r-- | fs/ecryptfs/super.c | 7 |
9 files changed, 95 insertions, 153 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 8b65f289ee00..b91851f1cda3 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
@@ -483,15 +483,7 @@ int ecryptfs_encrypt_page(struct page *page) | |||
483 | ecryptfs_inode = page->mapping->host; | 483 | ecryptfs_inode = page->mapping->host; |
484 | crypt_stat = | 484 | crypt_stat = |
485 | &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); | 485 | &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); |
486 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { | 486 | BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); |
487 | rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, | ||
488 | 0, PAGE_CACHE_SIZE); | ||
489 | if (rc) | ||
490 | printk(KERN_ERR "%s: Error attempting to copy " | ||
491 | "page at index [%ld]\n", __func__, | ||
492 | page->index); | ||
493 | goto out; | ||
494 | } | ||
495 | enc_extent_page = alloc_page(GFP_USER); | 487 | enc_extent_page = alloc_page(GFP_USER); |
496 | if (!enc_extent_page) { | 488 | if (!enc_extent_page) { |
497 | rc = -ENOMEM; | 489 | rc = -ENOMEM; |
@@ -620,16 +612,7 @@ int ecryptfs_decrypt_page(struct page *page) | |||
620 | ecryptfs_inode = page->mapping->host; | 612 | ecryptfs_inode = page->mapping->host; |
621 | crypt_stat = | 613 | crypt_stat = |
622 | &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); | 614 | &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); |
623 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { | 615 | BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); |
624 | rc = ecryptfs_read_lower_page_segment(page, page->index, 0, | ||
625 | PAGE_CACHE_SIZE, | ||
626 | ecryptfs_inode); | ||
627 | if (rc) | ||
628 | printk(KERN_ERR "%s: Error attempting to copy " | ||
629 | "page at index [%ld]\n", __func__, | ||
630 | page->index); | ||
631 | goto out; | ||
632 | } | ||
633 | enc_extent_page = alloc_page(GFP_USER); | 616 | enc_extent_page = alloc_page(GFP_USER); |
634 | if (!enc_extent_page) { | 617 | if (!enc_extent_page) { |
635 | rc = -ENOMEM; | 618 | rc = -ENOMEM; |
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index 064c5820e4e5..00b30a2d5466 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h | |||
@@ -269,6 +269,7 @@ struct ecryptfs_crypt_stat { | |||
269 | #define ECRYPTFS_ENCRYPT_FILENAMES 0x00000800 | 269 | #define ECRYPTFS_ENCRYPT_FILENAMES 0x00000800 |
270 | #define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00001000 | 270 | #define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00001000 |
271 | #define ECRYPTFS_ENCFN_USE_FEK 0x00002000 | 271 | #define ECRYPTFS_ENCFN_USE_FEK 0x00002000 |
272 | #define ECRYPTFS_UNLINK_SIGS 0x00004000 | ||
272 | u32 flags; | 273 | u32 flags; |
273 | unsigned int file_version; | 274 | unsigned int file_version; |
274 | size_t iv_bytes; | 275 | size_t iv_bytes; |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 55b3145b8072..2f0945d63297 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c | |||
@@ -379,9 +379,11 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
379 | goto out_d_drop; | 379 | goto out_d_drop; |
380 | } | 380 | } |
381 | lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent); | 381 | lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent); |
382 | mutex_lock(&lower_dir_dentry->d_inode->i_mutex); | ||
382 | lower_dentry = lookup_one_len(ecryptfs_dentry->d_name.name, | 383 | lower_dentry = lookup_one_len(ecryptfs_dentry->d_name.name, |
383 | lower_dir_dentry, | 384 | lower_dir_dentry, |
384 | ecryptfs_dentry->d_name.len); | 385 | ecryptfs_dentry->d_name.len); |
386 | mutex_unlock(&lower_dir_dentry->d_inode->i_mutex); | ||
385 | if (IS_ERR(lower_dentry)) { | 387 | if (IS_ERR(lower_dentry)) { |
386 | rc = PTR_ERR(lower_dentry); | 388 | rc = PTR_ERR(lower_dentry); |
387 | printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " | 389 | printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " |
@@ -406,9 +408,11 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
406 | "filename; rc = [%d]\n", __func__, rc); | 408 | "filename; rc = [%d]\n", __func__, rc); |
407 | goto out_d_drop; | 409 | goto out_d_drop; |
408 | } | 410 | } |
411 | mutex_lock(&lower_dir_dentry->d_inode->i_mutex); | ||
409 | lower_dentry = lookup_one_len(encrypted_and_encoded_name, | 412 | lower_dentry = lookup_one_len(encrypted_and_encoded_name, |
410 | lower_dir_dentry, | 413 | lower_dir_dentry, |
411 | encrypted_and_encoded_name_size - 1); | 414 | encrypted_and_encoded_name_size - 1); |
415 | mutex_unlock(&lower_dir_dentry->d_inode->i_mutex); | ||
412 | if (IS_ERR(lower_dentry)) { | 416 | if (IS_ERR(lower_dentry)) { |
413 | rc = PTR_ERR(lower_dentry); | 417 | rc = PTR_ERR(lower_dentry); |
414 | printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " | 418 | printk(KERN_ERR "%s: lookup_one_len() returned [%d] on " |
@@ -636,8 +640,9 @@ static int | |||
636 | ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) | 640 | ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) |
637 | { | 641 | { |
638 | char *lower_buf; | 642 | char *lower_buf; |
643 | size_t lower_bufsiz; | ||
639 | struct dentry *lower_dentry; | 644 | struct dentry *lower_dentry; |
640 | struct ecryptfs_crypt_stat *crypt_stat; | 645 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; |
641 | char *plaintext_name; | 646 | char *plaintext_name; |
642 | size_t plaintext_name_size; | 647 | size_t plaintext_name_size; |
643 | mm_segment_t old_fs; | 648 | mm_segment_t old_fs; |
@@ -648,12 +653,21 @@ ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) | |||
648 | rc = -EINVAL; | 653 | rc = -EINVAL; |
649 | goto out; | 654 | goto out; |
650 | } | 655 | } |
651 | crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; | 656 | mount_crypt_stat = &ecryptfs_superblock_to_private( |
657 | dentry->d_sb)->mount_crypt_stat; | ||
658 | /* | ||
659 | * If the lower filename is encrypted, it will result in a significantly | ||
660 | * longer name. If needed, truncate the name after decode and decrypt. | ||
661 | */ | ||
662 | if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) | ||
663 | lower_bufsiz = PATH_MAX; | ||
664 | else | ||
665 | lower_bufsiz = bufsiz; | ||
652 | /* Released in this function */ | 666 | /* Released in this function */ |
653 | lower_buf = kmalloc(bufsiz, GFP_KERNEL); | 667 | lower_buf = kmalloc(lower_bufsiz, GFP_KERNEL); |
654 | if (lower_buf == NULL) { | 668 | if (lower_buf == NULL) { |
655 | printk(KERN_ERR "%s: Out of memory whilst attempting to " | 669 | printk(KERN_ERR "%s: Out of memory whilst attempting to " |
656 | "kmalloc [%d] bytes\n", __func__, bufsiz); | 670 | "kmalloc [%zd] bytes\n", __func__, lower_bufsiz); |
657 | rc = -ENOMEM; | 671 | rc = -ENOMEM; |
658 | goto out; | 672 | goto out; |
659 | } | 673 | } |
@@ -661,7 +675,7 @@ ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) | |||
661 | set_fs(get_ds()); | 675 | set_fs(get_ds()); |
662 | rc = lower_dentry->d_inode->i_op->readlink(lower_dentry, | 676 | rc = lower_dentry->d_inode->i_op->readlink(lower_dentry, |
663 | (char __user *)lower_buf, | 677 | (char __user *)lower_buf, |
664 | bufsiz); | 678 | lower_bufsiz); |
665 | set_fs(old_fs); | 679 | set_fs(old_fs); |
666 | if (rc >= 0) { | 680 | if (rc >= 0) { |
667 | rc = ecryptfs_decode_and_decrypt_filename(&plaintext_name, | 681 | rc = ecryptfs_decode_and_decrypt_filename(&plaintext_name, |
@@ -674,7 +688,9 @@ ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) | |||
674 | rc); | 688 | rc); |
675 | goto out_free_lower_buf; | 689 | goto out_free_lower_buf; |
676 | } | 690 | } |
677 | rc = copy_to_user(buf, plaintext_name, plaintext_name_size); | 691 | /* Check for bufsiz <= 0 done in sys_readlinkat() */ |
692 | rc = copy_to_user(buf, plaintext_name, | ||
693 | min((size_t) bufsiz, plaintext_name_size)); | ||
678 | if (rc) | 694 | if (rc) |
679 | rc = -EFAULT; | 695 | rc = -EFAULT; |
680 | else | 696 | else |
@@ -814,6 +830,13 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) | |||
814 | size_t num_zeros = (PAGE_CACHE_SIZE | 830 | size_t num_zeros = (PAGE_CACHE_SIZE |
815 | - (new_length & ~PAGE_CACHE_MASK)); | 831 | - (new_length & ~PAGE_CACHE_MASK)); |
816 | 832 | ||
833 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { | ||
834 | rc = vmtruncate(inode, new_length); | ||
835 | if (rc) | ||
836 | goto out_free; | ||
837 | rc = vmtruncate(lower_dentry->d_inode, new_length); | ||
838 | goto out_free; | ||
839 | } | ||
817 | if (num_zeros) { | 840 | if (num_zeros) { |
818 | char *zeros_virt; | 841 | char *zeros_virt; |
819 | 842 | ||
@@ -915,8 +938,6 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) | |||
915 | } | 938 | } |
916 | rc = 0; | 939 | rc = 0; |
917 | crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED); | 940 | crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED); |
918 | mutex_unlock(&crypt_stat->cs_mutex); | ||
919 | goto out; | ||
920 | } | 941 | } |
921 | } | 942 | } |
922 | mutex_unlock(&crypt_stat->cs_mutex); | 943 | mutex_unlock(&crypt_stat->cs_mutex); |
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index aed56c25539b..ccabd5faa04d 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c | |||
@@ -190,14 +190,14 @@ int ecryptfs_interpose(struct dentry *lower_dentry, struct dentry *dentry, | |||
190 | init_special_inode(inode, lower_inode->i_mode, | 190 | init_special_inode(inode, lower_inode->i_mode, |
191 | lower_inode->i_rdev); | 191 | lower_inode->i_rdev); |
192 | dentry->d_op = &ecryptfs_dops; | 192 | dentry->d_op = &ecryptfs_dops; |
193 | if (flags & ECRYPTFS_INTERPOSE_FLAG_D_ADD) | ||
194 | d_add(dentry, inode); | ||
195 | else | ||
196 | d_instantiate(dentry, inode); | ||
197 | fsstack_copy_attr_all(inode, lower_inode, NULL); | 193 | fsstack_copy_attr_all(inode, lower_inode, NULL); |
198 | /* This size will be overwritten for real files w/ headers and | 194 | /* This size will be overwritten for real files w/ headers and |
199 | * other metadata */ | 195 | * other metadata */ |
200 | fsstack_copy_inode_size(inode, lower_inode); | 196 | fsstack_copy_inode_size(inode, lower_inode); |
197 | if (flags & ECRYPTFS_INTERPOSE_FLAG_D_ADD) | ||
198 | d_add(dentry, inode); | ||
199 | else | ||
200 | d_instantiate(dentry, inode); | ||
201 | out: | 201 | out: |
202 | return rc; | 202 | return rc; |
203 | } | 203 | } |
@@ -208,7 +208,7 @@ enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig, | |||
208 | ecryptfs_opt_passthrough, ecryptfs_opt_xattr_metadata, | 208 | ecryptfs_opt_passthrough, ecryptfs_opt_xattr_metadata, |
209 | ecryptfs_opt_encrypted_view, ecryptfs_opt_fnek_sig, | 209 | ecryptfs_opt_encrypted_view, ecryptfs_opt_fnek_sig, |
210 | ecryptfs_opt_fn_cipher, ecryptfs_opt_fn_cipher_key_bytes, | 210 | ecryptfs_opt_fn_cipher, ecryptfs_opt_fn_cipher_key_bytes, |
211 | ecryptfs_opt_err }; | 211 | ecryptfs_opt_unlink_sigs, ecryptfs_opt_err }; |
212 | 212 | ||
213 | static const match_table_t tokens = { | 213 | static const match_table_t tokens = { |
214 | {ecryptfs_opt_sig, "sig=%s"}, | 214 | {ecryptfs_opt_sig, "sig=%s"}, |
@@ -222,6 +222,7 @@ static const match_table_t tokens = { | |||
222 | {ecryptfs_opt_fnek_sig, "ecryptfs_fnek_sig=%s"}, | 222 | {ecryptfs_opt_fnek_sig, "ecryptfs_fnek_sig=%s"}, |
223 | {ecryptfs_opt_fn_cipher, "ecryptfs_fn_cipher=%s"}, | 223 | {ecryptfs_opt_fn_cipher, "ecryptfs_fn_cipher=%s"}, |
224 | {ecryptfs_opt_fn_cipher_key_bytes, "ecryptfs_fn_key_bytes=%u"}, | 224 | {ecryptfs_opt_fn_cipher_key_bytes, "ecryptfs_fn_key_bytes=%u"}, |
225 | {ecryptfs_opt_unlink_sigs, "ecryptfs_unlink_sigs"}, | ||
225 | {ecryptfs_opt_err, NULL} | 226 | {ecryptfs_opt_err, NULL} |
226 | }; | 227 | }; |
227 | 228 | ||
@@ -402,6 +403,9 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
402 | fn_cipher_key_bytes; | 403 | fn_cipher_key_bytes; |
403 | fn_cipher_key_bytes_set = 1; | 404 | fn_cipher_key_bytes_set = 1; |
404 | break; | 405 | break; |
406 | case ecryptfs_opt_unlink_sigs: | ||
407 | mount_crypt_stat->flags |= ECRYPTFS_UNLINK_SIGS; | ||
408 | break; | ||
405 | case ecryptfs_opt_err: | 409 | case ecryptfs_opt_err: |
406 | default: | 410 | default: |
407 | printk(KERN_WARNING | 411 | printk(KERN_WARNING |
diff --git a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c index 295e7fa56755..f1c17e87c5fb 100644 --- a/fs/ecryptfs/messaging.c +++ b/fs/ecryptfs/messaging.c | |||
@@ -133,45 +133,6 @@ out: | |||
133 | return rc; | 133 | return rc; |
134 | } | 134 | } |
135 | 135 | ||
136 | static int | ||
137 | ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type, | ||
138 | struct ecryptfs_msg_ctx **msg_ctx); | ||
139 | |||
140 | /** | ||
141 | * ecryptfs_send_raw_message | ||
142 | * @msg_type: Message type | ||
143 | * @daemon: Daemon struct for recipient of message | ||
144 | * | ||
145 | * A raw message is one that does not include an ecryptfs_message | ||
146 | * struct. It simply has a type. | ||
147 | * | ||
148 | * Must be called with ecryptfs_daemon_hash_mux held. | ||
149 | * | ||
150 | * Returns zero on success; non-zero otherwise | ||
151 | */ | ||
152 | static int ecryptfs_send_raw_message(u8 msg_type, | ||
153 | struct ecryptfs_daemon *daemon) | ||
154 | { | ||
155 | struct ecryptfs_msg_ctx *msg_ctx; | ||
156 | int rc; | ||
157 | |||
158 | rc = ecryptfs_send_message_locked(NULL, 0, msg_type, &msg_ctx); | ||
159 | if (rc) { | ||
160 | printk(KERN_ERR "%s: Error whilst attempting to send " | ||
161 | "message to ecryptfsd; rc = [%d]\n", __func__, rc); | ||
162 | goto out; | ||
163 | } | ||
164 | /* Raw messages are logically context-free (e.g., no | ||
165 | * reply is expected), so we set the state of the | ||
166 | * ecryptfs_msg_ctx object to indicate that it should | ||
167 | * be freed as soon as the message is sent. */ | ||
168 | mutex_lock(&msg_ctx->mux); | ||
169 | msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_NO_REPLY; | ||
170 | mutex_unlock(&msg_ctx->mux); | ||
171 | out: | ||
172 | return rc; | ||
173 | } | ||
174 | |||
175 | /** | 136 | /** |
176 | * ecryptfs_spawn_daemon - Create and initialize a new daemon struct | 137 | * ecryptfs_spawn_daemon - Create and initialize a new daemon struct |
177 | * @daemon: Pointer to set to newly allocated daemon struct | 138 | * @daemon: Pointer to set to newly allocated daemon struct |
@@ -212,49 +173,6 @@ out: | |||
212 | } | 173 | } |
213 | 174 | ||
214 | /** | 175 | /** |
215 | * ecryptfs_process_helo | ||
216 | * @euid: The user ID owner of the message | ||
217 | * @user_ns: The namespace in which @euid applies | ||
218 | * @pid: The process ID for the userspace program that sent the | ||
219 | * message | ||
220 | * | ||
221 | * Adds the euid and pid values to the daemon euid hash. If an euid | ||
222 | * already has a daemon pid registered, the daemon will be | ||
223 | * unregistered before the new daemon is put into the hash list. | ||
224 | * Returns zero after adding a new daemon to the hash list; | ||
225 | * non-zero otherwise. | ||
226 | */ | ||
227 | int ecryptfs_process_helo(uid_t euid, struct user_namespace *user_ns, | ||
228 | struct pid *pid) | ||
229 | { | ||
230 | struct ecryptfs_daemon *new_daemon; | ||
231 | struct ecryptfs_daemon *old_daemon; | ||
232 | int rc; | ||
233 | |||
234 | mutex_lock(&ecryptfs_daemon_hash_mux); | ||
235 | rc = ecryptfs_find_daemon_by_euid(&old_daemon, euid, user_ns); | ||
236 | if (rc != 0) { | ||
237 | printk(KERN_WARNING "Received request from user [%d] " | ||
238 | "to register daemon [0x%p]; unregistering daemon " | ||
239 | "[0x%p]\n", euid, pid, old_daemon->pid); | ||
240 | rc = ecryptfs_send_raw_message(ECRYPTFS_MSG_QUIT, old_daemon); | ||
241 | if (rc) | ||
242 | printk(KERN_WARNING "Failed to send QUIT " | ||
243 | "message to daemon [0x%p]; rc = [%d]\n", | ||
244 | old_daemon->pid, rc); | ||
245 | hlist_del(&old_daemon->euid_chain); | ||
246 | kfree(old_daemon); | ||
247 | } | ||
248 | rc = ecryptfs_spawn_daemon(&new_daemon, euid, user_ns, pid); | ||
249 | if (rc) | ||
250 | printk(KERN_ERR "%s: The gods are displeased with this attempt " | ||
251 | "to create a new daemon object for euid [%d]; pid " | ||
252 | "[0x%p]; rc = [%d]\n", __func__, euid, pid, rc); | ||
253 | mutex_unlock(&ecryptfs_daemon_hash_mux); | ||
254 | return rc; | ||
255 | } | ||
256 | |||
257 | /** | ||
258 | * ecryptfs_exorcise_daemon - Destroy the daemon struct | 176 | * ecryptfs_exorcise_daemon - Destroy the daemon struct |
259 | * | 177 | * |
260 | * Must be called ceremoniously while in possession of | 178 | * Must be called ceremoniously while in possession of |
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c index a67fea655f49..4ec8f61ccf5a 100644 --- a/fs/ecryptfs/miscdev.c +++ b/fs/ecryptfs/miscdev.c | |||
@@ -193,26 +193,20 @@ int ecryptfs_send_miscdev(char *data, size_t data_size, | |||
193 | int rc = 0; | 193 | int rc = 0; |
194 | 194 | ||
195 | mutex_lock(&msg_ctx->mux); | 195 | mutex_lock(&msg_ctx->mux); |
196 | if (data) { | 196 | msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size), |
197 | msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size), | 197 | GFP_KERNEL); |
198 | GFP_KERNEL); | 198 | if (!msg_ctx->msg) { |
199 | if (!msg_ctx->msg) { | 199 | rc = -ENOMEM; |
200 | rc = -ENOMEM; | 200 | printk(KERN_ERR "%s: Out of memory whilst attempting " |
201 | printk(KERN_ERR "%s: Out of memory whilst attempting " | 201 | "to kmalloc(%zd, GFP_KERNEL)\n", __func__, |
202 | "to kmalloc(%zd, GFP_KERNEL)\n", __func__, | 202 | (sizeof(*msg_ctx->msg) + data_size)); |
203 | (sizeof(*msg_ctx->msg) + data_size)); | 203 | goto out_unlock; |
204 | goto out_unlock; | 204 | } |
205 | } | ||
206 | } else | ||
207 | msg_ctx->msg = NULL; | ||
208 | msg_ctx->msg->index = msg_ctx->index; | 205 | msg_ctx->msg->index = msg_ctx->index; |
209 | msg_ctx->msg->data_len = data_size; | 206 | msg_ctx->msg->data_len = data_size; |
210 | msg_ctx->type = msg_type; | 207 | msg_ctx->type = msg_type; |
211 | if (data) { | 208 | memcpy(msg_ctx->msg->data, data, data_size); |
212 | memcpy(msg_ctx->msg->data, data, data_size); | 209 | msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); |
213 | msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); | ||
214 | } else | ||
215 | msg_ctx->msg_size = 0; | ||
216 | mutex_lock(&daemon->mux); | 210 | mutex_lock(&daemon->mux); |
217 | list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); | 211 | list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); |
218 | daemon->num_queued_msg_ctx++; | 212 | daemon->num_queued_msg_ctx++; |
@@ -418,18 +412,13 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, | |||
418 | 412 | ||
419 | if (count == 0) | 413 | if (count == 0) |
420 | goto out; | 414 | goto out; |
421 | data = kmalloc(count, GFP_KERNEL); | 415 | |
422 | if (!data) { | 416 | data = memdup_user(buf, count); |
423 | printk(KERN_ERR "%s: Out of memory whilst attempting to " | 417 | if (IS_ERR(data)) { |
424 | "kmalloc([%zd], GFP_KERNEL)\n", __func__, count); | 418 | printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", |
419 | __func__, PTR_ERR(data)); | ||
425 | goto out; | 420 | goto out; |
426 | } | 421 | } |
427 | rc = copy_from_user(data, buf, count); | ||
428 | if (rc) { | ||
429 | printk(KERN_ERR "%s: copy_from_user returned error [%d]\n", | ||
430 | __func__, rc); | ||
431 | goto out_free; | ||
432 | } | ||
433 | sz = count; | 422 | sz = count; |
434 | i = 0; | 423 | i = 0; |
435 | switch (data[i++]) { | 424 | switch (data[i++]) { |
diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c index 46cec2b69796..5c6bab9786e3 100644 --- a/fs/ecryptfs/mmap.c +++ b/fs/ecryptfs/mmap.c | |||
@@ -449,6 +449,7 @@ int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode) | |||
449 | struct ecryptfs_crypt_stat *crypt_stat; | 449 | struct ecryptfs_crypt_stat *crypt_stat; |
450 | 450 | ||
451 | crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; | 451 | crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; |
452 | BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); | ||
452 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) | 453 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
453 | return ecryptfs_write_inode_size_to_xattr(ecryptfs_inode); | 454 | return ecryptfs_write_inode_size_to_xattr(ecryptfs_inode); |
454 | else | 455 | else |
@@ -490,6 +491,16 @@ static int ecryptfs_write_end(struct file *file, | |||
490 | ecryptfs_printk(KERN_DEBUG, "Not a new file\n"); | 491 | ecryptfs_printk(KERN_DEBUG, "Not a new file\n"); |
491 | ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page" | 492 | ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page" |
492 | "(page w/ index = [0x%.16x], to = [%d])\n", index, to); | 493 | "(page w/ index = [0x%.16x], to = [%d])\n", index, to); |
494 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { | ||
495 | rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, 0, | ||
496 | to); | ||
497 | if (!rc) { | ||
498 | rc = copied; | ||
499 | fsstack_copy_inode_size(ecryptfs_inode, | ||
500 | ecryptfs_inode_to_lower(ecryptfs_inode)); | ||
501 | } | ||
502 | goto out; | ||
503 | } | ||
493 | /* Fills in zeros if 'to' goes beyond inode size */ | 504 | /* Fills in zeros if 'to' goes beyond inode size */ |
494 | rc = fill_zeros_to_end_of_page(page, to); | 505 | rc = fill_zeros_to_end_of_page(page, to); |
495 | if (rc) { | 506 | if (rc) { |
diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c index 75c2ea9fee35..a137c6ea2fee 100644 --- a/fs/ecryptfs/read_write.c +++ b/fs/ecryptfs/read_write.c | |||
@@ -117,13 +117,15 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, | |||
117 | size_t size) | 117 | size_t size) |
118 | { | 118 | { |
119 | struct page *ecryptfs_page; | 119 | struct page *ecryptfs_page; |
120 | struct ecryptfs_crypt_stat *crypt_stat; | ||
121 | struct inode *ecryptfs_inode = ecryptfs_file->f_dentry->d_inode; | ||
120 | char *ecryptfs_page_virt; | 122 | char *ecryptfs_page_virt; |
121 | loff_t ecryptfs_file_size = | 123 | loff_t ecryptfs_file_size = i_size_read(ecryptfs_inode); |
122 | i_size_read(ecryptfs_file->f_dentry->d_inode); | ||
123 | loff_t data_offset = 0; | 124 | loff_t data_offset = 0; |
124 | loff_t pos; | 125 | loff_t pos; |
125 | int rc = 0; | 126 | int rc = 0; |
126 | 127 | ||
128 | crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; | ||
127 | /* | 129 | /* |
128 | * if we are writing beyond current size, then start pos | 130 | * if we are writing beyond current size, then start pos |
129 | * at the current size - we'll fill in zeros from there. | 131 | * at the current size - we'll fill in zeros from there. |
@@ -184,7 +186,13 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, | |||
184 | flush_dcache_page(ecryptfs_page); | 186 | flush_dcache_page(ecryptfs_page); |
185 | SetPageUptodate(ecryptfs_page); | 187 | SetPageUptodate(ecryptfs_page); |
186 | unlock_page(ecryptfs_page); | 188 | unlock_page(ecryptfs_page); |
187 | rc = ecryptfs_encrypt_page(ecryptfs_page); | 189 | if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) |
190 | rc = ecryptfs_encrypt_page(ecryptfs_page); | ||
191 | else | ||
192 | rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, | ||
193 | ecryptfs_page, | ||
194 | start_offset_in_page, | ||
195 | data_offset); | ||
188 | page_cache_release(ecryptfs_page); | 196 | page_cache_release(ecryptfs_page); |
189 | if (rc) { | 197 | if (rc) { |
190 | printk(KERN_ERR "%s: Error encrypting " | 198 | printk(KERN_ERR "%s: Error encrypting " |
@@ -194,14 +202,16 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, | |||
194 | pos += num_bytes; | 202 | pos += num_bytes; |
195 | } | 203 | } |
196 | if ((offset + size) > ecryptfs_file_size) { | 204 | if ((offset + size) > ecryptfs_file_size) { |
197 | i_size_write(ecryptfs_file->f_dentry->d_inode, (offset + size)); | 205 | i_size_write(ecryptfs_inode, (offset + size)); |
198 | rc = ecryptfs_write_inode_size_to_metadata( | 206 | if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) { |
199 | ecryptfs_file->f_dentry->d_inode); | 207 | rc = ecryptfs_write_inode_size_to_metadata( |
200 | if (rc) { | 208 | ecryptfs_inode); |
201 | printk(KERN_ERR "Problem with " | 209 | if (rc) { |
202 | "ecryptfs_write_inode_size_to_metadata; " | 210 | printk(KERN_ERR "Problem with " |
203 | "rc = [%d]\n", rc); | 211 | "ecryptfs_write_inode_size_to_metadata; " |
204 | goto out; | 212 | "rc = [%d]\n", rc); |
213 | goto out; | ||
214 | } | ||
205 | } | 215 | } |
206 | } | 216 | } |
207 | out: | 217 | out: |
diff --git a/fs/ecryptfs/super.c b/fs/ecryptfs/super.c index c27ac2b358a1..fa4c7e7d15d9 100644 --- a/fs/ecryptfs/super.c +++ b/fs/ecryptfs/super.c | |||
@@ -170,7 +170,10 @@ static int ecryptfs_show_options(struct seq_file *m, struct vfsmount *mnt) | |||
170 | list_for_each_entry(walker, | 170 | list_for_each_entry(walker, |
171 | &mount_crypt_stat->global_auth_tok_list, | 171 | &mount_crypt_stat->global_auth_tok_list, |
172 | mount_crypt_stat_list) { | 172 | mount_crypt_stat_list) { |
173 | seq_printf(m, ",ecryptfs_sig=%s", walker->sig); | 173 | if (walker->flags & ECRYPTFS_AUTH_TOK_FNEK) |
174 | seq_printf(m, ",ecryptfs_fnek_sig=%s", walker->sig); | ||
175 | else | ||
176 | seq_printf(m, ",ecryptfs_sig=%s", walker->sig); | ||
174 | } | 177 | } |
175 | mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); | 178 | mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); |
176 | 179 | ||
@@ -186,6 +189,8 @@ static int ecryptfs_show_options(struct seq_file *m, struct vfsmount *mnt) | |||
186 | seq_printf(m, ",ecryptfs_xattr_metadata"); | 189 | seq_printf(m, ",ecryptfs_xattr_metadata"); |
187 | if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) | 190 | if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) |
188 | seq_printf(m, ",ecryptfs_encrypted_view"); | 191 | seq_printf(m, ",ecryptfs_encrypted_view"); |
192 | if (mount_crypt_stat->flags & ECRYPTFS_UNLINK_SIGS) | ||
193 | seq_printf(m, ",ecryptfs_unlink_sigs"); | ||
189 | 194 | ||
190 | return 0; | 195 | return 0; |
191 | } | 196 | } |