diff options
Diffstat (limited to 'fs/ecryptfs')
| -rw-r--r-- | fs/ecryptfs/Makefile | 2 | ||||
| -rw-r--r-- | fs/ecryptfs/crypto.c | 989 | ||||
| -rw-r--r-- | fs/ecryptfs/debug.c | 2 | ||||
| -rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 183 | ||||
| -rw-r--r-- | fs/ecryptfs/file.c | 97 | ||||
| -rw-r--r-- | fs/ecryptfs/inode.c | 239 | ||||
| -rw-r--r-- | fs/ecryptfs/keystore.c | 1078 | ||||
| -rw-r--r-- | fs/ecryptfs/main.c | 265 | ||||
| -rw-r--r-- | fs/ecryptfs/messaging.c | 5 | ||||
| -rw-r--r-- | fs/ecryptfs/mmap.c | 703 | ||||
| -rw-r--r-- | fs/ecryptfs/netlink.c | 16 | ||||
| -rw-r--r-- | fs/ecryptfs/read_write.c | 358 | ||||
| -rw-r--r-- | fs/ecryptfs/super.c | 39 |
13 files changed, 2088 insertions, 1888 deletions
diff --git a/fs/ecryptfs/Makefile b/fs/ecryptfs/Makefile index 1f11072..7688570 100644 --- a/fs/ecryptfs/Makefile +++ b/fs/ecryptfs/Makefile @@ -4,4 +4,4 @@ obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o -ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o crypto.o keystore.o messaging.o netlink.o debug.o +ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o netlink.o debug.o diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 6ac6306..1ae90ef 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c @@ -123,9 +123,9 @@ out: return rc; } -int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, - char *cipher_name, - char *chaining_modifier) +static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, + char *cipher_name, + char *chaining_modifier) { int cipher_name_len = strlen(cipher_name); int chaining_modifier_len = strlen(chaining_modifier); @@ -149,7 +149,7 @@ out: * ecryptfs_derive_iv * @iv: destination for the derived iv vale * @crypt_stat: Pointer to crypt_stat struct for the current inode - * @offset: Offset of the page whose's iv we are to derive + * @offset: Offset of the extent whose IV we are to derive * * Generate the initialization vector from the given root IV and page * offset. @@ -157,7 +157,7 @@ out: * Returns zero on success; non-zero on error. */ static int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat, - pgoff_t offset) + loff_t offset) { int rc = 0; char dst[MD5_DIGEST_SIZE]; @@ -173,7 +173,7 @@ static int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat, * hashing business. -Halcrow */ memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes); memset((src + crypt_stat->iv_bytes), 0, 16); - snprintf((src + crypt_stat->iv_bytes), 16, "%ld", offset); + snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset); if (unlikely(ecryptfs_verbosity > 0)) { ecryptfs_printk(KERN_DEBUG, "source:\n"); ecryptfs_dump_hex(src, (crypt_stat->iv_bytes + 16)); @@ -204,6 +204,8 @@ void ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) { memset((void *)crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat)); + INIT_LIST_HEAD(&crypt_stat->keysig_list); + mutex_init(&crypt_stat->keysig_list_mutex); mutex_init(&crypt_stat->cs_mutex); mutex_init(&crypt_stat->cs_tfm_mutex); mutex_init(&crypt_stat->cs_hash_tfm_mutex); @@ -211,27 +213,48 @@ ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) } /** - * ecryptfs_destruct_crypt_stat + * ecryptfs_destroy_crypt_stat * @crypt_stat: Pointer to the crypt_stat struct to initialize. * * Releases all memory associated with a crypt_stat struct. */ -void ecryptfs_destruct_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) +void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) { + struct ecryptfs_key_sig *key_sig, *key_sig_tmp; + if (crypt_stat->tfm) crypto_free_blkcipher(crypt_stat->tfm); if (crypt_stat->hash_tfm) crypto_free_hash(crypt_stat->hash_tfm); + mutex_lock(&crypt_stat->keysig_list_mutex); + list_for_each_entry_safe(key_sig, key_sig_tmp, + &crypt_stat->keysig_list, crypt_stat_list) { + list_del(&key_sig->crypt_stat_list); + kmem_cache_free(ecryptfs_key_sig_cache, key_sig); + } + mutex_unlock(&crypt_stat->keysig_list_mutex); memset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat)); } -void ecryptfs_destruct_mount_crypt_stat( +void ecryptfs_destroy_mount_crypt_stat( struct ecryptfs_mount_crypt_stat *mount_crypt_stat) { - if (mount_crypt_stat->global_auth_tok_key) - key_put(mount_crypt_stat->global_auth_tok_key); - if (mount_crypt_stat->global_key_tfm) - crypto_free_blkcipher(mount_crypt_stat->global_key_tfm); + struct ecryptfs_global_auth_tok *auth_tok, *auth_tok_tmp; + + if (!(mount_crypt_stat->flags & ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED)) + return; + mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); + list_for_each_entry_safe(auth_tok, auth_tok_tmp, + &mount_crypt_stat->global_auth_tok_list, + mount_crypt_stat_list) { + list_del(&auth_tok->mount_crypt_stat_list); + mount_crypt_stat->num_global_auth_toks--; + if (auth_tok->global_auth_tok_key + && !(auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID)) + key_put(auth_tok->global_auth_tok_key); + kmem_cache_free(ecryptfs_global_auth_tok_cache, auth_tok); + } + mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); memset(mount_crypt_stat, 0, sizeof(struct ecryptfs_mount_crypt_stat)); } @@ -330,114 +353,82 @@ out: return rc; } -static void -ecryptfs_extent_to_lwr_pg_idx_and_offset(unsigned long *lower_page_idx, - int *byte_offset, - struct ecryptfs_crypt_stat *crypt_stat, - unsigned long extent_num) +/** + * ecryptfs_lower_offset_for_extent + * + * Convert an eCryptfs page index into a lower byte offset + */ +void ecryptfs_lower_offset_for_extent(loff_t *offset, loff_t extent_num, + struct ecryptfs_crypt_stat *crypt_stat) { - unsigned long lower_extent_num; - int extents_occupied_by_headers_at_front; - int bytes_occupied_by_headers_at_front; - int extent_offset; - int extents_per_page; - - bytes_occupied_by_headers_at_front = - ( crypt_stat->header_extent_size - * crypt_stat->num_header_extents_at_front ); - extents_occupied_by_headers_at_front = - ( bytes_occupied_by_headers_at_front - / crypt_stat->extent_size ); - lower_extent_num = extents_occupied_by_headers_at_front + extent_num; - extents_per_page = PAGE_CACHE_SIZE / crypt_stat->extent_size; - (*lower_page_idx) = lower_extent_num / extents_per_page; - extent_offset = lower_extent_num % extents_per_page; - (*byte_offset) = extent_offset * crypt_stat->extent_size; - ecryptfs_printk(KERN_DEBUG, " * crypt_stat->header_extent_size = " - "[%d]\n", crypt_stat->header_extent_size); - ecryptfs_printk(KERN_DEBUG, " * crypt_stat->" - "num_header_extents_at_front = [%d]\n", - crypt_stat->num_header_extents_at_front); - ecryptfs_printk(KERN_DEBUG, " * extents_occupied_by_headers_at_" - "front = [%d]\n", extents_occupied_by_headers_at_front); - ecryptfs_printk(KERN_DEBUG, " * lower_extent_num = [0x%.16x]\n", - lower_extent_num); - ecryptfs_printk(KERN_DEBUG, " * extents_per_page = [%d]\n", - extents_per_page); - ecryptfs_printk(KERN_DEBUG, " * (*lower_page_idx) = [0x%.16x]\n", - (*lower_page_idx)); - ecryptfs_printk(KERN_DEBUG, " * extent_offset = [%d]\n", - extent_offset); - ecryptfs_printk(KERN_DEBUG, " * (*byte_offset) = [%d]\n", - (*byte_offset)); + (*offset) = ((crypt_stat->extent_size + * crypt_stat->num_header_extents_at_front) + + (crypt_stat->extent_size * extent_num)); } -static int ecryptfs_write_out_page(struct ecryptfs_page_crypt_context *ctx, - struct page *lower_page, - struct inode *lower_inode, - int byte_offset_in_page, int bytes_to_write) +/** + * ecryptfs_encrypt_extent + * @enc_extent_page: Allocated page into which to encrypt the data in + * @page + * @crypt_stat: crypt_stat containing cryptographic context for the + * encryption operation + * @page: Page containing plaintext data extent to encrypt + * @extent_offset: Page extent offset for use in generating IV + * + * Encrypts one extent of data. + * + * Return zero on success; non-zero otherwise + */ +static int ecryptfs_encrypt_extent(struct page *enc_extent_page, + struct ecryptfs_crypt_stat *crypt_stat, + struct page *page, + unsigned long extent_offset) { - int rc = 0; + loff_t extent_base; + char extent_iv[ECRYPTFS_MAX_IV_BYTES]; + int rc; - if (ctx->mode == ECRYPTFS_PREPARE_COMMIT_MODE) { - rc = ecryptfs_commit_lower_page(lower_page, lower_inode, - ctx->param.lower_file, - byte_offset_in_page, - bytes_to_write); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error calling lower " - "commit; rc = [%d]\n", rc); - goto out; - } - } else { - rc = ecryptfs_writepage_and_release_lower_page(lower_page, - lower_inode, - ctx->param.wbc); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error calling lower " - "writepage(); rc = [%d]\n", rc); - goto out; - } + extent_base = (((loff_t)page->index) + * (PAGE_CACHE_SIZE / crypt_stat->extent_size)); + rc = ecryptfs_derive_iv(extent_iv, crypt_stat, + (extent_base + extent_offset)); + if (rc) { + ecryptfs_printk(KERN_ERR, "Error attempting to " + "derive IV for extent [0x%.16x]; " + "rc = [%d]\n", (extent_base + extent_offset), + rc); + goto out; } -out: - return rc; -} - -static int ecryptfs_read_in_page(struct ecryptfs_page_crypt_context *ctx, - struct page **lower_page, - struct inode *lower_inode, - unsigned long lower_page_idx, - int byte_offset_in_page) -{ - int rc = 0; - - if (ctx->mode == ECRYPTFS_PREPARE_COMMIT_MODE) { - /* TODO: Limit this to only the data extents that are - * needed */ - rc = ecryptfs_get_lower_page(lower_page, lower_inode, - ctx->param.lower_file, - lower_page_idx, - byte_offset_in_page, - (PAGE_CACHE_SIZE - - byte_offset_in_page)); - if (rc) { - ecryptfs_printk( - KERN_ERR, "Error attempting to grab, map, " - "and prepare_write lower page with index " - "[0x%.16x]; rc = [%d]\n", lower_page_idx, rc); - goto out; - } - } else { - *lower_page = grab_cache_page(lower_inode->i_mapping, - lower_page_idx); - if (!(*lower_page)) { - rc = -EINVAL; - ecryptfs_printk( - KERN_ERR, "Error attempting to grab and map " - "lower page with index [0x%.16x]; rc = [%d]\n", - lower_page_idx, rc); - goto out; - } + if (unlikely(ecryptfs_verbosity > 0)) { + ecryptfs_printk(KERN_DEBUG, "Encrypting extent " + "with iv:\n"); + ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); + ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " + "encryption:\n"); + ecryptfs_dump_hex((char *) + (page_address(page) + + (extent_offset * crypt_stat->extent_size)), + 8); + } + rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, + page, (extent_offset + * crypt_stat->extent_size), + crypt_stat->extent_size, extent_iv); + if (rc < 0) { + printk(KERN_ERR "%s: Error attempting to encrypt page with " + "page->index = [%ld], extent_offset = [%ld]; " + "rc = [%d]\n", __FUNCTION__, page->index, extent_offset, + rc); + goto out; + } + rc = 0; + if (unlikely(ecryptfs_verbosity > 0)) { + ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; " + "rc = [%d]\n", (extent_base + extent_offset), + rc); + ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " + "encryption:\n"); + ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8); } out: return rc; @@ -445,7 +436,9 @@ out: /** * ecryptfs_encrypt_page - * @ctx: The context of the page + * @page: Page mapped from the eCryptfs inode for the file; contains + * decrypted content that needs to be encrypted (to a temporary + * page; not in place) and written out to the lower file * * Encrypt an eCryptfs page. This is done on a per-extent basis. Note * that eCryptfs pages may straddle the lower pages -- for instance, @@ -455,128 +448,122 @@ out: * file, 24K of page 0 of the lower file will be read and decrypted, * and then 8K of page 1 of the lower file will be read and decrypted. * - * The actual operations performed on each page depends on the - * contents of the ecryptfs_page_crypt_context struct. - * * Returns zero on success; negative on error */ -int ecryptfs_encrypt_page(struct ecryptfs_page_crypt_context *ctx) +int ecryptfs_encrypt_page(struct page *page) { - char extent_iv[ECRYPTFS_MAX_IV_BYTES]; - unsigned long base_extent; - unsigned long extent_offset = 0; - unsigned long lower_page_idx = 0; - unsigned long prior_lower_page_idx = 0; - struct page *lower_page; - struct inode *lower_inode; - struct ecryptfs_inode_info *inode_info; + struct inode *ecryptfs_inode; struct ecryptfs_crypt_stat *crypt_stat; + char *enc_extent_virt = NULL; + struct page *enc_extent_page; + loff_t extent_offset; int rc = 0; - int lower_byte_offset = 0; - int orig_byte_offset = 0; - int num_extents_per_page; -#define ECRYPTFS_PAGE_STATE_UNREAD 0 -#define ECRYPTFS_PAGE_STATE_READ 1 -#define ECRYPTFS_PAGE_STATE_MODIFIED 2 -#define ECRYPTFS_PAGE_STATE_WRITTEN 3 - int page_state; - - lower_inode = ecryptfs_inode_to_lower(ctx->page->mapping->host); - inode_info = ecryptfs_inode_to_private(ctx->page->mapping->host); - crypt_stat = &inode_info->crypt_stat; + + ecryptfs_inode = page->mapping->host; + crypt_stat = + &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { - rc = ecryptfs_copy_page_to_lower(ctx->page, lower_inode, - ctx->param.lower_file); + rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, + 0, PAGE_CACHE_SIZE); if (rc) - ecryptfs_printk(KERN_ERR, "Error attempting to copy " - "page at index [0x%.16x]\n", - ctx->page->index); + printk(KERN_ERR "%s: Error attempting to copy " + "page at index [%ld]\n", __FUNCTION__, + page->index); goto out; } - num_extents_per_page = PAGE_CACHE_SIZE / crypt_stat->extent_size; - base_extent = (ctx->page->index * num_extents_per_page); - page_state = ECRYPTFS_PAGE_STATE_UNREAD; - while (extent_offset < num_extents_per_page) { - ecryptfs_extent_to_lwr_pg_idx_and_offset( - &lower_page_idx, &lower_byte_offset, crypt_stat, - (base_extent + extent_offset)); - if (prior_lower_page_idx != lower_page_idx - && page_state == ECRYPTFS_PAGE_STATE_MODIFIED) { - rc = ecryptfs_write_out_page(ctx, lower_page, - lower_inode, - orig_byte_offset, - (PAGE_CACHE_SIZE - - orig_byte_offset)); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error attempting " - "to write out page; rc = [%d]" - "\n", rc); - goto out; - } - page_state = ECRYPTFS_PAGE_STATE_WRITTEN; - } - if (page_state == ECRYPTFS_PAGE_STATE_UNREAD - || page_state == ECRYPTFS_PAGE_STATE_WRITTEN) { - rc = ecryptfs_read_in_page(ctx, &lower_page, - lower_inode, lower_page_idx, - lower_byte_offset); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error attempting " - "to read in lower page with " - "index [0x%.16x]; rc = [%d]\n", - lower_page_idx, rc); - goto out; - } - orig_byte_offset = lower_byte_offset; - prior_lower_page_idx = lower_page_idx; - page_state = ECRYPTFS_PAGE_STATE_READ; - } - BUG_ON(!(page_state == ECRYPTFS_PAGE_STATE_MODIFIED - || page_state == ECRYPTFS_PAGE_STATE_READ)); - rc = ecryptfs_derive_iv(extent_iv, crypt_stat, - (base_extent + extent_offset)); + enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); + if (!enc_extent_virt) { + rc = -ENOMEM; + ecryptfs_printk(KERN_ERR, "Error allocating memory for " + "encrypted extent\n"); + goto out; + } + enc_extent_page = virt_to_page(enc_extent_virt); + for (extent_offset = 0; + extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); + extent_offset++) { + loff_t offset; + + rc = ecryptfs_encrypt_extent(enc_extent_page, crypt_stat, page, + extent_offset); if (rc) { - ecryptfs_printk(KERN_ERR, "Error attempting to " - "derive IV for extent [0x%.16x]; " - "rc = [%d]\n", - (base_extent + extent_offset), rc); + printk(KERN_ERR "%s: Error encrypting extent; " + "rc = [%d]\n", __FUNCTION__, rc); goto out; } - if (unlikely(ecryptfs_verbosity > 0)) { - ecryptfs_printk(KERN_DEBUG, "Encrypting extent " - "with iv:\n"); - ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); - ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " - "encryption:\n"); - ecryptfs_dump_hex((char *) - (page_address(ctx->page) - + (extent_offset - * crypt_stat->extent_size)), 8); - } - rc = ecryptfs_encrypt_page_offset( - crypt_stat, lower_page, lower_byte_offset, ctx->page, - (extent_offset * crypt_stat->extent_size), - crypt_stat->extent_size, extent_iv); - ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; " - "rc = [%d]\n", - (base_extent + extent_offset), rc); - if (unlikely(ecryptfs_verbosity > 0)) { - ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " - "encryption:\n"); - ecryptfs_dump_hex((char *)(page_address(lower_page) - + lower_byte_offset), 8); + ecryptfs_lower_offset_for_extent( + &offset, ((((loff_t)page->index) + * (PAGE_CACHE_SIZE + / crypt_stat->extent_size)) + + extent_offset), crypt_stat); + rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt, + offset, crypt_stat->extent_size); + if (rc) { + ecryptfs_printk(KERN_ERR, "Error attempting " + "to write lower page; rc = [%d]" + "\n", rc); + goto out; } - page_state = ECRYPTFS_PAGE_STATE_MODIFIED; extent_offset++; } - BUG_ON(orig_byte_offset != 0); - rc = ecryptfs_write_out_page(ctx, lower_page, lower_inode, 0, - (lower_byte_offset - + crypt_stat->extent_size)); +out: + kfree(enc_extent_virt); + return rc; +} + +static int ecryptfs_decrypt_extent(struct page *page, + struct ecryptfs_crypt_stat *crypt_stat, + struct page *enc_extent_page, + unsigned long extent_offset) +{ + loff_t extent_base; + char extent_iv[ECRYPTFS_MAX_IV_BYTES]; + int rc; + + extent_base = (((loff_t)page->index) + * (PAGE_CACHE_SIZE / crypt_stat->extent_size)); + rc = ecryptfs_derive_iv(extent_iv, crypt_stat, + (extent_base + extent_offset)); if (rc) { - ecryptfs_printk(KERN_ERR, "Error attempting to write out " - "page; rc = [%d]\n", rc); - goto out; + ecryptfs_printk(KERN_ERR, "Error attempting to " + "derive IV for extent [0x%.16x]; " + "rc = [%d]\n", (extent_base + extent_offset), + rc); + goto out; + } + if (unlikely(ecryptfs_verbosity > 0)) { + ecryptfs_printk(KERN_DEBUG, "Decrypting extent " + "with iv:\n"); + ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); + ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " + "decryption:\n"); + ecryptfs_dump_hex((char *) + (page_address(enc_extent_page) + + (extent_offset * crypt_stat->extent_size)), + 8); + } + rc = ecryptfs_decrypt_page_offset(crypt_stat, page, + (extent_offset + * crypt_stat->extent_size), + enc_extent_page, 0, + crypt_stat->extent_size, extent_iv); + if (rc < 0) { + printk(KERN_ERR "%s: Error attempting to decrypt to page with " + "page->index = [%ld], extent_offset = [%ld]; " + "rc = [%d]\n", __FUNCTION__, page->index, extent_offset, + rc); + goto out; + } + rc = 0; + if (unlikely(ecryptfs_verbosity > 0)) { + ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; " + "rc = [%d]\n", (extent_base + extent_offset), + rc); + ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " + "decryption:\n"); + ecryptfs_dump_hex((char *)(page_address(page) + + (extent_offset + * crypt_stat->extent_size)), 8); } out: return rc; @@ -584,8 +571,9 @@ out: /** * ecryptfs_decrypt_page - * @file: The ecryptfs file - * @page: The page in ecryptfs to decrypt + * @page: Page mapped from the eCryptfs inode for the file; data read + * and decrypted from the lower file will be written into this + * page * * Decrypt an eCryptfs page. This is done on a per-extent basis. Note * that eCryptfs pages may straddle the lower pages -- for instance, @@ -597,108 +585,75 @@ out: * * Returns zero on success; negative on error */ -int ecryptfs_decrypt_page(struct file *file, struct page *page) +int ecryptfs_decrypt_page(struct page *page) { - char extent_iv[ECRYPTFS_MAX_IV_BYTES]; - unsigned long base_extent; - unsigned long extent_offset = 0; - unsigned long lower_page_idx = 0; - unsigned long prior_lower_page_idx = 0; - struct page *lower_page; - char *lower_page_virt = NULL; - struct inode *lower_inode; + struct inode *ecryptfs_inode; struct ecryptfs_crypt_stat *crypt_stat; + char *enc_extent_virt = NULL; + struct page *enc_extent_page; + unsigned long extent_offset; int rc = 0; - int byte_offset; - int num_extents_per_page; - int page_state; - crypt_stat = &(ecryptfs_inode_to_private( - page->mapping->host)->crypt_stat); - lower_inode = ecryptfs_inode_to_lower(page->mapping->host); + ecryptfs_inode = page->mapping->host; + crypt_stat = + &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { - rc = ecryptfs_do_readpage(file, page, page->index); + rc = ecryptfs_read_lower_page_segment(page, page->index, 0, + PAGE_CACHE_SIZE, + ecryptfs_inode); if (rc) - ecryptfs_printk(KERN_ERR, "Error attempting to copy " - "page at index [0x%.16x]\n", - page->index); + printk(KERN_ERR "%s: Error attempting to copy " + "page at index [%ld]\n", __FUNCTION__, + page->index); goto out; } - num_extents_per_page = PAGE_CACHE_SIZE / crypt_stat->extent_size; - base_extent = (page->index * num_extents_per_page); - lower_page_virt = kmem_cache_alloc(ecryptfs_lower_page_cache, - GFP_KERNEL); - if (!lower_page_virt) { + enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); + if (!enc_extent_virt) { rc = -ENOMEM; - ecryptfs_printk(KERN_ERR, "Error getting page for encrypted " - "lower page(s)\n"); + ecryptfs_printk(KERN_ERR, "Error allocating memory for " + "encrypted extent\n"); goto out; } - lower_page = virt_to_page(lower_page_virt); - page_state = ECRYPTFS_PAGE_STATE_UNREAD; - while (extent_offset < num_extents_per_page) { - ecryptfs_extent_to_lwr_pg_idx_and_offset( - &lower_page_idx, &byte_offset, crypt_stat, - (base_extent + extent_offset)); - if (prior_lower_page_idx != lower_page_idx - || page_state == ECRYPTFS_PAGE_STATE_UNREAD) { - rc = ecryptfs_do_readpage(file, lower_page, - lower_page_idx); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error reading " - "lower encrypted page; rc = " - "[%d]\n", rc); - goto out; - } - prior_lower_page_idx = lower_page_idx; - page_state = ECRYPTFS_PAGE_STATE_READ; - } - rc = ecryptfs_derive_iv(extent_iv, crypt_stat, - (base_extent + extent_offset)); + enc_extent_page = virt_to_page(enc_extent_virt); + for (extent_offset = 0; + extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); + extent_offset++) { + loff_t offset; + + ecryptfs_lower_offset_for_extent( + &offset, ((page->index * (PAGE_CACHE_SIZE + / crypt_stat->extent_size)) + + extent_offset), crypt_stat); + rc = ecryptfs_read_lower(enc_extent_virt, offset, + crypt_stat->extent_size, + ecryptfs_inode); if (rc) { - ecryptfs_printk(KERN_ERR, "Error attempting to " - "derive IV for extent [0x%.16x]; rc = " - "[%d]\n", - (base_extent + extent_offset), rc); + ecryptfs_printk(KERN_ERR, "Error attempting " + "to read lower page; rc = [%d]" + "\n", rc); goto out; } - if (unlikely(ecryptfs_verbosity > 0)) { - ecryptfs_printk(KERN_DEBUG, "Decrypting extent " - "with iv:\n"); - ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); - ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " - "decryption:\n"); - ecryptfs_dump_hex((lower_page_virt + byte_offset), 8); - } - rc = ecryptfs_decrypt_page_offset(crypt_stat, page, - (extent_offset - * crypt_stat->extent_size), - lower_page, byte_offset, - crypt_stat->extent_size, - extent_iv); - if (rc != crypt_stat->extent_size) { - ecryptfs_printk(KERN_ERR, "Error attempting to " - "decrypt extent [0x%.16x]\n", - (base_extent + extent_offset)); + rc = ecryptfs_decrypt_extent(page, crypt_stat, enc_extent_page, + extent_offset); + if (rc) { + printk(KERN_ERR "%s: Error encrypting extent; " + "rc = [%d]\n", __FUNCTION__, rc); goto out; } - rc = 0; - if (unlikely(ecryptfs_verbosity > 0)) { - ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " - "decryption:\n"); - ecryptfs_dump_hex((char *)(page_address(page) - + byte_offset), 8); - } extent_offset++; } out: - if (lower_page_virt) - kmem_cache_free(ecryptfs_lower_page_cache, lower_page_virt); + kfree(enc_extent_virt); return rc; } /** * decrypt_scatterlist + * @crypt_stat: Cryptographic context + * @dest_sg: The destination scatterlist to decrypt into + * @src_sg: The source scatterlist to decrypt from + * @size: The number of bytes to decrypt + * @iv: The initialization vector to use for the decryption * * Returns the number of bytes decrypted; negative value on error */ @@ -740,6 +695,13 @@ out: /** * ecryptfs_encrypt_page_offset + * @crypt_stat: The cryptographic context + * @dst_page: The page to encrypt into + * @dst_offset: The offset in the page to encrypt into + * @src_page: The page to encrypt from + * @src_offset: The offset in the page to encrypt from + * @size: The number of bytes to encrypt + * @iv: The initialization vector to use for the encryption * * Returns the number of bytes encrypted */ @@ -762,6 +724,13 @@ ecryptfs_encrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat, /** * ecryptfs_decrypt_page_offset + * @crypt_stat: The cryptographic context + * @dst_page: The page to decrypt into + * @dst_offset: The offset in the page to decrypt into + * @src_page: The page to decrypt from + * @src_offset: The offset in the page to decrypt from + * @size: The number of bytes to decrypt + * @iv: The initialization vector to use for the decryption * * Returns the number of bytes decrypted */ @@ -857,15 +826,17 @@ void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat) crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE; set_extent_mask_and_shift(crypt_stat); crypt_stat->iv_bytes = ECRYPTFS_DEFAULT_IV_BYTES; - if (PAGE_CACHE_SIZE <= ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE) { - crypt_stat->header_extent_size = - ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE; - } else - crypt_stat->header_extent_size = PAGE_CACHE_SIZE; if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) crypt_stat->num_header_extents_at_front = 0; - else - crypt_stat->num_header_extents_at_front = 1; + else { + if (PAGE_CACHE_SIZE <= ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE) + crypt_stat->num_header_extents_at_front = + (ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE + / crypt_stat->extent_size); + else + crypt_stat->num_header_extents_at_front = + (PAGE_CACHE_SIZE / crypt_stat->extent_size); + } } /** @@ -917,6 +888,8 @@ static void ecryptfs_generate_new_key(struct ecryptfs_crypt_stat *crypt_stat) /** * ecryptfs_copy_mount_wide_flags_to_inode_flags + * @crypt_stat: The inode's cryptographic context + * @mount_crypt_stat: The mount point's cryptographic context * * This function propagates the mount-wide flags to individual inode * flags. @@ -931,9 +904,34 @@ static void ecryptfs_copy_mount_wide_flags_to_inode_flags( crypt_stat->flags |= ECRYPTFS_VIEW_AS_ENCRYPTED; } +static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs( + struct ecryptfs_crypt_stat *crypt_stat, + struct ecryptfs_mount_crypt_stat *mount_crypt_stat) +{ + struct ecryptfs_global_auth_tok *global_auth_tok; + int rc = 0; + + mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); + list_for_each_entry(global_auth_tok, + &mount_crypt_stat->global_auth_tok_list, + mount_crypt_stat_list) { + rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); + if (rc) { + printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); + mutex_unlock( + &mount_crypt_stat->global_auth_tok_list_mutex); + goto out; + } + } + mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); +out: + return rc; +} + /** * ecryptfs_set_default_crypt_stat_vals - * @crypt_stat + * @crypt_stat: The inode's cryptographic context + * @mount_crypt_stat: The mount point's cryptographic context * * Default values in the event that policy does not override them. */ @@ -953,7 +951,7 @@ static void ecryptfs_set_default_crypt_stat_vals( /** * ecryptfs_new_file_context - * @ecryptfs_dentry + * @ecryptfs_dentry: The eCryptfs dentry * * If the crypto context for the file has not yet been established, * this is where we do that. Establishing a new crypto context @@ -970,49 +968,42 @@ static void ecryptfs_set_default_crypt_stat_vals( * * Returns zero on success; non-zero otherwise */ -/* Associate an authentication token(s) with the file */ int ecryptfs_new_file_context(struct dentry *ecryptfs_dentry) { - int rc = 0; struct ecryptfs_crypt_stat *crypt_stat = &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = &ecryptfs_superblock_to_private( ecryptfs_dentry->d_sb)->mount_crypt_stat; int cipher_name_len; + int rc = 0; ecryptfs_set_default_crypt_stat_vals(crypt_stat, mount_crypt_stat); - /* See if there are mount crypt options */ - if (mount_crypt_stat->global_auth_tok) { - ecryptfs_printk(KERN_DEBUG, "Initializing context for new " - "file using mount_crypt_stat\n"); - crypt_stat->flags |= ECRYPTFS_ENCRYPTED; - crypt_stat->flags |= ECRYPTFS_KEY_VALID; - ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, - mount_crypt_stat); - memcpy(crypt_stat->keysigs[crypt_stat->num_keysigs++], - mount_crypt_stat->global_auth_tok_sig, - ECRYPTFS_SIG_SIZE_HEX); - cipher_name_len = - strlen(mount_crypt_stat->global_default_cipher_name); - memcpy(crypt_stat->cipher, - mount_crypt_stat->global_default_cipher_name, - cipher_name_len); - crypt_stat->cipher[cipher_name_len] = '\0'; - crypt_stat->key_size = - mount_crypt_stat->global_default_cipher_key_size; - ecryptfs_generate_new_key(crypt_stat); - } else - /* We should not encounter this scenario since we - * should detect lack of global_auth_tok at mount time - * TODO: Applies to 0.1 release only; remove in future - * release */ - BUG(); + crypt_stat->flags |= (ECRYPTFS_ENCRYPTED | ECRYPTFS_KEY_VALID); + ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, + mount_crypt_stat); + rc = ecryptfs_copy_mount_wide_sigs_to_inode_sigs(crypt_stat, + mount_crypt_stat); + if (rc) { + printk(KERN_ERR "Error attempting to copy mount-wide key sigs " + "to the inode key sigs; rc = [%d]\n", rc); + goto out; + } + cipher_name_len = + strlen(mount_crypt_stat->global_default_cipher_name); + memcpy(crypt_stat->cipher, + mount_crypt_stat->global_default_cipher_name, + cipher_name_len); + crypt_stat->cipher[cipher_name_len] = '\0'; + crypt_stat->key_size = + mount_crypt_stat->global_default_cipher_key_size; + ecryptfs_generate_new_key(crypt_stat); rc = ecryptfs_init_crypt_ctx(crypt_stat); if (rc) ecryptfs_printk(KERN_ERR, "Error initializing cryptographic " "context for cipher [%s]: rc = [%d]\n", crypt_stat->cipher, rc); +out: return rc; } @@ -1054,7 +1045,7 @@ static struct ecryptfs_flag_map_elem ecryptfs_flag_map[] = { /** * ecryptfs_process_flags - * @crypt_stat + * @crypt_stat: The cryptographic context * @page_virt: Source data to be parsed * @bytes_read: Updated with the number of bytes read * @@ -1142,7 +1133,7 @@ ecryptfs_cipher_code_str_map[] = { /** * ecryptfs_code_for_cipher_string - * @str: The string representing the cipher name + * @crypt_stat: The cryptographic context * * Returns zero on no match, or the cipher code on match */ @@ -1198,59 +1189,28 @@ int ecryptfs_cipher_code_to_string(char *str, u16 cipher_code) return rc; } -/** - * ecryptfs_read_header_region - * @data - * @dentry - * @nd - * - * Returns zero on success; non-zero otherwise - */ -static int ecryptfs_read_header_region(char *data, struct dentry *dentry, - struct vfsmount *mnt) +int ecryptfs_read_and_validate_header_region(char *data, + struct inode *ecryptfs_inode) { - struct file *lower_file; - mm_segment_t oldfs; + struct ecryptfs_crypt_stat *crypt_stat = + &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); int rc; - if ((rc = ecryptfs_open_lower_file(&lower_file, dentry, mnt, - O_RDONLY))) { - printk(KERN_ERR - "Error opening lower_file to read header region\n"); - goto out; - } - lower_file->f_pos = 0; - oldfs = get_fs(); - set_fs(get_ds()); - /* For releases 0.1 and 0.2, all of the header information - * fits in the first data extent-sized region. */ - rc = lower_file->f_op->read(lower_file, (char __user *)data, - ECRYPTFS_DEFAULT_EXTENT_SIZE, &lower_file->f_pos); - set_fs(oldfs); - if ((rc = ecryptfs_close_lower_file(lower_file))) { - printk(KERN_ERR "Error closing lower_file\n"); + rc = ecryptfs_read_lower(data, 0, crypt_stat->extent_size, + ecryptfs_inode); + if (rc) { + printk(KERN_ERR "%s: Error reading header region; rc = [%d]\n", + __FUNCTION__, rc); goto out; } - rc = 0; -out: - return rc; -} - -int ecryptfs_read_and_validate_header_region(char *data, struct dentry *dentry, - struct vfsmount *mnt) -{ - int rc; - - rc = ecryptfs_read_header_region(data, dentry, mnt); - if (rc) - goto out; - if (!contains_ecryptfs_marker(data + ECRYPTFS_FILE_SIZE_BYTES)) + if (!contains_ecryptfs_marker(data + ECRYPTFS_FILE_SIZE_BYTES)) { rc = -EINVAL; + ecryptfs_printk(KERN_DEBUG, "Valid marker not found\n"); + } out: return rc; } - void ecryptfs_write_header_metadata(char *virt, struct ecryptfs_crypt_stat *crypt_stat, @@ -1259,7 +1219,7 @@ ecryptfs_write_header_metadata(char *virt, u32 header_extent_size; u16 num_header_extents_at_front; - header_extent_size = (u32)crypt_stat->header_extent_size; + header_extent_size = (u32)crypt_stat->extent_size; num_header_extents_at_front = (u16)crypt_stat->num_header_extents_at_front; header_extent_size = cpu_to_be32(header_extent_size); @@ -1276,9 +1236,10 @@ struct kmem_cache *ecryptfs_header_cache_2; /** * ecryptfs_write_headers_virt - * @page_virt - * @crypt_stat - * @ecryptfs_dentry + * @page_virt: The virtual address to write the headers to + * @size: Set to the number of bytes written by this function + * @crypt_stat: The cryptographic context + * @ecryptfs_dentry: The eCryptfs dentry * * Format version: 1 * @@ -1332,53 +1293,50 @@ static int ecryptfs_write_headers_virt(char *page_virt, size_t *size, return rc; } -static int ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, - struct file *lower_file, - char *page_virt) +static int +ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, + struct dentry *ecryptfs_dentry, + char *page_virt) { - mm_segment_t oldfs; int current_header_page; int header_pages; - ssize_t size; - int rc = 0; + int rc; - lower_file->f_pos = 0; - oldfs = get_fs(); - set_fs(get_ds()); - size = vfs_write(lower_file, (char __user *)page_virt, PAGE_CACHE_SIZE, - &lower_file->f_pos); - if (size < 0) { - rc = (int)size; - printk(KERN_ERR "Error attempting to write lower page; " - "rc = [%d]\n", rc); - set_fs(oldfs); + rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, page_virt, + 0, PAGE_CACHE_SIZE); + if (rc) { + printk(KERN_ERR "%s: Error attempting to write header " + "information to lower file; rc = [%d]\n", __FUNCTION__, + rc); goto out; } - header_pages = ((crypt_stat->header_extent_size + header_pages = ((crypt_stat->extent_size * crypt_stat->num_header_extents_at_front) / PAGE_CACHE_SIZE); memset(page_virt, 0, PAGE_CACHE_SIZE); current_header_page = 1; while (current_header_page < header_pages) { - size = vfs_write(lower_file, (char __user *)page_virt, - PAGE_CACHE_SIZE, &lower_file->f_pos); - if (size < 0) { - rc = (int)size; - printk(KERN_ERR "Error attempting to write lower page; " - "rc = [%d]\n", rc); - set_fs(oldfs); + loff_t offset; + + offset = (((loff_t)current_header_page) << PAGE_CACHE_SHIFT); + if ((rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, + page_virt, offset, + PAGE_CACHE_SIZE))) { + printk(KERN_ERR "%s: Error attempting to write header " + "information to lower file; rc = [%d]\n", + __FUNCTION__, rc); goto out; } current_header_page++; } - set_fs(oldfs); out: return rc; } -static int ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, - struct ecryptfs_crypt_stat *crypt_stat, - char *page_virt, size_t size) +static int +ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, + struct ecryptfs_crypt_stat *crypt_stat, + char *page_virt, size_t size) { int rc; @@ -1389,7 +1347,7 @@ static int ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, /** * ecryptfs_write_metadata - * @lower_file: The lower file struct, which was returned from dentry_open + * @ecryptfs_dentry: The eCryptfs dentry * * Write the file headers out. This will likely involve a userspace * callout, in which the session key is encrypted with one or more @@ -1397,22 +1355,21 @@ static int ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, * retrieved via a prompt. Exactly what happens at this point should * be policy-dependent. * + * TODO: Support header information spanning multiple pages + * * Returns zero on success; non-zero on error */ -int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry, - struct file *lower_file) +int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry) { - struct ecryptfs_crypt_stat *crypt_stat; + struct ecryptfs_crypt_stat *crypt_stat = + &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; char *page_virt; - size_t size; + size_t size = 0; int rc = 0; - crypt_stat = &ecryptfs_inode_to_private( - ecryptfs_dentry->d_inode)->crypt_stat; if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { - ecryptfs_printk(KERN_DEBUG, "Key is " - "invalid; bailing out\n"); + printk(KERN_ERR "Key is invalid; bailing out\n"); rc = -EINVAL; goto out; } @@ -1441,7 +1398,8 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry, crypt_stat, page_virt, size); else - rc = ecryptfs_write_metadata_to_contents(crypt_stat, lower_file, + rc = ecryptfs_write_metadata_to_contents(crypt_stat, + ecryptfs_dentry, page_virt); if (rc) { printk(KERN_ERR "Error writing metadata out to lower file; " @@ -1464,28 +1422,28 @@ static int parse_header_metadata(struct ecryptfs_crypt_stat *crypt_stat, u32 header_extent_size; u16 num_header_extents_at_front; - memcpy(&header_extent_size, virt, 4); + memcpy(&header_extent_size, virt, sizeof(u32)); header_extent_size = be32_to_cpu(header_extent_size); - virt += 4; - memcpy(&num_header_extents_at_front, virt, 2); + virt += sizeof(u32); + memcpy(&num_header_extents_at_front, virt, sizeof(u16)); num_header_extents_at_front = be16_to_cpu(num_header_extents_at_front); - crypt_stat->header_extent_size = (int)header_extent_size; crypt_stat->num_header_extents_at_front = (int)num_header_extents_at_front; - (*bytes_read) = 6; + (*bytes_read) = (sizeof(u32) + sizeof(u16)); if ((validate_header_size == ECRYPTFS_VALIDATE_HEADER_SIZE) - && ((crypt_stat->header_extent_size + && ((crypt_stat->extent_size * crypt_stat->num_header_extents_at_front) < ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)) { rc = -EINVAL; - ecryptfs_printk(KERN_WARNING, "Invalid header extent size: " - "[%d]\n", crypt_stat->header_extent_size); + printk(KERN_WARNING "Invalid number of header extents: [%zd]\n", + crypt_stat->num_header_extents_at_front); } return rc; } /** * set_default_header_data + * @crypt_stat: The cryptographic context * * For version 0 file format; this function is only for backwards * compatibility for files created with the prior versions of @@ -1493,12 +1451,15 @@ static int parse_header_metadata(struct ecryptfs_crypt_stat *crypt_stat, */ static void set_default_header_data(struct ecryptfs_crypt_stat *crypt_stat) { - crypt_stat->header_extent_size = 4096; - crypt_stat->num_header_extents_at_front = 1; + crypt_stat->num_header_extents_at_front = 2; } /** * ecryptfs_read_headers_virt + * @page_virt: The virtual address into which to read the headers + * @crypt_stat: The cryptographic context + * @ecryptfs_dentry: The eCryptfs dentry + * @validate_header_size: Whether to validate the header size while reading * * Read/parse the header data. The header format is detailed in the * comment block for the ecryptfs_write_headers_virt() function. @@ -1558,19 +1519,25 @@ out: /** * ecryptfs_read_xattr_region + * @page_virt: The vitual address into which to read the xattr data + * @ecryptfs_inode: The eCryptfs inode * * Attempts to read the crypto metadata from the extended attribute * region of the lower file. + * + * Returns zero on success; non-zero on error */ -int ecryptfs_read_xattr_region(char *page_virt, struct dentry *ecryptfs_dentry) +int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode) { + struct dentry *lower_dentry = + ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_dentry; ssize_t size; int rc = 0; - size = ecryptfs_getxattr(ecryptfs_dentry, ECRYPTFS_XATTR_NAME, - page_virt, ECRYPTFS_DEFAULT_EXTENT_SIZE); + size = ecryptfs_getxattr_lower(lower_dentry, ECRYPTFS_XATTR_NAME, + page_virt, ECRYPTFS_DEFAULT_EXTENT_SIZE); if (size < 0) { - printk(KERN_DEBUG "Error attempting to read the [%s] " + printk(KERN_ERR "Error attempting to read the [%s] " "xattr from the lower file; return value = [%zd]\n", ECRYPTFS_XATTR_NAME, size); rc = -EINVAL; @@ -1585,7 +1552,7 @@ int ecryptfs_read_and_validate_xattr_region(char *page_virt, { int rc; - rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_dentry); + rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_dentry->d_inode); if (rc) goto out; if (!contains_ecryptfs_marker(page_virt + ECRYPTFS_FILE_SIZE_BYTES)) { @@ -1609,15 +1576,13 @@ out: * * Returns zero if valid headers found and parsed; non-zero otherwise */ -int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry, - struct file *lower_file) +int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) { int rc = 0; char *page_virt = NULL; - mm_segment_t oldfs; - ssize_t bytes_read; + struct inode *ecryptfs_inode = ecryptfs_dentry->d_inode; struct ecryptfs_crypt_stat *crypt_stat = - &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; + &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = &ecryptfs_superblock_to_private( ecryptfs_dentry->d_sb)->mount_crypt_stat; @@ -1628,27 +1593,18 @@ int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry, page_virt = kmem_cache_alloc(ecryptfs_header_cache_1, GFP_USER); if (!page_virt) { rc = -ENOMEM; - ecryptfs_printk(KERN_ERR, "Unable to allocate page_virt\n"); + printk(KERN_ERR "%s: Unable to allocate page_virt\n", + __FUNCTION__); goto out; } - lower_file->f_pos = 0; - oldfs = get_fs(); - set_fs(get_ds()); - bytes_read = lower_file->f_op->read(lower_file, - (char __user *)page_virt, - ECRYPTFS_DEFAULT_EXTENT_SIZE, - &lower_file->f_pos); - set_fs(oldfs); - if (bytes_read != ECRYPTFS_DEFAULT_EXTENT_SIZE) { - rc = -EINVAL; - goto out; - } - rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, - ecryptfs_dentry, - ECRYPTFS_VALIDATE_HEADER_SIZE); + rc = ecryptfs_read_lower(page_virt, 0, crypt_stat->extent_size, + ecryptfs_inode); + if (!rc) + rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, + ecryptfs_dentry, + ECRYPTFS_VALIDATE_HEADER_SIZE); if (rc) { - rc = ecryptfs_read_xattr_region(page_virt, - ecryptfs_dentry); + rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_inode); if (rc) { printk(KERN_DEBUG "Valid eCryptfs headers not found in " "file header region or xattr region\n"); @@ -1776,7 +1732,7 @@ out: } /** - * ecryptfs_process_cipher - Perform cipher initialization. + * ecryptfs_process_key_cipher - Perform key cipher initialization. * @key_tfm: Crypto context for key material, set by this function * @cipher_name: Name of the cipher * @key_size: Size of the key in bytes @@ -1785,9 +1741,9 @@ out: * should be released by other functions, such as on a superblock put * event, regardless of whether this function succeeds for fails. */ -int -ecryptfs_process_cipher(struct crypto_blkcipher **key_tfm, char *cipher_name, - size_t *key_size) +static int +ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm, + char *cipher_name, size_t *key_size) { char dummy_key[ECRYPTFS_MAX_KEY_BYTES]; char *full_alg_name; @@ -1829,3 +1785,100 @@ ecryptfs_process_cipher(struct crypto_blkcipher **key_tfm, char *cipher_name, out: return rc; } + +struct kmem_cache *ecryptfs_key_tfm_cache; +struct list_head key_tfm_list; +struct mutex key_tfm_list_mutex; + +int ecryptfs_init_crypto(void) +{ + mutex_init(&key_tfm_list_mutex); + INIT_LIST_HEAD(&key_tfm_list); + return 0; +} + +int ecryptfs_destroy_crypto(void) +{ + struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp; + + mutex_lock(&key_tfm_list_mutex); + list_for_each_entry_safe(key_tfm, key_tfm_tmp, &key_tfm_list, + key_tfm_list) { + list_del(&key_tfm->key_tfm_list); + if (key_tfm->key_tfm) + crypto_free_blkcipher(key_tfm->key_tfm); + kmem_cache_free(ecryptfs_key_tfm_cache, key_tfm); + } + mutex_unlock(&key_tfm_list_mutex); + return 0; +} + +int +ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name, + size_t key_size) +{ + struct ecryptfs_key_tfm *tmp_tfm; + int rc = 0; + + tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL); + if (key_tfm != NULL) + (*key_tfm) = tmp_tfm; + if (!tmp_tfm) { + rc = -ENOMEM; + printk(KERN_ERR "Error attempting to allocate from " + "ecryptfs_key_tfm_cache\n"); + goto out; + } + mutex_init(&tmp_tfm->key_tfm_mutex); + strncpy(tmp_tfm->cipher_name, cipher_name, + ECRYPTFS_MAX_CIPHER_NAME_SIZE); + tmp_tfm->key_size = key_size; + rc = ecryptfs_process_key_cipher(&tmp_tfm->key_tfm, + tmp_tfm->cipher_name, + &tmp_tfm->key_size); + if (rc) { + printk(KERN_ERR "Error attempting to initialize key TFM " + "cipher with name = [%s]; rc = [%d]\n", + tmp_tfm->cipher_name, rc); + kmem_cache_free(ecryptfs_key_tfm_cache, tmp_tfm); + if (key_tfm != NULL) + (*key_tfm) = NULL; + goto out; + } + mutex_lock(&key_tfm_list_mutex); + list_add(&tmp_tfm->key_tfm_list, &key_tfm_list); + mutex_unlock(&key_tfm_list_mutex); +out: + return rc; +} + +int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm, + struct mutex **tfm_mutex, + char *cipher_name) +{ + struct ecryptfs_key_tfm *key_tfm; + int rc = 0; + + (*tfm) = NULL; + (*tfm_mutex) = NULL; + mutex_lock(&key_tfm_list_mutex); + list_for_each_entry(key_tfm, &key_tfm_list, key_tfm_list) { + if (strcmp(key_tfm->cipher_name, cipher_name) == 0) { + (*tfm) = key_tfm->key_tfm; + (*tfm_mutex) = &key_tfm->key_tfm_mutex; + mutex_unlock(&key_tfm_list_mutex); + goto out; + } + } + mutex_unlock(&key_tfm_list_mutex); + rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0); + if (rc) { + printk(KERN_ERR "Error adding new key_tfm to list; rc = [%d]\n", + rc); + goto out; + } + (*tfm) = key_tfm->key_tfm; + (*tfm_mutex) = &key_tfm->key_tfm_mutex; +out: + return rc; +} diff --git a/fs/ecryptfs/debug.c b/fs/ecryptfs/debug.c index 434c7ef..3d2bdf5 100644 --- a/fs/ecryptfs/debug.c +++ b/fs/ecryptfs/debug.c @@ -38,8 +38,6 @@ void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok) auth_tok); if (auth_tok->flags & ECRYPTFS_PRIVATE_KEY) { ecryptfs_printk(KERN_DEBUG, " * private key type\n"); - ecryptfs_printk(KERN_DEBUG, " * (NO PRIVATE KEY SUPPORT " - "IN ECRYPTFS VERSION 0.1)\n"); } else { ecryptfs_printk(KERN_DEBUG, " * passphrase type\n"); ecryptfs_to_hex(salt, auth_tok->token.password.salt, diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index 1b9dd9a..ce7a5d4 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h @@ -38,7 +38,7 @@ /* Version verification for shared data structures w/ userspace */ #define ECRYPTFS_VERSION_MAJOR 0x00 #define ECRYPTFS_VERSION_MINOR 0x04 -#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x02 +#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x03 /* These flags indicate which features are supported by the kernel * module; userspace tools such as the mount helper read * ECRYPTFS_VERSIONING_MASK from a sysfs handle in order to determine @@ -48,10 +48,12 @@ #define ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH 0x00000004 #define ECRYPTFS_VERSIONING_POLICY 0x00000008 #define ECRYPTFS_VERSIONING_XATTR 0x00000010 +#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020 #define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \ | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \ | ECRYPTFS_VERSIONING_PUBKEY \ - | ECRYPTFS_VERSIONING_XATTR) + | ECRYPTFS_VERSIONING_XATTR \ + | ECRYPTFS_VERSIONING_MULTKEY) #define ECRYPTFS_MAX_PASSWORD_LENGTH 64 #define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH #define ECRYPTFS_SALT_SIZE 8 @@ -65,8 +67,7 @@ #define ECRYPTFS_MAX_KEY_BYTES 64 #define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512 #define ECRYPTFS_DEFAULT_IV_BYTES 16 -#define ECRYPTFS_FILE_VERSION 0x02 -#define ECRYPTFS_DEFAULT_HEADER_EXTENT_SIZE 8192 +#define ECRYPTFS_FILE_VERSION 0x03 #define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096 #define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192 #define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32 @@ -144,6 +145,7 @@ struct ecryptfs_private_key { struct ecryptfs_auth_tok { u16 version; /* 8-bit major and 8-bit minor */ u16 token_type; +#define ECRYPTFS_ENCRYPT_ONLY 0x00000001 u32 flags; struct ecryptfs_session_key session_key; u8 reserved[32]; @@ -194,12 +196,11 @@ ecryptfs_get_key_payload_data(struct key *key) #define ECRYPTFS_MAX_KEYSET_SIZE 1024 #define ECRYPTFS_MAX_CIPHER_NAME_SIZE 32 #define ECRYPTFS_MAX_NUM_ENC_KEYS 64 -#define ECRYPTFS_MAX_NUM_KEYSIGS 2 /* TODO: Make this a linked list */ #define ECRYPTFS_MAX_IV_BYTES 16 /* 128 bits */ #define ECRYPTFS_SALT_BYTES 2 #define MAGIC_ECRYPTFS_MARKER 0x3c81b7f5 #define MAGIC_ECRYPTFS_MARKER_SIZE_BYTES 8 /* 4*2 */ -#define ECRYPTFS_FILE_SIZE_BYTES 8 +#define ECRYPTFS_FILE_SIZE_BYTES (sizeof(u64)) #define ECRYPTFS_DEFAULT_CIPHER "aes" #define ECRYPTFS_DEFAULT_KEY_BYTES 16 #define ECRYPTFS_DEFAULT_HASH "md5" @@ -212,6 +213,11 @@ ecryptfs_get_key_payload_data(struct key *key) #define ECRYPTFS_TAG_67_PACKET_TYPE 0x43 #define MD5_DIGEST_SIZE 16 +struct ecryptfs_key_sig { + struct list_head crypt_stat_list; + char keysig[ECRYPTFS_SIG_SIZE_HEX]; +}; + /** * This is the primary struct associated with each encrypted file. * @@ -231,8 +237,6 @@ struct ecryptfs_crypt_stat { u32 flags; unsigned int file_version; size_t iv_bytes; - size_t num_keysigs; - size_t header_extent_size; size_t num_header_extents_at_front; size_t extent_size; /* Data extent size; default is 4096 */ size_t key_size; @@ -245,7 +249,8 @@ struct ecryptfs_crypt_stat { unsigned char cipher[ECRYPTFS_MAX_CIPHER_NAME_SIZE]; unsigned char key[ECRYPTFS_MAX_KEY_BYTES]; unsigned char root_iv[ECRYPTFS_MAX_IV_BYTES]; - unsigned char keysigs[ECRYPTFS_MAX_NUM_KEYSIGS][ECRYPTFS_SIG_SIZE_HEX]; + struct list_head keysig_list; + struct mutex keysig_list_mutex; struct mutex cs_tfm_mutex; struct mutex cs_hash_tfm_mutex; struct mutex cs_mutex; @@ -255,6 +260,8 @@ struct ecryptfs_crypt_stat { struct ecryptfs_inode_info { struct inode vfs_inode; struct inode *wii_inode; + struct file *lower_file; + struct mutex lower_file_mutex; struct ecryptfs_crypt_stat crypt_stat; }; @@ -266,6 +273,59 @@ struct ecryptfs_dentry_info { }; /** + * ecryptfs_global_auth_tok - A key used to encrypt all new files under the mountpoint + * @flags: Status flags + * @mount_crypt_stat_list: These auth_toks hang off the mount-wide + * cryptographic context. Every time a new + * inode comes into existence, eCryptfs copies + * the auth_toks on that list to the set of + * auth_toks on the inode's crypt_stat + * @global_auth_tok_key: The key from the user's keyring for the sig + * @global_auth_tok: The key contents + * @sig: The key identifier + * + * ecryptfs_global_auth_tok structs refer to authentication token keys + * in the user keyring that apply to newly created files. A list of + * these objects hangs off of the mount_crypt_stat struct for any + * given eCryptfs mount. This struct maintains a reference to both the + * key contents and the key itself so that the key can be put on + * unmount. + */ +struct ecryptfs_global_auth_tok { +#define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 + u32 flags; + struct list_head mount_crypt_stat_list; + struct key *global_auth_tok_key; + struct ecryptfs_auth_tok *global_auth_tok; + unsigned char sig[ECRYPTFS_SIG_SIZE_HEX + 1]; +}; + +/** + * ecryptfs_key_tfm - Persistent key tfm + * @key_tfm: crypto API handle to the key + * @key_size: Key size in bytes + * @key_tfm_mutex: Mutex to ensure only one operation in eCryptfs is + * using the persistent TFM at any point in time + * @key_tfm_list: Handle to hang this off the module-wide TFM list + * @cipher_name: String name for the cipher for this TFM + * + * Typically, eCryptfs will use the same ciphers repeatedly throughout + * the course of its operations. In order to avoid unnecessarily + * destroying and initializing the same cipher repeatedly, eCryptfs + * keeps a list of crypto API contexts around to use when needed. + */ +struct ecryptfs_key_tfm { + struct crypto_blkcipher *key_tfm; + size_t key_size; + struct mutex key_tfm_mutex; + struct list_head key_tfm_list; + unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1]; +}; + +extern struct list_head key_tfm_list; +extern struct mutex key_tfm_list_mutex; + +/** * This struct is to enable a mount-wide passphrase/salt combo. This * is more or less a stopgap to provide similar functionality to other * crypto filesystems like EncFS or CFS until full policy support is @@ -276,15 +336,14 @@ struct ecryptfs_mount_crypt_stat { #define ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED 0x00000001 #define ECRYPTFS_XATTR_METADATA_ENABLED 0x00000002 #define ECRYPTFS_ENCRYPTED_VIEW_ENABLED 0x00000004 +#define ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED 0x00000008 u32 flags; - struct ecryptfs_auth_tok *global_auth_tok; - struct key *global_auth_tok_key; + struct list_head global_auth_tok_list; + struct mutex global_auth_tok_list_mutex; + size_t num_global_auth_toks; size_t global_default_cipher_key_size; - struct crypto_blkcipher *global_key_tfm; - struct mutex global_key_tfm_mutex; unsigned char global_default_cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1]; - unsigned char global_auth_tok_sig[ECRYPTFS_SIG_SIZE_HEX + 1]; }; /* superblock private data. */ @@ -468,6 +527,9 @@ extern struct kmem_cache *ecryptfs_header_cache_2; extern struct kmem_cache *ecryptfs_xattr_cache; extern struct kmem_cache *ecryptfs_lower_page_cache; extern struct kmem_cache *ecryptfs_key_record_cache; +extern struct kmem_cache *ecryptfs_key_sig_cache; +extern struct kmem_cache *ecryptfs_global_auth_tok_cache; +extern struct kmem_cache *ecryptfs_key_tfm_cache; int ecryptfs_interpose(struct dentry *hidden_dentry, struct dentry *this_dentry, struct super_block *sb, @@ -486,44 +548,18 @@ int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg, int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat); void ecryptfs_rotate_iv(unsigned char *iv); void ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); -void ecryptfs_destruct_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); -void ecryptfs_destruct_mount_crypt_stat( +void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); +void ecryptfs_destroy_mount_crypt_stat( struct ecryptfs_mount_crypt_stat *mount_crypt_stat); int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat); -int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, - char *cipher_name, - char *chaining_modifier); -#define ECRYPTFS_LOWER_I_MUTEX_NOT_HELD 0 -#define ECRYPTFS_LOWER_I_MUTEX_HELD 1 -int ecryptfs_write_inode_size_to_metadata(struct file *lower_file, - struct inode *lower_inode, - struct inode *inode, - struct dentry *ecryptfs_dentry, - int lower_i_mutex_held); -int ecryptfs_get_lower_page(struct page **lower_page, struct inode *lower_inode, - struct file *lower_file, - unsigned long lower_page_index, int byte_offset, - int region_bytes); -int -ecryptfs_commit_lower_page(struct page *lower_page, struct inode *lower_inode, - struct file *lower_file, int byte_offset, - int region_size); -int ecryptfs_copy_page_to_lower(struct page *page, struct inode *lower_inode, - struct file *lower_file); -int ecryptfs_do_readpage(struct file *file, struct page *page, - pgoff_t lower_page_index); -int ecryptfs_writepage_and_release_lower_page(struct page *lower_page, - struct inode *lower_inode, - struct writeback_control *wbc); -int ecryptfs_encrypt_page(struct ecryptfs_page_crypt_context *ctx); -int ecryptfs_decrypt_page(struct file *file, struct page *page); -int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry, - struct file *lower_file); -int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry, - struct file *lower_file); +int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode); +int ecryptfs_encrypt_page(struct page *page); +int ecryptfs_decrypt_page(struct page *page); +int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry); +int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry); int ecryptfs_new_file_context(struct dentry *ecryptfs_dentry); -int ecryptfs_read_and_validate_header_region(char *data, struct dentry *dentry, - struct vfsmount *mnt); +int ecryptfs_read_and_validate_header_region(char *data, + struct inode *ecryptfs_inode); int ecryptfs_read_and_validate_xattr_region(char *page_virt, struct dentry *ecryptfs_dentry); u16 ecryptfs_code_for_cipher_string(struct ecryptfs_crypt_stat *crypt_stat); @@ -533,27 +569,22 @@ int ecryptfs_generate_key_packet_set(char *dest_base, struct ecryptfs_crypt_stat *crypt_stat, struct dentry *ecryptfs_dentry, size_t *len, size_t max); -int process_request_key_err(long err_code); int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, unsigned char *src, struct dentry *ecryptfs_dentry); int ecryptfs_truncate(struct dentry *dentry, loff_t new_length); -int -ecryptfs_process_cipher(struct crypto_blkcipher **key_tfm, char *cipher_name, - size_t *key_size); int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode); int ecryptfs_inode_set(struct inode *inode, void *lower_inode); void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode); -int ecryptfs_open_lower_file(struct file **lower_file, - struct dentry *lower_dentry, - struct vfsmount *lower_mnt, int flags); -int ecryptfs_close_lower_file(struct file *lower_file); ssize_t ecryptfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size); +ssize_t +ecryptfs_getxattr_lower(struct dentry *lower_dentry, const char *name, + void *value, size_t size); int ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); -int ecryptfs_read_xattr_region(char *page_virt, struct dentry *ecryptfs_dentry); +int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode); int ecryptfs_process_helo(unsigned int transport, uid_t uid, pid_t pid); int ecryptfs_process_quit(uid_t uid, pid_t pid); int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t uid, @@ -580,7 +611,43 @@ void ecryptfs_write_header_metadata(char *virt, struct ecryptfs_crypt_stat *crypt_stat, size_t *written); +int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig); +int +ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, + char *sig); +int ecryptfs_get_global_auth_tok_for_sig( + struct ecryptfs_global_auth_tok **global_auth_tok, + struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig); +int +ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name, + size_t key_size); +int ecryptfs_init_crypto(void); +int ecryptfs_destroy_crypto(void); +int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm, + struct mutex **tfm_mutex, + char *cipher_name); +int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key, + struct ecryptfs_auth_tok **auth_tok, + char *sig); int ecryptfs_write_zeros(struct file *file, pgoff_t index, int start, int num_zeros); +void ecryptfs_lower_offset_for_extent(loff_t *offset, loff_t extent_num, + struct ecryptfs_crypt_stat *crypt_stat); +int ecryptfs_write_lower(struct inode *ecryptfs_inode, char *data, + loff_t offset, size_t size); +int ecryptfs_write_lower_page_segment(struct inode *ecryptfs_inode, + struct page *page_for_lower, + size_t offset_in_page, size_t size); +int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, + size_t size); +int ecryptfs_read_lower(char *data, loff_t offset, size_t size, + struct inode *ecryptfs_inode); +int ecryptfs_read_lower_page_segment(struct page *page_for_ecryptfs, + pgoff_t page_index, + size_t offset_in_page, size_t size, + struct inode *ecryptfs_inode); +int ecryptfs_read(char *data, loff_t offset, size_t size, + struct file *ecryptfs_file); +struct page *ecryptfs_get_locked_page(struct file *file, loff_t index); #endif /* #ifndef ECRYPTFS_KERNEL_H */ diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c index 94f456f..c98c469 100644 --- a/fs/ecryptfs/file.c +++ b/fs/ecryptfs/file.c @@ -141,34 +141,6 @@ retry: struct kmem_cache *ecryptfs_file_info_cache; -int ecryptfs_open_lower_file(struct file **lower_file, - struct dentry *lower_dentry, - struct vfsmount *lower_mnt, int flags) -{ - int rc = 0; - - flags |= O_LARGEFILE; - dget(lower_dentry); - mntget(lower_mnt); - *lower_file = dentry_open(lower_dentry, lower_mnt, flags); - if (IS_ERR(*lower_file)) { - printk(KERN_ERR "Error opening lower file for lower_dentry " - "[0x%p], lower_mnt [0x%p], and flags [0x%x]\n", - lower_dentry, lower_mnt, flags); - rc = PTR_ERR(*lower_file); - *lower_file = NULL; - goto out; - } -out: - return rc; -} - -int ecryptfs_close_lower_file(struct file *lower_file) -{ - fput(lower_file); - return 0; -} - /** * ecryptfs_open * @inode: inode speciying file to open @@ -187,11 +159,7 @@ static int ecryptfs_open(struct inode *inode, struct file *file) /* Private value of ecryptfs_dentry allocated in * ecryptfs_lookup() */ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry); - struct inode *lower_inode = NULL; - struct file *lower_file = NULL; - struct vfsmount *lower_mnt; struct ecryptfs_file_info *file_info; - int lower_flags; mount_crypt_stat = &ecryptfs_superblock_to_private( ecryptfs_dentry->d_sb)->mount_crypt_stat; @@ -219,25 +187,12 @@ static int ecryptfs_open(struct inode *inode, struct file *file) if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) { ecryptfs_printk(KERN_DEBUG, "Setting flags for stat...\n"); /* Policy code enabled in future release */ - crypt_stat->flags |= ECRYPTFS_POLICY_APPLIED; - crypt_stat->flags |= ECRYPTFS_ENCRYPTED; + crypt_stat->flags |= (ECRYPTFS_POLICY_APPLIED + | ECRYPTFS_ENCRYPTED); } mutex_unlock(&crypt_stat->cs_mutex); - lower_flags = file->f_flags; - if ((lower_flags & O_ACCMODE) == O_WRONLY) - lower_flags = (lower_flags & O_ACCMODE) | O_RDWR; - if (file->f_flags & O_APPEND) - lower_flags &= ~O_APPEND; - lower_mnt = ecryptfs_dentry_to_lower_mnt(ecryptfs_dentry); - /* Corresponding fput() in ecryptfs_release() */ - if ((rc = ecryptfs_open_lower_file(&lower_file, lower_dentry, lower_mnt, - lower_flags))) { - ecryptfs_printk(KERN_ERR, "Error opening lower file\n"); - goto out_puts; - } - ecryptfs_set_file_lower(file, lower_file); - /* Isn't this check the same as the one in lookup? */ - lower_inode = lower_dentry->d_inode; + ecryptfs_set_file_lower( + file, ecryptfs_inode_to_private(inode)->lower_file); if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) { ecryptfs_printk(KERN_DEBUG, "This is a directory\n"); crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED); @@ -247,7 +202,7 @@ static int ecryptfs_open(struct inode *inode, struct file *file) mutex_lock(&crypt_stat->cs_mutex); if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED) || !(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { - rc = ecryptfs_read_metadata(ecryptfs_dentry, lower_file); + rc = ecryptfs_read_metadata(ecryptfs_dentry); if (rc) { ecryptfs_printk(KERN_DEBUG, "Valid headers not found\n"); @@ -259,7 +214,7 @@ static int ecryptfs_open(struct inode *inode, struct file *file) "and plaintext passthrough mode is not " "enabled; returning -EIO\n"); mutex_unlock(&crypt_stat->cs_mutex); - goto out_puts; + goto out_free; } rc = 0; crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED); @@ -271,11 +226,8 @@ static int ecryptfs_open(struct inode *inode, struct file *file) ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = [0x%.16x] " "size: [0x%.16x]\n", inode, inode->i_ino, i_size_read(inode)); - ecryptfs_set_file_lower(file, lower_file); goto out; -out_puts: - mntput(lower_mnt); - dput(lower_dentry); +out_free: kmem_cache_free(ecryptfs_file_info_cache, ecryptfs_file_to_private(file)); out: @@ -295,19 +247,9 @@ static int ecryptfs_flush(struct file *file, fl_owner_t td) static int ecryptfs_release(struct inode *inode, struct file *file) { - struct file *lower_file = ecryptfs_file_to_lower(file); - struct ecryptfs_file_info *file_info = ecryptfs_file_to_private(file); - struct inode *lower_inode = ecryptfs_inode_to_lower(inode); - int rc; - - if ((rc = ecryptfs_close_lower_file(lower_file))) { - printk(KERN_ERR "Error closing lower_file\n"); - goto out; - } - inode->i_blocks = lower_inode->i_blocks; - kmem_cache_free(ecryptfs_file_info_cache, file_info); -out: - return rc; + kmem_cache_free(ecryptfs_file_info_cache, + ecryptfs_file_to_private(file)); + return 0; } static int @@ -338,21 +280,6 @@ static int ecryptfs_fasync(int fd, struct file *file, int flag) return rc; } -static ssize_t ecryptfs_splice_read(struct file *file, loff_t * ppos, - struct pipe_inode_info *pipe, size_t count, - unsigned int flags) -{ - struct file *lower_file = NULL; - int rc = -EINVAL; - - lower_file = ecryptfs_file_to_lower(file); - if (lower_file->f_op && lower_file->f_op->splice_read) - rc = lower_file->f_op->splice_read(lower_file, ppos, pipe, - count, flags); - - return rc; -} - static int ecryptfs_ioctl(struct inode *inode, struct file *file, unsigned int cmd, unsigned long arg); @@ -365,7 +292,7 @@ const struct file_operations ecryptfs_dir_fops = { .release = ecryptfs_release, .fsync = ecryptfs_fsync, .fasync = ecryptfs_fasync, - .splice_read = ecryptfs_splice_read, + .splice_read = generic_file_splice_read, }; const struct file_operations ecryptfs_main_fops = { @@ -382,7 +309,7 @@ const struct file_operations ecryptfs_main_fops = { .release = ecryptfs_release, .fsync = ecryptfs_fsync, .fasync = ecryptfs_fasync, - .splice_read = ecryptfs_splice_read, + .splice_read = generic_file_splice_read, }; static int diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 131954b..0b1ab01 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -119,10 +119,23 @@ ecryptfs_do_create(struct inode *directory_inode, } rc = ecryptfs_create_underlying_file(lower_dir_dentry->d_inode, ecryptfs_dentry, mode, nd); - if (unlikely(rc)) { - ecryptfs_printk(KERN_ERR, - "Failure to create underlying file\n"); - goto out_lock; + if (rc) { + struct inode *ecryptfs_inode = ecryptfs_dentry->d_inode; + struct ecryptfs_inode_info *inode_info = + ecryptfs_inode_to_private(ecryptfs_inode); + + printk(KERN_WARNING "%s: Error creating underlying file; " + "rc = [%d]; checking for existing\n", __FUNCTION__, rc); + if (inode_info) { + mutex_lock(&inode_info->lower_file_mutex); + if (!inode_info->lower_file) { + mutex_unlock(&inode_info->lower_file_mutex); + printk(KERN_ERR "%s: Failure to set underlying " + "file; rc = [%d]\n", __FUNCTION__, rc); + goto out_lock; + } + mutex_unlock(&inode_info->lower_file_mutex); + } } rc = ecryptfs_interpose(lower_dentry, ecryptfs_dentry, directory_inode->i_sb, 0); @@ -140,39 +153,30 @@ out: /** * grow_file - * @ecryptfs_dentry: the ecryptfs dentry - * @lower_file: The lower file - * @inode: The ecryptfs inode - * @lower_inode: The lower inode + * @ecryptfs_dentry: the eCryptfs dentry * * This is the code which will grow the file to its correct size. */ -static int grow_file(struct dentry *ecryptfs_dentry, struct file *lower_file, - struct inode *inode, struct inode *lower_inode) +static int grow_file(struct dentry *ecryptfs_dentry) { - int rc = 0; + struct inode *ecryptfs_inode = ecryptfs_dentry->d_inode; struct file fake_file; struct ecryptfs_file_info tmp_file_info; + char zero_virt[] = { 0x00 }; + int rc = 0; memset(&fake_file, 0, sizeof(fake_file)); fake_file.f_path.dentry = ecryptfs_dentry; memset(&tmp_file_info, 0, sizeof(tmp_file_info)); ecryptfs_set_file_private(&fake_file, &tmp_file_info); - ecryptfs_set_file_lower(&fake_file, lower_file); - rc = ecryptfs_fill_zeros(&fake_file, 1); - if (rc) { - ecryptfs_inode_to_private(inode)->crypt_stat.flags |= - ECRYPTFS_SECURITY_WARNING; - ecryptfs_printk(KERN_WARNING, "Error attempting to fill zeros " - "in file; rc = [%d]\n", rc); - goto out; - } - i_size_write(inode, 0); - rc = ecryptfs_write_inode_size_to_metadata(lower_file, lower_inode, - inode, ecryptfs_dentry, - ECRYPTFS_LOWER_I_MUTEX_NOT_HELD); - ecryptfs_inode_to_private(inode)->crypt_stat.flags |= ECRYPTFS_NEW_FILE; -out: + ecryptfs_set_file_lower( + &fake_file, + ecryptfs_inode_to_private(ecryptfs_inode)->lower_file); + rc = ecryptfs_write(&fake_file, zero_virt, 0, 1); + i_size_write(ecryptfs_inode, 0); + rc = ecryptfs_write_inode_size_to_metadata(ecryptfs_inode); + ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat.flags |= + ECRYPTFS_NEW_FILE; return rc; } @@ -186,51 +190,31 @@ out: */ static int ecryptfs_initialize_file(struct dentry *ecryptfs_dentry) { + struct ecryptfs_crypt_stat *crypt_stat = + &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; int rc = 0; - int lower_flags; - struct ecryptfs_crypt_stat *crypt_stat; - struct dentry *lower_dentry; - struct file *lower_file; - struct inode *inode, *lower_inode; - struct vfsmount *lower_mnt; - lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry); - ecryptfs_printk(KERN_DEBUG, "lower_dentry->d_name.name = [%s]\n", - lower_dentry->d_name.name); - inode = ecryptfs_dentry->d_inode; - crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; - lower_flags = ((O_CREAT | O_TRUNC) & O_ACCMODE) | O_RDWR; - lower_mnt = ecryptfs_dentry_to_lower_mnt(ecryptfs_dentry); - /* Corresponding fput() at end of this function */ - if ((rc = ecryptfs_open_lower_file(&lower_file, lower_dentry, lower_mnt, - lower_flags))) { - ecryptfs_printk(KERN_ERR, - "Error opening dentry; rc = [%i]\n", rc); - goto out; - } - lower_inode = lower_dentry->d_inode; if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) { ecryptfs_printk(KERN_DEBUG, "This is a directory\n"); crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED); - goto out_fput; + goto out; } crypt_stat->flags |= ECRYPTFS_NEW_FILE; ecryptfs_printk(KERN_DEBUG, "Initializing crypto context\n"); rc = ecryptfs_new_file_context(ecryptfs_dentry); if (rc) { - ecryptfs_printk(KERN_DEBUG, "Error creating new file " - "context\n"); - goto out_fput; + ecryptfs_printk(KERN_ERR, "Error creating new file " + "context; rc = [%d]\n", rc); + goto out; } - rc = ecryptfs_write_metadata(ecryptfs_dentry, lower_file); + rc = ecryptfs_write_metadata(ecryptfs_dentry); if (rc) { - ecryptfs_printk(KERN_DEBUG, "Error writing headers\n"); - goto out_fput; + printk(KERN_ERR "Error writing headers; rc = [%d]\n", rc); + goto out; } - rc = grow_file(ecryptfs_dentry, lower_file, inode, lower_inode); -out_fput: - if ((rc = ecryptfs_close_lower_file(lower_file))) - printk(KERN_ERR "Error closing lower_file\n"); + rc = grow_file(ecryptfs_dentry); + if (rc) + printk(KERN_ERR "Error growing file; rc = [%d]\n", rc); out: return rc; } @@ -252,6 +236,8 @@ ecryptfs_create(struct inode *directory_inode, struct dentry *ecryptfs_dentry, { int rc; + /* ecryptfs_do_create() calls ecryptfs_interpose(), which opens + * the crypt_stat->lower_file (persistent file) */ rc = ecryptfs_do_create(directory_inode, ecryptfs_dentry, mode, nd); if (unlikely(rc)) { ecryptfs_printk(KERN_WARNING, "Failed to create file in" @@ -374,8 +360,8 @@ static struct dentry *ecryptfs_lookup(struct inode *dir, struct dentry *dentry, crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) ecryptfs_set_default_sizes(crypt_stat); - rc = ecryptfs_read_and_validate_header_region(page_virt, lower_dentry, - nd->mnt); + rc = ecryptfs_read_and_validate_header_region(page_virt, + dentry->d_inode); if (rc) { rc = ecryptfs_read_and_validate_xattr_region(page_virt, dentry); if (rc) { @@ -392,7 +378,8 @@ static struct dentry *ecryptfs_lookup(struct inode *dir, struct dentry *dentry, dentry->d_sb)->mount_crypt_stat; if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) { if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) - file_size = (crypt_stat->header_extent_size + file_size = ((crypt_stat->extent_size + * crypt_stat->num_header_extents_at_front) + i_size_read(lower_dentry->d_inode)); else file_size = i_size_read(lower_dentry->d_inode); @@ -722,8 +709,8 @@ upper_size_to_lower_size(struct ecryptfs_crypt_stat *crypt_stat, { loff_t lower_size; - lower_size = ( crypt_stat->header_extent_size - * crypt_stat->num_header_extents_at_front ); + lower_size = (crypt_stat->extent_size + * crypt_stat->num_header_extents_at_front); if (upper_size != 0) { loff_t num_extents; @@ -752,8 +739,7 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) int rc = 0; struct inode *inode = dentry->d_inode; struct dentry *lower_dentry; - struct vfsmount *lower_mnt; - struct file fake_ecryptfs_file, *lower_file = NULL; + struct file fake_ecryptfs_file; struct ecryptfs_crypt_stat *crypt_stat; loff_t i_size = i_size_read(inode); loff_t lower_size_before_truncate; @@ -776,62 +762,52 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) goto out; } lower_dentry = ecryptfs_dentry_to_lower(dentry); - /* This dget & mntget is released through fput at out_fput: */ - lower_mnt = ecryptfs_dentry_to_lower_mnt(dentry); - if ((rc = ecryptfs_open_lower_file(&lower_file, lower_dentry, lower_mnt, - O_RDWR))) { - ecryptfs_printk(KERN_ERR, - "Error opening dentry; rc = [%i]\n", rc); - goto out_free; - } - ecryptfs_set_file_lower(&fake_ecryptfs_file, lower_file); + ecryptfs_set_file_lower( + &fake_ecryptfs_file, + ecryptfs_inode_to_private(dentry->d_inode)->lower_file); /* Switch on growing or shrinking file */ if (new_length > i_size) { - rc = ecryptfs_fill_zeros(&fake_ecryptfs_file, new_length); - if (rc) { - ecryptfs_printk(KERN_ERR, - "Problem with fill_zeros\n"); - goto out_fput; - } - i_size_write(inode, new_length); - rc = ecryptfs_write_inode_size_to_metadata( - lower_file, lower_dentry->d_inode, inode, dentry, - ECRYPTFS_LOWER_I_MUTEX_NOT_HELD); - if (rc) { - printk(KERN_ERR "Problem with " - "ecryptfs_write_inode_size_to_metadata; " - "rc = [%d]\n", rc); - goto out_fput; - } + char zero[] = { 0x00 }; + + /* Write a single 0 at the last position of the file; + * this triggers code that will fill in 0's throughout + * the intermediate portion of the previous end of the + * file and the new and of the file */ + rc = ecryptfs_write(&fake_ecryptfs_file, zero, + (new_length - 1), 1); } else { /* new_length < i_size_read(inode) */ - pgoff_t index = 0; - int end_pos_in_page = -1; + /* We're chopping off all the pages down do the page + * in which new_length is located. Fill in the end of + * that page from (new_length & ~PAGE_CACHE_MASK) to + * PAGE_CACHE_SIZE with zeros. */ + size_t num_zeros = (PAGE_CACHE_SIZE + - (new_length & ~PAGE_CACHE_MASK)); - if (new_length != 0) { - index = ((new_length - 1) >> PAGE_CACHE_SHIFT); - end_pos_in_page = ((new_length - 1) & ~PAGE_CACHE_MASK); - } - if (end_pos_in_page != (PAGE_CACHE_SIZE - 1)) { - if ((rc = ecryptfs_write_zeros(&fake_ecryptfs_file, - index, - (end_pos_in_page + 1), - ((PAGE_CACHE_SIZE - 1) - - end_pos_in_page)))) { + if (num_zeros) { + char *zeros_virt; + + zeros_virt = kzalloc(num_zeros, GFP_KERNEL); + if (!zeros_virt) { + rc = -ENOMEM; + goto out_free; + } + rc = ecryptfs_write(&fake_ecryptfs_file, zeros_virt, + new_length, num_zeros); + kfree(zeros_virt); + if (rc) { printk(KERN_ERR "Error attempting to zero out " "the remainder of the end page on " "reducing truncate; rc = [%d]\n", rc); - goto out_fput; + goto out_free; } } vmtruncate(inode, new_length); - rc = ecryptfs_write_inode_size_to_metadata( - lower_file, lower_dentry->d_inode, inode, dentry, - ECRYPTFS_LOWER_I_MUTEX_NOT_HELD); + rc = ecryptfs_write_inode_size_to_metadata(inode); if (rc) { printk(KERN_ERR "Problem with " "ecryptfs_write_inode_size_to_metadata; " "rc = [%d]\n", rc); - goto out_fput; + goto out_free; } /* We are reducing the size of the ecryptfs file, and need to * know if we need to reduce the size of the lower file. */ @@ -843,13 +819,6 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) vmtruncate(lower_dentry->d_inode, lower_size_after_truncate); } - /* Update the access times */ - lower_dentry->d_inode->i_mtime = lower_dentry->d_inode->i_ctime - = CURRENT_TIME; - mark_inode_dirty_sync(inode); -out_fput: - if ((rc = ecryptfs_close_lower_file(lower_file))) - printk(KERN_ERR "Error closing lower_file\n"); out_free: if (ecryptfs_file_to_private(&fake_ecryptfs_file)) kmem_cache_free(ecryptfs_file_info_cache, @@ -909,23 +878,12 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) else if (S_ISREG(dentry->d_inode->i_mode) && (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED) || !(crypt_stat->flags & ECRYPTFS_KEY_VALID))) { - struct vfsmount *lower_mnt; - struct file *lower_file = NULL; struct ecryptfs_mount_crypt_stat *mount_crypt_stat; - int lower_flags; - - lower_mnt = ecryptfs_dentry_to_lower_mnt(dentry); - lower_flags = O_RDONLY; - if ((rc = ecryptfs_open_lower_file(&lower_file, lower_dentry, - lower_mnt, lower_flags))) { - printk(KERN_ERR - "Error opening lower file; rc = [%d]\n", rc); - mutex_unlock(&crypt_stat->cs_mutex); - goto out; - } + mount_crypt_stat = &ecryptfs_superblock_to_private( dentry->d_sb)->mount_crypt_stat; - if ((rc = ecryptfs_read_metadata(dentry, lower_file))) { + rc = ecryptfs_read_metadata(dentry); + if (rc) { if (!(mount_crypt_stat->flags & ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED)) { rc = -EIO; @@ -935,16 +893,13 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) "enabled; returning -EIO\n"); mutex_unlock(&crypt_stat->cs_mutex); - fput(lower_file); goto out; } rc = 0; crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED); mutex_unlock(&crypt_stat->cs_mutex); - fput(lower_file); goto out; } - fput(lower_file); } mutex_unlock(&crypt_stat->cs_mutex); if (ia->ia_valid & ATTR_SIZE) { @@ -959,6 +914,14 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) if (rc < 0) goto out; } + + /* + * mode change is for clearing setuid/setgid bits. Allow lower fs + * to interpret this in its own way. + */ + if (ia->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) + ia->ia_valid &= ~ATTR_MODE; + rc = notify_change(lower_dentry, ia); out: fsstack_copy_attr_all(inode, lower_inode, NULL); @@ -986,13 +949,11 @@ out: } ssize_t -ecryptfs_getxattr(struct dentry *dentry, const char *name, void *value, - size_t size) +ecryptfs_getxattr_lower(struct dentry *lower_dentry, const char *name, + void *value, size_t size) { int rc = 0; - struct dentry *lower_dentry; - lower_dentry = ecryptfs_dentry_to_lower(dentry); if (!lower_dentry->d_inode->i_op->getxattr) { rc = -ENOSYS; goto out; @@ -1005,6 +966,14 @@ out: return rc; } +ssize_t +ecryptfs_getxattr(struct dentry *dentry, const char *name, void *value, + size_t size) +{ + return ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry), name, + value, size); +} + static ssize_t ecryptfs_listxattr(struct dentry *dentry, char *list, size_t size) { diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c index b550dea..89d9710 100644 --- a/fs/ecryptfs/keystore.c +++ b/fs/ecryptfs/keystore.c @@ -39,7 +39,7 @@ * determine the type of error, make appropriate log entries, and * return an error code. */ -int process_request_key_err(long err_code) +static int process_request_key_err(long err_code) { int rc = 0; @@ -71,7 +71,7 @@ int process_request_key_err(long err_code) * address; zero on error * @length_size: The number of bytes occupied by the encoded length * - * Returns Zero on success + * Returns zero on success; non-zero on error */ static int parse_packet_length(unsigned char *data, size_t *size, size_t *length_size) @@ -106,11 +106,11 @@ out: /** * write_packet_length - * @dest: The byte array target into which to write the - * length. Must have at least 5 bytes allocated. + * @dest: The byte array target into which to write the length. Must + * have at least 5 bytes allocated. * @size: The length to write. - * @packet_size_length: The number of bytes used to encode the - * packet length is written to this address. + * @packet_size_length: The number of bytes used to encode the packet + * length is written to this address. * * Returns zero on success; non-zero on error. */ @@ -396,26 +396,53 @@ out: return rc; } +static int +ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok) +{ + int rc = 0; + + (*sig) = NULL; + switch (auth_tok->token_type) { + case ECRYPTFS_PASSWORD: + (*sig) = auth_tok->token.password.signature; + break; + case ECRYPTFS_PRIVATE_KEY: + (*sig) = auth_tok->token.private_key.signature; + break; + default: + printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n", + auth_tok->token_type); + rc = -EINVAL; + } + return rc; +} + /** - * decrypt_pki_encrypted_session_key - Decrypt the session key with - * the given auth_tok. + * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok. + * @auth_tok: The key authentication token used to decrypt the session key + * @crypt_stat: The cryptographic context * - * Returns Zero on success; non-zero error otherwise. + * Returns zero on success; non-zero error otherwise. */ -static int decrypt_pki_encrypted_session_key( - struct ecryptfs_mount_crypt_stat *mount_crypt_stat, - struct ecryptfs_auth_tok *auth_tok, - struct ecryptfs_crypt_stat *crypt_stat) +static int +decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, + struct ecryptfs_crypt_stat *crypt_stat) { u16 cipher_code = 0; struct ecryptfs_msg_ctx *msg_ctx; struct ecryptfs_message *msg = NULL; + char *auth_tok_sig; char *netlink_message; size_t netlink_message_length; int rc; - rc = write_tag_64_packet(mount_crypt_stat->global_auth_tok_sig, - &(auth_tok->session_key), + rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok); + if (rc) { + printk(KERN_ERR "Unrecognized auth tok type: [%d]\n", + auth_tok->token_type); + goto out; + } + rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key), &netlink_message, &netlink_message_length); if (rc) { ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet"); @@ -465,40 +492,33 @@ out: static void wipe_auth_tok_list(struct list_head *auth_tok_list_head) { - struct list_head *walker; struct ecryptfs_auth_tok_list_item *auth_tok_list_item; + struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; - walker = auth_tok_list_head->next; - while (walker != auth_tok_list_head) { - auth_tok_list_item = - list_entry(walker, struct ecryptfs_auth_tok_list_item, - list); - walker = auth_tok_list_item->list.next; - memset(auth_tok_list_item, 0, - sizeof(struct ecryptfs_auth_tok_list_item)); + list_for_each_entry_safe(auth_tok_list_item, auth_tok_list_item_tmp, + auth_tok_list_head, list) { + list_del(&auth_tok_list_item->list); kmem_cache_free(ecryptfs_auth_tok_list_item_cache, auth_tok_list_item); } - auth_tok_list_head->next = NULL; } struct kmem_cache *ecryptfs_auth_tok_list_item_cache; - /** * parse_tag_1_packet - * @crypt_stat: The cryptographic context to modify based on packet - * contents. + * @crypt_stat: The cryptographic context to modify based on packet contents * @data: The raw bytes of the packet. * @auth_tok_list: eCryptfs parses packets into authentication tokens; - * a new authentication token will be placed at the end - * of this list for this packet. + * a new authentication token will be placed at the + * end of this list for this packet. * @new_auth_tok: Pointer to a pointer to memory that this function * allocates; sets the memory address of the pointer to * NULL on error. This object is added to the * auth_tok_list. * @packet_size: This function writes the size of the parsed packet * into this memory location; zero on error. + * @max_packet_size: The maximum allowable packet size * * Returns zero on success; non-zero on error. */ @@ -515,72 +535,65 @@ parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat, (*packet_size) = 0; (*new_auth_tok) = NULL; - - /* we check that: - * one byte for the Tag 1 ID flag - * two bytes for the body size - * do not exceed the maximum_packet_size + /** + * This format is inspired by OpenPGP; see RFC 2440 + * packet tag 1 + * + * Tag 1 identifier (1 byte) + * Max Tag 1 packet size (max 3 bytes) + * Version (1 byte) + * Key identifier (8 bytes; ECRYPTFS_SIG_SIZE) + * Cipher identifier (1 byte) + * Encrypted key size (arbitrary) + * + * 12 bytes minimum packet size */ - if (unlikely((*packet_size) + 3 > max_packet_size)) { - ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n"); + if (unlikely(max_packet_size < 12)) { + printk(KERN_ERR "Invalid max packet size; must be >=12\n"); rc = -EINVAL; goto out; } - /* check for Tag 1 identifier - one byte */ if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) { - ecryptfs_printk(KERN_ERR, "Enter w/ first byte != 0x%.2x\n", - ECRYPTFS_TAG_1_PACKET_TYPE); + printk(KERN_ERR "Enter w/ first byte != 0x%.2x\n", + ECRYPTFS_TAG_1_PACKET_TYPE); rc = -EINVAL; goto out; } /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or * at end of function upon failure */ auth_tok_list_item = - kmem_cache_alloc(ecryptfs_auth_tok_list_item_cache, - GFP_KERNEL); + kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, + GFP_KERNEL); if (!auth_tok_list_item) { - ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); + printk(KERN_ERR "Unable to allocate memory\n"); rc = -ENOMEM; goto out; } - memset(auth_tok_list_item, 0, - sizeof(struct ecryptfs_auth_tok_list_item)); (*new_auth_tok) = &auth_tok_list_item->auth_tok; - /* check for body size - one to two bytes - * - * ***** TAG 1 Packet Format ***** - * | version number | 1 byte | - * | key ID | 8 bytes | - * | public key algorithm | 1 byte | - * | encrypted session key | arbitrary | - */ rc = parse_packet_length(&data[(*packet_size)], &body_size, &length_size); if (rc) { - ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " - "rc = [%d]\n", rc); + printk(KERN_WARNING "Error parsing packet length; " + "rc = [%d]\n", rc); goto out_free; } - if (unlikely(body_size < (0x02 + ECRYPTFS_SIG_SIZE))) { - ecryptfs_printk(KERN_WARNING, "Invalid body size ([%d])\n", - body_size); + if (unlikely(body_size < (ECRYPTFS_SIG_SIZE + 2))) { + printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); rc = -EINVAL; goto out_free; } (*packet_size) += length_size; if (unlikely((*packet_size) + body_size > max_packet_size)) { - ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n"); + printk(KERN_WARNING "Packet size exceeds max\n"); rc = -EINVAL; goto out_free; } - /* Version 3 (from RFC2440) - one byte */ if (unlikely(data[(*packet_size)++] != 0x03)) { - ecryptfs_printk(KERN_DEBUG, "Unknown version number " - "[%d]\n", data[(*packet_size) - 1]); + printk(KERN_WARNING "Unknown version number [%d]\n", + data[(*packet_size) - 1]); rc = -EINVAL; goto out_free; } - /* Read Signature */ ecryptfs_to_hex((*new_auth_tok)->token.private_key.signature, &data[(*packet_size)], ECRYPTFS_SIG_SIZE); *packet_size += ECRYPTFS_SIG_SIZE; @@ -588,27 +601,23 @@ parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat, * know which public key encryption algorithm was used */ (*packet_size)++; (*new_auth_tok)->session_key.encrypted_key_size = - body_size - (0x02 + ECRYPTFS_SIG_SIZE); + body_size - (ECRYPTFS_SIG_SIZE + 2); if ((*new_auth_tok)->session_key.encrypted_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { - ecryptfs_printk(KERN_ERR, "Tag 1 packet contains key larger " - "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES"); + printk(KERN_WARNING "Tag 1 packet contains key larger " + "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES"); rc = -EINVAL; goto out; } - ecryptfs_printk(KERN_DEBUG, "Encrypted key size = [%d]\n", - (*new_auth_tok)->session_key.encrypted_key_size); memcpy((*new_auth_tok)->session_key.encrypted_key, - &data[(*packet_size)], (body_size - 0x02 - ECRYPTFS_SIG_SIZE)); + &data[(*packet_size)], (body_size - (ECRYPTFS_SIG_SIZE + 2))); (*packet_size) += (*new_auth_tok)->session_key.encrypted_key_size; (*new_auth_tok)->session_key.flags &= ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; (*new_auth_tok)->session_key.flags |= ECRYPTFS_CONTAINS_ENCRYPTED_KEY; (*new_auth_tok)->token_type = ECRYPTFS_PRIVATE_KEY; - (*new_auth_tok)->flags |= ECRYPTFS_PRIVATE_KEY; - /* TODO: Why are we setting this flag here? Don't we want the - * userspace to decrypt the session key? */ + (*new_auth_tok)->flags = 0; (*new_auth_tok)->session_key.flags &= ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT); (*new_auth_tok)->session_key.flags &= @@ -658,22 +667,30 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, (*packet_size) = 0; (*new_auth_tok) = NULL; - - /* we check that: - * one byte for the Tag 3 ID flag - * two bytes for the body size - * do not exceed the maximum_packet_size + /** + *This format is inspired by OpenPGP; see RFC 2440 + * packet tag 3 + * + * Tag 3 identifier (1 byte) + * Max Tag 3 packet size (max 3 bytes) + * Version (1 byte) + * Cipher code (1 byte) + * S2K specifier (1 byte) + * Hash identifier (1 byte) + * Salt (ECRYPTFS_SALT_SIZE) + * Hash iterations (1 byte) + * Encrypted key (arbitrary) + * + * (ECRYPTFS_SALT_SIZE + 7) minimum packet size */ - if (unlikely((*packet_size) + 3 > max_packet_size)) { - ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n"); + if (max_packet_size < (ECRYPTFS_SALT_SIZE + 7)) { + printk(KERN_ERR "Max packet size too large\n"); rc = -EINVAL; goto out; } - - /* check for Tag 3 identifyer - one byte */ if (data[(*packet_size)++] != ECRYPTFS_TAG_3_PACKET_TYPE) { - ecryptfs_printk(KERN_ERR, "Enter w/ first byte != 0x%.2x\n", - ECRYPTFS_TAG_3_PACKET_TYPE); + printk(KERN_ERR "First byte != 0x%.2x; invalid packet\n", + ECRYPTFS_TAG_3_PACKET_TYPE); rc = -EINVAL; goto out; } @@ -682,56 +699,37 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, auth_tok_list_item = kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, GFP_KERNEL); if (!auth_tok_list_item) { - ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); + printk(KERN_ERR "Unable to allocate memory\n"); rc = -ENOMEM; goto out; } (*new_auth_tok) = &auth_tok_list_item->auth_tok; - - /* check for body size - one to two bytes */ rc = parse_packet_length(&data[(*packet_size)], &body_size, &length_size); if (rc) { - ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " - "rc = [%d]\n", rc); + printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n", + rc); goto out_free; } - if (unlikely(body_size < (0x05 + ECRYPTFS_SALT_SIZE))) { - ecryptfs_printk(KERN_WARNING, "Invalid body size ([%d])\n", - body_size); + if (unlikely(body_size < (ECRYPTFS_SALT_SIZE + 5))) { + printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); rc = -EINVAL; goto out_free; } (*packet_size) += length_size; - - /* now we know the length of the remainting Tag 3 packet size: - * 5 fix bytes for: version string, cipher, S2K ID, hash algo, - * number of hash iterations - * ECRYPTFS_SALT_SIZE bytes for salt - * body_size bytes minus the stuff above is the encrypted key size - */ if (unlikely((*packet_size) + body_size > max_packet_size)) { - ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n"); + printk(KERN_ERR "Packet size exceeds max\n"); rc = -EINVAL; goto out_free; } - - /* There are 5 characters of additional information in the - * packet */ (*new_auth_tok)->session_key.encrypted_key_size = - body_size - (0x05 + ECRYPTFS_SALT_SIZE); - ecryptfs_printk(KERN_DEBUG, "Encrypted key size = [%d]\n", - (*new_auth_tok)->session_key.encrypted_key_size); - - /* Version 4 (from RFC2440) - one byte */ + (body_size - (ECRYPTFS_SALT_SIZE + 5)); if (unlikely(data[(*packet_size)++] != 0x04)) { - ecryptfs_printk(KERN_DEBUG, "Unknown version number " - "[%d]\n", data[(*packet_size) - 1]); + printk(KERN_WARNING "Unknown version number [%d]\n", + data[(*packet_size) - 1]); rc = -EINVAL; goto out_free; } - - /* cipher - one byte */ ecryptfs_cipher_code_to_string(crypt_stat->cipher, (u16)data[(*packet_size)]); /* A little extra work to differentiate among the AES key @@ -745,33 +743,26 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, (*new_auth_tok)->session_key.encrypted_key_size; } ecryptfs_init_crypt_ctx(crypt_stat); - /* S2K identifier 3 (from RFC2440) */ if (unlikely(data[(*packet_size)++] != 0x03)) { - ecryptfs_printk(KERN_ERR, "Only S2K ID 3 is currently " - "supported\n"); + printk(KERN_WARNING "Only S2K ID 3 is currently supported\n"); rc = -ENOSYS; goto out_free; } - /* TODO: finish the hash mapping */ - /* hash algorithm - one byte */ switch (data[(*packet_size)++]) { case 0x01: /* See RFC2440 for these numbers and their mappings */ /* Choose MD5 */ - /* salt - ECRYPTFS_SALT_SIZE bytes */ memcpy((*new_auth_tok)->token.password.salt, &data[(*packet_size)], ECRYPTFS_SALT_SIZE); (*packet_size) += ECRYPTFS_SALT_SIZE; - /* This conversion was taken straight from RFC2440 */ - /* number of hash iterations - one byte */ (*new_auth_tok)->token.password.hash_iterations = ((u32) 16 + (data[(*packet_size)] & 15)) << ((data[(*packet_size)] >> 4) + 6); (*packet_size)++; - - /* encrypted session key - - * (body_size-5-ECRYPTFS_SALT_SIZE) bytes */ + /* Friendly reminder: + * (*new_auth_tok)->session_key.encrypted_key_size = + * (body_size - (ECRYPTFS_SALT_SIZE + 5)); */ memcpy((*new_auth_tok)->session_key.encrypted_key, &data[(*packet_size)], (*new_auth_tok)->session_key.encrypted_key_size); @@ -781,7 +772,7 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; (*new_auth_tok)->session_key.flags |= ECRYPTFS_CONTAINS_ENCRYPTED_KEY; - (*new_auth_tok)->token.password.hash_algo = 0x01; + (*new_auth_tok)->token.password.hash_algo = 0x01; /* MD5 */ break; default: ecryptfs_printk(KERN_ERR, "Unsupported hash algorithm: " @@ -837,82 +828,61 @@ parse_tag_11_packet(unsigned char *data, unsigned char *contents, (*packet_size) = 0; (*tag_11_contents_size) = 0; - - /* check that: - * one byte for the Tag 11 ID flag - * two bytes for the Tag 11 length - * do not exceed the maximum_packet_size + /* This format is inspired by OpenPGP; see RFC 2440 + * packet tag 11 + * + * Tag 11 identifier (1 byte) + * Max Tag 11 packet size (max 3 bytes) + * Binary format specifier (1 byte) + * Filename length (1 byte) + * Filename ("_CONSOLE") (8 bytes) + * Modification date (4 bytes) + * Literal data (arbitrary) + * + * We need at least 16 bytes of data for the packet to even be + * valid. */ - if (unlikely((*packet_size) + 3 > max_packet_size)) { - ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n"); + if (max_packet_size < 16) { + printk(KERN_ERR "Maximum packet size too small\n"); rc = -EINVAL; goto out; } - - /* check for Tag 11 identifyer - one byte */ if (data[(*packet_size)++] != ECRYPTFS_TAG_11_PACKET_TYPE) { - ecryptfs_printk(KERN_WARNING, - "Invalid tag 11 packet format\n"); + printk(KERN_WARNING "Invalid tag 11 packet format\n"); rc = -EINVAL; goto out; } - - /* get Tag 11 content length - one or two bytes */ rc = parse_packet_length(&data[(*packet_size)], &body_size, &length_size); if (rc) { - ecryptfs_printk(KERN_WARNING, - "Invalid tag 11 packet format\n"); + printk(KERN_WARNING "Invalid tag 11 packet format\n"); goto out; } - (*packet_size) += length_size; - - if (body_size < 13) { - ecryptfs_printk(KERN_WARNING, "Invalid body size ([%d])\n", - body_size); + if (body_size < 14) { + printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); rc = -EINVAL; goto out; } - /* We have 13 bytes of surrounding packet values */ - (*tag_11_contents_size) = (body_size - 13); - - /* now we know the length of the remainting Tag 11 packet size: - * 14 fix bytes for: special flag one, special flag two, - * 12 skipped bytes - * body_size bytes minus the stuff above is the Tag 11 content - */ - /* FIXME why is the body size one byte smaller than the actual - * size of the body? - * this seems to be an error here as well as in - * write_tag_11_packet() */ + (*packet_size) += length_size; + (*tag_11_contents_size) = (body_size - 14); if (unlikely((*packet_size) + body_size + 1 > max_packet_size)) { - ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n"); + printk(KERN_ERR "Packet size exceeds max\n"); rc = -EINVAL; goto out; } - - /* special flag one - one byte */ if (data[(*packet_size)++] != 0x62) { - ecryptfs_printk(KERN_WARNING, "Unrecognizable packet\n"); + printk(KERN_WARNING "Unrecognizable packet\n"); rc = -EINVAL; goto out; } - - /* special flag two - one byte */ if (data[(*packet_size)++] != 0x08) { - ecryptfs_printk(KERN_WARNING, "Unrecognizable packet\n"); + printk(KERN_WARNING "Unrecognizable packet\n"); rc = -EINVAL; goto out; } - - /* skip the next 12 bytes */ - (*packet_size) += 12; /* We don't care about the filename or - * the timestamp */ - - /* get the Tag 11 contents - tag_11_contents_size bytes */ + (*packet_size) += 12; /* Ignore filename and modification date */ memcpy(contents, &data[(*packet_size)], (*tag_11_contents_size)); (*packet_size) += (*tag_11_contents_size); - out: if (rc) { (*packet_size) = 0; @@ -921,130 +891,229 @@ out: return rc; } +static int +ecryptfs_find_global_auth_tok_for_sig( + struct ecryptfs_global_auth_tok **global_auth_tok, + struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig) +{ + struct ecryptfs_global_auth_tok *walker; + int rc = 0; + + (*global_auth_tok) = NULL; + mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); + list_for_each_entry(walker, + &mount_crypt_stat->global_auth_tok_list, + mount_crypt_stat_list) { + if (memcmp(walker->sig, sig, ECRYPTFS_SIG_SIZE_HEX) == 0) { + (*global_auth_tok) = walker; + goto out; + } + } + rc = -EINVAL; +out: + mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); + return rc; +} + /** - * decrypt_session_key - Decrypt the session key with the given auth_tok. + * ecryptfs_verify_version + * @version: The version number to confirm * - * Returns Zero on success; non-zero error otherwise. + * Returns zero on good version; non-zero otherwise */ -static int decrypt_session_key(struct ecryptfs_auth_tok *auth_tok, - struct ecryptfs_crypt_stat *crypt_stat) +static int ecryptfs_verify_version(u16 version) { - struct ecryptfs_password *password_s_ptr; - struct scatterlist src_sg[2], dst_sg[2]; - struct mutex *tfm_mutex = NULL; - char *encrypted_session_key; - char *session_key; + int rc = 0; + unsigned char major; + unsigned char minor; + + major = ((version >> 8) & 0xFF); + minor = (version & 0xFF); + if (major != ECRYPTFS_VERSION_MAJOR) { + ecryptfs_printk(KERN_ERR, "Major version number mismatch. " + "Expected [%d]; got [%d]\n", + ECRYPTFS_VERSION_MAJOR, major); + rc = -EINVAL; + goto out; + } + if (minor != ECRYPTFS_VERSION_MINOR) { + ecryptfs_printk(KERN_ERR, "Minor version number mismatch. " + "Expected [%d]; got [%d]\n", + ECRYPTFS_VERSION_MINOR, minor); + rc = -EINVAL; + goto out; + } +out: + return rc; +} + +int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key, + struct ecryptfs_auth_tok **auth_tok, + char *sig) +{ + int rc = 0; + + (*auth_tok_key) = request_key(&key_type_user, sig, NULL); + if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) { + printk(KERN_ERR "Could not find key with description: [%s]\n", + sig); + process_request_key_err(PTR_ERR(*auth_tok_key)); + rc = -EINVAL; + goto out; + } + (*auth_tok) = ecryptfs_get_key_payload_data(*auth_tok_key); + if (ecryptfs_verify_version((*auth_tok)->version)) { + printk(KERN_ERR + "Data structure version mismatch. " + "Userspace tools must match eCryptfs " + "kernel module with major version [%d] " + "and minor version [%d]\n", + ECRYPTFS_VERSION_MAJOR, + ECRYPTFS_VERSION_MINOR); + rc = -EINVAL; + goto out; + } + if ((*auth_tok)->token_type != ECRYPTFS_PASSWORD + && (*auth_tok)->token_type != ECRYPTFS_PRIVATE_KEY) { + printk(KERN_ERR "Invalid auth_tok structure " + "returned from key query\n"); + rc = -EINVAL; + goto out; + } +out: + return rc; +} + +/** + * ecryptfs_find_auth_tok_for_sig + * @auth_tok: Set to the matching auth_tok; NULL if not found + * @crypt_stat: inode crypt_stat crypto context + * @sig: Sig of auth_tok to find + * + * For now, this function simply looks at the registered auth_tok's + * linked off the mount_crypt_stat, so all the auth_toks that can be + * used must be registered at mount time. This function could + * potentially try a lot harder to find auth_tok's (e.g., by calling + * out to ecryptfsd to dynamically retrieve an auth_tok object) so + * that static registration of auth_tok's will no longer be necessary. + * + * Returns zero on no error; non-zero on error + */ +static int +ecryptfs_find_auth_tok_for_sig( + struct ecryptfs_auth_tok **auth_tok, + struct ecryptfs_crypt_stat *crypt_stat, char *sig) +{ + struct ecryptfs_mount_crypt_stat *mount_crypt_stat = + crypt_stat->mount_crypt_stat; + struct ecryptfs_global_auth_tok *global_auth_tok; + int rc = 0; + + (*auth_tok) = NULL; + if (ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, + mount_crypt_stat, sig)) { + struct key *auth_tok_key; + + rc = ecryptfs_keyring_auth_tok_for_sig(&auth_tok_key, auth_tok, + sig); + } else + (*auth_tok) = global_auth_tok->global_auth_tok; + return rc; +} + +/** + * decrypt_passphrase_encrypted_session_key - Decrypt the session key with the given auth_tok. + * @auth_tok: The passphrase authentication token to use to encrypt the FEK + * @crypt_stat: The cryptographic context + * + * Returns zero on success; non-zero error otherwise + */ +static int +decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, + struct ecryptfs_crypt_stat *crypt_stat) +{ + struct scatterlist dst_sg; + struct scatterlist src_sg; + struct mutex *tfm_mutex; struct blkcipher_desc desc = { .flags = CRYPTO_TFM_REQ_MAY_SLEEP }; int rc = 0; - password_s_ptr = &auth_tok->token.password; - if (password_s_ptr->flags & ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET) - ecryptfs_printk(KERN_DEBUG, "Session key encryption key " - "set; skipping key generation\n"); - ecryptfs_printk(KERN_DEBUG, "Session key encryption key (size [%d])" - ":\n", - password_s_ptr->session_key_encryption_key_bytes); - if (ecryptfs_verbosity > 0) - ecryptfs_dump_hex(password_s_ptr->session_key_encryption_key, - password_s_ptr-> - session_key_encryption_key_bytes); - if (!strcmp(crypt_stat->cipher, - crypt_stat->mount_crypt_stat->global_default_cipher_name) - && crypt_stat->mount_crypt_stat->global_key_tfm) { - desc.tfm = crypt_stat->mount_crypt_stat->global_key_tfm; - tfm_mutex = &crypt_stat->mount_crypt_stat->global_key_tfm_mutex; - } else { - char *full_alg_name; - - rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name, - crypt_stat->cipher, - "ecb"); - if (rc) - goto out; - desc.tfm = crypto_alloc_blkcipher(full_alg_name, 0, - CRYPTO_ALG_ASYNC); - kfree(full_alg_name); - if (IS_ERR(desc.tfm)) { - rc = PTR_ERR(desc.tfm); - printk(KERN_ERR "Error allocating crypto context; " - "rc = [%d]\n", rc); - goto out; - } - crypto_blkcipher_set_flags(desc.tfm, CRYPTO_TFM_REQ_WEAK_KEY); + if (unlikely(ecryptfs_verbosity > 0)) { + ecryptfs_printk( + KERN_DEBUG, "Session key encryption key (size [%d]):\n", + auth_tok->token.password.session_key_encryption_key_bytes); + ecryptfs_dump_hex( + auth_tok->token.password.session_key_encryption_key, + auth_tok->token.password.session_key_encryption_key_bytes); + } + rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, + crypt_stat->cipher); + if (unlikely(rc)) { + printk(KERN_ERR "Internal error whilst attempting to get " + "tfm and mutex for cipher name [%s]; rc = [%d]\n", + crypt_stat->cipher, rc); + goto out; } - if (tfm_mutex) - mutex_lock(tfm_mutex); - rc = crypto_blkcipher_setkey(desc.tfm, - password_s_ptr->session_key_encryption_key, - crypt_stat->key_size); - if (rc < 0) { + rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key, + auth_tok->session_key.encrypted_key_size, + &src_sg, 1); + if (rc != 1) { + printk(KERN_ERR "Internal error whilst attempting to convert " + "auth_tok->session_key.encrypted_key to scatterlist; " + "expected rc = 1; got rc = [%d]. " + "auth_tok->session_key.encrypted_key_size = [%d]\n", rc, + auth_tok->session_key.encrypted_key_size); + goto out; + } + auth_tok->session_key.decrypted_key_size = + auth_tok->session_key.encrypted_key_size; + rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key, + auth_tok->session_key.decrypted_key_size, + &dst_sg, 1); + if (rc != 1) { + printk(KERN_ERR "Internal error whilst attempting to convert " + "auth_tok->session_key.decrypted_key to scatterlist; " + "expected rc = 1; got rc = [%d]\n", rc); + goto out; + } + mutex_lock(tfm_mutex); + rc = crypto_blkcipher_setkey( + desc.tfm, auth_tok->token.password.session_key_encryption_key, + crypt_stat->key_size); + if (unlikely(rc < 0)) { + mutex_unlock(tfm_mutex); printk(KERN_ERR "Error setting key for crypto context\n"); rc = -EINVAL; - goto out_free_tfm; - } - /* TODO: virt_to_scatterlist */ - encrypted_session_key = (char *)__get_free_page(GFP_KERNEL); - if (!encrypted_session_key) { - ecryptfs_printk(KERN_ERR, "Out of memory\n"); - rc = -ENOMEM; - goto out_free_tfm; + goto out; } - session_key = (char *)__get_free_page(GFP_KERNEL); - if (!session_key) { - kfree(encrypted_session_key); - ecryptfs_printk(KERN_ERR, "Out of memory\n"); - rc = -ENOMEM; - goto out_free_tfm; - } - memcpy(encrypted_session_key, auth_tok->session_key.encrypted_key, - auth_tok->session_key.encrypted_key_size); - src_sg[0].page = virt_to_page(encrypted_session_key); - src_sg[0].offset = 0; - BUG_ON(auth_tok->session_key.encrypted_key_size > PAGE_CACHE_SIZE); - src_sg[0].length = auth_tok->session_key.encrypted_key_size; - dst_sg[0].page = virt_to_page(session_key); - dst_sg[0].offset = 0; - auth_tok->session_key.decrypted_key_size = - auth_tok->session_key.encrypted_key_size; - dst_sg[0].length = auth_tok->session_key.encrypted_key_size; - rc = crypto_blkcipher_decrypt(&desc, dst_sg, src_sg, + rc = crypto_blkcipher_decrypt(&desc, &dst_sg, &src_sg, auth_tok->session_key.encrypted_key_size); - if (rc) { + mutex_unlock(tfm_mutex); + if (unlikely(rc)) { printk(KERN_ERR "Error decrypting; rc = [%d]\n", rc); - goto out_free_memory; + goto out; } - auth_tok->session_key.decrypted_key_size = - auth_tok->session_key.encrypted_key_size; - memcpy(auth_tok->session_key.decrypted_key, session_key, - auth_tok->session_key.decrypted_key_size); auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY; memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, auth_tok->session_key.decrypted_key_size); crypt_stat->flags |= ECRYPTFS_KEY_VALID; - ecryptfs_printk(KERN_DEBUG, "Decrypted session key:\n"); - if (ecryptfs_verbosity > 0) + if (unlikely(ecryptfs_verbosity > 0)) { + ecryptfs_printk(KERN_DEBUG, "FEK of size [%d]:\n", + crypt_stat->key_size); ecryptfs_dump_hex(crypt_stat->key, crypt_stat->key_size); -out_free_memory: - memset(encrypted_session_key, 0, PAGE_CACHE_SIZE); - free_page((unsigned long)encrypted_session_key); - memset(session_key, 0, PAGE_CACHE_SIZE); - free_page((unsigned long)session_key); -out_free_tfm: - if (tfm_mutex) - mutex_unlock(tfm_mutex); - else - crypto_free_blkcipher(desc.tfm); + } out: return rc; } /** * ecryptfs_parse_packet_set - * @dest: The header page in memory - * @version: Version of file format, to guide parsing behavior + * @crypt_stat: The cryptographic context + * @src: Virtual address of region of memory containing the packets + * @ecryptfs_dentry: The eCryptfs dentry associated with the packet set * * Get crypt_stat to have the file's session key if the requisite key * is available to decrypt the session key. @@ -1058,25 +1127,22 @@ int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, struct dentry *ecryptfs_dentry) { size_t i = 0; - size_t found_auth_tok = 0; + size_t found_auth_tok; size_t next_packet_is_auth_tok_packet; - char sig[ECRYPTFS_SIG_SIZE_HEX]; struct list_head auth_tok_list; - struct list_head *walker; - struct ecryptfs_auth_tok *chosen_auth_tok = NULL; - struct ecryptfs_mount_crypt_stat *mount_crypt_stat = - &ecryptfs_superblock_to_private( - ecryptfs_dentry->d_sb)->mount_crypt_stat; - struct ecryptfs_auth_tok *candidate_auth_tok = NULL; + struct ecryptfs_auth_tok *matching_auth_tok; + struct ecryptfs_auth_tok *candidate_auth_tok; + char *candidate_auth_tok_sig; size_t packet_size; struct ecryptfs_auth_tok *new_auth_tok; unsigned char sig_tmp_space[ECRYPTFS_SIG_SIZE]; + struct ecryptfs_auth_tok_list_item *auth_tok_list_item; size_t tag_11_contents_size; size_t tag_11_packet_size; int rc = 0; INIT_LIST_HEAD(&auth_tok_list); - /* Parse the header to find as many packets as we can, these will be + /* Parse the header to find as many packets as we can; these will be * added the our &auth_tok_list */ next_packet_is_auth_tok_packet = 1; while (next_packet_is_auth_tok_packet) { @@ -1155,73 +1221,85 @@ int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, } } if (list_empty(&auth_tok_list)) { - rc = -EINVAL; /* Do not support non-encrypted files in - * the 0.1 release */ + printk(KERN_ERR "The lower file appears to be a non-encrypted " + "eCryptfs file; this is not supported in this version " + "of the eCryptfs kernel module\n"); + rc = -EINVAL; goto out; } - /* If we have a global auth tok, then we should try to use - * it */ - if (mount_crypt_stat->global_auth_tok) { - memcpy(sig, mount_crypt_stat->global_auth_tok_sig, - ECRYPTFS_SIG_SIZE_HEX); - chosen_auth_tok = mount_crypt_stat->global_auth_tok; - } else - BUG(); /* We should always have a global auth tok in - * the 0.1 release */ - /* Scan list to see if our chosen_auth_tok works */ - list_for_each(walker, &auth_tok_list) { - struct ecryptfs_auth_tok_list_item *auth_tok_list_item; - auth_tok_list_item = - list_entry(walker, struct ecryptfs_auth_tok_list_item, - list); + /* auth_tok_list contains the set of authentication tokens + * parsed from the metadata. We need to find a matching + * authentication token that has the secret component(s) + * necessary to decrypt the EFEK in the auth_tok parsed from + * the metadata. There may be several potential matches, but + * just one will be sufficient to decrypt to get the FEK. */ +find_next_matching_auth_tok: + found_auth_tok = 0; + list_for_each_entry(auth_tok_list_item, &auth_tok_list, list) { candidate_auth_tok = &auth_tok_list_item->auth_tok; if (unlikely(ecryptfs_verbosity > 0)) { ecryptfs_printk(KERN_DEBUG, "Considering cadidate auth tok:\n"); ecryptfs_dump_auth_tok(candidate_auth_tok); } - /* TODO: Replace ECRYPTFS_SIG_SIZE_HEX w/ dynamic value */ - if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD - && !strncmp(candidate_auth_tok->token.password.signature, - sig, ECRYPTFS_SIG_SIZE_HEX)) { - found_auth_tok = 1; - goto leave_list; - /* TODO: Transfer the common salt into the - * crypt_stat salt */ - } else if ((candidate_auth_tok->token_type - == ECRYPTFS_PRIVATE_KEY) - && !strncmp(candidate_auth_tok->token.private_key.signature, - sig, ECRYPTFS_SIG_SIZE_HEX)) { + rc = ecryptfs_get_auth_tok_sig(&candidate_auth_tok_sig, + candidate_auth_tok); + if (rc) { + printk(KERN_ERR + "Unrecognized candidate auth tok type: [%d]\n", + candidate_auth_tok->token_type); + rc = -EINVAL; + goto out_wipe_list; + } + ecryptfs_find_auth_tok_for_sig(&matching_auth_tok, crypt_stat, + candidate_auth_tok_sig); + if (matching_auth_tok) { found_auth_tok = 1; - goto leave_list; + goto found_matching_auth_tok; } } if (!found_auth_tok) { - ecryptfs_printk(KERN_ERR, "Could not find authentication " - "token on temporary list for sig [%.*s]\n", - ECRYPTFS_SIG_SIZE_HEX, sig); + ecryptfs_printk(KERN_ERR, "Could not find a usable " + "authentication token\n"); rc = -EIO; goto out_wipe_list; } -leave_list: - rc = -ENOTSUPP; +found_matching_auth_tok: if (candidate_auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { memcpy(&(candidate_auth_tok->token.private_key), - &(chosen_auth_tok->token.private_key), + &(matching_auth_tok->token.private_key), sizeof(struct ecryptfs_private_key)); - rc = decrypt_pki_encrypted_session_key(mount_crypt_stat, - candidate_auth_tok, + rc = decrypt_pki_encrypted_session_key(candidate_auth_tok, crypt_stat); } else if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD) { memcpy(&(candidate_auth_tok->token.password), - &(chosen_auth_tok->token.password), + &(matching_auth_tok->token.password), sizeof(struct ecryptfs_password)); - rc = decrypt_session_key(candidate_auth_tok, crypt_stat); + rc = decrypt_passphrase_encrypted_session_key( + candidate_auth_tok, crypt_stat); } if (rc) { - ecryptfs_printk(KERN_ERR, "Error decrypting the " - "session key; rc = [%d]\n", rc); - goto out_wipe_list; + struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; + + ecryptfs_printk(KERN_WARNING, "Error decrypting the " + "session key for authentication token with sig " + "[%.*s]; rc = [%d]. Removing auth tok " + "candidate from the list and searching for " + "the next match.\n", candidate_auth_tok_sig, + ECRYPTFS_SIG_SIZE_HEX, rc); + list_for_each_entry_safe(auth_tok_list_item, + auth_tok_list_item_tmp, + &auth_tok_list, list) { + if (candidate_auth_tok + == &auth_tok_list_item->auth_tok) { + list_del(&auth_tok_list_item->list); + kmem_cache_free( + ecryptfs_auth_tok_list_item_cache, + auth_tok_list_item); + goto find_next_matching_auth_tok; + } + } + BUG(); } rc = ecryptfs_compute_root_iv(crypt_stat); if (rc) { @@ -1240,6 +1318,7 @@ out_wipe_list: out: return rc; } + static int pki_encrypt_session_key(struct ecryptfs_auth_tok *auth_tok, struct ecryptfs_crypt_stat *crypt_stat, @@ -1284,22 +1363,25 @@ out: /** * write_tag_1_packet - Write an RFC2440-compatible tag 1 (public key) packet * @dest: Buffer into which to write the packet - * @max: Maximum number of bytes that can be writtn + * @remaining_bytes: Maximum number of bytes that can be writtn + * @auth_tok: The authentication token used for generating the tag 1 packet + * @crypt_stat: The cryptographic context + * @key_rec: The key record struct for the tag 1 packet * @packet_size: This function will write the number of bytes that end * up constituting the packet; set to zero on error * * Returns zero on success; non-zero on error. */ static int -write_tag_1_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok, +write_tag_1_packet(char *dest, size_t *remaining_bytes, + struct ecryptfs_auth_tok *auth_tok, struct ecryptfs_crypt_stat *crypt_stat, - struct ecryptfs_mount_crypt_stat *mount_crypt_stat, struct ecryptfs_key_record *key_rec, size_t *packet_size) { size_t i; size_t encrypted_session_key_valid = 0; - size_t key_rec_size; size_t packet_size_length; + size_t max_packet_size; int rc = 0; (*packet_size) = 0; @@ -1329,37 +1411,23 @@ write_tag_1_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok, ecryptfs_dump_hex(key_rec->enc_key, key_rec->enc_key_size); } encrypted_session_key_set: - /* Now we have a valid key_rec. Append it to the - * key_rec set. */ - key_rec_size = (sizeof(struct ecryptfs_key_record) - - ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES - + (key_rec->enc_key_size)); - /* TODO: Include a packet size limit as a parameter to this - * function once we have multi-packet headers (for versions - * later than 0.1 */ - if (key_rec_size >= ECRYPTFS_MAX_KEYSET_SIZE) { - ecryptfs_printk(KERN_ERR, "Keyset too large\n"); - rc = -EINVAL; - goto out; - } - /* ***** TAG 1 Packet Format ***** - * | version number | 1 byte | - * | key ID | 8 bytes | - * | public key algorithm | 1 byte | - * | encrypted session key | arbitrary | - */ - if ((0x02 + ECRYPTFS_SIG_SIZE + key_rec->enc_key_size) >= max) { - ecryptfs_printk(KERN_ERR, - "Authentication token is too large\n"); + /* This format is inspired by OpenPGP; see RFC 2440 + * packet tag 1 */ + max_packet_size = (1 /* Tag 1 identifier */ + + 3 /* Max Tag 1 packet size */ + + 1 /* Version */ + + ECRYPTFS_SIG_SIZE /* Key identifier */ + + 1 /* Cipher identifier */ + + key_rec->enc_key_size); /* Encrypted key size */ + if (max_packet_size > (*remaining_bytes)) { + printk(KERN_ERR "Packet length larger than maximum allowable; " + "need up to [%td] bytes, but there are only [%td] " + "available\n", max_packet_size, (*remaining_bytes)); rc = -EINVAL; goto out; } dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE; - /* This format is inspired by OpenPGP; see RFC 2440 - * packet tag 1 */ - rc = write_packet_length(&dest[(*packet_size)], - (0x02 + ECRYPTFS_SIG_SIZE + - key_rec->enc_key_size), + rc = write_packet_length(&dest[(*packet_size)], (max_packet_size - 4), &packet_size_length); if (rc) { ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet " @@ -1377,13 +1445,15 @@ encrypted_session_key_set: out: if (rc) (*packet_size) = 0; + else + (*remaining_bytes) -= (*packet_size); return rc; } /** * write_tag_11_packet * @dest: Target into which Tag 11 packet is to be written - * @max: Maximum packet length + * @remaining_bytes: Maximum packet length * @contents: Byte array of contents to copy in * @contents_length: Number of bytes in contents * @packet_length: Length of the Tag 11 packet written; zero on error @@ -1391,54 +1461,59 @@ out: * Returns zero on success; non-zero on error. */ static int -write_tag_11_packet(char *dest, int max, char *contents, size_t contents_length, - size_t *packet_length) +write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents, + size_t contents_length, size_t *packet_length) { size_t packet_size_length; + size_t max_packet_size; int rc = 0; (*packet_length) = 0; - if ((13 + contents_length) > max) { + /* This format is inspired by OpenPGP; see RFC 2440 + * packet tag 11 */ + max_packet_size = (1 /* Tag 11 identifier */ + + 3 /* Max Tag 11 packet size */ + + 1 /* Binary format specifier */ + + 1 /* Filename length */ + + 8 /* Filename ("_CONSOLE") */ + + 4 /* Modification date */ + + contents_length); /* Literal data */ + if (max_packet_size > (*remaining_bytes)) { + printk(KERN_ERR "Packet length larger than maximum allowable; " + "need up to [%td] bytes, but there are only [%td] " + "available\n", max_packet_size, (*remaining_bytes)); rc = -EINVAL; - ecryptfs_printk(KERN_ERR, "Packet length larger than " - "maximum allowable\n"); goto out; } - /* General packet header */ - /* Packet tag */ dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE; - /* Packet length */ rc = write_packet_length(&dest[(*packet_length)], - (13 + contents_length), &packet_size_length); + (max_packet_size - 4), &packet_size_length); if (rc) { - ecryptfs_printk(KERN_ERR, "Error generating tag 11 packet " - "header; cannot generate packet length\n"); + printk(KERN_ERR "Error generating tag 11 packet header; cannot " + "generate packet length. rc = [%d]\n", rc); goto out; } (*packet_length) += packet_size_length; - /* Tag 11 specific */ - /* One-octet field that describes how the data is formatted */ - dest[(*packet_length)++] = 0x62; /* binary data */ - /* One-octet filename length followed by filename */ + dest[(*packet_length)++] = 0x62; /* binary data format specifier */ dest[(*packet_length)++] = 8; memcpy(&dest[(*packet_length)], "_CONSOLE", 8); (*packet_length) += 8; - /* Four-octet number indicating modification date */ memset(&dest[(*packet_length)], 0x00, 4); (*packet_length) += 4; - /* Remainder is literal data */ memcpy(&dest[(*packet_length)], contents, contents_length); (*packet_length) += contents_length; out: if (rc) (*packet_length) = 0; + else + (*remaining_bytes) -= (*packet_length); return rc; } /** * write_tag_3_packet * @dest: Buffer into which to write the packet - * @max: Maximum number of bytes that can be written + * @remaining_bytes: Maximum number of bytes that can be written * @auth_tok: Authentication token * @crypt_stat: The cryptographic context * @key_rec: encrypted key @@ -1448,19 +1523,22 @@ write_tag_11_packet(char *dest, int max, char *contents, size_t contents_length, * Returns zero on success; non-zero on error. */ static int -write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok, +write_tag_3_packet(char *dest, size_t *remaining_bytes, + struct ecryptfs_auth_tok *auth_tok, struct ecryptfs_crypt_stat *crypt_stat, struct ecryptfs_key_record *key_rec, size_t *packet_size) { size_t i; size_t encrypted_session_key_valid = 0; char session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES]; - struct scatterlist dest_sg[2]; - struct scatterlist src_sg[2]; + struct scatterlist dst_sg; + struct scatterlist src_sg; struct mutex *tfm_mutex = NULL; - size_t key_rec_size; - size_t packet_size_length; size_t cipher_code; + size_t packet_size_length; + size_t max_packet_size; + struct ecryptfs_mount_crypt_stat *mount_crypt_stat = + crypt_stat->mount_crypt_stat; struct blkcipher_desc desc = { .tfm = NULL, .flags = CRYPTO_TFM_REQ_MAY_SLEEP @@ -1470,16 +1548,25 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok, (*packet_size) = 0; ecryptfs_from_hex(key_rec->sig, auth_tok->token.password.signature, ECRYPTFS_SIG_SIZE); - encrypted_session_key_valid = 0; - for (i = 0; i < crypt_stat->key_size; i++) - encrypted_session_key_valid |= - auth_tok->session_key.encrypted_key[i]; - if (encrypted_session_key_valid) { - memcpy(key_rec->enc_key, - auth_tok->session_key.encrypted_key, - auth_tok->session_key.encrypted_key_size); - goto encrypted_session_key_set; + rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, + crypt_stat->cipher); + if (unlikely(rc)) { + printk(KERN_ERR "Internal error whilst attempting to get " + "tfm and mutex for cipher name [%s]; rc = [%d]\n", + crypt_stat->cipher, rc); + goto out; + } + if (mount_crypt_stat->global_default_cipher_key_size == 0) { + struct blkcipher_alg *alg = crypto_blkcipher_alg(desc.tfm); + + printk(KERN_WARNING "No key size specified at mount; " + "defaulting to [%d]\n", alg->max_keysize); + mount_crypt_stat->global_default_cipher_key_size = + alg->max_keysize; } + if (crypt_stat->key_size == 0) + crypt_stat->key_size = + mount_crypt_stat->global_default_cipher_key_size; if (auth_tok->session_key.encrypted_key_size == 0) auth_tok->session_key.encrypted_key_size = crypt_stat->key_size; @@ -1487,9 +1574,24 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok, && strcmp("aes", crypt_stat->cipher) == 0) { memset((crypt_stat->key + 24), 0, 8); auth_tok->session_key.encrypted_key_size = 32; - } + } else + auth_tok->session_key.encrypted_key_size = crypt_stat->key_size; key_rec->enc_key_size = auth_tok->session_key.encrypted_key_size; + encrypted_session_key_valid = 0; + for (i = 0; i < auth_tok->session_key.encrypted_key_size; i++) + encrypted_session_key_valid |= + auth_tok->session_key.encrypted_key[i]; + if (encrypted_session_key_valid) { + ecryptfs_printk(KERN_DEBUG, "encrypted_session_key_valid != 0; " + "using auth_tok->session_key.encrypted_key, " + "where key_rec->enc_key_size = [%d]\n", + key_rec->enc_key_size); + memcpy(key_rec->enc_key, + auth_tok->session_key.encrypted_key, + key_rec->enc_key_size); + goto encrypted_session_key_set; + } if (auth_tok->token.password.flags & ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET) { ecryptfs_printk(KERN_DEBUG, "Using previously generated " @@ -1508,54 +1610,32 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok, ecryptfs_printk(KERN_DEBUG, "Session key encryption key:\n"); ecryptfs_dump_hex(session_key_encryption_key, 16); } - rc = virt_to_scatterlist(crypt_stat->key, - key_rec->enc_key_size, src_sg, 2); - if (!rc) { + rc = virt_to_scatterlist(crypt_stat->key, key_rec->enc_key_size, + &src_sg, 1); + if (rc != 1) { ecryptfs_printk(KERN_ERR, "Error generating scatterlist " - "for crypt_stat session key\n"); + "for crypt_stat session key; expected rc = 1; " + "got rc = [%d]. key_rec->enc_key_size = [%d]\n", + rc, key_rec->enc_key_size); rc = -ENOMEM; goto out; } - rc = virt_to_scatterlist(key_rec->enc_key, - key_rec->enc_key_size, dest_sg, 2); - if (!rc) { + rc = virt_to_scatterlist(key_rec->enc_key, key_rec->enc_key_size, + &dst_sg, 1); + if (rc != 1) { ecryptfs_printk(KERN_ERR, "Error generating scatterlist " - "for crypt_stat encrypted session key\n"); + "for crypt_stat encrypted session key; " + "expected rc = 1; got rc = [%d]. " + "key_rec->enc_key_size = [%d]\n", rc, + key_rec->enc_key_size); rc = -ENOMEM; goto out; } - if (!strcmp(crypt_stat->cipher, - crypt_stat->mount_crypt_stat->global_default_cipher_name) - && crypt_stat->mount_crypt_stat->global_key_tfm) { - desc.tfm = crypt_stat->mount_crypt_stat->global_key_tfm; - tfm_mutex = &crypt_stat->mount_crypt_stat->global_key_tfm_mutex; - } else { - char *full_alg_name; - - rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name, - crypt_stat->cipher, - "ecb"); - if (rc) - goto out; - desc.tfm = crypto_alloc_blkcipher(full_alg_name, 0, - CRYPTO_ALG_ASYNC); - kfree(full_alg_name); - if (IS_ERR(desc.tfm)) { - rc = PTR_ERR(desc.tfm); - ecryptfs_printk(KERN_ERR, "Could not initialize crypto " - "context for cipher [%s]; rc = [%d]\n", - crypt_stat->cipher, rc); - goto out; - } - crypto_blkcipher_set_flags(desc.tfm, CRYPTO_TFM_REQ_WEAK_KEY); - } - if (tfm_mutex) - mutex_lock(tfm_mutex); + mutex_lock(tfm_mutex); rc = crypto_blkcipher_setkey(desc.tfm, session_key_encryption_key, crypt_stat->key_size); if (rc < 0) { - if (tfm_mutex) - mutex_unlock(tfm_mutex); + mutex_unlock(tfm_mutex); ecryptfs_printk(KERN_ERR, "Error setting key for crypto " "context; rc = [%d]\n", rc); goto out; @@ -1563,56 +1643,53 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok, rc = 0; ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes of the key\n", crypt_stat->key_size); - rc = crypto_blkcipher_encrypt(&desc, dest_sg, src_sg, + rc = crypto_blkcipher_encrypt(&desc, &dst_sg, &src_sg, (*key_rec).enc_key_size); + mutex_unlock(tfm_mutex); if (rc) { printk(KERN_ERR "Error encrypting; rc = [%d]\n", rc); goto out; } - if (tfm_mutex) - mutex_unlock(tfm_mutex); ecryptfs_printk(KERN_DEBUG, "This should be the encrypted key:\n"); - if (ecryptfs_verbosity > 0) + if (ecryptfs_verbosity > 0) { + ecryptfs_printk(KERN_DEBUG, "EFEK of size [%d]:\n", + key_rec->enc_key_size); ecryptfs_dump_hex(key_rec->enc_key, key_rec->enc_key_size); -encrypted_session_key_set: - /* Now we have a valid key_rec. Append it to the - * key_rec set. */ - key_rec_size = (sizeof(struct ecryptfs_key_record) - - ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES - + (key_rec->enc_key_size)); - /* TODO: Include a packet size limit as a parameter to this - * function once we have multi-packet headers (for versions - * later than 0.1 */ - if (key_rec_size >= ECRYPTFS_MAX_KEYSET_SIZE) { - ecryptfs_printk(KERN_ERR, "Keyset too large\n"); - rc = -EINVAL; - goto out; } - /* TODO: Packet size limit */ - /* We have 5 bytes of surrounding packet data */ - if ((0x05 + ECRYPTFS_SALT_SIZE - + key_rec->enc_key_size) >= max) { - ecryptfs_printk(KERN_ERR, "Authentication token is too " - "large\n"); +encrypted_session_key_set: + /* This format is inspired by OpenPGP; see RFC 2440 + * packet tag 3 */ + max_packet_size = (1 /* Tag 3 identifier */ + + 3 /* Max Tag 3 packet size */ + + 1 /* Version */ + + 1 /* Cipher code */ + + 1 /* S2K specifier */ + + 1 /* Hash identifier */ + + ECRYPTFS_SALT_SIZE /* Salt */ + + 1 /* Hash iterations */ + + key_rec->enc_key_size); /* Encrypted key size */ + if (max_packet_size > (*remaining_bytes)) { + printk(KERN_ERR "Packet too large; need up to [%td] bytes, but " + "there are only [%td] available\n", max_packet_size, + (*remaining_bytes)); rc = -EINVAL; goto out; } - /* This format is inspired by OpenPGP; see RFC 2440 - * packet tag 3 */ dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE; - /* ver+cipher+s2k+hash+salt+iter+enc_key */ - rc = write_packet_length(&dest[(*packet_size)], - (0x05 + ECRYPTFS_SALT_SIZE - + key_rec->enc_key_size), + /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3) + * to get the number of octets in the actual Tag 3 packet */ + rc = write_packet_length(&dest[(*packet_size)], (max_packet_size - 4), &packet_size_length); if (rc) { - ecryptfs_printk(KERN_ERR, "Error generating tag 3 packet " - "header; cannot generate packet length\n"); + printk(KERN_ERR "Error generating tag 3 packet header; cannot " + "generate packet length. rc = [%d]\n", rc); goto out; } (*packet_size) += packet_size_length; dest[(*packet_size)++] = 0x04; /* version 4 */ + /* TODO: Break from RFC2440 so that arbitrary ciphers can be + * specified with strings */ cipher_code = ecryptfs_code_for_cipher_string(crypt_stat); if (cipher_code == 0) { ecryptfs_printk(KERN_WARNING, "Unable to generate code for " @@ -1631,10 +1708,10 @@ encrypted_session_key_set: key_rec->enc_key_size); (*packet_size) += key_rec->enc_key_size; out: - if (desc.tfm && !tfm_mutex) - crypto_free_blkcipher(desc.tfm); if (rc) (*packet_size) = 0; + else + (*remaining_bytes) -= (*packet_size); return rc; } @@ -1642,7 +1719,7 @@ struct kmem_cache *ecryptfs_key_record_cache; /** * ecryptfs_generate_key_packet_set - * @dest: Virtual address from which to write the key record set + * @dest_base: Virtual address from which to write the key record set * @crypt_stat: The cryptographic context from which the * authentication tokens will be retrieved * @ecryptfs_dentry: The dentry, used to retrieve the mount crypt stat @@ -1662,24 +1739,43 @@ ecryptfs_generate_key_packet_set(char *dest_base, size_t max) { struct ecryptfs_auth_tok *auth_tok; + struct ecryptfs_global_auth_tok *global_auth_tok; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = &ecryptfs_superblock_to_private( ecryptfs_dentry->d_sb)->mount_crypt_stat; size_t written; struct ecryptfs_key_record *key_rec; + struct ecryptfs_key_sig *key_sig; int rc = 0; (*len) = 0; + mutex_lock(&crypt_stat->keysig_list_mutex); key_rec = kmem_cache_alloc(ecryptfs_key_record_cache, GFP_KERNEL); if (!key_rec) { rc = -ENOMEM; goto out; } - if (mount_crypt_stat->global_auth_tok) { - auth_tok = mount_crypt_stat->global_auth_tok; + list_for_each_entry(key_sig, &crypt_stat->keysig_list, + crypt_stat_list) { + memset(key_rec, 0, sizeof(*key_rec)); + rc = ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, + mount_crypt_stat, + key_sig->keysig); + if (rc) { + printk(KERN_ERR "Error attempting to get the global " + "auth_tok; rc = [%d]\n", rc); + goto out_free; + } + if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID) { + printk(KERN_WARNING + "Skipping invalid auth tok with sig = [%s]\n", + global_auth_tok->sig); + continue; + } + auth_tok = global_auth_tok->global_auth_tok; if (auth_tok->token_type == ECRYPTFS_PASSWORD) { rc = write_tag_3_packet((dest_base + (*len)), - max, auth_tok, + &max, auth_tok, crypt_stat, key_rec, &written); if (rc) { @@ -1689,10 +1785,9 @@ ecryptfs_generate_key_packet_set(char *dest_base, } (*len) += written; /* Write auth tok signature packet */ - rc = write_tag_11_packet( - (dest_base + (*len)), - (max - (*len)), - key_rec->sig, ECRYPTFS_SIG_SIZE, &written); + rc = write_tag_11_packet((dest_base + (*len)), &max, + key_rec->sig, + ECRYPTFS_SIG_SIZE, &written); if (rc) { ecryptfs_printk(KERN_ERR, "Error writing " "auth tok signature packet\n"); @@ -1701,9 +1796,8 @@ ecryptfs_generate_key_packet_set(char *dest_base, (*len) += written; } else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { rc = write_tag_1_packet(dest_base + (*len), - max, auth_tok, - crypt_stat,mount_crypt_stat, - key_rec, &written); + &max, auth_tok, + crypt_stat, key_rec, &written); if (rc) { ecryptfs_printk(KERN_WARNING, "Error " "writing tag 1 packet\n"); @@ -1716,19 +1810,69 @@ ecryptfs_generate_key_packet_set(char *dest_base, rc = -EINVAL; goto out_free; } - } else - BUG(); - if (likely((max - (*len)) > 0)) { + } + if (likely(max > 0)) { dest_base[(*len)] = 0x00; } else { ecryptfs_printk(KERN_ERR, "Error writing boundary byte\n"); rc = -EIO; } - out_free: kmem_cache_free(ecryptfs_key_record_cache, key_rec); out: if (rc) (*len) = 0; + mutex_unlock(&crypt_stat->keysig_list_mutex); return rc; } + +struct kmem_cache *ecryptfs_key_sig_cache; + +int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig) +{ + struct ecryptfs_key_sig *new_key_sig; + int rc = 0; + + new_key_sig = kmem_cache_alloc(ecryptfs_key_sig_cache, GFP_KERNEL); + if (!new_key_sig) { + rc = -ENOMEM; + printk(KERN_ERR + "Error allocating from ecryptfs_key_sig_cache\n"); + goto out; + } + memcpy(new_key_sig->keysig, sig, ECRYPTFS_SIG_SIZE_HEX); + mutex_lock(&crypt_stat->keysig_list_mutex); + list_add(&new_key_sig->crypt_stat_list, &crypt_stat->keysig_list); + mutex_unlock(&crypt_stat->keysig_list_mutex); +out: + return rc; +} + +struct kmem_cache *ecryptfs_global_auth_tok_cache; + +int +ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, + char *sig) +{ + struct ecryptfs_global_auth_tok *new_auth_tok; + int rc = 0; + + new_auth_tok = kmem_cache_alloc(ecryptfs_global_auth_tok_cache, + GFP_KERNEL); + if (!new_auth_tok) { + rc = -ENOMEM; + printk(KERN_ERR "Error allocating from " + "ecryptfs_global_auth_tok_cache\n"); + goto out; + } + memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); + new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; + mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); + list_add(&new_auth_tok->mount_crypt_stat_list, + &mount_crypt_stat->global_auth_tok_list); + mount_crypt_stat->num_global_auth_toks++; + mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); +out: + return rc; +} + diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index a984972..b83a512 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c @@ -32,7 +32,6 @@ #include <linux/crypto.h> #include <linux/netlink.h> #include <linux/mount.h> -#include <linux/dcache.h> #include <linux/pagemap.h> #include <linux/key.h> #include <linux/parser.h> @@ -99,6 +98,64 @@ void __ecryptfs_printk(const char *fmt, ...) } /** + * ecryptfs_init_persistent_file + * @ecryptfs_dentry: Fully initialized eCryptfs dentry object, with + * the lower dentry and the lower mount set + * + * eCryptfs only ever keeps a single open file for every lower + * inode. All I/O operations to the lower inode occur through that + * file. When the first eCryptfs dentry that interposes with the first + * lower dentry for that inode is created, this function creates the + * persistent file struct and associates it with the eCryptfs + * inode. When the eCryptfs inode is destroyed, the file is closed. + * + * The persistent file will be opened with read/write permissions, if + * possible. Otherwise, it is opened read-only. + * + * This function does nothing if a lower persistent file is already + * associated with the eCryptfs inode. + * + * Returns zero on success; non-zero otherwise + */ +int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry) +{ + struct ecryptfs_inode_info *inode_info = + ecryptfs_inode_to_private(ecryptfs_dentry->d_inode); + int rc = 0; + + mutex_lock(&inode_info->lower_file_mutex); + if (!inode_info->lower_file) { + struct dentry *lower_dentry; + struct vfsmount *lower_mnt = + ecryptfs_dentry_to_lower_mnt(ecryptfs_dentry); + + lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry); + /* Corresponding dput() and mntput() are done when the + * persistent file is fput() when the eCryptfs inode + * is destroyed. */ + dget(lower_dentry); + mntget(lower_mnt); + inode_info->lower_file = dentry_open(lower_dentry, + lower_mnt, + (O_RDWR | O_LARGEFILE)); + if (IS_ERR(inode_info->lower_file)) + inode_info->lower_file = dentry_open(lower_dentry, + lower_mnt, + (O_RDONLY + | O_LARGEFILE)); + if (IS_ERR(inode_info->lower_file)) { + printk(KERN_ERR "Error opening lower persistent file " + "for lower_dentry [0x%p] and lower_mnt [0x%p]\n", + lower_dentry, lower_mnt); + rc = PTR_ERR(inode_info->lower_file); + inode_info->lower_file = NULL; + } + } + mutex_unlock(&inode_info->lower_file_mutex); + return rc; +} + +/** * ecryptfs_interpose * @lower_dentry: Existing dentry in the lower filesystem * @dentry: ecryptfs' dentry @@ -155,6 +212,13 @@ int ecryptfs_interpose(struct dentry *lower_dentry, struct dentry *dentry, /* This size will be overwritten for real files w/ headers and * other metadata */ fsstack_copy_inode_size(inode, lower_inode); + rc = ecryptfs_init_persistent_file(dentry); + if (rc) { + printk(KERN_ERR "%s: Error attempting to initialize the " + "persistent file for the dentry with name [%s]; " + "rc = [%d]\n", __FUNCTION__, dentry->d_name.name, rc); + goto out; + } out: return rc; } @@ -179,38 +243,41 @@ static match_table_t tokens = { {ecryptfs_opt_err, NULL} }; -/** - * ecryptfs_verify_version - * @version: The version number to confirm - * - * Returns zero on good version; non-zero otherwise - */ -static int ecryptfs_verify_version(u16 version) +static int ecryptfs_init_global_auth_toks( + struct ecryptfs_mount_crypt_stat *mount_crypt_stat) { + struct ecryptfs_global_auth_tok *global_auth_tok; int rc = 0; - unsigned char major; - unsigned char minor; - - major = ((version >> 8) & 0xFF); - minor = (version & 0xFF); - if (major != ECRYPTFS_VERSION_MAJOR) { - ecryptfs_printk(KERN_ERR, "Major version number mismatch. " - "Expected [%d]; got [%d]\n", - ECRYPTFS_VERSION_MAJOR, major); - rc = -EINVAL; - goto out; - } - if (minor != ECRYPTFS_VERSION_MINOR) { - ecryptfs_printk(KERN_ERR, "Minor version number mismatch. " - "Expected [%d]; got [%d]\n", - ECRYPTFS_VERSION_MINOR, minor); - rc = -EINVAL; - goto out; + + list_for_each_entry(global_auth_tok, + &mount_crypt_stat->global_auth_tok_list, + mount_crypt_stat_list) { + rc = ecryptfs_keyring_auth_tok_for_sig( + &global_auth_tok->global_auth_tok_key, + &global_auth_tok->global_auth_tok, + global_auth_tok->sig); + if (rc) { + printk(KERN_ERR "Could not find valid key in user " + "session keyring for sig specified in mount " + "option: [%s]\n", global_auth_tok->sig); + global_auth_tok->flags |= ECRYPTFS_AUTH_TOK_INVALID; + rc = 0; + } else + global_auth_tok->flags &= ~ECRYPTFS_AUTH_TOK_INVALID; } -out: return rc; } +static void ecryptfs_init_mount_crypt_stat( + struct ecryptfs_mount_crypt_stat *mount_crypt_stat) +{ + memset((void *)mount_crypt_stat, 0, + sizeof(struct ecryptfs_mount_crypt_stat)); + INIT_LIST_HEAD(&mount_crypt_stat->global_auth_tok_list); + mutex_init(&mount_crypt_stat->global_auth_tok_list_mutex); + mount_crypt_stat->flags |= ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED; +} + /** * ecryptfs_parse_options * @sb: The ecryptfs super block @@ -238,14 +305,11 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) int cipher_name_set = 0; int cipher_key_bytes; int cipher_key_bytes_set = 0; - struct key *auth_tok_key = NULL; - struct ecryptfs_auth_tok *auth_tok = NULL; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; substring_t args[MAX_OPT_ARGS]; int token; char *sig_src; - char *sig_dst; char *debug_src; char *cipher_name_dst; char *cipher_name_src; @@ -256,6 +320,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) rc = -EINVAL; goto out; } + ecryptfs_init_mount_crypt_stat(mount_crypt_stat); while ((p = strsep(&options, ",")) != NULL) { if (!*p) continue; @@ -264,14 +329,13 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) case ecryptfs_opt_sig: case ecryptfs_opt_ecryptfs_sig: sig_src = args[0].from; - sig_dst = - mount_crypt_stat->global_auth_tok_sig; - memcpy(sig_dst, sig_src, ECRYPTFS_SIG_SIZE_HEX); - sig_dst[ECRYPTFS_SIG_SIZE_HEX] = '\0'; - ecryptfs_printk(KERN_DEBUG, - "The mount_crypt_stat " - "global_auth_tok_sig set to: " - "[%s]\n", sig_dst); + rc = ecryptfs_add_global_auth_tok(mount_crypt_stat, + sig_src); + if (rc) { + printk(KERN_ERR "Error attempting to register " + "global sig; rc = [%d]\n", rc); + goto out; + } sig_set = 1; break; case ecryptfs_opt_debug: @@ -333,12 +397,10 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) p); } } - /* Do not support lack of mount-wide signature in 0.1 - * release */ if (!sig_set) { rc = -EINVAL; - ecryptfs_printk(KERN_ERR, "You must supply a valid " - "passphrase auth tok signature as a mount " + ecryptfs_printk(KERN_ERR, "You must supply at least one valid " + "auth tok signature as a mount " "parameter; see the eCryptfs README\n"); goto out; } @@ -358,55 +420,23 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) if (!cipher_key_bytes_set) { mount_crypt_stat->global_default_cipher_key_size = 0; } - rc = ecryptfs_process_cipher( - &mount_crypt_stat->global_key_tfm, - mount_crypt_stat->global_default_cipher_name, - &mount_crypt_stat->global_default_cipher_key_size); + rc = ecryptfs_add_new_key_tfm( + NULL, mount_crypt_stat->global_default_cipher_name, + mount_crypt_stat->global_default_cipher_key_size); if (rc) { - printk(KERN_ERR "Error attempting to initialize cipher [%s] " - "with key size [%Zd] bytes; rc = [%d]\n", + printk(KERN_ERR "Error attempting to initialize cipher with " + "name = [%s] and key size = [%td]; rc = [%d]\n", mount_crypt_stat->global_default_cipher_name, mount_crypt_stat->global_default_cipher_key_size, rc); - mount_crypt_stat->global_key_tfm = NULL; - mount_crypt_stat->global_auth_tok_key = NULL; rc = -EINVAL; goto out; } - mutex_init(&mount_crypt_stat->global_key_tfm_mutex); - ecryptfs_printk(KERN_DEBUG, "Requesting the key with description: " - "[%s]\n", mount_crypt_stat->global_auth_tok_sig); - /* The reference to this key is held until umount is done The - * call to key_put is done in ecryptfs_put_super() */ - auth_tok_key = request_key(&key_type_user, - mount_crypt_stat->global_auth_tok_sig, - NULL); - if (!auth_tok_key || IS_ERR(auth_tok_key)) { - ecryptfs_printk(KERN_ERR, "Could not find key with " - "description: [%s]\n", - mount_crypt_stat->global_auth_tok_sig); - process_request_key_err(PTR_ERR(auth_tok_key)); - rc = -EINVAL; - goto out; - } - auth_tok = ecryptfs_get_key_payload_data(auth_tok_key); - if (ecryptfs_verify_version(auth_tok->version)) { - ecryptfs_printk(KERN_ERR, "Data structure version mismatch. " - "Userspace tools must match eCryptfs kernel " - "module with major version [%d] and minor " - "version [%d]\n", ECRYPTFS_VERSION_MAJOR, - ECRYPTFS_VERSION_MINOR); - rc = -EINVAL; - goto out; - } - if (auth_tok->token_type != ECRYPTFS_PASSWORD - && auth_tok->token_type != ECRYPTFS_PRIVATE_KEY) { - ecryptfs_printk(KERN_ERR, "Invalid auth_tok structure " - "returned from key query\n"); - rc = -EINVAL; - goto out; + rc = ecryptfs_init_global_auth_toks(mount_crypt_stat); + if (rc) { + printk(KERN_WARNING "One or more global auth toks could not " + "properly register; rc = [%d]\n", rc); } - mount_crypt_stat->global_auth_tok_key = auth_tok_key; - mount_crypt_stat->global_auth_tok = auth_tok; + rc = 0; out: return rc; } @@ -495,7 +525,8 @@ static int ecryptfs_read_super(struct super_block *sb, const char *dev_name) sb->s_maxbytes = lower_root->d_sb->s_maxbytes; ecryptfs_set_dentry_lower(sb->s_root, lower_root); ecryptfs_set_dentry_lower_mnt(sb->s_root, lower_mnt); - if ((rc = ecryptfs_interpose(lower_root, sb->s_root, sb, 0))) + rc = ecryptfs_interpose(lower_root, sb->s_root, sb, 0); + if (rc) goto out_free; rc = 0; goto out; @@ -579,7 +610,7 @@ static struct file_system_type ecryptfs_fs_type = { * Initializes the ecryptfs_inode_info_cache when it is created */ static void -inode_info_init_once(void *vptr, struct kmem_cache *cachep, unsigned long flags) +inode_info_init_once(struct kmem_cache *cachep, void *vptr) { struct ecryptfs_inode_info *ei = (struct ecryptfs_inode_info *)vptr; @@ -590,7 +621,7 @@ static struct ecryptfs_cache_info { struct kmem_cache **cache; const char *name; size_t size; - void (*ctor)(void*, struct kmem_cache *, unsigned long); + void (*ctor)(struct kmem_cache *cache, void *obj); } ecryptfs_cache_infos[] = { { .cache = &ecryptfs_auth_tok_list_item_cache, @@ -639,15 +670,25 @@ static struct ecryptfs_cache_info { .size = PAGE_CACHE_SIZE, }, { - .cache = &ecryptfs_lower_page_cache, - .name = "ecryptfs_lower_page_cache", - .size = PAGE_CACHE_SIZE, - }, - { .cache = &ecryptfs_key_record_cache, .name = "ecryptfs_key_record_cache", .size = sizeof(struct ecryptfs_key_record), }, + { + .cache = &ecryptfs_key_sig_cache, + .name = "ecryptfs_key_sig_cache", + .size = sizeof(struct ecryptfs_key_sig), + }, + { + .cache = &ecryptfs_global_auth_tok_cache, + .name = "ecryptfs_global_auth_tok_cache", + .size = sizeof(struct ecryptfs_global_auth_tok), + }, + { + .cache = &ecryptfs_key_tfm_cache, + .name = "ecryptfs_key_tfm_cache", + .size = sizeof(struct ecryptfs_key_tfm), + }, }; static void ecryptfs_free_kmem_caches(void) @@ -750,7 +791,8 @@ static struct ecryptfs_version_str_map_elem { {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"}, {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"}, {ECRYPTFS_VERSIONING_POLICY, "policy"}, - {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"} + {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"}, + {ECRYPTFS_VERSIONING_MULTKEY, "multiple keys per file"} }; static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff) @@ -786,7 +828,8 @@ static int do_sysfs_registration(void) { int rc; - if ((rc = subsystem_register(&ecryptfs_subsys))) { + rc = subsystem_register(&ecryptfs_subsys); + if (rc) { printk(KERN_ERR "Unable to register ecryptfs sysfs subsystem\n"); goto out; @@ -845,33 +888,49 @@ static int __init ecryptfs_init(void) rc = register_filesystem(&ecryptfs_fs_type); if (rc) { printk(KERN_ERR "Failed to register filesystem\n"); - ecryptfs_free_kmem_caches(); - goto out; + goto out_free_kmem_caches; } kobj_set_kset_s(&ecryptfs_subsys, fs_subsys); rc = do_sysfs_registration(); if (rc) { printk(KERN_ERR "sysfs registration failed\n"); - unregister_filesystem(&ecryptfs_fs_type); - ecryptfs_free_kmem_caches(); - goto out; + goto out_unregister_filesystem; } rc = ecryptfs_init_messaging(ecryptfs_transport); if (rc) { ecryptfs_printk(KERN_ERR, "Failure occured while attempting to " "initialize the eCryptfs netlink socket\n"); - do_sysfs_unregistration(); - unregister_filesystem(&ecryptfs_fs_type); - ecryptfs_free_kmem_caches(); + goto out_do_sysfs_unregistration; + } + rc = ecryptfs_init_crypto(); + if (rc) { + printk(KERN_ERR "Failure whilst attempting to init crypto; " + "rc = [%d]\n", rc); + goto out_release_messaging; } + goto out; +out_release_messaging: + ecryptfs_release_messaging(ecryptfs_transport); +out_do_sysfs_unregistration: + do_sysfs_unregistration(); +out_unregister_filesystem: + unregister_filesystem(&ecryptfs_fs_type); +out_free_kmem_caches: + ecryptfs_free_kmem_caches(); out: return rc; } static void __exit ecryptfs_exit(void) { - do_sysfs_unregistration(); + int rc; + + rc = ecryptfs_destroy_crypto(); + if (rc) + printk(KERN_ERR "Failure whilst attempting to destroy crypto; " + "rc = [%d]\n", rc); ecryptfs_release_messaging(ecryptfs_transport); + do_sysfs_unregistration(); unregister_filesystem(&ecryptfs_fs_type); ecryptfs_free_kmem_caches(); } diff --git a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c index a9d87c4..a96d341 100644 --- a/fs/ecryptfs/messaging.c +++ b/fs/ecryptfs/messaging.c @@ -419,8 +419,9 @@ int ecryptfs_init_messaging(unsigned int transport) } mutex_init(&ecryptfs_daemon_id_hash_mux); mutex_lock(&ecryptfs_daemon_id_hash_mux); - ecryptfs_hash_buckets = 0; - while (ecryptfs_number_of_users >> ++ecryptfs_hash_buckets); + ecryptfs_hash_buckets = 1; + while (ecryptfs_number_of_users >> ecryptfs_hash_buckets) + ecryptfs_hash_buckets++; ecryptfs_daemon_id_hash = kmalloc(sizeof(struct hlist_head) * ecryptfs_hash_buckets, GFP_KERNEL); if (!ecryptfs_daemon_id_hash) { diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c index e4ab7bc..16a7a55 100644 --- a/fs/ecryptfs/mmap.c +++ b/fs/ecryptfs/mmap.c @@ -37,130 +37,27 @@ struct kmem_cache *ecryptfs_lower_page_cache; /** - * ecryptfs_get1page + * ecryptfs_get_locked_page * * Get one page from cache or lower f/s, return error otherwise. * - * Returns unlocked and up-to-date page (if ok), with increased + * Returns locked and up-to-date page (if ok), with increased * refcnt. */ -static struct page *ecryptfs_get1page(struct file *file, int index) +struct page *ecryptfs_get_locked_page(struct file *file, loff_t index) { struct dentry *dentry; struct inode *inode; struct address_space *mapping; + struct page *page; dentry = file->f_path.dentry; inode = dentry->d_inode; mapping = inode->i_mapping; - return read_mapping_page(mapping, index, (void *)file); -} - -/** - * ecryptfs_fill_zeros - * @file: The ecryptfs file - * @new_length: The new length of the data in the underlying file; - * everything between the prior end of the file and the - * new end of the file will be filled with zero's. - * new_length must be greater than current length - * - * Function for handling lseek-ing past the end of the file. - * - * This function does not support shrinking, only growing a file. - * - * Returns zero on success; non-zero otherwise. - */ -int ecryptfs_fill_zeros(struct file *file, loff_t new_length) -{ - int rc = 0; - struct dentry *dentry = file->f_path.dentry; - struct inode *inode = dentry->d_inode; - pgoff_t old_end_page_index = 0; - pgoff_t index = old_end_page_index; - int old_end_pos_in_page = -1; - pgoff_t new_end_page_index; - int new_end_pos_in_page; - loff_t cur_length = i_size_read(inode); - - if (cur_length != 0) { - index = old_end_page_index = - ((cur_length - 1) >> PAGE_CACHE_SHIFT); - old_end_pos_in_page = ((cur_length - 1) & ~PAGE_CACHE_MASK); - } - new_end_page_index = ((new_length - 1) >> PAGE_CACHE_SHIFT); - new_end_pos_in_page = ((new_length - 1) & ~PAGE_CACHE_MASK); - ecryptfs_printk(KERN_DEBUG, "old_end_page_index = [0x%.16x]; " - "old_end_pos_in_page = [%d]; " - "new_end_page_index = [0x%.16x]; " - "new_end_pos_in_page = [%d]\n", - old_end_page_index, old_end_pos_in_page, - new_end_page_index, new_end_pos_in_page); - if (old_end_page_index == new_end_page_index) { - /* Start and end are in the same page; we just need to - * set a portion of the existing page to zero's */ - rc = ecryptfs_write_zeros(file, index, - (old_end_pos_in_page + 1), - (new_end_pos_in_page - - old_end_pos_in_page)); - if (rc) - ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(" - "file=[%p], " - "index=[0x%.16x], " - "old_end_pos_in_page=[d], " - "(PAGE_CACHE_SIZE - new_end_pos_in_page" - "=[%d]" - ")=[d]) returned [%d]\n", file, index, - old_end_pos_in_page, - new_end_pos_in_page, - (PAGE_CACHE_SIZE - new_end_pos_in_page), - rc); - goto out; - } - /* Fill the remainder of the previous last page with zeros */ - rc = ecryptfs_write_zeros(file, index, (old_end_pos_in_page + 1), - ((PAGE_CACHE_SIZE - 1) - old_end_pos_in_page)); - if (rc) { - ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(file=[%p], " - "index=[0x%.16x], old_end_pos_in_page=[d], " - "(PAGE_CACHE_SIZE - old_end_pos_in_page)=[d]) " - "returned [%d]\n", file, index, - old_end_pos_in_page, - (PAGE_CACHE_SIZE - old_end_pos_in_page), rc); - goto out; - } - index++; - while (index < new_end_page_index) { - /* Fill all intermediate pages with zeros */ - rc = ecryptfs_write_zeros(file, index, 0, PAGE_CACHE_SIZE); - if (rc) { - ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(" - "file=[%p], " - "index=[0x%.16x], " - "old_end_pos_in_page=[d], " - "(PAGE_CACHE_SIZE - new_end_pos_in_page" - "=[%d]" - ")=[d]) returned [%d]\n", file, index, - old_end_pos_in_page, - new_end_pos_in_page, - (PAGE_CACHE_SIZE - new_end_pos_in_page), - rc); - goto out; - } - index++; - } - /* Fill the portion at the beginning of the last new page with - * zero's */ - rc = ecryptfs_write_zeros(file, index, 0, (new_end_pos_in_page + 1)); - if (rc) { - ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(file=" - "[%p], index=[0x%.16x], 0, " - "new_end_pos_in_page=[%d]" - "returned [%d]\n", file, index, - new_end_pos_in_page, rc); - goto out; - } -out: - return rc; + page = read_mapping_page(mapping, index, (void *)file); + if (!IS_ERR(page)) + lock_page(page); + return page; } /** @@ -171,13 +68,9 @@ out: */ static int ecryptfs_writepage(struct page *page, struct writeback_control *wbc) { - struct ecryptfs_page_crypt_context ctx; int rc; - ctx.page = page; - ctx.mode = ECRYPTFS_WRITEPAGE_MODE; - ctx.param.wbc = wbc; - rc = ecryptfs_encrypt_page(&ctx); + rc = ecryptfs_encrypt_page(page); if (rc) { ecryptfs_printk(KERN_WARNING, "Error encrypting " "page (upper index [0x%.16x])\n", page->index); @@ -191,58 +84,6 @@ out: } /** - * Reads the data from the lower file file at index lower_page_index - * and copies that data into page. - * - * @param page Page to fill - * @param lower_page_index Index of the page in the lower file to get - */ -int ecryptfs_do_readpage(struct file *file, struct page *page, - pgoff_t lower_page_index) -{ - int rc; - struct dentry *dentry; - struct file *lower_file; - struct dentry *lower_dentry; - struct inode *inode; - struct inode *lower_inode; - char *page_data; - struct page *lower_page = NULL; - char *lower_page_data; - const struct address_space_operations *lower_a_ops; - - dentry = file->f_path.dentry; - lower_file = ecryptfs_file_to_lower(file); - lower_dentry = ecryptfs_dentry_to_lower(dentry); - inode = dentry->d_inode; - lower_inode = ecryptfs_inode_to_lower(inode); - lower_a_ops = lower_inode->i_mapping->a_ops; - lower_page = read_cache_page(lower_inode->i_mapping, lower_page_index, - (filler_t *)lower_a_ops->readpage, - (void *)lower_file); - if (IS_ERR(lower_page)) { - rc = PTR_ERR(lower_page); - lower_page = NULL; - ecryptfs_printk(KERN_ERR, "Error reading from page cache\n"); - goto out; - } - page_data = kmap_atomic(page, KM_USER0); - lower_page_data = kmap_atomic(lower_page, KM_USER1); - memcpy(page_data, lower_page_data, PAGE_CACHE_SIZE); - kunmap_atomic(lower_page_data, KM_USER1); - kunmap_atomic(page_data, KM_USER0); - flush_dcache_page(page); - rc = 0; -out: - if (likely(lower_page)) - page_cache_release(lower_page); - if (rc == 0) - SetPageUptodate(page); - else - ClearPageUptodate(page); - return rc; -} -/** * Header Extent: * Octets 0-7: Unencrypted file size (big-endian) * Octets 8-15: eCryptfs special marker @@ -271,9 +112,77 @@ static void set_header_info(char *page_virt, } /** + * ecryptfs_copy_up_encrypted_with_header + * @page: Sort of a ``virtual'' representation of the encrypted lower + * file. The actual lower file does not have the metadata in + * the header. This is locked. + * @crypt_stat: The eCryptfs inode's cryptographic context + * + * The ``view'' is the version of the file that userspace winds up + * seeing, with the header information inserted. + */ +static int +ecryptfs_copy_up_encrypted_with_header(struct page *page, + struct ecryptfs_crypt_stat *crypt_stat) +{ + loff_t extent_num_in_page = 0; + loff_t num_extents_per_page = (PAGE_CACHE_SIZE + / crypt_stat->extent_size); + int rc = 0; + + while (extent_num_in_page < num_extents_per_page) { + loff_t view_extent_num = ((((loff_t)page->index) + * num_extents_per_page) + + extent_num_in_page); + + if (view_extent_num < crypt_stat->num_header_extents_at_front) { + /* This is a header extent */ + char *page_virt; + + page_virt = kmap_atomic(page, KM_USER0); + memset(page_virt, 0, PAGE_CACHE_SIZE); + /* TODO: Support more than one header extent */ + if (view_extent_num == 0) { + rc = ecryptfs_read_xattr_region( + page_virt, page->mapping->host); + set_header_info(page_virt, crypt_stat); + } + kunmap_atomic(page_virt, KM_USER0); + flush_dcache_page(page); + if (rc) { + printk(KERN_ERR "%s: Error reading xattr " + "region; rc = [%d]\n", __FUNCTION__, rc); + goto out; + } + } else { + /* This is an encrypted data extent */ + loff_t lower_offset = + ((view_extent_num - + crypt_stat->num_header_extents_at_front) + * crypt_stat->extent_size); + + rc = ecryptfs_read_lower_page_segment( + page, (lower_offset >> PAGE_CACHE_SHIFT), + (lower_offset & ~PAGE_CACHE_MASK), + crypt_stat->extent_size, page->mapping->host); + if (rc) { + printk(KERN_ERR "%s: Error attempting to read " + "extent at offset [%lld] in the lower " + "file; rc = [%d]\n", __FUNCTION__, + lower_offset, rc); + goto out; + } + } + extent_num_in_page++; + } +out: + return rc; +} + +/** * ecryptfs_readpage - * @file: This is an ecryptfs file - * @page: ecryptfs associated page to stick the read data into + * @file: An eCryptfs file + * @page: Page from eCryptfs inode mapping into which to stick the read data * * Read in a page, decrypting if necessary. * @@ -281,59 +190,35 @@ static void set_header_info(char *page_virt, */ static int ecryptfs_readpage(struct file *file, struct page *page) { + struct ecryptfs_crypt_stat *crypt_stat = + &ecryptfs_inode_to_private(file->f_path.dentry->d_inode)->crypt_stat; int rc = 0; - struct ecryptfs_crypt_stat *crypt_stat; - BUG_ON(!(file && file->f_path.dentry && file->f_path.dentry->d_inode)); - crypt_stat = &ecryptfs_inode_to_private(file->f_path.dentry->d_inode) - ->crypt_stat; if (!crypt_stat || !(crypt_stat->flags & ECRYPTFS_ENCRYPTED) || (crypt_stat->flags & ECRYPTFS_NEW_FILE)) { ecryptfs_printk(KERN_DEBUG, "Passing through unencrypted page\n"); - rc = ecryptfs_do_readpage(file, page, page->index); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error reading page; rc = " - "[%d]\n", rc); - goto out; - } + rc = ecryptfs_read_lower_page_segment(page, page->index, 0, + PAGE_CACHE_SIZE, + page->mapping->host); } else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) { if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) { - int num_pages_in_header_region = - (crypt_stat->header_extent_size - / PAGE_CACHE_SIZE); - - if (page->index < num_pages_in_header_region) { - char *page_virt; - - page_virt = kmap_atomic(page, KM_USER0); - memset(page_virt, 0, PAGE_CACHE_SIZE); - if (page->index == 0) { - rc = ecryptfs_read_xattr_region( - page_virt, file->f_path.dentry); - set_header_info(page_virt, crypt_stat); - } - kunmap_atomic(page_virt, KM_USER0); - flush_dcache_page(page); - if (rc) { - printk(KERN_ERR "Error reading xattr " - "region\n"); - goto out; - } - } else { - rc = ecryptfs_do_readpage( - file, page, - (page->index - - num_pages_in_header_region)); - if (rc) { - printk(KERN_ERR "Error reading page; " - "rc = [%d]\n", rc); - goto out; - } + rc = ecryptfs_copy_up_encrypted_with_header(page, + crypt_stat); + if (rc) { + printk(KERN_ERR "%s: Error attempting to copy " + "the encrypted content from the lower " + "file whilst inserting the metadata " + "from the xattr into the header; rc = " + "[%d]\n", __FUNCTION__, rc); + goto out; } + } else { - rc = ecryptfs_do_readpage(file, page, page->index); + rc = ecryptfs_read_lower_page_segment( + page, page->index, 0, PAGE_CACHE_SIZE, + page->mapping->host); if (rc) { printk(KERN_ERR "Error reading page; rc = " "[%d]\n", rc); @@ -341,17 +226,18 @@ static int ecryptfs_readpage(struct file *file, struct page *page) } } } else { - rc = ecryptfs_decrypt_page(file, page); + rc = ecryptfs_decrypt_page(page); if (rc) { ecryptfs_printk(KERN_ERR, "Error decrypting page; " "rc = [%d]\n", rc); goto out; } } - SetPageUptodate(page); out: if (rc) ClearPageUptodate(page); + else + SetPageUptodate(page); ecryptfs_printk(KERN_DEBUG, "Unlocking page with index = [0x%.16x]\n", page->index); unlock_page(page); @@ -377,27 +263,6 @@ out: return 0; } -/** - * eCryptfs does not currently support holes. When writing after a - * seek past the end of the file, eCryptfs fills in 0's through to the - * current location. The code to fill in the 0's to all the - * intermediate pages calls ecryptfs_prepare_write_no_truncate(). - */ -static int -ecryptfs_prepare_write_no_truncate(struct file *file, struct page *page, - unsigned from, unsigned to) -{ - int rc = 0; - - if (from == 0 && to == PAGE_CACHE_SIZE) - goto out; /* If we are writing a full page, it will be - up to date. */ - if (!PageUptodate(page)) - rc = ecryptfs_do_readpage(file, page, page->index); -out: - return rc; -} - static int ecryptfs_prepare_write(struct file *file, struct page *page, unsigned from, unsigned to) { @@ -406,10 +271,21 @@ static int ecryptfs_prepare_write(struct file *file, struct page *page, if (from == 0 && to == PAGE_CACHE_SIZE) goto out; /* If we are writing a full page, it will be up to date. */ - if (!PageUptodate(page)) - rc = ecryptfs_do_readpage(file, page, page->index); + if (!PageUptodate(page)) { + rc = ecryptfs_read_lower_page_segment(page, page->index, 0, + PAGE_CACHE_SIZE, + page->mapping->host); + if (rc) { + printk(KERN_ERR "%s: Error attemping to read lower " + "page segment; rc = [%d]\n", __FUNCTION__, rc); + ClearPageUptodate(page); + goto out; + } else + SetPageUptodate(page); + } if (page->index != 0) { - loff_t end_of_prev_pg_pos = page_offset(page) - 1; + loff_t end_of_prev_pg_pos = + (((loff_t)page->index << PAGE_CACHE_SHIFT) - 1); if (end_of_prev_pg_pos > i_size_read(page->mapping->host)) { rc = ecryptfs_truncate(file->f_path.dentry, @@ -428,32 +304,6 @@ out: return rc; } -int ecryptfs_writepage_and_release_lower_page(struct page *lower_page, - struct inode *lower_inode, - struct writeback_control *wbc) -{ - int rc = 0; - - rc = lower_inode->i_mapping->a_ops->writepage(lower_page, wbc); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error calling lower writepage(); " - "rc = [%d]\n", rc); - goto out; - } - lower_inode->i_mtime = lower_inode->i_ctime = CURRENT_TIME; - page_cache_release(lower_page); -out: - return rc; -} - -static -void ecryptfs_release_lower_page(struct page *lower_page, int page_locked) -{ - if (page_locked) - unlock_page(lower_page); - page_cache_release(lower_page); -} - /** * ecryptfs_write_inode_size_to_header * @@ -461,67 +311,48 @@ void ecryptfs_release_lower_page(struct page *lower_page, int page_locked) * * Returns zero on success; non-zero on error. */ -static int ecryptfs_write_inode_size_to_header(struct file *lower_file, - struct inode *lower_inode, - struct inode *inode) +static int ecryptfs_write_inode_size_to_header(struct inode *ecryptfs_inode) { - int rc = 0; - struct page *header_page; - char *header_virt; - const struct address_space_operations *lower_a_ops; u64 file_size; + char *file_size_virt; + int rc; -retry: - header_page = grab_cache_page(lower_inode->i_mapping, 0); - if (!header_page) { - ecryptfs_printk(KERN_ERR, "grab_cache_page for " - "lower_page_index 0 failed\n"); - rc = -EINVAL; - goto out; - } - lower_a_ops = lower_inode->i_mapping->a_ops; - rc = lower_a_ops->prepare_write(lower_file, header_page, 0, 8); - if (rc) { - if (rc == AOP_TRUNCATED_PAGE) { - ecryptfs_release_lower_page(header_page, 0); - goto retry; - } else - ecryptfs_release_lower_page(header_page, 1); + file_size_virt = kmalloc(sizeof(u64), GFP_KERNEL); + if (!file_size_virt) { + rc = -ENOMEM; goto out; } - file_size = (u64)i_size_read(inode); - ecryptfs_printk(KERN_DEBUG, "Writing size: [0x%.16x]\n", file_size); + file_size = (u64)i_size_read(ecryptfs_inode); file_size = cpu_to_be64(file_size); - header_virt = kmap_atomic(header_page, KM_USER0); - memcpy(header_virt, &file_size, sizeof(u64)); - kunmap_atomic(header_virt, KM_USER0); - flush_dcache_page(header_page); - rc = lower_a_ops->commit_write(lower_file, header_page, 0, 8); - if (rc < 0) - ecryptfs_printk(KERN_ERR, "Error commiting header page " - "write\n"); - if (rc == AOP_TRUNCATED_PAGE) { - ecryptfs_release_lower_page(header_page, 0); - goto retry; - } else - ecryptfs_release_lower_page(header_page, 1); - lower_inode->i_mtime = lower_inode->i_ctime = CURRENT_TIME; - mark_inode_dirty_sync(inode); + memcpy(file_size_virt, &file_size, sizeof(u64)); + rc = ecryptfs_write_lower(ecryptfs_inode, file_size_virt, 0, + sizeof(u64)); + kfree(file_size_virt); + if (rc) + printk(KERN_ERR "%s: Error writing file size to header; " + "rc = [%d]\n", __FUNCTION__, rc); out: return rc; } -static int ecryptfs_write_inode_size_to_xattr(struct inode *lower_inode, - struct inode *inode, - struct dentry *ecryptfs_dentry, - int lower_i_mutex_held) +struct kmem_cache *ecryptfs_xattr_cache; + +static int ecryptfs_write_inode_size_to_xattr(struct inode *ecryptfs_inode) { ssize_t size; void *xattr_virt; - struct dentry *lower_dentry; + struct dentry *lower_dentry = + ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_dentry; + struct inode *lower_inode = lower_dentry->d_inode; u64 file_size; int rc; + if (!lower_inode->i_op->getxattr || !lower_inode->i_op->setxattr) { + printk(KERN_WARNING + "No support for setting xattr in lower filesystem\n"); + rc = -ENOSYS; + goto out; + } xattr_virt = kmem_cache_alloc(ecryptfs_xattr_cache, GFP_KERNEL); if (!xattr_virt) { printk(KERN_ERR "Out of memory whilst attempting to write " @@ -529,35 +360,17 @@ static int ecryptfs_write_inode_size_to_xattr(struct inode *lower_inode, rc = -ENOMEM; goto out; } - lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry); - if (!lower_dentry->d_inode->i_op->getxattr || - !lower_dentry->d_inode->i_op->setxattr) { - printk(KERN_WARNING - "No support for setting xattr in lower filesystem\n"); - rc = -ENOSYS; - kmem_cache_free(ecryptfs_xattr_cache, xattr_virt); - goto out; - } - if (!lower_i_mutex_held) - mutex_lock(&lower_dentry->d_inode->i_mutex); - size = lower_dentry->d_inode->i_op->getxattr(lower_dentry, - ECRYPTFS_XATTR_NAME, - xattr_virt, - PAGE_CACHE_SIZE); - if (!lower_i_mutex_held) - mutex_unlock(&lower_dentry->d_inode->i_mutex); + mutex_lock(&lower_inode->i_mutex); + size = lower_inode->i_op->getxattr(lower_dentry, ECRYPTFS_XATTR_NAME, + xattr_virt, PAGE_CACHE_SIZE); if (size < 0) size = 8; - file_size = (u64)i_size_read(inode); + file_size = (u64)i_size_read(ecryptfs_inode); file_size = cpu_to_be64(file_size); memcpy(xattr_virt, &file_size, sizeof(u64)); - if (!lower_i_mutex_held) - mutex_lock(&lower_dentry->d_inode->i_mutex); - rc = lower_dentry->d_inode->i_op->setxattr(lower_dentry, - ECRYPTFS_XATTR_NAME, - xattr_virt, size, 0); - if (!lower_i_mutex_held) - mutex_unlock(&lower_dentry->d_inode->i_mutex); + rc = lower_inode->i_op->setxattr(lower_dentry, ECRYPTFS_XATTR_NAME, + xattr_virt, size, 0); + mutex_unlock(&lower_inode->i_mutex); if (rc) printk(KERN_ERR "Error whilst attempting to write inode size " "to lower file xattr; rc = [%d]\n", rc); @@ -566,122 +379,18 @@ out: return rc; } -int -ecryptfs_write_inode_size_to_metadata(struct file *lower_file, - struct inode *lower_inode, - struct inode *inode, - struct dentry *ecryptfs_dentry, - int lower_i_mutex_held) +int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode) { struct ecryptfs_crypt_stat *crypt_stat; - crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; + crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) - return ecryptfs_write_inode_size_to_xattr(lower_inode, inode, - ecryptfs_dentry, - lower_i_mutex_held); + return ecryptfs_write_inode_size_to_xattr(ecryptfs_inode); else - return ecryptfs_write_inode_size_to_header(lower_file, - lower_inode, - inode); -} - -int ecryptfs_get_lower_page(struct page **lower_page, struct inode *lower_inode, - struct file *lower_file, - unsigned long lower_page_index, int byte_offset, - int region_bytes) -{ - int rc = 0; - -retry: - *lower_page = grab_cache_page(lower_inode->i_mapping, lower_page_index); - if (!(*lower_page)) { - rc = -EINVAL; - ecryptfs_printk(KERN_ERR, "Error attempting to grab " - "lower page with index [0x%.16x]\n", - lower_page_index); - goto out; - } - rc = lower_inode->i_mapping->a_ops->prepare_write(lower_file, - (*lower_page), - byte_offset, - region_bytes); - if (rc) { - if (rc == AOP_TRUNCATED_PAGE) { - ecryptfs_release_lower_page(*lower_page, 0); - goto retry; - } else { - ecryptfs_printk(KERN_ERR, "prepare_write for " - "lower_page_index = [0x%.16x] failed; rc = " - "[%d]\n", lower_page_index, rc); - ecryptfs_release_lower_page(*lower_page, 1); - (*lower_page) = NULL; - } - } -out: - return rc; -} - -/** - * ecryptfs_commit_lower_page - * - * Returns zero on success; non-zero on error - */ -int -ecryptfs_commit_lower_page(struct page *lower_page, struct inode *lower_inode, - struct file *lower_file, int byte_offset, - int region_size) -{ - int page_locked = 1; - int rc = 0; - - rc = lower_inode->i_mapping->a_ops->commit_write( - lower_file, lower_page, byte_offset, region_size); - if (rc == AOP_TRUNCATED_PAGE) - page_locked = 0; - if (rc < 0) { - ecryptfs_printk(KERN_ERR, - "Error committing write; rc = [%d]\n", rc); - } else - rc = 0; - ecryptfs_release_lower_page(lower_page, page_locked); - return rc; + return ecryptfs_write_inode_size_to_header(ecryptfs_inode); } /** - * ecryptfs_copy_page_to_lower - * - * Used for plaintext pass-through; no page index interpolation - * required. - */ -int ecryptfs_copy_page_to_lower(struct page *page, struct inode *lower_inode, - struct file *lower_file) -{ - int rc = 0; - struct page *lower_page; - - rc = ecryptfs_get_lower_page(&lower_page, lower_inode, lower_file, - page->index, 0, PAGE_CACHE_SIZE); - if (rc) { - ecryptfs_printk(KERN_ERR, "Error attempting to get page " - "at index [0x%.16x]\n", page->index); - goto out; - } - /* TODO: aops */ - memcpy((char *)page_address(lower_page), page_address(page), - PAGE_CACHE_SIZE); - rc = ecryptfs_commit_lower_page(lower_page, lower_inode, lower_file, - 0, PAGE_CACHE_SIZE); - if (rc) - ecryptfs_printk(KERN_ERR, "Error attempting to commit page " - "at index [0x%.16x]\n", page->index); -out: - return rc; -} - -struct kmem_cache *ecryptfs_xattr_cache; - -/** * ecryptfs_commit_write * @file: The eCryptfs file object * @page: The eCryptfs page @@ -695,20 +404,12 @@ struct kmem_cache *ecryptfs_xattr_cache; static int ecryptfs_commit_write(struct file *file, struct page *page, unsigned from, unsigned to) { - struct ecryptfs_page_crypt_context ctx; loff_t pos; - struct inode *inode; - struct inode *lower_inode; - struct file *lower_file; - struct ecryptfs_crypt_stat *crypt_stat; + struct inode *ecryptfs_inode = page->mapping->host; + struct ecryptfs_crypt_stat *crypt_stat = + &ecryptfs_inode_to_private(file->f_path.dentry->d_inode)->crypt_stat; int rc; - inode = page->mapping->host; - lower_inode = ecryptfs_inode_to_lower(inode); - lower_file = ecryptfs_file_to_lower(file); - mutex_lock(&lower_inode->i_mutex); - crypt_stat = &ecryptfs_inode_to_private(file->f_path.dentry->d_inode) - ->crypt_stat; if (crypt_stat->flags & ECRYPTFS_NEW_FILE) { ecryptfs_printk(KERN_DEBUG, "ECRYPTFS_NEW_FILE flag set in " "crypt_stat at memory location [%p]\n", crypt_stat); @@ -718,6 +419,7 @@ static int ecryptfs_commit_write(struct file *file, struct page *page, ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page" "(page w/ index = [0x%.16x], to = [%d])\n", page->index, to); + /* Fills in zeros if 'to' goes beyond inode size */ rc = fill_zeros_to_end_of_page(page, to); if (rc) { ecryptfs_printk(KERN_WARNING, "Error attempting to fill " @@ -725,82 +427,22 @@ static int ecryptfs_commit_write(struct file *file, struct page *page, page->index); goto out; } - ctx.page = page; - ctx.mode = ECRYPTFS_PREPARE_COMMIT_MODE; - ctx.param.lower_file = lower_file; - rc = ecryptfs_encrypt_page(&ctx); + rc = ecryptfs_encrypt_page(page); if (rc) { ecryptfs_printk(KERN_WARNING, "Error encrypting page (upper " "index [0x%.16x])\n", page->index); goto out; } - inode->i_blocks = lower_inode->i_blocks; - pos = page_offset(page) + to; - if (pos > i_size_read(inode)) { - i_size_write(inode, pos); + pos = (((loff_t)page->index) << PAGE_CACHE_SHIFT) + to; + if (pos > i_size_read(ecryptfs_inode)) { + i_size_write(ecryptfs_inode, pos); ecryptfs_printk(KERN_DEBUG, "Expanded file size to " - "[0x%.16x]\n", i_size_read(inode)); + "[0x%.16x]\n", i_size_read(ecryptfs_inode)); } - rc = ecryptfs_write_inode_size_to_metadata(lower_file, lower_inode, - inode, file->f_dentry, - ECRYPTFS_LOWER_I_MUTEX_HELD); + rc = ecryptfs_write_inode_size_to_metadata(ecryptfs_inode); if (rc) printk(KERN_ERR "Error writing inode size to metadata; " "rc = [%d]\n", rc); - lower_inode->i_mtime = lower_inode->i_ctime = CURRENT_TIME; - mark_inode_dirty_sync(inode); -out: - if (rc < 0) - ClearPageUptodate(page); - else - SetPageUptodate(page); - mutex_unlock(&lower_inode->i_mutex); - return rc; -} - -/** - * ecryptfs_write_zeros - * @file: The ecryptfs file - * @index: The index in which we are writing - * @start: The position after the last block of data - * @num_zeros: The number of zeros to write - * - * Write a specified number of zero's to a page. - * - * (start + num_zeros) must be less than or equal to PAGE_CACHE_SIZE - */ -int -ecryptfs_write_zeros(struct file *file, pgoff_t index, int start, int num_zeros) -{ - int rc = 0; - struct page *tmp_page; - - tmp_page = ecryptfs_get1page(file, index); - if (IS_ERR(tmp_page)) { - ecryptfs_printk(KERN_ERR, "Error getting page at index " - "[0x%.16x]\n", index); - rc = PTR_ERR(tmp_page); - goto out; - } - if ((rc = ecryptfs_prepare_write_no_truncate(file, tmp_page, start, - (start + num_zeros)))) { - ecryptfs_printk(KERN_ERR, "Error preparing to write zero's " - "to page at index [0x%.16x]\n", - index); - page_cache_release(tmp_page); - goto out; - } - zero_user_page(tmp_page, start, num_zeros, KM_USER0); - rc = ecryptfs_commit_write(file, tmp_page, start, start + num_zeros); - if (rc < 0) { - ecryptfs_printk(KERN_ERR, "Error attempting to write zero's " - "to remainder of page at index [0x%.16x]\n", - index); - page_cache_release(tmp_page); - goto out; - } - rc = 0; - page_cache_release(tmp_page); out: return rc; } @@ -819,33 +461,10 @@ static sector_t ecryptfs_bmap(struct address_space *mapping, sector_t block) return rc; } -static void ecryptfs_sync_page(struct page *page) -{ - struct inode *inode; - struct inode *lower_inode; - struct page *lower_page; - - inode = page->mapping->host; - lower_inode = ecryptfs_inode_to_lower(inode); - /* NOTE: Recently swapped with grab_cache_page(), since - * sync_page() just makes sure that pending I/O gets done. */ - lower_page = find_lock_page(lower_inode->i_mapping, page->index); - if (!lower_page) { - ecryptfs_printk(KERN_DEBUG, "find_lock_page failed\n"); - return; - } - lower_page->mapping->a_ops->sync_page(lower_page); - ecryptfs_printk(KERN_DEBUG, "Unlocking page with index = [0x%.16x]\n", - lower_page->index); - unlock_page(lower_page); - page_cache_release(lower_page); -} - struct address_space_operations ecryptfs_aops = { .writepage = ecryptfs_writepage, .readpage = ecryptfs_readpage, .prepare_write = ecryptfs_prepare_write, .commit_write = ecryptfs_commit_write, .bmap = ecryptfs_bmap, - .sync_page = ecryptfs_sync_page, }; diff --git a/fs/ecryptfs/netlink.c b/fs/ecryptfs/netlink.c index fe91863..9aa3451 100644 --- a/fs/ecryptfs/netlink.c +++ b/fs/ecryptfs/netlink.c @@ -165,22 +165,10 @@ static int ecryptfs_process_nl_quit(struct sk_buff *skb) * it to its desired netlink context element and wake up the process * that is waiting for a response. */ -static void ecryptfs_receive_nl_message(struct sock *sk, int len) +static void ecryptfs_receive_nl_message(struct sk_buff *skb) { - struct sk_buff *skb; struct nlmsghdr *nlh; - int rc = 0; /* skb_recv_datagram requires this */ -receive: - skb = skb_recv_datagram(sk, 0, 0, &rc); - if (rc == -EINTR) - goto receive; - else if (rc < 0) { - ecryptfs_printk(KERN_ERR, "Error occurred while " - "receiving eCryptfs netlink message; " - "rc = [%d]\n", rc); - return; - } nlh = nlmsg_hdr(skb); if (!NLMSG_OK(nlh, skb->len)) { ecryptfs_printk(KERN_ERR, "Received corrupt netlink " @@ -227,7 +215,7 @@ int ecryptfs_init_netlink(void) { int rc; - ecryptfs_nl_sock = netlink_kernel_create(NETLINK_ECRYPTFS, 0, + ecryptfs_nl_sock = netlink_kernel_create(&init_net, NETLINK_ECRYPTFS, 0, ecryptfs_receive_nl_message, NULL, THIS_MODULE); if (!ecryptfs_nl_sock) { diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c new file mode 100644 index 0000000..2150edf --- /dev/null +++ b/fs/ecryptfs/read_write.c @@ -0,0 +1,358 @@ +/** + * eCryptfs: Linux filesystem encryption layer + * + * Copyright (C) 2007 International Business Machines Corp. + * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + * 02111-1307, USA. + */ + +#include <linux/fs.h> +#include <linux/pagemap.h> +#include "ecryptfs_kernel.h" + +/** + * ecryptfs_write_lower + * @ecryptfs_inode: The eCryptfs inode + * @data: Data to write + * @offset: Byte offset in the lower file to which to write the data + * @size: Number of bytes from @data to write at @offset in the lower + * file + * + * Write data to the lower file. + * + * Returns zero on success; non-zero on error + */ +int ecryptfs_write_lower(struct inode *ecryptfs_inode, char *data, + loff_t offset, size_t size) +{ + struct ecryptfs_inode_info *inode_info; + ssize_t octets_written; + mm_segment_t fs_save; + int rc = 0; + + inode_info = ecryptfs_inode_to_private(ecryptfs_inode); + mutex_lock(&inode_info->lower_file_mutex); + BUG_ON(!inode_info->lower_file); + inode_info->lower_file->f_pos = offset; + fs_save = get_fs(); + set_fs(get_ds()); + octets_written = vfs_write(inode_info->lower_file, data, size, + &inode_info->lower_file->f_pos); + set_fs(fs_save); + if (octets_written < 0) { + printk(KERN_ERR "%s: octets_written = [%td]; " + "expected [%td]\n", __FUNCTION__, octets_written, size); + rc = -EINVAL; + } + mutex_unlock(&inode_info->lower_file_mutex); + mark_inode_dirty_sync(ecryptfs_inode); + return rc; +} + +/** + * ecryptfs_write_lower_page_segment + * @ecryptfs_inode: The eCryptfs inode + * @page_for_lower: The page containing the data to be written to the + * lower file + * @offset_in_page: The offset in the @page_for_lower from which to + * start writing the data + * @size: The amount of data from @page_for_lower to write to the + * lower file + * + * Determines the byte offset in the file for the given page and + * offset within the page, maps the page, and makes the call to write + * the contents of @page_for_lower to the lower inode. + * + * Returns zero on success; non-zero otherwise + */ +int ecryptfs_write_lower_page_segment(struct inode *ecryptfs_inode, + struct page *page_for_lower, + size_t offset_in_page, size_t size) +{ + char *virt; + loff_t offset; + int rc; + + offset = ((((off_t)page_for_lower->index) << PAGE_CACHE_SHIFT) + + offset_in_page); + virt = kmap(page_for_lower); + rc = ecryptfs_write_lower(ecryptfs_inode, virt, offset, size); + kunmap(page_for_lower); + return rc; +} + +/** + * ecryptfs_write + * @ecryptfs_file: The eCryptfs file into which to write + * @data: Virtual address where data to write is located + * @offset: Offset in the eCryptfs file at which to begin writing the + * data from @data + * @size: The number of bytes to write from @data + * + * Write an arbitrary amount of data to an arbitrary location in the + * eCryptfs inode page cache. This is done on a page-by-page, and then + * by an extent-by-extent, basis; individual extents are encrypted and + * written to the lower page cache (via VFS writes). This function + * takes care of all the address translation to locations in the lower + * filesystem; it also handles truncate events, writing out zeros + * where necessary. + * + * Returns zero on success; non-zero otherwise + */ +int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, + size_t size) +{ + struct page *ecryptfs_page; + char *ecryptfs_page_virt; + loff_t ecryptfs_file_size = + i_size_read(ecryptfs_file->f_dentry->d_inode); + loff_t data_offset = 0; + loff_t pos; + int rc = 0; + + if (offset > ecryptfs_file_size) + pos = ecryptfs_file_size; + else + pos = offset; + while (pos < (offset + size)) { + pgoff_t ecryptfs_page_idx = (pos >> PAGE_CACHE_SHIFT); + size_t start_offset_in_page = (pos & ~PAGE_CACHE_MASK); + size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); + size_t total_remaining_bytes = ((offset + size) - pos); + + if (num_bytes > total_remaining_bytes) + num_bytes = total_remaining_bytes; + if (pos < offset) { + size_t total_remaining_zeros = (offset - pos); + + if (num_bytes > total_remaining_zeros) + num_bytes = total_remaining_zeros; + } + ecryptfs_page = ecryptfs_get_locked_page(ecryptfs_file, + ecryptfs_page_idx); + if (IS_ERR(ecryptfs_page)) { + rc = PTR_ERR(ecryptfs_page); + printk(KERN_ERR "%s: Error getting page at " + "index [%ld] from eCryptfs inode " + "mapping; rc = [%d]\n", __FUNCTION__, + ecryptfs_page_idx, rc); + goto out; + } + if (start_offset_in_page) { + /* Read in the page from the lower + * into the eCryptfs inode page cache, + * decrypting */ + rc = ecryptfs_decrypt_page(ecryptfs_page); + if (rc) { + printk(KERN_ERR "%s: Error decrypting " + "page; rc = [%d]\n", + __FUNCTION__, rc); + ClearPageUptodate(ecryptfs_page); + page_cache_release(ecryptfs_page); + goto out; + } + } + ecryptfs_page_virt = kmap_atomic(ecryptfs_page, KM_USER0); + if (pos >= offset) { + memcpy(((char *)ecryptfs_page_virt + + start_offset_in_page), + (data + data_offset), num_bytes); + data_offset += num_bytes; + } else { + /* We are extending past the previous end of the file. + * Fill in zero values up to the start of where we + * will be writing data. */ + memset(((char *)ecryptfs_page_virt + + start_offset_in_page), 0, num_bytes); + } + kunmap_atomic(ecryptfs_page_virt, KM_USER0); + flush_dcache_page(ecryptfs_page); + SetPageUptodate(ecryptfs_page); + unlock_page(ecryptfs_page); + rc = ecryptfs_encrypt_page(ecryptfs_page); + page_cache_release(ecryptfs_page); + if (rc) { + printk(KERN_ERR "%s: Error encrypting " + "page; rc = [%d]\n", __FUNCTION__, rc); + goto out; + } + pos += num_bytes; + } + if ((offset + size) > ecryptfs_file_size) { + i_size_write(ecryptfs_file->f_dentry->d_inode, (offset + size)); + rc = ecryptfs_write_inode_size_to_metadata( + ecryptfs_file->f_dentry->d_inode); + if (rc) { + printk(KERN_ERR "Problem with " + "ecryptfs_write_inode_size_to_metadata; " + "rc = [%d]\n", rc); + goto out; + } + } +out: + return rc; +} + +/** + * ecryptfs_read_lower + * @data: The read data is stored here by this function + * @offset: Byte offset in the lower file from which to read the data + * @size: Number of bytes to read from @offset of the lower file and + * store into @data + * @ecryptfs_inode: The eCryptfs inode + * + * Read @size bytes of data at byte offset @offset from the lower + * inode into memory location @data. + * + * Returns zero on success; non-zero on error + */ +int ecryptfs_read_lower(char *data, loff_t offset, size_t size, + struct inode *ecryptfs_inode) +{ + struct ecryptfs_inode_info *inode_info = + ecryptfs_inode_to_private(ecryptfs_inode); + ssize_t octets_read; + mm_segment_t fs_save; + int rc = 0; + + mutex_lock(&inode_info->lower_file_mutex); + BUG_ON(!inode_info->lower_file); + inode_info->lower_file->f_pos = offset; + fs_save = get_fs(); + set_fs(get_ds()); + octets_read = vfs_read(inode_info->lower_file, data, size, + &inode_info->lower_file->f_pos); + set_fs(fs_save); + if (octets_read < 0) { + printk(KERN_ERR "%s: octets_read = [%td]; " + "expected [%td]\n", __FUNCTION__, octets_read, size); + rc = -EINVAL; + } + mutex_unlock(&inode_info->lower_file_mutex); + return rc; +} + +/** + * ecryptfs_read_lower_page_segment + * @page_for_ecryptfs: The page into which data for eCryptfs will be + * written + * @offset_in_page: Offset in @page_for_ecryptfs from which to start + * writing + * @size: The number of bytes to write into @page_for_ecryptfs + * @ecryptfs_inode: The eCryptfs inode + * + * Determines the byte offset in the file for the given page and + * offset within the page, maps the page, and makes the call to read + * the contents of @page_for_ecryptfs from the lower inode. + * + * Returns zero on success; non-zero otherwise + */ +int ecryptfs_read_lower_page_segment(struct page *page_for_ecryptfs, + pgoff_t page_index, + size_t offset_in_page, size_t size, + struct inode *ecryptfs_inode) +{ + char *virt; + loff_t offset; + int rc; + + offset = ((((loff_t)page_index) << PAGE_CACHE_SHIFT) + offset_in_page); + virt = kmap(page_for_ecryptfs); + rc = ecryptfs_read_lower(virt, offset, size, ecryptfs_inode); + kunmap(page_for_ecryptfs); + flush_dcache_page(page_for_ecryptfs); + return rc; +} + +/** + * ecryptfs_read + * @data: The virtual address into which to write the data read (and + * possibly decrypted) from the lower file + * @offset: The offset in the decrypted view of the file from which to + * read into @data + * @size: The number of bytes to read into @data + * @ecryptfs_file: The eCryptfs file from which to read + * + * Read an arbitrary amount of data from an arbitrary location in the + * eCryptfs page cache. This is done on an extent-by-extent basis; + * individual extents are decrypted and read from the lower page + * cache (via VFS reads). This function takes care of all the + * address translation to locations in the lower filesystem. + * + * Returns zero on success; non-zero otherwise + */ +int ecryptfs_read(char *data, loff_t offset, size_t size, + struct file *ecryptfs_file) +{ + struct page *ecryptfs_page; + char *ecryptfs_page_virt; + loff_t ecryptfs_file_size = + i_size_read(ecryptfs_file->f_dentry->d_inode); + loff_t data_offset = 0; + loff_t pos; + int rc = 0; + + if ((offset + size) > ecryptfs_file_size) { + rc = -EINVAL; + printk(KERN_ERR "%s: Attempt to read data past the end of the " + "file; offset = [%lld]; size = [%td]; " + "ecryptfs_file_size = [%lld]\n", + __FUNCTION__, offset, size, ecryptfs_file_size); + goto out; + } + pos = offset; + while (pos < (offset + size)) { + pgoff_t ecryptfs_page_idx = (pos >> PAGE_CACHE_SHIFT); + size_t start_offset_in_page = (pos & ~PAGE_CACHE_MASK); + size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); + size_t total_remaining_bytes = ((offset + size) - pos); + + if (num_bytes > total_remaining_bytes) + num_bytes = total_remaining_bytes; + ecryptfs_page = ecryptfs_get_locked_page(ecryptfs_file, + ecryptfs_page_idx); + if (IS_ERR(ecryptfs_page)) { + rc = PTR_ERR(ecryptfs_page); + printk(KERN_ERR "%s: Error getting page at " + "index [%ld] from eCryptfs inode " + "mapping; rc = [%d]\n", __FUNCTION__, + ecryptfs_page_idx, rc); + goto out; + } + rc = ecryptfs_decrypt_page(ecryptfs_page); + if (rc) { + printk(KERN_ERR "%s: Error decrypting " + "page; rc = [%d]\n", __FUNCTION__, rc); + ClearPageUptodate(ecryptfs_page); + page_cache_release(ecryptfs_page); + goto out; + } + ecryptfs_page_virt = kmap_atomic(ecryptfs_page, KM_USER0); + memcpy((data + data_offset), + ((char *)ecryptfs_page_virt + start_offset_in_page), + num_bytes); + kunmap_atomic(ecryptfs_page_virt, KM_USER0); + flush_dcache_page(ecryptfs_page); + SetPageUptodate(ecryptfs_page); + unlock_page(ecryptfs_page); + page_cache_release(ecryptfs_page); + pos += num_bytes; + data_offset += num_bytes; + } +out: + return rc; +} diff --git a/fs/ecryptfs/super.c b/fs/ecryptfs/super.c index 7b3f0cc..f8cdab2b 100644 --- a/fs/ecryptfs/super.c +++ b/fs/ecryptfs/super.c @@ -27,6 +27,7 @@ #include <linux/mount.h> #include <linux/key.h> #include <linux/seq_file.h> +#include <linux/file.h> #include <linux/crypto.h> #include "ecryptfs_kernel.h" @@ -46,15 +47,16 @@ struct kmem_cache *ecryptfs_inode_info_cache; */ static struct inode *ecryptfs_alloc_inode(struct super_block *sb) { - struct ecryptfs_inode_info *ecryptfs_inode; + struct ecryptfs_inode_info *inode_info; struct inode *inode = NULL; - ecryptfs_inode = kmem_cache_alloc(ecryptfs_inode_info_cache, - GFP_KERNEL); - if (unlikely(!ecryptfs_inode)) + inode_info = kmem_cache_alloc(ecryptfs_inode_info_cache, GFP_KERNEL); + if (unlikely(!inode_info)) goto out; - ecryptfs_init_crypt_stat(&ecryptfs_inode->crypt_stat); - inode = &ecryptfs_inode->vfs_inode; + ecryptfs_init_crypt_stat(&inode_info->crypt_stat); + mutex_init(&inode_info->lower_file_mutex); + inode_info->lower_file = NULL; + inode = &inode_info->vfs_inode; out: return inode; } @@ -63,9 +65,10 @@ out: * ecryptfs_destroy_inode * @inode: The ecryptfs inode * - * This is used during the final destruction of the inode. - * All allocation of memory related to the inode, including allocated - * memory in the crypt_stat struct, will be released here. + * This is used during the final destruction of the inode. All + * allocation of memory related to the inode, including allocated + * memory in the crypt_stat struct, will be released here. This + * function also fput()'s the persistent file for the lower inode. * There should be no chance that this deallocation will be missed. */ static void ecryptfs_destroy_inode(struct inode *inode) @@ -73,7 +76,21 @@ static void ecryptfs_destroy_inode(struct inode *inode) struct ecryptfs_inode_info *inode_info; inode_info = ecryptfs_inode_to_private(inode); - ecryptfs_destruct_crypt_stat(&inode_info->crypt_stat); + mutex_lock(&inode_info->lower_file_mutex); + if (inode_info->lower_file) { + struct dentry *lower_dentry = + inode_info->lower_file->f_dentry; + + BUG_ON(!lower_dentry); + if (lower_dentry->d_inode) { + fput(inode_info->lower_file); + inode_info->lower_file = NULL; + d_drop(lower_dentry); + d_delete(lower_dentry); + } + } + mutex_unlock(&inode_info->lower_file_mutex); + ecryptfs_destroy_crypt_stat(&inode_info->crypt_stat); kmem_cache_free(ecryptfs_inode_info_cache, inode_info); } @@ -104,7 +121,7 @@ static void ecryptfs_put_super(struct super_block *sb) { struct ecryptfs_sb_info *sb_info = ecryptfs_superblock_to_private(sb); - ecryptfs_destruct_mount_crypt_stat(&sb_info->mount_crypt_stat); + ecryptfs_destroy_mount_crypt_stat(&sb_info->mount_crypt_stat); kmem_cache_free(ecryptfs_sb_info_cache, sb_info); ecryptfs_set_superblock_private(sb, NULL); } |
